Last updated: January 17, 2016 at 20:17 pm
Technology is knocking down barriers like never before.
If you have been on the internet lately, you know there are reasons to be concerned about your privacy and security from our government and other evildoers. The most effective way to deal with this is to make mass surveillance of entire populations uneconomical.
A small effort can gain you significant security to thwart most problems. How much security, is up to you.
Rather than grovel and beg for governments and neighbors to respect our privacy, open source has given innovators the platform to create solution that put the power into our own hands, and this work is changing the playing field completely.
Let’s be clear; all security comes at a price of effort verses ease of use. You can attain rather strong protection with just a few simple actions, or you can attain virtually impenetrable protection if you want to put more effort into it. Then, of course, you could go down the hole of diminishing returns, where you just chase your tail for that last bit of excellence. Where you are comfortable is up to you.
We are embattled in a new arms race, and we can have the upper hand. We CAN beat them at their own game. We can also make their game irrelevant.
Here is how.
One of the main issues with our beloved internet is the same as our repulsive government. It is centralized. The internet could become the same corrupt monster if we don’t side step it now. Mesh networks may be a step in the right direction.
For now, however, here are some notes for being secure on the internet we have today.
A nice list of applications and services is at prism-break.org/
This is about “locking your doors” with a good key. DON’T LOSE YOUR KEY! Unfortunatly, if you really want to be secure, this is a topic you should be comfortable with. If you don’t care about locking your doors, good for you. You will have an easy time. Don’t complain though, when you get taken advantage of.
Check out this article about pass phrases. The site has lots of other great information also.
You can quicky and easily attain pretty solid protection for your browser by simply installing these FREE Add-ons.
HTTPS Everywhere: Install from the link. Encrypts your communications with many major websites, making your browsing more secure.
The following can be installed by going to Tools -> Add-ons. Use the search feature to find and then install the following:
- AdBlock Edge: Blocks annoying video ads on YouTube, Facebook ads, banners and much more.
- Ghostery: Protect your privacy. See who’s tracking your web browsing and block them.
- Self-Destructing Cookies: Cookies when you need them, not when others need them to track you – gets rid of a site’s cookies and LocalStorage as soon as you close its tabs. There is a wizard to help you set up which runs right after installation.
- NoScript Security Suite: The best security you can get in a web browser! Allow active content to run only from sites you trust.
- NoTrace: How to limit diffusion of personally identifiable information and protect user’s privacy against Web tracking and other dangerous privacy threats.
For a more advanced list, check out OWASP Mantra. It is a great browser security suite. I use the list of add-ons on the site to choose the ones I want.
A VPN is an inexpensive way to get the most protection while using the Internet.
vole.cc: is a decentralized social media system in development based on bittorrent and Ember.js which completely cuts the server out of the equation and allows users to build social media networks without exposing their personal information to “authorities” or data mining companies.
Diaspora Foundation: Diaspora is a nonprofit, user-owned, distributed social network that is based upon the free Diaspora software. Diaspora consists of a group of independently owned pods which interoperate to form the network.
Just using a VPN will increase you anonymity significantly, especially if you use a service which does not log your usage. However, some people may want or need even more.
Includes IM: Mumble, Jitsi
Includes IM: Mumble, Jitsi
When comparing cryptocurrencies to fiat money, the most notable difference is in how no group or individual may accelerate, stunt or in any other way significantly abuse the production of money. Instead, only a certain amount of cryptocurrency is produced by the entire cryptocurrency system collectively, at a rate which is bounded by a value both prior defined and publicly known.
These operating systems are not necessarily tested. At this time, this is just a listing. Use at your own risk.
- OWASP Mantra is a great browser security suite. I use the list of add-ons on the site to choose the ones I want.
- Offensive Security presents Kali Linux with Metasploit DiggnDeeper’s post on Kali Linux.
- Nagios: The Industry Standard In IT Infrastructure Monitoring. A how-to video
- Ettercap: Man in the middle (MiTM)
- UNIX / Linux: 10 Netstat Command Examples
- Five free network monitoring tools from TechRepublic article.
Bugtraq is a distribution based on GNU/Linux aimed at digital forensics, penetration testing, Malware Laboratories, and GSM Forensics. This distribution has a huge range of penetration, forensic and laboratory tools. Bugtraq is available with XFCE, Gnome and KDE based on Ubuntu, Debian and OpenSuse.
Parrot Security OS is an advanced operating system developed by Frozenbox Network and designed to perform security and penetration tests, do forensic analisys or act in anonimity.
BackBox is an Ubuntu-based Linux distribution penetration test and security assessment oriented providing a network and informatic systems analysis toolkit. BackBox desktop environment includes a minimal yet complete set of tools required for ethical hacking and security testing.
GnackTrack is an open and free project to merge penetration testing tools and the linux Gnome desktop. It is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu.
DEFT is a Live CD built on top of Xubuntu with tools for computer forensics and incident response. It’s a very light and fast live system created for the Computer Forensics specialists.
NodeZero Linux is reliable, stable, and powerful. Based on the industry leading Ubuntu linux distribution, NodeZero Linux takes all the stability and reliability that comes with Ubuntu’s Long Term Support model, and its power comes from the tools configured to live comfortably within the environment.
Pentoo is a security-focused livecd based on Gentoo. It’s basically a gentoo install with lots of customised tools, customised kernel, and much more.
Kali Linux is a Debian-derived Linux distribution designed for digital forensics and penetration testing. It is preinstalled with numerous penetration-testing programs, including nmap, Wireshark, John the Ripper and Aircrack-ng.
Sources and more.
Checkout the Crypto Party Handbook or the EFF’s Surveillance Self-Defense Project.
Just want some simple tips? Checkout EFF’s Top 12 Ways to Protect Your Online Privacy.