Hey guys, make sure yous update your bluetooth to the version released in February 2020,
if yous have not already.
There has been a serious bluetooth vulnerability that allows for attack;
And I guess for people to listen in.
I'm trying to find the package number that has fixed the issue.
Right now I'm using 1.3.9-1 on linux. It's been fixed in versions versions 5.1+ on android devices.

https://siliconangle.com...-connect-nearby-devices/

Best regards

I will do a giant update to this including adding information on firewalls and such including Pfsense and whatnot.

If yous send me Bitcoin,
(Bitcoin address: 89yHp9qwh8rSjsJgEz8E4dgmdj7TvWL4S6DRi7kJKSPbUiij1tbGaDPKpMJ1wfDZ573qPDY2EshbaZFnJRCwWnEf8bKFpqN)
Monero
(89yHp9qwh8rSjsJgEz8E4dgmdj7TvWL4S6DRi7kJKSPbUiij1tbGaDPKpMJ1wfDZ573qPDY2EshbaZFnJRCwWnEf8bKFpqN),
or especially MobileCoin,which Signal supports MobileCoin, a decentralized network. MobileCoin is built off Monero, which is secure but written with crappy code. If you's send some cryptocurrencies to support of my Internet Security book, I'll rewrite the entire book, add more content.

I have no time to work on this, between going to the gym, reading, watching internet security podcasts, and setting up an eBay business to sell stuff on. So looking for some support to motivate me.

I'm also gonna write a book on beautifying linux with and making it more aesthetically pleasing, and installing useful programs / applications.

like:

"Internet Security Book updates
Install permissive Tails Linux onto Micro-SD for a for a USB Drive.
Find and learn to use a Metadata removal tool.

JavaScrypt is insecure a JavaScript click play extension.

Decentralized VPNs
Element Messenger on the [matrix] network - private and secure
Encrypted Hard drives
Do Not Track track Requests
Block all cookies (especially third-party Cookies)
Session Messenger
Wire Messenger
DemonSaw
Tox
Tor Browser
Firefox - with it hardened with settings and and Chromium extensions
Brave
Brave
UnGoogle Chromium and add extensions
JustDeleteMe.com
(delete accounts you don't use, especially, compromised accounts accounts)
Install yay
Manjaro Linux
Garuda Linux (a fork off Manjaro Linux; Which was a fork / built off Arch Linux and uses built off Manjaro Linux)
hacked: (Amazon, Apple Touch and Facebook)
Change ports
Passwords: never use the same password twice
Reddit Internet-net Security Podcast
Keep Linux up-to-date, including WireGard
Https://AnyWho.com
https://PiPL.com
https://Tineye.com
https://PrivvacyTools.io
https:://Temp-Mail.org
https://HaveIBeenPWNED.com (Change Passwords)
Session Messenger (that routes through the Tor network,a decentralized network, and it gives you a decentralized address, rather than Signal in which you have to share your phone number with other users.
MobileCoin
Monero
Tor bridges and pluggable transports
https://darkwebnews.com/...es-pluggable-transports/ "

I will update this with new cryptocoin wallet addresses. I am in the process of rewriting this entire ebook and getting it published as a paperback. If you'd like the new version, it will be $5 in MobileCoin, $6 in Monero, and $7 in Bitcoin. All admins can PM me for a free copy get it for free. The current version will continue to stay on the forum for free. When the book gets published as a paperback, users that paid me for the ebook will get the published paperback for the minimum price, for what it costs me to get it printed and shipped, and I will make no money off of them. Each time I update a topic of the book i will update the version number, for example, version 3.0 will go from 3.0 to 3.1. And I will send them the newer versions until I update to new versions, for example 3.0 to 4.0, which will include at least 10 updates.

Each version will be uniquely hashed for each individual user. If they post it as a torrent, no problem. If they are caught posting it on the forum freely to other users. I did this for free, as a service to all users; Because I love this forum, which has taught me so much - and the kambo forum, which I am the only active administrator of - internet security, privacy, internet and personal freedom, open-source software, and linux.

This took me a lot of time in research, and write. Since then, I have become better at writing, making my easier to understand. Things I wrote about, for instance,Wicker,is no longer trustworthy, as it phones home to Microsoft.

I will continue to update this thread on major updates, but not the details on how to go about doing them, which will be in the book

Make sure yous update your passwords, and thanks to The Traveler, who informed us that there was a possible data breach, including your passwords.

Update will include:

Install permissive Tails Linux onto Micro-SD for a for a USB Drive.
Find and learn to use a Metadata removal tool
Blocking javascript and click to play extension
The Security-Hardened Linux kernel and modules
Encrypted Ram
Encrypted Hard drives
Flatpaks
Do Not Track
Block all cookies
Briar Messenger
Brave Browser
Session Messenger
Wire Messenger
DemonSaw
Tox
Tor
firejail sandboxing GUI
portmaster
aurora
802.1x network security
Brave
Changing default router passwords like, “password”
Chromium / UnGoogle Chromium
JustDeleteMe.com
(delete accounts you don't use, especially, compromised accounts accounts)
Install yay
GrapheneOS Linux
Manjaro Linux
GarudaOS (built off Manjaro)
hacked: Amazon, Apple Touch, Facebook
Change ports
KeePassXC - 2,048 character passwords
Passwords: never use the same password twice
change default password on router
encrypted zip folders
What “Incognito Mode” really is.
restarting, updating, and changing default passwords on routers
Reddit InternetnetSecurity Podcast
Keep linux up-to-date, including WireGard
decentralized VPN / "Trusted Server"
AnyWho.
PiPL.com
Tineye.com
PrivvacyTools.io
Temp-Mail.org
HaveIBeenPWNED.com (Change Passswords)
Session Messenger
MobileCoin
Monero

tor bridges and pluggable transports https://darkwebnews.com/...es-pluggable-transports/

A belated thanks for all the work and time you've put into this thread and whatnot to give a nice overview and educate folk that weren't aware of some/most of these things.

If you'd mentioned this I'm sorry [i'll delete], but a nice ff/chrome extension is VT4Browsers:

https://addons.mozilla.org/en-US/firefox/addon/vt4browsers/

A very worthy and comprehensive resource as an inline scanner for the browser, pointed to virus totals database, this is nice to have for any sus urls/malware/etc.

Chronicle Sec owned [google]. Virus total is excellent though, it's definitely done well in its years. (OooO big scary google)


**Meant to mention this lastnight but it was already late, but obviously unselect the 'send anon passive dns data on the app', so yes they give you the option to opt out.

If one's worried about the dns data being sent - a vpn [i'm not really a tor guy] is obviously your friend here [as long as you're connecting with the vpn providers dns resolvers and they're not defaulting to your isp's name servers/resolvers - which dns leaks can certainly happen with various vpn providers.]

*** On a somewhat relatedunrelated note/side-tangent:

For the linux savy folk with a spare box lying around, you can also use the bind package to set up an initial caching name server. And if they'd like they could even set it up as a primary name server/resolver [several guides out there to do so]. So if the vpn were to default in some way to your isp's name server it would instead default to said bind/server. Though in setting up something like this - there's several best practices that would need addressed as far as securing your own primary ns goes, especially when dealing with the various dns records. That's a whole other topic [linux server hardening/dns hardening & proper configuration].

And to pop in one of my favorite quotes by William Cheswick [wrote 'Firewalls and Internet Security']:

Another nice extension for ff is their multi-account containers. This just allows cookies && any other relevant history/user-agent/browser data to be contained within separate tabs [containers] within the browser, so there's no cross-sharing:

https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/

Say you want one tab for a specific soc media site, one tab for google [or any other se], one tab for email, etc, etc. You can create as many tabs as you'd like - each tab/container being isolated unto itself. It's essentially like running each in an independant browser.

This can also help against certain attacks like crosssite-rf where an malish-user attempts to induce an action from an auth'd user on the target/vuln-site [url/link, embedded file, etc], in turn causing said person's session/cookie to be transmitted within the subsequent request/s to the attacker-controled poc [partial bypass to so-policy].

Multi-account containers can help with brunting these && self-similar attacks, allowing the user to have their current/auth'd session on the vuln site, while being able to open said induction [i.e url/link/embedded file-to-click] from that vuln site within a new, separate container/tab, hence not allowing any forwarding of cookie/session data cross-container/tab within the respective requests to the attacker [though csrf tokens (a unique identifier gen'd server-side && stored server-side) are common practice currently, so much of these sorts of attacks are somewhat nil today, though they can surprisingly still be common at times].

Thank you for the reads, that post, and the rest of the posts!

https://www.youtube.com/watch?v=0dGqR4ue8dg

I hate to ask but if I can raise $100 in Monero, Bitcoin, or MobileCoin, I will redo and update that entire ebook.

Monero: 47svCTg7UU1RBSfNDXKe5vgLNEoHdovoE6umDheh2wrrTUgLGxqmZbsDUYWp7af1XnKVmtBmhKjcxZjdAvxQHgM4Pdq9s49

Bitcoin: bc1qy4ckchx7ssp28jesrcq6h8zdrufece0epmuzyw

MobileCoin:

^ Probably collecting money for Meth Lab equipment

lol! I have access to meth.
I'm not addicted to it, and only have done it 3x

No money, lost my job, transmission went on my car,
owe my parents at least $5,400,
which I borrowed, for a car accident.

The first time, I did meth though on BDO,
I filled a 1ml syring to the "-4" or .4 of the 1Ml.
And IVed it.
A clarity, and warm euphoria rushed over me,
and I had the expression on my face like a girl getting eaten out.
I sat on the ground against the wall,
And like 30 seconds later, I thought I came in my pants.
I had to check, and couldn't believe there wasn't at least precum.
10-15 minutes later and I was still checking.

Nice Trip report!