A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.comp.home-networking (UK home networking)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.comp.home-networking (UK home networking) (uk.comp.home-networking) Discussion of all aspects of computer networking in the home, regardless of the platforms, software, topologies and protocols used. Examples of topics include recommendations for hardware or suppliers (e.g. NICs and cabling), protocols, servers, and specific network software. Advertising is not allowed.

Network Security and Hardware



 
 
Thread Tools Display Modes
  #1  
Old July 8th 15, 02:24 PM posted to uk.comp.home-networking
Nigel[_2_]
external usenet poster
 
Posts: 6
Default Network Security and Hardware

Sault,

When organisations, Governments and IT/Tech websites talk about internet
security they always talk of DOS, backdoors, trojans and general cyber
crime. Whilst these things are of concern the thing I find most troubling
is the meta data collection by governments and commercial organisations.
E.g. talk of google collecting MAC addresses through their own software
titles, mobile phone tracking, scanning of email threads/headers etc, even
MS windows 8 sends reports in the background, quite brazenly I might add,
despite attempts to prevent it.

Can others give examples of this exploits and what can be done to mitigate
them?

I'm also questioning whether or not older consumer PC hardware is
inherently less exploitable, having, I assume, less unique identifiers for
individual pieces of hardware due to their relatively less sophisticated
design.

Any thoughts?

---
This email is free from viruses and malware because avast! Antivirus protection is active.
https://www.avast.com/antivirus

  #2  
Old July 8th 15, 04:40 PM posted to uk.comp.home-networking
Henry Law
external usenet poster
 
Posts: 40
Default Network Security and Hardware

On 08/07/15 14:24, Nigel wrote:
find most troubling
is the meta data collection by governments and commercial organisations


Well, "If you've got nothing to hide, you've got nothing to fear". So
it says here anyway.

--

Henry Law Manchester, England
  #3  
Old July 8th 15, 05:55 PM posted to uk.comp.home-networking
Nigel[_2_]
external usenet poster
 
Posts: 6
Default Network Security and Hardware

On Wed, 08 Jul 2015 16:40:38 +0100, Henry Law wrote:

On 08/07/15 14:24, Nigel wrote:
find most troubling
is the meta data collection by governments and commercial organisations


Well, "If you've got nothing to hide, you've got nothing to fear". So
it says here anyway.


.....prolonged moralistic, but hugely intelligent, rant deleted.....

What a load of neo-liberal, yankee crotch-rot. If you honestly feel this,
you haven't thought it through.

NEXT!

Any practical advice as to decent firefox extensions, encrypting software
etc? But please, don't just tell me the rot from webpages I've already
read.


  #4  
Old July 8th 15, 05:56 PM posted to uk.comp.home-networking
Nigel[_2_]
external usenet poster
 
Posts: 6
Default Network Security and Hardware

On Wed, 08 Jul 2015 16:55:44 +0000, Nigel wrote:

On Wed, 08 Jul 2015 16:40:38 +0100, Henry Law wrote:

On 08/07/15 14:24, Nigel wrote:
find most troubling
is the meta data collection by governments and commercial
organisations


Well, "If you've got nothing to hide, you've got nothing to fear". So
it says here anyway.


....prolonged moralistic, but hugely intelligent, rant deleted.....

What a load of neo-liberal, yankee crotch-rot. If you honestly feel
this,
you haven't thought it through.

NEXT!

Any practical advice as to decent firefox extensions, encrypting
software etc? But please, don't just tell me the rot from webpages I've
already read.


(That wasn't you-you, rather one, the general)
  #5  
Old July 8th 15, 05:58 PM posted to uk.comp.home-networking
Nigel[_2_]
external usenet poster
 
Posts: 6
Default Network Security and Hardware

On Wed, 08 Jul 2015 16:56:52 +0000, Nigel wrote:

On Wed, 08 Jul 2015 16:55:44 +0000, Nigel wrote:

On Wed, 08 Jul 2015 16:40:38 +0100, Henry Law wrote:

On 08/07/15 14:24, Nigel wrote:
find most troubling
is the meta data collection by governments and commercial
organisations

Well, "If you've got nothing to hide, you've got nothing to fear". So
it says here anyway.


....prolonged moralistic, but hugely intelligent, rant deleted.....

What a load of neo-liberal, yankee crotch-rot. If you honestly feel
this,
you haven't thought it through.

NEXT!

Any practical advice as to decent firefox extensions, encrypting
software etc? But please, don't just tell me the rot from webpages I've
already read.


(That wasn't you-you, rather one, the general)


Although, with a name like Law .....
  #6  
Old July 9th 15, 01:07 PM posted to uk.comp.home-networking
Henry Law
external usenet poster
 
Posts: 40
Default Network Security and Hardware

On 08/07/15 17:55, Nigel wrote:
What a load of neo-liberal, yankee crotch-rot. If you honestly feel this,
you haven't thought it through.


Quite so. I ought to learn not to make ironic USENET postings, because
they're indistinguishable (other than by smiley) from the genuinely-held
opinions of utter wingnuts.

On your original topic. There's not much you can do about web sites
that you use keeping records of what you do there. For my part I adopt
the following, most of the time anyway:

- I force my IP address to change now and then by disconnecting the ADSL
link, waiting five minutes, then reconnecting. (And yes it does work).

- I use duckduckgo.com for my searches, only switching to Oogle when I
want a second opinion. In fact I should switch to some other
non-mainstream search engine but I haven't been sufficiently a***d to
research those yet.

- I try very hard not to do Oogle searches from a device which is logged
on to anything else, FaceBoink for example. You can see instantly the
effects of doing that: next FaceBang session, up pop adverts for
whatever-it-was you were oogling for.

- I run Noscript in Firefox. It's a real nuisance, and I have learned
to disable it when making payments for things, but I think it's useful.

- I switch to "incognito" mode in Chromium, (aka Private Sessions in
Firefox) from time to time. I also reckon one should delete one's
cookies at the end of each non-private session but it's dreadfully
inconvenient.

I wish it were easier to encrypt one's mail as a general thing.

--

Henry Law Manchester, England
  #7  
Old July 9th 15, 01:56 PM posted to uk.comp.home-networking
Kirk_Von_Rockstein
external usenet poster
 
Posts: 2
Default Network Security and Hardware

On 2015-07-09, Henry Law wrote:
On 08/07/15 17:55, Nigel wrote:


snip for brevity
- I switch to "incognito" mode in Chromium, (aka Private Sessions in
Firefox) from time to time. I also reckon one should delete one's
cookies at the end of each non-private session but it's dreadfully
inconvenient.

snip

On the note of cookies, and firefox, there is a addon/extension
called "Self-Destructing Cookies" that will destroy the cookies
after leaving a site automatically without you needing to do so
"manually". Have that addon and related url at top of the below
list, that follows the about copy.

start copy
Self-Destructing Cookies automatically removes cookies
when they are no longer used by open browser tabs.
With the cookies, lingering sessions, as well as information
used to spy on you, will be expunged. Websites will only
be permitted to identify you while you actually use them
and can not stalk you across the entire web.
This is the closest you will get to cookieless browsing
without breaking every second site or tedious micromanaging.

Tracking cookies will be detected and removed immediately.
They are identified purely by their behaviour - no need
for a blacklist that needs to be kept up to-date.
Self-Destructing Cookies also has LocalStorage support
and will treat it just like your cookie jar.
Defend yourself against ETag tracking and other cache-based
black-hat techniques by configuring Self-Destructing
Cookies to automatically clean your cache every time
you are not actively using the browser. For the first
time ever, this provides a realistic chance of beating
zombie-/evercookies without sacrificing usability.
See the zombie-cookie FAQ entry for details.
Self-Destructing Cookies can also help protect
against CSRF attacks by ending your sessions as soon as possible.

This add-on complements blacklist-based solutions such as Adblock
and Ghostery very well. You can whitelist sites whose cookies
and LocalStorage you would like to keep without an active tab
in the Firefox cookie exception list, which can also be
conveniently accessed from the add-on's preferences, or an
icon in the Add-on Bar.
end copy

Listed other firefox addons below that are privacy related
that maybe of interest for those concerned about privacy to
investigate for themselves.

- Self-Destructing Cookies 0.4.7.1-signed
https://addons.mozilla.org/en-US/fir...okies/?src=api

- BetterPrivacy 1.68.1-signed
http://nc.ddns.us/extensions.html

- Adblock Edge 2.1.8.1-signed
http://bitbucket.org/adstomper/adblockedge

- Element Hiding Helper for Adblock Plus 1.3.2.1-signed
(Works with adblock edge also)
https://adblockplus.org/en/elemhidehelper

- Disconnect 3.15.3.1-signed (Disabled)
https://disconnect.me/

- Ghostery 5.4.4.1-signed (Disabled)
http://www.ghostery.com

- GNU GNUzilla privacy extension 1.1 (Disabled)


- NoScript 2.6.9.30
https://noscript.net

- Priv3 0.2.1-signed
http://priv3.icsi.berkeley.edu/

- uBlock 0.9.3.0 (Disabled)
https://github.com/gorhill/uBlock

- User Agent Switcher 0.7.3.1-signed
http://chrispederick.com/work/user-agent-switcher/

  #8  
Old July 9th 15, 10:07 PM posted to uk.comp.home-networking
Nigel[_2_]
external usenet poster
 
Posts: 6
Default Network Security and Hardware

On Thu, 09 Jul 2015 13:07:31 +0100, Henry Law wrote:

On 08/07/15 17:55, Nigel wrote:
What a load of neo-liberal, yankee crotch-rot. If you honestly feel
this,
you haven't thought it through.


Quite so. I ought to learn not to make ironic USENET postings, because
they're indistinguishable (other than by smiley) from the genuinely-held
opinions of utter wingnuts.


I'm going to do something that USENET will have never witnessed
previously; I apologise! Too hasty was I, reading your post, but perhaps
the cliche, no matter how ironically meant, spun me in to a rage. Clearly
I'm prone to induced red-mist, but this is from long-term exposure to
b*llends who actually believe that to which you allude.

On your original topic. There's not much you can do about web sites
that you use keeping records of what you do there. For my part I adopt
the following, most of the time anyway:

- I force my IP address to change now and then by disconnecting the ADSL
link, waiting five minutes, then reconnecting. (And yes it does work).


I think this is ISP dependent, no? Or can it be forced?


- I use duckduckgo.com for my searches, only switching to Oogle when I
want a second opinion. In fact I should switch to some other
non-mainstream search engine but I haven't been sufficiently a***d to
research those yet.

- I try very hard not to do Oogle searches from a device which is logged
on to anything else, FaceBoink for example. You can see instantly the
effects of doing that: next FaceBang session, up pop adverts for
whatever-it-was you were oogling for.

- I run Noscript in Firefox. It's a real nuisance, and I have learned
to disable it when making payments for things, but I think it's useful.

- I switch to "incognito" mode in Chromium, (aka Private Sessions in
Firefox) from time to time. I also reckon one should delete one's
cookies at the end of each non-private session but it's dreadfully
inconvenient.


Does this solve the problem? I understand google harvest mac addresses
when users accept terms on installing their software? I assume 'incognito
mode' does nothing as far as this is concerned.

I wish it were easier to encrypt one's mail as a general thing.


My regime is similar but it doesn't feel enough. I'm now wondering how a
firewall may be employed; perhaps having to acknowledge every connection,
at least on a session basis.

At least USENET is not under surveillance!(?)
  #9  
Old July 9th 15, 10:12 PM posted to uk.comp.home-networking
Nigel[_2_]
external usenet poster
 
Posts: 6
Default Network Security and Hardware

On Thu, 09 Jul 2015 12:56:58 +0000, Kirk_Von_Rockstein wrote:

On 2015-07-09, Henry Law wrote:
On 08/07/15 17:55, Nigel wrote:


snip for brevity
- I switch to "incognito" mode in Chromium, (aka Private Sessions in
Firefox) from time to time. I also reckon one should delete one's
cookies at the end of each non-private session but it's dreadfully
inconvenient.

snip

On the note of cookies, and firefox, there is a addon/extension called
"Self-Destructing Cookies" that will destroy the cookies after leaving a
site automatically without you needing to do so "manually". Have that
addon and related url at top of the below list, that follows the about
copy.

start copy
Self-Destructing Cookies automatically removes cookies when they are no
longer used by open browser tabs.
With the cookies, lingering sessions, as well as information used to spy
on you, will be expunged. Websites will only be permitted to identify
you while you actually use them and can not stalk you across the entire
web.
This is the closest you will get to cookieless browsing without breaking
every second site or tedious micromanaging.

Tracking cookies will be detected and removed immediately.
They are identified purely by their behaviour - no need for a blacklist
that needs to be kept up to-date.
Self-Destructing Cookies also has LocalStorage support and will treat it
just like your cookie jar.
Defend yourself against ETag tracking and other cache-based black-hat
techniques by configuring Self-Destructing Cookies to automatically
clean your cache every time you are not actively using the browser. For
the first time ever, this provides a realistic chance of beating
zombie-/evercookies without sacrificing usability.
See the zombie-cookie FAQ entry for details.
Self-Destructing Cookies can also help protect against CSRF attacks by
ending your sessions as soon as possible.

This add-on complements blacklist-based solutions such as Adblock and
Ghostery very well. You can whitelist sites whose cookies and
LocalStorage you would like to keep without an active tab in the Firefox
cookie exception list, which can also be conveniently accessed from the
add-on's preferences, or an icon in the Add-on Bar.
end copy

Listed other firefox addons below that are privacy related that maybe of
interest for those concerned about privacy to investigate for
themselves.

- Self-Destructing Cookies 0.4.7.1-signed
https://addons.mozilla.org/en-US/fir...ting-cookies/?

src=api

- BetterPrivacy 1.68.1-signed http://nc.ddns.us/extensions.html

- Adblock Edge 2.1.8.1-signed http://bitbucket.org/adstomper/adblockedge

- Element Hiding Helper for Adblock Plus 1.3.2.1-signed (Works with
adblock edge also)
https://adblockplus.org/en/elemhidehelper

- Disconnect 3.15.3.1-signed (Disabled)
https://disconnect.me/

- Ghostery 5.4.4.1-signed (Disabled)
http://www.ghostery.com

- GNU GNUzilla privacy extension 1.1 (Disabled)


- NoScript 2.6.9.30
https://noscript.net

- Priv3 0.2.1-signed http://priv3.icsi.berkeley.edu/

- uBlock 0.9.3.0 (Disabled)
https://github.com/gorhill/uBlock

- User Agent Switcher 0.7.3.1-signed
http://chrispederick.com/work/user-agent-switcher/



Thanks Kirk,

That's useful stuff on the extensions front; I will check some of these
out. What can you say about non-web browser surveillance? I'm sure it's
not so prolific but clearly email is targeted. I feel certain PGP is
covered in anti-terror law these days but perhaps off-shore email servers
are under less strict regulation?
  #10  
Old July 9th 15, 11:38 PM posted to uk.comp.home-networking
Henry Law
external usenet poster
 
Posts: 40
Default Network Security and Hardware

On 09/07/15 22:07, Nigel wrote:
I'm going to do something that USENET will have never witnessed
previously; I apologise!


Goodness; the gravity of your offence hardly warranted that ...

- I force my IP address to change now and then by disconnecting the ADSL
link, waiting five minutes, then reconnecting. (And yes it does work).


I think this is ISP dependent, no? Or can it be forced?


To an extent, I suppose. If you have a fixed IP address then it's not
going to work! My ISP assigns an address when you connect (DHCP-like)
and the lease time seems to be very short, so it works for me. YMMV

- I switch to "incognito" mode in Chromium, (aka Private Sessions in
Firefox) from time to time. I also reckon one should delete one's
cookies at the end of each non-private session but it's dreadfully
inconvenient.


Does this solve the problem? I understand google harvest mac addresses
when users accept terms on installing their software? I assume 'incognito
mode' does nothing as far as this is concerned.


That's technically impossible with a normal browser. The MAC address is
a local-segment entity and disappears with the first network hop. But I
think Google's own "app" thing (on tablets, phones and such) may harvest
the MAC address and send it off as metadata. I'm allergic to apps.

I find it interesting to look at the "privileges" that downloaded
software requires when installed on an Android phone. Why some of them
wish to be allowed to turn on the camera, turn on the microphone, and so
on beggars belief.

MAC addresses can be spoofed, though presumably an app could in turn
defeat the spoofing, depending on what level it works at.


At least USENET is not under surveillance!(?)


You are joking, aren't you? But the people who post in USENET (hell,
the ones who even know what USENET is) are mostly ageing geeks like me
and quite harmless.

--

Henry Law Manchester, England
 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
network security Phil Kyle uk.comp.home-networking (UK home networking) 0 October 22nd 06 05:42 PM
Recommendation please, hardware firewall for home network Colin Brough uk.comp.home-networking (UK home networking) 1 August 17th 06 06:54 PM
Recommended hardware for wired home network? Andy F Batter uk.comp.home-networking (UK home networking) 5 August 21st 04 07:14 PM
Network Security Kevin Vivian uk.comp.home-networking (UK home networking) 1 July 11th 04 01:08 PM
network security help Randy Hills uk.telecom.broadband (UK broadband) 2 September 4th 03 06:12 PM


All times are GMT +1. The time now is 03:16 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2017 BroadbanterBanter.
The comments are property of their posters.