Privacy and Encrytion
 

To begin.
I will attempt to beef up security for my new computer and phone.
I have recently changed mobil carrier and and device. Is it necessary to to change the phone number as well?

Depends on the carriers - and probably what country you are in.

Here it used to be impossible, but now is merely a matter of asking for your number to be transferred when you register with the new carrier. For mobiles, takes less than a couple of hours.

Moved: This thread is more suitable in General and has been moved accordingly to help your thread/question get the exposure it deserves.

@OP

You can use a VPN that will work on both your computer and phone for privacy and encryption like this site

https://www.privateinternetaccess.com

It starts at $6.95/month BUT it can be cheaper if you opt for a 1 year ( $3.33/mo ) or 2 year ( $2.91/mo )


They even support linux.

PS: They claim they don't keep logs of users activities. I can't say for sure if this true so just don't do stupid things just to play it safe.

the U.S.government has broken the TOR network and has opted to dismiss a lot of serous cases rather than revel how they got the computer evidence
to brake TOR it had to be something on the TOR computers themselves
my bet would be that systemd has a back door remember Red Hat is a U.S. government contractor so unless you run a systemd free distro it's unlikely your going to keep the U.S. government out even with a VPN

any body else remember Snowden's leaks ?

If "the government agencies with three-letter acronyms for names" can't break encryption, then I really want to know exactly what I am getting in return for my ##CLASSIFIED## dollars of tax money each year! :)

But, honestly, "those guys" really aren't your problem, unless you're doing something criminal, in which case you deserve to get busted. :mad:

Long ago, Phil Zimmerman said it best when he was first introducing PGP®: "It's nobody's business but yours."

On the one hand, having a ubiquitous worldwide public data-network at your beck and call is the greatest invention since sliced bread. But, it means that you should take "certain sensible precautions™ . . ."

If you want to transmit it, and/or store it in a public warehouse, you should encrypt it. And if you want to rely upon it, you should at least digitally sign it. There are lots of well-tested, secure ways to do that, and the responsibility is yours. The technology can be unobtrusive (just like the encryption layer that is in-between you and LQ right now), and it works.

Public VPN-proxy services are also a good idea if you routinely work in a public place like a coffee shop. Its purpose is not to protect the data from the owner of the service, which by-definition it cannot do, but from eavesdroppers within the shop. (Once again, "it's nobody's business but yours.") And I would still use another layer of encryption on transferred content – e.g. sftp – even when using such a service, since "it's none of the service's business, either." :)

If you think that such a service is going to protect your criminal enterprise – think again. (Or, you'll have plenty of time to think about it in the State Hotel.)

And if someone shows up with a properly-executed search warrant, I'll be happy to comply and even to offer assistance.

Thank you.
I think i have a pretty loaded question At least for me its loaded.
So I purchased a used Thinkpad that was restored by the owner. THere are a few things i want establish.
1. Encryption of the hardrive
2. Gain full access to the System Adminstration (currently i select 'run as admin')
3. Partion the hardrive for Kali
4. Determine who to reconfigure the hard drive.

To being: I have downloaded Acrytpt from the internet. but i have not installed it yet
so I dont know if it works.

I have created an administrative account and password but still I do not have full control
as anyone with access to my laptop can 'run as administrator,' and this I wish to block.

The laptop came with Trusted Platform Module installed. In addition, its partition in this such way:


System.DRV NTFS - Windows7_OS NTFS- 848MB (Healthy)- Lenovo NTFS

On the System is where the full admin contrcol... suppose i want to remove this Admin - and reallocate the Disk space as like think - something like this:

Windows7_OS NTFS Kali NTFS/Fats (not sure) Swap(swap) Lenovo/restore NTFS

Now to me this all looks a bit messy Idk.

Tonight i plan to install ACrypt and partion the hard drive for Kali.

Any ideas are helpful. Im sure i forgot alot of something.
My response time is slow as Im suing my mobile device to communicate here.

Thanks again.

Make every user except one a "Limited User." Then, use a strong password and a user-name other than "Administrator" for that one user which is capable of administering the computer. You can't "run as administrator" unless you yourself are not a limited user, and/or know the magic password.

Then, tape its password to the bottom of your keyboard. ;)

Even if the FBI or NSA can break tor and VPN, it is still a good idea to use VPN when connected to a public wifi network. VPN is a good enough protection against script kiddies or the average hacker.

Just use a strong password for your VPN. Don't use a password that can be found in a dictionary. This is the first method script kiddies and hackers use to break passwords.

No, don't use a password at all!! :tisk:

Use OpenVPN with one-of-a-kind digital certificates. (You can password-encrypt them if you want to.) It is impossible to guess or to "hack" a certificate: either you possess one (and it has not been revoked ...), or, you do not. Period.

Good public VPN providers will also use certificates, taking your key and properly signing it.

As I've written in my blog here, if your (private) OpenVPN then also uses tls-auth, your VPN portal becomes a secret door. Attackers not only cannot break in – they cannot detect that it is there at all! :eek:

And yet, authorized users bearing one-of-a-kind, non-revoked credentials can walk right up to the apparently-blank wall, and in a matter of seconds they've passed right through the gantlet and are inside.

Number of unauthorized access attempts: Zero.

Hi sundialsvcs

I wasn't aware of that. I thought VPNs just use username and passwords. Thanks for educating me on this. Now I know a little more. Greatly appreciated :)