Blog Archive

Blog Archive

Blog Archive 2017

Posted on Saturday, April 29, 2017
Blog Categories:
Practical Privacy, Sane Security by Stephen Barker, What this session isn't..., What this sessions is..., The Strategy - Harden your profile, Anonymize your network traffic, Obfuscate your DNS requests, Encrypt your network traffic wherever possible, Privatize your interactions, Harden Your Profile (laptop/desktop), Harden Your Profile (mobile), Anonymize Your Network Traffic (laptop/desktop) - VPN, TOR, Sidestep, Anonymize Your Network Traffic (mobile) - Opera VPN app, TOR-based browser, Obfuscate Your DNS Requests (laptop/desktop) - DNSCrypt, Obfuscate Your DNS Requests (mobile), Encrypt Your Traffic Wherever Possible (laptop/desktop) - HTTPS Everywhere, KB SSL Enforcer, Encrypt Your Traffic Wherever Possible (mobile) - Endless Browser, Privatize Your Interactions (laptop/desktop/mobile) - Use StartPage, Disable Third-Party Cookies, Use Incognito or 'Private Browsing' mode, Privatize Your Interactions (mobile) - Use DuckDuckGo as default search engine, Use Signal IM, Use Mr. Number, Privatize Your Interactions (social) - You're worth $54.16 per year to Facebook, Facebook Security Settings, Facebook Privacy Settings, Facebook Ad Settings, The Strategy - Harden your profile, Anonymize your network traffic, Obfuscate your DNS requests, Encrypt your network traffic wherever possible, Privatize your interactions, Additional Resources, Practical Privacy, Sane Security by Stephen Barker

A friend once told me that if everyone is sending envelopes, then sending a package looks suspicious.  Earlier today, I spoke at the 2017 DaVinci’s Faire & BarCamp with the goal of getting more people sending metaphorical packages since if everyone sent packages, packages would no longer garner suspicion.  Today, it is not completely unheard of for an ISP to send cease and desist notifications to people using TOR--a system that provides privacy and anonymity for online interactions.  And many systems out there, including CloudFlare and Atomic Secured Linux, are now purposefully...

Posted on Saturday, February 25, 2017
Blog Categories:
CloudBleed logo
Bloody Friday

Most of those in the development community learned yesterday that their attempts to secure their websites actually left them vulnerable to attack.  Beloved CloudFlare typically heralded as a method to shield websites from attack revealed it had a serious bug that leaked memory from "protected" sites that could reveal client IP addresses (one of the big security selling points of CloudFlare), private information, authentication tokens, cookies, passwords, private keys...basically everything that would keep a web developer up at night.  CloudFlare stated in a blog post...