Author Topic: Internet Security Walk-Through v3.1  (Read 6682 times)

0 Members and 1 Guest are viewing this topic.

Offline ―λlτεrηιτγ-

  • Administrator
  • ↼Ȿ♄ꜻϻꜻηĭc⇀ ↽∆ƪc♄εϻĭst⇁
  • *****
  • Posts: 567
  • Karma: +4/-0
  • Gender: Male
  • Herbalism & Kambo
    • View Profile
    • Kambo.me
Internet Security Walk-Through v3.1
« on: August 25, 2015, 03:36:15 pm »
People seeking info on another forum inspired me to write a tutorial for internet security and privacy. Writing this consumed me for the past week and it turned into a mini Ebook. I am not an expert but have started taking a strong interest in the subject for the past couple years. I'd like to share the info with users of drug education/harm reduction communities as well as alternative medicine communities who might be want to incorporate these protocols. FYI, it is quite long.




Edit:

v1.1 Updated with some small revisions and a 'EXIF Data: "Geolocation"' Section.
v1.2 Small revisions, added a disclaimer, SSH tunneling, Public WiFi dangers, rewrote open-source router firmware section to include OpenWRT and LibreCMC.
v1.3 Small revisions and blocking webcam.
v1.4 Encrypting plaintext/passwords with a compressed archive (tar or zip).
v1.5 Added details on KeePassX for password storage and encryption. New software highlight: Demonsaw for anoymous p2p filesharing. Added details to downsides of VeraCrypt and why I recommend other ways for password encryption.
v1.6 Added Which phone apps to give permanent root access and KeePass encrypted passwords on phone.
v1.7 Added browser extensions for Chromium, Firefox and Firefox mobile. Extensions to block flash from automatically loading and playing on pages unless you click to play. This blocks flash exploits and ads. An extension to remove URL link referrer/redirect and takes you direct to destination. Remove the middle man and tracking. (e.g. Facebook tracks in that way). An extension to block Web RTC leakage. This is a bad vulnerability. Sites can use Web RTC to unmask your local IP behind anonymizing software like a VPN, SSH Tunnel, and Proxy! Removed Blur extension (unnecessary and closed source). Enhanced extension download URL links section.
v1.7.5 Setting TextSecure as default SMS messenger.
v1.7.6 Minor revision
v1.7.7 Saving KeePass password database in an encrypted zip on a personal USB drive.
v1.8 Bitcoin, Perfect Forward Secrecy (PFS), Wickr preferred to Telegram
v1.9 How to get Bitcoin, Email section rewritten (current email protocols leave much to be desired, link comparing and contrasting providers), Fix Url Links Redirect extension breaks some pages, difference between an unlocked and rooted phone.
v1.9.5 Ublock can simply be set on Firefox and Chromium to stop WebRTC leakage, How to block third-party cookies in Firefox, Cyanogen Mod's system profile triggers allow you to set your lock screen to go on when you leave the house and your car and to unlock when you get n your car or get home.
v1.9.6 mailvelope, added info to delete FB, & possible need to reactivate phone with service after new firmware/OS install.
v1.9.7 Note on opting out of Google sync: In CyanogenMod you can export and save your contacts list to storage, making it unnecessary to use Google for it.
v2.0 DNSCrypt instructions for Windows & Ubuntu, video tutorial for darknet markets, increase the cryptographic strength of your PGP key, encrypt your backup hard drive, Ephemeral Messaging, Choosing a Bitcoin wallet, Bitcoin Mixing, Tips.
v2.1 Cyanogenmod update cautions, esp. major version updates; bitcoin tumblers--replaced Bitcoin Fog recommendation with BitBlender and Grams Helix. BitcoinFog has a reputation for selective scamming; Netflix support for Chromium. Updates since 2.0 highlighted yellow.
v2.1.8 Added browser extensions and their links, Clyph encrypted web chat, Opera-dev now has free, built-in VPN, TextSecure and Redphone are now Signal, Signal desktop, Signal and Whatsapp info, minor improvements.
v2.1.9 Manjaro stable v. branch runs a couple of weeks behind arch repos which allows more testing leading to better system stability. Recommended: ProtonMail and it's forerunners. Typo edits.
v2.2 Many minor edits and improvements.
v2.2.6 Bitcoin ATMs, $40 open-sourceThink Penguin Routers with optional VPN service built-in, Clearing Google account history and ceasing logging.
v3.0 Entire re-write. Copperhead OS, Monero cryptocurrency, privnote self-destructing messages, temporary phone inbox, temporary email, Unsee self-destructing image upload service, Wire messenger.
v3.1 Added a front and back cover.

BTC: bc1qt4la8l8n9xdgy42g6pvpx4v2c8p6uzhjvw8wj5
« Last Edit: January 04, 2020, 09:31:50 am by ―λlτεrηιτγ- »
"There is a difference between
not remembering
and not dwelling upon.
I choose not to dwell upon the bad,
to me
it's kinda like being in a paradise
but staring at a nearby garbage dump instead.
You define your life by
where you direct your gaze."

Offline ―λlτεrηιτγ-

  • Administrator
  • ↼Ȿ♄ꜻϻꜻηĭc⇀ ↽∆ƪc♄εϻĭst⇁
  • *****
  • Posts: 567
  • Karma: +4/-0
  • Gender: Male
  • Herbalism & Kambo
    • View Profile
    • Kambo.me
Re: Internet Security Walk-Through v2.2
« Reply #1 on: April 06, 2016, 03:55:15 am »
Update coming soon but in the mean time:

Signal Desktop
Signal desktop is the new version of TextSecure and Red Phone.
Join the desktop beta!

https://whispersystems.org/blog/signal-desktop/

Sync encrypted messages and media across platforms (desktop, phone, etc.)


______________________________________________________________________________________________

RandomDNS makes DNS secure. It's based on DNSCrypt but we've added a bunch of new cool features. RandomDNS aims to improve the security, privacy and anonymity of DNSCrypt. It can randomize the server choice at runtime and can rotate it frequently.

Features of RandomDNS
-Randomize the provider at runtime
-se (-E)phemeral keys option
-Securely run DNSCrypt proxy by verifying its hash, copying it in /tmp dir with restricted permissions and launching it as "nobody" user (if reverse proxy is enabled)
-Watch the proxy process and relaunch it if it dies
-Can run multiple instances of DNSCrypt and load balance the traffic (EdgeDNS)
-Have in-memory caching of DNS requests along with Consistent Hashing (EdgeDNS)
-Can filter the server list by protocols, country and much more
-Rotate the server with a defined time (default: 10 minutes)
-Support DNSSEC (EdgeDNS)


https://github.com/pwnsdx/RandomDNS

When I figure this out, I will post how-to info.
« Last Edit: May 24, 2016, 07:23:43 pm by λlτεrηιτγ »
"There is a difference between
not remembering
and not dwelling upon.
I choose not to dwell upon the bad,
to me
it's kinda like being in a paradise
but staring at a nearby garbage dump instead.
You define your life by
where you direct your gaze."

Offline ―λlτεrηιτγ-

  • Administrator
  • ↼Ȿ♄ꜻϻꜻηĭc⇀ ↽∆ƪc♄εϻĭst⇁
  • *****
  • Posts: 567
  • Karma: +4/-0
  • Gender: Male
  • Herbalism & Kambo
    • View Profile
    • Kambo.me
Re: Internet Security Walk-Through v2.2
« Reply #2 on: May 19, 2016, 04:26:03 am »
Opera Becomes First Major Web Browser to Offer Free, Built-in VPN
http://www.metacompliance.com/blog/opera-becomes-first-major-web-browser-to-offer-free-built-in-vpn/

You have to use the developer version located here:
https://www.opera.com/developer?utm_medium=sm&utm_source=desktop_blog&utm_campaign=vpn-dev-launch%2F

You can also add these extensions:

https://addons.opera.com/.../google-analytics-opt-out-by.../

https://addons.opera.com/en/search/?query=https+everywhere

https://addons.opera.com/.../details/user-agent-switcher/...

Under Basic settings> Click "Block third-party cookies and site data".
Under Privacy & Security> click "Enable VPN".

Under Websites>Plug-ins> you can click "Click to play", if you want to control plug-ins like flash.

_____________________________________________________________________________________________________


Signal Desktop beta now publicly available.

https://chrome.google.com/webstore/detail/signal-private-messenger/bikioccmkafdpakkkcpdbppfkghcmihk
_____________________________________________________________________________________________________

Updates addended to downloadable document. v2.1.8
« Last Edit: May 24, 2016, 07:23:55 pm by λlτεrηιτγ »
"There is a difference between
not remembering
and not dwelling upon.
I choose not to dwell upon the bad,
to me
it's kinda like being in a paradise
but staring at a nearby garbage dump instead.
You define your life by
where you direct your gaze."

Offline ―λlτεrηιτγ-

  • Administrator
  • ↼Ȿ♄ꜻϻꜻηĭc⇀ ↽∆ƪc♄εϻĭst⇁
  • *****
  • Posts: 567
  • Karma: +4/-0
  • Gender: Male
  • Herbalism & Kambo
    • View Profile
    • Kambo.me
Re: Internet Security Walk-Through v2.2
« Reply #3 on: June 03, 2016, 10:03:14 am »
« Last Edit: June 03, 2016, 10:08:33 am by λlτεrηιτγ »
"There is a difference between
not remembering
and not dwelling upon.
I choose not to dwell upon the bad,
to me
it's kinda like being in a paradise
but staring at a nearby garbage dump instead.
You define your life by
where you direct your gaze."

Offline Renoxz

  • Called by the medicine(s)
  • *
  • Posts: 2
  • Karma: +1/-0
    • View Profile
Re: Internet Security Walk-Through v2.2
« Reply #4 on: July 25, 2016, 01:10:09 am »
The content of the material has a very good heart

Offline ―λlτεrηιτγ-

  • Administrator
  • ↼Ȿ♄ꜻϻꜻηĭc⇀ ↽∆ƪc♄εϻĭst⇁
  • *****
  • Posts: 567
  • Karma: +4/-0
  • Gender: Male
  • Herbalism & Kambo
    • View Profile
    • Kambo.me
Re: Internet Security Walk-Through v2.2
« Reply #5 on: July 25, 2016, 08:24:34 am »
Thank you for the compliment. :D

EDIT:
This is a dope little router that's only 40 bucks. It comes pre-installed with LibreCMC which is the only fully opensouce operating system and firmware for routers. You can also get a year subscription to their VPN for 100 bucks and they pre-configure the router so it's ready to just plugin and connect to. With that setup every device connected to your home network will route it's traffic through a vpn.

You can plug it into your router or replace your current router with it. either way, it secures you

https://www.thinkpenguin.com/gnu-linux/free-software-wireless-n-mini-vpn-router-tpe-r1100

This company has awesome hardware including fully open source linux laptops and pc minis with like gigs of ram, & etc.
« Last Edit: July 29, 2016, 05:48:32 am by λlτεrηιτγ »
"There is a difference between
not remembering
and not dwelling upon.
I choose not to dwell upon the bad,
to me
it's kinda like being in a paradise
but staring at a nearby garbage dump instead.
You define your life by
where you direct your gaze."

Offline ―λlτεrηιτγ-

  • Administrator
  • ↼Ȿ♄ꜻϻꜻηĭc⇀ ↽∆ƪc♄εϻĭst⇁
  • *****
  • Posts: 567
  • Karma: +4/-0
  • Gender: Male
  • Herbalism & Kambo
    • View Profile
    • Kambo.me
Re: Internet Security Walk-Through v3.1
« Reply #6 on: March 01, 2019, 05:31:26 am »
I need to update this but in the meantime.

Disable IPv6 on networks to prevent leakage.
See here: https://leaktest.online/ipv6/
The other leak tests: https://leaktest.online/

And since CyanogenMod has been discontinued.
I believe the most hardened free Android OS/rom is now Lineage OS.

Quote

It is the successor to the custom ROM CyanogenMod

•Trust - helps you keep your device secure and protects your privacy.
•Protected Apps – Hide specific apps behind a secure lock. This works hand-in-hand with Trebuchet; the respective app's icon is removed from the launcher, and "secure folders" can be created to easily access these applications. A pattern is used to lock these apps.
•PIN scramble – For users securing their device with a pin, the layout can be scrambled each time the device locks to make it difficult for people to figure out your lock by looking over your shoulder.

As LineageOS evolved through development, the Trust interface was introduced for all the LineageOS 15.1 builds released Wed 12 June 2018.[35] The interface can be found on supported devices under Security and Privacy tab under the Settings option, and enables the user to "get an overview of the status of core security features and explanations on how to act to make sure the device is secure and the data is private".
« Last Edit: March 01, 2019, 05:52:24 am by λlτεrηιτγ »
"There is a difference between
not remembering
and not dwelling upon.
I choose not to dwell upon the bad,
to me
it's kinda like being in a paradise
but staring at a nearby garbage dump instead.
You define your life by
where you direct your gaze."