Your Email is a Security Swiss Cheese

Posted: 9 April 2017 | Author: | Filed under: Security | Tags: , , , | Leave a comment

Friends, neighbors, fellow security-conscious Romans, lend me your ears…

If your privacy and security are important to you, you really need to check out ProtonMail. It’s an encrypted (highly secured) email service that offers you piece of mind when sending your personal messages to friends, family or business contacts across the Internet.

Most other email providers like Gmail, Hotmail, Yahoo, AOL, etc. are NOT secure. Your messages are sent “in the open”; meaning just about anyone with the knowhow can read your mail. There’s an old saying on the Internet, if you send unsecured emails, you need to consider that the same as sending those old style 3×5 post cards through the regular mail services (the postman who picks up and delivers to the mailbox outside your home).

If you’re serious about security when you’re on the Internet and during transmissions of personal or business emails, you should check out ProtonMail. It’s free! A little donation from time to time would help them maintain their quality service, though.

No. I’m not getting any favors from ProtonMail for sending you this. The more folks that I deal with via email who start using this secure service, the more secure our correspondence will be.

Something to think about, anyway…

https://protonmail.com/about

Later,

~Eric

BASH – Shellshock

Posted: 28 September 2014 | Author: | Filed under: Linux | Tags: , , , , , , | Leave a comment

Some Cookies Are Yummy!

Posted: 31 March 2014 | Author: | Filed under: Browsers, How-tos, Internet Privacy, Linux, Security | Tags: , , , , , , , , , , | 10 Comments

Not all browser cookies are bad for you. Many of those little tasty files that get dumped on your system serve a useful purpose.

I am somewhat security conscious when it comes to my surfing habits. I prefer as much privacy as I can manage without ruining my browsing experience. Achieving that can be problematic, though, these days. Yes, I run some privacy extensions like NoScript, Adblock+, Better Privacy, DoNotTrackMe, and FlashBlock in my Firefox browser, but there are also other habits that I have when it comes to using that browser.

I like to clean my snail trails (history, cookies, etc.) occasionally, but unless you have some special settings set in your FF browser Preferences, you’ll be inconvenienced each time you toss your cookies by the fact that you’ll lose your active logins on your favorite oft-visited sites; forcing you to login again after you’ve cleaned and tossed everything.

Of course, you can selectively delete cookies in FF, but if you’ve been surfing for a week or so before you decide to clean things up, you may have hundreds of cookies you’ll have to cull through carefully without tossing your important ones. It’s a pain in the rear end to have to do it that way. There used to be some FF extensions that would “protect” certain cookies for you, but most have not been updated to be functional in the newer versions of FF.

I’m going to show you how you can easily protect your important cookies and login data within FF’s Preferences without the need for another extension or any other mind-boggling procedures. Note: I’m using FF in Linux here. It’s probably similar in MS Windows, but you’ll have to investigate that for yourself.

The following mini-tutorial will be referring to this image:

Click to open in new tab/page

OK, here we go…

In order to be able to dump your cookies and other flotsam and jetsam out of your browser and still retain your favorite website logins and site preferences, you’ll need to do the following within your Firefox Preferences:

  1. Open your FF Preferences (Menu: File –> Edit –> Preferences) and choose the Privacy tab as shown in the image above.
  2. Within the Privacy area, use the pull-down menu under History to make the selection shown. This will open up the sub-menu of options just underneath.
  3. Set your History sub-menu options as you want them to be. NOTE: Where you see “Keep until:” under Accept Cookies, you MUST set FF to “I close Firefox” for this to work at all. If you manually remove all cookies using the Clear Recent History tool (Menu: History –> Clear Recent History) or the Remove All button in Cookie Viewer, then you really will REMOVE ALL COOKIES, even those of your Exceptions white-listed sites (see next step).
  4. Click on the Exceptions to the right of the box and another small window will pop up showing you what websites are white or black-listed in FF. You should add your favorite sites’ website address as shown in the image above and Allow them. This will allow those sites to retain cookies after automatic cleaning takes place. You can also block sites from installing cookies on your computer by adding the website address and clicking on Block.

If all went will, your Firefox should clean itself (when you close it) of the detritus of browsing and  yet retain the login and site preferences for your favorite sites that you had added to the Exceptions list as Allowed in Step 4 above. Now your FF browsing experience will be bit less bothersome for you. Your FF will start back up next time with a clean slate; ready for your day’s surfing pleasure, but you won’t have to re-login to all of your favorite sites. 🙂

As always, comments, corrections, suggestions on better methods, etc. are always welcomed here.

Later…

~Eric

Image credit: screenshot of Firefox Preference setting windows (c) V. T. Eric Layton

 

Nothing Lasts Forever

Posted: 25 March 2014 | Author: | Filed under: Linux, Microsoft Windows, Security | Tags: , , , , , , , , , , | 3 Comments

The time is rapidly approaching when Microsoft will permanently suspend all support for the Windows XP operating system.

Are we sad to see it go? Yes, in many cases, I’m sure that there will be a ground swell of angst and sadness that XP is going the way of the dodo. Unfortunately, life is all about change. We need to learn to embrace it. AHEM! Yeah… I sound like an Anthony Robbins commercial here. The facts of the matter are that many individuals and businesses around the world are still using that insecure Swiss cheese OS called Windows XP. Don’t get me wrong. I used to like XP a lot. I have a lot to be thankful to XP for, actually. It’s the NUMBER 1 MAIN REASON I started using the GNU/Linux operating system as my primary OS on ALL of my production machines.

I often wonder why MS had such a difficult time keeping ahead of the hackers, spammers, and malware merchants for much of XP’s lifetime. Being the numero uno operating system in the world definitely painted a rather large target on XP’s back, I would think. Why would a pimple faced miscreant sitting in front of his Mac on the island of Zoobie-doobie target GNU/Linux’s 1% when it could hit ’em big by hacking MS Windows XP’s 95% or so worldwide users? Makes sense, right? So, poor MS had to fight a losing rear guard action as it retreated into its hardened (by 3rd party mercenaries) Norton and McAfee bunkers. It was what it was.

MS learned a few things from that experience, though. They implemented many innovations into their new Win 7 and Win 8 operating systems to lessen the need for the hired guns required by XP to guard the gates. Sorry about all the military analogies today. I seem to be stuck in that mode at the moment. But I digress… Er, where was I? Ah. Yes… I was saying that nothing lasts forever. I think that’s the point of this exercise, anyway.

Back in the day, when I was much enamored by the Win 98SE operating system, I dreaded the time when MS would stop supporting it. I swore to never go over to the dark side by submitting to the charms and siren songs of that new OS, Win XP. Myeh… I eventually broke my vow. Sure, XP was an improvement over 98SE, but it was also a seemingly unprepared plunge into the future by Microsoft. I’m not sure anyone could have predicted the explosion of naughty, nasty, downright malicious behavior that would soon raise it’s pimply faced, greasy haired head on the Internet.

The pizza and Jolt soda driven hordes descended on the cyber world like never before. Few operating systems or their overseers were prepared for the onslaught. There are exceptions to this… AHEM. Linux. 😉 Anyway, don’t let me gloat too long on that. Moving on… So what now, security wise? Are we any better off in the world now that Win 7 and 8 are in dominance and XP is falling by the wayside? Hmm… I’m not so sure. I understand that MS can’t continue to waste time and resources at their 100% for-profit capitalist corporation to continue to pour hot oil and  push back the scaling ladders of the invaders forever. Yet, there are millions of XP users worldwide who are going to become a giant botnet once open season is declared by MS in just a few weeks. Can you even imagine what fun those acne suffering residents of Zoobie-doobie and elsewhere are going to have spreading their mayhem?

If you’re running an XP system that has access to the Internet, I would strongly recommend pulling the plug on it. I’m being serious now, folks. Once Microsoft stops patching newly discovered vulnerabilities in the XP operating system, your ass will be swinging in the breeze out there. The 3rd party anti-virus and anti-malware companies will not be focusing on XP nor will they be able to keep up with the hordes that will be descending upon that OS after April of 2014. Do yourselves a favor. Move on to Win 7 or even 8. I can’t honestly recommend 8 to you at this time because I’ve read too much bad press about it and because I’ve never experienced it myself personally. I can, however, say that Win 7 is a very solid OS. If you can still find yourself a copy of it, that would be a wonderful alternative.

And I know many of you out there expect me to make the GNU/Linux suggestion. Well, that’s really the optimal alternative, as far as I’m concerned. However, it wouldn’t necessarily be that optimal for many Win XP users. Folks are often reluctant to change and unwilling to invest time into learning something new. They would have to do both to use GNU/Linux. Yes, there are relatively gentle transition distributions out there… Ubuntu, Linux Mint, Vector Linux, Zorin, Ultimate Edition, Mepis, etc., but there is still a pretty good learning curve for folks coming from XP. It is what it is. I’m not one to bullshit, so take that for what it’s worth.

End your XP dependence. You’ll be better for it.

Later…

~Eric

Image credits: all clipart images in this article courtesy of http://www.clker.com/

Microsoft One Drive and Office Online

Posted: 7 March 2014 | Author: | Filed under: Miscellaneous | Tags: , , , , , , | 7 Comments

Don’t be shocked now, but this hardcore Slackware Linux user does still have an MS Windows operating system (Win 7) installed on a partition on my main system and one on my office laptop.

I know some of you are highly disappointed to hear this, but fret not. The only reason I have Win 7 on my main system is for gaming. I don’t use it for anything else. Slackware is most definitely my daily production OS, but the PC games I play perform much better in Windows. It’s just easier for me to play them that way than in any kind of virtual environment. Also, I do need to stay up-to-date on MS Windows in order to be tech support for my family and friends whom I haven’t converted to GNU/Linux yet.

Anyway, tonight I was bored, so I consolidated my Microsoft login credentials and signed up for their One Drive (formerly Sky Drive). It was fast, simple, painless, etc., as is most Windows point n’ click world these days. One Drive is basically MS’s Dropbox; works pretty much the same way, too. However, you get more space (7 Gig) with your initial One Drive account than with Dropbox (2 Gig).

I like the way MS has tied in all their services and connected them to the unified login. I do have one complaint, though. They’re trying to improve security with two-step verification and all that, but they still do not allow passwords greater than 16 characters. What’s up with that MS?

The Office Online service is pretty neato, too. You just go there and start using Word or Excel or whatever. It’s all saved to your spiffy new One Drive account. Ah… computering in the clouds. Ain’t it all grand? Till it gets hacked or crashes. This stuff is all pretty cool, but I probably won’t ever use it for anything of any importance. I don’t trust cloud computing. I want my important data on my own SECURED GNU/Linux systems, not swingin’ out there in the breeze on someone’s cloud servers.

But that’s just me. Try Microsoft’s new One Drive and Office Online services. They are pretty COOL! 🙂

Later…

~Eric

The End of the Internet…

Posted: 21 August 2013 | Author: | Filed under: Internet Privacy | Tags: , , , , , , , | 2 Comments

… and quite possibly your own personal privacy? How has it come to this?

The truth is outing in small bits and pieces. It’s like a large sack of feces oozing from small rents in its skin. The Surveillance State is very reluctant to give up its game plan. Are people like Assange, Manning, Snowden, and others really the EVIL plotters and traitors that governments around the world are desperately trying to paint them up to be? As more and more of the reality of our current security/surveillance apparatus comes out in to the light of day for our shocked appraisal, can we see a pattern here? Are we being lied to by our governments? Nah… say it ain’t so, Joe. 😦

Of all tyrannies, a tyranny sincerely exercised for the good of its victims may be the most oppressive. It would be better to live under
robber barons than under omnipotent moral busybodies. The robber baron’s cruelty may sometimes sleep, his cupidity may at some point be
satiated; but those who torment us for our own good will torment us without end for they do so with the approval of their own conscience.

~ C. S. Lewis

A few days ago, Ladar Levison of Lavabit did a brave thing.

I have been forced to make a difficult decision: to become complicit in crimes against the American people or walk away from nearly ten years of hard work by shutting down Lavabit. After significant soul searching, I have decided to suspend operations.

Just today, Pamela Jones of Groklaw did a brave thing.

There is now no shield from forced exposure. Nothing in that parenthetical thought list is terrorism-related, but no one can feel protected enough from forced exposure any more to say anything the least bit like that to anyone in an email, particularly from the US out or to the US in, but really anywhere. You don’t expect a stranger to read your private communications to a friend. And once you know they can, what is there to say? Constricted and distracted. That’s it exactly. That’s how I feel.

Where will this end? These are brave people mentioned above who have decided to NOT participate in a system they can no longer believe in or recommend to others. This is one type of bravery. Another type is the Manning, Snowden, Assange type. And still another type will be those who will eventually rise up and do something about our world going so wrong on us. Really, folks… George Orwell didn’t have a clue. He had no idea of the technology that would be just around the corner to make his nightmarish world come true in spades!

Big Brother is watching you!

~ George Orwell

More seepage today from that sack of shit…

U.S. futuristic spy apparatus taking shape

The Department of Homeland Security recently tested a crowd-scanning project called the Biometric Optical Surveillance System — or BOSS — after two years of government-financed development. Although the system is not ready for use, researchers say they are making significant advances on it. That alarms privacy advocates, who say that now is the time for the government to establish oversight rules and limits on how it will someday be used.

This better alarm more than just privacy advocates. It better damned well alarm YOU, dear reader. Put down your damned mobile device for a couple minutes. Get off Facebook for just a moment or two. Pick up a newspaper. Visit an online news site. Pay attention to what’s happening to your world right now, this minute. Do it for yourself. Do it for your children and grandchildren. Be aware and BEWARE. Understand where this is leading. Comprehend its ramifications for you and those you love and the world as a whole.

All that is necessary for evil to succeed is for good men to do nothing.

~ Edmund Burke

You can take this article anyway you like. Consider it a rant by some tech geek or silly blogger. Peruse it and giggle uncontrollably. Or, even better… don’t just look, SEE. Wake up. Don’t just heave and push your way into the chute like the rest of the sheeple. The choice is yours… while you still have a choice.

Later…

~Eric

Further reading:

Think Your Passwords Are Secure?

Posted: 11 December 2012 | Author: | Filed under: Security | Tags: , , | Leave a comment

Maybe you should read this article from PhysOrg:

Password-cracking feats at blistering speed shown in Oslo

Researcher Jeremi Gosney, the founder and CEO of Stricture Consulting Group, was the thinker behind the hardware and software setup that could make 350 billion guesses per second. The result was that eight-character could fall in hours; some passwords could be had in minutes.

Scary, huh?

Later…

~Eric

The Latest Stallman Rant

Posted: 10 December 2012 | Author: | Filed under: Internet Privacy, Linux | Tags: , , , , , | 1 Comment

Always entertaining, often enlightening. Read what Mr. Stallman has to say about Ubuntu’s new relationship with Amazon.

Ubuntu Spyware: What to Do?

One of the major advantages of free software is that the community protects users from malicious software. Now Ubuntu GNU/Linux has become a counterexample. What should we do?

Read the rest of this interesting article HERE.

Later…

~Eric

SSH in Slackware and Arch – a Brief How-To

Posted: 19 March 2012 | Author: | Filed under: How-tos, Linux | Tags: , , , , , , , , , , | 7 Comments

Let me state right out in the open here that my knowledge of computer networking is lacking. I’m learning as I go.

For most of the time that I’ve used computers in my home, I’ve only had one machine going at any given time. This past year or so, though, I’ve gained two more systems in addition to my main system. I have a laptop and a shop system up and running now in my home. The laptop connects via Ethernet or wireless. The shop system, which is outside in my workshop connects via wireless 100% of the time.

The main OS on all three of these systems is Slackware. For a year now, I’ve been running back and forth with thumb drives or CDs filled with data to keep the systems in sync with one another; mostly my personal documents, music, and Mozilla settings. I occasionally use DropBox for small files, but it’s not feasible for larger stuff due to its slow upload speeds. Cloud computing ain’t never going to work as long as ISPs throttle upload speeds.

Anyway, back when I first got the laptop, I attempted to network it with my main system. I failed miserably and ended up throwing in the towel. You can read about that learning experience in this long thread at Scot’s Newsletter Forums – Bruno’s All Things Linux. You’ll see that quite a few folks there were trying to help the dunderhead get his systems linked. Well, I finally succeeded just this past weekend.

Sometimes, you just have to walk away from a problem for a while. 😉

Here’s how I finally got it working using ssh:

  • Make sure that the ssh daemon script is executable so that it will run at boot up

#chmod 755 /etc/rc.d/rc.sshd

  • Modify the /etc/ssh/ssh_config as follows:

#vim /etc/ssh/ssh_config

<snip>

#   Port 22
Port <your port choice>
#   Protocol 2,1
Protocol 2

</snip>

*Either un-comment and change the default port setting  and the protocol or just add a line, as I did.

The purpose of this is mostly for security. Changing the port to a port of your choosing enhances your “security by obscurity” chances. Changing to to Protocol 2 is recommended because there are security flaws in Protocol 1.

  • Modify the /etc/ssh/sshd_config as follows:

#vim /etc/ssh/sshd_config

<snip>

#Port 22
 Port <your port choice>
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# The default requires explicit activation of protocol 1
 Protocol 2

</snip>

  • In your router’s Administration preferences (see your manufacturer’s instructions) you’ll need to set each device you plan on linking via ssh to use a static IP address. This has nothing to do with your ISP’s assigned IP address. This is just your home network we’re talking about here. The router assigns an IP to each device hooked to it. In order to ssh into remote devices, you’ll need to make sure the devices’ IP addresses don’t change (static).

That’s it. You are ssh’ing now, my friends.

It’s easy to access your remote machines now.

$ssh <username>@<device name>

Password: *********

The username is the name of the account that your are trying to access on the remote machine, say your wife Debbie’s account. The device name is the domain name of the device. Like this…

#ssh debbie@debbieslaptop01

Once you enter the password for Debbie’s account, you’ll have access to her user data and privileges.

In Arch Linux, the process is a bit simpler. First, make sure you have openssh installed on your Arch system. You still need to modify the ssh_config and sshd_config files in a similar fashion, but the getting the daemon to run at boot time is as simple as just adding “ssh” to your /etc/rc.conf file.

You can manipulate (edit, backup, copy, etc.) files on remote machines using ssh from the command line. However, to transfer files between machines, you might want to use ftp. It’s easier, in my opinion. Personally, I use gFTP in Slackware and Arch for this. There are many other choices out there, though. Use whatever works best for you.

So, there you have it. My next project is going to be adding my printer to my router’s USB connection and setting it up as a network printer for all three of my systems.

Stay tuned…

~Eric

Further reading:

SSH Tutorial for Linux

SSH Best Practices

SSH Man Page

← Older Entries