Summary SOFTWEREENNGNEERING

The
Motherboard
Guide
to
Not
Getting
Hacked

,VERSION_1.0 UPDATED_11.14.17




The Motherboard
Guide to Not
Getting Hacked


One of the questions we are asked most often at Motherboard is This guide isn’t comprehensive and it’s not personalized; there is
“how can I prevent myself from getting hacked?” no such thing as “perfect security” and there are no one-size-fits
all solutions. Instead, we hope this will be a jumping-off point for
Because living in modern society necessitates putting an uncom- people looking to batten down the hatches on their digital lives.
fortably large amount of trust in third parties, the answer is often
“not a whole lot.” Take, for example, the massive Equifax hack That’s why we’ve tried to keep this guide as accessible as
that affected roughly half of the American population: Few peo- possible, but if you run into any lingo you don’t know, there’s a
ple voluntarily signed up for the service, and yet their information glossary at the end of this guide to help out.
was stolen anyway.
This guide is the work of many people on Motherboard staff both
Hackers steal hundreds of millions of passwords in one swoop past and present, and has been vetted by several of our sources,
and occasionally cause large-scale blackouts. The future is who we owe a great debt to. Large sections of it were written by
probably not going to get better, with real-life disasters caused by Lorenzo Franceschi-Bicchierai, Joseph Cox, Sarah Jeong, and
internet-connected knick-knacks, smart home robots that could Jason Koebler, but the tips within it have grown out of years of
kill you, flying hacker laptops, and the dangers of hackers getting writing and research on digital security by dozens of reporters
your genetic data. Meanwhile, an ever-growing and increasingly and infosec professionals. Consider it a forever-ongoing work-in-
passive surveillance apparatus that has trickled down to state and progress that will receive at least one big annual refresh, as well
local police is an ever-present threat to our digital privacy. as smaller updates when major new vulnerabilities are exposed.
Special thanks to Matt Mitchell of Crypto Harlem, and Eva
That doesn’t mean it’s hopeless out there. There are lots of things Galperin, of the Electronic Frontier Foundation for reviewing
you can do to make it much more difficult for hackers or would- parts of this guide.
be surveillers to access your devices and accounts, and the aim
of this guide is to give you clear, easy-to-follow steps to improve Anyways, enough. This is the Motherboard Guide to Not
your digital security. There are, broadly speaking, two types of Getting Hacked.
hacks: Those that are unpreventable by users, and those you can
generally prevent. We want to help you mitigate the damage of
the first and prevent the second from happening.

You, as an individual user, can’t do anything to prevent your
email provider, or the company that holds your financial details,
from getting hacked. But you can avoid phishing attacks that
will let a hacker get into your individual email account, and you
can also prevent a password obtained in a larger hack from being
reused on another, separate account you have.



2

, VERSION_1.0 UPDATED_11.14.17




Table of Contents

04 Digital Security Basics
05 Threat Modeling
06 Software Updates
07 Passwords
08 Two-Factor Authentication


11 Mobile Security
12 Threat Modeling
(Mobile edition)
12 iPhone vs Android
13 Android Security
13 SIM Card & Cell Account Security


14 Privacy, Messaging, and Avoiding
State and Police Surveillance
15 Threat Modeling
(Privacy and surveillance edition)
15 Signal & Messaging
16 Social Media
16 Cameras and Microphones
16 Lock Screen
16 OTR
17 Tor Browser
17 Virtual Private Networks
17 PGP
17 Email Providers and Servers
18 Hard Drive Encryption
18 Credit Cards
18 Notes for Journalists
19 The Future
20 Log Off
21 Glossary of Hacking and Cyber Terms


21 Glossary of Hacking and Cyber Terms


3