Become acquainted with The Jargon
http://www.catb.org/jargon/html/
Embrace The Hacker's Code
http://muq.org/~cynbe/hackers-code.html
Delve into the solutions...
Network Forensics Evasion: How to Exit the Matrix
http://billstclair.com/matrix/index.html
Live Free Do Good Things!
http://danwalsh.livejournal.com/71122.html
Interesting blog about how SELinux, if enforced, would protect data from
being read and files written to as a result of the current BASH exploit.
Wikipedia is your friend here. Read about SELinux, MACs (mandatory access
controls), DACs (discretionary access controls), Apparmor and other
implementations.
Basically it's a system to try and limit the capabilities of users and
programs to the smallest subset they need.
These things
Hi guys,
Regarding Self-Defense, I've just found out about SElinux.
Can anyone explain me what is it about?
how it works? and
how it helps to enforce security on a GNU/linux system?
What are the main pros cons?
Does it worth configuring my GNU/linux with SElinux?
Furthermore, Has anyone
Trisquel uses AppArmor which is an easier to configure alternative to
SELinux. E.g. last time I looked in Toutatis the supplied Samba and
CUPS are running under AppArmor profiles to help protect against
zero day attacks. I suggest you learn this instead (Search the web).
SELinux was developed by the NSA and as such attracts some suspicion.
However, it was open sourced and released under the GPL in the year 2000.
It can be a major PITA.
For example, if you're going to install a parallel distro/OS then disable
SELinux first or the next time you try to boot it
You know, google is not your friend... but duckduckgo and startpage are!
http://www.kali.org/
http://www.backtrack-linux.org/
Read the documentation and you will find most software is actually in the
reps. You can install in trisquel and use it. Same goes for TAILS, you don't
need to
Let's not link non-free stuff, mmk?
btw , we CAN
Rebuilding a Tails image
https://tails.boum.org/contribute/build/
As you can read in one comment I made above, I was only suggesting to read
the documentation, in order to use the FREE SOFTWARE that is used in those
distros. Most of it you can get in the reps. I also told NOT to use the
distros because they are non-free. So, it's not like I am linking to
Any other ideas on how to learn self-defense?
Hm...
• EFF website: https://www.eff.org/ , specially
https://www.eff.org/issues/privacy and EFF's Surveillance Self-Defense
project: https://ssd.eff.org/
The Electronic Frontier Foundation (EFF) has created this Surveillance
Self-Defense
Hi guys. I'm back...
I've red all your posts and at first I was really surprise specially after
reading...
http://www.cryptogon.com/?p=624
from salparadise and viewing the links that lembas provided.
As for the TAILS conversation, it is not very clear to me wheather it is safe
to use
Well, I think we scared Lep away :P Maybe we diverted from the original
thread subject.
I think one good place for you to start would be reading the documentation on
BackTrack Linux. I am not suggesting you use the distro (which is probably
non-free) but just read the documentation, they
These are unknown waters for me. One question: if a device (keyboard or wifi
card or webcam) has software (firmware) written inside of it to be able to
work, but that firmware doesn't talk to the OS (only the driver makes the
connection between computer and device, OS and device) then we
Thanks for sharing this info on BadUSB jxself. Is there a site you'd
recommend to learn more about this BadUSB? Thanks
gnuser wrote:
I would say that a keyboard's firmware could be dangerous (maybe
logging your keystrokes and sending it somewhere over the internet)
but is it true for any firmware? Or is a matter simply of freedom,
not so much of security?
Also, Intel's proprietary Wi-Fi firmware stops a
Also, Intel's proprietary Wi-Fi firmware stops a user from being able
to change their MAC address
Er, maybe driver actually, I'm not too sure. The GNU/Linux drivers for
Intel Wi-Fi cards are apparently free but the firmware is not:
https://wiki.debian.org/iwlwifi
The quote from Intel that it
You should go read up on BadUSB to find some answers to those very questions.
:)
A USB drive, for instance, will take on the ability to act as a keyboard that
surreptitiously types malicious commands into attached computers. What might
those commands be and how might they affect your
Ok, so, TAILS doesn't ships non-free/closed-source drivers, but it has
non-free/closed-source firmware, is that correct?
From a freedom perspective that's bad, but from a security one, is that
dangerous, as in, can a firmware affect the users privacy somehow? I would
say that a keyboard's
I think we should give Snowden a break here... Just as we understand when a
guy has to use non-free software at work to keep his job (no matter the work
at a factory speech), we could argue that Snowden had to use a distro not
endorsed by the FSF to save his life. I mean, sure he could have
Sorry for a dumb question, but what means NFG?
No eFfin' Good
A keyboard doesn't have firmware loaded by a Linux driver. If it has any,
it's probably stored on the device itself. Firmware loaded by the Linux
kernel is mostly for wifi and graphics (radeon) but also for some ethernet
cards.
Since Tails uses the Debian kernel, all the blobs are external
That's was my reaction at first glange, but, if there are not proprietary
drivers very few people are able to use it.
The goal was to create a trustworthy, privacy respecting gnu-linux
distribution.
Without proprietary blobs, few people would have been able to use it, no
doubt about that.
With proprietary blobs, _no one_ is able to use it, since privacy is
completely terminated.
I can't believe that they
Snowden used tails and talk about tails
I remember reading in the FSF webpage that between Linux distros and BSD
distros there is a difference in the way they use the word blob. Could it
be the case here, as in, they don't use proprietary drivers per se, but use
some kind of firmware (I mean as in accessing some closed software
So what?
Sure a lot of people talk about it and use it.
Don't get me wrong, I really respect what he did for society. It was a great
contribution!
But I've seen several interviews with him, and did he mention free software
even once?
No, he didn't. He talked about all kind of things and
My mistake (did not read it carefully). You are correct.
They include non free firmware. Firmware is run on the peripheral itself,
unlike a driver. Most firmware, except a few, has no source available and is
non free.
If you don't care, lot of people care about what he has to says about
security
the fact are there, he didn't use trisquel nor windows...he might not be an
advocate of free software.
The BSD community's (I guess) view is that since the firmware blobs run on
the devices (rather than the computer itself) it doesn't matter.
The FSF's is that since it's present on editable storage medias (e.g the
HDD), it matters.
quantumgraviry, thinking about, you're right, without free soft i don't think
could be security, and Snowden miss a great opportunity like you said. my
first glance was the good one.
Hi guys,
Recently I've been really aware of all the risks in privacy (thus, in
freedom) one is exposed in todays digital world. Inmediately I thought, There
should be a way I can defense myself against these kind of things? and then I
found out about ethical hacking for security assesment.
You don't need to be a hacker to defend yourself from surveillance. You just
need to change some of your practices.
For protecting your anonymity when browsing the Web, the best tool is Tor,
and the easiest way to get that working properly is to use the Tor Browser
Bundle. To use Tor with
Hey lep! I think that's a very worthy goal. Here's a new nuggets to think
about
On browser hygiene
https://en.wikipedia.org/wiki/Evercookie
https://en.wikipedia.org/wiki/Device_fingerprint
On hardware backdoors
https://www.blackhat.com/html/bh-us-12/bh-us-12-archives.html#Brossard
TAILS is a non-free distro. Binary blobs for example which seems odd given
the nature of the distro. Please don't recommend non-free distros here.
There is tails. It's a live distro used by Edward Snowden. I installed it in
a USB key, you can bring it with you and use it on every computer you want
(if it has the USB option on boot)
https://tails.boum.org/
http://www.cryptogon.com/?p=624
proprietary software in a security-oriented distribution ... how bizarre
I'm sorry, but I believe that must not be correct. According to
https://tails.boum.org/doc/about/license/index.en.html
all their software is free software, and IIRC they even got rid of TrueCrypt
some time ago (because of the issues with it).
Also, since this is based on Debian main distro, I
gnuser wrote:
I'm sorry, but I believe that must not be correct. According to
https://tails.boum.org/doc/about/license/index.en.html all their
software is free software, and IIRC they even got rid of TrueCrypt
some time ago (because of the issues with it). Also, since this is
based on
read the response to comment 7:
https://tails.boum.org/forum/GNU_Award_for_Projects_of_Social_Benefit/
Interesting that TAILS won an FSF award despite the fact that it includes
proprietary firmware - i.e., it's not free.
Precisely - Too many apply the logic that 'It is a variant of the Debian
GNU/Linux distro so it *must* be equally free.' This is not a good place to
start from and results in people reaching the wrong conclusion.
On Sat, 2014-08-30 at 03:35 +0200, 5...@verizon.net wrote:
read the response to comment 7:
https://tails.boum.org/forum/GNU_Award_for_Projects_of_Social_Benefit/
Interesting that TAILS won an FSF award despite the fact that it includes
proprietary firmware - i.e., it's not free.
Correct
No it didn't win. And in fact the forum thread says that Tails does ship
with proprietary firmwares.
46 matches
Mail list logo
