Category Archives: Seguridad

If you use TAILS you should test a bit of HEADS alchemy

If you use TAILS you are certainly interested to better know HEADS because Heads isn’t simply another Linux distribution, it merges physical hardening of particular hardware platforms and flash protection attributes with a Linux boot loader in ROM as well as custom Coreboot firmware.

30450989320_f6504cb662

The key factor in Heads is represented by its steady monitoring of the boot process that allows detecting if the firmware has been changed by malware.

If this first check certifies that all is unchanged, heads uses the TPM as a hardware key to decrypt the hard disk.

The certified integrity checking of the root filesystem is really effective against exploits but it doesn’t secure the system against each possible attack but it is able to effectively divert many types of attacks against the boot process and physical equipment that have usually been ignored in conventional setups, hopefully increasing the issue beyond what most attackers are willing to spend.

c3tv-bootstraping-a-slightly-more-secure-laptop

3 steps to install DNScrypt to improve your privacy – Ubuntu version

Also if you use OpenDNS to improve your standard of privacy, you are not protected by “last mile” dangers but you can boost your security installing DNScrypt on your digital device. DNScrypt “works by encrypting all DNS traffic between the user and OpenDNS, preventing any spying, spoofing or man-in-the-middle attacks”.

DNScrypt “is a protocol that authenticates communications between a DNS client and a DNS resolver” and it “is not a replacement for a VPN, as it only authenticates DNS traffic, and doesn’t prevent “DNS leaks”, or third-party DNS resolvers from logging your activity”.

For this reason you have to be conscious that DNScrpt is just a -very good- improvement of your privacy but not the definitive solution to all your privacy concerns.

DNScrypt is so versatile that you can install it on every kind of device you prefer. In fact it is possible to download DNScrypt for servers, IOS, OSX, Android, Windows and Linux computers (DNScrypt-proxy version). Obviously the installation and setup will vary a little depending the OS you installed on your device.

Concept-Skyscraper-Feeds-on-Air-Pollution-Uses-It-to-Grow-433607-2

Image from softpedia.com

Here we are talking about DNScrypt installation on Ubuntu.

For this purpose I suggest to use the Terminal that allows you to install DNScrypt i just 3 steps:

sudo add-apt-repository ppa:anton+/dnscrypt
sudo apt-get update
sudo apt-get install dnscrypt-proxy

Last but not least, you need to interface the Internet traffic of your computer through the DNScrypt-proxy. For this reason you have to Edit your Network Configuration and add the address 127.0.0.2 to the “DNS Servers” line as for the below screenshot:

DNSCrypt

Now you can start DNScrypt just typing:

sudo dnscrypt-proxy -R opendns -a 127.0.0.2:53 -u okturtles

Where, in my specific case, okturtles is the name of the remote DNS resolver I decided to use. I chose that specific risolver from the list I found into into my computer after DNScrypt-proxy installation:

/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv

As usual in similar situations, you may want to spend another couple of minutes to configure your computer to start DNScrypt at the computer boot. Open the Session and Startup manager through the desktop Dash and Add this specific command to the Application Autostart menu:

sudo dnscrypt-proxy -R opendns -a 127.0.0.2:53 -u dnscrypt

Link

Tape isn’t dying — it’s getting healthier and smarter

Link

Cybercrime and Cybersecurity – The Legal and Regulatory Environment by Colin Renouf

Flipboard and Pulse vs. local RSS = Free online services vs. indipendence -and privacy-

The first time I noticed Pulse on my friends’ Iphone I was astonished. It as what I was looking for since my first Nokia phone: the possibility of read a personalized selection of my favorite news directly on my mobile.

Moreover, Pulse was able to load images so I had the possibility to directly access graphs or pictures. I was amazed and I spent a lot of time to select the right RSS to feed it.

I was sure that Pulse was the best app for different reasons. The main was its Android version that allowed me to not worry about the next mobile I would have chosen in (the very near) future. The second was its flexibility! I was able to choose feeds from its huge library or directly add my favorite RSS if the specific feed was not available. When Pulse started its website Pulse.me I was sure that I would have been one of its best fans for the life.

The same feeling I had with Flipboard. It was easy to use too. Flipboard had a more attractive look and it was able to suggest many interesting news as soon as I selected the favorite categories in its menu. For my feelings Flipboard was a bit too invasive because I was not able to actively define the precise sort of news it was suggesting me but it was still useful for my purposes.

The first doubt about Pulse emerged when it was acquired by Linkedin… Why I would have to connect my news selection with other Linkedin users? On one hand the selection could represent an extra element to describe, in a more complete way, my professional profile but, on the other hand, my RSS feed selection was also a personal added value that (for my opinion) gave me a plus towards my potential competitors.

Information are money. And RSS news feeds can sometimes represent the main part of the concept of information. When I decide to share my RSS selection I automatically decide to wipe out this difference between me and other “competitors”. And perhaps I am deleting part of my personal better skills.

For this reason I decided to not link Pulse to Linkedin and I loose the trust I had for it.

At the end I decided that I would have preferred to test a simple RSS reader on my notebook. In few words I opted for less mobility to more independence (and privacy).

And the nightmare began….

In fact I was not able to download the RSS feeds I had in Pulse and in Flipboard. Because it is simply not possible. If you decide to use Pulse or Flipboard you are welcome but that is one way path. You are not allowed to easily leave them. If you want, you can always cancel your account but all the RSS you saved on your account cannot be downloaded. If you really want to opt-out you have to manually copy them to your local RSS reader.

I let you image how much time I wasted copying and pasting a five year long RSS feeds history to Akregator but it was the only way that I caused myself for not reading the TOS when I registered to Pulse and Flipboard.

I just want to focus your attention to one point. Beware to similar online free services. They are useful till you decide to use them but, when you change your idea, they can become a real, real problem.

I was a silly user. In fact, accepting the TOS, I gave them the legal authorization to monitor and use my RSS selection as they preferred without any warrant about the possibility of withdrawing in a easily way. I am not a genius nor an Internet evangelist so I really don’t think that my personal RSS feed selection could have a big commercial value for anyone. But when I think that my 2 cents RSS selection could be summed to a virtual infinite number of other 2 cents feed selections I feel myself silly.

The advice I’d like to give you is about TOS. Read them and, before accepting TOS, be sure that the agreement you are signing is enough convenient for you.

Decide if the authorizations you are giving them can compensate what they are offering to you for free. And…. be sure you can easily and freely save and/or re-use the data you have been sharing with them for so many years.

Link

Aerial Assault drone is armed with hacking weapons

Link

The Snowball Effect of Data Breaches