Tips for privacy and security

antiv0rtex · 2012-11-17 05:12:35

calyxinstitute.org wrote:

The Calyx Institute is a research, education and legal support group devoted to researching and implementing privacy technology and tools to promote free speech, free expression, civic engagement and privacy rights on the Internet.
The need for appropriate tools and programs and associated knowledge to provide anonymity and privacy online is evident in how quickly Internet activity is being integrated into civic and political life around the globe.
The Organization will continue to develop and improve technology to transform the way the telecommunications industry works in terms of cybersecurity, privacy and freedom of expression. This will be accomplished through research and development, legal advocacy and defense, and by distributing information and open source software as widely as possible for the benefit of the general public.

damionhh · 2012-11-22 21:32:13

hey folks. i was thinking of writing a bash script to backup my bookmarks regularly across the network. any idea where the iceweasel/firefox bookmarks are kept? or how to do the whole thing? encrypted?

el_koraco · 2012-11-22 22:00:50

Why don't you just set up Sync in IceTurtle?

damionhh · 2012-11-22 22:26:50

hey el_koraco
thats why i put my post in the privacy and security area, i dont want to send all my bookmarks and whatnot (mostly animal porn sites) up to someone elses server where they can look through their stuff and laugh at people having sex with rabbits. my bookmarks are a reflection of me and therefore private. i was hoping more for a solution that is simple (like using GPG and tar to encrypt and package my bookmarks and then send via SCP to another computer on my lan).

i figured someone has done this. i have started on a script and unless anyone gets to me first i suppose ill post it before too long.
thanks

el_koraco · 2012-11-22 22:53:25

damionhh wrote:

mostly animal porn sites

That's surprisingly honest considering the creepiness level. I guess you'll have to figure it out, I don't wanna have nothing to do with rabbit orgies.

damionhh · 2012-11-22 23:08:05

well thats not exactly what my bookmarks are, but you get the point.

antiv0rtex · 2012-12-05 03:29:38

'Everyone in US under virtual surveillance' - NSA whistleblower — RT

RT.com wrote:

RT: Tell me about the most outrageous thing that you came across during your work at the NSA.
WB: The violations of the constitution and any number of laws that existed at the time. That was the part that I could not be associated with. That’s why I left. They were building social networks on who is communicating and with whom inside this country. So that the entire social network of everybody, of every US citizen was being compiled overtime. So, they are taking from one company alone roughly 320 million records a day. That’s probably accumulated probably close to 20 trillion over the years. The original program that we put together to handle this to be able to identify terrorists anywhere in the world and alert anyone that they were in jeopardy. We would have been able to do that by encrypting everybody’s communications except those, who were targets. So, in essence you would protect their identities and the information about them until you could develop probable cause, and once you showed your probable cause, then you could do a decrypt and target them. And we could do that and isolate those people all alone. It wasn’t a problem at all. There was no difficulty in that.

bozhkov · 2012-12-06 15:44:53

Possibly true, but have in mind RT stands for Russia Today and yeah

antiv0rtex · 2012-12-07 16:12:31

bozhkov wrote:

Possibly true, but have in mind RT stands for Russia Today and yeah

An excellent point. I understand that it is a good idea to take everything they say with a grain of salt

bozhkov · 2012-12-10 15:36:22

It is generally a good idea to take whatever anyone says with a pinch of salt, state and economic agendas are quite dominant in mass media.

Freddythunder · 2012-12-10 21:45:11

Abraham Lincoln wrote:

The problem with quotes on the internet is you never know if they are genuine

On the original note, I just found DenyHosts that will watch your failed login attempts and add incessant IP addresses to your deny hosts file. I just put it in today after looking at /var/log/auth.log - Had like a few hundred attempts at my ssh at 4 am this morning. And I'm nobody!! Here's a link to a wiki page for it:
http://www.tomschaefer.org/wiki/index.p … _Denyhosts

nadir · 2012-12-13 01:55:02

Freddythunder: setting a non-default port in /etc/ssh/sshd_config helps a lot too.
I use fail2ban.

Like many already said: i2p is very good.

vlax · 2012-12-25 20:49:11

thank, all this topic is really useful

sorcerer's_apprentice · 2013-02-11 17:13:08

Thank you all for contributing to and maintaining this topic.

As I have been reading through this thread I thought of a few things I'd like to mention:

Addons:

On the first page in the addon-section there are some addons which don't appear to be that trustworthy. In particular:

1) SSL-Blacklist doesn't seem to be available much longer.

2) Showip Some users over at mozilla.org suspect this addon to be spyware.

3) BrowserProtect The same with this one.

4) Hide-My-IP Seems to be commercial software. Only supported on OSX and Win. Also how does it work? Who collects the data? What do they use it for? Why bother wasting time, money and trust with this tool when you could be using TOR?

5) priv3 Although trustworthy, it's unnecessary when using Adblock with anti-tracking filters. (For more info on how to use Adblock see my Thread on security)

Clarification:

tunafish wrote:

Does anyone know how http://time.is/ finds my exact hometown? When i lookup my ip on different services, the result is never my city. So.. why is time.is so exact? Does anyone know?

Yup. It uses your IP-address to locate you. Try using it with TOR and you will see the difference.

chaanakya wrote:

If you want to get rid of your useragent entirely, create a new String preference in about:config
general.useragent.override
and leave it blank.

I would strongly advise against this. Not using a user-agent lets you stick out like hell from the crowd of browsers out there. Go to panopticlick.eff.org to verify what I just wrote.

See the section on Firefox in my thread on security for a better configuration.

In the security thread I already mentioned twice in this short post O:) I go over a lot of stuff that hasn't been discussed here. So if you're interested just have a look. I will be updating that post regularly as soon as I think it needs updating. That could be because I have to refine/revise what I wrote there - or because someone pointed me to a better solution or another tool/config to use. What I want to get at is: there will be some change going on in that thread and you are heartily invited to contribute to it.

Maybe over time it becomes so comprehensive that I (or some volunteer) will host it as a separate website/blog to make the content available to a larger audience.

Thanks!

Last edited by sorcerer's_apprentice (2013-02-11 23:52:38)

Tunafish · 2013-02-17 15:40:01

^ Thanks, added a link to your thread in the first post!

tuna

sorcerer's_apprentice · 2013-02-17 15:52:57

Tunafish wrote:

^ Thanks, added a link to your thread in the first post!
tuna

Thanks, tuna. I appreciate that.

anonymous · 2013-02-24 15:08:52

Change the link for CookieSafe (Firefox add-on) to:

https://addons.mozilla.org/en-us/firefo … ompatible/

Near · 2013-05-05 00:11:47

hey guys, where is Tails?

https://tails.boum.org/

"Tails is a live DVD or live USB that aims at preserving your privacy and anonymity."
..but you can use it from VirtualBox ofc.

kbmonkey · 2013-05-12 15:23:34

Here is an interesting page that explains how to choose better, secure passwords. See the "How can I apply this to my daily life?" section.

https://www.grc.com/haystack.htm

antiv0rtex · 2013-06-22 17:55:54

This topic is all the more valuable given the revelations about the NSA/PRiSM/Boundless Informant nightmare.

http://prism-break.org/

mintaka · 2013-06-23 05:39:26

Oh wow, this is fantastic! Just the sort of thing I was looking for! Much thanks to everyone who has contributed their knowledge and skill.

jdmeaux1952 · 2013-09-28 01:58:16

Now this is a great topic. Thanks to everyone.

bleach · 2013-09-28 08:21:11

encrypt emails in transit

use gpg with mutt check out archwiki mutt for setting up gpg and using encrypted saved passwords.

if you use public networks like cafe's,libraries,hotels,etc. or woried about sniffers why not encrypt those messeges with simple mutt config inputs. other clients are probably more self explanitory

set pgp_decode_command = "gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f"
set pgp_verify_command = "gpg --no-verbose --batch --output - --verify %s %f" 
set pgp_decrypt_command = "gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
set pgp_sign_command = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command = "pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --e
set pgp_encrypt_sign_command = "pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %
set pgp_import_command = "gpg --no-verbose --import -v %f"
set pgp_export_command = "gpg --no-verbose --export --armor %r"
set pgp_verify_key_command = "gpg --no-verbose --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command = "gpg --no-verbose --batch --with-colons --list-keys %r"
set pgp_list_secring_command = "gpg --no-verbose --batch --with-colons --list-secret-keys %r"
set pgp_autosign = yes
set pgp_sign_as = 0x######## # to find your public key use gpg --list-keys
set pgp_replyencrypt = yes
set pgp_timeout = 1800
set pgp_good_sign = "^gpg: Good signature from"

the default server in debian gpg is a front for many servers so it will let your public key be known to the servers it pipes to.

for better privacy in that not putting your used keys on sites would entail giving them to the resipient by other means and editing the above.

Last edited by bleach (2013-09-28 08:40:18)

njÖb · 2013-11-24 22:22:30

antiv0rtex wrote:

This topic is all the more valuable given the revelations about the NSA/PRiSM/Boundless Informant nightmare.
http://prism-break.org/

^ for those still not using HTTPS everywhere, make sure you add the 's', otherwise you're 's*' out of luck
https://prism-break.org/

KrunchTime · 2013-12-28 09:36:15

According to the following article, NetworkManager stores wi-fi passwords in plain text by default. There are tips in the article for making your setup more secure, to include not using NetworkManager.

http://news.softpedia.com/news/All-Linu … 2387.shtml

CrunchBang Linux

SEARCH

#176 2012-11-17 05:12:35

Re: Tips for privacy and security

#177 2012-11-22 21:32:13

Re: Tips for privacy and security

#178 2012-11-22 22:00:50

Re: Tips for privacy and security

#179 2012-11-22 22:26:50

Re: Tips for privacy and security

#180 2012-11-22 22:53:25

Re: Tips for privacy and security

#181 2012-11-22 23:08:05

Re: Tips for privacy and security

#182 2012-12-05 03:29:38

Re: Tips for privacy and security

#183 2012-12-06 15:44:53

Re: Tips for privacy and security

#184 2012-12-07 16:12:31

Re: Tips for privacy and security

#185 2012-12-10 15:36:22

Re: Tips for privacy and security

#186 2012-12-10 21:45:11

Re: Tips for privacy and security

#187 2012-12-13 01:55:02

Re: Tips for privacy and security

#188 2012-12-25 20:49:11

Re: Tips for privacy and security

#189 2013-02-11 17:13:08

Re: Tips for privacy and security

#190 2013-02-17 15:40:01

Re: Tips for privacy and security

#191 2013-02-17 15:52:57

Re: Tips for privacy and security

#192 2013-02-24 15:08:52

Re: Tips for privacy and security

#193 2013-05-05 00:11:47

Re: Tips for privacy and security

#194 2013-05-12 15:23:34

Re: Tips for privacy and security

#195 2013-06-22 17:55:54

Re: Tips for privacy and security

#196 2013-06-23 05:39:26

Re: Tips for privacy and security

#197 2013-09-28 01:58:16

Re: Tips for privacy and security

#198 2013-09-28 08:21:11

Re: Tips for privacy and security

#199 2013-11-24 22:22:30

Re: Tips for privacy and security

#200 2013-12-28 09:36:15

Re: Tips for privacy and security

Board footer