Security is a journey not a destination. Let’s go over all the ways you aren’t secure and how you can minimize your footprint.
Website Guide: https://christitus.com/creating-a-secure-system/
Chapters:
00:00 Hardware
03:50 Operating Systems
07:10 Browsers
07:50 Password Managers
09:45 Network
13:35 The Truth about VPNs .
►► Digital Downloads ➜ https://www.cttstore.com
►► Patreon ➜ https://www.patreon.com/christitustech
►► Twitch ➜ https://www.twitch.tv/christitustech
►► Website and Guides ➜ https://christitus.com
Can you create a tier list on both subscription password manager and free or self hosted?
Finally someone that say the truth about VPN's. I'm so sick of youtubers that promotes insert random vpn name here and talk shit about security.
Brave browser sucks completely. Too much bloated browser with crappy ads which cant be disabled, it re-enables them with every update and brave search also cant find anything. While it has some useful features like built-in support for Adblock/Ublock filter lists which are updated on the fly. Overall it operates with same downsides as of chromium engine – incompatible with large amount of tabs usage. Impossible to open it with 2000 tabs. It doesn't support discarded tabs on the launch and if opening session with 2000 tabs it will kill CPU, network, which will result in sites to temporarily block your ip because of too many connection attempts. And Brave after eating 70-90% of CPU will eventually crash. And there is no way to disable, this is how poorly made Chromium engine works – it doesn't support preventing background tab load and discarded tabs on launch. Nothing can help with this. With Firefox I can open and restore a session with 20k tabs open, which are in discarded state. Firefox is much better than any chromium based browser will ever be.
9:38 SMS ain't secure, I believe it was a Veritasium/LTT collab video that showed how ridiculously easy it is for average people to break SMS 2FA with very low effort!
Edward Snorten LUL
Security is just common sense lol if u go downloading and clicking what ever and use public wifi then you get what u asked for.
I've personally haven't been infected in years last time i think installed a malware of some sorts when i was 12 years old barely knew anything about computers and still learning i'm now 27 lol using linux as my main os after windows 11 garbage came out.
so is it safe to install amd psp or meshcontrol ?
Guys 9:40 SMS is NOT A SECURE 2FA!!!!
Tried GRC and I have a quandary: I would like to know how to still port 113. I've tried to search for a solution, but have come out more confused (I use ufw). What advise do you have regrading this port?
Also, I'm trying to find a way to configure my firewall to overall stealth mode. As far as I can tell, the ufw doesn''t have this option (drop and not deny or reject). In this I would really appreciate you input as to what should I use – firewalld/iptables/nftables? -something cpletely different (not a monty python firewall..)
First ad foremost: thanks for your tutorials. I've been learning and implementing a lot of your recommendations. However, I now have a question: I installed firejail & profiles, but did not run 'firecfg' on them. When i did, it broke a lot of my PC functionality. Then I found out that there is a debate on whether it is beneficial or not. I ended up just removing and purging it, and got back my desire functionality. -I would appreciate you opinion on if/how to use it, and your recommendations.
How secure would I be if I had my PC on a VPN and a proxy and run a VM inside and do the same vpn and proxy on the VM different vpns and proxys?
Using openvpn on router. To disable response to pings it looks like VPN services have to be disabled. Not sure if its a limitation of openvpn or just some artificial limitation that my router has.
Thanks!
Virtual machines are the answer. Know what you are doing 😄 virtual machines act as a router
Chris, my migration from Roboform to Bitwarden was painless. Bite the bullet 🙂
Thanks for all your thorough analysis!
Except iDrac doesn't have access to the Memory Bus and it runs as an actual separated embedded computer, not in the same microcontroller that the main chipset uses.
Intel used the same thing for everything to save cost it seems.
end to end encryption?? Do we have that??
Just buy a Mac.
Well the journey just hit pot-holes. No kvm's in Ubuntu, no working snap gui in Ubuntu server. Keeps asking me if I was root….Now to effectuate this journey more video's are needed for trouble shooting Proxmox straight out of the box.
Hi Chris. I have a question that goes on the contrary road: how can I fully disable ELAM? I have made an image of my old laptop that had a AV application on it, I no longer have that AV license, I uninstalled it, but Windows won't boot straight away until I F8 and select "disable ELAM" everytime.
Can anyone help me? I have some issue while try to download nvidia driver linux on arch linux my specs is Quadro K4200
Most secure: Cut off net heat lights air etc. Quantum information relay!
Hello Chris, I have a question: When you remove a big chunk of the windows OS be it 10 or 11, aren't you putting your OS at risc? I'm thinking intrusion and other online riscs?
Bravo! Bravo! Bravo! Ohhh where did your shirts go I wanted to buy one bro?
Hi, if possible can you make a video on microsoft services which are safe to disable in msconfig ? I feel like quite a bit of them can be avoided
iam unable to get copilot i used ur tool an made it basic set up windows in your tools menu
I have a raspberry pi with is still in the box never once plugged into anything. You can't get more secure than that. Checkmate.
bruv I don't even have the intel management engine driver installed.
Key takeaway from this video :
"Don't blame others as an excuse for you not working hard enough." ðŸ‘ðŸ‘ðŸ‘
Brave browser taming the laziness outta me. 👌👌👌
@Chris, Arch uses iptables, ufw is just a user interface frontend over iptables. Also, there is almost no mention about how many CVE's get marked as fixed for a Linux Distro but are not really fixed. Your video isn't really providing much value aside from the link to Meshcentral, and that only provides value in terms of additional visibility. Dbus (a requirement for any systemd init) is also not mentioned at all.
You should make a video on how to update Intels Management Engine. I've been looking for a guide or a video and anyone I see says to go to your PC manufacturer's website but mine is custom built. Would be really useful to show how to do it using the official tools and that Mesh Central thing.
Your XBox is probably the most secure device in your home :V
Love your content, what IPv6 with ICMP ?
I usually find all these shell prompt customizations ridiculous. But I have to admit your's look really beautiful. I am tempted to ask – hell I have to ask – What is this?
I have a question. What’s the best custom ISO to use for gaming
This is another video (like the debloat one) I'll keep coming back for the next years to come! Thanks for such comprehensive display of information!!!
We in developing countries have to use cracked software due to high cost of licensed software. How can we protect our computers?
What I did to my "smart" camera is I blocked the API servers of it's cloud junk on the router side, now it only works via LAN only. And you can do the same to your 😀 "smart" toaster as well
If you have a router with firewall, why do you need a firewall on your host, both router and hosts are using the same iptables for a firewall. Let's say we have a wired only LAN, without wifi API exposing then LAN. I am talking about home labs, not a server environment.