Tightening your security, safeguarding your right to privacy.


We all know by now that surveillance is ubiquitous. The Snowden revelations unveiled wide and far ranging capabilities on the part of the ‘five eyes’ coalition of intelligence agencies, NSA, GCHQ

But recent leaks of the Italian Cybersecurity company Hacking Team exposed an even murkier side. The firm was dubbed a “Corporate enemy of the Internet” by Reporters Without Borders, and the data that has recently leaked from the company has all but confirmed as relevant its placing on this list:

HackingTeam: “Hacking Team’s ‘DaVinci’ Remote Control System is able, the company says, to break encryption and allow law enforcement agencies to monitor encrypted files and emails (even ones encrypted with PGP), Skype, and other voice over IP or chat communication. It allows identification of the target’s location and relationships. It can also remotely activate microphones and cameras on a computer and works worldwide. Hacking Team claims that its software is able to monitor hundreds of thousands of computers at once, all over the country.”
(‘Meet the Corporate Enemies of The Internet for 2013’ )

Having examined the files contained in the leak and written about European Countries involvement with the company (IrelandUK & FranceSwitzerland — Luxembourg & GermanyCyprus ) I decided to revisit security at home and find out what could be done to strengthen it.

I found some great resources and decided I should share them all in one place.


A great place to start is the Electronic Frontier Foundation Surveillance Self Defence guides


1-Disable Flash

Disable Flash. Now. I won’t go over the many reasons why you should uninstall it, but here’s a few: 1, 2, 3, 4

Mozilla just got rid of it, for good:

And Facebook Security Chief calls for its demise:

-Here’s how to disable it from your browsers:

Chrome: Go to chrome://plugins in your search bar. Scroll down to Adobe Flash Player. Click Disable.

Safari: Go to Safari > Preferences. Click Security. Click Manage Website Settings. Click Adobe Flash Player. Go to the When visiting other websites dropdown and click Block.

Firefox: Go to the hamburger icon in the upper righthand corner. Click Add-ons. Go to the lefthand column and click Plugins. Go to the dropdown next to Shockwave Flash and select Never Activate.

Internet Explorer: Go to the gear icon in the upper righthand corner. Click Internet options. Click Programs. Click Manage add-ons. Click Shockwave Flash Client. In the lower righthand corner, click Disable.


2-Review your passwords

The Intercept’s Micah Lee has written some great guides (more below ) and this one is a fascinating piece on making sure your password is truly secure:



4-Set up a VPN

I came across this great article and set up a free VPN connection using AWS.

Advantages of a Private VPN Server

Simple: Non-techies should also be able to follow this guide easily.
Quick: 10 minutes is all it takes to follow this guide and create a private VPN server.
Private: Dedicated VPN server for your use only.
Secure: Encrypted & password enabled VPN server with no logs.
On demand: You can start / stop the VPN server as required.
Global: One or more VPN servers in 9 worldwide regions (including US, Tokyo, Singapore).
Device support: Supports PPTP and L2TP with IPSEC which means you can use the VPN server on your Android, iPhone, iPad, PC, MAC, and even most routers (to support Apple TV, Chromecast).
Open source: Review / contribute to this project https://github.com/webdigi/AWS-VPN-Server-Setup
Free: New Amazon AWS customers have a free tier server for the first year.


5-Use TOR

What is Tor?

Tor is a volunteer-run service that provides both privacy and anonymity online by masking who you are and where you are connecting. The service also protects you from the Tor network itself.
For people who might need occasional anonymity and privacy when accessing websites, Tor Browser provides a quick and easy way to use the Tor network.
The easiest way to use the Tor network is to use the Tor Browser Bundle, which combines a web browser, the Tor software, and other helpful software that will give you a way of more securely accessing the web (From the EFF )

6-Use PGP Encrypted Email

(PGP) is a way to protect your email communications from being read by anyone except their intended recipients. It can protect against companies, governments, or criminals spying on your Internet connection, and, to a lesser extent, it can save your email from being read if the computer on which they are stored is stolen or broken into.

Learn how to install and use PGP for Linux, Windows, OS X


7-Use OTR Messaging
OTR
(Off-the-record) is a protocol that allows people to have confidential conversations using the messaging tools they’re already familiar with. This should not be confused with Google’s “Off the record,” which merely disables chat logging, and does not have encryption or verification capabilities.
OTR employs end-to-end encryption. This means that you can use it to have conversations over services like Google Hangouts or Facebook without those companies ever having access to the contents of the conversations. This is different from the way in which Google and AOL use the term “off the record” to mean that a conversation is not being logged; that option does not encrypt your conversation. (From the EFF )

This guide, crafted by Micah Lee, is a must-read:

Learn how to install and use OTR on Windows, OS X



9-Lock your hardware

If you use a laptop, it is important you lock the firmware. If your device is lost or stolen, it can be started up from an external drive or USB thumb drive and your data could be accessed.

Learn how to lock your firmware on OS X, Windows


This next part will look more closely at OS X, and what you can use to protect your system.

Objective-See

Patrick Wardle’s Objective See (free ) products are powerful and designed to protect your mac. They were developed for his own personal protection.

KnockKnock (UI) KnockKnock… Who’s There?” See what’s persistently installed on your Mac. KnockKnock (UI) uncovers persistently installed software in order to generically reveal malware. Download

Dynamic Hijack Scanner
Dylib hijack scanner or DHS, is a simple utility that will scan your computer for applications that are either susceptible to dylib hijacking or have been hijacked. Download

BlockBlock (beta)
BlockBlock provides continual protection by monitoring persistence locations. Any new persistent component will trigger a BlockBlock alert, allowing malicious items be blocked. Download


MalwareBytes Anti Malware

This free software will remove any adware and malware present on your mac. Download


Etresoft Etrecheck

Etrecheck will scan and gather your system info. It is a collaborative effort from the Apple Support Communities, designed to remotely debug problems. Download


Objective Development Little Snitch

Little Snitch is a network monitoring tool, and lets you decide each time a connection attempt is made whether or not you allow the connection.


Rixstep

The ACP software suite is a collection of very powerful tools, and is geared towards the IT professionals. But if you are curious, head over to their site