Glossary

This Glossary is based on “Security in a Box” by Front Line Defenders and Tactical Technology Collective

Android: A Linux-based open-source operating system for smartphones and tablet devices, developed by Google.

.apk file: The file extension used for Android apps.

App Store: The default repository from which iPhone applications can be found and downloaded.

Bluetooth – A physical wireless communications standard for exchanging data over short distances from fixed and mobile devices. Bluetooth uses short wavelength radio transmissions.

Booting – The act of starting up a computer

CCleaner – A freeware tool that removes temporary files and potentially sensitive traces left on your hard drive by programs that you have used recently and by the Windows operating system itself

Circumvention – The act of bypassing Internet filters to access blocked websites and other Internet services

Cookie – A small file, saved on your computer by your browser, that can be used to store information for, or identify you to, a particular website

Digital signature – A way of using encryption to prove that a particular file or message was truly sent by the person who claims to have sent it

Encryption – A way of using clever mathematics to encrypt, or scramble, information so that it can only be decrypted and read by someone who has a particular piece of information, such as a password or an encryption key

F-Droid: An alternative repository from which many FOSS Android applications can be found and downloaded.

Fingerprint: In encryption, a fingerprint is a short series of characters which identified an encryption key. Verifying fingerprints helps to ensure that your communication with others is not being intercepted.

Firefox – A popular FOSS Web browser that provides an alternative to Microsoft Internet Explorer

Firewall – A tool that protects your computer from untrusted connections to or from local networks and the Internet

Free and Open Source Software (FOSS) – This family of software is available free of charge and has no legal restrictions to prevent a user from testing, sharing or modifying it

Freeware – Includes software that is free of charge but subject to legal or technical restrictions that prevent users from accessing the source code used to create it

Google Play: The default repository from which Android applications can be found and downloaded.

GNU/Linux – A FOSS operating system that provides an alternative to Microsoft Windows

Global Positioning System (GPS) – A space-based global navigation satellite system that provides location and time information in all weather, anywhere on or near the Earth, where there is an (almost) unobstructed sky view.

Hacker – In this context, a malicious computer criminal who may be trying to access your sensitive information or take control of your computer. Traditionally, anyone who interacts with technology in unexpected ways in order to learn more about it.

iPhone: A brand of smartphones designed by Apple which run the Apple’s iOS operating system.

IMSI Catcher: An international mobile subscriber identity-catcher, or IMSI-catcher, is a telephone eavesdropping device used for intercepting mobile phone traffic and tracking location data of mobile phone users. (From Wikipedia)

Internet Protocol address (IP address) – A unique identifier assigned to your computer when it is connected to the Internet

Internet Service Provider (ISP) – The company or organisation that provides your initial link to the Internet. The governments of many countries exert control over the Internet, using means such as filtering and surveillance, through the ISPs that operate in those countries.

Keylogger – A type of spyware that records which keys you have typed on your computer’s keyboard and sends this information to a third party. Keyloggers are frequently used to steal email and other passwords.

KeePassXC – A freeware secure password database

Malware – A general term for all malicious software, including viruses, spyware, trojans, and other such threats

Metadata – Information about information. Even encrypted communication can reveal certain things to an observer: who is talking to whom, where the participants are located, when they communicate, etc.

Mnemonic device – A simple trick that can help you remember complex passwords

Physical threat – In this context, any threat to your sensitive information that results from other people having direct physical access your computer hardware or from other physical risks, such as breakage, accidents or natural disasters

Phishing attack – An attempt to trick the target into opening an infected file, clicking a malicious link or submitting private information to an untrusted third party

Proxy – An intermediary service through which you can channel some or all of your Internet communication and that can be used to bypass Internet censorship. A proxy may be public, or you may need to log in with a username and password to access it. Only some proxies are secure, which means that they use encryption to protect the privacy of the information that passes between your computer and the Internet services to which you connect through the proxy.

Proprietary software – The opposite of Free and Open-Source Software (FOSS). These applications are usually commercial, but can also be freeware with restrictive license requirements.

Router – A piece of networking equipment through which computers connect to their local networks and through which various local networks access the Internet. Switches, gateways and hubs perform similar tasks, as do wireless access points for computers that are properly equipped to use them

Secure password database – A tool that can encrypt and store your passwords using a single master password

Secure Shell (SSH) – A technology that can be used to create an encrypted “tunnels,” from one device to another, over a local network or over the Internet.

Secure Sockets Layer (SSL) – The technology that permits you to maintain a secure, encrypted connection between your computer and some of the websites and Internet services that you visit. When you are connected to a website through SSL, the address of the website will begin with HTTPS rather than HTTP. SSL is the old name for TLS.

Security certificate – A way for secure websites and other Internet services to prove, using encryption, that they are who they claim to be. In order for your browser to accept a security certificate as valid, however, the service must pay for a digital signature from a trusted organization. Because this costs money that some service operators are unwilling or unable to spend, however, you will occasionally see a security certificate error even when visiting a valid service.

Security policy – A written document that describes how your organization can best protect itself from various threats, including a list of steps to be taken should certain security-related events take place

Security cable (Kensington lock) – A locking cable that can be used to secure a laptop or other piece of hardware, including external hard drives and some desktop computers, to a wall or a desk in order to prevent it from being physically removed

Server – A computer that remains on and connected to the Internet in order to provide some service, such as hosting a webpage or sending and receiving email, to other computers

SIM card – A small, removable card that can be inserted into a mobile phone in order to provide service with a particular mobile phone company. SIM cards can also store phone numbers and text messages.

Solid State Drive: A solid-state drive is a solid-state storage device that uses integrated circuit assemblies to store data persistently. SSDs do not have the physical spinning disks and movable read-write heads used in hard-disk drives or floppy disks. (From Wikipedia)

Source code – The underlying code, written by computer programmers, that allows software to be created. The source code for a given tool will reveal how it works and whether it may be insecure or malicious.

Tor – An anonymity tool that allows you to bypass Internet censorship and hide the websites and Internet services you vist from anyone who may be monitoring your Internet connection, while also disguising your own location from those websites

Transport Layer Security (TLS) – The technology that allows you to maintain a secure, encrypted connection between your computer and some of the websites and Internet services that you visit. When you are connected to a website through TLS, the address of the website will begin with HTTPS rather than HTTP. TLS is the new name for SSL.

VeraCrypt – A FOSS file encryption tool that allows you to store sensitive information securely

Virtual Private Network – Software that creates an encrypted “tunnel” from your device to a server run by your VPN service provider. Websites and other online services will receive your requests from — and return their responses to — the IP address of that server rather than your actual IP address.

Voice over IP (VoIP) – The technology that allows you to use the Internet for voice communication with other VoIP users and telephones

Wiping – The process of deleting information securely and permanently. Does not always work on solid state drive (SSD) storage devices and flash memory