Your Email is a Security Swiss Cheese
Posted: 9 April 2017 Filed under: Security | Tags: email, encryption, ProtonMail, security Leave a commentFriends, neighbors, fellow security-conscious Romans, lend me your ears…
If your privacy and security are important to you, you really need to check out ProtonMail. It’s an encrypted (highly secured) email service that offers you piece of mind when sending your personal messages to friends, family or business contacts across the Internet.
Most other email providers like Gmail, Hotmail, Yahoo, AOL, etc. are NOT secure. Your messages are sent “in the open”; meaning just about anyone with the knowhow can read your mail. There’s an old saying on the Internet, if you send unsecured emails, you need to consider that the same as sending those old style 3×5 post cards through the regular mail services (the postman who picks up and delivers to the mailbox outside your home).
If you’re serious about security when you’re on the Internet and during transmissions of personal or business emails, you should check out ProtonMail. It’s free! A little donation from time to time would help them maintain their quality service, though.
No. I’m not getting any favors from ProtonMail for sending you this. The more folks that I deal with via email who start using this secure service, the more secure our correspondence will be.
Something to think about, anyway…
Later,
~Eric
8″ Floppies?
Posted: 2 May 2014 Filed under: Hardware, Security | Tags: 8" floppies, nuclear arms, obsolete technologies, U.S. Military, Win XP Leave a comment60 Minutes shocked to find 8-inch floppies drive nuclear deterrent.
Hmm… I wonder if they’re still running Win XP, also? I’d be more than happy to loan them a USB ZIP100 drive and a few disks, if they really need it. π
Later…
~Eric
Some Cookies Are Yummy!
Posted: 31 March 2014 Filed under: Browsers, How-tos, Internet Privacy, Linux, Security | Tags: add-ons, browsing history, cookies, extensions, Firefox, Linux, preferences, privacy, security, site logins, site preferences 10 CommentsNot all browser cookies are bad for you. Many of those little tasty files that get dumped on your system serve a useful purpose.
I am somewhat security conscious when it comes to my surfing habits. I prefer as much privacy as I can manage without ruining my browsing experience. Achieving that can be problematic, though, these days. Yes, I run some privacy extensions like NoScript, Adblock+, Better Privacy, DoNotTrackMe, and FlashBlock in my Firefox browser, but there are also other habits that I have when it comes to using that browser.
I like to clean my snail trails (history, cookies, etc.) occasionally, but unless you have some special settings set in your FF browser Preferences, you’ll be inconvenienced each time you toss your cookies by the fact that you’ll lose your active logins on your favorite oft-visited sites; forcing you to login again after you’ve cleaned and tossed everything.
Of course, you can selectively delete cookies in FF, but if you’ve been surfing for a week or so before you decide to clean things up, you may have hundreds of cookies you’ll have to cull through carefully without tossing your important ones. It’s a pain in the rear end to have to do it that way. There used to be some FF extensions that would “protect” certain cookies for you, but most have not been updated to be functional in the newer versions of FF.
I’m going to show you how you can easily protect your important cookies and login data within FF’s Preferences without the need for another extension or any other mind-boggling procedures. Note: I’m using FF in Linux here. It’s probably similar in MS Windows, but you’ll have to investigate that for yourself.
The following mini-tutorial will be referring to this image:
Click to open in new tab/page
OK, here we go…
In order to be able to dump your cookies and other flotsam and jetsam out of your browser and still retain your favorite website logins and site preferences, you’ll need to do the following within your Firefox Preferences:
- Open your FF Preferences (Menu: File –> Edit –> Preferences) and choose the Privacy tab as shown in the image above.
- Within the Privacy area, use the pull-down menu under History to make the selection shown. This will open up the sub-menu of options just underneath.
- Set your History sub-menu options as you want them to be. NOTE: Where you see “Keep until:” under Accept Cookies, you MUST set FF to “I close Firefox” for this to work at all. If you manually remove all cookies using the Clear Recent History tool (Menu: History –> Clear Recent History) or the Remove All button in Cookie Viewer, then you really will REMOVE ALL COOKIES, even those of your Exceptions white-listed sites (see next step).
- Click on the Exceptions to the right of the box and another small window will pop up showing you what websites are white or black-listed in FF. You should add your favorite sites’ website address as shown in the image above and Allow them. This will allow those sites to retain cookies after automatic cleaning takes place. You can also block sites from installing cookies on your computer by adding the website address and clicking on Block.
If all went will, your Firefox should clean itself (when you close it) of the detritus of browsing andΒ yet retain the login and site preferences for your favorite sites that you had added to the Exceptions list as Allowed in Step 4 above. Now your FF browsing experience will be bit less bothersome for you. Your FF will start back up next time with a clean slate; ready for your day’s surfing pleasure, but you won’t have to re-login to all of your favorite sites. π
As always, comments, corrections, suggestions on better methods, etc. are always welcomed here.
Later…
~Eric
Image credit: screenshot of Firefox Preference setting windows (c) V. T. Eric Layton
Nothing Lasts Forever
Posted: 25 March 2014 Filed under: Linux, Microsoft Windows, Security | Tags: anti-malware, anti-virus, botnet, End of Life, End or Support, Internet, Linux, malware, Microsoft Windows, security, XP 3 CommentsThe time is rapidly approaching when Microsoft will permanently suspend all support for the Windows XP operating system.
Are we sad to see it go? Yes, in many cases, I’m sure that there will be a ground swell of angst and sadness that XP is going the way of the dodo. Unfortunately, life is all about change. 
We need to learn to embrace it. AHEM! Yeah… I sound like an Anthony Robbins commercial here. The facts of the matter are that many individuals and businesses around the world are still using that insecure Swiss cheese OS called Windows XP. Don’t get me wrong. I used to like XP a lot. I have a lot to be thankful to XP for, actually. It’s the NUMBER 1 MAIN REASONΒ I started using the GNU/Linux operating system as my primary OS on ALL of my production machines.
I often wonder why MS had such a difficult time keeping ahead of the hackers, spammers, and malware merchants for much of XP’s lifetime. Being the numero uno operating system in the world definitely painted a rather large target on XP’s back, I would think. Why would a pimple faced miscreant sitting in front of his Mac on the island of Zoobie-doobie target GNU/Linux’s 1% when it could hit ’em big by hacking MS Windows XP’s 95% or so worldwide users? Makes sense, right? So, poor MS had to fight a losing rear guard action as it retreated into its hardened (by 3rd party mercenaries) Norton and McAfee bunkers. It was what it was.
MS learned a few things from that experience, though. They implemented many innovations into their new Win 7 and Win 8 operating systems to lessen the need for the hired guns required by XP to guard the gates. Sorry about all the military analogies today. I seem to be stuck in that mode at the moment. But I digress… Er, where was I? Ah. Yes… I was saying that nothing lasts forever. I think that’s the point of this exercise, anyway.
Back in the day, when I was much enamored by the Win 98SE operating system, I dreaded the time when MS would stop supporting it. I swore to never go over to the dark side by submitting to the charms and siren songs of that new OS, Win XP. Myeh… I eventually broke my vow. Sure, XP was an improvement over 98SE, but it was also a seemingly unprepared plunge into the future by Microsoft. I’m not sure anyone could have predicted the explosion of naughty, nasty, downright malicious behavior that would soon raise it’s pimply faced, greasy haired head on the Internet.
The pizza and Jolt soda driven hordes descended on the cyber world like never before. Few operating systems or their overseers were prepared for the onslaught. There are exceptions to this… AHEM. Linux. π Anyway, don’t let me gloat too long on that. Moving on… So what now, security wise? Are we any better off in the world now that Win 7 
and 8 are in dominance and XP is falling by the wayside? Hmm… I’m not so sure. I understand that MS can’t continue to waste time and resources at their 100% for-profit capitalist corporation to continue to pour hot oil andΒ push back the scaling ladders of the invaders forever. Yet, there are millions of XP users worldwide who are going to become a giant botnet once open season is declared by MS in just a few weeks. Can you even imagine what fun those acne suffering residents of Zoobie-doobie and elsewhere are going to have spreading their mayhem?
If you’re running an XP system that has access to the Internet, I would strongly recommend pulling the plug on it. I’m being serious now, folks. Once Microsoft stops patching newly discovered vulnerabilities in the XP operating system, your ass will be swinging in the breeze out there. The 3rd party anti-virus and anti-malware companies will not be focusing on XP nor will they be able to keep up with the hordes that will be descending upon that OS after April of 2014. Do yourselves a favor. Move on to Win 7 or even 8. I can’t honestly recommend 8 to you at this time because I’ve read too much bad press about it and because I’ve never experienced it myself personally. I can, however, say that Win 7 is a very solid OS. If you can still find yourself a copy of it, that would be a wonderful alternative.
And I know many of you out there expect me to make the GNU/Linux suggestion. Well, that’s really the optimal alternative, as far as I’m concerned. However, it wouldn’t necessarily be that optimal for many Win XP users. Folks are often reluctant to change and unwilling to invest time into learning something new. They would have to do both to use GNU/Linux. Yes, there are relatively gentle transition distributions out there… Ubuntu, Linux Mint, Vector Linux, Zorin, Ultimate Edition, Mepis, etc., but there is still a pretty good learning curve for folks coming from XP. It is what it is. I’m not one to bullshit, so take that for what it’s worth.
End your XP dependence. You’ll be better for it.
Later…
~Eric
Image credits: all clipart images in this article courtesy of http://www.clker.com/
What the FUDD, c|net?
Posted: 26 July 2013 Filed under: Internet Privacy, Security | Tags: BIG Gov, CNET, FBI, NSA, passwords, privacy intrusion, surveillance state, verifiable sources, wing nuts 2 CommentsI expect more from c|net than this type of FUDD article.
Feds tell Web firms to turn over user account passwords
Secret demands mark escalation in Internet surveillance by the federal government through gaining access to user passwords, which are typically stored in encrypted form.
Sounds really intriguing, huh? Gets your attention? Maybe even pisses you off a bit? That’s what that headline does for me. Well, headlines do sell, or so they say. Unfortunately, if you actually read the entire article, as I did, you’ll find that there’s not much carne in the stew here, folks. π¦ What there is in that article is a lot of spokesperson would not say, declined to disclose, would not say, did not respond to queries, and my favorite, doesn’t recall.Β Now, does that sound to you like an article with some verified sources?
The article does have a lot of interesting technical baloney thrown in as padding, but the main gist, of the article based on what the headline says, kinda’ misses the mark. You know, if you’re some cheesy part-time blogger, like this Nocturnal Slacker fellow, you can get away with posting tripe like this. Your readers (all 19 of them) will love you for you who are, regardless. However, if you’re a big Internet site with a reputation to uphold, you shouldn’t be posting shit like this on your site. That’s just how I feel about it.
And if you don’t think this article was posted primarily to just stir shit, read the comments posted by the assorted whack-jobs, Obama-haters, tea-baggers, and other miscellaneous Michelle Bachman/Sarah Palin loving wing nuts.
Don’t be thinking that the ol’ Nocturnal Slacker is naive enough to think that BIG Gov is innocent of all charges here. The fact is that I’m very pissed off about the ever deepening intrusions perpetrated by this big, ugly, multi-limbed surveillance state monster. My point in writing this particular article is that if you’re going to be a real media outlet and not just play at being one online, then post articles with some real meat!
Hey, looky… at least one sane individual posted a salient comment to that article:
phocusplease 7 hours ago
SSH – Can It Be More Secure?
Posted: 17 March 2013 Filed under: Linux, Security, Slackware | Tags: remote login, RSA key pairs, security, Slackware Documentation Project, ssh 4 CommentsYes, actually. There are ways to harden your ssh implementations that aren’t that difficult.
An example of a simple way to increase your security when using ssh is to utilize the public/private key security rather than using your remote system’s user passwords to access the device. By using RSA key pairs, you can initialize your remote connection without ever having to expose your remote login’s password to the transfer at all.
I recently reinstalled my Slackware on my main machine (It’s a long story for another time, maybe). One of the things I needed to do was to reestablish my ssh connections between the machines on my local network. I settled in this evening to do just that. I ended up having some laughable issues while attempting to get all my machines talking again. We won’t go there, though.
In the process of troubleshooting my issues with ssh, I ran across Noryungi‘s excellent how-to at the Slackware Documentation Project. This place is really shaping up, no thanks to me. I haven’t been too active there because of my other pursuits lately. However, the dedicated folks who contribute there on a regular basis are kicking ass!
Anyway, using this tutorial, I easily set all three of my machines to use RSA public/private key exchange to initiate my ssh connections. I don’t have to sling my user’s passwords around the Ether anymore. Now anyone sniffing packets will only see the public RSA key bouncing around.
Ain’t technology wonderful? π
Well, back to studying tomorrow. My Cisco ICND2/CCNA examination is rapidly approaching. Gotta’ go study up on those pesky routing protocols before bedtime.
Later,
~Eric
Think Your Passwords Are Secure?
Posted: 11 December 2012 Filed under: Security | Tags: brute force, password hacking, security Leave a commentMaybe you should read this article from PhysOrg:
Password-cracking feats at blistering speed shown in Oslo
Researcher Jeremi Gosney, the founder and CEO of Stricture Consulting Group, was the thinker behind the hardware and software setup that could make 350 billion guesses per second. The result was that eight-character passwords could fall in hours; some passwords could be had in minutes.
Scary, huh?
Later…
~Eric
Nocturnal Slacker v1.0 
Well, that’s all for now.
Later…
~Eric