Welcome to Solomon!

Enter the Access Code below

Access code is invalid

Solomon Logo

For assistance, problems or questions, please email us.

solomon@reliant.org

Versions Compared

Old Version 1

changes.mady.by.user John Abassian

Saved on

compared with

New Version 2

changes.mady.by.user John Abassian

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This is a simplified guide to encryption, security, and digital privacy. the programs and tools recommended here are tested and trusted by the us, but they are not the only suitable option. The goal of this write-up is to guide you towards the best level of privacy without adding unnecessary complications, to strike a balance between a solution that's "good enough" and easy to use.  

Table of Contents

Online Security

...

HTTPS

TLS (or its predecessor SSL) is a protocol for keeping internet connections secure, it's what makes HTTPS (HTTP Secure) is an extension of HTTP, the foundation of data communication on the Internet. A properly configured HTTPS application insures that communication between you and the website is encrypted end-to-end, making it impossible for third parties to view/read what you send to websites (through forms, file uploads, etc.). 

...

  • Never submit sensitive data to a website that's not secured!

    On most modern browsers, a secured website will have a green lock and the address will show "https:", modern browsers also give you a clear warning that requires multiple clicks to bypass and use an insecure site. But if you're using an older browser or one that doesn't have these safeguarding features, always look for a closed lock icon and "https" in the url. 

    Secure websiteInsecure website

     

    Image Modified

    Image Removed Image RemovedImage Removed

     

     

    Image AddedImage Added

     

    Image Added

     

    		Image AddedImage RemovedImage Modified

  • Always make sure to type out "https://" to ensure complete end to end encryption

    Info
    titleImportant!

    This is critically important if you're on a public/untrusted network (e.g. public WiFi). This also applies at the Internet Service Provider level, if you have reason to believe your ISP or its government are intercepting your data, always make sure to type out "https://" 

    Unfortunately, the internet was designed without any privacy and security features in mind, and these features were only added on later. But because these added measures required a time and monetary investment from website operators, adoption has been a very slow process. As a result, the internet effectively operates in two discrete modes, the new secure protocol (https) and the old insecure protocol (http), with http being the default. 

    Because the two modes are discrete, most websites support both protocols to allow users to simply type "example.com" instead of "https://example.com". "example.com" translates to the default protocol , ("http://example.com") and then the website may redirect you to the https protocol. 
    An attacker can take advantage of this redirect with a technique known as "Man In The Middle", in which the attacker intercepts your insecure requests and sends them to the website through the secure protocol, and it then it intercepts receives the response from the website and sends them back to you after reading its content.

    HereFor a better understanding, here's an illustration of your communication with example.com when properly secured using https:
    Image Removed
    Here's an illustration of Notice how your communication with example.com when going the website is encrypted end-to-end, and no outside party can view what you send and receive. 

    Image Added

    When browsing to example.com without typing "https", assuming the site implements a redirect:
    Notice how your , the initial communication with the website is insecure. This initial communication can be intercepted by an attacker as illustrated below.Image Removed
    Here's an illustration of your communication with example.com over a malicious WiFi hotspot:, the website then instructs your browser to communicate over the secure protocol insuring all future communication is secured and private.Image Added

    An attacker (e.g. a malicious WiFi hotspot, ISP, etc) can take advantage of this by not sending the initial request to the website over the insecure protocol, instead sending your data to the website over the secure protocol after reading the content.
    Notice that example.com is communicating securely with the malicious network, but it's acting as a Man In The Middle and reading everything you send to and receive from the website. Image Removed

 

...

  • .
    Image Added

     

VPN

Virtual Private Networks (VPNs), employ end-to-end encryption technologies to creates a safe and encrypted connection over a less secure network, such as the Internet. For our purposes, VPNs are used to insure our online activities cannot be snooped on by unauthorized parties. 

Without a VPN, we rely on HTTPs and other forms of encryption to hide the contents of our interactions with a website, but that doesn't hide the fact that we communicated with the website. Think of HTTPS as using a special code language to communicate with each other in public, extending this analogy,  VPN is the equivalent of going into a private room from the front door, and your partner enters through he back door which is well hidden. The observer knows that you entered the room, but we don't know what you said or to whom. 

 

Passwords

Dual Factor Authentication

Anti Virus

Encryption

We'll describe three types of encryption technologies/algorithms we recommend, and go into detail on how and when to utilize each. 

...