Category Archives: security

HTML5 Privacy Matters: DOM Storage. How to solve it in only 2 steps!

Recently I started an online course that was created using the Google Course Builder.

After I registered the course I was not able to access it because “my browser didn’t allow the web storage” and, for this reason, a message informed me that it would be necessary to use a up-to-date browser as Chrome or Firefox.

The only problem is that I always use Firefox. Obviously a “particular” version of Firefox where I also added a bunch of different add-ons to enhance the privacy protection level of my navigation and, for this reason, the Google course was not available for me.

Normally I would have decided to quit the course because I prefer not to modify my Firefox configuration after I spent so much time searching the best add-ons to preserve a minimum of privacy.  But, in this case, I really wanted to attend the course and so I decided to manually operate on the Firefox configuration to “solve” the problem and allow Google to keep all the information it would have considered as essential.

This is the list of what I did:

– open Firefox and type:

about:config

in the address bar.

– search for:

dom.storage.enabled

and change its configuration from “false” to “true” double-clicking on it.

After this fast change in the Firefox’s configuration menu I was able to attend the Google course but….. I am conscious that my privacy is a little bit less protected because now Google can store up to 5 MB of content on my browser. In fact, before HTML 5 we were used to “cookies” and we were able to “manage” (better: erase) them also if, as the LSO Flash cookies, they were more persistent than usual. Moreover in the old html times, the space available for cookies on your local browser was 4 KB (yes… KB) but now, in the Html 5 era, a single website can easily manage and permanently store till 5 MB on your browser. And this is the reason why I decided to protect my privacy disabling the DOM Storage on Firefox and this is also the reason because I will disable DOM Storage as soon as I complete the Google course…
DOM STORAGE
If you are not a simple user but you prefer to directly and consciously operate on the Firefox configuration to improve your privacy level, you would read this interesting post by BestVPN.
————-

References:

Configure OpenDNS on your Ubuntu Computer through DDclient in just 6 steps – Tutorial

1 – Why should I change DNS? 
You “use” them in any moment, every time you are in front of a computer but usually you don’t consider to directly manage or change them because you think that it is not worthy to do anything with them. 
On the contrary, you know that many different online companies offer dedicated DNS addresses you can use to substitute the default DNS addresses provided by your ISP.
So, at this point, your main question is “Why should I change DNS on my route or my computer”?
For example, for one or more of these different reasons:
– to have a chance of a possible increasing of speed and reliability when you surf Internet; 
– if you want to delegate to a third “professional” part some security tasks (e.g. third party security filtering to protect yourself against phishing or viruses);
acces websites that are normally geoblocked by commercial policies/agreements or censorship imposed by Governments;
parental monitoring if you prefer to have a rough idea of what websites your children visit or if you whant to filter some specific contenents.
2 – Choose a reliable DNS provider
If you decide that you want to try a different DNS provider you need to choose a reliable one. A quick search on Internet will help you to find the most appropriate DNS Provider for your needs.
In this specific case we are examining how to configure the DNS from OpenDNS.com so, if you want to test it, you have to sign up for a free account on opendns.com or simply copy the DNS addresses you find in the bottom right of their homepage or sign up for a OpenDNS.com free account. In the last case, you have the possibility of monitoring your traffic in a professional statistical way and probably you will satisfy one or more of the reasons that may explain your choice to use different DNS. 
3 – Install DNS from OpenDNS on your router
If you want to use OpenDNS on your LAN you have to configure the router through the its configuration interface. The way you can do this varies from one router to another but in all the popular models you will easily find a specific sub-menu where you could activate the “use predefined DNS” option compiling the two addresses provided by OpenDNS.
In this way all your LAN traffic will be pipelined through OpenDNS and you will not need to singularly configure each computer you have.
dns4

Image from: oriental-press.com

4 – Install DNS from OpenDNS on your Linux computer
4a – Preliminary configuration.
The problem with opendns.com is that it doesn’t provide an official tutorial to correctly install its DNS on a Linux machine. For this reason you can follow this brief notes that I wrote after installing it on a Ubuntu 14.04 LTS Ubuntu computer.
Go to the OpenDNS.com support page dedicated to the installation on Ubuntu and follow their instructions:
I exactly followed all the instruction till the point 8 but, when I had big problems when I typed:
sudo ifdown eth0 && sudo ifup eth0
because this message appeared:
ERROR unknown interface eth0=eth0
The matter is that my ethernet is really named eth0 (I double checked using the commands ifconfig and netstat -r -n) but it was not possible to operate on it.
To solve this problem I used the Poorak’s Blog suggestion and I had to open the interface file via Terminal with:
sudo nano /etc/network/interfaces 

– or if you prefer:

sudo gedit /etc/network/interfaces
and manually add these lines:
auto eth0
iface eth0 inet dhcp
then I restarted my networking
sudo /etc/init.d/networking restart
4b – Install DDclient on Ubuntu if you have a dynamic IP
Normally the Internet Service Provides provides a dynamic IP to users that may change over time. So, if you don’t want to pay more to obtain a static IP, you need to install a software that could constantly communicate your actual IP address to OpenDNS.com. In my case, I dedcided to install DDclient to be able to continue to properly use the OpenDNS.com services.
To install DDclient I preliminarly had to install coreutils through Terminal:
sudo apt-get install coreutils
and the required SSH and SSL sockets:
sudo apt-get install ssh libio-socket-ssl-perl
and finally the DDclient:
sudo apt-get install ddclient
At this point you manually edit the configuration file:
sudo nano /etc/ddclient.conf
(or, if you prefer sudo gedit /etc/ddclient.conf)
typing:

##
## OpenDNS.com account-configuration
##
use=web, web=myip.dnsomatic.com
ssl=yes
server=updates.opendns.com
protocol=dyndns2
login=opendns_username
password=opendns_password
opendns_network_label

where:

– ‘opendns_network_label’ is the label given to the network you’re updating in your account.
If you have spaces in your network label, replace them with an underscore ( _ ) 
You can find the network label in the Settings Tab of the OpenDNS Dashboard.
– the login is your email address with OpenDNS
– the password is your opendns password. 
“If you have special characters in your password wrap the password in single-quotes ( ‘ ). 
If there are any single-quotes in your password, put backslash ( \ ) before the single-quote to escape the character”.
References:
5 – Start OpenDNS and DDclient on your Ubuntu computer
At this point you have all the elements to start  so you can open a Terminal and type: 
sudo /usr/sbin/ddclient chkconfig ddclient on && sudo /usr/sbin/ddclient service start
On the other side, if you want to check the status of DDclient, you will type:
sudo /etc/init.d/ddclient status

6 – Configure Linux OS to start DDclient at boot on Ubuntu

On Ubuntu is really simple to configure DDclient to start at the computer boot. You have to open the Session and Startup manager through the desktop Dash. Now you are able to Add a specific command to the Application Autostart menu to run DDclient at the boot:
sudo /usr/sbin/ddclient chkconfig ddclient on && sudo /usr/sbin/ddclient service start
If you are configuring OpenDNS through DDclient on a different Linux distribution you can google the right tutorial or follow the guide created on aboutLinux.info.
At this point you will automatically use OpenDNS on your Ubuntu computer. 

Protect your Privacy: use a Self-destructing, single-use File Sharing Service

encryption-100410129-primary-idge

Image from infoworld.com

If you need to share a confidential file to one of your colleague and you have not enough time to manually encrypt the file before uploading it to a you may consider to use securesha.re.

This online service let you to share a file through its online service encrypting it before it is uploaded to the securesha.re servers.

DevStash.io uses a 128-bit client-side AES encryption through a SSL protocol. This website automatically offers a 40 charaters long, randomly generated password that can be changed by user if he/she prefers to use its own passphrase.

Moreover securesha.re keep the file reachable in a long, random URL to decrease that files could be discovered through a brute force search.

Last but not least, this website let you delete the uploaded file after a pre-defined amount of time or/and after a pre-defined number of views. The default configuration allows just one view and an automatic deleting after seven days but the views can be extended till 10 and the amount of days reduced to just 1 day.

Personally I normally prefer to encrypt files by myself before sharing them online but I will keep securesha.re in mind in the case I need to share a file and I have not my laptop with me.

Link
star-wars-logo

Image from opencastingcall2013.com

What Do Star Wars and Recent Data Breaches Teach Us About Cyber Ethics?

Could Privacy Law Limitations kill the Internet Dream?

Is Privacy a fundamental human right? Your personal answer to this question is the starting point to think about the current Internet legislation and to evaluate if the recent legal restrictions on civil rights could represent the “end of the Internet Dream.” A clear and motivated opinion about this issue is a strategic keypoint for all those people who, as me, operate everyday in one of the many Internet branches as consultants, lawyers, programmers, marketing experts, investors or, more often, as common users.

Dan Gillmor, via BACKCHANNEL, has recently underlined that a liberal legislation should not restrict end to end encryption, because it represents the best safeguards for tomorrow’s freedom. A standard use of fragile encryption, imposed by Law, will not only interfere with privacy, but will also heavily tamper with Internet global security.

o-INTERNET-PRIVACY-facebook

Image by quotesgram.com

On the other hand, Dan Patterson, via TECHREPUBLIC, has reported two different conversations with UN reporters who affirmed that strong encryption allows privacy and privacy is the corner stone of truth, especially for reporters, because it helps to “validate the veracity of information.”

Consequently, to preserve our privacy in our daily living it would be useful to:

  • Use Privilege VPN or  HTTPS connections when you surf Internet;
  • Use Encrypted Storage for your data, especially if you cannot avoid using cloud-based services;
  • Watch the Legislator: contact the MP/Politician who represents you and express your point of view, each time a restrictive Law proposal is under discussion.

As Citizens, the real challenge we have for the next months is represented by the influence we will be able to exercise on new Laws that should find a legal equilibrium between anti-terrorism surveillance and the need of protecting citizen’s personal information allowing the use of VPN/HTTPS connections and Encrypted Storage.

Link
Link

Arresting Crime Before It Happens