Category Archives: infosec

Linux Security Distros Compared: Tails vs. Kali vs. Qubes

Linux Security Distros Compared: Tails vs. Kali vs. Qubes by Thorin Klosowski via lifehacker-logo

Are you looking for the safest version of Linux? The best for your tasks?

Ask yourself why do you seek a Linux operating system with high performance in terms of security and test one of those Linux OS proposed in the link above.

I think they are the best Linux distributions today …. or does anyone have any better suggestion? If so, please write a comment below! Thank you.

If you use TAILS you should test a bit of HEADS alchemy

If you use TAILS you are certainly interested to better know HEADS because Heads isn’t simply another Linux distribution, it merges physical hardening of particular hardware platforms and flash protection attributes with a Linux boot loader in ROM as well as custom Coreboot firmware.

30450989320_f6504cb662

The key factor in Heads is represented by its steady monitoring of the boot process that allows detecting if the firmware has been changed by malware.

If this first check certifies that all is unchanged, heads uses the TPM as a hardware key to decrypt the hard disk.

The certified integrity checking of the root filesystem is really effective against exploits but it doesn’t secure the system against each possible attack but it is able to effectively divert many types of attacks against the boot process and physical equipment that have usually been ignored in conventional setups, hopefully increasing the issue beyond what most attackers are willing to spend.

c3tv-bootstraping-a-slightly-more-secure-laptop

Link

Faking Your Death Online Is a Lot Harder Than It Used to Be by Roisin Kiberd via vice_motherboard_logo

“…But pseudocides are rarer in recent times. “Vanishing” oneself is more difficult; the world is simply too small a place now, connected as it is by social media and the surveillance it entails….”

“…Let’s say you are hiding in Japan, and a tourist takes a photo where you’re in the background,” he told me. “The photo is uploaded to social media and a week later, a cop uploads your photo into a facial recognition site like TinEye [a reverse-image search engine]. Boom—you’re busted, because TinEye will find your photo online…”

Link

Tor Users Might Soon Have a Way to Avoid Those Annoying CAPTCHAs by Joshua Kopstein via vice_motherboard_logo

“…a new repository on CloudFlare’s Github page shows that the company is developing an alternative method for anonymous users to access sites without having to repeatedly solve annoying CAPTCHA puzzles—something privacy advocates will likely see as a step in the right direction….”

“In essence, the protocol allows a user to solve a single CAPTCHA and in return learn a specified number of tokens that are blindly signed that can be used for redemption instead of witnessing CAPTCHA challenges in the future,”

 

 

Link

Your Smartphone Is Becoming An AI Supercomputer by Sean Captain via fastco-e911a1ecaff695c740670e41df436c86

“…Just as “the cloud” was becoming the answer to every “How does it work?” question, smartphones have started clawing back their independence, performing on their own tasks that used to require a tether to a server farm. The result is a more natural AI experience, without the annoying or creepy lag of an internet connection to a data center…

…AI will also drive convenience features. You might see virtual assistants that use the phone’s camera to recognize where you are, such as a specific street or the inside of a restaurant, and bring up relevant apps, says Rizzoli. And for once, such hyper-conveniences may not have the creep factor. If future AI doesn’t need the cloud, then the cloud doesn’t need your personal data…

…As artificial intelligence continues expanding across the tech world, it seems destined to grow on phones, too. Expectations are rising that gadgets will simply know what we want and what we mean…”

Link

Best Books on the Impact of Technology on Society by Narain Jashanmal, via medium.com 

…As technology moves from the realm of the visible to the invisible; embedded, pervasive computing that adds intelligence to even the most mundane objects and experiences — there will be an inevitable, ongoing conversation about the consequences, unintended or otherwise… The books on this list run the gamut, from unabashed enthusiasm for our coming robot overlords, to heartfelt expressions of anxiety about whether what we’re giving up is worth what we’re getting in return…”

Test your VPN through Terminal – Linux Tips

computer-VPN

Do you use a VPN to connect to Internet and increase your privacy? If you are one of the many you would be sure that the VPN you are paying is really working properly.

You can always use, via browser, one of those dedicated websites that check your Ip and, in some cases, test the real effectiveness of VPN and/or use Terminal.

But, for my experience, if you prefer to test your public IP without using the Terminal, the best tutorial for this specific task has been published by http://www.tecadmin.net.

Get Public IP using Linux Terminal

Recommended!… if you are looking for an extra test that you can manage directly from Terminal.