Appendix B

Additional Resources for Chaper 1:

Books

• "Nothing to Hide: The False Tradeoff Between Privacy and Security" by Daniel J. Solove

  • Breaks down why the idea that privacy and security are at odds is a total myth.

• "The Age of Surveillance Capitalism" by Shoshana Zuboff

  • Looks at how big tech companies are cashing in on our personal info and what that means for us.

• "The Transparent Society" by David Brin

  • Talks about how being open and being watched affects us, and how to keep a balance between the two.

• "VPNs Illustrated: Tunnels, VPNs, and IPsec" by Jon C. Snader

  • A book covering the details of VPN technologies, including IPsec and other tunneling methods.

• "Network Security Essentials: Applications and Standards" by William Stallings

  • Covers the basics of network security, including important apps and standards to keep your data safe.

• "Applied Network Security Monitoring: Collection, Detection, and Analysis" by Chris Sanders and Jason Smith

  • A guide on how to monitor your network for security threats, from collecting data to spotting and analyzing attacks.

RFCs:

• RFC 2401 - Security Architecture for the Internet Protocol: Explains the basic framework for IPsec, a bunch of protocols to secure internet communications.

• RFC 4301 - Security Architecture for the Internet Protocol: An updated guide to IPsec, outlining how its security features work together.

• RFC 1826 - IP Authentication Header: Talks about the IP Authentication Header (AH) for ensuring data integrity and confirming where data comes from.

• RFC 4507 - Transport Layer Security (TLS) Session Resumption without Server-Side State: Describes how to resume TLS sessions efficiently, which is useful for VPNs that use TLS.

• RFC 4306 - IKEv2: The Internet Key Exchange Protocol Version 2: Details how IKEv2 handles key exchanges, a key part of many VPN setups.

Online Technical Guides and Resources:

• Cisco’s VPN Protocols Overview
  • Detailed information about VPN protocols and technologies.
• OpenVPN Protocol Documentation
  • In-depth details about the OpenVPN protocol, including its configuration and security features.
• WireGuard Protocol Documentation
  • Official documentation for WireGuard, a modern and efficient VPN protocol.
• TLS/SSL Protocol Overview
  • Information on the Transport Layer Security (TLS) protocol, which is used in some VPNs for encrypting data.

Additional Resources for Chapter 2:

BOOKS:

• Threat Modeling: Designing for Security by Adam Shostack

  • A guide to threat modeling.

• Security Engineering: A Guide to Building Dependable Distributed Systems by Ross Anderson

  • In-depth exploration of security engineering principles.

• The Art of Invisibility by Kevin Mitnick

  • Practical strategies for maintaining privacy online.

MANUALS & SPECIFICATIONS:

• OWASP Threat Modeling Cheat Sheet : Practical guidance for threat modeling.

Additional Resources for Chapter 3:

BOOKS:

• Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World by Bruce Schneier

  • Breaks down how big companies collect your data and why it matters.

• Privacy and Security for Online Accounts by David A. Chappell

  • How-to guide for protecting your online accounts and staying safe online.

RFCs:

• RFC 6750: The OAuth 2.0 Bearer Token Usage: Specification for secure token usage in OAuth 2.0.

• RFC 7231: Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content: Details HTTP and how to secure data transmission.

Additional Resources for Chapter 4:

MANUALS & SPECIFICATIONS:

1. PGP (Pretty Good Privacy) User Guide: Instructions for using PGP to encrypt email content.
2. Tor Project: Tor Browser Manual: Guide to using the Tor Browser.
3. ProtonMail Security Practices: Documentation on ProtonMail's encryption practices and security features.
4. Diceware Passphrase : Guide for generating secure Diceware passphrases.

Additional Resources for Chapter 5:

BOOKS:

• "Applied Cryptography: Protocols, Algorithms, and Source Code in C" by Bruce Schneier

  • All about cryptographic algorithms and how to use them in code.

• "Cryptography and Network Security: Principles and Practice" by William Stallings

  • Deep dive into how cryptographic techniques keep data secure.

• "Introduction to Modern Cryptography: Principles and Protocols" by Jonathan Katz and Yehuda Lindell

  • Basics of modern cryptography and how it works.

• "Practical Cryptography for Developers" by Svetlin Nakov

  • Guide for using cryptography in software development.

• "The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography" by Simon Singh

  • Cool history of cryptography and its development over time.

TECHNICAL DOCUMENTS:

1. NIST Special Publication 800-38A: Recommendation for Block Cipher Modes of Operation: Technical details on block cipher modes and their usage.
2. NIST Special Publication 800-175B: Guide to Secure Use of Cryptographic Algorithms: Practical guide on the secure use of cryptographic algorithms.

Additional Resources for Chapter 6:

BOOKS:

• "Privacy and Data Protection in the Age of Big Data" by L. Westin

  • Explores the intersection of privacy, data protection, and new technologies.

• "The Privacy Engineer's Manifesto" by Michelle Finneran Dennedy

  • Talks about privacy engineering and practices for protecting personal data.

MANUALS AND SPECIFICATIONS:

• RFC 6454: The "Same-Origin" Policy: Details the Same-Origin Policy which is critical in understanding web security and fingerprinting.
• Canvas Fingerprinting: Specification for HTML5, including Canvas API used in fingerprinting.
• WebGL Specification: Details of WebGL API used for fingerprinting.
• AudioContext API Specification: Describes the AudioContext API used in audio fingerprinting.
• Tor Project Documentation: Official documentation for Tor Browser and its features for anonymity.

Additional Resources for Chapter 7:

MANUALS AND SPECIFICATIONS:

• Tails User Manual: A guide for using the Tails operating system.

1. Whonix Documentation: Official documentation for setting up and using the Whonix OS.
2. Tor Project’s Tor Browser Manual: Guide to using the Tor Browser.
3. Qubes OS Documentation: Guide on using Qubes OS.