Friday, December 15

Anonymity and Privacy

Google+ Pinterest LinkedIn Tumblr +

Anonymity and Privacy Guide.

Chapter 1. Introduction CID Triad

The triad CID has been created to identify problem areas and recommended solutions when it comes to information security. The acronym represents a) Notice, b) Integrity c) Availability. This triad was created so that people take into account these three aspects of security to ensure proper use and control of the solutions in this area.
Your Ad Here

Confidentiality: Confidentiality is something that is done or said in trust or mutual security between two or more people. In essence, privacy is security and confidentiality means that a foreign individual can not access the information if they have access to it. It usually refers to confidentiality or privacy as the most important aspect of security.

Integrity: Refers especially to the integrity of the data, is the act of ensuring that the data has not been modified or deleted by people who have not been authorized to do so. This means that if you send a message to another person, that message has not been changed in transit. Integrity also ensures that you’re talking to the person you think is on the other side and not an intermediary with malicious intent.
Read more in Computers
« Do You Like Your Pc?
Most Popular is The Platform on Nokia Windows Phone »

Availability: Availability ensures that when you need the information that will be there for you to get. Not only must the data be available for you, but also have to be reasonably accessible. Security controls are meaningless if you can not access the information. This component is of concern, but for the regular user, not much can be done to ensure availability when dealing with websites, IRC servers or any other administered by a third party or group. For this reason the availability try not just to talk about backing up your data.

 
Chapter 2. Windows and GNU / Linux

2.1. Why free software is more secure

All we ever heard of free software and of “Linux” and I assume that at this time the vast majority of you reading this from a machine with Windows installed. But why is it important for safety use free software?

“Free software” means software that respects the freedom of users and the community. In general, users are free to copy, distribute, study, change and improve the software. With these freedoms, users (both individually and collectively) control the program and what it does.

When users control the program, the program controls the users. The programmer controls the program and, through the program, controls the users. A non-free program, called “proprietary”, is therefore an instrument of unjust power.

When users who control the program and not the other way we ensure that the software does not infringe on our privacy policy. The backdoors (or rear doors) in a computer system is a special sequence within the programming code through which you can avoid the security systems of the algorithm (authentication) to access the system. Although these doors can be used for malicious purposes and espionage are not always a mistake, may have been designed with the intention of having a secret entrance.

We should, therefore, avoid proprietary software like the plague. That’s one of the main reasons why this guide does not cover the use of Windows but focuses on * nix systems, and more particularly, GNU.

2.2. Windows

Please do not use. This guide does not include unique information concerning this operating system as it was not created with the idea of ??safety in mind. However, this (http://xqz3u5drneuzhaeo.onion/users/missionman/) page, which is being removed from this material itself is covered using this SO

2.3. Tails and Liberté Linux

Tails:

Tails is a “living system” that aims to preserve your anonymity and privacy. It helps to use the Internet anonymously almost anywhere you go in any computer without leaving a trace, unless you explicitly tell.

It is an operating system designed for use from a DVD or USB memory, operating independently of the computer operating system that you use. Is Free Software based on Debian GNU / Linux.

Tails comes with several applications pre-configured with security in mind: web browser, instant messaging client, email client, office packages, images and sound editor, etc..

Tails depends on the Tor anonymity network to protect your privacy online: all applications are configured to connect through Tor, direct connections (non-anonymous) are blocked.

Tor is free software and an open network to help against a form of network surveillance that threatens your freedom and privacy, your confidential business activities and relationships, and government security known as traffic analysis.

Tor protects you by redirecting your communications around a distributed network of relays made by volunteers around the world which prevents someone observe your communications from the sites you visit, also prevents the sites you browse get your physical location.

I highly recommend using this Operating System since today is the best and easiest to use. However, it simple does not make it worse, why complicate your own OS hardening when you have one created by the developers of Tor? You can get it here: https://tails.boum.org/.

Liberté Linux:

Liberté Linux is a Gentoo-based live distribution, secure, reliable, light and easy to use with the primary purpose of allowing anyone to communicate securely and covertly in hostile environments. Regardless of whether you’re a privacy advocate, a dissident or an agent you are getting in Liberté Linux a useful tool as an assistant in secure communications.

Liberté Linux is a Gentoo hardened kernel that includes all the improvements grsecurity / PaX, radically improving system resilience to software exploits. Measures such as the separation of privileges services add additional protection.

All persistent changes are secured in a LUKS volume / OTFE, easily accessible from any operating system. This includes application settings saved after shutdown, as well as any document that explicitly keep on the encrypted volume. The TFE volume is simply a file in the middle of boot that can be copied, or changed in size supported transparently from within Liberté.

You can reach safely, covert and reliable with other Liberté Linux users via the familiar email interface using communication wires, a messaging protocol based on the standard CMS starring the repudiability and perfect forward secrecy.

All network activity such as chat and web searches are automatically routed through Tor, I2P web addresses available to transparently too. After the system receives a network address, the only external traffic is encrypted ports emits HTTP (S) used by Tor. No other traffic is sent, even DNS requests. I2P traffic is routed through Tor also: I2P can use even if you’re following the most restrictive firewalls exist. As added an Insecure Finder is available for the express purpose of registration hotspots if necessary. Liberté can also be started in a non-anonymous with all other features intact.

Also leaves no trace Liberté in the system without the user’s explicit consent (such as file creation voluntarily external drives). Also all volatile memory is cleared when the system shuts down to prevent cold boot attacks.

Many other features to enhance privacy, as the randomness of the wireless MAC are automatically used to prevent point you in your activities.

Also included are other more mundane but useful applications, such as word processing documents and images. Do not be conditional bit size of the image, Liberté Linux is a fully capable distribution with support for HTML5 video, file managers, chat plugins, audio players, one multitiud multilingual sources, full application interface, localization keyboard and much better.

But which of the two is better? IMHO the election will rest upon the kind of distro you prefer, and the desktop environment you like. Tails is based on debian and uses GNOME as a desktop environment while Liberté Linux is based on Gentoo and uses Openbox. Personally, I prefer since I’m Tails debian and Ubuntu user since I started using GNU / Linux, but the decision is all yours.

 
Chapter 3. Ensuring your hard drive and your communications

3.1. Encryption

The encryption is based on cryptography, a system used since humans have wanted to keep the information secret. The earliest forms were Escítala encryption and ciphers. These forms of cryptography is based on two or more people who know the encryption key used or right before the message could have been sent.

There are many reasons for encryption. One purpose is the act of transforming data readable data can not be read by a third person without permission. The result of the process is encrypted information. The opposite process, make readable encrypted information is called decryption. It is also important to know that the term implicit decryption can come in the end encryption, a program that encrypts and decrypts also.

There are two types of encryption that should be used for two different purposes: Symmetric (private key encryption) and asymmetric (public key encryption). Symmetric encryption is used more because it is fast, easy to use and the most widely needed. You will use this form of encryption when only one pass phrase (password) as in the case of a hard disk encryption using TrueCrypt volume or persistent encryption Liberté Tails or Linux. Asymmetric encryption, on the other hand, you need two keys, one to encrypt and one to decrypt the information and is commonly used in sending information.

3.1.1. Symmetric Encryption

Although the use of persistent volume Tails or Liberté Linux is imperative if you want to keep your data protected on a USB installed with these operating systems, you may also prefer to have the hard drive of your PC with your SO principal protected everything you can. For this you should use encryption tools like TrueCrypt or Full Disk Encryption (Universal Key Setup Linux [LUKS] for GNU / Linux, Cryptographic Device Driver [CGD] for OpenBSD or GELI GBDE or in the case of FreeBSD).

> TrueCrypt can be obtained here: http://truecrypt.org/.

> LUKS can be used on GNU / Linux with the command default luksFormat *.

* You will need the package before you can use cryptsetup LUKS.

Note: Be extremely careful when using these tools, always make a backup of your files and read the relevant manuals of use before encrypting your hard drive.

3.1.2. Asymmetric encryption

When forced to make contact with someone you share the public key, for it implements asymmetric encryption secure key exchange using a public key and a private key. The public key is given to the world and is used to encrypt data that third parties we will go. These data we receive will then be decrypted by our person using the private key and password we have linked to it. The private key is also used to ensure that the data we have received are legitimate and have not been changed by the signature system.

Note: Now that you know the importance of the private key, it is essential to understand that no one has access to it as they could impersonate you and decrypt your messages if you have it in your power and know the password.

The system most used asymmetric encryption is PGP or GnuPG (the free alternative). This application is installed by default on * nix systems like Ubuntu or debian and is accessible via the command line. However, to facilitate the work of less advanced users, there are several graphical interfaces (friendly programs to avoid using the terminal) and Seahorse (GNOME) or KGPG (KDE) that are equally powerful.

Note: Please note that depending on the desktop environment that uses our distribution (GNOME, KDE, XFCE, Openbox, etc..) GnuPG GUI may vary. For example, GNOME / XFCE Seahorse used as both environments make use of GTK +, KDE uses KGPG, etc..

Read more: http://computersight.com/computers/anonymity-and-privacy-guide/#ixzz2VyTdVHuh

The term hacker is misused every day in the news, magazines, blogs and TV. The media use the term hacker to spread news related to computer crimes. As soon as someone is arrested for committing a crime police using computers, that person is immediately labeled as a hacker. The true meaning of the term hacker has been misused for a long period of time. Now, it’;s time to find out your true meaning.
What is a hacker?

A hacker is someone who has great technical skills in computing. The hacking is also an attitude towards life. Hackers solve problems and build things. They believe in freedom and voluntary mutual help. Hackers built the Internet, World Wide Web (WWW), Linux, Google, Facebook, Twitter and all that now exists to make life easier for all people around the world. Hackers are simply geniuses.

The opposite of a hacker called cracker. The cracker are individuals dedicated to penetrate computer systems in order to break them. A cracker is a person who intentionally violates the security of a system with the purpose of committing a crime. Often try to compromise computer systems in order to obtain valuable information and selling it to the highest bidder and get some profit. In short, the crackers are cybercriminals.

If you want to understand the culture of hackers, their physiology and their motivations should read a document called “The Conscience of Hacker”. This is a short essay written by an old hacker named “The Mentor”. This essay was written while he was in prison. Soon, testing the Internet spread quickly becoming popular, being well accepted soon as the official manifest within the hacker culture. This document is considered the cornerstone of hacker philosophy.

To be a hacker it takes more than good understanding of how computers and networks. You also need to have the right attitude. The following shows the recommended steps removed from the guide written by the famous hacker Eric Steven Raymond for all those people who want to become a hacker future.

1) Adopt the hacker mentality: Hackers have their own creed. If you want to become a hacker, repeat the following statements to the extent that the internalized in your mind:

    The world is full of fascinating problems to be solved.
    Nobody should have to solve a problem twice.
    Boredom and drudgery are evil.
    Freedom is good.
    The attitude is not replaced from the competition.

2) Learn programming: Learn to program some of the most popular programming languages ??such as Java, PHP, C, C + +, Python, Perl and others. You can learn to program by taking courses or reading books, but reading and writing code for other programmers is the most effective method to become an advanced programmer.

3) Learn to use Linux: Linux is the default operating system in the realm of the hackers. Linux is free software and was made by hackers for hackers. It is an open source project, which means you can read, write and modify its source code. You can adapt Linux according to their individual needs. It also has all the necessary tools to become a hacker as: compilers, programming languages, security tools, penetration tools, documentation, community and more. You can download and install on computed at any time. If you want to learn how to install Linux without reformatting your hard drive, we recommend just click here.

4) Learn English: English is the standard language within the hacker culture and the Internet. Learn to speak and write the English language correctly as it is almost mandatory requirement to be accepted within the hacker community. Hackers tend to be strong and rude to those who are able to write correctly in English.

5) Enroll in a community of online hackers: Most hackers communities are managed and administered by volunteers. Join a community. Help other members, ask questions, write guides and share their knowledge. When you show your dedication to the community this will bring the respect and admiration of the other members.

6) Communicate with other hackers: hackers for money is not his main motivation, therefore, in a world where money is not a sign of status it is reputation. Within a hacker community you gain reputation through the following actions: giving your time, energy, creativity and cooperation to the community and its members. The exchange of technical information and ideas is the best way to keep in touch and meet other hackers.

If you came up here reading this document is really interested in the subject of computer security and hacker culture, therefore, take this opportunity to introduce one famous hacker named Kevin Mitnick. In the past, Mitnick was the most wanted hacker by the federal government of the United States. Mitnick The hackers Nickname was “The Condor”. He became the first hacker to appear on the list of “Most Wanted” FBI for violating computer security company Digital Equipment Corporation.

Share.

About Author

Leave A Reply