rudolf @rudolf@infosec.exchange
Many ISPs give you a new IP each time you disconnect and reconnect. That makes you much harder to track.
Many routers can be set to reconnect each day. Use that setting if you can.
With mobile devices swith off mobile data over night. That also saves battery.
Does anybody know of an alternative sync server for Firefox. Not run by Mozilla and peferably in Europe.
VPN hack, quite ugly:
https://lwn.net/Articles/806546/
Originally posted:
https://fosstodon.org/@ndegruchy/103261505230145155
Wow, that is pretty scary. It's not a complete breakdown of VPN, but it does make it significantly less secure.
I just had a look at the "Masterpassword" app for Android. Do not use it!
You enter your name which is saved. When you enter a URL it generates a password from name and URL. So far so good. But then you should click the password to copy it into the clipboard. That is really bad, as the clipboard can be read by any app, any time. So you are lured to publishing your password. Why do folks who claim to give you security publish such crap? #android
Just in case you think buying a Oneplus is a good idea, pay cash if you can. Else, your privacy might be disturbed.
https://forums.oneplus.com/threads/security-notification.1144088/
Digital Forensics and Incident Response Cheatsheets.
https://www.jaiminton.com/cheatsheet/DFIR/#
This guy's writeups are #goals
If you understand the meaning of Scotts advice you should also consider the Private Lock app. It locks your phone when snatched (by officials) or dropped (by you) by using the motion sensor.
Apple "infects" user with homosexuality :)
Russian sues Apple:
I am using DoH for over a year, and often get heat for advocating it. I like one sentence in an article article that @ScottMortimer mentioned which says that DoH:
" freaks out ISPs, makes Enterprise IT and Security nervous"
That is one reason why I like (and use) DoH. In the end DoH lets me take more control over my net usage.
Some one said that Snowden said that anyone who wants to be safe should remove the hard disk. I can't find anything on that. Does anybody have a link or quote?
I can understand that admins don't like DoH, as they simply loose control over who is browsing where.
An admin could block the IPs of known DoH servers. But then, a user can run a frontend at his home and use Dyndns to reach it. Such a frontend is a small webserver that handles requests, fetches the result from a trusted server, and wraps up the result in https. A router or Raspberry can can handle this.
Most who criticize DNS over HTTPS don't understand what it is good for.
DoH does not replace VPN andTor. If you need that, use that!
DoH is a low profile way to evade your DNS from being tampered, redirected, or censored. Change Firefox settings, and you are quite safe browsing in public networks. With a VPN, you are signalling that you have something to hide. Using DoH is much less visible.
Don' use DoH with Cloudfare, I use Securedns and Digitale Gesellschaft.
I have been using DNS over HTTPS for over a year and I want to tell you why.
When I am in public networks like in a coffee shop I can use Firefox without being monitored or diverted to fake/phishing sites by that network. The only privacy leak would be SNI.
I don't need to change my system DNS and I don't need a VPN. This is especially important in Android where you can't use the Netguard if you use a VPN.
With Firefox, you can of course set the DoH server you want to use, you just enter a URL.
Hi, I am new here. I came from fostodon.org, where I am (also) rudolf and will stay there too. I wanted a bit more focus on secutity, and hope to find it here.
