Support the Arctic Sea Ice Forum and Blog

Author Topic: How to secure internet ?  (Read 45119 times)

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
How to secure internet ?
« on: April 02, 2013, 06:37:36 PM »

http://en.wikipedia.org/wiki/W._Daniel_Hillis
This guy try to tell us something, even though I know a bit of the technical behind internet, I don't know what would be an other internet ? Do you have an idea ?
I found recently that my web site was crowded by spammers (450 spammer and 10 humans), sometimes I am looking at their IP to know where they are coming from !
http://www.spamhaus.org/news/article/694/ddos-update-march-2013
http://en.utrace.de/?query=80.119.48.122

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #1 on: June 13, 2013, 11:37:43 AM »
The question is still pending :
http://www.telegraph.co.uk/technology/internet/10107784/Web-inventor-Berners-Lee-warns-forces-are-trying-to-take-control.html
Of course that is related to the recent revelations of Edward Snowden concerning the spying of all the American citizens (and certainly all the others (me included)).
http://www.usnews.com/opinion/articles/2009/06/19/the-secret-history-of-the-national-security-agency

anonymous

  • Guest
Re: How to secure internet ?
« Reply #2 on: June 13, 2013, 02:30:23 PM »
There are several possibilities, all include a new abstraction layer from the cables (physical transport).

Most prominent is the move towards ip6, which will/might give every user (think you, your fridge and your car) his own ID for a live time. Actually this is close to a caller ID used in telephone networks.

Point/problem is every Internet request could be mapped absolutely reliable onto a single user with his address known. That's actually a privacy nightmare compared to what we have now ip4 (with a ip addresses pooled).

I think, services which allow anonymous Internet access on top of ip6, will be very profitable or face at least huge demand. Relatively advanced are already p2p layer which split each request and choose request sources at random. That way a spy sniffing at the physical layer can tell only the p2p network the request comes from, google TOR.

However, if the Internet gets completely inaccessible to spys, I assume some very bold moves from the 'intel community', which might include banning encryption, universal back door keys, mandatory government trojans, etc.

In ten years from now "speaking in private" will have a new meaning.

ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #3 on: June 15, 2013, 09:08:15 PM »
In ten years from now "speaking in private" will have a new meaning.

I already know someone loathe to discuss things happening behind the scenes with me by electronic means any more. I have the technical ability to make something pretty secure - but I'm left wondering if perhaps the answer isn't something wonderfully old fashioned - letters.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #4 on: June 16, 2013, 09:56:42 PM »
 ccgwebmaster :
Very funny, but that's not what I want ! Internet is a big part of my life !

Arcticio :
Ipv6 won't change the problem no matter how much more bits are used to identified someone !
Tor is a possible solution to go around but that doesn't solve the problem !
It does add a layer for the cat and mouse system, I am pretty sure any intelligent and powerful army will try to spy the tor system (there is certainly some ways to do so).
A lot of money is available in America to play the game !
http://www.wired.com/threatlevel/2013/06/general-keith-alexander-cyberwar/all/
Some web sites do block people from Tor if they can't be track !

I was thinking something that does rechape the philosophy of internet and things that do increase the connections between people like the google project


I want to be identified the problem is I don't want to be spyed ! When I am discussing with someone that communication must be only between him and me !
Most of the people do not understand that when they enter  there password on a http web site there is some chances that the password can be see easily read. The only way to ensure that it is safe is by making sure that the communications (all of them) should be securized with an openssl system hard coded in my router for example. The other thing is that if it is easy for America (not only) to spy the rest of the world is also because the system act like a minitel (client-server).
http://en.wikipedia.org/wiki/Minitel


anonymous

  • Guest
Re: How to secure internet ?
« Reply #5 on: June 17, 2013, 12:33:11 AM »
Arcticio :
Ipv6 won't change the problem no matter how much more bits are used to identified someone !
Tor is a possible solution to go around but that doesn't solve the problem !
Some web sites do block people from Tor if they can't be track !
...
I was thinking something that does rechape the philosophy of internet and things that do increase the connections between people like the google project

Wanted to express ip6 will make it worse! Currently most users get a new ip address after every login, because they are pooled. No need for pooling with ip6. And yes some websites rely on authenticated users, tor is no option then. You can't order books at amazon and stay anonymous  ;)

Google's loon project is fascinating, on the other hand G. is very interested in wifi routers and their location to locate users and deliver services. At least here in Germany their streetview cars collected position and hardware address of all active routers within range, don't think this will make things more secure, especially if you can't opt-out. Don't like the idea of G. knowing where I am down to meters.

More letters is a nice idea, probably ccgwm has already invested in a sealing-wax production unit  :P

ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #6 on: June 17, 2013, 01:19:46 AM »
ccgwebmaster :
Very funny, but that's not what I want ! Internet is a big part of my life !

If it helps, I'm seriously thinking about turning my abilities to a technical answer that doesn't require retreating to letters - as soon as time permits. I'll announce it on the forum somewhere if it gets to an operational level.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #7 on: July 01, 2013, 03:52:11 PM »
That is a way !


Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #8 on: July 31, 2013, 09:40:58 AM »
The solutions are not only technical !
What happen in New Zeland, is the same everywhere. Democracy is at stake, we have to take care of what our governments do (or not) !
http://www.youtube.com/watch?v=okQ6pl8AbuA#at=241
(Megaupload is an other subject)

ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #9 on: July 31, 2013, 09:56:33 PM »
The solutions are not only technical !
What happen in New Zeland, is the same everywhere. Democracy is at stake, we have to take care of what our governments do (or not) !

None technical solutions?

http://thehomegunsmith.com/

The ruthlessly and violently suppressed Occupy movement was probably the last mass peaceful attempt to change the status quo. Given that the socioeconomic elites are not listening and will go to extreme measures to maintain status quo, I'm not really sure what other non technical solutions there are.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #10 on: July 31, 2013, 10:53:37 PM »
I am an idealist cgwebmaster (must be, certainly) !
The governments try to protect what they think to be essential but doing so they forget about there citizen. Even thought they try to protect the citizens also (some may think that)! The problem is who is really controlling the informations (a few people in the government, mafias, corporations, all of them?)They have at disposal all the tools to watch and control everyone nearly everywhere, for the moment the only forces that can change a little bit that movement are the associations of civil rights and others alike. At least they are here to remind them of our will of freedom ! For the collapse that you have in mind few people are forecasting the possibility in the near futur.
That does also remind us that the problem is much bigger than internet freedom ! The question is mainly how to create a real democraty ? (But that's not the thread...so if you want to create one...)
'

anonymous

  • Guest
Re: How to secure internet ?
« Reply #11 on: August 01, 2013, 12:17:01 AM »
Just read latest revelations at the Guardian. It is worth than I thought. Basically the spooks register every click and keystroke. Currently they can't deal the amount of data and delete most of it after a short time. New data center will change that.

I think, at this point only few people really feel the impact. But will happen when in 5 years you drive over a red light, get caught and confronted with a 20 pages print out of what you have digitally said about the government the last 10 years while asking for a lower penalty claiming to be a good citizen?

Regarding a technical solution - there is none. In any case both ends of the communication have to rely upon each other.


ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #12 on: August 01, 2013, 01:47:35 AM »
I am an idealist cgwebmaster (must be, certainly) !
The governments try to protect what they think to be essential but doing so they forget about there citizen.

I believe first and foremost governments protect themselves, and those who empower/fund/control them (their cronies). In virtually all cases the good of the citizen doesn't appear to really enter into it. The speed and reach with which they are developing their police states, passing legislation aimed at keeping control of the populace by any means and acting enforcement wise tells me one very simple thing:

They are very afraid.

Just read latest revelations at the Guardian. It is worth than I thought. Basically the spooks register every click and keystroke. Currently they can't deal the amount of data and delete most of it after a short time. New data center will change that.

That was my first thought on seeing the title - a mass deployment of key logging via compromised operating systems (Microsoft, Apple) - but on reading the article it appeared to be describing a system that just pulled all possible (web especially) activity together for someone to search more efficiently. It didn't really explore the details of the capture of the data though that's been alluded to with things like "Prism".

I think, at this point only few people really feel the impact. But will happen when in 5 years you drive over a red light, get caught and confronted with a 20 pages print out of what you have digitally said about the government the last 10 years while asking for a lower penalty claiming to be a good citizen?

I would be very surprised if they were compiling lists of potential trouble makers that they could remove from circulation if social tensions start to rise and their control is threatened. A potential trouble maker being anyone who a) disagrees with the government and b) has the guts to stand up and be counted.

There was some evidence of this sort of thing even pre Snowden, in the UK at least (a database constructed of peaceful climate change protestors who had committed no crime).

Regarding a technical solution - there is none. In any case both ends of the communication have to rely upon each other.

The last part is true, the first part I disagree with from a technical perspective. If you go to extreme enough measures - I think one can still have secure communications. That said those measures are now so extreme that most people simply couldn't go all the way as they lack the necessary knowledge and (if identified) those who could do so would be logical targets simply by being exceptional enough to conceal communications adequately.

Nonetheless, some measures would at least force more effort on their part. One of the UNIX flavour open source operating systems, strongly encrypted email/communications, with the use of TOR for browsing - ideally with your own relays before it and using someone else's internet?

Some things are much harder to escape - at least without escalating the legal stakes). Automated number/license plate cameras for instance, their ability to track financial transactions and so on.

Truly modern civilisation has spun a wicked prison in which to trap those born into it within.

In the end though, nothing changes the bottom line - the poorer masses are the most numerous and the more powerful, if they will only realise it. All the rest is a giant con trick designed to try to make sure they do not realise it.

anonymous

  • Guest
Re: How to secure internet ?
« Reply #13 on: August 01, 2013, 02:19:04 AM »
Didn't thought of lists of people. There is only one list, everybody is a potential t*rr*st and you can only be sure afterwards.

In Germany Crypto-Parties are popping up, teaching save communication. But even the strongest measurements imply clear text facing the end user. At that point all what's left is the trust the other end doesn't forward/whatever willingly or not your message.

ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #14 on: August 01, 2013, 04:20:52 AM »
Didn't thought of lists of people. There is only one list, everybody is a potential t*rr*st and you can only be sure afterwards.

Multiple lists lets you target discrete groups who are more likely to agitate in specific circumstances, and to divide and conquer in the "traditional" style dealing with one group at a time.

In Germany Crypto-Parties are popping up, teaching save communication. But even the strongest measurements imply clear text facing the end user. At that point all what's left is the trust the other end doesn't forward/whatever willingly or not your message.

The most secure I could think of was strong encryption with all the encryption/decryption done on a machine that had never been internet connected, with the files moved physically between it and the internet connected machine, with nothing decrypted stored - but it would be an awful lot of work for the operators.

You're quite right - at the end of the day the information must still be readable and the weakness is ultimately human. That at least is not something new.

The most effective countermeasure (if people would only do it) is perhaps to go the opposite way from encryption and communication hiding - and deliberately appear suspicious to attempt to overload the algorithms and searches with information (given humans still review it). The measures of the spying governments work most effectively by stifling open communication and by suppressing more timid voices such that the bravest can be isolated and eliminated.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #15 on: August 01, 2013, 09:22:51 AM »
That does remind their is a system that already exist for a long time now, it is "Echelon", the fuss about this being a public information has go down, it will certainly be the same with PRISM. What is at stake is not only the privacy of people, but the safety of the companies (mainly foreigners (from US, UK, Canada, NZ, AU)) because the whole system is design to retrieve informations for the sake of a bunch of corporation and the army.

http://en.wikipedia.org/wiki/ECHELON

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #16 on: August 01, 2013, 06:41:05 PM »
It is unbelievable...until the information become public !
An other name to remember after Echelon, Prism...Xkeycore.
http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #17 on: September 07, 2013, 08:01:02 PM »
In my humble opinion, we who are interested in this topic should read this too:
"Random numbers are too important to be left to chance" by John Baez on G+, posted today.

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #18 on: September 09, 2013, 12:18:21 PM »
Something to consider, searching with DuckDuckGo at https://duckduckgo.com/

Why bother? Video etc. here: https://duckduckgo.com/about?t=i&kd=-1


Wary of tracking, users flock to DuckDuckGo by Nidhi Subbaraman NBC News, June 14, 2013.
Quote
First news of the government's Web tracking program PRISM broke late last Thursday, and by Friday, traffic at the indie search engine DuckDuckGo was on the upswing. The tagline on its homepage: "Search anonymously."

About tracking: http://donttrack.us/
Quote
So don't get tracked when searching.

Use DuckDuckGo instead.  Add to Browser.

Privacy is just one of many reasons why it's awesome.

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #19 on: September 11, 2013, 05:20:10 AM »
Mr./Ms. ccgwebmaster is correct. Technical solutions exist. Take this forum for example. The spies know you are logging in here. But they have to do more work to see what you are transmitting and receiving. (Of course to read this all they have to do is browse as a guest, this is a fairly public forum.) But let us say I were using a site like this which had no public access to communicate on a private forum, not accessible except to a limited set of users. Then the spies must crack the ssl encryption in https. And if anonymization (not just Tor) steps are taken they cannot tell who is logging in.

They compromise ssl by compromising the cert signing authorities. Your browser usually relies on these authorities to tell if the cert presented by the website to begin ssl encryption is valid. But the spies can make the cert signers state that a forged cert is valid and your browser will trust. Then they sit in the middle and see all that goes on.  This can be foiled by using the Perspectives addon for Firefox that tells you if different people all over the world are seeing the same cert, and by using Certificate patrol addon which warns if cert has changed.

This site has a self signed key, so it does not rely on a cert signing authority which are probably all compromised. This is actually better. And using Certificate Patrol will warn if this site cert changes.

If there is some interest, I can outline some other steps.

sidd

ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #20 on: September 11, 2013, 05:35:54 PM »
Mr./Ms. ccgwebmaster is correct. Technical solutions exist. Take this forum for example. The spies know you are logging in here. But they have to do more work to see what you are transmitting and receiving. (Of course to read this all they have to do is browse as a guest, this is a fairly public forum.) But let us say I were using a site like this which had no public access to communicate on a private forum, not accessible except to a limited set of users. Then the spies must crack the ssl encryption in https. And if anonymization (not just Tor) steps are taken they cannot tell who is logging in.

I should add if one is paranoid enough, one doesn't want the database/file system storing content to be located anywhere in the reach of the US or semi allied+ nations - or to ensure it is still secure if the hosting company is compromised by the NSA or subject to a "secret" court order.

Hosting in another nation - or ideally on your own hardware (virtual or physical) should be considered.

One of the more recent stories about the NSA working with the big tech companies to try to build weaknesses into the encryption algorithms as used by them does raise some additional concerns. It means if you want secure cryptography (and mathematically, you can still have security, just with a bit more work) you need to look at well reviewed open source algorithms or roll your own implementations (beyond the reach of most). It would seem prudent to assume anything from a big US corporation should be assumed untrustworthy, including Windows itself.

Generally speaking the bulk of the automated low cost surveillance is in collaboration with the large tech companies (eg Microsoft, Google, etc) - and it's relatively easy to step out of that. The more people try even just a little bit to be harder to spy on, the harder (and more costly) it becomes to do so.

The biggest killer is that far too many people seem much too apathetic about all this, closely followed by lack of technological knowledge.

The governments techniques are effective not on technological or intelligence grounds, but by scaring people into submission. Then the few braver people who raise their heads above the parapet are easily sniped off - providing a way to control the populace, inhibit communications and the ability to organise against the powers that be - and introducing yet another layer of power asymmetry between the populace and the people in charge (not precisely the government per se).

While the stated reasons for assembling this monstrous surveillance apparatus (and accompanying legislation) in building a total police state are clearly nonsense, there is quite patently some reason for the efforts being gone to. Indeed, the efforts of the governments in question are sufficiently strong and focused that it even seems to be a rather high priority item!

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #21 on: September 18, 2013, 10:00:32 AM »
Ivica,

I must admit I prefer google for searching because the answers are more accurate even though duckduckgo is on my tool bar because my operating system puts it by default and google is not listed. http://linuxmint.com/
Ok I will try it more often ! :)

Sidd
Most people will pass their way when seeing a self signing site, this one is ok because there is the blog as an entry door !
« Last Edit: October 06, 2013, 02:47:45 PM by Laurent »

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #22 on: September 18, 2013, 10:10:48 AM »
Laurent,
I've spred Duck all around.  :)
My wife gives me a rant every time she search "I can not find that!"  ;D
Kids do not complain, I call them 'duckers'.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #23 on: October 06, 2013, 02:48:20 PM »
NSA and GCHQ target Tor network that protects anonymity of web users

http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #24 on: October 08, 2013, 05:11:19 AM »
Bruce Schneier believes that Tor is not yet compromised ...

ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #25 on: October 08, 2013, 06:02:49 AM »
Bruce Schneier believes that Tor is not yet compromised ...

I got the impression Freenet looked promising.

Either way - the more appropriate defensive measures one takes - the more people who make life harder for the automated mass surveillance algorithms - the more governments would be forced to actually use proper intelligence instead.

The likely purpose of massive surveillance of the types being carried out doesn't seem to be much related to terrorism - given the sums of money expended and the overwhelming poor (non-existent?) return in preventing terrorism.

Strikes me as more of a way to control and manage the population - target and excise trouble makers before they can spread a message to become problematic. We saw a primitive implementation of that line of thinking in how Occupy was violently shut down in various countries. To my mind, the people in charge intend to do whatever it takes to stay that way.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #26 on: January 05, 2014, 11:29:17 AM »
Some informations about the futur and present capabilities of the NSA  (and others agencies public or private)

NSA seeks to build quantum computer that could crack most types of encryption
http://www.washingtonpost.com/world/national-security/nsa-seeks-to-build-quantum-computer-that-could-crack-most-types-of-encryption/2014/01/02/8fff297e-7195-11e3-8def-a33011492df2_story.html

Revealed: how US and UK spy agencies defeat internet privacy and security
http://www.theguardian.com/world/2013/sep/05/nsa-gchq-encryption-codes-security

A description of the Penetrating Hard Targets project
http://apps.washingtonpost.com/g/page/world/a-description-of-the-penetrating-hard-targets-project/691/

icebgone

  • New ice
  • Posts: 58
    • View Profile
  • Liked: 0
  • Likes Given: 0
Re: How to secure internet ?
« Reply #27 on: January 05, 2014, 10:39:27 PM »
Laurent,  The Meshnet looks similar to a case study answer that I and my fellow students came up with for a case study a number of years ago.  We added two steps.  Send a keycode via slow mail to only those people with a need to know and unscramble your communications.  Secondly, we believed at the time that individual computers would have multiple servers built-in by 2012 based on Moore's law and economic drivers.  Each would encrypt a piece of your message and then distribute it randomly through the system.  The server addresses would only be known to municipal courts and access limited to warrants they would issue.  With the keycode on a non-system reader and random changes you alone could change, we estimated that 99+% of messages stay private.  It is still possible to achieve but unlikely at this point.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #28 on: January 06, 2014, 01:15:04 PM »
Thanks icebegone,
That does seem to be a very good answer, creating some networks independent of internet but connected.
https://en.wikipedia.org/wiki/Community_wireless_network
http://soekris.com
(We should  take care a little bit more about the safety of the wireless network users, the thresholds of waves power is not clear, some say not more than 0,6V/m.)
It is not clear to me how do you choose an IP adress that does not exist, especially if the mesh network is big !

ccgwebmaster

  • Nilas ice
  • Posts: 1085
  • Civilisation collapse - what are you doing?
    • View Profile
    • CCG Website
  • Liked: 2
  • Likes Given: 0
Re: How to secure internet ?
« Reply #29 on: January 06, 2014, 04:58:11 PM »
The server addresses would only be known to municipal courts and access limited to warrants they would issue.  With the keycode on a non-system reader and random changes you alone could change, we estimated that 99+% of messages stay private.  It is still possible to achieve but unlikely at this point.

I think an air gap remains a good idea for particularly sensitive stuff. That said, one might need to physically disable the speaker and microphone on the air gapped machine too.

http://www.net-security.org/malware_news.php?id=2640

I hasten to add that I'm pretty sure you can't get malware to communicate like that without at least a stub on the target machine ready to receive the data via audio - but - you're still going to need to install some sort of OS on the target machine, at which point one can not be 100% confident there is a backdoor or not (even with open source stuff). Therefore being absolutely sure data cannot travel beyond the air gapped machine if not encrypted is paramount.

If you're worried about physical security too (not the fashion for most of us these days):

http://www.newscientist.com/blog/technology/2007/04/seeing-through-walls.html

But if you have these people close enough to do that stuff, you're likely already swimming in pretty hot water.

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #30 on: January 07, 2014, 06:20:21 AM »
"It is not clear to me how do you choose an IP adress that does not exist, especially if the mesh network is big !"

lookup unique local addresses in ipv6, and then you can play trix with routing ...


Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #31 on: March 20, 2014, 01:01:08 PM »

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #32 on: September 03, 2014, 01:54:41 PM »
Horizon: The defenders of anonymity on the internet
http://www.bbc.com/news/technology-29032399

LRC1962

  • Frazil ice
  • Posts: 446
    • View Profile
  • Liked: 11
  • Likes Given: 3
Re: How to secure internet ?
« Reply #33 on: September 16, 2014, 05:15:01 PM »
I find it interesting that in the "information age" we have such great concerns for secrecy. Historically it was presumed that anything written down was to be kept for the interest and edification of future generations. That is why people kept all the letters they ever received. Before then it was through spoken word passed on from generation to generation. If anything was to be kept secret it was face to face. Now even that is out of the question as you can get sound and electric communication quite distant from the source. not even dirctly connecting to the actual source itself.
There is no such thing as a secure internet. Even in WW2 codes that were thought unbreakable could be broken. Today a country shuts down the internet and information still get through. Much more difficult, but still can get done. The scary part is that so much is now tied to the internet that a country can be paralyzed if someone really wanted to. See what happen to Iranian nuclear facility. Go in with the presumption that everything you say and do will remain public knowledge for a thousand years and act accordingly and you will be fine. That is not to say you should not bother with the best security you can get.
My dad used to say to us:"The locked door is to stop the opportunist, but the thief who really wants to get in will almost always succeed no matter what you do."
"All truth passes through three stages: First, it is ridiculed; Second,  it is violently opposed; and Third, it is accepted as self-evident."
       - Arthur Schopenhauer

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #34 on: September 23, 2014, 10:07:23 PM »

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #35 on: October 28, 2014, 09:41:34 AM »
Lawrence Lessig Interviews Edward Snowden

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ? ...and the democraty.
« Reply #36 on: October 28, 2014, 01:23:58 PM »
Feds identify suspected 'second leaker' for Snowden reporters
http://news.yahoo.com/feds-identify-suspected--second-leaker--for-snowden-reporters-165741571.html

About the US democraty :


Ours (French) is not very different !


sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #37 on: March 08, 2017, 12:35:23 AM »

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #38 on: March 10, 2017, 06:12:49 PM »
Large CIA tooldump

https://wikileaks.org/ciav7p1/
sidd, thanks.

WikiLeaks tweets:
Quote
WikiLeaks has released less than 1% of its #Vault7 series in its part one publication yesterday 'Year Zero'.
Quote
Germany has released a statement saying it is taking CIA hacking "very seriously" because "these type of issues emerge....again and again".
Quote
Germany's chief prosecutor has started an examination of CIA hacking. Should WikiLeaks provide evidence? #Vault7
Go WikiLeaks :THUMBS UP:

---

"Intel Inside :lol:":

http://news.softpedia.com/news/intel-x86-cpus-come-with-a-secret-backdoor-that-nobody-can-touch-or-disable-505347.shtml
https://arstechnica.com/security/2016/10/flaw-in-intel-chips-could-make-malware-attacks-more-potent/

ME, secret CPU inside CPU:          (like a Deep State)

Quote
Nevertheless, in the author’s opinion, it’s an important point to realize the
peripheral hardware is not as much worrying, as is the previously discussed
problem of boot security, and even less so than the threat from Intel ME which
we discuss next. . .
https://blog.invisiblethings.org/papers/2015/x86_harmful.pdf
BTW: Might be worth of checking for other pdf's at root of above ;)

---

Sheldon Wolin you say ;) I agree :) Thank You Again!

---

Quote
A decade ago, I wrote about the death of ephemeral conversation. As computers were becoming ubiquitous, some unintended changes happened, too. Before computers, what we said disappeared once we'd said it. Neither face-to-face conversations nor telephone conversations were routinely recorded. A permanent communication was something different and special; we called it correspondence.
It's not OT, it is from recent Schneier on Security blog.

~ ~


mati

  • Frazil ice
  • Posts: 268
    • View Profile
  • Liked: 1
  • Likes Given: 0
Re: How to secure internet ?
« Reply #39 on: March 11, 2017, 01:05:51 AM »
you cannot secure the internet without physical isolation. ie no internet.
this includes wireless isolation. 
tempus rooms.
sneaker net.
but... stop this:
https://www.amazon.com/Wiseup-Hidden-Listening-Device-Working/dp/B00PVS8AEO
and so it goes

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #40 on: March 11, 2017, 01:24:49 AM »
"you cannot secure the internet without physical isolation"

mmm. you can do a lot of things that make life harder for would be attackers. How paranoid do you wanna b ?

At one extreme, you would do homebuilt hardware, opensource and personally compiled software, emission shielding, directional antenna, tor and such. At the other you would just use commercial software. There's lots of room in between.

Personally i find that just getting people to move away from larger commercial email providers and encrypt email is quite an uphill battle.

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #41 on: March 11, 2017, 06:27:18 AM »
for those worried about intel chipset exploits, intel has released code here for you to investigate personally

manual is at

https://github.com/chipsec/chipsec/blob/master/chipsec-manual.pdf

code at

https://github.com/chipsec/chipsec


ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #42 on: March 17, 2017, 07:36:10 PM »
While waiting for Vault7 #2:
, Jimmy Dore makes Show on it.

TerryM

  • First-year ice
  • Posts: 6002
    • View Profile
  • Liked: 893
  • Likes Given: 5
Re: How to secure internet ?
« Reply #43 on: March 17, 2017, 09:29:58 PM »
While waiting for Vault7 #2:
, Jimmy Dore makes Show on it.


Thanks so much!


Following that show my U-Tube link went on to





Where Jimmy went after the media for pushing the phony Trump/Putin collaboration against Hillary. He plays a segment of a news cast where the James Clapper notes that the NSA, CIA, and FBI, had no evidence of collusion between members of the Trump campaign and the Russians.


His conclusion is that by pushing this false narrative, Trump will be protected against future acts of true malfeasance.


Terry

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #44 on: March 23, 2017, 11:01:07 PM »
March 18, 2017, 09:18:24 AM »

Millions of Smartphones Could Be Vulnerable to Hacking via Sound Waves "Think of it as a musical virus."

Bringing down a robot/drone... by a whistle
"Unaware & Compliant" Backfire: Saturate their sensors by dummy/false signals...

Now »

Debbie Lusignan? @saneprogressive Mar 22

Debbie Lusignan Retweeted WikiLeaks Task Force

Wikileaks companion site retweeted our interview calling it one of the best 3rd party presentations so far!  1st in our ongoing series:

Debbie Lusignan added,
WikiLeaks Task Force [Verified account] @WLTaskForce
One of best third party presentations (so far) of WikiLeaks CIA #Vault7 by @tatsuikeda

--

and here it is, #2:

WikiLeaks [Verified account] @wikileaks 2h

RELEASE: CIA #Vault7 "Dark Matter" https://wikileaks.org/vault7/darkmatter/



Who will dare to talk/write about it ?  (icouldguessafew ;)

--

Waiting for 'dark energy' .

~~


crandles

  • Young ice
  • Posts: 3379
    • View Profile
  • Liked: 239
  • Likes Given: 81
Re: How to secure internet ?
« Reply #45 on: March 24, 2017, 08:18:00 PM »
http://www.bbc.co.uk/news/technology-39365308
Row over US ISP customer data sales

(probably wrong thread, sorry)

Quote
US politicians have voted to remove rules that demanded ISPs got permission from customers before selling their browsing histories.
The US Senate voted by a narrow majority to repeal the rules that were first approved in October 2016.
Politicians who called for the rules to be dropped said they were "harmful".
The decision was called a "crushing loss" for privacy by digital rights group the Electronic Frontier Foundation (EFF).

...

The EFF urged Americans to contact their representatives to ask them to "kill" the proposal in the House. ISPs had "incredible access" to what people did online, it said.
"They shouldn't be able to profit off of the information about what you search for, read about, purchase, and more without your consent," it added.

SteveMDFP

  • Nilas ice
  • Posts: 2476
    • View Profile
  • Liked: 583
  • Likes Given: 42
Re: How to secure internet ?
« Reply #46 on: March 25, 2017, 08:20:52 PM »
http://www.bbc.co.uk/news/technology-39365308
Row over US ISP customer data sales

(probably wrong thread, sorry)

Quote
US politicians have voted to remove rules that demanded ISPs got permission from customers before selling their browsing histories.
The US Senate voted by a narrow majority to repeal the rules that were first approved in October 2016.
Politicians who called for the rules to be dropped said they were "harmful".
The decision was called a "crushing loss" for privacy by digital rights group the Electronic Frontier Foundation (EFF).

...

The EFF urged Americans to contact their representatives to ask them to "kill" the proposal in the House. ISPs had "incredible access" to what people did online, it said.
"They shouldn't be able to profit off of the information about what you search for, read about, purchase, and more without your consent," it added.

I agree that this is a disturbing vote.  I believe a VPN (virtual private network) would eliminate this invasion of privacy.  For those who prefer an easy approach to this step, I believe the new Opera browser includes a built-in free VPN:
http://www.opera.com/computer/features/free-vpn


sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #47 on: March 26, 2017, 05:44:28 AM »
Opera VPN is run by a company whose terms of service are available at

https://www.surfeasy.com/terms_of_service/

For those more paranoid, use Tor. For those still more paranoid, mixmaster and web2mail.

sidd

mati

  • Frazil ice
  • Posts: 268
    • View Profile
  • Liked: 1
  • Likes Given: 0
Re: How to secure internet ?
« Reply #48 on: March 27, 2017, 01:56:54 PM »
and so it goes

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #49 on: April 06, 2017, 08:19:30 AM »
Actually, i forgot a most important thing.

ISOLATE YOUR CELLPHONE.

Put in on a separate wifi network from your computer(s). Your cellfone can be taken over by the provider, or a reasonable facsimile thereof, at any time it has battery (not just powered off, there are wakeup signals.) Today on slashdot there is an attack on a whole bunch of cellfones thru wifi, for anybody to trigger, not just your provider, although it does have to be on. Most cellfones have a whole buncha holes for vermin to enter. Careful letting the thing connect to machines you trust.

Mostly just dont put the battery in the phone. The charge lasts longer that way, I have noticed. Or else mebbe you own an ifone ? Better invest a a Large ball of aluminium foil. Remember to turn the ifone off first b4 putting it in faraday cage condition, else  fone increases transmit power, screaming its lungs out trying to reach a cell tower or wifi access point and drains battery quick.

sidd
« Last Edit: April 06, 2017, 08:31:28 AM by sidd »