Category Archives: Security package for Ubuntu

If you use TAILS you should test a bit of HEADS alchemy

If you use TAILS you are certainly interested to better know HEADS because Heads isn’t simply another Linux distribution, it merges physical hardening of particular hardware platforms and flash protection attributes with a Linux boot loader in ROM as well as custom Coreboot firmware.

30450989320_f6504cb662

The key factor in Heads is represented by its steady monitoring of the boot process that allows detecting if the firmware has been changed by malware.

If this first check certifies that all is unchanged, heads uses the TPM as a hardware key to decrypt the hard disk.

The certified integrity checking of the root filesystem is really effective against exploits but it doesn’t secure the system against each possible attack but it is able to effectively divert many types of attacks against the boot process and physical equipment that have usually been ignored in conventional setups, hopefully increasing the issue beyond what most attackers are willing to spend.

c3tv-bootstraping-a-slightly-more-secure-laptop

Link

Faking Your Death Online Is a Lot Harder Than It Used to Be by Roisin Kiberd via vice_motherboard_logo

“…But pseudocides are rarer in recent times. “Vanishing” oneself is more difficult; the world is simply too small a place now, connected as it is by social media and the surveillance it entails….”

“…Let’s say you are hiding in Japan, and a tourist takes a photo where you’re in the background,” he told me. “The photo is uploaded to social media and a week later, a cop uploads your photo into a facial recognition site like TinEye [a reverse-image search engine]. Boom—you’re busted, because TinEye will find your photo online…”

Test your VPN through Terminal – Linux Tips

computer-VPN

Do you use a VPN to connect to Internet and increase your privacy? If you are one of the many you would be sure that the VPN you are paying is really working properly.

You can always use, via browser, one of those dedicated websites that check your Ip and, in some cases, test the real effectiveness of VPN and/or use Terminal.

But, for my experience, if you prefer to test your public IP without using the Terminal, the best tutorial for this specific task has been published by http://www.tecadmin.net.

Get Public IP using Linux Terminal

Recommended!… if you are looking for an extra test that you can manage directly from Terminal.

A small collection of Firefox add-ons you can install to improve (a little bit) your privacy – Part 4

What about a “simple” antivirus or a firewall for Firefox? No, a specific antivirus doesn’t exist as add-on for Firefox but an effective firewall could be installed anyway: Bluhell Firewall. Bluhell  is a good firewall with specific features that allow you to better protect your privacy. In fact this add-on is able to firewall all nasty web resources. The big difference between Bluhell and others similar add-ons is that you cannot configure anything. It simply tries to do all the works for you filtering web traffic through seven different predefined rules. At the beginning I was skeptic about the fact I couldn’t personally configure the firewall but when I tested it I was delighted by the results. It is really effective and light so my navigation remains smooth and fast but with a better level of protection for my privacy.

uBlock  is similar to Bluhell Firewall and seems (as for my personal experience) to be a little more “slow” than its concurrent Bluhell Firewall but has the indisputable advantage that you can decide many of its functions. Moreover it is a more classic web filter and you can really decide what to block in a detailed way. uBlock seems to need less hardware consumption  than AdBlocker. About its efficiency I can say that this add-on is not bad and it appears to be really efficient (perhaps more than other more famous…).

Priv8  is a specific sandbox that independently manage one or more Tab. It was built to allow multiple GMail accounts in the same browser when Goole didn’t allow it yet. Now is still a good add-on if we want to visit some websites that we consider not safe. The barrier between the sandboxed tab and the other parts of the browser is not impassable but it is not bad for some common risks. This because the attack will remain finite to that specific Tab preventing an instant reading of cookies and other sensible information you are managing (and, sic!…, temporary saving) in the other Tabs.

Don’t forget that at the end of your navigation it is useful to clean all the temporary files and the Flash LSO (local Shared Objects) stored by your browser.

If you decided to not protect yourself by Flash or if you needed to use it anyway it’s better to wipe common cookies and risky LSO and cookies.

To solve the LSO problem you have a couple of good choices. The first is Eraser , a specific add-on that clean your system everytime you want. It is simple to use and very fast so, for beginners, could improve privacy without headaches.

But if you want a better LSO protection Click&Clean  is what you are looking for. This add-on is really configurable and it allows to automatically run also external Shell Commands and/or applications as Bleach Bit and Computer Janitor. In few words it is effective, fast and user-friendly (highly recommended…).

For more general purposes, AskForSanitize  is another useful tool you may prefer if you want to select what to clean when Firefox is closing down. Usually I prefer to select all the possible options and I am not very interested to “save” anything of my navigation but the fact that a window appears after I close Firefox is a good reminder that my browser is really doing what I want. It could appear silly but the AskForSanitize window reassure me…  

If you want to add a little bit of more security I suggest to install Secure Sanitizer. This add-on has more or less the same features of AskForSanitize but it does the same using (if you choose this particular option) a “US DoD 5220″ three steps wiping. The result is, as obvious, a more accurate cleaning and consequently a more difficult data restoring if you lose possession of your PC and third parties want to know more about your navigation.

To be continued! …with other tips about Firefox add-ons….

A small collection of Firefox add-ons you can install to improve (a little bit) your privacy – Part 3

In the past two years the EFF – Electronic Frontier Foundation –  has released a couple of add-ons specifically created to improve your privacy when you are on Internet. Just for a quick information, EFF is a no-profit organization specialized in, but not only, the defense of  privacy and free expression in the contemporary “world of emerging technologies”.

The first interesting EFF add-on is HTTPS Everywhere  that forces websites to provide https webpages also when you (better: your browser) asked for a “common” HTTP connection to their servers. This happens automatically and you don’t usually notice any delay in your navigation speed. HTTPS Everywhere is a precious add-on because it improves the number of “secured” connections when you are on Internet and decreases the risks of information leaking during Internet navigation. Moreover, this add-on is available not only for Firefox but also for Chrome and Opera and, at the moment, could be considered as the most versatile and -simple to use- tool you have to increase the use of HTTPS navigation. HTTPS Everywhere could not be considered as a bullet-proof privacy guarantee but it really does what he promises. Last but not least, it seems that if you adhere to their anonymous data collection about usage, you can really help them to discover false HTTPS certification disseminated through the web and contribute to a safer Internet.

If you want a little bit of security and think that every website should allow to connect through HTTPS, you should try HTTP Nowhere  that blocks all the unencrypted web communications. As for what we described for Flash add-ons (Flash Control and Flash Block) the level of security depends on your choice. HTTP Nowhere is a more “radical” choice but, i any case, it can be widely configured to your needs. For example it allows you to create a whitelist of HTTP websites that will be never blocked. Moreover HTTP Nowhere can be configured to visit .onion websites through TOR.

In  any case don’t forget that HTTPS connections are only relatively more secure than HTTP ones. As someone commented, HTTPS effective privacy depends on Certificate Authorities reliability and seriousness and, in some cases, HTTPS could be easily eluded. 

The other EFF add-on I’d like to focus your attention is the Privacy Badger . This add-on has the same goals of the most famous Ad Block or Disconnect but it works in a different way. In fact its work is not based of previously compiled list the needs to be updated frequently but on an heuristic examination of trackers behaviour. It could be considered “democratic” because it doesn’t automatically ban trackers at all but analyzes if they are looking for your web habits or they are “just” recording your passage in a specific website. In this last case the Privacy Badger will observe their behaviour during your next navigation and, if they persist to track you, it will label them with different colours (green to yellow to red) blocking them when they become too intrusive for your privacy. The PRO is that also a brand new tracker -never reviewed by security advisers- will be promptly discovered and neutralized but the CONS is represented by the fact that also the most known intrusive tracker will be initially allowed to register your habits.

For its intrinsic features, the Privacy Badger could be added to Firefox as an extra barrier to fight trackers and improve your privacy. In the next post we will examine other add-ons that can be matched with it.