For those not adopting the 'back to modem' or 'always off' internet connection
methodology, here is how flash, available in Puppy and PDF,
also available, is the new point of attack . . .
http://www.anewmorning.com/2011/02/17/a ... fographic/
Frets, threats and solutions to the usual drop point . . .
Puppy Linux
Securing your PC
Paranoia for Beginners
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
That is from the film 'Equilibrium' with its outrageous but fun Gun-FuPolygraph Technician: This is a control question, a riddle really. How would you say would be the easiest way to take a weapon away from a Grammaton Cleric?
Brandt: [speaks into Preston's ear] You ask him for it.
Let us apply it to the current time . . .
Them - How do you find out what people are doing and thinking?
Puppy Whisper - You ask them.
Simple really. Facebook rises. Is insecure. Job done.
The new generation shares and blogs without privacy concerns.
Transparency is the new norm. Are you raising suspicion by not having a social network account?
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
bacofoil = proprietary tinfoil used by tin hats
I am a great believer in preemtive paranoia.
Get them before they are after you.
Of course I am not crazy enough to implement this system which
I call the 'triple dorje' but the idea may be sound:
This is the system I would implement if I ran out of bacofoil.
Requires 3 computers. Each connected to the router, each secure.
Maybe it could be done with Virtual Box.
I would then swap between the three computers, perhaps generating spurious
noise from two machines . . .
Yeah too crazy - I know . . .
But maybe it is possible to write a macro that simulates
usage, whilst implementing an underlying 'world domination communication' node . . .
This week we got line crackle and had to have a new line installed to the telegraph poles (still used in parts of London) This carries both the telephone line and broadband. Our old line was about 30 years old and exposed to the elements and had corroded. It all sounded very plausible. Probably because it was.
Come to think of it we are one of the few streets that does not have cable. Why? Must find more bacofoil whilst I contemplate the answer . . .
I am a great believer in preemtive paranoia.
Get them before they are after you.
Of course I am not crazy enough to implement this system which
I call the 'triple dorje' but the idea may be sound:
This is the system I would implement if I ran out of bacofoil.
Requires 3 computers. Each connected to the router, each secure.
Maybe it could be done with Virtual Box.
I would then swap between the three computers, perhaps generating spurious
noise from two machines . . .
Yeah too crazy - I know . . .
But maybe it is possible to write a macro that simulates
usage, whilst implementing an underlying 'world domination communication' node . . .
This week we got line crackle and had to have a new line installed to the telegraph poles (still used in parts of London) This carries both the telephone line and broadband. Our old line was about 30 years old and exposed to the elements and had corroded. It all sounded very plausible. Probably because it was.
Come to think of it we are one of the few streets that does not have cable. Why? Must find more bacofoil whilst I contemplate the answer . . .
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Being truly paranoid one has to worry about operating systems one is not even running
This on security breach on Android OS
http://techcrunch.com/2011/03/05/androi ... -response/
Eventually I intend to be running Android or its descendent as a brain implant,
so am a little concerned at the remote kill precedent - a good thing for now . . .
Puppy Linux
Organically based
This on security breach on Android OS
http://techcrunch.com/2011/03/05/androi ... -response/
Eventually I intend to be running Android or its descendent as a brain implant,
so am a little concerned at the remote kill precedent - a good thing for now . . .
Puppy Linux
Organically based
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Electromagnetic pulses can fry our electronics temporarily.
A multisession Puppy can get us up and running again
with our data intact.
Would hard drives and solid state devices survive?
http://www.puppylinux.com/multi-puppy.htm
A multisession Puppy can get us up and running again
with our data intact.
Would hard drives and solid state devices survive?
http://www.puppylinux.com/multi-puppy.htm
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Something for you to worry about:
http://www.darkreading.com/vulnerabilit ... DR_APP_SEC
I quite like the sound of drive by malware.
Does this mean hackers in cars checking out the wifi connections?
I do occasionally run my eeepc from wifi and now have another wifi connected PC,
with which yesterday. I turned the firewall off.
Tsk tsk - so reckless . . .
http://www.darkreading.com/vulnerabilit ... DR_APP_SEC
I quite like the sound of drive by malware.
Does this mean hackers in cars checking out the wifi connections?
I do occasionally run my eeepc from wifi and now have another wifi connected PC,
with which yesterday. I turned the firewall off.
Tsk tsk - so reckless . . .
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
I know most paranoids are too fearful to trust the excellent Lastpass
http://lastpass.com/
so here is how to implement a secure password,
http://www.columnfivemedia.com/wp-conte ... SSWORD.png
that should keep you happy in between tinfoil origami classes
http://lastpass.com/
so here is how to implement a secure password,
http://www.columnfivemedia.com/wp-conte ... SSWORD.png
that should keep you happy in between tinfoil origami classes
-
abushcrafter
- Posts: 1418
- Joined: Fri 30 Oct 2009, 16:57
- Location: England
- Contact:
Lobster wrote:Being truly paranoid one has to worry about operating systems one is not even running
This on security breach on Android OS
http://techcrunch.com/2011/03/05/androi ... -response/
Eventually I intend to be running Android or its descendent as a brain implant,
so am a little concerned at the remote kill precedent - a good thing for now . . .
Puppy Linux
Organically based
[url=http://www.adobe.com/flashplatform/]adobe flash is rubbish![/url]
My Quote:"Humans are stupid, though some are clever but stupid." http://www.dependent.de/media/audio/mp3/System_Syn_Heres_to_You.zip http://www.systemsyn.com/
My Quote:"Humans are stupid, though some are clever but stupid." http://www.dependent.de/media/audio/mp3/System_Syn_Heres_to_You.zip http://www.systemsyn.com/
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Was amused by this, which I think explores our ability to live in fantasy paranoia's of our own construction . . .
http://www.murga-linux.com/puppy/viewto ... 624#517624
Barry seems to be playing with new ideas . . .
http://bkhome.org/blog/?viewDetailed=02239
Once upon a time (and this is a true story)
I used Windows XP.
I tended to use my computer, installing much freeware
and all kinds of dubious freebies.
I had virus protectors that would report each other as viruses
(Now now boys)
I had ad blockers that were being targeted by the malwarians.
Security was impossible
and the whole edifice collapsed
Fortunately I was also able to boot from Knoppix installed Debian
and had been learning about Linux by lurking on the Simple forum of a little known Puppy Linux.
So whilst repairing my familiar system I started to make more use
of these penguin wares.
Being weaned into fear by Redmond I was amazed that
Linux users took risks that I did not even contemplate.
They installed software from complete strangers without scanning
for malware
They connected to IRC
They ran without firewalls - well Puppy did.
They felt safe.
Eventually my attitude began to change
When you can set up a running OS in 3 minutes (that was my time for setting up a new Puppy in those early days)
what did it matter if anything suspicious happened?
As soon as packages were available I would try them
I was prepared to be 'hacked', compromised etc . . .
Never happened.
Eventually the Whining Windows were closed.
I now know were the risks are
They are in the browser, social networks and Cloud infrastructure
being imposed by 'security experts'
- possibly on secondment at Sony . . .
Even Sony can not keep our data secure - aren't they the company using root kits as a 'feature'?
http://www.guardian.co.uk/technology/ga ... -hack-sony
Puppy is your best friend
Be happy
http://www.murga-linux.com/puppy/viewto ... 624#517624
Barry seems to be playing with new ideas . . .
http://bkhome.org/blog/?viewDetailed=02239
Once upon a time (and this is a true story)
I used Windows XP.
I tended to use my computer, installing much freeware
and all kinds of dubious freebies.
I had virus protectors that would report each other as viruses
(Now now boys)
I had ad blockers that were being targeted by the malwarians.
Security was impossible
and the whole edifice collapsed
Fortunately I was also able to boot from Knoppix installed Debian
and had been learning about Linux by lurking on the Simple forum of a little known Puppy Linux.
So whilst repairing my familiar system I started to make more use
of these penguin wares.
Being weaned into fear by Redmond I was amazed that
Linux users took risks that I did not even contemplate.
They installed software from complete strangers without scanning
for malware
They connected to IRC
They ran without firewalls - well Puppy did.
They felt safe.
Eventually my attitude began to change
When you can set up a running OS in 3 minutes (that was my time for setting up a new Puppy in those early days)
what did it matter if anything suspicious happened?
As soon as packages were available I would try them
I was prepared to be 'hacked', compromised etc . . .
Never happened.
Eventually the Whining Windows were closed.
I now know were the risks are
They are in the browser, social networks and Cloud infrastructure
being imposed by 'security experts'
- possibly on secondment at Sony . . .
Even Sony can not keep our data secure - aren't they the company using root kits as a 'feature'?
http://www.guardian.co.uk/technology/ga ... -hack-sony
Puppy is your best friend
Be happy
Last edited by Lobster on Thu 05 May 2011, 09:05, edited 1 time in total.
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Malicious programmers focus on smartphones, tablets
http://www.physorg.com/news/2011-05-mal ... blets.html
http://www.physorg.com/news/2011-05-mal ... blets.html
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Sometimes (it is a wrench but it has to be done)
I leave my computer
During these returns to reality
I wonder if my computer has been secretly conspiring with the
hordes of non-existent root hunting bot nets out to demolish
my penguin ways . . .
A thought and question:
If I press ctrl + alt + backspace before leaving cyber world
(and then type 'xwin' on my return)
am I any safer?
I leave my computer
During these returns to reality
I wonder if my computer has been secretly conspiring with the
hordes of non-existent root hunting bot nets out to demolish
my penguin ways . . .
A thought and question:
If I press ctrl + alt + backspace before leaving cyber world
(and then type 'xwin' on my return)
am I any safer?
http://www.randomstorm.com/dvwa-security-tool.phpDamn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
DVWA is available either as a package that will run on your own web server or as a Live CD
or, if you're really serious,.....
http://www.youtube.com/watch?v=76y9gTE1 ... ature=fvwp
There's something to try vulnerabilities with and test security!
Aitch
Blue screen of Death and Black screen of death and now this Java White Screen of death.
When do we get a proper Chrome Shining Armor screen of Death
okay back on topic. How do I know if my puppie use that kind of vulenrable Java. Is there not two versions of java. Sun has one of them and the other are ???
When do we get a proper Chrome Shining Armor screen of Death
okay back on topic. How do I know if my puppie use that kind of vulenrable Java. Is there not two versions of java. Sun has one of them and the other are ???
I use Google Search on Puppy Forum
not an ideal solution though
not an ideal solution though
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Most Puppys do not use java
http://www.javatester.org/version.html
Also no mention of the java malware running on Linux.
Maybe if you try really hard you could get it running in Wine . . .
Maybe if you are really good you can worry about this bad bunny
http://www.sophos.com/en-us/press-offic ... bunny.aspx
I wonder if LibreOffice has made that bad buny redundant?
Cross OS java botnet is not the only one that'll catch a lot of people out
Skype for MAC is the latest, and the nasties 'could' transfer to any connected user, or online contact!
http://www.net-security.org/secworld.php?id=10992
Aitch
Skype for MAC is the latest, and the nasties 'could' transfer to any connected user, or online contact!
http://www.net-security.org/secworld.php?id=10992
Aitch
-
Lobster
- Official Crustacean
- Posts: 15522
- Joined: Wed 04 May 2005, 06:06
- Location: Paradox Realm
- Contact:
Just tried this as suggested by szzindian
http://ip-check.info/?lang=en
My tin foil hat is not gonna save me
this might be a solution?
http://anonymous-proxy-servers.net/
http://ip-check.info/?lang=en
My tin foil hat is not gonna save me
this might be a solution?
http://anonymous-proxy-servers.net/
Lobster/others
If you're a FF user also try these https addons
https://www.eff.org/https-everywhere
Else try Sandfox
http://igurublog.wordpress.com/download ... t-sandfox/
If you're a FF user also try these https addons
https://www.eff.org/https-everywhere
https://addons.mozilla.org/en-US/firefo ... ch-plugin/HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites.
http://www.gabrielweinberg.com/blog/201 ... clave.htmlDuckDuckGo now operates a Tor exit enclave
Else try Sandfox
http://igurublog.wordpress.com/download ... t-sandfox/
AitchSandfox runs programs within sandboxes which limit the programs’ access to only the folders you specify. Programs and their child processes, like Firefox plugins, Flash, and Java, are only able to access files within the sandbox. Sandfox supports the use of custom profiles which determine what folders and files are included in each program’s sandbox, and includes default profiles for Firefox, Skype, and Google-Earth. Sandfox can create separate sandboxes for each program, or can run multiple programs in one sandbox. Programs are run in a chroot jail as a normal user, providing a substantial level of security. Sandfox is designed to be very easy to use. It handles the details for you while still giving you the ability to construct custom sandboxes easily.