Looks like I’m on fire today my wife is with her parents so I really have nothing else to do right now so I’ll write another episode. I like sharing my knowledge, and trust me, if this tutorial looks very advanced to you, it’s not it’s just basic knowledge, my knowledge about computer security doesn’t come nowhere near to those of the real experts like Joanna Rutkowska the founder of Qubes or that of Linus Torvalds the founder of Linux. They are the real superstars, I am just an amateur who got interested in computer security and started reading a little bit into it, read a few books, and watched a few presentations over a couple of years, that’s it.

My field is not even computer science it’s economics, but I was forced to learn more about compsec given the threats of malware that surrounds cryptocurrencies. So really the many disciplines merge together in the cryptocurrency movement: cryptography, computer security, mathematics, economics, all merged into 1 entity.

Read the previous episodes if you have just tuned in:

• 1) Hardware Selection & Proper Usage 1
• 2) Hardware Selection & Proper Usage 2
• 3) Kernel Defense 1
• 4) Kernel Defense 2
• 5) Kernel Defense 3
• 6) User Space & Device Driver Security

Going Full Open-Source

So now that I have covered all security layers from Ring 0 to Ring 2 it’s time to cover the Application Layer which is the final Ring 3. The basic principle is simple, just go full open source. All softwares should be open source really, there is no point why not, it’s both trustworthy, and secure.

So this means that we should really just use Open Source applications and stay away as much as possible from closed-source ones. Essentially only executing them in a disposable VM like through Qubes, since they can’t be trusted at all.

So the first thing you would do is to just change all your apps to Open Source right now by going to this website and looking at the Open Source alternatives:

https://prism-break.org

As you can see you will find many O.S. alternatives for all platforms and for all categories. Well we should use Linux by now, so that leaves us with a few choices.

Here are my personal favorites and recommendations for each category:

• Anonymity Networks: I wrote a guide about the best VPN’s
• Smartphone Apps: I don’t have a smart phone, I use an old Motorola phone so, all of the phone apps in that section don’t apply to me
• Bookmark Sync: I don’t use bookmark syncs, I just export my bookmarks and back them up via Firefox’s export bookmark feature
• Communication Protocols: I don’t use those
• Disk Encryption:
  • Disk Cryptor, which is available by default in Linux for partition encryption
  • Veracrypt, for file encryption
  • OpenSSL, for quick encryption, which is also installed by default
• DNS Server: I have heard that using the DNS server given by your ISP is the best option. Using third party DNS’s just increases the risk of surveillance, and the ISP already tracks you,so why give that information to anyone else. Even if you use a trustworthy DNS server, the ISP can still track the links you visit, so it literally makes no sense to use a custom DNS server.
• Email Provider: Protonmail
• Email Alternatives: I don’t use any of those, so I can’t vouch for them, but I heard Bitmessage is neat.
• Email Clients: I don’t use any of those, but I heard Mozzila Tunderbird is decent. So if you have your own e-mail server associated with your business or domain name, just use Thunderbird it’s decent.
• Email Encryption: GPG of course, but I don’t really have a GPG key, haven’t seen the need to make one personally, but I am sure if people want to talk privately it’s very useful!
• Enterprise Suite: Nope
• File Storage & Sync: Nope, I backup my stuff on thumb drives and DVD’s. I don’t really trust these file hosting websites, they are all spying on their user’s files. And if you upload there like a Bitcoin wallet, it could be in danger.
• Finance: Well I am stuck with Paypal for shopping online since BTC has a freakin 50$ transaction fee. But otherwise I don’t really shop that much online. As for my investments in crypto, read this post!
• IM: Pidgin, but I am stuck with Skype most of the time since my friends use that. So Skype can just be run inside a VM for maximum safety.
• IRC: I don’t use chat rooms, but I heard Hexchat is decent but Pidgin can be configured as well for IRC
• Mail Servers: I have no idea
• Mail Transfer Agents: No idea
• Media Publishing: I don’t use any of that stuff. Perhaps a Wordpress blog would be neat, but we have Steemit too don’t we?
• Mesh Networks: I really have to read into Mesh networks more, I haven’t done a lot of research here so I have no comment ,but I heard some good stuff is coming out there. Definitely the monopoly of these ISP’s have to end at some point.
• Operating Systems: Well of course I recommended Qubes, since it has the perfect security setup imaginable, so it’s literally the best OS now when it comes to security. But if you want to settle for something lighter then try Linux Mint or Debian.
• Live OS: No idea
• Mobile OS: Well just use Replicant I guess
• Password Managers: KeepassXC of course, here is a full tutorial
• Productivity: No idea
• Raspberry Pi: No idea
• SIP Servers: No idea
• Social Networks: Steemit of course!
• Video & Voice: No idea
• VPN Accounts: Read my review on VPN’s
• VPN Clients/Servers: OpenVPN of course so make sure your VPN provider uses that, the list above contains only the best VPN providers that do that.
• Web Analytics: Don’t use that, but I guess anything is better than Google
• Web Browser Addons: HTTPS Everywhere, Noscript & uBlock Origin (in fact this needs to be configured better, see my Firefox improvement post)
• Web Browsers: Only Firefox
• Web Hosting: I guess just go with Austicii
• Web Search: DuckDuckGo
• World Maps: Unfortunately Google Earth is of higher quality than any other, so I guess running that in a VM is ok
• XMPP Servers: No idea

And that is that, but there are other softwares that need to be considered too, so let me add my other choices as well:

• Office Suite: LibreOffice
• Photo Editor: Gimp
• Sound Edit/Record: Audacity
• CD/DVD burn/manage: Brasero
• PDF Reader: Evince
• Video Editor: Pitivi
• Video Viewer: Totem
• Archive Manager: File Roller

That’s it you have all the apps you need 100% free, 100% legal (not pirated crap, but with free license by default), and 100% transparent which makes them safe and really trustworthy. You have all the apps you need in Linux, most of these are already installed by default if you use a Gnome Desktop, other’s have their own versions of them which are not that far away anyway.

And if you need other stuff, just add the Debian Repository to your software sources

deb  http://deb.debian.org/debian stretch main
deb-src  http://deb.debian.org/debian stretch main

deb  http://deb.debian.org/debian stretch-updates main
deb-src  http://deb.debian.org/debian stretch-updates main

deb http://security.debian.org/ stretch/updates main
deb-src http://security.debian.org/ stretch/updates main

The above code is for Debian 9, for later Debian versions just replace the “stretch” with it’s version codename.

So Debian literally has more than 51000 free apps, so you can really browse there whatever you need.

In fact search through the packages here, by category of your need:

• https://packages.debian.org/stable/

You will almost guaranteed find all kinds of softwares for all of your needs, there is really no reason why you should spend a single dime on software, it’s there all for free.

---

Sources:

• https://pixabay.com

---

Upvote, ReSteem &