Thread Model

Dolorum duis nibh, facilis, dui maecenas! Molestiae facere? Quasi fuga, pede nonummy irure eius, necessitatibus tempora cumque suscipit scelerisque ab!

1 What do you want to protect?

2 Who are your adversaries?

3 How likely do you think is it that this adversary will attack you?

not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely
not very likely
don't know
very likely

4 I want to protect

My adversaries are ...


A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts.

Governments mostly have multiple options to identify you on the internet. However, it is easier to track you for the country your based in than for foreign countries – but not impossible, of course. They have both technical and legal ways to get your online identity. Especially if your communication is sent over global networks – which is likely on the internet – foreign governments might have access to some of your data. Against that, you should encrypt your entire communication and use tools to anonymize yourself. They might also try to hack your accounts and search them for information about you. For that, you should secure all your accounts. There might also be legal instruments to get data from companies like internet service providers, email providers or social media platforms, especially if the services you use are based in the country your concerned about. This is something you should check, and maybe stop using the services entirely or at least certain kinds of the service that provide information about your identity.

An internet service provider (ISP) in almost every case knows who you are, because you made a contract with your personal and banking information for the purpose of billing. Also, if you use your ISP, it will know what you do online. It is not possible to exclude your ISP completely. However, there are ways to reduce the amount of information your ISP can gather about you. You should especially encrypt your communication and browsing behaviour, and use tools to anonymize yourself like VPN or Tor. In that case, your ISP only know that you use these tools, but not what you do concretely. (In some countries, the use of VPN and Tor can make you suspicious or is illegal. Keep that in mind.)

You should also have in mind that ISPs are mostly entirely regulated by governments and legally obliged to hand over data about their customers under a government request.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts.

Trolls on social media can be very annoying, as they have time, they are many and they can be very rude and aggressive. However, the regular troll mostly has limited technical capabilities to reveal your online identity – if you do your homework. For that, you shouldn't reveal your real identity on your own and secure your accounts carefully.

If you have reason to suspect that the trolls are part of a government campaign, however, you should consider the government itself as your adversary. A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. Trolls might be one part of an attack. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts.

There are multiple kinds of cyber criminals. What most of them have in common is their goal: money. Your online identity might be interesting for them if it allows them to earn money with that, e.g. with your banking credentials or with information from your email inbox. However, their capabilities are mostly not comparable to the ones of a state. You should be especially sure that you are well protected against phishing and your accounts are secure. You should also encrypt all your sensitive information and have regular backups of your data.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts.

You probably spend a lot of time with your bosses and colleagues. It's very likely that they know many things about you and may also have access to your personal information. For example, a colleague may have a look into your computer when you are away for a meeting, or your boss asks the IT department to get access to your email inbox. If you have reason to suspect that people at your workplace, you shouldn't do activities you want to hide from them when they are in the room. You shouldn't also do it with devices from your company, but with your personal ones. For a start, you should think about some basic behavioural rules, your account security and tools to anonymize your online behaviour.

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. In general, its technical capabilities should be less worrying than the ones of state. A terror organization is a group of (maybe many) individuals, which has no access to the internet infrastructure of a country or to the servers of companies. For a start, you should especially focus on phishing and account security. However, context matters a lot: If they could have physical access to your devices, you should encrypt all your data carefully and delete sensitive data that are not absolutely necessary. Also, if the terror organization controls parts of a country, they may also control a critical infrastructure like an internet service provider (ISP). In this situation, you should consider the terror organization as powerful as the state itself.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with sources, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. For protecting the content, you should especially care about encryption.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with sources, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. For protecting the content, you should especially care about encryption.

Governments mostly have multiple options to identify you on the internet. However, it is easier to track you for the country your based in than for foreign countries – but not impossible, of course. Foreign governments have both technical and legal ways to get the communication with your sources. Especially if your communication is sent over global networks – which is likely on the internet – foreign governments might have access to some of your data. Against that, you should encrypt your entire communication and use tools to anonymize yourself. They might also try to hack your accounts and search them for information about you. For that, you should secure all your accounts. There might also be legal instruments to get data from companies like internet service providers, email providers or social media platforms, especially if the services you use are based in the country your concerned about. This is something you should check, and maybe stop using the services entirely or at least certain kinds of the service that provide information about your communication with your sources.

An internet service provider (ISP) in almost every case knows who you are, because you made a contract with your personal and banking information for the purpose of billing. Also, if you use your ISP, it will know what you do online. It is not possible to exclude your ISP completely. However, there are ways to reduce the amount of information your ISP can gather about you. You should especially only use communication services with your sources that offer end-to-end encryption. Furthermore, you and your sources should as soon as possible use tools to anonymize yourself like VPN or Tor. In that case, your ISP only knows that you use these tools, but not what you do concretely. (In some countries, the use of VPN and Tor can make you suspicious or is illegal. Keep that in mind.)

You should also have in mind that ISPs are mostly entirely regulated by governments and legally obliged to hand over data about their customers under a government request.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with sources, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. For protecting the content, you should especially care about encryption.

Trolls on social media can be very annoying, as they have time, they are many and they can be very rude and aggressive. However, the regular troll mostly has limited technical capabilities to get access to your communication with sources – if you do your homework. For that, you should especially take care of your account security and prevent phishing. They might want to hack your accounts and get access to the communication.

If you have reason to suspect that the trolls are part of a government campaign, however, you should consider the government itself as your adversary. A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with sources, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. For protecting the content, you should especially care about encryption.

There are multiple kinds of cyber criminals. What most of them have in common is their goal: money. Your communication with sources is probably only interesting for them if it allows them to earn money with that, e.g. with your banking credentials or with information from your email inbox. However, their capabilities are mostly not comparable to the ones of a state. You should be especially sure that you are well protected against phishing and your accounts are secure. You should also encrypt all your sensitive information and have regular backups of your data.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with sources, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For a start, you should care about encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. For protecting the content, you should especially care about encryption.

You probably spend a lot of time with your bosses and colleagues. It's very likely that they know many things about you and may also have access to your personal information. For example, a colleague may have a look into your computer when you are away for a meeting, or your boss asks the IT department to get access to your email inbox. If you have reason to suspect that people at your workplace are your adversaries, you shouldn't do activities you want to hide from them when they are in the room. You shouldn't also do it with devices from your company, but with your personal ones. For a start, you should think about some basic behavioural rules, your account security and tools to encrypt your communication end-to-end, so that you exclude everybody from it

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. In general, its technical capabilities should be less worrying than the ones of state. A terror organization is a group of (maybe many) individuals, which has no access to the internet infrastructure of a country or to the servers of companies. For a start, you should especially focus on phishing and account security. However, context matters a lot: If they could have physical access to your devices, you should encrypt all your data carefully and delete sensitive data that are not absolutely necessary. Some chat apps offer a self-destruction of messages, which can be helpful in these situations. Also, if the terror organization controls parts of a country, they may also control a critical infrastructure like an internet service provider (ISP). In this situation, you should consider the terror organization as powerful as the state itself.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you and your sources should care about end-to-end encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. It could also help if you recommend secure ways how to contact you, for example on your website.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you and your sources should care about end-to-end encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. It could also help if you recommend secure ways how to contact you, for example on your website.

Governments mostly have multiple options to identify your sources on the internet. However, it is easier to track you and your source for the country your based in than for foreign countries – but not impossible, of course. Foreign governments have both technical and legal ways to get the communication with your sources. Especially if your communication is sent over global networks – which is likely on the internet – foreign governments might have access to some of your data. Against that, you and your source should encrypt your entire communication end-to-end and use tools to anonymize from the beginning. It could help if you recommend secure ways how to contact you, for example on your website. They might also try to hack your accounts and search them for information about you. For that, you should secure all your accounts.

There might also be legal instruments to get data from companies like internet service providers, email providers or social media platforms, especially if the services you use are based in the country your concerned about. This is something you should check, and maybe stop using the services entirely or at least certain kinds of the service that provide information about your communication with your sources.

An internet service provider (ISP) in almost every case knows who you are, because you made a contract with your personal and banking information for the purpose of billing. Also, if you use your ISP, it will know what you do online. It is not possible to exclude your ISP completely. The same is true for your source and his or her ISP. However, there are ways to reduce the amount of information an ISP can gather about you and your sources. You should especially only use communication services with your sources that offer end-to-end encryption. Furthermore, you and your sources should as soon as possible use tools to anonymize yourself like VPN or Tor. In that case, your ISPs only know that you use these tools, but not what you do concretely. (In some countries, the use of VPN and Tor can make you suspicious or is illegal. Keep that in mind.)

You should also have in mind that ISPs are mostly entirely regulated by governments and legally obliged to hand over data about their customers under a government request.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you and your sources should care about end-to-end encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. It could also help if you recommend secure ways how to contact you, for example on your website.

Trolls on social media can be very annoying, as they have time, they are many and they can be very rude and aggressive. However, the regular troll mostly has limited technical capabilities to get access to your communication with sources – if you do your homework. For that, you should especially take care of your account security and prevent phishing. They might want to hack your accounts and get access to the communication. You should also explain your sources how to do that, for example on your website.

If you have reason to suspect that the trolls are part of a government campaign, however, you should consider the government itself as your adversary. A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you and your sources should care about end-to-end encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. It could also help if you recommend secure ways how to contact you, for example on your website.

There are multiple kinds of cyber criminals. What most of them have in common is their goal: money. Your communication with sources and their identity is probably only interesting for them if it allows them to earn money with that, e.g. with your banking credentials or with information from your email inboxes. However, their capabilities are mostly not comparable to the ones of a state. You should be especially sure that you are well protected against phishing and your accounts are secure. You should also encrypt all your sensitive information and have regular backups of your data. Tell these Tipps also to your sources and give assistance if they need help.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms. It is an illusion to stay completely anonymous online against your government, but for specific needs there are solutions. For a start, you and your sources should care about end-to-end encryption of your entire communication, anonymizing your online behaviour and securing all your accounts. It could also help if you recommend secure ways how to contact you, for example on your website.

You probably spend a lot of time with your bosses and colleagues. It's very likely that they know many things about you and may also have access to your personal information. For example, a colleague may have a look into your computer when you are away for a meeting, or your boss asks the IT department to get access to your email inbox. If you have reason to suspect that people at your workplace are your adversaries, you shouldn't do activities you want to hide from them when they are in the room. You shouldn't also do it with devices from your company, but with your personal ones. For a start, you should think about some basic behavioural rules, your account security and tools to encrypt your communication end-to-end, so that you exclude everybody from it

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. In general, its technical capabilities should be less worrying than the ones of state. A terror organization is a group of (maybe many) individuals, which has no access to the internet infrastructure of a country or to the servers of companies. For a start, you should especially focus on phishing and account security. However, context matters a lot: If they could have physical access to your devices, you should encrypt all your data carefully and delete sensitive data that are not absolutely necessary. Also, if the terror organization controls parts of a country, they may also control a critical infrastructure like an internet service provider (ISP). In this situation, you should consider the terror organization as powerful as the state itself.

There are two ways to get data that are stored on your computer: with remote access or with physical access. Governments can do both. For remote access, they have to hack you computer and search your computer remotely. They mostly use a spyware for these actions. Without technical expertise, it is not possible to detect such a spyware on your computer. You should prevent yourself against it as best as possible, especially in identifying phishing links, only installing trusted software and never leave your devices unattended. For physical access, a government has to get hands on your devices, for example with a house search or while you are traveling. It's probably nothing you can avoid if the government wants to do it, but you can prepare for the worst case: use strong passwords for your devices, encrypt your hard disks and all sensitive data.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

There are two ways to get data that are stored on your computer: with remote access or with physical access. Governments can do both. For remote access, they have to hack you computer and search your computer remotely. They mostly use a spyware for these actions. Without technical expertise, it is not possible to detect such a spyware on your computer. You should prevent yourself against it as best as possible, especially in identifying phishing links, only installing trusted software and never leave your devices unattended. For physical access, a government has to get hands on your devices, for example with a house search or while you are traveling. It's probably nothing you can avoid if the government wants to do it, but you can prepare for the worst case: use strong passwords for your devices, encrypt your hard disks and all sensitive data.

There are two ways to get data that are stored on your computer: with remote access or with physical access. Foreign governments mostly can only have remote access, if you don't enter their territory. For remote access, they have to hack you computer and search your computer remotely. They mostly use a spyware for these actions. Without technical expertise, it is not possible to detect such a spyware on your computer. You should prevent yourself against it as best as possible, especially in identifying phishing links, only installing trusted software and never leave your devices unattended. For physical access, a foreign government would have to legally cooperate with the government of your country or search your devices illegally.

In general, your internet service provider (ISP) provides internet access for you. But it does not have access to the data stored on your computer, unless you send it insecurely over the internet.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider business people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

There are two ways to get data that are stored on your computer: with remote access or with physical access. Governments can do both. For remote access, they have to hack you computer and search your computer remotely. They mostly use a spyware for these actions. Without technical expertise, it is not possible to detect such a spyware on your computer. You should prevent yourself against it as best as possible, especially in identifying phishing links, only installing trusted software and never leave your devices unattended. For physical access, a government has to get hands on your devices, for example with a house search or while you are traveling. It's probably nothing you can avoid if the government wants to do it, but you can prepare for the worst case: use strong passwords for your devices, encrypt your hard disks and all sensitive data.

Trolls on social media in general do not have a chance to get access to the files on your computer. They would have to hack your computer, which is mostly not the DNA of an annoying troll on social media.

If you have reason to suspect that the trolls are part of a government campaign, however, you should consider the government itself as your adversary.

There are multiple kinds of cyber criminals. What most of them have in common is their goal: money. Data on your computer are interesting for you if they can make money out of it. For example, because they use your banking information to buy things or they encrypt your data with a so-called ransomware. You should be especially sure that you are well protected against phishing and your accounts are secure. You should also encrypt all your sensitive information and have regular backups of your data.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

There are two ways to get data that are stored on your computer: with remote access or with physical access. Governments can do both. For remote access, they have to hack you computer and search your computer remotely. They mostly use a spyware for these actions. Without technical expertise, it is not possible to detect such a spyware on your computer. You should prevent yourself against it as best as possible, especially in identifying phishing links, only installing trusted software and never leave your devices unattended. For physical access, a government has to get hands on your devices, for example with a house search or while you are traveling. It's probably nothing you can avoid if the government wants to do it, but you can prepare for the worst case: use strong passwords for your devices, encrypt your hard disks and all sensitive data.

You probably spend a lot of time with your bosses and colleagues. It's very likely that they know many things about you and may also have access to your personal information stored on your computer. For example, a colleague may have a look into your computer when you are away for a meeting, or your boss asks the IT department to get access to your data on the company's server. If you want to protect yourself against it, you should encrypt data on your computer, e.g. with VeraCrypt.

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. In general, its technical capabilities should be less worrying than the ones of state. A terror organization is a group of (maybe many) individuals, which has no access to the internet infrastructure of a country or to the servers of companies. The chance that they have remote access to the data on your computer is relatively little, but it's not impossible. For a start, you should especially focus on phishing, because they might want to install a spyware on your computer. However, context matters a lot: If they could have physical access to your devices, you should encrypt all your data carefully and delete sensitive data that are not absolutely necessary. In this situation, you should consider the terror organization as powerful as the state itself.

There are multiple ways where you leave traces – and a government can mostly be able to track you and find out your location. This is true for both your online and offline traces. It is an illusion to stay completely anoymously and hide all your life against a government. However, for specific use cases, there are tools to hide your identity and therefore also to hide your location online. For a start, you should inform yourself about anonymity tools and how to counter commercial surveillance. You should also have in mind that your smartphone is a tracking device and constantly reveals your exact location to your service provider. Governments mostly have access to these data of internet and telecommunication service providers.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

There are multiple ways where you leave traces – and a government can mostly be able to track you and find out your location. This is true for both your online and offline traces. It is an illusion to stay completely anoymously and hide all your life against a government. However, for specific use cases, there are tools to hide your identity and therefore also to hide your location online. For a start, you should inform yourself about anonymity tools and how to counter commercial surveillance. You should also have in mind that your smartphone is a tracking device and constantly reveals your exact location to your service provider. Governments mostly have access to these data of internet and telecommunication service providers.

Governments mostly have multiple options to get your location. However, it is easier to track you and your source for the country your based in than for foreign countries – but not impossible, of course. Foreign governments have both technical and legal ways to get the communication with your sources. Especially if your communication is sent over global networks – which is likely on the internet – foreign governments might have access to some of your data. For a start, you should inform yourself about anonymity tools and how to counter commercial surveillance. You should also have in mind that your smartphone is a tracking device and constantly reveals your exact location to your service provider. Governments mostly have access to these data of internet and telecommunication service providers in their juristiction. Foreign governments might get these information through a legal cooperation with the country your based in.

There are multiple ways where you leave online traces that may reveal your location – and your internet service provider (ISP) knows it by default. Firstly, your smartphone is a tracking device and constantly reveals your exact location to your telecommunication service provider if you are connected to its network. It has to know your location so that you can receive calls and have mobile internet. There is no way to use your ISP and hide your location data at the same time. Secondly, by connecting your computer to the internet of your ISP, your ISP most probably knows where you are at that moment. However, you might be able to hide against it what you do on the internet. For a start, you should learn more about anonymization tools.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider business people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

There are multiple ways where you leave traces – and a government can mostly be able to track you and find out your location. This is true for both your online and offline traces. It is an illusion to stay completely anoymously and hide all your life against a government. However, for specific use cases, there are tools to hide your identity and therefore also to hide your location online. For a start, you should inform yourself about anonymity tools and how to counter commercial surveillance. You should also have in mind that your smartphone is a tracking device and constantly reveals your exact location to your service provider. Governments mostly have access to these data of internet and telecommunication service providers.

Trolls shouldn't be able to get your current location, unless you reveal information on your own that might help them to find out. For example, adding location information to social media posts, pictures of yourself at well known places or contact information on your.website might help them find out. Take care that you don't reveal these information – and the 'regular online troll' propabably won't find out your location.

If you have reason to suspect that the trolls are part of a government campaign, however, you should consider the government itself as your adversary. There are multiple ways where you leave traces – and a government can mostly be able to track you and find out your location. This is true for both your online and offline traces. It is an illusion to stay completely anoymously and hide all your life against a government. However, for specific use cases, there are tools to hide your identity and therefore also to hide your location online. For a start, you should inform yourself about anonymity tools and how to counter commercial surveillance. You should also have in mind that your smartphone is a tracking device and constantly reveals your exact location to your service provider. Governments mostly have access to these data of internet and telecommunication service providers.

There are multiple kinds of cyber criminals. What most of them have in common is their goal: money. Your location is probably only interesting for them if it allows them to earn money with that. However, their capabilities are mostly not comparable to the ones of a state. You should be especially sure that you are well protected against phishing and your accounts are secure.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

There are multiple ways where you leave traces – and a government can mostly be able to track you and find out your location. This is true for both your online and offline traces. It is an illusion to stay completely anoymously and hide all your life against a government. However, for specific use cases, there are tools to hide your identity and therefore also to hide your location online. For a start, you should inform yourself about anonymity tools and how to counter commercial surveillance. You should also have in mind that your smartphone is a tracking device and constantly reveals your exact location to your service provider. Governments mostly have access to these data of internet and telecommunication service providers.

You probably spend a lot of time with your bosses and colleagues. Logically, they know your location when you are with them. However, if you are not with them, it should be hard for them to track your location online. Especially if you use your own devices and do not reveal information about your position, e.g. in a social media post. You should be careful, however, if you use devices that are controlled by your company. They might be able to trace you through that.

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. In general, its technical capabilities should be less worrying than the ones of state. A terror organization is a group of (maybe many) individuals, which has no access to the internet infrastructure of a country or to the servers of companies. The chance that they can track you live over the internet is relatively little, but it's not impossible. For a start, you should especially focus on phishing, because they might want to install a spyware on your computer. However, context matters a lot: If the terror organization controls parts of a country, they may also control a critical infrastructure like an internet service provider (ISP). In this situation, you should consider the terror organization as powerful as the state itself.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with your colleagues, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For example, there are anonymous mailboxes, in which correspondents could upload their material anonymously. Check out more information about anonymization tools. To secure the content of your communication, you should care about encryption.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with your colleagues, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For example, there are anonymous mailboxes, in which correspondents could upload their material anonymously. Check out more information about anonymization tools. To secure the content of your communication, you should care about encryption.

Governments mostly have multiple options to identify you on the internet. However, it is easier to track you for the country your based in than for foreign countries – but not impossible, of course. Foreign governments have both technical and legal ways to get the communication with your sources. Especially if your communication is sent over global networks – which is likely on the internet – foreign governments might have access to some of your data.

Against that, you should encrypt your entire communication and use tools to anonymize yourself. They might also try to hack your accounts and search them for information about you. For that, you should secure all your accounts. There might also be legal instruments to get data from companies like internet service providers, email providers or social media platforms, especially if the services you use are based in the country your concerned about. This is something you should check, and maybe stop using the services entirely or at least certain kinds of the service that provide information about your communication with your colleagues.

An internet service provider (ISP) in almost every case knows who you are, because you made a contract with your personal and banking information for the purpose of billing. Also, if you use your ISP, it will know what you do online. The same is true for the ISPs of your colleagues. It is not possible to exclude your ISP completely. However, there are ways to reduce the amount of information your ISP can gather about you and your colleagues. You should especially only use communication services with your colleagues that offer end-to-end encryption. Furthermore, you and your colleagues should use tools to anonymize yourself like VPN or Tor. In that case, your ISP only knows that you use these tools, but not what you do concretely. (In some countries, the use of VPN and Tor can make you suspicious or is illegal. Keep that in mind.)

You should also have in mind that ISPs are mostly entirely regulated by governments and legally obliged to hand over data about their customers under a government request.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with your colleagues, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For example, there are anonymous mailboxes, in which correspondents could upload their material anonymously. Check out more information about anonymization tools. To secure the content of your communication, you should care about encryption.

Trolls on social media can be very annoying, as they have time, they are many and they can be very rude and aggressive. However, the regular troll mostly has limited technical capabilities to get access to your communication with colleagues – if you do your homework. For that, you should especially take care of your account security and prevent phishing. They might want to hack your accounts and get access to the communication.

If you have reason to suspect that the trolls are part of a government campaign, however, you should consider the government itself as your adversary. A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with your colleagues, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For example, there are anonymous mailboxes, in which correspondents could upload their material anonymously. Check out more information about anonymization tools. To secure the content of your communication, you should care about encryption.

There are multiple kinds of cyber criminals. What most of them have in common is their goal: money. Your communication with colleagues is probably only interesting for them if it allows them to earn money with that, e.g. with your banking credentials or with information from your email inboxes. However, their capabilities are mostly not comparable to the ones of a state. You should be especially sure that you are well protected against phishing and your accounts are secure. You should also encrypt all your sensitive information and have regular backups of your data.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government mostly has multiple options to gather information about its citizens. It has technical powers to conduct surveillance through several authorities like the police and intelligence agencies, but also legal instruments to get data from companies like internet service providers, email providers or social media platforms.

When you want to secure your communication with your colleagues, you should first differentiate between the content of your communication and the metadata, meaning who communicates with whom when. It is very hart to stay completely anonymous online against your government and hide all metadata. But for specific needs there are solutions. For example, there are anonymous mailboxes, in which correspondents could upload their material anonymously. Check out more information about anonymization tools. To secure the content of your communication, you should care about encryption.

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. In general, its technical capabilities should be less worrying than the ones of a state. A terror organization is a group of (maybe many) individuals, which has no access to the internet infrastructure of a country or to the servers of companies. For a start, you should especially focus on phishing and account security. However, context matters a lot: If they could have physical access to your devices, you should encrypt all your data carefully and delete sensitive data that are not absolutely necessary. Some chat apps offer a self-destruction of messages, which can be helpful in these situations. Also, if the terror organization controls parts of a country, they may also control a critical infrastructure like an internet service provider (ISP). In this situation, you should consider the terror organization as powerful as the state itself.

A government has two options to get your passwords: It can steal it with a hacking attack or legally force a service to provide a password. To secure yourself against hacking, you should especially care about phising and account security such as a two-step verification. Against a legal cooperation, you cannot really protect yourself. Many platforms, however, provide information in their transparency reports about the amount they cooperate with specific countries and for which crimes the provide access for governments.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government has two options to get your passwords: It can steal it with a hacking attack or legally force a service to provide a password. To secure yourself against hacking, you should especially care about phising and account security such as a two-step verification. Against a legal cooperation, you cannot really protect yourself. Many platforms, however, provide information in their transparency reports about the amount they cooperate with specific countries and for which crimes the provide access for governments.

A foreign government has two options to get your passwords: It can steal it with a hacking attack or legally force the service to provide access to your account. To secure yourself against password hacking, you should especially care about phising and account security such as a two-step verification. Against a legal cooperation, you cannot really protect yourself. Many platforms, however, provide information in their transparency reports about the amount they cooperate with specific countries and for which crimes the provide access for governments.

In general, your internet service provider (ISP) does not have access to your passwords that are not necessary for services of the ISP itself

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government has two options to get your passwords: It can steal it with a hacking attack or legally force a service to provide a password. To secure yourself against hacking, you should especially care about phising and account security such as a two-step verification. Against a legal cooperation, you cannot really protect yourself. Many platforms, however, provide information in their transparency reports about the amount they cooperate with specific countries and for which crimes the provide access for governments.

Trolls are very interested to steal your passwords – but there are some easy ways to protect you against the majority of online trolls. You should especially care about phising and account security such as a two-step verification to prevent attacks like doxing.

There are multiple kinds of cyber criminals. What most of them have in common is their goal: money. Your passwords are extremely interesting for them if it allows them to earn money with that, e.g. with your banking credentials or with information from your email inbox. However, their capabilities are mostly not comparable to the ones of a state. You should be especially sure that you are well protected against phishing and your accounts are secure.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government has two options to get your passwords: It can steal it with a hacking attack or legally force a service to provide a password. To secure yourself against hacking, you should especially care about phising and account security such as a two-step verification. Against a legal cooperation, you cannot really protect yourself. Many platforms, however, provide information in their transparency reports about the amount they cooperate with specific countries and for which crimes the provide access for governments.

You probably spend a lot of time with your bosses and colleagues. It's very likely that they know many things about you and may also have access to your personal information. For example, a colleague may have a look into your computer when you are away for a meeting, or your boss asks the IT department to get access to your email inbox. If you have reason to suspect that people at your workplace are your adversaries, you shouldn't do activities you want to hide from them when they are in the room. You shouldn't also do it with devices from your company, but with your personal ones. For a start, you should think about some basic behavioural rules, your account security and tools to encrypt your communication end-to-end, so that you exclude everybody from it

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. Your passwords are extremely interesting for them as it allows them to hack your accounts. However, their capabilities are mostly not comparable to the ones of a state. You should be especially sure that you are well protected against phishing and your accounts are secure.

A government can weaken the security of your devices especially during travels. When you cross boarders, you are maybe asked to give access to your devices. More and more countries have laws that give them the right to force you to provide your PIN codes and passwords when you want to travel. You should check that in advance. The best thing you can do against it is travelling without sensitive data. A circumvention might be to store the data encrypted in a cloud with a well secured account. In general, you should have protection of your devices with strong passwords and store your data encrypted on your computer, e.g. with Vera Crypt.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government can weaken the security of your devices especially during travels. When you cross boarders, you are maybe asked to give access to your devices. More and more countries have laws that give them the right to force you to provide your PIN codes and passwords when you want to travel. You should check that in advance. The best thing you can do against it is travelling without sensitive data. A circumvention might be to store the data encrypted in a cloud with a well secured account. In general, you should have protection of your devices with strong passwords and store your data encrypted on your computer, e.g. with Vera Crypt.

There are two ways to weaken the security of your devices during travels: with remote access to it or with physical access. Foreign governments mostly can only have remote access, if you don't enter their territory. For remote access, they have to hack your computer and search your computer remotely. They mostly use a spyware for these actions. Without technical expertise, it is not possible for you to detect such a spyware on your computer. You should prevent yourself against it as best as possible, especially in identifying phishing links, only installing trusted software and never leaving your devices unattended. For physical access inside their country, they may have the right to do it, for example when you cross their border. More and more countries have laws that give them the right to force you to provide your PIN codes and passwords when you want to travel. You should check that in advance. The best thing you can do against it is travelling without sensitive data. A circumvention might be to store the data encrypted in a cloud with a well secured account. In general, you should have protection of your devices with strong passwords and store your data encrypted on your computer, e.g. with Vera Crypt. For physical access outside their territory, a foreign government would have to legally cooperate with the government of your country or search your devices illegally.

In general, your internet service provider (ISP) does not have the possibility to weaken the security of your devices during travels.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on. If you consider people with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government can weaken the security of your devices especially during travels. When you cross boarders, you are maybe asked to give access to your devices. More and more countries have laws that give them the right to force you to provide your PIN codes and passwords when you want to travel. You should check that in advance. The best thing you can do against it is travelling without sensitive data. A circumvention might be to store the data encrypted in a cloud with a well secured account. In general, you should have protection of your devices with strong passwords and store your data encrypted on your computer, e.g. with Vera Crypt.

In general, online trolls shouldn't be able to weaken the security of your devices during travels. As usual, you should protect your accounts against hacking and be able to identify phishing.

In general, cyber criminals do not have special capabilities during your travels to weaken the security of your devices.

Theoretically, only a limited, clearly defined number of people has access to sensitive data gathered through surveillance activities by the state. This should be guaranteed through safeguards and the rule of law. However, neither in a democracy nor in an autocratic country, this is something that journalist can rely on – especially if you live in a state in which religion is part of the political system. If you consider religious leaders with good connections to your government as your adversaries, you should consider the government itself as your adversary.

A government can weaken the security of your devices especially during travels. When you cross boarders, you are maybe asked to give access to your devices. More and more countries have laws that give them the right to force you to provide your PIN codes and passwords when you want to travel. You should check that in advance. The best thing you can do against it is travelling without sensitive data. A circumvention might be to store the data encrypted in a cloud with a well secured account. In general, you should have protection of your devices with strong passwords and store your data encrypted on your computer, e.g. with Vera Crypt.

If you do not travel with people from your workplace, it might be hard for them to weaken the security of your devices. However, if you use devices that are owned by your company and controlled by the IT department, they might have physisical access to your device and your accounts, and they might also be able to track you.

If you travel together with people from your workplace, they might have physical access to your devices. Make sure that you follow basic behavioural rules, especially always lock your screens. You should also encrypt sensitive information on your computer.

The potential of terror organizations threatening your digital security differs a lot from the kind and professionality of the organization. In general, its technical capabilities should be less worrying than the ones of state. A terror organization is a group of (maybe many) individuals, which has no access to the internet infrastructure of a country or to the servers of companies. The chance that they have remote access to your devices during travels is relatively little, but it's not impossible. For a start, you should especially focus on phishing, because they might want to install a spyware on your computer. However, context matters a lot: If they could have physical access to your devices, you should encrypt all your data carefully and delete sensitive data that are not absolutely necessary. In this situation, you should consider the terror organization as powerful as the state itself.

to top