SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#176 2012-11-17 05:12:35

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Tips for privacy and security

calyxinstitute.org/

calyxinstitute.org wrote:

The Calyx Institute is a research, education and legal support group devoted to researching and implementing privacy technology and tools to promote free speech, free expression, civic engagement and privacy rights on the Internet.

The need for appropriate tools and programs and associated knowledge to provide anonymity and privacy online is evident in how quickly Internet activity is being integrated into civic and political life around the globe.

The Organization will continue to develop and improve technology to transform the way the telecommunications industry works in terms of cybersecurity, privacy and freedom of expression. This will be accomplished through research and development, legal advocacy and defense, and by distributing information and open source software as widely as possible for the benefit of the general public.

Offline

Be excellent to each other!

#177 2012-11-22 21:32:13

damionhh
Member
Registered: 2012-10-11
Posts: 45

Re: Tips for privacy and security

hey folks.  i was thinking of writing a bash script to backup my bookmarks regularly across the network.  any idea where the iceweasel/firefox bookmarks are kept?  or how to do the whole thing?  encrypted?

Offline

#178 2012-11-22 22:00:50

el_koraco
#!/loony/bun
From: inside Ed
Registered: 2011-07-25
Posts: 4,749

Re: Tips for privacy and security

Why don't you just set up Sync in IceTurtle?

Offline

#179 2012-11-22 22:26:50

damionhh
Member
Registered: 2012-10-11
Posts: 45

Re: Tips for privacy and security

hey el_koraco
thats why i put my post in the privacy and security area, i dont want to send all my bookmarks and whatnot (mostly animal porn sites) up to someone elses server where they can look through their stuff and laugh at people having sex with rabbits.  my bookmarks are a reflection of me and therefore private.  i was hoping more for a solution that is simple (like using GPG and tar to encrypt and package my bookmarks and then send via SCP to another computer on my lan).

i figured someone has done this.  i have started on a script and unless anyone gets to me first i suppose ill post it before too long.
thanks

Offline

#180 2012-11-22 22:53:25

el_koraco
#!/loony/bun
From: inside Ed
Registered: 2011-07-25
Posts: 4,749

Re: Tips for privacy and security

damionhh wrote:

mostly animal porn sites

That's surprisingly honest considering the creepiness level. I guess you'll have to figure it out, I don't wanna have nothing to do with rabbit orgies.

Offline

#181 2012-11-22 23:08:05

damionhh
Member
Registered: 2012-10-11
Posts: 45

Re: Tips for privacy and security

well thats not exactly what my bookmarks are, but you get the point.

Offline

#182 2012-12-05 03:29:38

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Tips for privacy and security

'Everyone in US under virtual surveillance' - NSA whistleblower — RT

RT.com wrote:

RT: Tell me about the most outrageous thing that you came across during your work at the NSA.
WB: The violations of the constitution and any number of laws that existed at the time. That was the part that I could not be associated with. That’s why I left. They were building social networks on who is communicating and with whom inside this country. So that the entire social network of everybody, of every US citizen was being compiled overtime. So, they are taking from one company alone roughly 320 million records a day. That’s probably accumulated probably close to 20 trillion over the years. The original program that we put together to handle this to be able to identify terrorists anywhere in the world and alert anyone that they were in jeopardy. We would have been able to do that by encrypting everybody’s communications except those, who were targets. So, in essence you would protect their identities and the information about them until you could develop probable cause, and once you showed your probable cause, then you could do a decrypt and target them. And we could do that and isolate those people all alone. It wasn’t a problem at all. There was no difficulty in that.

Offline

#183 2012-12-06 15:44:53

bozhkov
#! Junkie
Registered: 2009-12-29
Posts: 464

Re: Tips for privacy and security

Possibly true, but have in mind RT stands for Russia Today and yeah smile

Offline

#184 2012-12-07 16:12:31

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Tips for privacy and security

bozhkov wrote:

Possibly true, but have in mind RT stands for Russia Today and yeah smile

An excellent point. I understand that it is a good idea to take everything they say with a grain of salt wink

Offline

#185 2012-12-10 15:36:22

bozhkov
#! Junkie
Registered: 2009-12-29
Posts: 464

Re: Tips for privacy and security

It is generally a good idea to take whatever anyone says with a pinch of salt, state and economic agendas are quite dominant in mass media.

Offline

#186 2012-12-10 21:45:11

Freddythunder
Member
Registered: 2012-11-21
Posts: 35

Re: Tips for privacy and security

Abraham Lincoln wrote:

The problem with quotes on the internet is you never know if they are genuine

On the original note, I just found DenyHosts that will watch your failed login attempts and add incessant IP addresses to your deny hosts file.  I just put it in today after looking at /var/log/auth.log - Had like a few hundred attempts at my ssh at 4 am this morning.  And I'm nobody!!  Here's a link to a wiki page for it:
http://www.tomschaefer.org/wiki/index.p … _Denyhosts


Sometimes you run across a problem where regex is the best answer.  Then you have two problems.

Offline

#187 2012-12-13 01:55:02

nadir
#! Member
Registered: 2010-10-20
Posts: 83

Re: Tips for privacy and security

Freddythunder: setting a non-default port in /etc/ssh/sshd_config helps a lot too.
I use fail2ban.

Like many already said: i2p is very good.

Offline

#188 2012-12-25 20:49:11

vlax
#! CrunchBanger
From: Alcatraz
Registered: 2012-12-25
Posts: 101
Website

Re: Tips for privacy and security

thank, all this topic is really useful


'_[=]_'

Offline

#189 2013-02-11 17:13:08

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: Tips for privacy and security

Thank you all for contributing to and maintaining this topic.

As I have been reading through this thread I thought of a few things I'd like to mention:

Addons:

On the first page in the addon-section there are some addons which don't appear to be that trustworthy. In particular:

1) SSL-Blacklist doesn't seem to be available much longer.

2) Showip Some users over at mozilla.org suspect this addon to be spyware.

3) BrowserProtect The same with this one.

4) Hide-My-IP Seems to be commercial software. Only supported on OSX and Win. Also how does it work? Who collects the data? What do they use it for? Why bother wasting time, money and trust with this tool when you could be using TOR?

5) priv3 Although trustworthy, it's unnecessary when using Adblock with anti-tracking filters. (For more info on how to use Adblock see my Thread on security)

Clarification:

tunafish wrote:

Does anyone know how http://time.is/ finds my exact hometown? When i lookup my ip on different services, the result is never my city. So.. why is time.is so exact? Does anyone know?

Yup. It uses your IP-address to locate you. Try using it with TOR and you will see the difference.

chaanakya wrote:

If you want to get rid of your useragent entirely, create a new String preference in about:config

general.useragent.override

and leave it blank.

I would strongly advise against this. Not using a user-agent lets you stick out like hell from the crowd of browsers out there. Go to panopticlick.eff.org to verify what I just wrote.

See the section on Firefox in my thread on security for a better configuration.

In the security thread I already mentioned twice in this short post O:) I go over a lot of stuff that hasn't been discussed here. So if you're interested just have a look. I will be updating that post regularly as soon as I think it needs updating. That could be because I have to refine/revise what I wrote there - or because someone pointed me to a better solution or another tool/config to use. What I want to get at is: there will be some change going on in that thread and you are heartily invited to contribute to it.

Maybe over time it becomes so comprehensive that I (or some volunteer) will host it as a separate website/blog to make the content available to a larger audience.

Thanks!

Last edited by sorcerer's_apprentice (2013-02-11 23:52:38)

Offline

#190 2013-02-17 15:40:01

Tunafish
#! Die Hard
From: the Netherlands
Registered: 2010-03-07
Posts: 1,204

Re: Tips for privacy and security

^ Thanks, added a link to your thread in the first post!

tuna


sed 's/stress/relaxation/g'
Privacy & Security on #!

Offline

#191 2013-02-17 15:52:57

sorcerer's_apprentice
#! Junkie
From: oblivion
Registered: 2013-02-09
Posts: 293

Re: Tips for privacy and security

Tunafish wrote:

^ Thanks, added a link to your thread in the first post!

tuna

Thanks, tuna. I appreciate that.

Offline

#192 2013-02-24 15:08:52

anonymous
The Mystery Member
Registered: 2008-11-29
Posts: 9,419

Re: Tips for privacy and security

Change the link for CookieSafe (Firefox add-on) to:

https://addons.mozilla.org/en-us/firefo … ompatible/

Offline

#193 2013-05-05 00:11:47

Near
Member
Registered: 2013-05-01
Posts: 22

Re: Tips for privacy and security

hey guys, where is Tails?

https://tails.boum.org/

"Tails is a live DVD or live USB that aims at preserving your privacy and anonymity."
..but you can use it from VirtualBox ofc.


this is not a signature. definitely not.

Offline

#194 2013-05-12 15:23:34

kbmonkey
#! Die Hard
From: South Africa
Registered: 2011-01-14
Posts: 879
Website

Re: Tips for privacy and security

Here is an interesting page that explains how to choose better, secure passwords. See the "How can I apply this to my daily life?" section.

https://www.grc.com/haystack.htm

Offline

#195 2013-06-22 17:55:54

antiv0rtex
#! Die Hard
From: Earth
Registered: 2012-10-05
Posts: 574

Re: Tips for privacy and security

This topic is all the more valuable given the revelations about the NSA/PRiSM/Boundless Informant nightmare.

http://prism-break.org/

Offline

#196 2013-06-23 05:39:26

mintaka
New Member
Registered: 2013-06-23
Posts: 2

Re: Tips for privacy and security

Oh wow, this is fantastic! Just the sort of thing I was looking for! Much thanks to everyone who has contributed their knowledge and skill.

Offline

#197 2013-09-28 01:58:16

jdmeaux1952
Member
From: Lafayette, LA USA
Registered: 2013-08-26
Posts: 49

Re: Tips for privacy and security

Now this is a great topic. Thanks to everyone.


Phear the Penguin.

tongue I am not CrAzY.  And I have a paper from the doctors to prove it!  tongue

Offline

#198 2013-09-28 08:21:11

bleach
#! Member
Registered: 2013-08-09
Posts: 98

Re: Tips for privacy and security

encrypt emails in transit

use gpg with mutt check out archwiki mutt for setting up gpg and using encrypted saved passwords.

if you use public networks like cafe's,libraries,hotels,etc. or woried about sniffers why not encrypt those messeges with simple mutt config inputs. other clients are probably more self explanitory

set pgp_decode_command = "gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f"
set pgp_verify_command = "gpg --no-verbose --batch --output - --verify %s %f" 
set pgp_decrypt_command = "gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
set pgp_sign_command = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f"
set pgp_clearsign_command = "gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f"
set pgp_encrypt_only_command = "pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --e
set pgp_encrypt_sign_command = "pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %
set pgp_import_command = "gpg --no-verbose --import -v %f"
set pgp_export_command = "gpg --no-verbose --export --armor %r"
set pgp_verify_key_command = "gpg --no-verbose --batch --fingerprint --check-sigs %r"
set pgp_list_pubring_command = "gpg --no-verbose --batch --with-colons --list-keys %r"
set pgp_list_secring_command = "gpg --no-verbose --batch --with-colons --list-secret-keys %r"
set pgp_autosign = yes
set pgp_sign_as = 0x######## # to find your public key use gpg --list-keys
set pgp_replyencrypt = yes
set pgp_timeout = 1800
set pgp_good_sign = "^gpg: Good signature from"

the default server in debian gpg is a front for many servers so it will let your public key be known to the servers it pipes to.

for better privacy in that not putting your used keys on sites would entail giving them to the resipient by other means and editing the above.

Last edited by bleach (2013-09-28 08:40:18)


obstacles are only in your mind. how you deal with them is what "matters".

Offline

#199 2013-11-24 22:22:30

njÖb
New Member
From: zz9zzA
Registered: 2013-11-24
Posts: 3

Re: Tips for privacy and security

antiv0rtex wrote:

This topic is all the more valuable given the revelations about the NSA/PRiSM/Boundless Informant nightmare.

http://prism-break.org/

^ for those still not using HTTPS everywhere, make sure you add the 's', otherwise you're 's*' out of luck wink
https://prism-break.org/

Offline

Help fund CrunchBang, donate to the project!

#200 2013-12-28 09:36:15

KrunchTime
#! Die Hard
From: not where I belong
Registered: 2012-03-02
Posts: 3,264

Re: Tips for privacy and security

According to the following article, NetworkManager stores wi-fi passwords in plain text by default.  There are tips in the article for making your setup more secure, to include not using NetworkManager.

http://news.softpedia.com/news/All-Linu … 2387.shtml


Linux User #586672
Come and Die -- Kyle Idleman

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.
Server: acrobat

Debian Logo