Helping to keep you safe
Security
When dealing with computers and mobile phones unauthorized intruders are the important aspect of security. Whether that's your other half or the ASD, if you want to stay secure you can - but it's not always easy!
KeeePass, Signal and VeraCrypt may help you achieve some of those goals, but remember, every time you're online you are vulnerable.
Privacy
Although everyone takes privacy in normal life for granted, but trying to achieve the same level of privacy on the Internet is a less accepted, and a lot more complicated.
While the general attitude is hard to change, many ways exist to enhance your privacy online.
Anonymity
There are many reasons to hide your real identity when you use the Internet. You might want to protect yourself against an oppressive government, or post personal messages to a Usenet newsgroup without identifying yourself to the whole world.
Learn to give sites you visit the appearance that you reside in a foreign country. Get through to web sites blocked by your ISP.
What else we provide?
Information
Facial recognition, meta data collection and other restrictions of your privacy our IT neutered government thinks up, and much more.
Hardware
I think it's more important than software.
So should you.
Software
If it merits a front page link then that's where you'll see it. All other software will be in our news area.
KeePass
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file.
So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms.
ProtonMail
All emails are secured automatically with end-to-end encryption. This means they cannot decrypt and read your emails. As a result, your encrypted emails cannot be shared with third parties.
ProtonMail can be used on any device without software install. ProtonMail secure email accounts are fully compatible with other email providers. You can send and receive emails normally.
YubiKey
The YubiKey is a hardware authentication device that supports one-time passwords, public key encryption and authentication, and the Universal 2nd Factor (U2F) protocol. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device.
YubiKey also allows for storing static passwords for use at sites that do not support one-time passwords.
Mullvad
Mullvad is a VPN service that helps keep your online activity, identity, and location private.
Only €5/month — they accept cash, Bitcoin, Bitcoin Cash, bank wire, credit card, PayPal, and Swish.
Windscribe [FREE]
Its a FREE VPN service that gives you 10GB of usage per month. The software includes a firewall for extra protection. It also allow an unlimited number of simultaneous VPN sessions on a single account.
Nitrokey
Nitrokey is an USB key to enable highly secure encryption and signing of emails and data, as well as login to the Web, networks and computers. Other than ordinary software solutions, the secret keys are always stored securely inside the Nitrokey. Their extraction is impossible which makes Nitrokey immune to computer viruses and Trojan horses. The user-chosen PIN and the tamper-proof smart card protect in case of loss and theft.
Panopticlick
When you visit a website, online trackers and the site itself may be able to identify you – even if you’ve installed software to protect yourself. It’s possible to configure your browser to thwart tracking, but many people don’t know how.
Panopticlick will analyze how well your browser and add-ons protect you against online tracking techniques.
Sysinternals
Windows Sysinternals is a part of the Microsoft TechNet website which offers technical resources and utilities to manage, diagnose, troubleshoot, and monitor a Microsoft Windows environment
Whether you’re an IT Pro or a developer, you’ll find Sysinternals utilities to help you manage, troubleshoot and diagnose your Windows security systems.
Ghostery
Ghostery is a privacy browser extension, available for a range of browsers, both on the desktop and mobile. Whenever you load a page in your browser, it tries to enumerate the loaded elements, and separate the pure content from so-called "tracking" elements, which might be search engines, ads, sharing buttons, or other types of media. Then, through a simple control panel, the user can manage these elements. You can choose to enable them or disable them, and a few other tricks.
Encrypted USB
A hardware encrypted USB is top shelf security.
These are specialised items you may seldom need or use.
There are two methods that are used for hardware encryption.
The DataTraveler Vault Privacy and
IronKey D300 both need a computer based OS to run.
The DataTraveler 2000 and the Aegis Secure Key DO NOT.
VeraCrypt
VeraCrypt is a free and open-source utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication.
VeraCrypt homepage
VeraCrypt at Wilders
If an encrypted USB is overkill for you then this is the best solution.
DuckDuckGo
DuckDuckGo is set up as a privacy-conscious product, and no user data is collected, harvested or profiled. It does not set any cookies by default, and it strips any unique information when forwarding queries to other engines.
You will no longer have to put up with the Google Filter Bubble and will now receive relevant results for your searches.
A full and comprehensive review of DDG by Dedoimedo is a must - even if you use DDG.
Prey
You don't have to be careless to lose your laptop or mobile phone, but that doesn't mean you should just accept the fact that your machine is gone forever. Prey helps recover your stolen devices by enabling you to track and control them remotely, and make them unusable to anyone who's got them. Prey helps you keep an eye on the perpetrator, and how they're using your machine and collate all kinds of information that will come in handy when you report the theft to the authorities.
Prey works on Linux, Windows, macOS, Android and i0S.
PrivaZer
PrivaZer scans and cleans your computers and storage devices, including external disks, USB flash drives, iPods, SD cards or network drives. It safeguards your privacy by removing unwanted traces of internet activities, software usage, USB history, registry and files.
The program includes an available secure delete function that overwrites files to prevent recovery.
PrivaZer Discussion Thread at Wilders
Startpage
Instead of a results page cluttered by informational widgets, this one would primarily link out to other sites. And instead of tracking your search history for ad targeting purposes, this search engine would be decidedly impersonal.
It turns out that such a thing exists today in Startpage, a Netherlands-based Google search alternative that emphasizes privacy. While it’s not the only privacy-first search engine—DuckDuckGo is a better-known example—Startpage is the only one whose search results come from Google, due to a unique and longstanding agreement in which Startpage pays the search giant to get a feed of links for any search.
Startpage - Google with privacy
It’s ok if you disagree with me. I can’t force you to be safe.
Privacy on Android
I'm not trying to give you some super-paranoid solution to being anonymous on the net. This is not about using four VPNs all at once and weird, obscure services to make yourself invisible.
This is all about personal needs.That's why I'm not going to tell you what you need to do, because you may have different usage patterns than myself. I will show you what I've done, and then you can decide whether you want to try the same thing, knowing that there are both benefits and downsides to my methods.
Privacy on Android.
Email Self Defense
Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, these are the same tools that whistleblowers use to protect their identities.
This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are scrambled to make sure a surveillance agent or thief intercepting your email can't read them.
Using a Password Manager?
In this article, I’ll start by examining the benefits and risks of using a password manager. It’s hard to overstate the importance of protecting the data in your password manager, and having a recovery strategy for that data, so I’ll cover that next. I’ll then present a low-risk approach to experimenting with using a password manager, which will help you understand the tough choices you’ll need to make before using it for your most-important passwords. I’ll close with a handy list of the most important decisions you’ll need to make when using a password manager.
Passwords
Yes, I know.
Another article about passwords.
Someone please shoot me before my head explodes.
Despite Bill Gates predicting the demise of passwords back in 2004, they are still very much in use, but the only people that care about passwords are journalists and SysAdmins. They have to justify their existence so they keep flogging the subject to death, much to the despair of those having to use them.
For the rest of us they are just a necessary pain.
But, fear not,
for I will show you the way to password nirvana.
Encryption
This is the number one factor that determines the security of your lifestyle.
Encryption refers to any process used to make sensitive data more secure and less likely to be intercepted by those unauthorized to view it. That includes Password Managers [KeePass], encrypting your files or partitions [VeraCrypt] and your sms messages [Signal]. Encryption is also used everytime you execute an online financial transaction [Paypal or ANZ] and for a multitude of other reasons.
When using encryption, the sender and recipient must use the same mathematical technique (known as an algorithm) to perform the encryption and decryption. That means that if you use your rubbish WhatsApp to send me a message it is not secure because I use Signal.
Encryption can cast a wide net, but without it, you'd all be fucked. Many of you take it for granted. Now that the desktop computer is considered an antique, most people carry their lives with them on their mobile. Yet how many encrypt their phone [to protect their financial details] or back it up [to protect their sanity]. I think I'm being very generous in guessing that no more than 5% would bother. Why - because it's to big a hassle. Time is better spent on bookface or some other meaningless social media than the few seconds [ok - sometimes minutes] it takes to secure your life.
If you lost your phone how much would you pay to get it back?
Do you know how much it costs to protect the information in your phone?
Nothing. ZERO. $0!
Do yourself a favour and take a few minutes out of your boring meaningless life and just do it.
This is the number one factor that determines the security of your lifestyle.
Encryption refers to any process used to make sensitive data more secure and less likely to be intercepted by those unauthorized to view it. That includes Password Managers [KeePass], encrypting your files or partitions [VeraCrypt] and your sms messages [Signal]. Encryption is also used everytime you execute an online financial transaction [Paypal or ANZ] and for a multitude of other reasons.
When using encryption, the sender and recipient must use the same mathematical technique (known as an algorithm) to perform the encryption and decryption. That means that if you use your rubbish WhatsApp to send me a message it is not secure because I use Signal.
Encryption can cast a wide net, but without it, you'd all be fucked. Many of you take it for granted. Now that the desktop computer is considered an antique, most people carry their lives with them on their mobile. Yet how many encrypt their phone [to protect their financial details] or back it up [to protect their sanity]. I think I'm being very generous in guessing that no more than 5% would bother. Why - because it's to big a hassle. Time is better spent on bookface or some other meaningless social media than the few seconds [ok - sometimes minutes] it takes to secure your life.
If you lost your phone how much would you pay to get it back? Do you know how much it costs to protect the information in your phone?
Nothing. ZERO. $0!
Do yourself a favour and take a few minutes out of your boring meaningless life and just do it.
Latest news
Mobile phone extraction
In this piece we examine mobile phone extraction, relying on publicly available information and Privacy International’s experience from conducting mobile phone extraction using a Cellebrite UFED Touch 2. Mobile Phone Extraction technologies, known also as mobile forensics, entails the physical connection of the mobile device that is to be analysed and a device that extracts, […]
5G risk assessment
5G is on the way, but there’s no reason to start running around with your pants on your head just yet. While there will be a lot of hoopla about 5G in the CBD area of major cities there is a very large infrastructure network that will have to be put in place. Think at […]
Ploy to Break Encryption
This is part one of a four-part series where security expert Jon Callas breaks down the fatal flaws of a recent proposal to add a secret user — the government — to our encrypted conversations. Twenty-five years ago, the FBI decided it needed a surveillance system built into the nation’s telephone network to enable it to listen […]