Winstep

Software Technologies


 Winstep Forums


Print view
Board index : Winstep Forums : Articles  [ 5 posts ]
Author Message
 Post subject: Online Security & Privacy 101
PostPosted: Tue Nov 22, 2022 2:41 am 
Online
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2482
Location: Here, there, and everywhere
Online Security & Privacy 101

Foreword



So you think you have nothing to hide and you are not concerned for your security and privacy online and you don't give a crap? Really? Well, if you are a typical internet user, you really ought to be scared witless!

Consider this to begin with. Privacy is a fundamental human and civil right. Your data - any data you have stored on your PC and data generated by your PC's operating system and applications as well as by your browsing the web and other online activity - are yours and yours alone. Give any entity - the OS provider, any programmes, or any website - access to your data and in effect you allow your right to privacy to be violated and thus you effectively surrender your right to privacy. It is not about having or not having anything to hide, it is about your fundamental rights being taken away from you unless you defend yourself as vigorously as possible!

Make no mistake, it starts with your OS - whether it is Windows, macOS, Android, or iOS - constantly gathering all kinds of data from you and sending them back to Microsoft, Apple, or Google, such as your location, when you go online and how long you stay online, how active you are, your connections online, any data stored on your device, and a whole lot more. That is violating your privacy and at the very least potentially stealing your identity! It is comparable to someone spying on you physically, putting hidden cameras and microphones into your home and keeping track of everything you do and say in your home and when you do it or say it. How would you feel about that?!

But that is only the beginning. Whenever you register or 'activate' a piece of software, the software's originator can and often does get a whole lot of data about your system and you. Many applications regularly gather data and send them back. And then there are things like email and websites. All veritable data mining traps!

And 'Big Tech' is making billions from your data! Even many websites make money from your data, including of course most 'free' email providers. (Remember, there is no such thing as a free lunch!) Social media fall into the same category as well.

But what about governments and their agencies? While in many countries they cannot legally keep taps on your internet activity, they do not really need to do so. They simply buy all the data being openly traded in bulk!

And do not forget security. There are a myriad of dangers or potential dangers lurking out there. A hacker might hijack your PC to use as a spam bot or for other nefarious purposes. Malware and spyware could get onto your system. All your data could get stolen and/or destroyed, or encrypted for ransom. (The latter has been known to happen!) Similar dangers exist for mobile devices, and some very dark ones too at that.

However, the issue of your online security and privacy does not end there by any means - so far, this has been merely the beginning of this saga!

The wider problem with regard to online privacy is that its commonplace erosion and violation, in effect, enable total surveillance of the individual and/or household, not only by the 'Big Tech' corporations but equally sinisterly by the state. Think about this very carefully. This means the total loss of privacy, freedom of speech and expression, and ultimately, freedom, civil liberties, and democracy themselves, and results in a totalitarian state. You only have to take a close look at China to see how far this scenario is already in effect there, for example. In many Western countries - including much of the UK - CCTV cameras are spying on people almost as extensively as in China, with facial recognition used more and more. What about your shiny modern car - have you ever thought about that? It constantly sends out all manner of date, including your exact GPS location, when and where you stop and for how long, your car's performance, your speed, how many people are in your car, and more. Heck, the damn thing even keeps talking to you and you can't even turn that off! Got a credit and/or debit card? Every time you use one, you leave a trail about where, from whom you bought what and when, and so on. And payment methods such as PayPal, GooglePay, and ApplePay are no better if, indeed, not worse. (Crypto currencies can provide some sort of anonymity but are still financially insecure in that their value can fluctuate wildly from one moment to the next.) Do you use any kind of Loyalty Card? Same principle as credit and debit cards, the only difference being that the store or stores get your information in totally personally identifiable form at a glance. Granted, these latter can save you a penny or two or even a quid or two, but that in effect represents thirty pieces of silver - you are betraying and selling out your own privacy very cheaply.

Got a 'Smart Speaker' and/or 'Smart TV' and similar gadgets, a 'Smart Home'/IoT - Internet of things - and the like? The first two will listen to every word that is spoken within 'earshot' of the device and send it all back to the provider of the service. A perfect spy on your privacy in your own home!

'Big Brother' could only have dreamed of such mechanisms! And yet, most people don't give these matters a second - or even first! - thought. How sad is that!? And how alarming, indeed!

If you are not thoroughly horrified, nay, completely scared out of your wits by now, then in all probability no one can even hope to help you.

However, if you are concerned at all, then ensuring that your online life under Windows or Mac, or even the inherently safer and more private Linux, as well as of course your 'smartphone' or other mobile device, is as safe and above all as private as it possibly can be will be a good step in the right direction for you personally as well as help to save all our freedoms, civil liberties, and even democracy itself. All of these are under threat as never before.

The series of articles and appendices presented here will attempt to help you achieve the aim of making your online life under whatever kind of device and operating system as private and safe as possible. Ideally on PCs for instance, of course, you could decide to dump Windows or macOS for a start and run one - up to date - form or another of Linux, which is free and open source and above all in itself infinitely more private and secure. However, we shall not explore this avenue here, it is well beyond the remit of these articles and besides, we shall assume that for one reason or another you need or want to continue using your current operating system.

Bear in mind that the present series of articles and appendices are a mere brief introduction to the subject, dealing only with the rudimentary basics. This means that there is a lot of work left that you will have to explore further and implement yourself, and for some aspects you may need the help of a more experienced and knowledgable friend.

I wish you truly private and secure computing, whatever platform or device you may use, and close in the hope that you may contribute to the fight for privacy, freedom, and democracy for all.



February 2024
© nexter
All rights reserved



-> Next: Contents

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
 Post subject: Re: Online Security & Privacy 101
PostPosted: Thu Feb 15, 2024 3:39 am 
Online
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2482
Location: Here, there, and everywhere
Online Security & Privacy 101

Contents



Foreword

Contents

Mini Blog - Most recent developments in the world of privacy, security, and freedom, plus updates

Introduction


Chapter 1 PCs - Windows & macOS 101

Chapter 2 PCs - TAILS - The Anonymous Incognito Live System 101

Chapter 3 PCs - Linux 101

Chapter 4 Mobile Devices - Android & iOS 101


Appendix I Virtual Private Networks 101

Appendix II Encryption & Secure Data Deletion 101

Appendix III Web Browsers & Browser Based Utilities & Services 101

Appendix IV Threats Posed By AI 101

Appendix V Threats Posed By Quantum Computing 101



February 2024

© nexter 2024
All rights reserved

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
 Post subject: Re: Online Security & Privacy 101
PostPosted: Thu Feb 15, 2024 4:33 am 
Online
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2482
Location: Here, there, and everywhere
Online Security & Privacy 101

Mini Blog



20241002
Once more we have to return to the topic of Proton's use of the non-privacy respecting services Zendesk - a US-based company that, incidentally, uses 'AI' aka ML aka LLM - and Uservoice - perhaps by coincidence or perhaps not also a US, SF-based company.

Following my contact's having written an 'Open Letter' via email to the illustrious Board of Trustees of The Proton Foundation - which amongst others includes Dr. Andy Yen and Sir Tim Berners Lee - to present the case to them, with well over a month having elapsed since, my source reports that he/she still has not received any reply whatsoever. He/she is thinking of perhaps sending a follow-up message.

I very much regret this whole sorry business leaves me, as a firm Proton advocate, more than a little disappointed and perhaps even somewhat disillusioned. Proton's conduct in this whole matter is not only utterly inexplicable but even inexcusable.

My source and I have jointly decided henceforth not to avail ourselves of Proton's non-privacy customer service to report any issues, bugs, and the like. Proton's loss, as much as alas our own. However, there is another avenue to contact customer support. Furthermore, we shall henceforth not use Proton Uservoice to post, comment, or vote, or otherwise provide feedback. Decidedly Proton's loss.

However, in place of this, I shall be reporting on any missing features and other inadequacies of Proton apps, as well as making suggestions, here in this Mini Blog. I shall do so in conjunction with my source, who has so far been making valuable contributions to Proton's feedback.

This not withstanding, one still would hope that Proton/the Proton Foundation's Board would clear up this sorry affair with some kind of response or statement.

Furthermore, none of this should be seen as any kind of reflection upon the quality of Proton's software. It is singular in providing the best and strongest privacy and security protection available, and I shall continue to endorse it and advocate its use.


More privacy/security news soon.

© nexter
All rights reserved



20240909
Following lively discussions elsewhere, it has become necessary to add a couple of supplements to the article 'Windows & macOS 101' to cover topics such as privacy-focused installation and/or clean-up of the OS and its configuration. Work has already started on these, putting other articles on hold for now.


We have to return to the topic from last time concerning Proton's use of the non-privacy respecting services Zendesk - a US-based company that, incidentally, uses 'AI' aka ML aka LLM - and Uservoice - perhaps by coincidence or perhaps not also a US, SF-based company.

My contact informs me that he/she had written an 'Open Letter' via email to the illustrious Board of Trustees of The Proton Foundation - which amongst others includes Dr. Andy Yen and Sir Tim Berners Lee - to present the case to them a little over three weeks ago. With over three weeks having elapsed since, a more than reasonable time to allow for at the very least some kind of acknowledgement of receipt, my source reports that he/she has not received any reply whatsoever.

I regret to have to say that at this point I am more than just a little disappointed in Proton over this whole sorry business. As much as I am taken by their underlying ethos and their aim for a privacy by default internet, I find this whole matter and their conduct in it incomprehensible. Just as I find it incomprehensible that they keep adding more new apps or major new features while some of their existing apps are seriously in need of major attention. In all these matters I have to agree entirely with my source, and in his/her words (not necessarily verbatim), "one has to wonder whether all of this is not a sign of a major malaise within Proton. One of weak and perhaps misguided leadership and a huge degree of inexperience throughout the organisation.

"Good public and especially customer relations are vital to any business. However, software development, good, solid, inspired even, software development cannot ever be subservient to any kind of 'democracy'. It requires strong - even if somewhat dictatorial - leadership from the top, leadership with vision, inspiration, passion, focus, and ideas and ideals, and the ability to inspire the rest of the team while never settling for less than perfection, and the ability to see things through to the end. This could quite well describe the late Steve Jobs while he was running NeXT - he never accepted the term 'impossible' from anyone, with the result that NeXT produced some of the most advanced hardware of its time and far and away the best and even the most beautiful OS of the time. It's the lack of this kind of leadership and the 'democracy' culture in Linux desktop distros that alas has so far always held back Linux's developmental growth and innovation and its growth of market share. One would like to hope that Proton could fare better.

"Yet sadly, somehow none of these qualities and principles seem evident with Proton. Vision, perhaps, but else? And experience would suggest that all and any basic features are included in any app from the outset, and that good, detailed documentation is provided with each and every one from early on. Again, these are areas in which Proton seems to be lacking. In fact, no user guides exist for any Proton app on any platform so far, other than some very basic 'instructions' on web pages that seem as much ad as instruction.

"Similarly, one might perhaps put it down to inexperience that Proton chose to use far from privacy focused services for its customer support and for user suggestions/feature requests/feedback and the like at the outset that are irreconcilable with its ethos of 'privacy by default' and the 'advancement of privacy, freedom, and democracy'.

"However, one would reasonably assume that, given the time elapsed, the Proton Foundation's Board of Trustees would have at the very least acknowledged receipt of the email referred to above while perhaps considering a response. In the absence of such, one can, sad to say, only be left to wonder..."

So much for my source. Regrettably, I have to state that I have to agree entirely with his/her analysis, views, and sentiments. However, none of this should detract from the importance of Proton to privacy software and to any internet user valuing online privacy and security.

Personally, I would not want to be online without Proton's VPN - now featuring availability of Proton's own 'Stealth' protocol on Windows and macOS, although at least the Windows version still seems buggy and results in fairly frequent disconnects/reconnects - and Proton Mail. I am reasonably happy with the Drive web app, though I decidedly would not want to use the current Windows desktop app - nor any Linux port thereof - until some major revision. Similarly, the current incarnation of Proton Pass is still severely lacking in my opinion, although it has promise. Generally, if privacy and security are your concern, my advice has firmly to remain to stick with Proton.


More privacy topics next time.

© nexter
All rights reserved



20240802
Just in the last Mini Blog entry we talked about the importance of Proton in the fight to defend the rights to privacy, freedom of speech, and even freedom and democracy itself. And Proton is indeed our best hope in this.

However, there are a couple of things that sit rather ill with Proton's ethos of the above. I, along with a few others of my acquaintance, have long been unhappy that Proton's otherwise exemplary (email) support is not end-to-end encrypted, utilising zendesk.com instead of keeping it within the Proton domain. The same must be said about the feedback and feature/app suggestion/request system, which uses the appalling Uservoice.com, rather than an on-site alternative.

Both of these do not sit well with the general Proton ethos, neither of them being privacy-centric. Indeed, Uservoice email notifications come with a tracker, although this is swiftly removed by Proton Mail before it ever reaches your inbox!

But more worrying news has just reached me in relation to Uservoice. I am told by a reliable source and fellow privacy, freedom of speech, as well as Linux, Ubuntu, and Proton campaigner and advocate that Uservoice supervises Proton Uservoice with a bot censor/s that seem to instantly pounce on anything they may deem not to be 'politically correct' - and possibly other, even more mysterious criteria seem in operation. In a comment, my source used the common enough and perfectly innocuous expression 'bitching and moaning' - the former term was instantly censored. Whether this term is or is not 'politically correct' is indeed highly debatable. But then, apparently it is not 'permissible' any more even to call a female dog a 'bitch' - an absurdity like all PC-ism. In another comment about this issue, my source mentioned not giving a flying 'flatulence' about PC-ism - in which I would heartily join him/her here - only to have the medical term for fart instantly censored, by what twisted logic I'm sure even the gods would not be able to fathom.

Such censorship is a complete violation of the right of freedom of speech and as such is indefensible in the context of Proton's stated ethos and incompatible with it! In closing this topic, one may only hope that Proton will prove true to that ethos and not succumb to the tyrannies of identity politics and their PC 'thought police'. (Orwell had nothing on them!)


Staying with Proton a while, yet another new product has been launched, the Proton Wallet, a self-custodial secure and private Bitcoin wallet. However, initially this is only available to Lifetime and Visionary Accounts. More general availability will follow gradually as and when sufficient infrastructure upgrades are in place.

In principle, I have to say I consider this app to be an excellent idea that fits perfectly into the Proton ecosystem and its ethos, and I quite eagerly await its general availability myself. And yet, there are at least two big 'buts' here. The appearance of the Wallet represents yet another alarm bell warning that Proton is over-stretching itself in a near frantic rush to come up with more and more features and apps. With a total of merely about 500 employees one has to wonder how many are actual programmers and otherwise directly concerned with application development, and how many are involved in admin, IT management, customer service/support, and other jobs. Even being (over-) generous, I cannot see how more than at most one third of the total could be engaged in the first category.

With five pre-existing apps, of which one (Pass) is very deeply flawed, another's (Drive) desktop implementation is deeply flawed, and even the generally excellent Mail and VPN need some improvements, in the case of the former just minor features and in that of the latter an improved update process, one could be forgiven to think there would be more than enough work to get things right and little time left for new major features let alone apps. (I so far have not been able to look at Proton Calendar as I've never had use for one so cannot comment on that yet.) And yet, we have recently had the new 'Doc' feature for Proton Drive, and - aimed squarely at the business sector - the new 'Scribe' add-on for Proton Mail, "a private writing assistant that writes and proofreads emails" to quote Proton's blurb! All this plus Wallet?!

Now for the second 'but'. If your infrastructure currently will not be able to cope with the demands of a general release, as indeed Proton admits is the case here with Proton Wallet, surely it would be better to just announce the app as a forthcoming one while the infrastructure is brought up to speed? Furthermore, this issue would seem to indicate that Proton's finances are somewhat stretched.

Anyway, for those interested in this app, there is more at Proton Wallet. It's certainly mouthwatering!


A few months ago I mentioned the Waterfox Browser. I have to add here that while over all my impression is still favourable, it does not see much use here and I am mostly just keeping an eye on it in the hope that certain issues will be addressed. The issues I quickly discovered include that of the cache not being cleared when re-starting or closing the browser in private mode, in common with Firefox, and not retaining the setting to query certificates. One lives in hope!

© nexter
All rights reserved



20240715
Why Is Proton Important?
Proton, the Swiss premier privacy and security software developer, should matter a great deal to anyone even remotely concerned about their online privacy and security, and it is time we explored here why this should be so in a little more detail than would be possible elsewhere under the umbrella of "Online Security & Privacy 101".

In order to further assure their status as a not-for-profit, Proton has recently placed the majority shareholding of Proton AG into a non-profit Proton Foundation, led by Proton founder Andy Yen, joined by Jason Stockman (Proton’s co-founder) and Dingchao Lu (Proton’s first employee). This is to assure Proton's ability to continue putting people and people's privacy and security before profit. This also puts beyond the remotest possible doubt the motives and aims and its essential benevolence, even nobility, of purpose.

Furthermore, to further confirm the soundness of its security systems underlying all their open source applications, Proton sought and recently received ISO 27001 Certification, following a rigorous external audit. While this should also reassure ordinary users that their online privacy and security is in very safe hands with Proton, it no doubt is even more important to the corporate sector where Proton has to earn a substantial share of the funds it needs for continued development as well as continual upgrading and expansion of infrastructure.

While both of the above should substantially help to assure Proton's future longer term, in the shorter term there are without doubt difficulties to be met and overcome. Being funded solely by users paying for Proton's services - which is what Proton's apps essentially are - means that it is somewhat beholden to its users and their wishes. In other words, its users have a substantial influence on what will be developed. At the same time, Proton's funds are not unlimited - even if there are over 100 million paying users, this would still put considerable constraints on the numbers of developers that it can employ.

At present, there is already a substantial amount of work needed in fixing bugs and other issues in existing applications and achieving full parity for Linux. In addition, Proton's website, in my considered opinion, is in a woeful state and in need of complete re-design. Integration into Proton's own site of customer support - in place of the current service through Zendesk which is not end-to-end-encrypted while occasionally, support issues need users to disclose sensitive information - surely should be considered as fairly urgent. A little less urgent would be to move the current - IMO - rather messy and unsatisfactory Proton Uservoice to Proton's website in the form of a series of properly interactive forums.

Any one of these tasks would require a lot of work and even the first mentioned of fixing current apps should be enough to prohibit any immediate work on further apps. Proton's developer teams are not large enough for that as I see it.

One would therefore appeal to the Proton user community to show restraint in their wishes for new apps and to wait patiently. It is remarkable just how many apps Proton has already delivered in a relatively short time, and users ought to appreciate this and give Proton some breathing space as it were to put these right first.

Proton is the only comparatively major independent, non-profit and fully open source and open standards developer committed to a focus on privacy and data security there is at present. Its apps consist of Proton Mail, Proton Calender, Proton VPN, Proton Drive, and Proton Pass. An already rich privacy ecosystem that is available for all major computer platforms and mobile devices, and more.

This is why Proton is not merely important but I would suggest vital for anyone seeking to conduct their online activity in a privacy and security maintaining environment. All apps are and always will be available in free versions that are perfectly capable. At the very least, the privacy seeking internet user needs Proton VPN and Proton Mail. There simply is no viable, truly privacy-focused and safe alternative to these two. The Calender - which incidentally comes with Mail - is a feature rich app that also compares well to any competitor. Proton Drive in its web app form is excellent, though I cannot at present recommend the desktop apps for Windows and macOS as they still need a lot of work to make them secure and properly private. Until it also receives major improvements, I regret I also cannot recommend the Proton Pass app in any shape or form and instead would recommend using KeePassXC in the meantime. In particular, the latter's Password Generator is currently far more capable, allowing for very long passwords that can be highly complex and include extended ASCII characters. The 64-character limitation and lack of extended ASCII character option of the Password Generator of Proton Pass are sadly simply not up to scratch for now. As an example, I use complex 256 and even 512 character passwords that include extended ASCII characters for device encryption.

In conclusion, I simply cannot over-emphasize the importance of Proton for anybody with even the slightest concern for their online privacy and security. If you have not done so yet, I can only urge you to go and try the Proton apps and, if you can possibly afford them, get the paid apps and support Proton. And supplement them by using privacy-focussed browsers such as TOR and Firefox and privacy-focussed search engines such as DuckDuckGo and others. Also if at all possible avoid anything Google.

Ultimately, everyone's freedom of speech/expression, freedom itself and even democracy depend on the fundamental right to privacy, and Proton is the best defence of this that we have. So come and join the good fight!

© nexter
All rights reserved




20240526
In the UK, a huge potential privacy issue is presented by the ongoing introduction of so-called smartmeters by electricity and gas suppliers. There are other issues in relation to these 'smartmeters' too, but here we shall focus on the privacy issue and only very briefly deal with other issues in passing.

'Smartmeters' started to be introduced in the UK in 2011, ostensibly with the aim that they would help reduce energy use and contribute to reaching the government's net-zero greenhouse emission targets. However, another scenario at least potentially presents itself. But first, a little insight into how 'smartmeters' function.

Briefly, they read your consumption of energy continuously like a conventional meter, but send these readings at user settable intervals - varying from every five minutes to once a month - via the cellphone network to the supplier. The data are processed - allegedly anonymised - by a specialist company before being returned to the supplier for billing the customer. However, unlike a conventional 'dumb' meter, 'smartmeters' record energy use in great detail, such as spikes and drops, in real time. Given the characteristics of various appliances and gadgets, it is possible to distinguish what is being switched on and when and when it is switched off.

All these data further can be used to exactly profile your energy use and more besides, such as the times you are active in your household, the times it is likely to be unattended, and more.

At present, energy suppliers claim that your data are not shared or sold on. Even if true, this could change at any time and most likely will eventually. But even in the absence of this, imagine what could happen in a major data breach : all your data could for instance end up on the dark web, giving a perfect guide to when it might be easiest to burgle your home!

Essentially, 'smartmeters' represent a massive violation of privacy that nobody should tolerate.

For a variety of reasons, almost half of UK households have so far refused to have 'smartmeters'. What the situation might be in other countries I have been unable to ascertain so far, although I certainly discovered that some countries have so far not started introducing them.

Of those households in the UK that have 'smartmeters', about half have or have had problems with them, such as malfunctions causing unusually - even stratospherically - high bills, and others. The other half seem happy with them and claim that having a 'smartmeter' is saving them money, sometimes a lot of money.

Apart from the gross privacy issue, there are as already indicated earlier other issues concerning 'smartmeters'. Perhaps one of the other major ones, if not the major one, is that the return of data to the supplier via the G5 cellnet network occurs in bursts at much higher energy levels than a cellphone, and this technology has not been around long enough yet to be considered safe with any degree of certainty. The considerable number of households that have or had problems with their 'smartmeters' is another.

However, it is of course the issue of massive privacy violation that is totally unacceptable. This is as bad as anything that the likes of Big Tech Google and others get up to. With one difference though - the energy suppliers themselves are completely clueless where IT technology is concerned! 'Smartmeter'? No thanks!

Finally, a brief return to the topic of encryption. While not a recent article, Can Encryption Be Broken? is nonetheless of interest in this context, as well as What To Do If Your Data Is Leaked?. The former explains the most common causes of encryption being broken, while the latter gives advice on what measures you could take in the event of your data being leaked. How Passwords Become Compromised is about exactly what it says on the tin, while Hacker tricks are getting smarter... deals with various fairly new methods that hackers use to get their hands on your data and how Proton's privacy apps can keep you safe.

© nexter
All rights reserved




20240504
Today, everything you always wanted to know about encryption but were afraid to ask. Well, almost everything.

Without further ado, the Proton Blog's What is Encryption? article is a good introduction to the topic. Further information can be found in What is PGP Encryption?, What is End-to-End Encryption?, and Zero-Access Encryption.

Also of interest should be Post-Quantum Encryption, which deals with post Quantum-safe encryption, that is, encrption that should or will be safe even once Quantum computers do become a real threat as they should be able to break current encryptions.

Of further importance to note is What is a Brute Force Attack?, a common variety of attacks seeking access to user data and more.

Last but perhaps not least, Is the Future Passwordless? deals with the increasing number of methods of passwordless log-in and the for the foreseeable future co-existence of passwords with methods such as PassKeys and more.

Of course, this is by no means any kind of exhaustive information on the subject of encryption, but at least it covers a few bases.

Meanwhile, work is continuing here on further articles as listed on the Contents page, albeit slowly due to extreme time constraints. These latter also mean that Mini Blog posts unfortunately may have to take a bit of a backseat from time to time.

© nexter
All rights reserved




20240420
Something a little different this time - back to the usual next time. But this affects us all.

Directly related to privacy and security are the concepts of freedom of speech, freedom of expression, and ultimately freedom of thought. Without these, there is no freedom, and democracy cannot exist.

All of these are being eroded to a frightening degree and indeed are threatened as never before. The tyrannies of 'Political Correctness' and Identity Politics - the politics of basing identity on the belonging to some kind of 'group', i.e., e.g., feminists, belonging to a particular minority religion, belonging to a certain minority ethnic group, Zionists, the LGBT (I'll stop at the 'T' as the 'T' is abomination enough IMO!) 'community', and others, and the 'woke' cult and ideology, 'cancel culture', and more - are certainly most instrumental in this erosion of freedom. Indeed, Identitarians practically and effectively act as a thought police.

Not enough that social media and similar platforms are firmly in the grip of this thought police, Big Tech itself has been quietly or not so quietly working away for some time at ways to censor speech and impose the ludicrous politically correct Orwellian NewSpeak on users. Big Tech Speech-Police Feature To Promote ‘Inclusive Language’, an article by 'Save Britain' dated April 26th, 2022, makes for interesting reading! Of course, the villain of this particular piece should be familiar to everyone and it should come as no surprise that it is none other than 'Big G' aka Google itself.

And for a prime example of woke and cancel culture in action in the developer world seek out this series of articles.

All this certainly reinforces the need for all internet users to fight for their privacy and for freedom and democracy itself. If you have not done so already, come and join the privacy revolution and embrace open source privacy software such as Proton! All Proton apps are available in free versions - free not because of advertising but because of the large numbers opting for the paid versions.

Personally, I shall never succumb to NewSpeak and Political Correctness and other absurdities etc. Hence, let me conclude by paraphrasing that wonderful living, talking teddybear Ted: "F*** that! Who gives a shit about shit!" ;)

Next time, the planned coverage of encryption and more.

© nexter
All rights reserved




20240413
A bumper crop today!

If you have ever wondered just how much email providers and various apps for your Windows or macOS PC and your smartphone care about your privacy, then discover just how you are being conned in this "Privacy Washing" article on the Proton Blog!

Some news on the web browser front. This topic will be covered in some detail in its own forthcoming appendix here of course, but just a few 'head ups' for now. I am rather dismayed to discover that the otherwise possibly very good DuckDuckGo Browser for Windows is in fact a Microsoft Store app! I couldn't possibly comment on the macOS, iOS, or Android versions of course, and I was waiting to see when a Linux version would appear before having a closer look. In view of the news here I am not sure that I would actually recommend this browser.

I have been meaning to have a closer look at the Waterfox Browser as that is once again an independent project in the hands of its original developer since last year. However, the Linux version seems to be a portable app without an installer and will run just from its unarchived directory. I still have not got around to creating the sym link but will do when I get a moment. First impressions are very favourable. Shall also install the Windows version ASAP.

Meanwhile, the Mullvad Browser does get used a bit - mainly in Ubuntu Linux - and performs well. Other browsers to be included in the appendix will include Librewolf, Pale Moon, and others.

Something for the Windows 10 and 11 users, but definitely somewhat savy ones, is Windows Tool from Chris Titus. Open source of course. This runs in Windows Powershell (with Admin privilege) and lets you, among other useful things, tweak your Windows to your heart's content and remove a lot of junk and privacy/security impeaching stuff. For instance, it lets you get rid of that ghastly data harvester Windows Edge! It is a brilliant utility. I have been using it a fair bit for quite some time now and find it to be invaluable. I should have mentioned it here from the beginning of this Mini Blog but somehow always forgot until the topic came up in a query in a forum the other day!

Some of the results after first tweaking etc. session, only Windows 10, Proton VPN, and ESET running. (I kept a list! I was amazed!) Edge and MS Store apps - gone. A lot of other junk too. Hooray! Active tasks (e.g., Windows services - loaded only when needed) down 30-40%. Memory use down about 35%, overall resource use down substantially. Everything running noticeably faster. Shutdown almost instant. Reboot very fast and booting up very much quicker too. Result!

Definitely a 'must have' utility for privacy and security conscious Windows users.

And just in at the time of writing, Proton and Standard Notes join forces. Excellent as Standard Notes is and much as this will be welcome by many users, I cannot help thinking this may be a bit of overkill, especially also considering Standard Notes' price structure. The top package costs about as much as Proton Unlimited. How that will all fit together remains to be seen. I cannot help being somewhat sceptical and concerned that this may be to the detriment of paying Proton users in terms of cost.

© nexter
All rights reserved




20240324
Lots of interesting and vitally important online privacy and security info this time.

To kick off, here's something for the iPhone users out there. Ever wondered how private using your iPhone really is? You may glean something from this article on the Proton blog. After reading and digesting that, you may well want to throw the blessed iPhone in the junk and certainly ought to consider changing to something else, or at least making it as secure and private as possible. And BTW, much the same info pertains to the iPad also.

Also on the subject of privacy and data harvesting with particular regard to email, this article from the Proton Blog focuses on Gmail but is likely to equally apply to other 'freebie' email providers, including at least to some extent to some of the claimed 'privacy' ones.

The lesson so far? Don't trust anything from anyone unless it's fully Open Source and gives you fully end-to-end-encrypted email with zero-access-encryption using fully open standard encrytion. (Hmm, yes, that leaves out Tuta - previously aka Tutanota - for starters.)

More on the topic of encryption perhaps another time.

The Proton Pass Password Manager now fully supports Passkeys for all Proton Pass users whether free or paid. What's a Passkey? explains all.

© nexter
All rights reserved




20240313
Excellent news from Proton - their desktop app of the superb Password Generator/Manager / Identity Manager 'Proton Pass' for Windows is now available, in addition to their apps for Android and iOS. The Linux and macOS desktop apps should follow shortly, while in the meantime the browser extension is there. I personally have not had the opportunity yet to install the Windows app as I have not used Windows again yet - the Linux version will get far more use here when it comes along.

I would have provided a direct link to the Proton post announcing Proton Pass for Windows but only get an .onion (TOR network) link atm. You can find it easily enough though doing a quick search on the PROTON WEBSITE.

And while you are there, you may also find heaps of excellent articles concerning privacy, security, and also all the superb Proton apps.

© nexter
All rights reserved




20240224
The documentary in the 'Storyville' series titled 'Total Trust: Surveillance State' broadcast on BBC4 TV at 22.00hrs GMT on 20th February in the UK proved of great interest indeed. Not only for what it actually dealt with, but just as interestingly for what it did not deal with - the world-wide descent into a surveillance society. Another point to note is, of course, just how accurate/credible this film was. Living in the age of 'fake news' and fake everything as we do, are any of the media still credible?

But let us assume for now that this film was accurate and credible. Yes, truly terrifying to say the least. But the western world is not very far behind, and in many ways it is well ahead of China. Digital surveillance and its consequent total erosion of privacy for one thing is far more advanced and far-ranging. But apart from that, other factors are at work in the erosion of freedom of expression freedom of dissent. In the west, we do not need any state apparatus to suppress our freedoms. The great public does a far better job already - the whole 'woke' and 'cancel culture', and the all-pervading identity politics make sure that dissent is not tolerated.

It is tragic and calamitous that the majority of ordinary people allow the erosion of freedom and privacy, and thereby democracy, to happen without even being aware of what is happening. It therefore is all the more important that people should vehemently and rigorously act to defend their freedom, privacy, and security online.

© nexter
All rights reserved





20240217
Another interesting POST about just how much money 'Big Tech' is making from your data came up on the Proton Blog the other day. Data is indeed the new oil! For anyone wishing to explore the world of privacy and security in some depth, the Proton Blog is highly recommended in general, not just for the aforementioned post.

© nexter
All rights reserved




20240213
The most recent changes to Outlook make it an unbelievably extensive and invasive Data Harvester. Have a look at this Article on Proton's blog for all the gory details and ditch Outlook if you value your privacy and freedom and oppose total surveillance! This really is monstrous.

And more recently, in the UK London's Metropolitan Police have started 'experimentally' using Live Facial Recognition cameras! An unprecedented violation of privacy in this country, and civil liberties organisations may challenge this in the courts.

Still in the UK, BBC4 TV at 22.00hrs GMT on 20th February is showing a documentary in the 'Storyville' series titled 'Total Trust: Surveillance State' that should be of great interest to anyone who values privacy, freedom, and democracy. A surveillance state is totally incompatible with democracy and is in fact totalitarian.

© nexter
All rights reserved





© nexter 2024
All rights reserved



<- Contents <- Previous Page -> Next Page

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
 Post subject: Re: Online Security & Privacy 101
PostPosted: Fri Feb 16, 2024 1:43 am 
Online
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2482
Location: Here, there, and everywhere
Online Security & Privacy 101

Introduction



As increasing numbers of people are becoming aware of matters of their online security and privacy, or rather the lack thereof, and seek to find out what they can do to protect their online security and privacy, this series of short articles aims to serve as a brief introduction to the subject and to give internet users starting points for preserving their online security and privacy and ultimately, their privacy and freedom and more.

We will cover the subject for users of PCs or general computers - whether desktops or laptops - and their commonly used operating systems, as well as for users of mobile devices such as 'smartphones' and tablets and their commonly used operating systems.

Separate articles will cover the subject for PC users using Windows (and by extension, macOS), PC users using TAILS - The Anonymous Incognito Live System (a privacy OS run from a memory stick or RW DVD that provides virtually complete anonymity that we need to explore here as requested elsewhere), PC users using Linux, and mobile device users using iOS and Android.

The Windows article is based on Windows 10 as that is the version I run here as a secondary operating system as a 'refusenik' of Windows 11 - my primary OS being Linux - but should more or less equally apply to Windows 11 and likely also earlier versions such as Windows 7, although the latter is now unsupported and should certainly not routinely if ever be used online.

Additionally, in separate appendices we will go into some more detail into web browsers and browser based utilities and services such as search engines, machine translation services, and more; Virtual Private Networks or VPNs; Encryption; the threats posed by AI or more accurately Autonomous Machine Learning; and the threats posed by Quantum Computing. These appendices, albeit based on use under Windows 10 and Ubuntu Linux, will apply to a greater or lesser extent to all devices and their operating systems although there may be minor differences.

There is also a Mini Blog where I will try and provide pointers about the latest threats to privacy, freedom, and democracy, particularly online ones.

For more details please consult the Contents listing.


February 2024
© nexter
All rights reserved





<- Contents <- Previous Page -> Next Page

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
 Post subject: Re: Online Security & Privacy 101
PostPosted: Sun Feb 18, 2024 2:41 am 
Online
Global Moderator
Global Moderator

Joined: Sat Apr 07, 2018 7:19 pm
Posts: 2482
Location: Here, there, and everywhere
Online Security & Privacy

Windows & macOS 101



The aim of this article is to attempt to help you in making your online life under Windows - and, in principle, macOS - as private and safe as possible. Ideally, of course, you could decide to dump Windows - or macOS - and run one - up to date - form or another of Linux, which is free and open source and above all in itself infinitely more private and secure. However, we shall not explore this avenue here, it is well beyond the remit of this article and besides, we shall assume that for one reason or another you need or want to continue using your current operating system.

Ideally, you should start with a clean re-install of your OS, and then follow the procedures outlined next.

The very first thing you need to consider and check very carefully is whether your operating system itself is configured as thoroughly as possible to make it as secure as possible. As a preamble to this, check that you have an Administrator account - which you should rename some other name - for emergencies and an ordinary User account that you should be using in day to day operation, and that both accounts are protected by secure passwords. A secure password should be between at least 24 and preferably 128 characters long and consist of a random mix of upper and lower case letters, numbers, and symbols (and, where permitted, extended ASCII characters) and should not contain any recognisable words. You should keep a written note of these passwords in a safe location for easy reference as you may well be unlikely to memorise a secure password. If you share your device with others, e.g. family members, create a separate ordinary User Account for each of them. Ideally, you should also set UEFI/BIOS and Boot etc. passwords, again secure ones, in case your equipment should ever get stolen or otherwise interfered with. Take great care never, ever to use the same password more than once! You should also entirely disable that Mega-Spy Cortana (or indeed its equivalent in macOS) and, unless you really, really need it at all times, disable any microphone/s and web cams in UEFI/BIOS and only enable when needed.

Having achieved the above preamble, it is now time to check your OS configuration. For this, you should really be completely offline.

You should check and if necessary configure every last setting in Windows - and respective macOS analogues - in the Administrative Tools section, especially in Local Security Policy and Windows Defender with Advanced Security, and any other Windows or macOS settings. If you find this is beyond your capabilities, check Help or ask a knowledgable friend for help.

You should also consider encrypting all your disk drives. However, do stay well clear of Windows Bitlocker - it could easily lose all your data. The safest, and most secure, encryption utility around at present is a free and open source one called Veracrypt. If you are not familiar with encryption, read its manual/help file first, and again, seek help, for which you could also use online forums. Again, encrypting your drives - with the strongest encryption possible - should be done with your PC offline. Preferably, you should also move all your personal data to a separate - preferably external USB - drive, or at least a separate partition, also encrypted (and prevent your OS from 'snooping' this drive or partition, including e.g. not allowing 'indexing' the drive/partition under Windows).

Your next step should be installing and setting up a Virtual Private Network, or VPN. While there are a great many of these available now, for maximum security and privacy - even virtual anonymity online - there is only one to consider. This is Proton VPN, and even the free version is far superior to and faster than any of the others. For the ultimate in privacy, security, and speed you may however want to consider the paid version. Proton is a fully integrated privacy ecosystem, and both the free and paid version also include secure, end to end encrypted email (Proton Mail), Proton Calendar, Proton Drive (a Cloud Drive), and Proton Pass (a Password/Identity Manager), all also fully encrypted. For more information on all of these please consult the Proton website - https://proton.me . Proton also has a proper 'Onion' address for use with TOR Browser and/or Proton VPN with TOR Network. I really cannot recommend Proton highly enough and indeed am a user myself of course, using 2-year subscriptions to Proton Infinity. The paid versions are very reasonably and competitively priced also, incidentally. You might be tempted to use Mullvad VPN, which makes quite a lot of noise about privacy and security. However, consider this. Mullvad do not own many or even most of their servers, which makes these inherently vulnerable to interference by outside operators. Further, Mullvad is a Swedish company and therefore subject to Swedish law, the privacy provisions of which are not as far-reaching and rigorous as those of Swiss law. There are other considerations, including far less servers in fewer locales than Proton VPN, but if you are still tempted by Mullvad VPN explore its weaknesses further for yourself first.

If it is maximum privacy and security you want, the Proton privacy ecosystem suite is what you need. With the paid Proton Infinity, you could even set up a combined VPN/TOR network connection for complete TOR anonymity! This would route all your internet connections via the Proton VPN and then the TOR network, and obviate the need to use TOR Browser. However, with other Proton VPN configurations it is recommended that you use TOR Browser for as much of your web activity as possible.

All of Proton's apps are fully open source and moreover independently audited once a year, with the results published on their website. So you can be sure that there are no nasty hidden surprises anywhere! The strongest, most secure encryption is used throughout - with quantum computing secure encryption being worked upon - and Proton is also a cross-platform environment so you are able to use it on all your devices, be that Windows or Mac PC, Linux PC, Android phone or tablet, or iOS phone/padOS tablet, protecting your privacy and security everywhere. All Proton apps are simplicity itself to set up and use, too, but if you ever need it, Proton's support is absolutely world-class and second to none.

Proton also keeps no logs of any kind, ensuring privacy by default, and any data or files such as your mailbox, calendar/s, Proton Drive, and Proton Pass are fully encrypted with zero-access encryption - in other words, you and only you alone can access these. Furthermore, Proton is protected by Swiss privacy laws. Proton can be summed up as kind of the Burger King of freedom and privacy - your data, your way and your rules! Proton positively does not want your data! And the 'menu' of Proton privacy/security apps is constantly growing.

At this point I should make it absolutely clear that I am in no way connected to or affiliated with Proton. I am merely a privacy and security conscious user who appreciates what Proton does, what it stands for, and what it delivers. As a privacy and security advocate I can only be a Proton advocate because it is simply the best there is for privacy and security.

Beyond this, it is also time to consider the Browser/s that you use. If you value your privacy and security and have come along thus far, do not under any circumstances use Microsoft's Internet Explorer or Edge - or Apple's Safari - not ever! Indeed, where possible, remove these from your system altogether. (More on this in the Browser appendix.) Also, throw out Chrome and/or any Chrome/Chromium based browsers such as Opera, as well as any Chrome apps. The most secure and private - if set up properly - standard web browser there is is Firefox, which you should download and configure very carefully, if you don't have it already. You should also get TOR Browser - which is based on Firefox - for maximum browsing privacy and security. A recent browser also to consider is the Mullvad Browser, which is developed in cooperation with the TOR Project - essentially, it is TOR Browser without the TOR Network connection.

Also, never, ever use any Google services/sites if you possibly can avoid them. DuckDuckGo is a far better search engine than Google - it does not bombard you with ads and sponsored links but simply gives you the most relevant results for your search. Basically, it uses Bing's results but stripped of all the commercial and tracking baggage. It also offers an instant, free machine translation service - again, Bing stripped of advertising and spying. Furthermore, DuckDuckGo does not track you or collect your data in any way, nor does it keep logs. It is fully committed to user privacy. Another privacy-committed search engine worthy of consideration is Startpage.

A further essential measure to protect your security and privacy is a safe, reliable Anti-Virus cum Firewall utility. Here I would suggest you look no further than ESET Internet Security. In the Windows version the Firewall aspect of this - inevitably - works in conjunction with Windows Defender and makes this much more secure. In total, ESET is second to none in my experience, and OEM versions at a price lower than an official ESET renewal price can be found quite easily. Again, the value for money factor is the same as for Proton. Simply a no-brainer. Also like Proton, ESET is a cross-platform application and so is also available for macOS - which increasingly needs such protection as much as Windows - as well as mobile devices. (A Linux version of the AV side is discontinued, presumably due to lack of uptake - Linux just does not need AV, and most if not all distros now have excellent built-in firewalls.)

Like all privacy and security apps/utilities, ESET will require some patient and thorough setting up and configuring. Customer support is, in my experience, very good.

Also, you ought to consider not using the Windows (or Mac) Recycle Bin/Waste Bin. It leaves all your deleted data easily recoverable even when you delete the files in it. This is no problem of course if all your drives are securely encrypted with strong encryption - deleted data remain encrypted and cannot be recovered without access to your password for your drives. However, if you do not encrypt your drives, you are strongly urged to use a secure deletion utility such as Eraser (under Windows, macOS - if memory serves - should have the Terminal 'secure delete' command line utility) instead. This deletes your data and over-writes them multiple times with random data, rendering them virtually impossible to recover.

Eraser is free of cost and also free and open source software - always something to look out for. Even for Windows (and perhaps macOS?) there are an increasing number of free and open source applications available, including some of the better known Linux ones like The GIMP - The GNU Imaging Programme - an excellent graphics application, not to mention the outstanding Darktable (a LightRoom type app but with plenty more!), and many free and open source file managers and other utilities. With open source software you can be sure of not importing another spy onto your PC.

A further utility you should consider using is a Password Manager-cum-secure password generator. Once again Proton has exactly this (and more!) in Proton Pass, available as a Browser plug-in as well as a desktop application (soon!), the latter still in beta at time of writing. You really could not ask for more or better. A free version again is available, and of course a more extensive version is included in the paid Proton Unlimited. The more extensive version is also available as a paid separate entity. There is also the excellent KeePassXC, also a cross-platform free and open source desktop app.

Some final considerations now for you to ponder. Email to begin with - everybody uses email in one way or another. If you use any of the widely available 'free' email services, especially the likes of Gmail, Outlook.com, Yahoo and so on, you may want to consider dropping these violators of your privacy altogether. Quite apart from such things as tracking you online, Gmail for example scans all your incoming and outgoing mail and analyses these data among other things to learn your interests, buying habits and more, among other purposes to bombard you with targeted advertising. Your data will also be shared with 'partner' organisations. You really ought to think about using some form of end to end strong-encrypted email, and once again, I would refer you to the ever growing Proton privacy ecosystem and its Proton Mail component. This is available web-based as well as in beta desktop apps for Windows and macOS, with a release version to follow in coming weeks.

Social media are also strongly suggested to take into consideration if you use any of these. They are of course best avoided altogether. However, if you feel you cannot live without these data harvesters, you ought to consider clearing out your existing account/s altogether and then closing them, and setting up new but 'anonymous' ones. (A free email address 'anonymiser' utility, Simple Login, is now available integrated with Proton, and Proton Pass provides this as well - very useful for websites that you do not want to give your email address to so you cannot be bombarded with spam!) Simply use a 'fake' ID for your new social media accounts and use only with your real-life friends and family, and make them readable by friends and family only. Even after that, be cautious in whatever you post and comment. It is especially recommended that you do not post personal photographs - you can always share these with friends and family through the Proton Drive utility, for instance. Bear in mind that anything you post on social media is always available to the service provider and may well be retained by them for years even after you delete everything in your account and delete your account, and your data may be shared with third parties.

Furthermore, if you possibly can, try to avoid some of the biggest data harvesters and privacy violators out there on the web, that is, almost any online shopping facility but most specifically the biggest of them all, Amazon, and also Ebay and similar sites. If you must use any of these, Amazon for example at least will let you use them via the TOR browser, so they cannot in any way discover your VPN, let alone your ISP.

Having configured your OS and applications to make them as secure and private as possible and followed this with perhaps encrypting your disks, but certainly with setting up a truly private, secure VPN - ideally, Proton's privacy ecosystem's VPN - as well as set up and configured truly private and secure web browsers, and having followed the remaining steps, you are then well on your way to protecting your privacy and making your PC as secure as you can under Windows or macOS. All that remains is to use a bit of common sense in using your computer and to avoid all conceivable risks.

That concludes this introduction to privacy and security on your Windows - or macOS - system and the wider importance of defending your privacy. Similar guides are planned for mobile devices, i.e., so-called smartphones (they are not, they are really quite dumb!) and tablets, TAILS - The Anonymous Incognito Live System, and finally, for Linux, and should be along in due course, as should be a number of appendices dealing with VPNs, Browsers and Browser based utilities/services, and more. However, all this will not happen overnight - Rome was not built in a day, after all.

I wish you truly private and secure computing, whatever platform or device you may use, and close in the hope that you may contribute to the fight for privacy, freedom, and democracy for all.


November 2022 - Revised February 2024
© nexter 2022/2024
All rights reserved





<- Contents <- Previous Page -> Next Page

_________________
nexter - so, what's next?

Just a volunteer Moderator, not connected to or affiliated with Winstep Software Technologies, and not an official part of customer service though I do try to help when and where I can if my scarce time permits


Back to top
 Profile  
 
Post new topic This topic is locked, you cannot edit posts or make further replies. Board index : Winstep Forums : Articles  [ 5 posts ]
Display posts from previous:  Sort by  

Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to: