shield.travel
A reference knowledge base on protecting identity, devices and data. Field-adapted. No marketing talk, no empty promises, no miracle products. What works, why, and in which threat model.
If your data is already public, security changes nature. Before protecting, understand what has already leaked.
5 articles
What identifies you online — email, MFA, phone number, OSINT profile — and how to reduce the surface.
4 articles
Laptop, phone, FIDO2 keys: what really works, what is performative, and how to harden without paralyzing yourself.
5 articles
VPN, public Wi-Fi, DNS, eSIM: what was sold to you vs what actually protects you.
4 articles
Borders, customs, hotels, return from mission: what to prepare before, what to manage during, what to clean up after.
5 articles
Travel policy, exposed executive, field incident response: security beyond the individual.
3 articles
Manifesto article
The privacy-first fiction serves everyone but you. Honest inventory of what's already out there, and the strategic shift toward assumed-exposure operational security.
DoH/DoT actually explained. Resolver choice: Quad9, NextDNS, Cloudflare, Mullvad, self-hosted. Local filtering without illusions.
Why HTTPS changed the game. Residual real threats (captive portals, ARP spoofing, evil twin). Pragmatic routine.
Technical mechanics. Smart purchases: Airalo, Saily, Holafly, local. Carrier tracking implications. Multi-eSIM as a strategy.
Threat model breakdown. What a VPN actually protects, what it doesn't touch. NordVPN, ExpressVPN, Mullvad, AirVPN, self-hosted: which serves what purpose.
FileVault, BitLocker, LUKS, dm-crypt: what each one protects, and when. Off and hot-state modes. Recovery keys: where, how, never in plaintext.
Shield is published by Privateer, a technical strategy consultancy for executives. Operational security is learned by operating. Not by reading copy-pasted checklists. This site documents practices observed and applied in the field — in M&A, litigation, geopolitical, and post-incident contexts.