Firefox for Android is a fast and reliable web browser that can install all the same extensions as the desktop version of Firefox. So if you want secure mobile browsing on Android, all you have to do is download Firefox for Android and start installing the secure tools in our Privacy Extensions section!

One of the absolute best things you can do for your online accounts is enable two-factor authentication (2FA) whenever it’s available. Essentially, rather than only needing a password to login, you need to enter a second piece of data as well.

A few weeks ago it came to our attention that Rigol's DS2000-series oscilloscopes were easily unlocked with a few USB commands.


You should definitely enable 2FA for any of your crucial accounts that offer it. Most big tech services like Google, Facebook, Dropbox, and Twitter have this option available, as do popular password managers like LastPass. Typically you just need to dig around in your account settings on a given site to find the instructions on how to enable it. Here is a useful guide from Google if you would like to know more about how Two-Factor Authentication works.

Tubbo doesn't seem exactly pleased with that response, but says nothing. And Jordan's not exactly the best conversationalist, therefore the room falls into a dense silence that's only broken when a new medic, operator, shuffles in to finish off medical documents pinned to the foot of Tubbo's bed. Then he's gone, leaving the two walking out the hospital doors several feet apart and behind.


Texts can be some of the most personal and private communications we have. They’re also especially vulnerable to being seen by others: your cell network can see them as they’re being sent (as can any government agency who’s chummy with that network).

Hackers often rely on exploitable vulnerabilities in popular software to target their victims. Software developers can quickly become aware of these vulnerabilities and release software updates to fix the issue. It's imperative that you keep your software up-to-date so that your apps have the latest security fixes available to you! This is easy to do too: when your computer notifies you that there are updates to install, just go ahead and do it. Especially make sure to install macOS, iOS, Android, and Windows operating system updates ASAP!

Pretty Good Privacy is a technology that you can use on any operating system to encrypt emails and files, as well as signing data (basically adding a digital signature proving that your encryption keys were properly used) and verifying signatures (making sure that someone else’s signature is legit). This is a bit more advanced to set-up, but not too difficult if you have an hour or so and bit of patience. Once you’re done, encrypting files and emails will be a breeze!


As you can guess, making strong passwords sucks. When you have dozens of accounts across many sites, it’s practically impossible to be perfect about creating and remembering all these unique passwords. Not to mention that sometimes sites are terrible about storing passwords: they get hacked, but -you- have to change your password. There are tools to help you though! A password manager is an online service that can generate and store all your passwords for you so that you don’t have to know them by heart.

Use password generation for lengthy, complicated passwords. At least 16 characters with letters, numbers, and symbols is good.


I should have realized that this computer would be on display, but it was a happy shock to see the Galaksija computer. This was a build-it-yourself personal computer developed by Voja Antonić. In 1983 when personal computers were getting going in Silicon Valley, the chips being used were unavailable in Yugoslavia because of embargo. Voja figured out a way around all of those problems and about 8,000 kits were purchased to so that people for the first time could have their own computer. Of course we know Voja Antonić well, he has been writing amazing articles for Hackaday and designed the Hackaday | Belgrade badge. His conference talk on the hardware will be published soon.


AirVPN is a paid VPN provider that allows you to choose which countries to route your connections through, the ability to pay anonymously via bitcoin, and does not store logs about its users' activity. It costs $5 a month on a yearly plan, or $8 a month on a monthly plan. It comes with its own VPN client for easy use!

What if that cool new app has a bug that lets hackers download your data

It’s also worth pointing out that of the popular internet browsers (Chrome, Firefox, Safari, Internet Explorer), the only browser not developed by a for-profit corporation is Firefox (sites). The developers of Firefox (learn more), Mozilla, have a long history of protecting users rights and are very active in fighting for a free and open internet. With the other browsers, your activity is frequently tracked by the company that owns the browser, so this guide strongly recommends using Firefox as your main computer browser. Make sure to check out our section on mobile browsing if you’re interested in securing your mobile activity too.


A big disclaimer for the Tor browser is that it makes you anonymous, but not private. Although your web requests are anonymous, if you are posting on Facebook or sending an email through Gmail, that activity is still identifiable as “you”. So a good rule of thumb is that when using the Tor browser, do not visit sites or services associated with your private information if you are trying to be anonymous. If you absolutely need to use a site that requires that kind of information, just make up fake data when you register and make sure not to use it outside of Tor. Also keep in mind that the final connection to your destination website is only encrypted if that site supports HTTPS; just because you’re anonymous doesn’t mean that the final ISP connection to the site can’t be monitored. Lastly, try not to download anything: because tor nodes (the servers that bounce around your web requests) can be run by regular people, they could attach a nasty virus to a downloaded file if they wanted.

To use a VPN, you need to install a VPN client on your computer that will communicate with your VPN provider. This is what guarantees the encrypted tunnel of communication from your computer to the server. VPN clients that cost money tend to be easier to use, but the free options work fine too (maybe with a bit more installation effort on your part). Once you’re set-up, all you have to do is click a button in your VPN client and your internet activity will be tunneled to your VPN provider. Thus, your activity will be much safer with minimal impact on browsing speeds.


You’re probably suspicious: isn’t it dangerous to have all your passwords in one place? And you’d be right to think so, because it is! That’s why it’s important to evaluate how a given password manager actually manages the passwords and what protections are in place. Ultimately, you have to decide for yourself how you balance the risk of bad passwords, spread out across your accounts, against the risk of good passwords centralized in one location.

The most visible way to solve our problems is to first amend the wrong views of some elders. It is neither our controversy nor our challenge to our parents and the society.


The upgrade process is extremely simple: get the serial number of your DS2072, put it in the keygen, and enter the resulting key into the scope. Reboot, and you have a $1600 scope you bought for half price.


Every authentic example of collective intelligence that I am aware of also shows how that collective was guided or inspired by well-meaning individuals. These people focused the collective and in some cases also corrected for some of the common hive mind failure modes. The balancing of influence between people and collectives is the heart of the design of democracies, scientific communities, and many other long-standing projects. There's a lot of experience out there to work with. A few of these old ideas provide interesting new ways to approach the question of how to best use the hive mind.


Disconnect identifies the “invisible” web, which is all the trackers, beacons, cookies, and other tools that websites and marketers use to track your activity across the internet. It blocks these malicious trackers from seeing your web activity, which in many cases will even make the site load faster. It's a great companion extension to Privacy Badger.

This huge PACE computer is impressive to behold. You get a real sense of where we come from when taking a picture of it with the $200 smart phone that you carry around in your pocket. A big part of the programming is the patch board which harkens back to telephone operators patching calls between lines. There were a number of other analog computing devices on display as well, I enjoyed this handheld analog calculator which uses a stylus to set up the calculation.

It's very popular to use apps both within a social media site (for instance, a Facebook app) and outside a site (for instance, a Snapchat utility). However, when you sign-up for these apps, you often expose a ton of personal data: your identity, your pictures, your messages, your friends. While this may not seem like a big deal, it means that you are trusting unknown developers with deeply personal information. Many of these app services are created by inexperienced programmers that do not have the resources to adequately protect your data (if they even care). More frequently, they're just interested in harvesting your data for marketing money. Unless you really, really need the app, reconsider whether you want some randos seeing everything you do on a social media site.

To round it all off, one notable public figure is arguing we don’t know for sure that Russia and its president, Vladimir Putin, were behind the hacks: President-elect Donald Trump. He maintains that opinion, even though the US intelligence community and the forensic experts who first examined the hacked systems are highly confident Russia is the bad guy here. NBC News reported Wednesday that US intelligence officials believe “with a high level of confidence” that Putin was personally involved in the effort to interfere in the election.


It’s very important to consider what would happen if your encryption keys were lost (say if your laptop was stolen or broken): anything that had been encrypted for you to see would be lost forever. If you have files or email you need encrypted and accessible that absolutely cannot be lost, you need to back-up your keys. From whichever PGP program you installed, you should have an option to export keys. Save these keys on a thumb drive and keep them somewhere incredibly safe.


Encryption keeps unwanted people from reading your data. It does this by transforming your data into completely unintelligible nonsense so that no-one but the intended receiver can figure out what it is. It’s really just secret code. So how does this code get created?

You’re a tech-savvy cyberpunk: your accounts are secure, your browsing is encrypted, and you’re enjoying the internet from the cozy confines of your VPN. What happens when someone steals your laptop? Or if your cloud service gets hacked? What if that cool new app has a bug that lets hackers download your data?

Authy is a neat app that will automatically generate your two-factor authentication codes offline anywhere you have the Authy app installed. Authy can be installed on any phone or desktop, with all your 2FA code-generating accounts backed-up on a single Authy account.

Feral Hosting is a paid Seedbox provider that allows you to create a personal VPN server as well as other web services like torrent clients, website management, and file storage. This is a great option for the more adventurous nerds that like the idea of having their own server to play with, but with tons of installation guides, automated management, and fantastic customer support (so it's not as hardcore as having a totally independent server). It costs ~$15 a month for its cheapest plan.

With so many cybersecurity tools out there, it can be intimidating to figure out which tools best meet your needs. Our cheat sheets will point you to recommended tech based on which digital activities and spaces you’re looking to take better control of. We’ll also give recommendations for the more experienced cyberpunks that may need more hardcore security than your average person. Just make sure to keep in mind that regardless of which tech you decide to use, nothing in the digital world is 100% guaranteed to be secure! So always be vigilant and conscious about your security. Don’t assume you’re invincible: no-one ever is!

Private companies have some of the worst security practices imaginable. Your passwords can be stored in their databases in plaintext, associated to your email and mailing addresses, sometimes even with credit card information attached. There are no regulations that force companies to take your security seriously, so very few do. As a consequence, corporate hacks and leaks are becoming increasingly common and will only continue to be more prevalent as big data mines and sells vast quantities of personal data. You probably hear about corporate hacks in the news, but they rarely make waves and are quickly forgotten. Unfortunately, this private data does not disappear with time: it is aggregated across the internet and stored indefinitely, sometimes by hackers, sometimes by security professionals. Thus, if you are not aware of a company leaking your data, or simply forget about it, you can still very much be at risk for targeted hacking (they have your personal information, after all).


I recently had the chance to visit Belgrade and take part in the Hackaday | Belgrade conference. Whenever I travel, I like to make some extra field trips to explore the area. This Serbian trip included a tour of electronics manufacturing, some excellent museums, and a startup that is weaving FPGAs into servers and PCIe cards.

CyberghostVPN has limited no-cost options: you can connect for up to 3 hours to one of their VPN networks. This is great if you can't afford a VPN but might want to be safe when working on public wifi once in a while.


A very important thing to keep in mind is BACK-UPS. Sure, it’s great to encrypt your hard-drive, but if your computer is stolen, you’ve still lost all that data. If you back-up your computer on external hard-drives, make sure to encrypt your external hard-drive as well. What good is encrypting your computer if someone can just grab your external hard-drive and have easy access to your private data?

The vast majority of websites do not need your personal data to provide their services, so be suspicious if they ask for it (besides, who cares what they want? It's not your responsibility to give them anything). If you think the request is legitimate, do not follow their supplied link: you should be able to do whatever you have to do by navigating their website in your browser. If you can't, they clearly have shitty security practices and you should be suspicious of them in general!


OS X comes with software, File Vault 2, already installed on your computer that can do this hard-drive encryption for you. All you have to do is set it up according to Apple's instructions.


In the Anonymity section, we talked about the value of using the HTTPS Everywhere extension. When you connect to a website using HTTPS, your browser ensures the site is not a fake by verifying the site's HTTPS certificate is legitimate. Because fake sites cannot replicate the expected HTTPS certificate, your browser could give you a warning that a fake site is insecure.

The engineers over a Rigol (bless their hearts) used the same hardware for the $800, 70MHz DS2072 and the $1600, 200MHz DS2202. The only difference between the two are a few bits in the scope's memory that are easily unlocked if you have the right key. A few folks over on the EEV Blog forum figured out the private key for the scope's encryption and the user [cybernet] wrote a keygen.

The tracing protocol used is BlueTrace, which is an open application protocol aimed at digital contact tracing. It was developed by the Singaporean government, initially for use with their TraceTogether mobile app.


Well, it really doesn’t get any better than the Gitzo GK1545T Series 1 Traveler Tripod and Center Ball Head, travel tripod and Center Ball Head, and the price would certainly indicate that. The entire design of the Gitzo travel tripod is based on maximizing its thin profile. The odd-shaped head is purposely curvy to accommodate the legs when inverted for transport. Gitzo travel tripod legs are narrower than much of the competition, but generally maintain higher load capacities. O-rings seal the top of the twist locks (https://yacsssdm.ru/hack/?patch=670) to keep debris out, the legs can be set at one of two angles, and the chassis is made of magnesium. The center ball head is a fine complement to its gorgeous legs and features a separate pan lock (https://yacsssdm.ru/hack/?patch=5555) knob, screw lock (try this site) for the Arca-type compatible plate, and a tungsten disulfide coating for silky smooth action. Like Manfrotto, Gitzo sells individual parts for its tripods, so if you wear out a component, it can be replaced.

Texts sent to friends not on Signal will be unencrypted, but having the option makes these apps perfect as your general purpose texting app. Especially nifty is that regardless of whether your texts were encrypted for the recipient, they will be encrypted locally on your phone.


As you secure your digital space, it’s important to recognize that apps do not only have to be a threat to your security: they can also be an asset. Some of the most sensitive data on your phone, from your pictures to your texts to your internet browsing can be secured to decent degree. And the most common thread should be a familiar one: Encryption!


This smartphone app showed a number of issues. First is that Apple does not allow for iOS apps to use Bluetooth in the background, requiring the app to be active in the foreground to be useful. Apple has its own tracing protocol, but it does not cover the requirements for building a full contact graph. Finally, the app in general is not useful to those who do not have a recent (compatible) smartphone, or who do not have a smartphone at all.

The Tor network is an internet protocol that basically hides your identity by bouncing your web requests across the world in multiple layers of encryption before it is received by the website. Although you may visit a website from Boston, the website will see the request come from England or Kenya or Japan or any other country that the Tor network spits your request from; there is no way to track a web request to its origin. The network also hosts websites (called “onion sites”) that are not accessible through regular internet: this can range from political dissident websites to forums for abuse survivors to drug markets to plain ole’ boring websites. However, you can access the rest of the “normal” internet as well.


Above you can see one of the technicians preparing the solder paste machine to apply paste to boards. From there it's into a huge and impressive pick-and-place machine. Just seeing the reels feeding the machine is beautiful. They have reflow ovens for the surface mount components, and in another room (not pictured) there is wave soldering. For me, the coolest machine in the place was the selective soldering machine. It has an upturned pipe underneath the board that has overflowing molten solder coming out of it. The board moves over this wand to solder through-hole components.

The debate has now shifted from what happened to why, with questions over how much a foreign power might have influenced this year’s divisive and controversial presidential election. The thing is, we never learn all the details.


Anonymity doesn’t have to stop at your web browser. By using the Tails operating system, you can create an anonymous, amnesic, secure digital space wherever you go. You don’t even need your own computer!

When you are on a wifi network, anyone else using that network can watch your web traffic (even if it’s a password-protected network). Because there can be so many people using the same network (like at a coffee shop or library), a malicious hacker could very easily collect tons of personal information about everyone on the network. They could intercept your traffic and feed you fake websites in order to get valuable data from you! And even if you’re not using a network intentionally, just leaving your phone with wifi-enabled means nearby networks can tap into your phone and pull metadata about you without your ever trying to use their internet. To fight this invasive snooping, you have to ensure that your web traffic is encrypted: using the Tor Browser and/or a VPN network as detailed below will give you great privacy. You should also disable wifi on your phone whenever you explicitly don’t need it!


Encryption, at its core, is mathematical functions dependent on two variables: your data and a piece of information called an encryption key. Although there are many different approaches, most frequently an encryption key comes in two related flavors: the public key and the private key. When you want to encrypt data for someone, you use their public key to “lock it”. When they want to read that encrypted data, they use their private key to “unlock it”.


The goal of the section is to make your internet activity secure from nonconsensual tracking and monitoring, effectively making you anonymous (though you are never -truly- anonymous; you have an IP address and an Internet Provider after all). The amount of protection you adopt is totally up to you: usually the trade-off is the more protection you want, the slower and more inconvenient browsing on the web can be. Fortunately, many of the basic technologies outlined require zero effort on your part and still offer a ton of protection.

A lot of the challenges in developing these devices lie in making them low-power, while still having the Bluetooth transceiver active often enough to be useful, as well as having enough space to store interactions and the temporary tokens that are used in the tracing protocol. As Simmel and the TraceTogether tokens become available over the coming months, it will be interesting to see how well these predictions worked out.


To funnel your internet activity through the Tor network, all you need to do is download the Tor Browser and use it exactly as you would a regular browser. You shouldn’t install extensions though, as the browser already anonymizes you and uses HTTPS when available! The most significant drawback is that the network is fairly slow: it takes a few seconds to bounce your requests around the world.

Check out haveibeenpwned to see if your email or username has ever been compromised in a major data breach. Your only course of defense is to use strong, unique passwords and two-factor authentication for all of your important accounts.

Those types of components may no longer be made here, but there is still a strong electronics manufacturing hub and a good example is MikroElektronika, a company built in the footprints of some of the old factories. The building and business are anything but old, and they have been so successful they are planning a second large building to increase their manufacturing capacity.


As a rule of thumb, if an email link directs you to a login screen, you should be suspicious. It's best to simply go to the website yourself in your browser, login normally, and look for the page the email wanted you to browse. An exception is when you reset a password for a site (the website needs to provide a personalized link for you to change your password). In this case just make sure that you explicitly requested a password reset. And use a unique password just to be safe!

A large part of fighting against the SARS-CoV-2 pandemic is the practice of contact tracing, where the whereabouts of an infected person can be traced and anyone who has been in contact with that person over the past days tested for COVID-19. While smartphone apps have been a popular choice for this kind of tracing, they come with a range of limitations, which is what the TraceTogether hardware token seeks to circumvent.


When you use a site or service that offers Two-Factor Authentication (2FA), you often have the option to generate a QR code or numeric code that you enter into a 2FA app on your phone. From then on, when you log into a site and service and are prompted for a 2FA code, you just have to look in the app for a generated code to use with that account. This is more secure than receiving a code via text or email, as it is much more difficult for a hacker or surveillance to get access to. While there are many 2FA apps that offer this functionality, we recommend an app called Authy.

This cheat sheet is best for internet feminists: you can make it much more difficult for trolls, trackers, and hackers to compromise your digital spaces. Our recommended tech for you is all free, requires only minimal set-up, and gives you easy options for securing your digital spaces and data. With almost all of this tech, you rarely have to think about what it's doing: it just works.


Procedures should also be developed which address using restraints for medical care purposes in conjunction with the department's healthcare provider. Administrative personnel should develop/revise their policy within the correctional standards implemented within their respective state and consider other correctional standards as well. The policy should emphasize all rationale for using restraints and should also specify that the use of restraints shall not be used as a form of punishment or discipline.


Luckily, there’s a great open-source, secure, and free alternative to standard corporate chat services. Signal is an app for encrypting texts so that the content of your messages can’t be seen by anyone other than you and the person you’re talking to. It can be used for one-on-one messages, groupchats, and even phone calls.

You can choose to add more security measures, or fewer. You can choose to use a safer service, or stay with what you have.

For low-angle shooting, the kit comes with a removable center column and optional included short center column. Also included are retractable spikes, strap, bag, tools, and quick-release plate. The BE-208T head has a separate panning lock (see here), bubble levels, and an Arca-type compatible quick-release plate.


Tubbo's eyes are wide, curious, sparkling with interest, like he's found a new solution to a problem on a maths test instead of stumbling on insect documentaries. The blanket, now tucked over his head like a hood, just accentuates how adorably fond Tubbo immediately is of the little fuzzy bees.

Implementing proper procedures for the use of restraints with prisoners and ensuring that officers apply them appropriately will assist in reducing the risk of litigation. It will also assist in enhancing the operational effectiveness of the department.


Many websites offer the option of logging in with your social media account rather than having to create an account for the website. Although convenient, this presents a huge security risk: how do you know if this site is legitimate? By encouraging unsuspecting users to use their social media accounts, a malicious website can easily collect valuable names and passwords. It's much safer to just create a new account for the site.


In a "Use of force for COs", I portrayed the liability trends of use of force claims filed against correction officers from 1992 to 2002. Of the six frequent litigated areas, the use of restraints comprised the second most common litigated area, accounting for 35 percent of the claims. Although correction personnel prevails in 78% of the lawsuits a review of a 2007 litigated jail case where a Midwest Sheriff's department failed to prevail and lost $96,000 is instructional and worthy of consideration in order to identify the lessons that can be learned.

Compounding the problem is that new business models for people who think and write have not appeared as quickly as we all hoped. Newspapers, for instance, are on the whole facing a grim decline as the Internet takes over the feeding of the curious eyes that hover over morning coffee and, even worse, classified ads. In the new environment, Google News is for the moment better funded and enjoys a more secure future than most of the rather small number of fine reporters around the world who ultimately create most of its content. The aggregator is richer than the aggregated.


Earlier in the guide, we talked about securing your web browsing with a VPN. Fortunately, you can use a VPN on your phone as well! If you already have a VPN provider, it’s relatively easy to set-up on your phone. Follow Apple’s instructions for iOS or check out OpenVPN (our recommended VPN client for Android).


Shortly after his confinement in prison, Smith filed a Section 1983 lawsuit claiming that his Constitutional rights were violated while confined at the jail. He alleged that being restrained in handcuffs and leg shackles constituted excessive force, was cruel and unusual punishment, which caused nerve damage to his wrists and ankles. He further claimed that he incurred psychological harm as a result of being kept in restraints for a prolonged period of time.

But first we must rebuild the West, and to do that we need to make America strong again. Without American strength, little is possible.


When it comes to versatility, look no further than Oben. You can tell that the company likes packing the maximum number of features into each tripod it markets. Built for mirrorless and small DSLR setups, the Oben AT-3535 Folding Carbon Fiber Travel Tripod and BE-208T Ball Head is no exception.

The vast majority of online accounts can be accessed through a password and email address/username. As we all know, a good password is essential in ensuring that hackers can’t get into our shit. However, the ways we create and remember passwords tend to be very easy to hack: common words and phrases can be programmatically exploited when trying to access an account. As the first and frequently only line of defense to accessing your account, strong passwords are key!

The internet is a crucial environment for our lives. Friendships, relationships, work, activism, commerce, and so many other forms of social connections take place digitally. As we thrive in these internet spaces, harassment and violence along intersecting axes of oppression are felt with unchecked force. Trolls launch campaigns of abuse and intimidation, hackers seek to exploit and manipulate your private data, and companies mine and sell your activity for profit. These threats to digital autonomy are gendered, racialized, queerphobic, transphobic, ableist, and classist in nature. The severity of these threats can have vast physical and psychological repercussions for those who experience them: they cannot be taken lightly.


Every social media site has different security capabilities, some more comprehensive than others. You should check out these quick privacy guides for your favorite sites and understand which tools you have at your disposal.

