Re: [Trisquel-users] Firewall in Trisquel?
In please, I need to encrypt this file or i will die situations encryption itself won't do much, in those situations one would need to use steganography or some form of plausible deniability. The only feature that could be tempting in Truecrypt is the hidden volume option; when I tested that in the past on a big HDD with lots of files it failed miserably, thats not to say that is never working but I completely lost my confidence of the product. This combined with the licensing issues, I wouldn't recommend it for any user case. -- I use: trisquel.info | ceata.org | fsf.org | riseup.net | duckduckgo.com | eff.org | h-node.com | torproject.org | airvpn.org | flattr.com | skepdic.com |
Re: [Trisquel-users] Firewall in Trisquel?
To be fair, physical access to a warm RAM would cripple any encryption. -- I use: trisquel.info | ceata.org | fsf.org | riseup.net | duckduckgo.com | eff.org | h-node.com | torproject.org | airvpn.org | flattr.com | skepdic.com |
Re: [Trisquel-users] Firewall in Trisquel?
RequestPolicy is good only in theory. In practice when RequestPolicy is enabled you basically broke all sites you visit and you have to spend seconds if not minutes to establish policies for each new site you visit; also, you end up allowing Blocked destinations at random until you end up with the content you need from the page. For me RequestPolicy was just a huge waste of time; a good cookie and referer control, HTTPS Everywhere, No NoScript and AdBlockPlus should be enough. -- I use: trisquel.info | ceata.org | fsf.org | riseup.net | duckduckgo.com | eff.org | h-node.com | torproject.org | airvpn.org | flattr.com | skepdic.com |
Re: [Trisquel-users] Firewall in Trisquel?
Very true. I have tried to make my computer clean memory on shutdown (similar to TAILS). However when I tried it, it would always freeze my computer, and I gave it up. Using bleachbit works, but I doubt it is so thorough as the TAILS cleaning process.
Re: [Trisquel-users] Firewall in Trisquel?
If anyone is interested in steganography check out steghide in the repo - powerful little program.
Re: [Trisquel-users] Firewall in Trisquel?
DuckDuckGo shows the query in the URL by default, even using HTTPS. In the settings you can change it to hide the query. The URL showing the query would look something like this: https://duckduckgo.com/q=baby20%kittens
Re: [Trisquel-users] Firewall in Trisquel?
How do I make gufw start with the computer?
Re: [Trisquel-users] Firewall in Trisquel?
Go to System Settings, then Startup Applications (in the Personal section).
Re: [Trisquel-users] Firewall in Trisquel?
RequestPolicy is good only in theory. In practice when RequestPolicy is enabled you basically broke all sites you visit and you have to spend seconds if not minutes to establish policies for each new site you visit; also, you end up allowing Blocked destinations at random until you end up with the content you need from the page. To each their own. I like it because I find it also allows websites to load a lot quicker. Just like NoScript, the more you use it the better it gets. And generally it is pretty easy to tell what needs to be enabled. Plus, with Web of Trust (WOT) you can get somewhat of an idea of what to avoid enabling. For me RequestPolicy was just a huge waste of time; a good cookie and referer control, HTTPS Everywhere, No NoScript and AdBlockPlus should be enough. No arguments from me that those are all good things that everyone should look into, and are probably enough for most people.
Re: [Trisquel-users] Firewall in Trisquel?
You can do that using ccrypt. You type in the current folder: ccrypt * and thats it.
Re: [Trisquel-users] Firewall in Trisquel?
It could be something like search for a line with [Warning] in this file, and if found, copy the entire line for that file. I will take a look at that later. But if you could provide an example I would appreciate :)
Re: [Trisquel-users] Firewall in Trisquel?
By open source I meant just that: the source is available. That means one can analyze the code. The fact that OSE doesn't accept TrueCrypt as a open source project doesn't mean that the software is not open sourced. Now, again, I agree that TrueCrypt is not the best option when it comes to ethical and philosophical matters.
Re: [Trisquel-users] Firewall in Trisquel?
How would that compare with GPG encryption? ccrypt apparently uses Rijndael cypher 256 bits. I wonder if that is as strong as GPG encryption. However it's a good option thanks :)
Re: [Trisquel-users] Firewall in Trisquel?
I think this might work: grep Warning your_input_file your_output_file Grep copies every line which contains Warning in your_output_file.
Re: [Trisquel-users] Firewall in Trisquel?
El dom 12 ene 2014 08:38:03 ECT, shiret...@web.de escribió: I think this might work: grep Warning your_input_file your_output_file Grep copies every line which contains Warning in your_output_file. Good example. Here are others: http://www.thegeekstuff.com/2009/03/15-practical-unix-grep-command-examples/ Remember the license if you make a script. Here is an example: http://pastebin.com/HsJZZqWM -- Saludos libres, Quiliro Ordóñez 600 8579
Re: [Trisquel-users] Firewall in Trisquel?
Thank you both! =D I will see about it later. I will let you guys know when I got it done ;)
Re: [Trisquel-users] Firewall in Trisquel?
To answer my own question: gpg -r 'keyname' --encrypt-files *.* It will encrypt all the files in the specified folder with the public key you choose. If you have multiple files and wish to encrypt each one with a different key, just do: gpg --encrypt-files *.* you will be asked for each key for each file.
Re: [Trisquel-users] Firewall in Trisquel?
Open source doesn't mean the source code is available. The OSI gives a definition for open source; it's about the same as free software. I'm not in support of open source, but diluting the term to include closed-source software is not good. It's not very nice, first of all (kind of like when people dilute the term free software the same way: program X is free and open source, and program Y is free but not open source), and it legitimizes false claims of proprietary software being open source when its source code is only available under a non-commercial and/or no-derivatives license.
Re: [Trisquel-users] Firewall in Trisquel?
Ok then don't call it opensource, but you can't just put it in the same box like normal proprietary software, since you can study the source code, or is this wrong? This gives you a lot more control than prop. software does, though I agree that it's not sufficient.
Re: [Trisquel-users] Firewall in Trisquel?
I would agree 100% with you if it was a icon maker program or a sound editing program. But it is a SECURITY program. Having the source code is a HUGE matter in this case, even if one doesn't give a damn about ethical side of free software. In a practical sense it still gives you the assurance that no one is backdooring anything. I agree with you 50% in that we should be careful to not fall into the if I am not paying, it's free. So, yeah, for the third time, I don't support or promote the use of TrueCrypt. However, in some cases, it might be still the best shot (plausible deniability for example) for some people. Still, I think we should stick with free software, and sometimes I agree that Open Source is a acceptable thing too.
Re: [Trisquel-users] Firewall in Trisquel?
On 2014-01-11 16:28, ron88...@gmail.com wrote: Thank You very much for your comprehensive answer. A lot of interesting and useful information :) Currentl I'm using Abrowser + HTTPS Everywhere + Adblock but I will try to replace Adblock with Noscript (or leave both). Ditto about all the great info. If I may, I also recommend you look into adding RequestPolicy. It is similar to NoScript, except that it blocks cross-site requests instead of scripts. It can take a little while to get used too, but it can really increase your privacy and security. Check out https://www.requestpolicy.com/ for more info.
Re: [Trisquel-users] Firewall in Trisquel?
Ok then don't call it opensource, but you can't just put it in the same box like normal proprietary software, since you can study the source code, or is this wrong? This gives you a lot more control than prop. software does, though I agree that it's not sufficient. For what it is worth, Wikipedia refers to TrueCrypt as a source-available program. (https://en.wikipedia.org/wiki/TrueCrypt) Which does distinguish it from most proprietary/closed source programs, even while falling short of free/open source programs. But I agree with everyone else in this thread, TrueCrypt should be avoided because it is not free software.
Re: [Trisquel-users] Firewall in Trisquel?
While I agree with you, I don't mind mentioning it because for some people (in life or death situations, not americans and europeans trying to hide pictures of their cats) it might be the only real solution. Yes, it is unethical from a free software view point, but it is a reliable solution due to the fact that it works, is nearly unbreakable, and you can study the source code (even can make changes for your own use anyway, if you don't mind not sharing them with anyone). And like I said, I am talking about please, I need to encrypt this file or i will die situations. Having said that, I don't mind using GPG (even if I would like to be able to decrypt on the fly).
Re: [Trisquel-users] Firewall in Trisquel?
El dom 12 ene 2014 16:47:35 ECT, gnu...@lavabit.com escribió: it is a reliable solution due to the fact that it works, is nearly unbreakable, and you can study the source code (even can make changes for your own use anyway, if you don't mind not sharing them with anyone). It is NOT reliable: Usage Example 2: Password Recovery Combining the product with traditional Forensic applications like Encase®, Forensic units used the RAM dump functionality to make a snapshot of the current RAM information and recovered the Hard-Diskencryption passphrase for TrueCrypt’s full disk encryption. http://wikileaks.org/spyfiles/files/0/299_GAMMA-201110-FinFisher_Product_Portfolio-en.pdf Check other sources too: https://duckduckgo.com/?t=trisquelq=!leaks+truecrypt -- Saludos libres, Quiliro Ordóñez 600 8579
Re: [Trisquel-users] Firewall in Trisquel?
Hi, I recommend gufw, is very intuitive and easy for beginners.
Re: [Trisquel-users] Firewall in Trisquel?
Use UFW for your firewall, or GUFW as a GUI. Also get AppArmor, which restricts applications to only access certain resources. It comes installed by default on Trisquel, but you will have to activate the profiles. See the Ubuntu wiki: https://wiki.ubuntu.com/AppArmor I don't know of any GUI for AppArmor, though.
Re: [Trisquel-users] Firewall in Trisquel?
You don't need a firewall or any other security programs. You might want to remove the ssh server though if you don't use it. For reading, check out https://www.gnu.org/philosophy/
Re: [Trisquel-users] Firewall in Trisquel?
I'm not much of a novice user to Debian-based distros (although I'm new to Trisquel), but AppArmor is still easy to use, just run sudo aa-enforce /etc/apparmor.d/* This should enforce all AppArmor profiles (although IIRC the chromium profile stops chromium from working). You should have apparmor-profiles and apparmor-utils.
Re: [Trisquel-users] Firewall in Trisquel?
I too always doubt open source programs but like free software. Why do you think he needs one?
Re: [Trisquel-users] Firewall in Trisquel?
Thank you for your response. GUFW installed, very easy to use :) I've also installed in Abrowser HTTPS Everywhere. Is it worth it to use?
Re: [Trisquel-users] Firewall in Trisquel?
To clarify, many GNU/linux distros don't install a firewall in default install. IN my opinion that is a bad choice, because while many people who came from windows have no idea about SSH, most know about firewall and will activate it if they have one. Also, I have already expressed why I think it is necessary to have a firewall in your system. Gufw is very easy to use and still allows you to manage everything you might want to. So, good thing you followed that advice Ronald. HTTPS Everywhere is a MUST. It will make sure that you use encryption on thousands of websites, which will prevent anyone watching your connection from knowing what you are doing. Note, they can still see what websites you connect to. For example, using http one can see you used duckduckgo to search for baby kittens for example. Using https one can see you connected to duckduckgo but can't see the search you made. So, that is a lot safer. If you want to hide which websites you visit and not be tracked online by ads and such, use the Tor browser bundle (www.torproject.org) Also, I would suggest Noscript addon for Abrowser. Even if you allow all javascript it will prevent XSS attacks and such. So it's a must too. Add adblock edge and adblock pop-up and you are good to go. Other good software for you to use in GNU/Linux are: -rkhunter (really easy to use and it takes a few minutes to run); -chkrootkit; -ClamTK (windows viruses don't affect GNU/Linux, but it allows to know if the source you are using to get files online is as safe as you think); -tiger; -DenyHosts (prefer this over Fail2Ban); Well, this is it. Remember, stay safe online ;)
Re: [Trisquel-users] Firewall in Trisquel?
That is the single most useful post on Linux security that I have ever seen (I have printed it for reference!) Where can I get this HTTPS Everywhere for Abrowser? I couldn't see it in the repo.
Re: [Trisquel-users] Firewall in Trisquel?
HTTS Everywhere is a project by the EFF and the Tor Project. link is: https://www.eff.org/https-everywhere If you are in for security you should add to that: -Using GPG. Hard to do if your friends don't want to change the normal way they use to send and receive emails, but many people online use it, so, install it. -Torbirdy is a good addon to use with GPG for anonymous email account. -encrypt everything. For example, you can and probaly should encrypt your swap partition. -BIOS passowrd. Even if it is useless in many cases, will save you from being beaten by a kid who can run faster than you. If you want to read more about security, here is a VERY GOOD link. http://crunchbang.org/forums/viewtopic.php?id=24722 I learned some new cool things there (even if most of it I already knew, it is a great post.)
Re: [Trisquel-users] Firewall in Trisquel?
TrueCrypt is nonfree software.
Re: [Trisquel-users] Firewall in Trisquel?
That's not good, I didn't know about it. Are there any free alternatives?
Re: [Trisquel-users] Firewall in Trisquel?
NoScript and Adblock serve different purposes. Noscript blocks javascript and XSS attacks. Adblock blocks known ads from loading in your browsing. Use both. Also, use Adblock edge, since Adblock Plus has an anti feature (allow some ads by default). You can complement Adblock with adblock pop-up. As for encryption, it's really up to you, and what are youd threat model and defensive strategy. You can encrypt only single files if you so wish, or you can try to encrypt an entire partition. Keep in mind that usually the more encryption you add, the less usable and fast your system becomes. One thing I would like to do but don't know how is a script to run rkhunter and chkrootkit, and give me a warnings only log. It could be a script that searched for warning lines and placed them all inside the same text file. If run everytime on boot, one could be more on top of his system's protection.
Re: [Trisquel-users] Firewall in Trisquel?
Keep in mind that TrueCrypt is open-source, which means in a practical sense you get the same security as in a free software. The problem comes with the licensing aspect of it. So, while I do not promote its usage and encourage people to find alternatives, if one MUST use it, he is not in danger of using a closed-source software. People argue with the ethical side of TrueCrypt, but in practical terms, it's the same as GPG for example.
Re: [Trisquel-users] Firewall in Trisquel?
ecryptfs can encrypt swap partition (see link above) but I haven't tested it yet. Don't know what else it can do. I think when one uses GParted you can format a drive and encrypt it with a password. However, I don't know what encryption is used so I don't rely on it. Does anyone knows if it is possible to encrypt several files at once using GPG? Like gpg encrypt *.* in current folder?
Re: [Trisquel-users] Firewall in Trisquel?
El sáb 11 ene 2014 17:22:43 ECT, gnu...@lavabit.com escribió: One thing I would like to do but don't know how is a script to run rkhunter and chkrootkit, and give me a warnings only log. It could be a script that searched for warning lines and placed them all inside the same text file. If run everytime on boot, one could be more on top of his system's protection. What is the exact expression are you looking for in each result? You can search for those expressions with grep. It is easy. -- Saludos libres, Quiliro Ordóñez 600 8579
Re: [Trisquel-users] Firewall in Trisquel?
No, TrueCrypt isn't open source. The OSI has not accepted any version of the TrueCrypt license.
Re: [Trisquel-users] Firewall in Trisquel?
You can use ecryptfs (see https://help.ubuntu.com/community/EncryptedPrivateDirectory). Or, if you haven't installed trisquel yet, there should be an option in the installer that says something like encrypt home directory. (this uses ecryptfs)
Re: [Trisquel-users] Firewall in Trisquel?
IF you haven't installed. I'd strongly suggest using the encrypted LVM option (present in netinst, i don't know if it's the default installer?). Be aware the encrypted-home option will prevent Hibernation (if it's a portable system) by default [it is fixable using keys somehow]. With the LVM it's just 1 password to mount multiple encrypted filesystems, instead of being prompted for multiple passwords on boot. cryptsetup FTW. more reasons to NOT use TrueCrypt (it's not free, it's not even open source...) at http://istruecryptauditedyet.com/
