Helping to keep you safe
Security
When dealing with computers and mobile phones unauthorized intruders are the important aspect of security. Whether that's your other half or the ASD, if you want to stay secure you can - but it's not always easy!
KeePass, Signal and VeraCrypt may help you achieve some of those goals, but remember, every time you're online you are vulnerable.
Privacy
Although everyone takes privacy in normal life for granted, but trying to achieve the same level of privacy on the Internet is a less accepted, and a lot more complicated.
While the general attitude is hard to change, many ways exist to enhance your privacy online.
Anonymity
There are many reasons to hide your real identity when you use the Internet. You might want to protect yourself against an oppressive government, or post personal messages to a Usenet newsgroup without identifying yourself to the whole world.
Learn to give sites you visit the appearance that you reside in a foreign country. Get through to web sites blocked by your ISP.
What else we provide?
Information
Facial recognition, meta data collection and other restrictions of your privacy our IT neutered government thinks up, and much more.
Hardware
I think it's more important than software.
So should you.
Software
If it merits a front page link then that's where you'll see it. All other software will be in our news area.
Private secure messaging
Session
Session is a private messenger that aims to remove any chance of metadata collection by routing all messages through an onion routing network.
So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms.
Signal
State-of-the-art end-to-end encryption (powered by the open source Signal Protocol) keeps your conversations secure.
We can't read your messages or listen to your calls, and no one else can either.
Privacy isn’t an optional mode — it’s just the way that Signal works. Every message, every call, every time.
Secure email
ProtonMail
All emails are secured automatically with end-to-end encryption. This means they cannot decrypt and read your emails. As a result, your encrypted emails cannot be shared with third parties.
ProtonMail can be used on any device without software install. ProtonMail secure email accounts are fully compatible with other email providers. You can send and receive emails normally.
Tutanota
With end-to-end encryption and 2FA, your emails have never been more secure. The built-in encryption guarantees that your mailbox belongs to you: Nobody can decrypt or read your data.
Tutanota is open source so security experts can verify the code that protects your emails.
Secure search engines
DuckDuckGo
DuckDuckGo is set up as a privacy-conscious product, and no user data is collected, harvested or profiled. It does not set any cookies by default, and it strips any unique information when forwarding queries to other engines.
You will no longer have to put up with the Google Filter Bubble and will now receive relevant results for your searches.
A full and comprehensive review of DDG by Dedoimedo is a must - even if you use DDG.
Startpage
Instead of a results page cluttered by informational widgets, this one would primarily link out to other sites. And instead of tracking your search history for ad targeting purposes, this search engine would be decidedly impersonal.
It turns out that such a thing exists today in Startpage, a Netherlands-based Google search alternative that emphasizes privacy. While it’s not the only privacy-first search engine—DuckDuckGo is a better-known example—Startpage is the only one whose search results come from Google, due to a unique and longstanding agreement in which Startpage pays the search giant to get a feed of links for any search.
Startpage - Google with privacy
V P N
Mullvad
Mullvad is a VPN service that helps keep your online activity, identity, and location private.
Only €5/month — they accept cash, Bitcoin, Bitcoin Cash, bank wire, credit card, PayPal, and Swish.
Windscribe [FREE]
Its a FREE VPN service that gives you 10GB of usage per month. The software includes a firewall for extra protection. It also allow an unlimited number of simultaneous VPN sessions on a single account.
Secure encryption
Nitrokey
Nitrokey is an USB key to enable highly secure encryption and signing of emails and data, as well as login to the Web, networks and computers. Other than ordinary software solutions, the secret keys are always stored securely inside the Nitrokey. Their extraction is impossible which makes Nitrokey immune to computer viruses and Trojan horses. The user-chosen PIN and the tamper-proof smart card protect in case of loss and theft.
Cryptography Dispatches
I’m a big fan of hardware tokens because they allow a few things you can’t do with just software cryptography: compromise recovery, because an attacker can’t exfiltrate the key from the hardware to use it after losing access to it; explicit consent, where the user has to physically allow each operation by e.g. tapping the key; and short PINs that can’t be bruteforced, because the retry counters or delays are enforced in hardware.
Let’s cut to the chase,
here’s how you generate an SSH key backed by your security key..
Yubikey
The YubiKey is a hardware authentication device that supports one-time passwords, public key encryption and authentication, and the Universal 2nd Factor (U2F) protocol. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device.
YubiKey also allows for storing static passwords for use at sites that do not support one-time passwords.
Encrypted USB
A hardware encrypted USB is top shelf security.
These are specialised items you may seldom need or use.
There are two methods that are used for hardware encryption.
The DataTraveler Vault Privacy and
IronKey D300 both need a computer based OS to run.
The DataTraveler 2000 and the Aegis Secure Key DO NOT.
VeraCrypt
VeraCrypt is a free and open-source utility used for on-the-fly encryption. It can create a virtual encrypted disk within a file or encrypt a partition or the entire storage device with pre-boot authentication.
VeraCrypt homepage
VeraCrypt at Wilders
If an encrypted USB is overkill for you then this is the best solution.
Keepass
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file.
So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms.
Miscellaneous
Prey
You don't have to be careless to lose your laptop or mobile phone, but that doesn't mean you should just accept the fact that your machine is gone forever. Prey helps recover your stolen devices by enabling you to track and control them remotely, and make them unusable to anyone who's got them. Prey helps you keep an eye on the perpetrator, and how they're using your machine and collate all kinds of information that will come in handy when you report the theft to the authorities.
Prey works on Linux, Windows, macOS, Android and i0S.
PrivaZer
PrivaZer scans and cleans your computers and storage devices, including external disks, USB flash drives, iPods, SD cards or network drives. It safeguards your privacy by removing unwanted traces of internet activities, software usage, USB history, registry and files.
The program includes an available secure delete function that overwrites files to prevent recovery.
PrivaZer Discussion Thread at Wilders
It’s ok if you disagree with me. I can’t force you to be safe.
Privacy on Android
I'm not trying to give you some super-paranoid solution to being anonymous on the net. This is not about using four VPNs all at once and weird, obscure services to make yourself invisible.
This is all about personal needs.That's why I'm not going to tell you what you need to do, because you may have different usage patterns than myself. I will show you what I've done, and then you can decide whether you want to try the same thing, knowing that there are both benefits and downsides to my methods.
Privacy on Android.
Email Self Defense
Even if you have nothing to hide, using encryption helps protect the privacy of people you communicate with, and makes life difficult for bulk surveillance systems. If you do have something important to hide, these are the same tools that whistleblowers use to protect their identities.
This guide will teach you a basic surveillance self-defense skill: email encryption. Once you've finished, you'll be able to send and receive emails that are scrambled to make sure a surveillance agent or thief intercepting your email can't read them.
Using a Password Manager?
In this article, I’ll start by examining the benefits and risks of using a password manager. It’s hard to overstate the importance of protecting the data in your password manager, and having a recovery strategy for that data, so I’ll cover that next. I’ll then present a low-risk approach to experimenting with using a password manager, which will help you understand the tough choices you’ll need to make before using it for your most-important passwords. I’ll close with a handy list of the most important decisions you’ll need to make when using a password manager.
Passwords
Yes, I know.
Another article about passwords.
Someone please shoot me before my head explodes.
Despite Bill Gates predicting the demise of passwords back in 2004, they are still very much in use, but the only people that care about passwords are journalists and SysAdmins. They have to justify their existence so they keep flogging the subject to death, much to the despair of those having to use them.
For the rest of us they are just a necessary pain.
But, fear not,
for I will show you the way to password nirvana.
Communication Channels
Privacy depends on controlling access to sensitive information. And anonymity plays a central role. It hinders information discovery, and reduces your exposure to coercion. You can express yourself more freely, with less concern about consequences. And it’s essential when you’re far weaker than your adversaries.
In the online context, privacy requires limiting communication to known and controllable channels. And it requires the compartmentalization of sensitive information.
These are the key aspects
Encryption
This is the number one factor that determines the security of your lifestyle.
Encryption refers to any process used to make sensitive data more secure and less likely to be intercepted by those unauthorized to view it. That includes Password Managers [KeePass], encrypting your files or partitions [VeraCrypt] and your sms messages [Signal]. Encryption is also used everytime you execute an online financial transaction [Paypal or ANZ] and for a multitude of other reasons.
When using encryption, the sender and recipient must use the same mathematical technique (known as an algorithm) to perform the encryption and decryption. That means that if you use your rubbish WhatsApp to send me a message it is not secure because I use Signal.
Encryption can cast a wide net, but without it, you'd all be fucked. Many of you take it for granted. Now that the desktop computer is considered an antique, most people carry their lives with them on their mobile. Yet how many encrypt their phone [to protect their financial details] or back it up [to protect their sanity]. I think I'm being very generous in guessing that no more than 5% would bother. Why - because it's to big a hassle. Time is better spent on bookface or some other meaningless social media than the few seconds [ok - sometimes more than a few] it takes to secure your life.
If you lost your phone how much would you pay to get it back?
Do you know how much it costs to protect the information in your phone?
Nothing. ZERO. $O!
Do yourself a favour and take a few minutes out of your boring meaningless life and just do it.
This is the number one factor that determines the security of your lifestyle.
Encryption refers to any process used to make sensitive data more secure and less likely to be intercepted by those unauthorized to view it. That includes Password Managers [KeePass], encrypting your files or partitions [VeraCrypt] and your sms messages [Signal]. Encryption is also used everytime you execute an online financial transaction [Paypal or ANZ] and for a multitude of other reasons.
When using encryption, the sender and recipient must use the same mathematical technique (known as an algorithm) to perform the encryption and decryption. That means that if you use your rubbish WhatsApp to send me a message it is not secure because I use Signal.
Encryption can cast a wide net, but without it, you'd all be fucked. Many of you take it for granted. Now that the desktop computer is considered an antique, most people carry their lives with them on their mobile. Yet how many encrypt their phone [to protect their financial details] or back it up [to protect their sanity]. I think I'm being very generous in guessing that no more than 5% would bother. Why - because it's to big a hassle. Time is better spent on bookface or some other meaningless social media than the few seconds [ok - sometimes more than a few] it takes to secure your life.
If you lost your phone how much would you pay to get it back?
Do you know how much it costs to protect the information in your phone?
Nothing. ZERO. $O!
Do yourself a favour and take a few minutes out of your boring meaningless life and just do it.
News items that warrant your attention
Queensland joins the axis
Queensland will become the fourth state to upload its repository of driver’s licences to Australia’s controversial facial recognition database. Queensland will join Victoria, South Australia and Tasmania as the next state set to upload its batch of driver’s licences to the national database, according to iTNews. The remaining states and territories are expected to follow […]
COVIDSafe App
Australia’s COVIDSafe app has been out for three weeks now but despite the government’s draft legislation stating the data cannot be accessed outside of coronavirus tracing purposes, some of its vague wording is causing legal experts concern over potential misuse. But despite the app seeming mostly fine on a software level, legal and tech experts still have […]
How Encrypted Messaging Works
With hackers becoming increasingly savvy, many Australians have turned to encrypted messaging apps to cloak messages between friends, colleagues and whoever else they’re speaking to. But beyond knowing it’s one of the safest ways to communicate digitally, end-to-end encryption remains a bit of a mystery. Here’s how it works and why Australia’s spy agencies are […]