Tag Archives: Privacy

Today utilizing an external drive is the most often used strategy for having an efficient backup storage. On the other hand, the people who contemplate utilizing cloud computing for this purpose often wonder if the technology is worth the attempt.

Users of the system ensure that there’s no reasons why anyone should keep from utilizing this system as it guarantees numerous additional benefits as when compared to the traditional methods. The truth that you’ve to fork out a “minuscule” amount of cash on a -monthly- basis for the use of cloud data storage is one motive behind prospective users to be careful.

Courtesy of https://www.surdoc.com

The following benefits of the technology are cause enough to make sure that this expense property is truly worth it.

Extensive storage space: The most elementary advantage of utilizing the cloud is that you can store any quantity of information, which is difficult when using drives. The system is very simple to utilize as the account is created within a few minutes, as opposed to the effort and time spent on going searching for an additional drive.

No Physical existence: Once you have saved your data on the cloud, it becomes the obligation of the supplier to worry about its preservation. Rather than purchasing and saving these numerous added drives, one only has to stay attached to the web in order to access the stored information.

Convenience of automatic back-up: The consumers of cloud computing do not have to trouble making sure that they have related the external drive to their computers and that they take back-ups occasionally. The options on the cloud system may be altered as per the user’s setting as to whether the back-up must be taken several times in one day or once each day. The only obvious prerequisite for the system to be copied is the internet must be related and anything else is looked after.

Easy restoration: In usual conditions, locating and repairing a hard disk drive from backed up information is a long and troublesome process which calls for the providers of the pc technician. The cloud consumers are spared from such an annoyance as this restoration procedure is made quick and simple. If at all the users however have questions about managing this on their very own, they could always seek help from the companies plus they’ll be more than happy to oblige.

Courtesy of http://labs.sogeti.com

It is important to understand the dangers involved when transferring your business into the cloud before contemplating cloud computing technology. You should perform a risk assessment procedure before any control is handed over to a service provider.

First of all you should deeply understand what is the real privacy protection offered by the Cloud Provider. Nowadays the best (more secure and/or more respectful of your privacy) Hosting – Cloud Providers are redeploying their storage servers from USA to Switzerland. This happens because in general Swiss has a better privacy protection and it is outside the European Union and United States Laws. This means that in Swiss, disclosure order/warrant have less possibilities to have effects than in US or EU if they have not a very good legal motivation.

More in general, it is possible to affirm that any location of the Cloud Provider could be good if you understand the local privacy legislation before you use its services. Moreover the Cloud Providers have to guarantee an encrypted storage without detaining any key that can, directly or indirectly, decrypt the information you save or use through its servers. Consequently all the data transmission have to use https protocols with a recommended minimum of 1024 bits encryption. On my side I privilege nothing that offers less than a 2048 bits https protection.

Usually you can have a good representation about the security of the services offered and the legal legislation that will affect your Cloud Service contract if you read carefully the EULA.

For this reason, before committing, you should inquire which privacy and security laws will apply to the information and where your information will be saved. In case the information will be saved outside of your Country, you will also need to be informed as to the laws and regulation demands in that specific geographic place.

Moreover you have to understand if the Cloud Provider that you are choosing to support your business, is really able to guarantee an adequate service level. Don’t be worried to send inquires if the information provided in their Service Level Agreement don’t solve tour doubts or you think that the provided services could not match with your needs in future because they seems not enough flexible.

Anyway, try to prefer a Cloud Service Provider that has an effective Customer Support Service that can promptly (24/7/365) solve your problems. Cloud Service reseller are (sometimes) cheaper but they could not be the best choice for your business technical needs.

Courtesy of webopedia.com

Last but not least, don’t underestimate the security holes represented by the human factor. You have to offer the right level of training to your employees and colleagues because just a single mistake by them, can be transformed, by an hacker or a competitor, in a potential debacle for all your Cloud System. Invest in learning courses about Cloud risks for all your employees and colleagues, let them understand what are the potential risks of using Cloud Services. Don’t be afraid to introduce “difficult” technical concept (as e.g. man-in-the-middle attacks, different encryption systems, social engineering tactics, the importance of digital signs, etc..) to them.

For this reason, in order to reach a better security level, configure all the electronic devices (common: tablets, smartphones, laptops & uncommon and often more dangerous: all the hardware with an embedded OS especially if they are able to communicate data through Internet or your phone provider) in order that they use your VPN by default. If you will be able to secure all the transmission through your reliable VPN you could have solved at least the 40-50% of the potential mistakes that are normally made by your employees or colleagues.

3 steps to install DNScrypt to improve your privacy – Ubuntu version

3 Replies

Also if you use OpenDNS to improve your standard of privacy, you are not protected by “last mile” dangers but you can boost your security installing DNScrypt on your digital device. DNScrypt “works by encrypting all DNS traffic between the user and OpenDNS, preventing any spying, spoofing or man-in-the-middle attacks”.

DNScrypt “is a protocol that authenticates communications between a DNS client and a DNS resolver” and it “is not a replacement for a VPN, as it only authenticates DNS traffic, and doesn’t prevent “DNS leaks”, or third-party DNS resolvers from logging your activity”.

For this reason you have to be conscious that DNScrpt is just a -very good- improvement of your privacy but not the definitive solution to all your privacy concerns.

DNScrypt is so versatile that you can install it on every kind of device you prefer. In fact it is possible to download DNScrypt for servers, IOS, OSX, Android, Windows and Linux computers (DNScrypt-proxy version). Obviously the installation and setup will vary a little depending the OS you installed on your device.

Concept-Skyscraper-Feeds-on-Air-Pollution-Uses-It-to-Grow-433607-2

Image from softpedia.com

Here we are talking about DNScrypt installation on Ubuntu.

For this purpose I suggest to use the Terminal that allows you to install DNScrypt i just 3 steps:

sudo add-apt-repository ppa:anton+/dnscrypt

sudo apt-get update

sudo apt-get install dnscrypt-proxy

Last but not least, you need to interface the Internet traffic of your computer through the DNScrypt-proxy. For this reason you have to Edit your Network Configuration and add the address 127.0.0.2 to the “DNS Servers” line as for the below screenshot:

DNSCrypt

Now you can start DNScrypt just typing:

sudo dnscrypt-proxy -R opendns -a 127.0.0.2:53 -u okturtles

Where, in my specific case, okturtles is the name of the remote DNS resolver I decided to use. I chose that specific risolver from the list I found into into my computer after DNScrypt-proxy installation:

/usr/share/dnscrypt-proxy/dnscrypt-resolvers.csv

As usual in similar situations, you may want to spend another couple of minutes to configure your computer to start DNScrypt at the computer boot. Open the Session and Startup manager through the desktop Dash and Add this specific command to the Application Autostart menu:

sudo dnscrypt-proxy -R opendns -a 127.0.0.2:53 -u dnscrypt

HTML5 Privacy Matters: DOM Storage. How to solve it in only 2 steps!

Leave a reply

Recently I started an online course that was created using the Google Course Builder.

After I registered the course I was not able to access it because “my browser didn’t allow the web storage” and, for this reason, a message informed me that it would be necessary to use a up-to-date browser as Chrome or Firefox.

The only problem is that I always use Firefox. Obviously a “particular” version of Firefox where I also added a bunch of different add-ons to enhance the privacy protection level of my navigation and, for this reason, the Google course was not available for me.

Normally I would have decided to quit the course because I prefer not to modify my Firefox configuration after I spent so much time searching the best add-ons to preserve a minimum of privacy. But, in this case, I really wanted to attend the course and so I decided to manually operate on the Firefox configuration to “solve” the problem and allow Google to keep all the information it would have considered as essential.

This is the list of what I did:

– open Firefox and type:

about:config

in the address bar.

– search for:

dom.storage.enabled

and change its configuration from “false” to “true” double-clicking on it.

After this fast change in the Firefox’s configuration menu I was able to attend the Google course but….. I am conscious that my privacy is a little bit less protected because now Google can store up to 5 MB of content on my browser. In fact, before HTML 5 we were used to “cookies” and we were able to “manage” (better: erase) them also if, as the LSO Flash cookies, they were more persistent than usual. Moreover in the old html times, the space available for cookies on your local browser was 4 KB (yes… KB) but now, in the Html 5 era, a single website can easily manage and permanently store till 5 MB on your browser. And this is the reason why I decided to protect my privacy disabling the DOM Storage on Firefox and this is also the reason because I will disable DOM Storage as soon as I complete the Google course…

If you are not a simple user but you prefer to directly and consciously operate on the Firefox configuration to improve your privacy level, you would read this interesting post by BestVPN.

————-

References:

https://www.bestvpn.com/blog/8499/make-firefox-secure-using-aboutconfig/

https://www.bestvpn.com/blog/8337/things-go-bump-night-http-etags-web-storage-history-stealing/

3 Good Reasons to persist in using Google ncr = no country redirect

Leave a reply

Image from: marketing-partners.com

Since some weeks ago, I used:

http://google.com/ncr

for my web search and I was able to open the main Google Homepage without to be redirected to any local Goole site.

What I usually obtained was:

1 – less “personalized” search results: the algorithm will be not “contaminated” by my local IP and I will able to find information “cleaned” by local trends;

2 – the possibility to use the “same” Google even when I am abroad;

3 – the security that my searches were always up-to-date respect the global actual trends. For my experience when I search some particular topics as “marketing” I obtain, in the first Google page, fresh news only using Google in its NCR version. If I try to use my local Google homepage I have to spend more time setting the Google’s “advanced search” or trying to understand what information are “really” fresh new.

Image from: mods2015.com

I found the right solution when I visited ycombinator.com and I found the post created by newman314 that submitted a link that combined NCR and SSL protocol (for a little bit of more privacy).

https://encrypted.google.com/search?q=test&qscrl=1&n…

https://encrypted.google.com/search?q=test&qscrl=1&ncr=1

Where the word “test” is what I am looking for.

Then I also found a faster solution by dragop:

http://www.google.com/?gfe_rd=cr&gws_rd=cr

and, in the same webpage, a shorter version from 3dfan:

http://www.google.com/?gws_rd=cr

On my side I prefer to use this other URL that gives me the same results through an SSL connection:

https://encrypted.google.com

To be sure that the results were really the same and not simply related with the English language and influenced by the IP, I tested this URL comparing them from what I obtained from the above mentioned:

http://www.google.com/?gws_rd=cr

I discovered that what I “received” using encrypted.google.com are really the same links and they are not just the standard local results in the English language.

I know that cookies will not allow me to have real “septic” results but this is the first step to a less passive use of Google search because I would like to be a more active user and not just a passive customer pampered by Google.

Protect your Privacy: use a Self-destructing, single-use File Sharing Service

Leave a reply

Image from infoworld.com

If you need to share a confidential file to one of your colleague and you have not enough time to manually encrypt the file before uploading it to a you may consider to use securesha.re.

This online service let you to share a file through its online service encrypting it before it is uploaded to the securesha.re servers.

DevStash.io uses a 128-bit client-side AES encryption through a SSL protocol. This website automatically offers a 40 charaters long, randomly generated password that can be changed by user if he/she prefers to use its own passphrase.

Moreover securesha.re keep the file reachable in a long, random URL to decrease that files could be discovered through a brute force search.

Last but not least, this website let you delete the uploaded file after a pre-defined amount of time or/and after a pre-defined number of views. The default configuration allows just one view and an automatic deleting after seven days but the views can be extended till 10 and the amount of days reduced to just 1 day.

Personally I normally prefer to encrypt files by myself before sharing them online but I will keep securesha.re in mind in the case I need to share a file and I have not my laptop with me.

Link

Image from opencastingcall2013.com

What Do Star Wars and Recent Data Breaches Teach Us About Cyber Ethics?

Could Privacy Law Limitations kill the Internet Dream?

2 Replies

Is Privacy a fundamental human right? Your personal answer to this question is the starting point to think about the current Internet legislation and to evaluate if the recent legal restrictions on civil rights could represent the “end of the Internet Dream.” A clear and motivated opinion about this issue is a strategic keypoint for all those people who, as me, operate everyday in one of the many Internet branches as consultants, lawyers, programmers, marketing experts, investors or, more often, as common users.

Dan Gillmor, via BACKCHANNEL, has recently underlined that a liberal legislation should not restrict end to end encryption, because it represents the best safeguards for tomorrow’s freedom. A standard use of fragile encryption, imposed by Law, will not only interfere with privacy, but will also heavily tamper with Internet global security.

Image by quotesgram.com

On the other hand, Dan Patterson, via TECHREPUBLIC, has reported two different conversations with UN reporters who affirmed that strong encryption allows privacy and privacy is the corner stone of truth, especially for reporters, because it helps to “validate the veracity of information.”

Consequently, to preserve our privacy in our daily living it would be useful to:

Use Privilege VPN or HTTPS connections when you surf Internet;
Use Encrypted Storage for your data, especially if you cannot avoid using cloud-based services;
Watch the Legislator: contact the MP/Politician who represents you and express your point of view, each time a restrictive Law proposal is under discussion.

As Citizens, the real challenge we have for the next months is represented by the influence we will be able to exercise on new Laws that should find a legal equilibrium between anti-terrorism surveillance and the need of protecting citizen’s personal information allowing the use of VPN/HTTPS connections and Encrypted Storage.