rudolf @rudolf@infosec.exchange
Joined Sep 2019
When you write or sign legal documents with date, do not write 1-1-20 this year, always write like 1-1-2020 this year. Because it is easy to fake 1-1-20 to 1-1-2019 or any other year in 20xx.
Linux date is now 50. It started 01-01-70.
Happy new year!
If you use public USB charging outlets, make sure you have a charging only cable. These cables have no data lines. I got mine fit $1 in a cheapo shop.
If you use a cable with data lines, the outlet might do more than charging...
There is a cute Dutch film about a psychology student being terrorized by an app on here smartfone. If you have a possibility to see it, it is real fun.
If you want to remove all data from an Android device, this is what I would do:
Do a reset/wipe.
Set it up with encryption and a new Pasword, let it encrypt.
Do a reset/wipe.
(If you want to give it away, remove your google account before doing the above.)
German state authority "BSI" has withheld information about security problems in Truecrypt for almost 10 years. These could still effect Veracrypt.
This authority is supposed to help citizens keep their computers secure. But obviously they are not to be trusted.
#bsi #truecrypt #veracrypt
Many ISPs give you a new IP each time you disconnect and reconnect. That makes you much harder to track.
Many routers can be set to reconnect each day. Use that setting if you can.
With mobile devices swith off mobile data over night. That also saves battery.
Does anybody know of an alternative sync server for Firefox. Not run by Mozilla and peferably in Europe.
VPN hack, quite ugly:
https://lwn.net/Articles/806546/
Originally posted:
https://fosstodon.org/@ndegruchy/103261505230145155
rudolf
boosted
Wow, that is pretty scary. It's not a complete breakdown of VPN, but it does make it significantly less secure.
I just had a look at the "Masterpassword" app for Android. Do not use it!
You enter your name which is saved. When you enter a URL it generates a password from name and URL. So far so good. But then you should click the password to copy it into the clipboard. That is really bad, as the clipboard can be read by any app, any time. So you are lured to publishing your password. Why do folks who claim to give you security publish such crap? #android
Just in case you think buying a Oneplus is a good idea, pay cash if you can. Else, your privacy might be disturbed.
https://forums.oneplus.com/threads/security-notification.1144088/
rudolf
boosted
Digital Forensics and Incident Response Cheatsheets.
https://www.jaiminton.com/cheatsheet/DFIR/#
This guy's writeups are #goals
If you understand the meaning of Scotts advice you should also consider the Private Lock app. It locks your phone when snatched (by officials) or dropped (by you) by using the motion sensor.
Apple "infects" user with homosexuality :)
Russian sues Apple:
I am using DoH for over a year, and often get heat for advocating it. I like one sentence in an article article that @ScottMortimer mentioned which says that DoH:
" freaks out ISPs, makes Enterprise IT and Security nervous"
That is one reason why I like (and use) DoH. In the end DoH lets me take more control over my net usage.
Some one said that Snowden said that anyone who wants to be safe should remove the hard disk. I can't find anything on that. Does anybody have a link or quote?
I can understand that admins don't like DoH, as they simply loose control over who is browsing where.
An admin could block the IPs of known DoH servers. But then, a user can run a frontend at his home and use Dyndns to reach it. Such a frontend is a small webserver that handles requests, fetches the result from a trusted server, and wraps up the result in https. A router or Raspberry can can handle this.
Most who criticize DNS over HTTPS don't understand what it is good for.
DoH does not replace VPN andTor. If you need that, use that!
DoH is a low profile way to evade your DNS from being tampered, redirected, or censored. Change Firefox settings, and you are quite safe browsing in public networks. With a VPN, you are signalling that you have something to hide. Using DoH is much less visible.
Don' use DoH with Cloudfare, I use Securedns and Digitale Gesellschaft.
Joined Sep 2019
