Support the Arctic Sea Ice Forum and Blog

Author Topic: How to secure internet ?  (Read 45130 times)

LRC1962

  • Frazil ice
  • Posts: 446
    • View Profile
  • Liked: 11
  • Likes Given: 3
Re: How to secure internet ?
« Reply #50 on: April 06, 2017, 01:32:29 PM »
If I may.
It is a very important thing to protect your data from those who could use it for criminal purposes.  As for data mining, that is a different story. One there is such a thing is that having too much data can actually backfire. Case in point. Saw a story which talked about the fact the NSA has so much data, it actually can do little to find activities before they happen, but can find the trail after it had already occurred. As for targeted sales, that is old as statistics. Can not remember if it was a course I took or a documentary, but spoke of the fact door to door sales people, and ad companies could figure out the profile of people almost down to the house, just by using the available statistics that governments collect every single year, with uncanny accuracy. So ISPs selling your activities and you getting targeted accordingly is more accurate now, but basically the same as before internet era.
As someone who I talked to about this pointed out, obscuring yourself too much can have the reverse effect of making you a much more interesting person to target. As most police would tell you, the best way to be a good criminal is not to hide yourself or run, but act like everyone else around you.
"All truth passes through three stages: First, it is ridiculed; Second,  it is violently opposed; and Third, it is accepted as self-evident."
       - Arthur Schopenhauer

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #51 on: May 07, 2017, 03:36:07 PM »
May 6, 2017 4:01 pm UTC

https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/

"A remote hijacking flaw that lurked in Intel chips for seven years was more severe than many people imagined, because it allowed hackers to remotely gain administrative control over huge fleets of computers without entering a password. This is according to technical analyses published Friday."

"In a blog post published Friday, Intel officials said they expect PC makers to release a patch next week. The releases will update Intel firmware, meaning patching will require that each vulnerable chip set is reflashed. In the meantime, Intel is urging customers to download and run this discovery tool to diagnose potentially vulnerable computers. Systems that test positive should be temporarily secured using this mitigation guide until a patch is supplied. Computer makers Fujitsu, HP, and Lenovo, have also issued advisories for specific models they sell."


Neven

  • Administrator
  • First-year ice
  • Posts: 9470
    • View Profile
    • Arctic Sea Ice Blog
  • Liked: 1333
  • Likes Given: 617
Re: How to secure internet ?
« Reply #52 on: May 07, 2017, 05:00:32 PM »
Good thing I've always been an AMD fanboy, back in the day when I enjoyed building energy efficient computers. But I wouldn't be surprised if those chips are compromised as well.

Pretty crazy that the hardware is vulnerable. Software okay, but hardware?
The enemy is within
Don't confuse me with him

E. Smith

mati

  • Frazil ice
  • Posts: 268
    • View Profile
  • Liked: 1
  • Likes Given: 0
Re: How to secure internet ?
« Reply #53 on: May 08, 2017, 05:15:01 PM »
when i found out about AMT many years ago, it was and still is worrysome, tho usually only used to manage corporate networks...certain people with err connections can probably do something with it...

Quote
AMT is designed into a secondary (service) processor located on the motherboard

AMT runs in a completely separate computer hidden in the northbridge chip on the motherboard.  It runs without an OS and can monitor the computer even if it is "turned off" as long as there is power to the computer.

https://en.wikipedia.org/wiki/Intel_Active_Management_Technology

and so it goes

TerryM

  • First-year ice
  • Posts: 6002
    • View Profile
  • Liked: 893
  • Likes Given: 5
Re: How to secure internet ?
« Reply #54 on: May 08, 2017, 06:31:37 PM »
Thought my Crackberry was impervious, the end of the days of innocence.
Terry

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #55 on: May 13, 2017, 10:43:17 PM »
Sam Biddle, 2017-05-12T19:13:25+00:00, at The Intercept_:
"Leaked NSA Malware Is Helping Hijack Computers Around the World"

Quote
In mid-April, an arsenal of powerful software tools apparently designed by the NSA to infect and control Windows computers was leaked by an entity known only as the “Shadow Brokers.” Not even a whole month later, the hypothetical threat that criminals would use the tools against the general public has become real, and tens of thousands of computers worldwide are now crippled by an unknown party demanding ransom.

Dan Goodin - May 13, 2017 10:21 am UTC, at Ars Technica:
https://arstechnica.com/security/2017/05/wcry-is-so-mean-microsoft-issues-patch-for-3-unsupported-windows-versions/

Quote
People who are running unpatched machines should take action immediately.
The best measure is to patch the vulnerability using this link for supported versions
or this one for XP, 8, and Server 2003.
Those who can't patch should ensure their computers are locked down by, among other things, blocking outside access to ports 138, 139, and 445. They should also disable version 1 of the Server Message Block protocol.

--ivica (back to carrots...)

mati

  • Frazil ice
  • Posts: 268
    • View Profile
  • Liked: 1
  • Likes Given: 0
Re: How to secure internet ?
« Reply #56 on: May 14, 2017, 12:49:50 AM »
nobody wants to pay for safe and secure software.
for microsoft to do this would make the cost of windows at least 10,000$
so we get down to risk vs cost
which drives lots of people to just accept the risk....
and so it goes

TerryM

  • First-year ice
  • Posts: 6002
    • View Profile
  • Liked: 893
  • Likes Given: 5
Re: How to secure internet ?
« Reply #57 on: May 14, 2017, 01:16:53 AM »
So do we blame the lame at Microsoft for building vulnerable machines, or the evil doers at the NSA for developing such evil software, or the evil dunces in the intelligence community for releasing this into the wild.
Decisions Decisions Decisions
Terry

oren

  • First-year ice
  • Posts: 9805
    • View Profile
  • Liked: 3584
  • Likes Given: 3922
Re: How to secure internet ?
« Reply #58 on: May 14, 2017, 04:52:41 AM »
So do we blame the lame at Microsoft for building vulnerable machines, or the evil doers at the NSA for developing such evil software, or the evil dunces in the intelligence community for releasing this into the wild.
Decisions Decisions Decisions
Terry
Machines will always be full of backdoors and loopholes, and hackers will always try to profit from that. Having a government body do the heavylifting development is quite gross, though this might be more common than naively expected.
There's a couple of brilliant books by Vernor Vinge dealing with these backdoors among other things.

TerryM

  • First-year ice
  • Posts: 6002
    • View Profile
  • Liked: 893
  • Likes Given: 5
Re: How to secure internet ?
« Reply #59 on: May 14, 2017, 11:57:36 AM »
So do we blame the lame at Microsoft for building vulnerable machines, or the evil doers at the NSA for developing such evil software, or the evil dunces in the intelligence community for releasing this into the wild.
Decisions Decisions Decisions
Terry
Machines will always be full of backdoors and loopholes, and hackers will always try to profit from that. Having a government body do the heavylifting development is quite gross, though this might be more common than naively expected.
There's a couple of brilliant books by Vernor Vinge dealing with these backdoors among other things.


I was on a very small team that wrote the accounting software for a business computer line that really never made it out of the 80's. The software however was ported into many vertical niche systems that sprouted up all over the world. The last hospital bill I received in the States was on a form I'd designed twenty years earlier.
I still remember our back door, so I'm familiar with the concept.
The factory, every programming team, and sometimes even nefarious peoples can and do leave easy access entries for a myriad of reasons.
What I don't understand is why the NSA, whose mandate is to protect us from cyber terrorism would need to write code to facilitate cyber terrorism - then pass it out to contractors who had not been properly vetted.
If I were a hot shot lawyer I'd be thinking of class action lawsuits with the US as a defendant.


Terry

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #60 on: September 20, 2017, 01:37:03 AM »
Patch to disable intel cpu backdoor. looks like the disable bit was to satisfy the NA, who clearly want not to be spied on themselves ...

http://blog.ptsecurity.com/2017/08/disabling-intel-me.html

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #61 on: September 20, 2017, 01:38:38 AM »
Wikileaks dumps russian telecom spy kit

https://wikileaks.org/spyfiles/russia/

interesting to compare to snowden dumps.

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #62 on: October 11, 2017, 10:52:05 PM »

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #63 on: November 13, 2017, 12:51:41 AM »
Game on: USB interface to Intel Management Engine backdoor exposed. In Russian, but google translate actually does an ok job here.

https://habrahabr.ru/company/pt/blog/341946/


English language summaries at:

https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/

And an earlier network (!!) exploit of the Intel management tool, which accepted empty passwords.

https://www.theregister.co.uk/2017/05/05/intel_amt_remote_exploit/

Intel is losing it. If they dont give us an ez option to disable that Management Engine soon, I am going ARM for everything except serious numbercrunching behind draconian firewall.

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #64 on: November 21, 2017, 05:16:52 AM »
Everybody is watching.

https://freedom-to-tinker.com/2017/09/28/i-never-signed-up-for-this-privacy-implications-of-email-tracking/

https://freedom-to-tinker.com/2017/11/15/no-boundaries-exfiltration-of-personal-data-by-session-replay-scripts/

https://motherboard.vice.com/en_us/article/59yexk/princeton-study-session-replay-scripts-tracking-you

The Walgreen's example runs afoul of HIPPA in, oh, so many ways.

List of sites discovered (i bet many, many more are doing it)

https://webtransparency.cs.princeton.edu/no_boundaries/session_replay_sites.html

Disable all scripting. Disable images. Hell, i'm almost at the point of disabling stylesheets, that'll be the next tracker if they aint doing it already.

I guess, just use surfraw and parse the output. Or go oldschool and lynx/links.

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #65 on: November 24, 2017, 03:14:59 AM »
intel has released a tool to check if you are screwed by the holes in their CPU backdoor

https://downloadcenter.intel.com/download/27150

sidd

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #66 on: December 29, 2017, 05:42:43 PM »

Quote
We designed Haven for investigative journalists, human rights defenders, and people at risk of forced disappearance to create a new kind of herd immunity.
By combining the array of sensors found in any smartphone, with the world’s most secure communications technologies, like Signal and Tor, Haven prevents the worst kind of people from silencing citizens without getting caught in the act.



And open-source it is.

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #67 on: December 29, 2017, 08:54:40 PM »
Many excellent talks at the chaos conference this year:

https://streaming.media.ccc.de/34c3/relive

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #68 on: January 05, 2018, 12:37:57 AM »
Schneier on CPU bugs:

https://www.schneier.com/blog/archives/2018/01/spectre_and_mel.html

https://spectreattack.com/

https://meltdownattack.com/

The Intel problem is the more serious. The fixes can cause appreciable slowdown on databases.

sidd

Pmt111500

  • Guest
Re: How to secure internet ?
« Reply #69 on: January 05, 2018, 03:31:23 AM »
Schneier on CPU bugs:

https://www.schneier.com/blog/archives/2018/01/spectre_and_mel.html

https://spectreattack.com/

https://meltdownattack.com/

The Intel problem is the more serious. The fixes can cause appreciable slowdown on databases.

sidd

Specially nasty engineering fault. On the patch of Linux kernel: "It's not like the few Linux-experts who can code the kernel, would purposefully slow their computers though a particularly paranoid one might have tried to experiment with something like this."
« Last Edit: January 05, 2018, 07:34:03 AM by Pmt111500 »

TerryM

  • First-year ice
  • Posts: 6002
    • View Profile
  • Liked: 893
  • Likes Given: 5
Re: How to secure internet ?
« Reply #70 on: January 05, 2018, 07:59:36 PM »
This may have a golden lining yet. :)


I can't imagine anyone relying on a modern military who would be ready to risk it all on the hope that their modern, computerized armament hasn't been compromised.


Terry


sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #72 on: May 20, 2018, 10:34:10 PM »
Re: privacy

This post is a response to Mr. TerryM comment in another thread:

https://forum.arctic-sea-ice.net/index.php/topic,2301.msg155129.html#msg155129

Use a text mode browser like lynx. Or try an ad blocker (a lot of them collect info too) Or a browser extension like noscript. Or tor, but tor is blocked by a lot of sites, so you will need to pipe thru a proxy after your exit node.

Or for the braver among us, and one of my preferred techniques, is go into firefox config (about:config) and butcher it. Turn off images, scripting and a bunch of other things. I even turn off style sheets in some extreme cases.

sidd

TerryM

  • First-year ice
  • Posts: 6002
    • View Profile
  • Liked: 893
  • Likes Given: 5
Re: How to secure internet ?
« Reply #73 on: May 20, 2018, 10:50:59 PM »
Has anyone else had problems with Ad Blocker Plus being wiped from their computer recently? Just within the past week I've had to reload and boot it half a dozen times.


I shy away from sites that want me to sign on, though frankly I'm unsure why.

Terry

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #74 on: May 20, 2018, 11:11:06 PM »
I think Ad Blocker plus tracks you

https://www.wired.com/2016/03/heres-how-that-adblocker-youre-using-makes-money/

i hear good things about uBlock Origin (not the blocker called  uBlock, thats bad)

But it all really depends on what your threat model is and whether it includes enuf. At one extreme you wind up in a shielded room. At the other you websurf naked.

sidd

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #75 on: May 23, 2018, 01:22:28 PM »
I am using Firefox with "Disconnect" and "Ublock origin" they do block a lot of things, I use "https everywhere" also. (Don't know much)

ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #76 on: June 21, 2018, 12:03:14 AM »
https://juliareda.eu/2018/06/not-giving-up/
"
Today, MEPs on the Legal Affairs Committee of the European Parliament were asked to decide: Should your freedom to participate on the web be restricted to serve corporate interests – or should alternative measures be adopted that safeguard fundamental rights?

Despite a massive outpouring of protest from voters during these last few days, the majority voted for both the link tax and upload filters:
...
"

"Who voted which way was not officially recorded. But according to my team’s observations, these are the MEPs who voted for restricting your freedoms online:"

MEP       
--------------------------
Axel Voss                 EPP (Conservatives) EPP, Germany       
Pavel Svoboda             EPP (Conservatives) EPP, Czech Republic    
Rosa Estaras Ferragut     EPP (Conservatives) EPP, Spain    
Tadeusz Zwiefka           EPP (Conservatives) EPP, Poland    
József Szájer             EPP (Conservatives) EPP, Hungary    
Francis Zammit Dimech     EPP (Conservatives) EPP, Malta    
Luis de Grandes Pascual   EPP (Conservatives) EPP, Spain    
Enrico Gasbarra           S&D (Social Democrats) S&D, Italy    
Mary Honeyball            S&D (Social Democrats) S&D, United Kingdom    
Jean-Marie Cavada         ALDE (Liberals) ALDE, France    
Marinho e Pinto           ALDE (Liberals) ALDE, Portugal    
Sajjad Karim              ECR (Eurosceptic Conservatives) ECR, United Kingdom    
Joëlle Bergeron           EFDD (Eurosceptic Populists) EFDD, France    
Marie-Christine Boutonnet ENF (Far Right) ENF, France    
Gilles Lebreton           ENF (Far Right) ENF, France    

Check the article for more details.

More:
-----
https://www.theverge.com/2018/6/20/17482554/eu-european-union-copyright-filter-article-11-13-passes-juri-vote
https://www.commondreams.org/news/2018/06/20/internet-pioneers-warn-new-eu-rules-would-turn-web-tool-automated-surveillance-and

Prev at Cafe, June 01, 2018:
https://forum.arctic-sea-ice.net/index.php/topic,179.msg156878.html#msg156878


ivica

  • Nilas ice
  • Posts: 1475
  • Kelele
    • View Profile
  • Liked: 99
  • Likes Given: 0
Re: How to secure internet ?
« Reply #77 on: June 21, 2018, 12:49:56 AM »
Julia Reda, MEP, Published on Jun 20, 2018

You can still #SaveYourInternet by July 4!




Sleepy

  • Nilas ice
  • Posts: 1202
  • Retired, again...
    • View Profile
  • Liked: 120
  • Likes Given: 0
Re: How to secure internet ?
« Reply #78 on: May 04, 2019, 09:17:13 AM »
This is how to do it, good on you Mozilla!
https://techcrunch.com/2019/05/03/a-glitch-is-breaking-all-firefox-extensions/

Found my view of the outside world a bit different today, luckily I don't rely on extensions to shield myself, only one purely visual along with an addon for ffmpeg. The last one one is a bit annoying to be without, but I guess they will fix it soon because users are somewhat dissapointed out there. :)

Edit; done.
https://blog.mozilla.org/addons/2019/05/04/update-regarding-add-ons-in-firefox/
« Last Edit: May 04, 2019, 04:41:58 PM by Sleepy »
Omnia mirari, etiam tritissima.
-
Science is a jealous mistress and takes little account of a man's feelings.

Laurent

  • Young ice
  • Posts: 2546
    • View Profile
  • Liked: 13
  • Likes Given: 50
Re: How to secure internet ?
« Reply #79 on: May 08, 2019, 12:33:12 AM »
Did not try it yet but this operating system is supported by Edward snowden himself... https://www.qubes-os.org/

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #80 on: May 08, 2019, 06:03:35 AM »
qubes is fun. Not for the faint hearted, tho.

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #81 on: March 11, 2022, 11:01:18 AM »
I suppose this might fit in this thread: duckduckgo begins censorship

https://twitter.com/yegg/status/1501716484761997318

Qwant ? swisscows ? startpage ?

sidd

sidd

  • First-year ice
  • Posts: 6774
    • View Profile
  • Liked: 1047
  • Likes Given: 0
Re: How to secure internet ?
« Reply #82 on: March 12, 2022, 09:34:41 AM »
Scratch qwant. Anyone have experience with yandex ? i have played with baidu but not recently.

sidd

longwalks1

  • Frazil ice
  • Posts: 204
    • View Profile
  • Liked: 65
  • Likes Given: 19
Re: How to secure internet ?
« Reply #83 on: March 17, 2022, 07:06:41 AM »
Starting to search occasionally on yandex, however I did set up one computer to use the Yandex DNS .So far no problems with that.