QuranApp is a spectacular app that follows the UNIX philosophy and is hosted under the GPL license effectively making it free software. It has many features like information on every single Surah, multiple translations, audio, mentions of prophets in the Quran and even has a search option using which you can search for any surah or term to get detailed information about your search query in the Quran. For example, searching about 'patience' brings up ayahs which talk about patience and the rewards that come about from being patient.
-Al-Azan is another app which also follows the UNIX philosophy and is hosted under the AGPL license also making it free software. It does one thing well - displaying and informing of prayer times. You can adjust the prayer times based on location, offset and even calculation methods.
-However, there is not a single free software or even open-source Hisnul Muslim application that I have noticed. Most Hisnul Muslim apps I have used have the exact same duas since it is based off the 'Fortress of the Muslim' book. Just having a page with all duas with a simple search option and the translation in popular languages is all thats required to get the open-source savvy Muslim community to start using free software for their duas.
+However, there is not a single free software or even open-source Hisnul Muslim application that I have noticed. Most Hisnul Muslim apps I have used have the exact same duas since it is based off the 'Fortress of the Muslim' book. Just having a page with all duas with a simple search option and the translation in popular languages is all thats required to get the open-source savvy Muslim community to start using free software for their duas.
Anyone can take the lead. In fact, this may be the first thing I try when I start developing applications.
@@ -156,9 +156,10 @@FFmpeg is a difficult program to learn but the rewards are worth it. I currently have a command that records my screen, converts the audio in the recording from stereo to mono and finally encode it in H.264 for ultimate compatibility.
All in all, you should learn FFmpeg if you do even a little amount of multimedia manipulation. It will help you out immensely.
-
SMS is inherently insecure. It is not encrypted, and your SIM card is always susceptible to SIM swap attacks. A SIM swap attack is a type of identity theft where a cybercriminal pretends to be you and asks for your number to be switched to a SIM card in their possession. They do this by claiming that their phone was lost or stolen. Most employees working for mobile networks speak with hundreds of people a day. They cannot differentiate people's voices. Even with a small amount of voice modulation, almost anyone can trick them into thinking it's you.
-After gaining possession of your SIM card, the cybercriminal goes to your online accounts and tries to reset your passwords. If they already have your passwords, they may try to login using your phone number and the 2FA code received through SMS. This may seem rare, and it may also seem like it does not work on most people. However, in 2019, Jack Dorsey's (the former CEO of Twitter) account got hacked using this exact method. -
As commonly said by many privacy and security professionals, you are only as secure as your weakest link. Make sure your weakest link is not SMS. +
After gaining possession of your SIM card, the cybercriminal goes to your online accounts and tries to reset your passwords. If they already have your passwords, they may try to login using your phone number and the 2FA code received through SMS. This may seem rare, and it may also seem like it does not work on most people. However, in 2019, Jack Dorsey's (the former CEO of Twitter) account got hacked using this exact method.
+As commonly said by many privacy and security professionals, you are only as secure as your weakest link. Make sure your weakest link is not SMS.
An authenticator app is much better than SMS-based 2FA. This is because authenticator apps usually follow the TOTP or HOTP standard, which is very secure. It basically uses a secret key along with the current time to create a unique code that changes every thirty seconds.
One thing that you should absolutely not do is use Google Authenticator, Microsoft Authenticator, Authy or anything as such. This is because the clients are close-sourced, which means that the code is not public. This means that they could be doing anything with your 2FA secret keys. Authy syncs your codes which is convenient but it does not allow you to export your keys, just like other properietary authentication apps. This is unethical as you should have complete control over what is required to access your own accounts. If your Authy account gets disabled, you will no longer be able to log in to most accounts. A much better alternative is:
-You should also be taking frequent encrypted backups of not only your 2FA codes, but all data that is important to you. Read this post to learn how to take encrypted backups properly. Remember, you should keep your backups as far away from other people's hands as possible. If they have your secret keys, they have your 2FA codes.
Security keys are the best form of two-factor authentication. They are physical keys which need to be plugged in to your computer or smartphone in order to be used. They use NFC, USB-C, USB-A and also the Lightning port. This 2FA method makes it so that it does not matter which person gets your credentials because they need access to your key physically in order to login. One drawback of this method is that, if you lose your key, you cannot login to your accounts. This is why people buy 2 or 3 as a backup. It should be noted that, although other methods can be used alongside security keys, it is not recommended as it is still possible to just use the other insecure methods for a cybercriminal and bypass your security key.
@@ -296,7 +302,7 @@Example: I<3e43&1/2cad,IangtLIE!
Example: ILUVe43and1/2cad,IangtLIE!
Do not proceed to the next section without doing this step. Recall the sentence in your mind and try to write the same password you got in the previous step. Do this at least 10 times. Wait a few hours, then do it again. Wait until you sleep and do it again. This may seem unnecesarry, but most people underestimate the power of muscle memory. If you login to an account regularly, then you type your password without even thinking about it. The same trick can be applied here.
After a while, you will be able to type your extremely long password without any effort. You just think about it and your mind glides through the keyboard. This is super useful.
@@ -312,13 +318,12 @@It is finally time to integrate your master password into a password system. It is called a password system, which means that it is dynamic and changes for every website. A sample password system can be the following:
(SERVICE DIFFERENTIATOR) + (MASTER PASSWORD)
In my example's case, my Google account password would be:
-googlE!666I<3e43&1/2cad,IangtLIE!
googlE!666ILUVe43and1/2cad,IangtLIE!
The password above is 40 characters, yes 40 characters long. No one will be able to guess it and it will take hundreds of centuries to crack. Best of all, it is different for each account.
You can mix the order up. Just make sure you don't keep changing the system and use one system. The best part is that if you need to change your passwords, you can just make another system that will work just as well. By that point, the previous system will be embedded into your brain. So, you can remember multiple strong passwords using this step.
Please note that this is not enough. If you have followed this guide, you have taken a massive step towards protecting your accounts. However, many cybercriminals rely on phishing attacks. Please do not click on random links and please do not enter your information on random websites.
Congratulations! You now know how to create an extremely strong password that is different on each account.
-
I know how you felt reading the title. If you are a heavy social media user, you probably said:
"What? Who in their right mind would delete their social media accounts? How are they supposed to live life and talk to their friends?"
Don't worry. That was me last year. I understand your feelings. However, the disadvantages of social media and the perks of deleting it far outweigh its benefits. In this post, I will go over the reasons why you should delete all of your social media.
If you post everything you do on social media, there is no longer any privacy. Anything you do is public information. If you have a 'private' account, your friends know everything you do. There is no privacy at all if you keep posting everything on social media.
Then there is the elephant in the room.
+ I know how you felt reading the title. If you are a heavy social media user, you probably said: "What? Who in their right mind would delete their social media accounts? How are they supposed to live life and talk to their friends?" Don't worry. That was me last year. I understand your feelings. However, the disadvantages of social media and the perks of deleting it far outweigh its benefits. In this post, I will go over the reasons why you should delete all of your social media. If you post everything you do on social media, there is no longer any privacy. Anything you do is public information. If you have a 'private' account, your friends know everything you do. There is no privacy at all if you keep posting everything on social media. Then there is the elephant in the room.
Digital Privacy. It is well-known that apps like Instagram, Facebook, Twitter, and some Google apps collect your data like their lives depend on it (technically, they do). Everything from your name to your IP address and phone number to even the amount of network requests you make or the model of your phone. Not to mention, literally everything you do on the app. This all goes to their servers and is used for more advertisements. It is pretty safe to say that your digital footprint, as it is called, can be nearly eliminated by deleting your accounts. There are more steps that you have to take to take care of your privacy, but preventing data collection from big corporations is a huge step. I was not using Discord anymore so I deleted it. The reason is that my previous account got banned for botting when I did not do anything. I made a new account, chatted with three or four of my friends. Afterwards, the CounterHawks Discord server got banned. Due to this, I realized there is no use for my account and that there is no reason for me to support Discord. I do not use Discord anymore and probably never will. Previously, it was difficult to delete my Discord account but Discord themselves have done all the hard work for me.Privacy
Conclusion
+ 
This setup has been serving me extremely well. I will continue using this setup and building on it if any specific need arises.
-
Mailvelope is a free, libre and open-source browser extension which allows you to not only encrypt emails using public keys but also has a keyserver which has a list of other people who use Mailvelope. Emails sent to other people using Mailvelope will automatically be encrypted.
Open the extension and generate your keypair if you do not have a keypair or import your keypair if you do have one.
-
Encourage all of your friends to get the Mailvelope extension. Afterwards, you can import their public keys. Henceforth, all emails will be encrypted. Many websites also give their own public key along with their emails so that you can encrypt them as well. If you have friends who use ProtonMail, go to the ProtonMail import section of this post.
Whenever you go to compose an email, there will be a button like the image below. Just click on it and there will be a popup to compose your encrypted email. Just fill in the info and send your email!
-
Firstly, I would like to give a disclaimer. There is no way to use PGP encryption on iOS. Most encryption that is used on iOS is either paid or unavailable. On Android, you cannot encrypt emails using the native applications for Gmail, Outlook or Yahoo. Even if there is such a feature, you should not use their official clients due to their invasive tracking. To encrypt emails, we will use an email app called K-9 Mail. I believe that everyone should use K-9 Mail even if they are not encrypting their emails. It is a fantastic app.
K-9 Mail is a free and open-source email app that has a lot of features. I believe that no one should be writing emails on their phones but it is a great app to have just to make sure there is nothing urgent in your inbox.
@@ -610,7 +615,7 @@Generate your key by pressing the option to create a key or import the key file.
Go back to K-9 Mail, go to settings, go to your account that you added, go to end-to-end encryption and enable it. Select your key. Turn on autocrypt mutual mode. That is it! You should see a lock icon whenever you are sending an email to someone if you have their PGP public key. If you need to import more keys, just go to the OpenKeychain app and import them.
-
To export your ProtonMail public keys, follow these steps.
The image below is how it looks like in 2023.
-
You can now send these keys to anyone to import into their PGP keychain. They will then be able to encrypt emails when sending them to your ProtonMail address!
That is it! You have setup encryption on your emails. This is a great step as email itself is very unsecure, so this will boost your privacy and security by a lot. Sharing passwords through email has never been safe but encryption allows you to do it with a good range of security.
@@ -685,9 +690,8 @@... including terminal applications. Terminal applications are amazing. They allow me to do so much. However, there are extremely rare cases in which I have no choice but to use a GUI. This is if the GUI application in question requires you to use only their app. There are also some specific use-cases in which GUI apps just make more sense. Video editing, advanced photo manipulation and 3D modelling are great examples.
...terminal applications should be used as much as possible. They are swift. They can be used quickly and also use less resources and space while running on just about anything. They are not as difficult as they look and can be used for uses which GUI apps do not have. They cannot be used all the time because there are rare exceptions in which GUI applications have to be used. However, these are so little that I do not mind keeping GUI apps just for these use cases. +
...terminal applications should be used as much as possible. They are swift. They can be used quickly and also use less resources and space while running on just about anything. They are not as difficult as they look and can be used for uses which GUI apps do not have. They cannot be used all the time because there are rare exceptions in which GUI applications have to be used. However, these are so little that I do not mind keeping GUI apps just for these use cases.