Re: [Trisquel-users] Privacy/Security services and software
> Install icecat and linux-libre's RPM, and you're good to go! IceCat seems to be just a rebranded Firefox inheriting all the FF's privacy issues, so I wouldn't say it is a "good to go" thing without meticulous fine tuning: https://trisquel.info/en/forum/web-browser?page=4#comment-127390
Re: [Trisquel-users] Privacy/Security services and software
The GNU Free Software Distribution Guidelines is a modified copy of the Fedora community guidelines. Red Hat's rules for Fedora are in almost complete agreement with the FSF's requirements. Unlike Debian, non-free repos are in no way owned or hosted by the Fedora Project. Unlike Debian, licensing was taken more seriously by Red Hat, and only by their requirements for Fedora did people get the ball rolling on freeing some code in TeX and X11. (Debian looked the other way until Red Hat stepped in, because having graphics are kinda important.) The sole disagreement between the FSF/GNU FSDG and Fedora is: proprietary firmware for Wi-Fi. Install icecat and linux-libre's RPM, and you're good to go! Fedora is a beautiful OS, and it comes with a polish that only a large community + a big free software company can provide. I <3 commercial free software! *Runs HPLIP* signature.asc Description: This is a digitally signed message part
Re: [Trisquel-users] Privacy/Security services and software
>Especially if you have JavaScript enabled, as just the timing of your keystrokes is unique enough to identify you. Yes. Not only that. Javascript can and will probably uniquely identify your hardware, which in the case of it being non-common will almost uniquely identify you, yourself.
Re: [Trisquel-users] Privacy/Security services and software
https://www.secureauth.com/products/secureauth-idp/behavioral-biometrics The site can be viewed and navigated with JavaScript disabled. If you don't already have JS disabled or NoScript installed in your browser, I insist that you do so before visiting this site. Assuming they eat their own dog food, you can expect that their JavaScript will use their behavioral biometric techniques on you.
Re: [Trisquel-users] Privacy/Security services and software
Look for "Tor and the Dark Art of Anonymity" book by Lance Henderson. A little old and perhaps doesn't reflect all the things of today but still good.
Re: [Trisquel-users] Privacy/Security services and software
> A point of huge importance is missing: your writing style. You > would be surprised how much it can give away in some cases. >Indeed. Especially if you have JavaScript enabled, as just >the timing of your keystrokes is unique enough to identify you. How do you know about these things? How can one learn more?
Re: [Trisquel-users] Privacy/Security services and software
> Just close the browser and reopen it or click on 'new identity', > which is the same Alternatively, Ctrl+Shift+L creates a new identity just for the current tab. > A point of huge importance is missing: your writing style. You > would be surprised how much it can give away in some cases. Indeed. Especially if you have JavaScript enabled, as just the timing of your keystrokes is unique enough to identify you.
Re: [Trisquel-users] Privacy/Security services and software
I will assume the question is directed to me, Aristophanes. Well, their website is full of cute bears. Other than that I wouldn't really know. Do your own research and never rely on random opinions when investigating an important subject, that's all I can say, I guess. https://thatoneprivacysite.net/vpn-section/
Re: [Trisquel-users] Privacy/Security services and software
>This behavior leads to weak anonymity because once the website is visited the Tor circuit is "dirty". Just close the browser and reopen it or click on 'new identity', which is the same >Do not Disclose Identifying Data Online A point of huge importance is missing: your writing style. You would be surprised how much it can give away in some cases.
Re: [Trisquel-users] Privacy/Security services and software
I haven't gotten around to figuring I2P out because I haven't needed it, but this might be a good place to start: https://thetinhat.com/tutorials/darknets/i2p.html
Re: [Trisquel-users] Privacy/Security services and software
Is there a good information source you could point to on how I2P for torrenting works?
Re: [Trisquel-users] Privacy/Security services and software
What about TunnelBear VPN? It offers 500MB of free data every month.
Re: [Trisquel-users] Privacy/Security services and software
> Just because you can hide your IP address and browser parameters > doesn't mean you can't be tracked through Tor. Indeed. Using Tor irresponsibly is worse than not using Tor at all. This is a good list of common pitfalls that really should be displayed when users start Tor Browser for the first time. https://www.whonix.org/wiki/DoNot
Re: [Trisquel-users] Privacy/Security services and software
Oh, I see, well done then :)
Re: [Trisquel-users] Privacy/Security services and software
These test are fairly meaningless and can give you a false sense of security (which is worse than knowing a system is insecure). Just because you can hide your IP address and browser parameters doesn't mean you can't be tracked through Tor. An advanced spying system detects actual patterns of online behavior (sites you visit, where you login etc) which can be investigated further for similar patterns and you can get pinned. So Tor per se gives you a default anonymity - that's all. But how you will use this anonymity is nothing anyone could give you, so you can still expose yourself.
Re: [Trisquel-users] Privacy/Security services and software
Some cool websites I have used to test for leaks with Tor and other solutions: www.whoer.net www.doileak.com www.check.torproject.org www.checkmytorrentip.upcoil.com www.ip6.nl These are good enough to know if there are some leaks in your system or not... Of course some applications might screw your privacy / anonymity in other ways...
Re: [Trisquel-users] Privacy/Security services and software
I wrote it in the style of reply to previous comment.
Re: [Trisquel-users] Privacy/Security services and software
Yes. Commercial VPNs are no different.
Re: [Trisquel-users] Privacy/Security services and software
>Medical Records you don't want your insurance company to know about? A new invention you are working on and don't want a big time company to steal from you? Protecting your source when you are a journalist brave enough to talk to people in life or death situations? Why do you need to get so theoretical and vague? How about: "I strongly believe in privacy. I believe what I browse, read, watch, listen to is **only my business** and no ISP, no State, no corporation should have the legal right to sniff my crap with their degenerate noses."
Re: [Trisquel-users] Privacy/Security services and software
>I wouldn't be surprised if some free VPNs are created/funded by those who you are trying to hide from Honeypot VPNs is nothing new. It has happened, it will happen. Do a brief search on the argument if interested. But how about commercial VPNs? Do you think that when sgt. Eye comes knocking a business which sole motive is business is going to pull the plug in order to protect your 5 monthly dollars?
Re: [Trisquel-users] Privacy/Security services and software
>I don't feel very OK with paying for a VPN https://riseup.net/en/donate#donate-cryptocurrency
Re: [Trisquel-users] Privacy/Security services and software
Basic security: pull the cord :)
Re: [Trisquel-users] Privacy/Security services and software
Thanks. I am looking to free my machines as much as possible but considering all the CPU issues and the lack of libreboot for any of them, I don't know how valuable the change of distro may be (currently openSUSE).
Re: [Trisquel-users] Privacy/Security services and software
That's high level spionage... I am going more for protect against ISP and copyright trolls and basic script kiddies... You know the most basic stuff. Tor is not effective agaainst a global adversary either. I am talking about basic security.
Re: [Trisquel-users] Privacy/Security services and software
https://en.wikipedia.org/wiki/Key_size#Effect_of_quantum_computing_attacks_on_key_strength I remember also reading (or was it a video?) about a new technology which is already created which would allow to read information from a computer from the distance, even if you are not connected to a network. So as long as you are withing 50m of range of that spying device, even in your home, nothing can save you. Unfortunately I don't have the link to it.
Re: [Trisquel-users] Privacy/Security services and software
My understanding is that the only problem with Fedora is the kernel. This might be a valuable piece of information for you: https://www.fsfla.org/ikiwiki/selibre/linux-libre/freed-ora.en.html Fedora 27 is current and that is honestly all I know; someone else will be along shortly if you have questions.
Re: [Trisquel-users] Privacy/Security services and software
That's why I have been wondering if it would be a stupid idea to use: 1, A free VPN encrypting all connections; 2. A free proxy in a torrent client (with encryption too); Something like My PC -> VPN -> Proxy -> internet It's very similar to what we do with Tor My Pc -> GuardRelay -> MiddleRelay -> ExitRelay -> Internet Now, of course Tor is a unique case, however the idea still holds.
Re: [Trisquel-users] Privacy/Security services and software
I wouldn't be surprised if some free VPNs are created/funded by those who you are trying to hide from... One should be very careful with 'free' things.
Re: [Trisquel-users] Privacy/Security services and software
Tor is for what? Medical Records you don't want your insurance company to know about? A new invention you are working on and don't want a big time company to steal from you? Protecting your source when you are a journalist brave enough to talk to people in life or death situations? Just couldn't understand your problem with Tor...
Re: [Trisquel-users] Privacy/Security services and software
Yeah, I noticed that much, webrtc was propably the culprit. But it only happened once and now I am using a couple ufw rules to prevent that kind of thing to happen again. Thanks!
Re: [Trisquel-users] Privacy/Security services and software
Hey quantumgravity, Thanks for putting the conversation back on track ;) Well, that ended up being my option using VPN + Tor, using only VPN for some stuff. Some people above mentioned I should "use bittorrent links to download ISO" but they forget that I was looking for a PRIVATE way of downloading it. Using bittorrent without any additional protection is like screaming out the window "I AM DOWNLOADING THIS AND THAT!" And before you mention legal vs illegal downloads... I have seen people being harassed because of LEGAL donwloads. Makes no sense, but it did happen. SuperTramp actually helped me getting things running in the VPN department. Thanks man! I don't feel very OK with paying for a VPN... You not only disclose your IP to them and give them a chance of recording your traffic, you ALSO identify yourself in the payment process. You will never have the chance to say "I was not the one using the VPN on my IP" because they have your credit card (or whatever) information. In that regard I would prefer a free VPN, because at least either you are screwed from the get go (as in they will sell all your info to pay for the service) or they actually have nothing to use against you. These days there are some free VPN that MIGHT (a big MIGHT) be worthy a little trust. A great solution would be to use 2 VPN in sequence... like configuring a tunnel, connecting to one and using that IP to connect to the other which would then connect to the internet (a little like Tor circuit). But from what I know that is impossible... right? Unless one has a local proxy working in an app or something, which certainly some people will know more about than me.
Re: [Trisquel-users] Privacy/Security services and software
Well, I will try to get back to the topic: it depends on the level of privacy you desire. A VPN (I use NordVPN) is normally enough for me. Maybe it's an option to use VPN + Tor for smaller files and browsing, while sticking with normal VPN for downloading large files?
Re: [Trisquel-users] Privacy/Security services and software
I asked once a friend who is top level sysadmin and Linux expert: Q: Why does it seem that the main distro used by web hosting providers is CentOS. A: Because it is Red Hat - a standard for high quality! But of course FSF seems to disagree with all RH distros.
Re: [Trisquel-users] Privacy/Security services and software
On Sun, 2018-01-14 at 21:44 +0100, gnu...@openmailbox.org wrote: > Distros were an example. I have a need to download various different files > and don't want to be revealed what I download. Not because it's "illegal" but > > because it's private. Sure :p The internet is for porn, Tor is for ___. signature.asc Description: This is a digitally signed message part
Re: [Trisquel-users] Privacy/Security services and software
And in addendum to that, use the torrent links for ISO images instead of direct downloads where possible. It's a lot less costly!
Re: [Trisquel-users] Privacy/Security services and software
Stop getting so many systems all the time. If you're distro-hopping, stop it. If you're really serious about switching to a distro, show you're serious by donating $50 to a distro every time you switch to it. Red Hat sells regular, no-tech-support versions of its distro for $50 each, and this has benefits: It pays the Red Hat developers who keep GNOME and other important parts of the GNU+Linux software stack afloat. Without Red Hat funding, GNOME would be utter garbage today. The file manager didn't even work. If the GNOME team hadn' convinced Red Hat to keep funding development when GNOME was in its infancy, it might have never gotten off the ground. (Although another company ended up making Nautilus. Red Hat didn't make that.) signature.asc Description: This is a digitally signed message part
Re: [Trisquel-users] Privacy/Security services and software
>but it was giving me DNS leaks when I tested in Abrowser. Sure about that? How did you test that? One of the main reasons they forked openvpn to build bitmask was indeed to take care of DNS leaks and a few other issues.
Re: [Trisquel-users] Privacy/Security services and software
Distros were an example. I have a need to download various different files and don't want to be revealed what I download. Not because it's "illegal" but because it's private. I have tested the BitMask application, with the RiseUp VPN, but it was giving me DNS leaks when I tested in Abrowser. Any ideas how to solve it?
Re: [Trisquel-users] Privacy/Security services and software
> However, I have been getting some slow circuits and when I have the need to > download large files, the download takes forever. I would not download large files through Tor. Not only will it be very slow, it it will waste donated bandwidth slowing down the Tor network for others. The same goes for streaming videos. When I need to download a large file and don't have a particular need for it to be anonymous, I just use wget. If you need to torrent anonymously you could look into I2P.
Re: [Trisquel-users] Privacy/Security services and software
Why would you use TOR to download a distro?