Choose style:

Author Topic: Data Privacy for Ordinary People  (Read 2864 times)

0 Members and 1 Guest are viewing this topic.

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3814
  • Karma: 299
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Re: Data Privacy for Ordinary People
« Reply #15 on: May 03, 2018, 07:39:47 pm »
LoL! Let's just leave it at that ...  :)

Understood! :)
We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3814
  • Karma: 299
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Re: Data Privacy for Ordinary People
« Reply #16 on: May 17, 2018, 07:07:35 am »
Google’s File on Me Was Huge. Here’s Why It Wasn’t as Creepy as My Facebook Data.

By Brian X. Chen for the New York Times

https://www.nytimes.com/2018/05/16/technology/personaltech/google-personal-data-facebook.html

perknh here:  I tried looking at my data with Google, but, since I have Google encrypting my data, Google told me it couldn't retrieve my data -- assumably until I decrypt my data myself.  Honestly, this policy both surprised and impressed me.  Still I bet it's shocking how much data Google must have on me.  Like many of us, I've been using Google's services for years.
We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3814
  • Karma: 299
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Re: Data Privacy for Ordinary People
« Reply #17 on: March 19, 2019, 09:09:07 am »
I've been using Stubby within Peppermint 9 along with Quad9's DNS for a while now, and I've had no issues with it whatsoever.  I've also tried Stubby along with Google's Public DNS.   (It works with Cloudflare's DNS too.)  So what the heck is Stubby anyway?  'Stubby' is an application that acts as a local DNS Privacy stub resolver (using DNS-over-TLS). Stubby encrypts DNS queries sent from a client machine (desktop or laptop) to a DNS Privacy resolver increasing end user privacy. (Source:  DNS Privacy Project)

Quote
Google is the fifth entity which decided to add DNS-over-TLS support to its public DNS resolver service, with Cloudflare, CleanBrowsing, Quadrant Information Security, and Quad9 being the first companies to do it. -- Sergiu Gatlan

Source: https://www.bleepingcomputer.com/news/google/google-adds-dns-over-tls-support-to-its-public-dns-service/

Stubby is easy to install and test.  It's much easier to install than DNSCrypt with which it is frequently compared. ;)



How to use DNS over TLS on Ubuntu Linux*

By Jack Wallen for TechRepublic

https://www.techrepublic.com/article/how-to-use-dns-over-tls-on-ubuntu-linux/



* Definition:  TLS is Transport Layer Security

« Last Edit: March 20, 2019, 07:10:29 am by perknh »
We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Offline Slim.Fatz

  • Trusted User
  • Veteran
  • *****
  • Posts: 1727
  • Karma: 464
  • Where's the mouse?
    • View Profile
  • Peppermint version(s): Peppermint 7, 8.5 & 9 - 64bit
Re: Data Privacy for Ordinary People
« Reply #18 on: March 20, 2019, 03:15:33 am »
Hi perknh,

Nice work!!  ;) I think I'll give this a test run myself.

Thanks for sharing the info!  :)

Regards,

-- Slim
"Life first -- Peppermint a close 2nd!" -- Zeb

Tread lightly: Fluxbox, JWM, i3, Openbox, awesome

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5177
  • Karma: 939
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Data Privacy for Ordinary People
« Reply #19 on: March 20, 2019, 07:32:36 am »
OMG! Here's one for the books...

I already had DNS over TLS working on this machine - all of my machines, actually - and I was goofing around with Stubby and GetDNS, because I was bored.

For some reason IPv6 wasn't working with that combo, so I started dancing on the keyboard. Three hours later, I had totally FUBAR'ed the DNS lookup on this machine. It was dead in the water. So, I went about manually rebuilding 'resolv.conf' and company.

I knew '/etc/resolv.conf' was a symlink. It was broken, and everything I read had the wrong path to the real one. After a couple of more hours, I reverse engineered it, using deductive logic, while doing an A-B comparison on a working machine.

It's 4:30 AM now. I finally got it all working, minus Stubby and GetDNS.

I would have let it go, until morning, but I had a business letter I needed to send ASAP, plus I have a 8:00 AM meeting.

Guess I better get some shut-eye, eh? Thanks, perk!   :D

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3814
  • Karma: 299
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Re: Data Privacy for Ordinary People
« Reply #20 on: March 20, 2019, 08:06:43 am »
@Slim.Fatz

Here is a short post worth reading from Google Security Blog by Marshall Vale and Puneet Sood where Stubby is mentioned.

I'm currently using Stubby along with Quad9, but it ought to work just as well with Google Public DNS or Cloudflare.

This article, from Martin Brinkmann, was what prompted me to look into TLS more deeply.  It was my starting point leading me to Stubby.  Before reading this, I had thought our Domain Name Server would have been enhanced automatically with Transport Layer Security, but I was wrong about that.  I'm sure glad I found Brinkmann's article. ;)


@VinDSL

OMG! Here's one for the books...

I already had DNS over TLS working on this machine - all of my machines, actually - and I was goofing around with Stubby and GetDNS, because I was bored.

For some reason IPv6 wasn't working with that combo, so I started dancing on the keyboard. Three hours later, I had totally FUBAR'ed the DNS lookup on this machine. It was dead in the water. So, I went about manually rebuilding 'resolv.conf' and company.

I knew '/etc/resolv.conf' was a symlink. It was broken, and everything I read had the wrong path to the real one. After a couple of more hours, I reverse engineered it, using deductive logic, while doing an A-B comparison on a working machine.

It's 4:30 AM now. I finally got it all working, minus Stubby and GetDNS.

I would have let it go, until morning, but I had a business letter I needed to send ASAP, plus I have a 8:00 AM meeting.

Guess I better get some shut-eye, eh? Thanks, perk!   :D

Oh no, VinDSL!  :o 

I've never played with IPv6 at all, and I don't know that much about it.  I'm still using IPv4.
 
We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Offline Slim.Fatz

  • Trusted User
  • Veteran
  • *****
  • Posts: 1727
  • Karma: 464
  • Where's the mouse?
    • View Profile
  • Peppermint version(s): Peppermint 7, 8.5 & 9 - 64bit
Re: Data Privacy for Ordinary People
« Reply #21 on: March 20, 2019, 02:40:48 pm »
Thanks again, perknh !! You've been doing a lot of "leg work" for us here.  ;)

Regards,

-- Slim
"Life first -- Peppermint a close 2nd!" -- Zeb

Tread lightly: Fluxbox, JWM, i3, Openbox, awesome

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5177
  • Karma: 939
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Data Privacy for Ordinary People
« Reply #22 on: March 23, 2019, 03:41:25 am »
Oh no, VinDSL!  :o 

I've never played with IPv6 at all, and I don't know that much about it.  I'm still using IPv4.

I love playing with IPv6. I just need to stop invoking Murphy's Law at midnight. :)

I'm starting to run out of neglected hardware. I spent several hours, last night, resolving a ticket at my web host. ClamAV quit working on my server, which I really don't care about. However, WHM was sending me email notifications every 5 minutes, warning me that clamd was down. After it had sent 200+ emails, I had enough of it. To make the situation worse, they had migrated me to a more powerful server last year, and my WHM root password wasn't working - WHM and cPanel weren't communicating. But, I digress...

Anyway, back to my love-fest with IPv6, I decided to dust off my Toshiba Satellite Vista lappy, tonight. I haven't paid any attention to it, except to charge the battery every year or two, or whenever I think about it. I deleted Fx and Chrome, which are now longer supported on Vista, and I installed Maxthon MX5, which is working quite nicely. Then, I updated the Toshiba drivers, which hadn't been done since 2006. Blah, blah, blah.

After doing all of this, and more, I tested for IPv6 connectivity... Nothing. IPv6 has been around a loooong time, and I knew Vista came with IPv6 installed and enabled by default. So, after dancing on the keyboard, I finally got it working.

Code: [Select]
C:\Users\VinDSL>ping ipv6.google.com

Pinging ipv6.l.google.com [2607:f8b0:400a:808::200e] from 2602:47:d1fe:5500:2132
:9a9:7ad2:f60 with 32 bytes of data:
Reply from 2607:f8b0:400a:808::200e: time=56ms
Reply from 2607:f8b0:400a:808::200e: time=49ms
Reply from 2607:f8b0:400a:808::200e: time=49ms
Reply from 2607:f8b0:400a:808::200e: time=51ms

Ping statistics for 2607:f8b0:400a:808::200e:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 56ms, Average = 51ms

C:\Users\VinDSL>ping ipv4.google.com

Pinging ipv4.l.google.com [172.217.3.206] with 32 bytes of data:
Reply from 172.217.3.206: bytes=32 time=49ms TTL=56
Reply from 172.217.3.206: bytes=32 time=48ms TTL=56
Reply from 172.217.3.206: bytes=32 time=49ms TTL=56
Reply from 172.217.3.206: bytes=32 time=50ms TTL=56

Ping statistics for 172.217.3.206:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 50ms, Average = 49ms

C:\Users\VinDSL>

So yeah, I don't know why I'm so obsessed with IPv6 lately, but I am.

Maybe, I'll try to get it working on Stubby, after I run out of doorstops to rebuild. LoL
« Last Edit: March 23, 2019, 04:02:31 am by VinDSL, Reason: Addendum »

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 25285
  • Karma: 2793
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: Data Privacy for Ordinary People
« Reply #23 on: March 23, 2019, 08:34:26 am »
That's what email filters are for ;)
(nothing like cheating shortcuts :)))
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5177
  • Karma: 939
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: Data Privacy for Ordinary People
« Reply #24 on: March 23, 2019, 03:49:34 pm »
That's what email filters are for ;)
(nothing like cheating shortcuts :)))

It's funny you should mention that...

I have 11 email accounts and 1000s of email filters in Thunderbird. It's the only 'game' I play - me vs the bots.

I play the 'filter game' all day, every day. It makes me look forward to the never-ending combat. And, I've got it down pat.

The thing is, one of the ways I monitor my server, in Houston, is to run a daily cron on a bogus email addy. Every night, at midnight (server time), it sends me three (3) email notifications saying that it attempted the cron three times, but the addy doesn't exist. The errors tell me the server is working fine.

Yes, I could have easily made a filter that looks for some word in the body of the message, but what if that word (or words) are present in a notification(s) that I need to get. For instance, I suppose I could have filtered it using "clamd". But, the larger problem was I couldn't log into my server because the root password wasn't working.

So, me and the boys in Pakistan (they use a Indian/Pakistani unit for IT at that time of night)  worked it out. I had auth for cPanel and the Client Area, but you can't do jack for server maintenance in those apps. Those are purposely designed for clients, if I decided to host websites for someone else, e.g. clients not admins. I have no interest in being a reseller, but one still needs WHM auth for general server maintenance and configuration.

Anyway, it's all good now. Once I got into the server, I could see the problem. ClamAV was updated the other night, but Red Hat deprecated the version of CentOS that I'm running, and the latest version of ClamAV no longer supports my version of CentOS. Thus, the notifications.

The haxor was simple - remove ClamAV, and change the warning level on clamd from High to Medium.

My sites are sitting in a SolusMV virtual environment, so the only way I can update CentOS is to migrate to a new server, and it isn't worth all the hassle for ClamAV, you know?

It's all part of the game, eh what?  ;D
« Last Edit: March 23, 2019, 03:54:38 pm by VinDSL, Reason: Clarification »

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3814
  • Karma: 299
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Re: Data Privacy for Ordinary People
« Reply #25 on: May 09, 2019, 07:27:41 am »
Something good to know.  Always got our eyes on the Big G! ;)

How to force Google to automatically delete the information it saves about what you do online

By Todd Haselton for CNBC

https://www.cnbc.com/2019/05/08/how-to-stop-google-from-tracking-web-history.html
We're all Peppermint users and that's what matters  ;).  -- AndyInMokum