Merge pull request #2 from kalapi/master

Fixes Typos
narwhalacademy · Mar 25, 2019 · 3e6b2d1 · 3e6b2d1
2 parents a717e4e + 9227b90
commit 3e6b2d1
Showing 1 changed file with 19 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -47,7 +47,7 @@
 
 ### Metadata
 
-Data about your data – e.g. what number you called, and for how long (but not the contents of the call). Without enough metadata, hackers can piece together a pretty good picture of who you are, who you know where you're going, etc. Plus legal protections around metadata are generally weaker.
+Data about your data – e.g. what number you called, and for how long (but not the contents of the call). With enough metadata, hackers can piece together a pretty good picture of who you are, who you know where you're going, etc. Plus legal protections around metadata are generally weaker.
 
 ---
 
@@ -58,7 +58,7 @@ Data about your data – e.g. what number you called, and for how long (but not
 #### Email
 
 - If you're on a webmail service, check that you're logging into it using an `https://` URL. And if there isn't one, find a new email provider.
-- Turn on two-factor authentication for your email service (e.g. [Gmail instructions](https://support.google.com/accounts/answer/185839?hl=en)) **if** they support an authenticator app (SMS is no longer considered safe) (e.g. [Google Authenticator](https://support.google.com/accounts/answer/1066447?hl=en), [DUO Mobile](https://duo.com/product/trusted-users/two-factor-authentication/duo-mobile), [Authy](https://authy.com/))
+- Turn on two-factor authentication for your email service (e.g. [Gmail instructions](https://support.google.com/accounts/answer/185839?hl=en)) **if** they support an authenticator app (SMS is no longer considered safe) (e.g. [Google Authenticator](https://support.google.com/accounts/answer/1066447?hl=en), [DUO Mobile](https://duo.com/product/trusted-users/two-factor-authentication/duo-mobile), [Authy](https://authy.com/)).
 
 #### Good passwords
 
@@ -71,7 +71,7 @@ Data about your data – e.g. what number you called, and for how long (but not
 #### Encrypt your devices
 
 - Encrypt your phone storage: [Android](http://www.networkworld.com/article/2689371/opensource-subnet/how-to-encrypt-an-android-device-in-5-steps.html), [iOS](https://ssd.eff.org/en/module/how-encrypt-your-iphone
-) (many phones now encrypt but default but it's worth double checking)
+) (many phones now encrypt by default but it's worth double checking).
 - Encrypt your laptop/desktop hard drive: [Windows](https://uit.stanford.edu/service/encryption/wholedisk/bitlocker), [Windows if no BitLocker](https://veracrypt.codeplex.com/), [Mac OSX](https://support.apple.com/en-us/HT204837).
 - Secure your backups too! Encrypt your backup hard drives and/or make sure your online backup storage solution supports end-to-end encryption.
 - N.B. Remember encryption is only fully effective when the device is off!
@@ -81,36 +81,36 @@ Data about your data – e.g. what number you called, and for how long (but not
 - Turn off app-specific passwords that bypass two-factor authentication (e.g. [instructions for Gmail](https://www.lifewire.com/revoke-an-application-password-for-gmail-1171889)).
 - [Turn on Login Alerts on Facebook](https://www.facebook.com/settings?tab=security).
 - Setup up a pin code for your mobile phone SIM card: [iPhone](https://support.apple.com/en-hk/HT201529), [Android](https://www.digitalcitizen.life/how-change-or-remove-sim-pin-android-2-steps). Search your phone provider's website to find out what their default password is (it varies from carrier to carrier).
-- [Disable macros within Microsoft Office](https://support.office.com/en-us/article/enable-or-disable-macros-in-office-files-12b036fd-d140-4e74-b45e-16fed1a7e5c6)
+- [Disable macros within Microsoft Office](https://support.office.com/en-us/article/enable-or-disable-macros-in-office-files-12b036fd-d140-4e74-b45e-16fed1a7e5c6).
 
 ### Habits to Cultivate
 
 #### Email
 
-- Be on the lookout for phishing scams: where possible double check the From email address and the domains that outbound links go to.
+- Be on the lookout for phishing scams: where possible double check the _From_ email address and the domains that outbound links go to.
 - Don't open unnecessary email attachments. Where possible, open/preview them first in an online document reader, or have colleagues use a filesharing server or service (Google Drive, SpiderOak, Dropbox), which tend to be a little harder to hack into.
-- You can upload a suspicious attachment to [VirusTotal](http://www.virustotal.com) for a check-up (but keep in mind files submitted to VirusTotal are available to security researchers so don’t submit sensitive information)
+- You can upload a suspicious attachment to [VirusTotal](http://www.virustotal.com) for a check-up (but keep in mind files submitted to VirusTotal are available to security researchers so don’t submit sensitive information).
 
 #### Update all the things
 
-- When you get a notification to update your operating system (on your mobile or computer), do it right away
-- Same for apps (mobile + computer)
-- Check occasionally for firmware updates for your router (and other internet-connected devices)
+- When you get a notification to update your operating system (on your mobile or computer), do it right away.
+- Same for apps (mobile + computer).
+- Check occasionally for firmware updates for your router (and other internet-connected devices).
 
 #### Other
 
 - Change important passwords (e.g. email, computer login, password manager master) every year or two.
-- Wipe your devices properly before donating/giving away: [phone](http://lifehacker.com/5808280/what-should-i-do-with-my-phone-before-i-sell-it), [computer](http://lifehacker.com/5835369/how-do-i-securely-wipe-a-computer-before-donating-it-to-charity)
+- Wipe your devices properly before donating/giving away: [phone](http://lifehacker.com/5808280/what-should-i-do-with-my-phone-before-i-sell-it), [computer](http://lifehacker.com/5835369/how-do-i-securely-wipe-a-computer-before-donating-it-to-charity).
 - Don't charge your phone at public charging stations/ports – they steal data.
 
 ### Scenario: 💩 my phone/computer was stolen!
 
-- Follow the Freedom of Press Foundation's guide: [What To Do If Your Phone Is Seized By The Police](https://freedom.press/training/mobile-security-for-activists-and-journalists/)
+- Follow the Freedom of Press Foundation's guide: [What To Do If Your Phone Is Seized By The Police](https://freedom.press/training/mobile-security-for-activists-and-journalists/).
 - Wipe your phone remotely: see instructions for [Android](https://support.google.com/accounts/answer/6160491?hl=en), [iOS](https://support.apple.com/kb/PH2701?locale=en_US).
 
 ### Scenario: I think my computer has been hacked 😱
 
-- Download an application that will notify you when data is being sent out from your computer. E.g. [Little Snitch for Mac](https://www.obdev.at/products/littlesnitch/index.html)
+- Download an application that will notify you when data is being sent out from your computer. E.g. [Little Snitch for Mac](https://www.obdev.at/products/littlesnitch/index.html).
 - Run Activity Monitor on Mac or Process Explorer on Windows to look at what processes/applications are running. Google any suspicious names.
 - Login to important online accounts to see if there have been any suspicious logins – see [this Motherboard guide for details](https://motherboard.vice.com/en_us/article/bjeznz/how-do-you-know-when-youve-been-hacked-gmail-facebook).
 
@@ -125,9 +125,9 @@ Data about your data – e.g. what number you called, and for how long (but not
 ### Things To Do Now    
 
 - Review the privacy settings on social networks you frequent: who can see your content, who can comment on it, and who can see your location.
-- Review what's connected to your main email/social media accounts (e.g. what kinds of services have access to Facebook, and what data can they access and/or can they post on your behalf)
+- Review what's connected to your main email/social media accounts (e.g. what kinds of services have access to Facebook, and what data can they access and/or can they post on your behalf).
 - Set up your devices with third-party applications (e.g. [Lookout Security](https://www.lookout.com/), [Prey](https://www.preyproject.com) so you can remotely track, wipe, and encrypt your devices from a website in the future.
-- Setup end-to-end encryption for computer-based instant messaging: EFF guide for [Mac](https://ssd.eff.org/en/module/how-use-otr-mac), [Windows](https://ssd.eff.org/en/module/how-use-otr-windows), [Linux](https://ssd.eff.org/en/module/how-use-otr-linux)
+- Setup end-to-end encryption for computer-based instant messaging: EFF guide for [Mac](https://ssd.eff.org/en/module/how-use-otr-mac), [Windows](https://ssd.eff.org/en/module/how-use-otr-windows), [Linux](https://ssd.eff.org/en/module/how-use-otr-linux).
 - Review the extensions/add-ons/plug-ins that have been installed within your computer web browser – delete any that you haven't used in a while or don't remember installing.
 
 ### Habits To Cultivate
@@ -142,10 +142,10 @@ Data about your data – e.g. what number you called, and for how long (but not
 
 ### Scenario: Online harassment & doxing
 
-- See [Feminist Frequency's Speak Up & Stay Safe(r)](https://onlinesafety.feministfrequency.com/en/)
+- See [Feminist Frequency's Speak Up & Stay Safe(r)](https://onlinesafety.feministfrequency.com/en/).
 - See [Crash Override: So You've Been Doxed](http://www.crashoverridenetwork.com/soyouvebeendoxed.html).
 - See [Crash Override: Preventing Doxing](http://www.crashoverridenetwork.com/preventingdoxing.html).
-- See [Equity Labs: Anti-Doxing Guide for Activists Facing Attacks from the Alt-Right](https://medium.com/@EqualityLabs/anti-doxing-guide-for-activists-facing-attacks-from-the-alt-right-ec6c290f543c)
+- See [Equity Labs: Anti-Doxing Guide for Activists Facing Attacks from the Alt-Right](https://medium.com/@EqualityLabs/anti-doxing-guide-for-activists-facing-attacks-from-the-alt-right-ec6c290f543c).
 - Use [Traveling Mailbox](https://travelingmailbox.com/) to obscure your postal address.
 - Use [Burner](http://www.burnerapp.com/) to set up burner phone numbers for calling/texting.
 - Pay [PrivacyDuck](https://www.privacyduck.com/) to scrub your information online. If you are an activist you can contact [Equity Labs](https://medium.com/@EqualityLabs/anti-doxing-guide-for-activists-facing-attacks-from-the-alt-right-ec6c290f543c) for a discounted rate.
@@ -175,16 +175,16 @@ Data about your data – e.g. what number you called, and for how long (but not
 - Delete old accounts to eliminate traces of personal information on the internet. Use [Justdelete.me](http://Justdelete.me) + [Have I Been Pawnd](https://haveibeenpwned.com/) to accelerate this process.
 - Keep less information/data/photos on your devices – you can't lose what you don't have!
 - Don't use Google/Twitter/Facebook to sign up/login to other services – each service should have its own account.
-- Encrypt emails with PGP: [Mac OSX](https://ssd.eff.org/en/module/how-use-pgp-mac-os-x),[Windows](https://ssd.eff.org/en/module/how-use-pgp-windows), [Linux](https://ssd.eff.org/en/module/how-use-pgp-linux)
+- Encrypt emails with PGP: [Mac OSX](https://ssd.eff.org/en/module/how-use-pgp-mac-os-x),[Windows](https://ssd.eff.org/en/module/how-use-pgp-windows), [Linux](https://ssd.eff.org/en/module/how-use-pgp-linux).
 - If PGP email is too much of a hassle, sign up for a [Protonmail](https://protonmail.com/) or [Tutanota](https://tutanota.com/) email account.
 - Use an adblocker on your computer and mobile.
-- Search the web anonymously with [DuckDuckGo](http://duckduckgo.com/)
+- Search the web anonymously with [DuckDuckGo](http://duckduckgo.com/).
 - Set up a fenced off, secure OS: [Tails](https://ssd.eff.org/en/module/keeping-your-data-safe).
 - If you're crossing the border into a country with a track record of seizing travelers' data **and** you're carrying highly sensitive information – see [Wired's guide](https://www.wired.com/2017/02/guide-getting-past-customs-digital-privacy-intact/) and [BoingBoing's addendum](http://boingboing.net/2017/02/12/how-to-cross-a-us-or-other-b.html) about making data unavailable, setting up burner accounts, and filing for attorney privileges at the border.
 - If you're attending a high-risk protest: leave your phone at home or use burner phone. More info from the EFF about protesting [in the US](https://ssd.eff.org/en/module/attending-protests-united-states
 ), and [internationally](https://ssd.eff.org/en/module/attending-protests-international).
 - Don't put any stickers on your laptop or phone that could be mistaken as a hacking and/or political organization – it might get you stopped at the border one day.
-- [Generating Diceware passwords](http://world.std.com/~reinhold/diceware.html)
+- [Generating Diceware passwords](http://world.std.com/~reinhold/diceware.html).
 - If you're a journalist who uses Signal regularly, step up your safety practices try following Martin Sheldon's [Locking Down Signal](https://medium.com/@mshelton/locking-down-signal-d71678f653d3) guide (or [similarly for WhatsApp](https://medium.com/@mshelton/upgrading-whatsapp-security-386c8ce496d3) if you use that a lot).
 - If you're a public figure/writer/artist, consider working under a persistent pseudonymn or collective identity – this [Tactical Tech manual](https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual#Creating_and_managing_identities_online) has more details on that.