I was working on a different version with an index but I kept running into issues I couldn't get the format right. maybe in the near future.
|
|
|
|
|
|
Apologies if youve already covered this but I use an android phone as my only internet access and now that Ive joined the nexus, internet security is starting to concern me more. Looked into cyanogenmod but they dont seem to cover this model of phone yet. Also not sure how much more security this would offer. Should add that Im not very computer literate. Any tips?
|
|
|
I'd look firstly at getting the encrypted communication apps. Install signal. Try it out as your default text app for a while. It encrypts texts, media, and phone calls if you communicate with anyone else that has it. It lets you know if they do and if your conversations are encrypted. Install Whatsapp, over a billion people use it and it is end-to-end encrypted. You can also make calls with it. It will show you who in your contacts is using it. Wickr Me is also probably the messenger with the hardest security, which may be nice to have if you have friends with it, it will also show you who of your contacts has it. Install firefox and visit a private search engine of your choice like startpage.com and click and hold in the search, then click the +magnifying glass icon to add the search engine. In settings set it as the default. Private search engines like startpage, duckduckgo, and search.disconnect.me also have apps. go to addons.mozilla.org and add these addons to firefox: Clean Links HTTPS-Everywhere uBlock Origin I recommend using a VPN. If you use one, set the setting in uBlock to "prevent WebRTC from leaking" Install Adblock Plus as a firefox addon. Or for android and then modify the networks you use and set the proxy as manual with hostname: localhost and port#: 2020 this will allow AdBlock to block garbage across android. I suggest using a password manager like KeePassDroid and changing your passwords, and perhaps yearly, to large passwords which include letters, numbers, and symbols at at least 64+ characters. Brute forcing passwords that are just a word and a few numbers takes seconds with a powerful computer. If you do this be sure to keep a copy or 2 of your password databases on perhaps personal USB drives. Make sure your email service provider supports end-to-end TLS encryption with other email providers who support it. Gmail does this. but if you want your email encrypted on the providers servers so that even they can't read it, switch to a provider like ProtonMail. They use open source, time tested, and trusted crypto. They recently opened their service up to the public, free of charge. They have an interesting history of being attacked. One of Europe's largest DDoS attacks in history from a nation state, which they fought off and came back stronger. http://www.techrepublic....of-europes-largest-ddos/Hope this helps. ProtonMail's Bunker Datacenter
|
|
|
PsilocybeChild wrote:go to addons.mozilla.org and add these addons to firefox:
Clean Links HTTPS-Everywhere uBlock Origin
...
Install Adblock Plus as a firefox addon.
Be careful with those FireFox plugins -- The architecture itself is flawed and a popular attack vector. Also, as much as I love signal for day-to-day comms (as it bypasses SS7's SMS/MMS protocol) you cannot use the app without providing your actual phone number as well as your entire contacts list. Not exactly anonymous. Threema, otoh, does a pretty good job of both encrypting comms while providing anonymoty (though, you still need to purchase the app which gives Google Play your UUID). Of course there's still good 'ol Pidgin with OTR... "Facts do not cease to exist because they are ignored." -A.Huxley
|
|
|
The user is only at risk if they install a malicious extension. If one is careful and researches an extension before installing, then they're fine. This is one of the reasons that Mozilla went with a signed extension approach, which I was hesitant to accept at first, but now accept makes sense. My only wish is to be able to bypass these security measures through advanced user options. Arstechnica, Slashdot, etc, don't always look below the surface, sometimes they just report in a sloppy manner. “The dao that can be expressed is not the eternal Dao.” ~ Lǎozǐ
“One does not become enlightened by imagining figures of light, but by making the darkness conscious.” ~ Carl Jung
|
|
|
Lovely guide. "PSYCHEDELIC DRUGS DON'T CHANGE YOU- THEY DON'T CHANGE YOUR CHARACTER-UNLESS YOU WANT TO BE CHANGED THEY ENABLE CHANGE THEY CAN'T IMPOSE IT...." -ALEXANDER SHULGIN
It's time to move on to the next step in the psychedelic revolution
|
|
|
I mainly just want to use the nexus anonymously from my phone. Would a VPN be sufficient? Or would TOR for mobiles be better? From what I could gather, the two are not compatible. I dont use any social networks and dont discuss anything controversial via messaging or mail. Sorry if all this is really basic stuff that any internet user should know...
|
|
|
ijahdan wrote:I mainly just want to use the nexus anonymously from my phone. Would a VPN be sufficient? Or would TOR for mobiles be better? From what I could gather, the two are not compatible. I dont use any social networks and dont discuss anything controversial via messaging or mail. Sorry if all this is really basic stuff that any internet user should know... You can in fact route Tor traffic through a VPN. On a mobile though? Probably not without some clever hacking. With a mobile you also want to make sure things like GPS and cellular are turned off (only use wifi with mobile Tor/VPN and it's fairly easy to triangulate location of cell tower data). A simple VPN should be just fine. "Facts do not cease to exist because they are ignored." -A.Huxley
|
|
|
Thanks for all the tips everyone. Ill start with a VPN then and work my way up to the more advanced stuff. Dont have much access to wifi so Ill just have to keep turning mobile data on and off as and when its needed and GPS is always disabled anyway. Cheers.
|
|
|
|
|
|
|
|
|
|
|
|
This is a dope little router that's only 40 bucks. It comes pre-installed with LibreCMC which is the only fully opensouce operating system and firmware for routers. You can also get a year subscription to their VPN for 100 bucks and they pre-configure the router so it's ready to just plugin and connect to. With that setup every device connected to your home network will route it's traffic through a vpn. You can plug it into your router or replace your current router with it. either way, it secures you https://www.thinkpenguin...ini-vpn-router-tpe-r1100This company has awesome hardware including fully open source linux laptops and pc minis with like gigs of ram, & etc.
|
|
|
Bump -- v2.2.6 Bitcoin ATMs, $40 open-source Think Penguin Routers with optional VPN service built-in, Clearing Google account history and ceasing logging. Updates since the las tversion are highlighted in yellow. Web View: https://docs.zoho.com/wr...d2fc48bdb76e20f6234765bb
|
|
|
Monero is the new anonymous cryptocurrency that surpasses bitcoin.
|
|
|
|
|
|
Am I the only person that sees irony in downloading a PDF file about being secure? How come you didn't directly post the info to this message board so it can be directly accessed within this thread? Isn't that the point of a message board? I'm not trying to devalue the hard work you put into it, just wondering why you took extra steps. "In this secret room, from the past, I seek the future..."
|
|
|
It's way too long to embed it in a post here. In the first post there is a link to read it online. Also. I need to update this but in the meantime. Disable IPv6 on networks to prevent leakage. See here: https://leaktest.online/ipv6/The other leak tests: https://leaktest.online/And since CyanogenMod has been discontinued. I believe the most hardened free Android OS/rom is now Lineage OS. Quote: It is the successor to the custom ROM CyanogenMod
•Trust - helps you keep your device secure and protects your privacy. •Protected Apps – Hide specific apps behind a secure lock. This works hand-in-hand with Trebuchet; the respective app's icon is removed from the launcher, and "secure folders" can be created to easily access these applications. A pattern is used to lock these apps. •PIN scramble – For users securing their device with a pin, the layout can be scrambled each time the device locks to make it difficult for people to figure out your lock by looking over your shoulder.
As LineageOS evolved through development, the Trust interface was introduced for all the LineageOS 15.1 builds released Wed 12 June 2018.[35] The interface can be found on supported devices under Security and Privacy tab under the Settings option, and enables the user to "get an overview of the status of core security features and explanations on how to act to make sure the device is secure and the data is private".
|
|
|
***This more than likely isn't needed, but things like this are relatively simple to do and can't hurt.
Not sure if it's already been talked about in the pages here, but if you're on a linux distro and you use file sharing/receiving services (torrent or otherwise) it can be good practice to set up a decent av or ids and alter the config/txt file for the specific inbound tcp port/s being used by the application receiving the files.
Usually only a port or two that need changed in order for the av/ids to alert/drop whichever packet/s happen to hit one of the signatures/strings/hashes in the database list within the av/ids config file.
Only takes a few seconds in linux with nano to change these ports as long as you know the specific ports per the application you're using (usually you can just open up the man page for the linux app and they're listed, or you can find these ports per google. You could even run a filtered port scan on your IP and find them. Or just go to the config txt file itself to look.
Alot of these file sharing apps use ports in the 1000's-range. (e.g 9020, 1580, 6500, etc)
Also the database lists for many of the top ids's or av's are continually updated, and also with an ids like Snort you can also add your own strings/hashes/signatures in with the list - as there's many sourced lists from all over the internet that you're able to copy/paste over.
Never a bad thing if you're one to continually download things from these services.
Snort IDS, Clamav, there's several out there. Snort probably being the most granular as far as overall control and depth.
|