CHATPRIVACYDONATELOGINREGISTER
DMT-Nexus
FAQWIKIHEALTH & SAFETYARTATTITUDEACTIVE TOPICS
PREV123NEXT
Internet Security Walk-Through Tutorial v3.0 Options
 
Ufostrahlen
#21 Posted : 9/20/2015 9:31:17 AM

xͭ͆͝͏̮͔̜t̟̬̦̣̟͉͈̞̝ͣͫ͞,̡̼̭̘̙̜ͧ̆̀̔ͮ́ͯͯt̢̘̬͓͕̬́ͪ̽́s̢̜̠̬̘͖̠͕ͫ͗̾͋͒̃͛̚͞ͅ


Posts: 1716
Joined: 23-Apr-2012
Last visit: 23-Jan-2017
PsilocybeChild wrote:
Thanks Ufostrahlen! Fuck em!

https://youtu.be/_juA1-O58Dc

Yeah, it's so funny that people still are on Facebook. I mean why not Google+ (still meh, but I don't think they do crap like biometric face recognition) or Diaspora (privacy yay, functionality beta). I totally understand the need for being connected, but Facebook?!! Some folks deserve to be spied on.

Some additions to the Mail sections:

https://www.mailvelope.com/en/ - OSS GPG plugin for Firefox and Chrome that let's you encrypt your mail within the mail provider's interface. Yes, there are stubborn persons like my sister who dislike mail clients. I don't understand why, but there's a need for this, too.

Yandex.ru - My favorite mail hoster, especially good for Americans. Putin laughs about court orders from the US or other countries. You only need Google translator for the sign up (no mobile phone number required) and a Cyrillic alphabet to copy from (Wikipedia) for the captchas. But then you have a sweet mailbox in Russia with no NSA access. Encrypt with GPG nevertheless, because the Russian intelligence scans mails, too.

And no mention of https://prism-break.org ? It's THE software directory for open source security software. Granted, most of the software is already mentioned in the walk thru.
Internet Security: PsilocybeChild's Internet Security Walk-Through(1)(2)(3)(4)(5)(6)(7)(8)
Search the Nexus with disconnect.me (anonymous Google search) by adding "site:dmt-nexus.me" (w/o the ") to your search.
 

Trippy glass for trippy people.
 
NotTwo
#22 Posted : 9/20/2015 11:43:26 AM

DMT-Nexus member


Posts: 369
Joined: 08-Feb-2015
Last visit: 25-Sep-2017
Hey PsilocybeChild, just read your pdf. That is amazingly well researched and thank you so much for sharing Smile

Would be interesting to know if anyone on this site is NOT using at least something like Tor to login.

I'm a little horrified that my ISP logs the fact that I'm browsing with Tor (even though they can't see what I browse) and that instantly puts me into a higher suspicicion group. Percentage of the population using Tor is still quite low so get the message out there - install Tor and use it for at least some of your browsing!

I occasionally use Tor over VPN but this is painfully slow even over a fast fibre optic connection.
In all of reality there are not two. There is just the one thing. And I am that.
 
doodlekid
#23 Posted : 9/20/2015 2:30:30 PM

DMT-Nexus member


Posts: 120
Joined: 23-Jul-2013
Last visit: 13-Nov-2017
@PsilocybeChild

Thx again for this work. Gives me headstart on these things. But still a question.

DNSCrypt seems not to be working on Linux. I have installed Antergos for now and succesfully installed and enabled DNSCrypt. Set the DNS server to 127.0.0.1 on IPv4. But when I want to browse (without Tor) I can't access any page. I have to remove the DNS server and set it to automatic before I can visit any page again. Tor works fine though.

Any hint how to solve this?

 
PsilocybeChild
#24 Posted : 9/20/2015 2:55:03 PM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
@DoodleKid, that is because DNSCrypt uses european DNSCrypt DNS Servers.

I originally was concerned DNSCrypt was not using OpenDNS dns servers. When I contacted OpenDNS Support about it, they responded:

Quote:
Hello,

OpenDNS has the largest DNS network in the world, so pointing to us could mean faster resolution and more reliability. In terms of encryption, yes, any provider on that .csv list will provide encryption.


OpenDNS is faster but not recommended, e.g.:
does not support DNS Security Extensions
does not support Namecoin domains
logs your activity

So I left it set to it's default DNS
DNSCrypt does encrypt DNS by default and sets your DNS Servers. Just follow my directions.

Once installed start DNSCrypt Proxy by typing into your terminal:
sudo systemctl enable dnscrypt-proxy.service
then
sudo systemctl start dnscrypt-proxy.service

^^That's all you need to do after install.

Check DNSCrypt status by inputing:
sudo systemctl status dnscrypt-proxy
Upon which it should state active (running)

P.S. Awesome to hear that you installed Antergos. Hope you enjoy it as much as I have! If you have any problems or questions about it message me!


@Ufostrahlen Thank you for your contributions! I recently heard about mailvelope and and keybase. Will look over all of these and add to the tutorial when I have time. Yes, I have read the prism-break site and found some of the mentioned software and services there. I should add a mention of it at least somewhere.

@NotTwo Thank you for the appreciation! Love to hear that people are actually using this and finding it helpful.

Also remember to use a separate email address from your regular email, for things you don't want to be connected with, like darknet markets or whatever.
Thanks all!
 
doodlekid
#25 Posted : 9/20/2015 3:51:53 PM

DMT-Nexus member


Posts: 120
Joined: 23-Jul-2013
Last visit: 13-Nov-2017
Yeah I did all that. The response was this standard message indicating it's connected and runing blala. But when browsing it won't load any page. I had this as well in Windows, but somehow it just didn't occur after a while and two reinstalls. Maybe it has to do with the DNS server. I use the standard (dnscrypt-eu.nl) which is close by...

Anyway I'll give it another try. It took me a while to get it installed on Antergos. Maybe it would be a good thing to expand the DNScrypt stuff cause it's not easy.

But it's great to be working with Linux. Actually it takes the consumerness out of computer use. Don't know what took me so long. Razz
 
PsilocybeChild
#26 Posted : 9/20/2015 6:41:47 PM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
Sorry I didn't catch this sooner my friend.

Quote:
Set the DNS server to 127.0.0.1 on IPv4. But when I want to browse (without Tor) I can't access any page.


This is your problem and has nothing to do with DNSCrypt.

Set Socks Host proxy to 127.0.0.1 and the port to 9150, not DNS!
WiFi>WiFi Settings>Network Proxy>Manual>and edit Socks Host line.

When you're set to 127.0.0.1 for tor but don't have tor open, you will not be able to browse.

Use firefox to add extensions to gnome. go here: https://extensions.gnome...801/jam-proxy-switcher/
When Firefox prompts you just under the address bar make sure to click to make firefox accept "Gnome Shell Integration Plugin" and set it to remember that choice. Install that extension jam-Proxy Switcher.

This gives you a convenient toggle on the topbar.
When you are using Tor set it for manual. When Tor is closed, set it for none.

I reworded this making it a bit easier to understand in the tut.
 
doodlekid
#27 Posted : 9/21/2015 11:57:05 AM

DMT-Nexus member


Posts: 120
Joined: 23-Jul-2013
Last visit: 13-Nov-2017
Well I saw that both Win7 & Antergos have this issue now. It did work for Win7 and I don't have tor on that OS.

If it proves to be some nasty thing I will come back to this. For now I will try support and see if they can help me find the problem.

I try your solution as well...

But the one thing that troubles with all this, is how can you verify that you're actually using the DNSCrypt service... See, it reports that it's properly installed, connected to the server etc. But, as long you have automatic DNS you're not using it, right? So how can you actually verify that the service is being used by the system when you have set the DNS to 127.0.0.1?
 
PsilocybeChild
#28 Posted : 9/21/2015 3:17:55 PM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
No, you should be using automatic while using it. It installs or modifies local system files, and as long as it's installed and the service is working, then it's running.

I forget the system files. I think one is /etc/conf.d which will say, for example,

DNSCRYPT_LOCALIP=127.0.0.1
DNSCRYPT_LOCALIP2=127.0.0.2
DNSCRYPT_LOCALPORT=53
DNSCRYPT_RESOLVERPORT=443
DNSCRYPT_USER=nobody
DNSCRYPT_PROVIDER_NAME=2.dnscrypt-cert.resolver2.dnscrypt.eu
DNSCRYPT_PROVIDER_NAME2=2.dnscrypt-cert.resolver1.dnscrypt.eu
DNSCRYPT_PROVIDER_KEY=3748:5585:E3B9Very happy088:FD25:AD36:B037:01F5:520CVery happy648:9E9AVery happyD52:1457:4955:9F0A:9955
DNSCRYPT_PROVIDER_KEY2=67C0:0F2C:21C5:5481:45DD:7CB4:6A27:1AF2:EB96:9931:40A3:09B6:2B8D:1653:1185:9C66
DNSCRYPT_RESOLVERIP=77.66.84.233
DNSCRYPT_RESOLVERIP2=176.56.237.171

 
Ufostrahlen
#29 Posted : 9/23/2015 8:30:15 PM

xͭ͆͝͏̮͔̜t̟̬̦̣̟͉͈̞̝ͣͫ͞,̡̼̭̘̙̜ͧ̆̀̔ͮ́ͯͯt̢̘̬͓͕̬́ͪ̽́s̢̜̠̬̘͖̠͕ͫ͗̾͋͒̃͛̚͞ͅ


Posts: 1716
Joined: 23-Apr-2012
Last visit: 23-Jan-2017
Bump. Because this more than relevant:

Quote:
CISA: the dirty deal between government and corporate giants.

It's the dirty deal that lets much of government from the NSA to local police get your private data from your favorite websites and lets them use it without due process.

[..]

Wait, wasn't there some other bill like that?

Yep, you’re probably thinking of CISPA, which was already resoundingly rejected in Congress three times after overwhelming public outcry. Here's a good comparison of the various bills at play.

https://www.faxbigbrother.com/#faq


Quote:
The Cybersecurity Information Sharing Act (CISA S. 2588 (113th Congress), S. 754 (114th Congress)) is a proposed law to "improve cybersecurity in the United States through enhanced sharing of information about cybersecurity threats, and for other purposes".[1] The law would allow the sharing of Internet traffic information between the U.S. government and technology and manufacturing companies.

[..]

On September 14, 2015, the BSA published a letter of support addressed to Congress, signed by board members Adobe, Apple Inc., Altium, Autodesk, CA Technologies, DataStax, IBM, Microsoft, Minitab, Oracle, Salesforce.com, Siemens, and Symantec.[11] This prompted the digital rights advocacy group Fight for the Future to organize a protest against CISA.[12]

https://en.wikipedia.org...Information_Sharing_Act
Internet Security: PsilocybeChild's Internet Security Walk-Through(1)(2)(3)(4)(5)(6)(7)(8)
Search the Nexus with disconnect.me (anonymous Google search) by adding "site:dmt-nexus.me" (w/o the ") to your search.
 
PsilocybeChild
#30 Posted : 9/24/2015 7:53:48 PM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
Thanks for bumping with that. This must be shared.
 
PsilocybeChild
#31 Posted : 10/7/2015 5:03:48 AM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
Nother update.

v1.9 How to get Bitcoin, Email section rewritten (current email protocols leave much to be desired, link comparing and contrasting providers), Fix Url Links Redirect extension breaks some pages, difference between an unlocked and a rooted phone.
 
doodlekid
#32 Posted : 10/8/2015 2:13:34 PM

DMT-Nexus member


Posts: 120
Joined: 23-Jul-2013
Last visit: 13-Nov-2017
Thanx for the updates!

Came across this document:

How_to_Exit_the_Matrix

If you don't have TOR, you can add .cab to the .onion extension, but this is not anonymous.

It seems to cover a lot of ground. From what I cam make of it, it's written a few years ago...
 
PsilocybeChild
#33 Posted : 11/2/2015 1:52:31 AM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
Read it thanks. Also added the mailvelope info and the facebook quote thanks to Ufostrahlen. and a small revision about the possible need to reactivate phone with service to fix issues after a new OS/firmware install.
 
PsilocybeChild
#34 Posted : 11/17/2015 10:51:24 AM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
 
PsilocybeChild
#35 Posted : 12/22/2015 7:56:39 AM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
Updated. Feel the need to bump this as I need to retract or add caution to previous statements to avoid causing anyone instability or loss.

I recommended Bitcoin Fog as a BTC tumbler, and it has somewhat of a reputation for selective scamming. There was a page on reddit I can't seem to find now which had compiled posts from users who felt that they were scammed by them. although I have not had issues.

I also want to caution about major version updates in CyanogenMod because you can pretty easily, potentially fuck your phone up good.

v2.1 Cyanogenmod update cautions, esp. major version updates; bitcoin tumblers--replaced Bitcoin Fog recommendation with BitBlender and Grams Helix. BitcoinFog has a reputation for selective scamming; Netflix support for Chromium
 
Ufostrahlen
#36 Posted : 12/22/2015 9:03:10 AM

xͭ͆͝͏̮͔̜t̟̬̦̣̟͉͈̞̝ͣͫ͞,̡̼̭̘̙̜ͧ̆̀̔ͮ́ͯͯt̢̘̬͓͕̬́ͪ̽́s̢̜̠̬̘͖̠͕ͫ͗̾͋͒̃͛̚͞ͅ


Posts: 1716
Joined: 23-Apr-2012
Last visit: 23-Jan-2017
Quote:
Quote:
Also, whats the licence of the pdf? Creative commons or public domain?

Do with it whatever yous wish. As for myself, I'm going to sleep! I've been working on that since last night and still haven't slept.

I added the Walk-Through pdf to my signature, so outside Nexus readers can access it, too. Thumbs up
↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓
Internet Security: PsilocybeChild's Internet Security Walk-Through(1)(2)(3)(4)(5)(6)(7)(8)
Search the Nexus with disconnect.me (anonymous Google search) by adding "site:dmt-nexus.me" (w/o the ") to your search.
 
KillaNoodles
#37 Posted : 12/22/2015 6:43:14 PM

Stand Up For It


Posts: 187
Joined: 12-Dec-2015
Last visit: 10-Jul-2017
---
Disclaimer: All posts are to be considered fictitious. Author of account-posts is "Role Playing".
 
JDSalinger
#38 Posted : 1/10/2016 12:23:50 AM

DMT-Nexus member


Posts: 278
Joined: 29-Nov-2015
Last visit: 04-Aug-2017
Location: Now
Very nice guys, thank you!!

Will defiantly be passing around, much love. Big grin
“Among other things, you'll find that you're not the first person who was ever confused and frightened and even sickened by human behavior. You're by no means alone on that score, you'll be excited and stimulated to know. Many, many men have been just as troubled morally and spiritually as you are right now. Happily, some of them kept records of their troubles. You'll learn from them—if you want to. Just as someday, if you have something to offer, someone will learn something from you. It's a beautiful reciprocal arrangement. And it isn't education. It's history. It's poetry.” J.D. Salinger.
 
PsilocybeChild
#39 Posted : 4/6/2016 8:53:37 AM

DMT-Nexus member


Posts: 543
Joined: 24-Jan-2009
Last visit: 21-Oct-2017
Location: Eastern USA
Update coming soon but in the mean time:

Signal Desktop
Signal desktop is the new version of TextSecure and Red Phone.
Join the desktop beta!

https://whispersystems.org/blog/signal-desktop/

Sync encrypted messages and media across platforms (desktop, phone, etc.)


______________________________________________________________________________________________

RandomDNS makes DNS secure. It's based on DNSCrypt but we've added a bunch of new cool features. RandomDNS aims to improve the security, privacy and anonymity of DNSCrypt. It can randomize the server choice at runtime and can rotate it frequently.

Features of RandomDNS
-Randomize the provider at runtime
-se (-E)phemeral keys option
-Securely run DNSCrypt proxy by verifying its hash, copying it in /tmp dir with restricted permissions and launching it as "nobody" user (if reverse proxy is enabled)
-Watch the proxy process and relaunch it if it dies
-Can run multiple instances of DNSCrypt and load balance the traffic (EdgeDNS)
-Have in-memory caching of DNS requests along with Consistent Hashing (EdgeDNS)
-Can filter the server list by protocols, country and much more
-Rotate the server with a defined time (default: 10 minutes)
-Support DNSSEC (EdgeDNS)


https://github.com/pwnsdx/RandomDNS

When I figure this out, I will post how-to info.
 
Valmar
#40 Posted : 4/6/2016 11:24:03 AM

DMT-Nexus member


Posts: 256
Joined: 20-Jun-2015
Last visit: 16-Nov-2017
Location: Dao
Many thanks for this wonderful resource, PsilocybeChild! Pleased

A feature request: could you create an index for quick and easy navigating? Thanks in advance! Smile
“The dao that can be expressed is not the eternal Dao.”
~ Lǎozǐ

“One does not become enlightened by imagining figures of light, but by making the darkness conscious.”
~ Carl Jung
 
PREV123NEXT
 
Users browsing this forum
Guest (11)

DMT-Nexus theme created by The Traveler
This page was generated in 0.074 seconds.