Jump to content

WikiLearn - Assess your digital security risks - html: Choosing the right digital tools

From Meta, a Wikimedia project coordination wiki
@metadata
sourceLanguage"en"
priorityLanguages
"ru"
"ar"
allowOnlyPriorityLanguagestrue
description"html in Assess your digital security risks - Identify and learn about some risks and vulnerabilities when navigating the digital world "
label"WikiLearn - Assess your digital security risks - html: Choosing the right digital tools"
content"<p>Software is complex, especially when it exists to enhance its users security and privacy. Depending on the jurisdiction you are in, its laws, and the adversaries you may face, some tools can be more or less effective. <img height="200" width="200" src="/static/strategic.png" alt="Icon for choosing digital tools" style="float: right;" /></p> <h4><span style="font-size: 22.4px;">Some criteria to help you assess a digital tool</span></h4> <p>Below are some questions you can ask yourself before you decide to use a digital tool and trust it to enhance your privacy and security:</p> <ul> <ul> <li><strong>Is the tool <a href="https://en.wikipedia.org/wiki/Open-source_software" target="_blank">open source</a>?</strong> Open source means that source code is publicly available for you or others to see. Even if you cannot read or assess the code, being open source means it can be verified and audited by those with expertise. This is comparable how a diverse set of editors on a Wikipedia ensure the knowledge shared follows policy and is of encyclopaedic value.</li> <li><strong>Does the tool provide <a href="https://ssd.eff.org/en/glossary/end-end-encryption" target="_blank">end-to-end encryption</a>?</strong> This means that data is encrypted before it is sent to the receiving party, and only they can decrypt the data, not even the service provider.</li> <li><strong>Does the tool store data unnecessarily?</strong> Tools that keep track of more data than they need in order to perform their function risk exposing this data in the future. One way to check what data is being collected and/or shared by an application is to look at the Data safety or Privacy section on Google Play or the App store. For instance, look at <a href="https://play.google.com/store/apps/details?id=net.mullvad.mullvadvpn" target="[object Object]">Mullvad VPN</a> and <a href="https://play.google.com/store/apps/details?id=com.nordvpn.android" target="[object Object]">NordVPN</a>, both provide the same service but one collects and shares more data than the other. </li> <li><strong>Does the tool leak data?</strong>  When performing functions with that tool, no unnecessary data is inadvertently exposed to the public or third parties. It always good practice to do an online search of the tool to assess its safety and potential pitfalls.</li> <li><strong>Does the tool share data?</strong> Some tools or services share your data or sell them to third parties; you can often find out about this if you read a tool’s (app, software, etc.) Terms of Use and/or Data Policy.</li> <li><strong>Is the tool or service mature? </strong>In other words, it is important to check how long it has been in operation, whether there is a large developer community and if it this being actively maintained. <strong>Tip:</strong> To check if there have been any recent activity, head to the <a href="https://github.com/EFForg/privacybadger" target="_blank">Github</a> page (here you the see recent activity in regards to <a href="https://privacybadger.org/" target="_blank">EFF's Privacy Badger</a>) where you will see when the last commit was!</li> <li><strong>Is it legal to use in your area?</strong> In some jurisdictions, encryption itself is banned, and use of other tools, like VPNs or social media, may be restricted.</li> </ul> </ul> <p></p>"
display_name"Choosing the right digital tools"