Monday, March 4, 2024

Secure Browsing

Browsing online or even just connecting to a website can infect your computer. To check a URL to see if it is potentially dangerous go to https://www.virustotal.com and past the URL.

Another approach is to use https://urlvoid.com which allows you to view a website without actually visiting it with your browser.

To add an additional layer of protection to your home network system, a hardware solution adds substantial security. Browsing online and even just connecting to a website with its domain name opens you up to DNS snooping. The use of Unbound DNS resolver and Quad9 DNS recursive service can help maintain anonymity. Naomi Brockwell has a video explaining the process. And a video of a general discussion on securing your home network.

The overall process is to use the existing modem from your ISP and connect an external modem and WiFi unit. The existing modem is then set to bridge mode so that all data passes through to the external modem. (Bridge mode turns off that modem's WiFi.). The new modem will allow full control over DNS resolving, and an additional WiFi unit will provide separate and secure wireless connectivity.

Add an external modem like Protectli Vault FW4B (with Coreboot pre-installed. Default address is 192.168.1.1) connected via an ethernet cable. Install and run pfSense software on the Protectli Vault (Use BelenaEtcher to install pfSense onto a USB stick then use to install pfSense onto the Protectli Vault). Connect a separate WiFi unit to the Protectli Vault via an ethernet cable. Change your ISP's modem to bridge mode. 

pfSense download parameters
 

Protectli Vault FW4B

Bridging your existing modem allows you to use a third-party router and disable the modem’s Wi-Fi capability. Follow these steps to bridge the Hitron modem:

  1. Open a web browser and visit 192.168.0.1
  2. Sign in using the following credentials:
    • Username: Cusadmin
    • Password: (your password)
  3. Select Basic.
  4. Select the Gateway Function tab.
  5. Select Residential Gateway Function.
  6. Select Disable.
  7. To finish, select OK when prompted.
 
  Click to enlarge

WiFi

You will use a separate wifi unit. If it is a WiFi only unit then nothing needs to be done other than connecting to the Protectli vault (either directly or through a network switch). If it is a combination modem and wifi, it needs to be set to "AP mode." This means it is now only a wifi unit.

Posted by at No comments:

Saturday, March 2, 2024

A Private Phone

Both Android and iPhones collect a lot of data from the user and send it to companies like Google who sell this data around the world.

One solution is to remove Google apps and others that compromise your phone.

The best way to achieve this is to get a new phone and install the GrapheneOS operating system which is very private and secure. With it you can use alternative apps that can help keep your information private. (Recommended by Edward Snowden via Naomi Brockwell.) Currently GrapheneOS only works on Google's Pixel phones. Watch Naomi Brockwell's video on a complete setup of a Pixel phone with Graphene.

In another video by Naomi Brockwell she discusses another OS for privacy and that is CalyxOS which runs on Pixel and some Motorola and Fairphone phones. You download the OS and install it. You can also buy a Pixel phone with CalyxOS pre-installed from the Calyx Institute.

Other steps can be taken to increase the privacy of your existing phone:

Faraday Cases

A way to secure your phone from tracking is with a Faraday cage. SLNT make them in multiple sizes, from small ones for phones, tablets and laptops up to entire backpacks.

Privacy Screen

Naomi Brockwell recommends a "privacy screen" on your phone, and on a tablet or laptop if it is likely to be used in a public location. These prevent viewing the display from other than a direct view angle. This is achieved by incorporating either a polarized filter or a micro-screen feature. They are overlays like screen protectors placed on the display. They are made of either plastic or glass and are readily available. For phones that have a fingerprint reader on the screen will have problems reading the fingerprint. For these it is best to get the plastic version and cut a small hole in it at the location of the fingerprint sensor.


Typical viewing angle reduction
Posted by at No comments:

Malicious emails and files

If you are suspicious of an email or download link there are a few ways to check it out (from Liron Segev).

A file can be checked by copying the link to the file (or a URL) and pasting it at VirusTotal.com. You will get an analysis of the file or URL and report of any malicious content. This is particularly useful to check a program before installing it on your computer. Just upload the EXE file.

If you think your personal information has been widely spread on the internet try DeleteMe which is a service that can help remove some of this information.

Posted by at No comments:
Subscribe to: Posts (Atom)