INTRO
This post will serve as an ongoing errata page for my book. My plan is to continuously update this post as I discover errors, issues, addendum, or just things I’d like to follow up on.
PUBLIC USB CHARGE STATIONS
First I want to address potential criticism that despite my promise to avoid all FUD that there might a bit of that in the section on public USB charging stations. Even experts can fall for FUD if they trust the wrong source. I picked this up from the FBI which turned out to be a total FUD. I still stand by my recommendation that carrying a power pack is a wise idea for multiple reasons.
TRAVELING MAILBOX
In my book, I mentioned that as I was wrapping up my writing I discovered a new service I thought showed great potential and promised to update all my readers on that service. I am happy to report that they have not disappointed.
LastPass
I have moved away from LastPass and have been using 1Password for a few years now. I find them to be a superior product all around compared to LastPass. What caused me to move on had a lot to do with how they handled the communications around their numerous breaches a few years ago. If you don’t have a password manager or want to explore something better I strongly suggest you take a look at 1Password.
PROTONMAIL
In my book, I spoke to great length about what a great company Protonmail is and their zealous privacy advocacy. This is all still true, they offer one of the few, if not the only, fully encrypted email service. This means they have a true zero-knowledge system, where even if they were forced to disclose things about their customer they simply couldn’t because everything is encrypted by the customer’s encryption certificate and their password. This means that all they could hand over are encrypted emails, which would take years, if not hundreds of years, to break the encryption on.
What has changed is that I am no longer using Protonmail as my primary email provider. I bet you are asking why did I stop using them if they are so fabulous and what am I using now. The answer to that goes back to thread modeling as discussed in the book. For my threat model encryption and secrecy is not my top requirement. I am satisfied with good privacy practices, I do not require great privacy. They were also fairly pricy compared to other options and I was not willing to pay for the encryption premium. I still have my Protonmail account though and use it as a secondary email provider.
Now my primary provider is a company in Australia called FastMail. They seem to have a good privacy reputation from what I’ve been able to tell and their feature sets are on par, if not above par, with the leading email providers such as Gmail and Outlook. They do not offer any encryption so if that is a requirement for your threat model then stick with Protonmail. Also, Australia is a member of the Five Eye Intelligence consortium. So if nation-states are part of your threat model you might be better of with Protonmail as Switzerland is not known for cooperating with other nation-states and there is nothing that Protonmail can provide other than heavily encrypted files even if they did. I believe that FastMail would not willingly disclose anything about its customers, however, governments could compel them to do so.
PRIVACY.COM
This is a site I discovered after the book came out and if I had known about it while I was writing the book I would have included it. What they are is a site that allows you to create virtual pre-paid credit card funding directly from your bank account, either through direct withdrawal or via a link to your debit card.