Ramblings about Debian GNU/Linux
-
Security and Privacy on the Internet
A couple of Google Chrome extensions:
Do Not Track Plus : https://chrome.google.com/webstore/d...hrome-ntp-icon
Quote:Do Not Track Plus blocks web beacons and other tracking technologies that advertisers use to track your browsing behavior. Easily see what trackers are in use at each website you visit and block any or all of them.
Quote:Abine TACO sets all the NAI opt-out cookies to stop advertisers from delivering content based on their attempts to profile you and your online behavior. At each website you visit TACO can show you how many and which advertising networks you've opted-out of.
This Chrome extension sets a number of permanent, generic, non personally
identifiable opt-out cookies in the browser, which will prevent over 100 different online advertising networks from subjecting users to behavioral advertising (and in some cases, will stop the networks from being able to track users' web browsing habits too).
Quote:A Cookie Whitelist Manager that helps protect your privacy. Automatically removes unwanted cookies.Posted 02-13-2012 at 04:18 PM by craigevil -
Security and Privacy on the Internet
Some more Firefox extensions:
Certificate Patrol :: Add-ons for Firefox : https://addons.mozilla.org/en-US/fir...ficate-patrol/
Quote:Your browser trusts many certification authorities and intermediate sub-authorities quietly, every time you enter an HTTPS web site. This add-on reveals when certificates are updated, so you can ensure it was a legitimate change.
Quote:Be in control of which cross-site requests are allowed. Improve the privacy of your browsing by not letting other sites know your browsing habits. Secure yourself from Cross-Site Request Forgery (CSRF) and other attacks.
Quote:Create free disposable email addresses and paste them directly in forms. This helps to protect you from spam mails and could be useful when subscribing to forums or newsletters
Quote:In some countries YouTube videos are blocked! Unblock them with this Addon.
Supported countries: Germany, Netherlands, Spain, ...? not US compatible
Status+Support: www.proxtube.com www.facebook.com/ProxTube & Twitter: @maltegoetz (EN/DE)
Quote:Collusion is an experimental add-on for Firefox and allows you, for the first time, to see all the third parties that are tracking your movements across the Web. It will show, in real time, how that data creates a spider-web of interaction between companies and other trackers.
Quote:This extension prevents Google Search from modifying result links when they are clicked.
Quote:Hide My Ass! operates the most popular browser based web proxy online, this is our official extension that enables you to easily redirect your web traffic through our anonymous proxy network.
Quote:Right-click on a link to instantly open it in Private Browsing mode. (Or right-click anywhere to quickly open private browsing mode.)
Privly · https://priv.ly/
Quote:Privly enables you to read private content through any website. Only the people you designate can read your content, and the host page never has access.Posted 02-13-2012 at 03:55 PM by craigevil
Updated 04-06-2012 at 05:56 PM by craigevil -
Security and Privacy on the Internet
DeSopa :: Add-ons for Firefox - https://addons.mozilla.org/en-US/firefox/addon/desopa/
DNS Evasion to Stop Oppressive Policy in America
Quote:HOW TO USE:
---------------------------
- Enable the Status/Add-on bar if it is not enabled (View->Toolbars->Add-on bar)
- Click on the light blue DeSopa button in the Status/Add-on bar, at the bottom of the browser window, to access websites by IP.
- Click the green DeSopa button to switch back to DNS resolution.
III. KNOWN LIMITATIONS:
---------------------------------------
- Can only resolve tabs one at a time.
- First time resolution is a bit slow because three services are checked serially and compared. This may be done in parallel in the future, or a trusted single source may be used.
IV. HOW IT WORKS:
---------------------------------
When turned on, DeSopa intercepts URLs, sends the base URL to three offshore DNS services via HTTP, makes a best effort to check that two of them are equivalent, caches the IP for the browser session, redirects to the equivalent URL using the IP, and substitutes out the domain name in the source code with the IP address for future requests.
GitHub: https://github.com/TamerRizk/desopaPosted 12-22-2011 at 01:44 PM by craigevil -
Security and Privacy on the Internet
Essential apps for any Android phone. Always use encrypted communications whenever possible.
droidwall - DroidWall - Android Firewall - Google Project Hosting : http://code.google.com/p/droidwall/
APG - https://play.google.com/store/apps/d...ar.android.apg
Quote:Public key encryption for the Android. Encrypt/decrypt emails/files via OpenPGP.OpenPGP for Android. It's open source and its goal is to provide a similar OpenPGP implementation as GnuPG.
Tinfoil for Facebook - https://play.google.com/store/apps/d...azco.fbwrapper
Quote:Tinfoil for Facebook is for those users that require a Tinfoil Hat when logging in to Facebook. It creates a sandbox for Facebook's mobile site in order to protect your privacy and to avoid them tracking your browsing history.
LBE Privacy Guard - Android Apps on Google Play - https://play.google.com/store/apps/d....security.lite
Quote:LBE Privacy Guard requires a ROOTed phone, please make sure your phone has been unlocked and ROOTed.
With the state-of-the-art API interception technology, LBE Privacy Guard provides great enhancement to Android permission system, now the first time you are able to:
- Protect your privacy by controlling the permission of each application to access your sensitive data.
- Block malicious operation from Mal-wares and Trojans.
- Block unwanted network traffic if you don’t have a unlimited data plan.
- Find out which application is trying to steal your privacy by checking the security log.
Tor Project: Android Instructions : https://www.torproject.org/docs/android.html.en
ProxyMobile: Firefox Mobile Add-on | The Guardian Project : https://guardianproject.info/apps/pr...irefox-add-on/
Proxy Mobile :: Add-ons for Mobile : https://addons.mozilla.org/en-us/mob.../proxy-mobile/
Quote:Simple add-on for settings HTTP, SOCKS and SSL proxy settings. Works by default with Orbot: Tor on Android. Developed by the Guardian Project at https://guardianproject.info
Quote:DroidSheep Guard protects your phone from DroidSheep, Faceniff & other hijackers.
DroidSheep Guard protects your phone from Tools like DroidSheep, Faceniff and other Session hijackers!
It monitors your ARP-Table and alerts on any unusual change to this table. So use it to secure your Facebook, ebay, Twitter, LinkedIn etc accounts from "Man In The Middle" attacks on public WiFi!
For more info see: Android Security with Wifi Protector - FAQ gurkedev.com - http://www.gurkedev.com/wifiprotector/faq/
Gibberbot: Secure Instant Messaging | The Guardian Project : https://guardianproject.info/apps/gibber/
Android permissions explained, security tips, and avoiding malware - http://androidforums.com/android-app...g-malware.html
How to Encrypt All Internet Use on Your Android Phone - SSH Tunnelhttp://lifehacker.com/5803880/how-to...-android-phone
Interesting article:
The Guardian Project : https://guardianproject.info/Posted 12-13-2011 at 06:43 PM by craigevil
Updated 04-06-2012 at 07:14 PM by craigevil (Adding a couple more extensions) -
Security and Privacy on the Internet
Priv3 :: Add-ons for Firefox : https://addons.mozilla.org/en-US/firefox/addon/priv3/
Priv3: Practical Third-Party Privacy : http://priv3.icsi.berkeley.edu/
Quote:How Priv3 Works
Blocking simple "web bugs" or "trackers" is fairly straightforward, because doing so does not harm your web surfing experience. By contrast, completely blocking social networking features is counterproductive, because doing prevents you from actually using these features—say to leave a comment, or to "like" something—when you would like to do so.
Therefore, Priv3 does not block third-party interactions completely. Instead, it selectively suppresses the inclusion of third-party web cookies when your browser pulls in content from the social networks, but does provide them if you decide to interact with the social networking features. You still see the number of "likes" the page has accumulated on Facebook or the comments other people left using Facebook's discussion mechanism. Facebook however only learns the IP address of the computer you are using.
Should you decide to interact with the social feature, Priv3 detects any mouseclick or keystroke directed at the feature. It then reloads it with your session cookies and passes on the click or keystroke, thus revealing your identity to the social network and informing it of your desired action.
Priv3's Currently Supported Social Networking Sites
Priv3 currently understands the interactive features of the following social networks:
Facebook
Twitter
Google +1
LinkedInPosted 09-18-2011 at 07:47 PM by craigevil -
Security and Privacy on the Internet
Some useful extensions for Chrome.
Ghostery for Google Chrome
NotScript - A clever extension that provides a high degree of 'NoScript' like control of javascript, iframes, and plugins on Google Chrome.
FlashControl - Add extra control features to Adobe Flash players. Use FlashControl to turn Flash players on and off, or toggle their visibility.Posted 08-27-2011 at 02:18 AM by craigevil -
Grokking Debian GNU/Linux
iw - Linux Wireless - http://wireless.kernel.org/en/users/...ulatory_domain
Quote:Updating your regulatory domain
The command line is:
iw reg set alpha2
Where "alpha2" is the ISO/IEC 3166 alpha2 country code. The information used and set comes from our regulatory infrastructure.
You can also use the latest wpa_supplicant (as of 0.6.7) now to change your regulatory domain, to do so just add a "COUNTRY=US" entry into your configuration for example.Posted 07-30-2011 at 10:25 AM by craigevil -
Grokking Debian GNU/Linux
Tech Patterns :: Switching from Debian Iceweasel to Firefox, permanently : http://techpatterns.com/forums/about1435.htmlPosted 07-27-2011 at 05:36 PM by craigevil -
Security and Privacy on the Internet
Nixory - Antispyware tool for Firefox, IE, Chrome - http://nixory.sourceforge.net/
BASTILLE-LINUX - http://bastille-linux.sourceforge.net/
I also follow the advice in Securing Debian Manual - http://www.debian.org/doc/manuals/se...-debian-howto/ Warning the Debian Hardening Guide is outdated.Posted 07-11-2011 at 11:16 PM by craigevil
Updated 02-26-2012 at 01:46 PM by craigevil -
Security and Privacy on the Internet
Some interesting links:
A Gentle Introduction - I2P - http://www.i2p2.de/how_intro.html
Tor Project: Overview - https://www.torproject.org/about/overview.html
Want Tor to really work? - https://www.torproject.org/download/...tml.en#warning
Debian User Forums •installing tor/polipo - http://www.debianuserforums.org/view...php?f=24&t=961
How to: Privoxy (proxy) + Polipo (web cache) + Dnsmasq (DNS - http://forums.debian.net/viewtopic.php?f=16&t=66500Posted 07-07-2011 at 04:16 PM by craigevil
Updated 07-07-2011 at 04:21 PM by craigevil -
Security and Privacy on the Internet
Secure Login https://addons.mozilla.org/en-US/fir.../secure-login/
Screenshots:
http://securelogin.mozdev.org/screenshots.html
Features:
* Works out of the box without any configuration needed.
* Login with one click or a keyboard shortcut (automatically submitting the login forms).
* Easy and convenient selection for multiple logins (multiple users)
* Provides direct login to any site from the bookmarks (using the "Secure Login Bookmarks").
* Integrates with Mozilla Firefox password manager.
* Provides easy access to the saved passwords.
* Prevents malicious JavaScript code to automatically steal your login data.
* Provides an option to protect your login data from all JavaScript code during login.
* Websites requiring JavaScript for the login process can be added to an exception list.
* Can prevent cross-site scripting (XSS) attacks to steal your passwords without having to deactivate JavaScript.
* Helps to protect you from phishing.
* Shows the login URL(s) and the number of available logins in a tooltip of the toolbar button and the statusbar icon.
* Can be set to automatically search for login data and highlight form fields.
* Can be used with a toolbar button, a statusbar icon, a keyboard shortcut or via the context menu.
* Completely customizable interface (buttons, icons and menus can be enabled/disabled).
* Provides a customizable keyboard shortcut
* By default only active on login so it doesn't consume any system resources while surfing.
* Can fill out additional form fields using the Autofill Forms add-on.
* Possibility to play a sound when logins are found or when logging in.
Documentation:
http://securelogin.mozdev.org/drupal/wikiPosted 07-02-2011 at 06:29 PM by craigevil -
Grokking Debian GNU/Linux
Debian Community Guidelines - http://people.debian.org/~enrico/dcg/
How can you help Debian? - http://www.debian.org/intro/help
Social Contract - http://www.debian.org/social_contract
Free Software - http://www.debian.org/intro/freePosted 07-02-2011 at 03:56 PM by craigevil -
Grokking Debian GNU/Linux
Howto: Set up and Maintain a Mixed Testing/Unstable System - http://forums.debian.net/viewtopic.p...=15612&p=76067
HowTo Build a Package from Source the Smart Way - http://forums.debian.net/viewtopic.php?f=16&t=38976
NvidiaGraphicsDrivers - Debian Wiki - http://wiki.debian.org/NvidiaGraphicsDriversPosted 07-02-2011 at 03:32 PM by craigevil -
Security and Privacy on the Internet
https-finder - A Firefox extension that detects valid HTTPS pages as you browse. One-click rule creation for HTTPS Everywhere - Google Project Hosting : https://code.google.com/p/https-finder/
What is HTTPS Finder?
HTTPS Finder automatically detects and forwards to web sites that offer HTTPS, as well as automating the rule creation process for HTTPS-Everywhere (instead of having to manually type "https://" in the address bar to test, and writing your own xml rule for it).
The extension sends a small HTTPS request to each HTTP page you browse to. If there is a response, the certificate is checked for validity (Any certificate errors will result in no notification, the site is ignored). If valid, the user is given an option to navigate to the HTTPS page (or optionally auto-forward to HTTPS), and save the auto-generated rule for HTTPS Everywhere. Version 0.51 adds "in-Firefox" editing of the rule before saving.Posted 06-18-2011 at 02:11 PM by craigevil -
Grokking Debian GNU/Linux
Some more useful info:
Newer versions of Iceweasel Debian Mozilla team APT archive - http://mozilla.debian.net/
Java - Debian Wiki - http://wiki.debian.org/Java
FlashPlayer - Debian Wiki - http://wiki.debian.org/FlashPlayerPosted 05-25-2011 at 01:05 PM by craigevil -
Grokking Debian GNU/Linux
These sort of things have a tendency to keep growing, see Slackware Links, put together by onebuck.Posted 05-25-2011 at 06:47 AM by brianL -
Grokking Debian GNU/Linux
I see I'm not the only documentation junkie :P
Nice work bringing it all together. I haven't used Debian proper for some years now, but I'm certain new users would appreciate this article.Posted 05-25-2011 at 01:19 AM by Telengard -
Security and Privacy on the Internet
PrivacySuite :: Add-ons for Firefox - https://addons.mozilla.org/en-US/fir.../privacysuite/
Abine - http://www.abine.com/
Beef Taco - http://jmhobbs.github.com/beef-taco/
For Chrome take a look at:
Disconnect - http://www.disconnectere.com/
AdSweep - http://adsweep.org/
Web Proxy Browser Extension (Chrome & Firefox)- Hide My Ass! - https://hidemyass.com/software/proxy-browser-extension/
Quote:HMA! Web Proxy Browser Extension
Our free browser extension helps you to redirect your web browser traffic through our secure web proxy nodes with just one click.
To hide your online identity and surf anonymously simply click our icon located to the right of your address bar; clicking this icon whilst already on a website will take you to the proxified version of this website, and clicking this icon with no website loaded will display a web proxy form for a quick start.
Our free proxy extension is compatible with Google Chrome and Mozilla Firefox
Quote:CsFire autonomously protects you against dangerous or malicious cross-domain requests, such as Cross-Site Request Forgery (CSRF). CSRF is very prevalent and dangerous, as stated by the OWASP top 10, as well as the CWE/SANS top 25 programming errors.
Just posting some add-ons/extensions that may prove useful.Posted 05-20-2011 at 06:19 PM by craigevil
Updated 05-30-2012 at 10:38 AM by craigevil -
Security and Privacy on the Internet
Several useful extensions for Firefox to help bypass censorship:
MAFIAAFire.com - http://www.mafiaafire.com/
MAFIAAFire Redirector
MAFIAAFIRE: Gee! No evil!
MAFIAAFire: ThePirateBay Dancing!Posted 05-16-2011 at 11:28 PM by craigevil
Updated 04-06-2012 at 07:18 PM by craigevil -
Security and Privacy on the Internet
Documenting Tools for Beating Internet Censorship | Electronic Frontier Foundation - https://www.eff.org/deeplinks/2011/0...net-censorship
The SSD Project | EFF Surveillance Self-Defense Project : https://ssd.eff.org/Posted 05-16-2011 at 11:28 PM by craigevil
Updated 06-16-2012 at 12:12 AM by craigevil