Glossary

Security Fundamentals

Authentication — The process of verifying that you are who you claim to be. Passwords, biometrics, and security keys are all authentication methods.

Encryption — Converting data into a coded format that can only be read with the correct key. End-to-end encryption means only the sender and recipient can read the data.

End-to-end encryption (E2EE) — Encryption where only the communicating users can read the messages. The service provider cannot access the content.

Firewall — A security system that monitors and controls network traffic based on predetermined rules. Your router has one built in.

Malware — Malicious software designed to damage, disrupt, or gain unauthorized access to a computer system. Includes viruses, ransomware, spyware, and trojans.

Two-factor authentication (2FA) — A security method requiring two different forms of verification: something you know (password) and something you have (phone, security key).

Multi-factor authentication (MFA) — Same concept as 2FA but may include additional factors like biometrics.

Passkey — A newer authentication technology that replaces passwords with cryptographic key pairs, authenticated through biometrics or device PIN. Phishing-resistant by design.

Password manager — Software that generates, stores, and auto-fills unique passwords for all your accounts, secured by one master password.

Zero-knowledge architecture — A design where the service provider cannot access your data, even if compelled. Used by some password managers and email providers.

Tracking and Surveillance

ACR (Automatic Content Recognition) — Technology in smart TVs that identifies what you're watching and reports it to data companies.

Browser fingerprinting — Identifying a user by their browser's unique combination of settings, fonts, screen resolution, and other technical details — without cookies.

Cookie — A small file stored on your device by a website. First-party cookies are from the site you visit; third-party cookies track you across multiple sites.

Data broker — A company that collects, aggregates, and sells personal information about individuals, often without their knowledge or consent.

IMSI catcher (Stingray) — A surveillance device that mimics a cell tower to intercept mobile phone communications. Used by law enforcement.

Metadata — Data about data. For a phone call: who called whom, when, for how long, from where. Often more revealing than content itself.

Pixel/tracking pixel — An invisible image embedded in emails or web pages that reports back when loaded, revealing your IP address, device, and behavior.

Telemetry — Data collected by software about how it's used. Often sent to the developer for "improvement" purposes.

Privacy Tools

DNS (Domain Name System) — The system that translates website names into IP addresses. Privacy-focused DNS providers (like Cloudflare's 1.1.1.1 or NextDNS) don't log your queries.

Tor — A network that routes your internet traffic through multiple servers to anonymize your browsing. Extremely private but slow.

VPN (Virtual Private Network) — A service that encrypts your internet traffic and masks your IP address by routing it through a remote server.

Ad blocker — Software that prevents advertisements and associated trackers from loading on web pages.

Identity and Financial

Credit freeze — A restriction placed on your credit report that prevents new accounts from being opened in your name. Free and reversible.

Credit monitoring — A service that alerts you to changes on your credit report, such as new accounts or inquiries.

Dark web — Encrypted portions of the internet not indexed by search engines, where stolen data is often bought and sold.

Fraud alert — A notice on your credit report that tells lenders to verify your identity before issuing credit. Less restrictive than a freeze.

Identity theft — When someone uses your personal information (name, SSN, financial data) to commit fraud — opening accounts, making purchases, or filing taxes in your name.

Phishing — A social engineering attack that impersonates a trusted entity to trick victims into revealing credentials or clicking malicious links.

SIM swapping — An attack where a criminal convinces your phone carrier to transfer your phone number to their device, intercepting your calls and SMS messages (including 2FA codes).

Social engineering — Manipulating people into divulging information or taking actions that compromise security. Phishing is the most common form.

Spear phishing — A targeted phishing attack customized for a specific individual using personal information gathered from research.

Legal and Regulatory

CCPA (California Consumer Privacy Act) — California law giving residents rights over their personal data: access, deletion, and opting out of data sales.

COPPA (Children's Online Privacy Protection Act) — US law restricting data collection from children under 13.

GDPR (General Data Protection Regulation) — European Union regulation providing strong data protection rights including the right to access, correct, and delete personal data.

Right to be forgotten — The principle (established in GDPR) that individuals can request deletion of personal data under certain circumstances.

Networking

IP address — A numerical label assigned to every device connected to the internet. Can reveal your approximate location and ISP.

IoT (Internet of Things) — The network of physical devices (smart speakers, cameras, thermostats) connected to the internet.

MAC address — A unique identifier assigned to a device's network interface. Can be used for tracking across Wi-Fi networks.

SSL/TLS — Encryption protocols that secure data transmitted between your browser and a website. Indicated by HTTPS and the padlock icon.

WPA2/WPA3 — Security protocols for Wi-Fi networks. WPA3 is the current standard; WPA2 is acceptable. WEP is obsolete and insecure.