You are not logged in.
The Calyx Institute is a research, education and legal support group devoted to researching and implementing privacy technology and tools to promote free speech, free expression, civic engagement and privacy rights on the Internet.
The need for appropriate tools and programs and associated knowledge to provide anonymity and privacy online is evident in how quickly Internet activity is being integrated into civic and political life around the globe.
The Organization will continue to develop and improve technology to transform the way the telecommunications industry works in terms of cybersecurity, privacy and freedom of expression. This will be accomplished through research and development, legal advocacy and defense, and by distributing information and open source software as widely as possible for the benefit of the general public.
Offline
hey folks. i was thinking of writing a bash script to backup my bookmarks regularly across the network. any idea where the iceweasel/firefox bookmarks are kept? or how to do the whole thing? encrypted?
Offline
Why don't you just set up Sync in IceTurtle?
Offline
hey el_koraco
thats why i put my post in the privacy and security area, i dont want to send all my bookmarks and whatnot (mostly animal porn sites) up to someone elses server where they can look through their stuff and laugh at people having sex with rabbits. my bookmarks are a reflection of me and therefore private. i was hoping more for a solution that is simple (like using GPG and tar to encrypt and package my bookmarks and then send via SCP to another computer on my lan).
i figured someone has done this. i have started on a script and unless anyone gets to me first i suppose ill post it before too long.
thanks
Offline
mostly animal porn sites
That's surprisingly honest considering the creepiness level. I guess you'll have to figure it out, I don't wanna have nothing to do with rabbit orgies.
Offline
well thats not exactly what my bookmarks are, but you get the point.
Offline
'Everyone in US under virtual surveillance' - NSA whistleblower — RT
RT: Tell me about the most outrageous thing that you came across during your work at the NSA.
WB: The violations of the constitution and any number of laws that existed at the time. That was the part that I could not be associated with. That’s why I left. They were building social networks on who is communicating and with whom inside this country. So that the entire social network of everybody, of every US citizen was being compiled overtime. So, they are taking from one company alone roughly 320 million records a day. That’s probably accumulated probably close to 20 trillion over the years. The original program that we put together to handle this to be able to identify terrorists anywhere in the world and alert anyone that they were in jeopardy. We would have been able to do that by encrypting everybody’s communications except those, who were targets. So, in essence you would protect their identities and the information about them until you could develop probable cause, and once you showed your probable cause, then you could do a decrypt and target them. And we could do that and isolate those people all alone. It wasn’t a problem at all. There was no difficulty in that.
Offline
Possibly true, but have in mind RT stands for Russia Today and yeah
Offline
Possibly true, but have in mind RT stands for Russia Today and yeah
An excellent point. I understand that it is a good idea to take everything they say with a grain of salt
Offline
It is generally a good idea to take whatever anyone says with a pinch of salt, state and economic agendas are quite dominant in mass media.
Offline
The problem with quotes on the internet is you never know if they are genuine
On the original note, I just found DenyHosts that will watch your failed login attempts and add incessant IP addresses to your deny hosts file. I just put it in today after looking at /var/log/auth.log - Had like a few hundred attempts at my ssh at 4 am this morning. And I'm nobody!! Here's a link to a wiki page for it:
http://www.tomschaefer.org/wiki/index.p … _Denyhosts
Sometimes you run across a problem where regex is the best answer. Then you have two problems.
Offline
Freddythunder: setting a non-default port in /etc/ssh/sshd_config helps a lot too.
I use fail2ban.
Like many already said: i2p is very good.
Offline
Thank you all for contributing to and maintaining this topic.
As I have been reading through this thread I thought of a few things I'd like to mention:
Addons:
On the first page in the addon-section there are some addons which don't appear to be that trustworthy. In particular:
1) SSL-Blacklist doesn't seem to be available much longer.
2) Showip Some users over at mozilla.org suspect this addon to be spyware.
3) BrowserProtect The same with this one.
4) Hide-My-IP Seems to be commercial software. Only supported on OSX and Win. Also how does it work? Who collects the data? What do they use it for? Why bother wasting time, money and trust with this tool when you could be using TOR?
5) priv3 Although trustworthy, it's unnecessary when using Adblock with anti-tracking filters. (For more info on how to use Adblock see my Thread on security)
Clarification:
Does anyone know how http://time.is/ finds my exact hometown? When i lookup my ip on different services, the result is never my city. So.. why is time.is so exact? Does anyone know?
Yup. It uses your IP-address to locate you. Try using it with TOR and you will see the difference.
If you want to get rid of your useragent entirely, create a new String preference in about:config
general.useragent.override
and leave it blank.
I would strongly advise against this. Not using a user-agent lets you stick out like hell from the crowd of browsers out there. Go to panopticlick.eff.org to verify what I just wrote.
See the section on Firefox in my thread on security for a better configuration.
In the security thread I already mentioned twice in this short post O:) I go over a lot of stuff that hasn't been discussed here. So if you're interested just have a look. I will be updating that post regularly as soon as I think it needs updating. That could be because I have to refine/revise what I wrote there - or because someone pointed me to a better solution or another tool/config to use. What I want to get at is: there will be some change going on in that thread and you are heartily invited to contribute to it.
Maybe over time it becomes so comprehensive that I (or some volunteer) will host it as a separate website/blog to make the content available to a larger audience.
Thanks!
Last edited by sorcerer's_apprentice (2013-02-11 23:52:38)
Offline
^ Thanks, added a link to your thread in the first post!
tuna
sed 's/stress/relaxation/g'
Privacy & Security on #!
Offline
^ Thanks, added a link to your thread in the first post!
tuna
Thanks, tuna. I appreciate that.
Offline
Change the link for CookieSafe (Firefox add-on) to:
Offline
hey guys, where is Tails?
"Tails is a live DVD or live USB that aims at preserving your privacy and anonymity."
..but you can use it from VirtualBox ofc.
this is not a signature. definitely not.
Offline
Here is an interesting page that explains how to choose better, secure passwords. See the "How can I apply this to my daily life?" section.
Offline
This topic is all the more valuable given the revelations about the NSA/PRiSM/Boundless Informant nightmare.
Offline
Oh wow, this is fantastic! Just the sort of thing I was looking for! Much thanks to everyone who has contributed their knowledge and skill.
Offline
Now this is a great topic. Thanks to everyone.
Phear the Penguin.
I am not CrAzY. And I have a paper from the doctors to prove it!
Offline
encrypt emails in transit
use gpg with mutt check out archwiki mutt for setting up gpg and using encrypted saved passwords.
if you use public networks like cafe's,libraries,hotels,etc. or woried about sniffers why not encrypt those messeges with simple mutt config inputs. other clients are probably more self explanitory
set pgp_decode_command = "gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f"
set pgp_verify_command = "gpg --no-verbose --batch --output - --verify %s %f"
set pgp_decrypt_command = "gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
set pgp_sign_command = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command = "pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --e
set pgp_encrypt_sign_command = "pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %
set pgp_import_command = "gpg --no-verbose --import -v %f"
set pgp_export_command = "gpg --no-verbose --export --armor %r"
set pgp_verify_key_command = "gpg --no-verbose --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command = "gpg --no-verbose --batch --with-colons --list-keys %r"
set pgp_list_secring_command = "gpg --no-verbose --batch --with-colons --list-secret-keys %r"
set pgp_autosign = yes
set pgp_sign_as = 0x######## # to find your public key use gpg --list-keys
set pgp_replyencrypt = yes
set pgp_timeout = 1800
set pgp_good_sign = "^gpg: Good signature from"
the default server in debian gpg is a front for many servers so it will let your public key be known to the servers it pipes to.
for better privacy in that not putting your used keys on sites would entail giving them to the resipient by other means and editing the above.
Last edited by bleach (2013-09-28 08:40:18)
obstacles are only in your mind. how you deal with them is what "matters".
Offline
This topic is all the more valuable given the revelations about the NSA/PRiSM/Boundless Informant nightmare.
^ for those still not using HTTPS everywhere, make sure you add the 's', otherwise you're 's*' out of luck
https://prism-break.org/
Offline
According to the following article, NetworkManager stores wi-fi passwords in plain text by default. There are tips in the article for making your setup more secure, to include not using NetworkManager.
Linux User #586672
Come and Die -- Kyle Idleman
Offline
Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.
Server: acrobat