HTTP/3: Come for the speed, stay for the security

HTTP/3: Come for the speed, stay for the security

In 2013, Google introduced a new experimental protocol called Quick UDP Internet Connections (QUIC), that would make HTTP requests faster and more secure. Google estimates that traditional TCP-based HTTP requests take about 100ms because the client has to establish a connection with the server before it asks for anything.

Whonix LIVE - Testers Wanted!

Whonix LIVE - Testers Wanted!

Whonix now has the option of booting into a live system . When live-mode is chosen, all write operations will go to RAM instead of the hard disk. Follow Whonix live-mode Development: With the setup you could run whonix always as a live system.

[Bug-gnuzilla] IceCat 60.3.0 Release

* A set of companion extensions for LibreJS by Nathan Nichols (https://addons.mozilla.org/en-US/firefox/user/NateN1222/) are pre-installed, and provide workarounds to use some services at USPS, RSF.org, SumOfUs.org, pay.gov, McDonald's, goteo.org and Google Docs without using nonfree JavaScript.

How to improve security when using IoT or Smart Home devices

How to improve security when using IoT or Smart Home devices

With the advent of the Internet of Things (IoT) and Smart Home devices, our environments are becoming more connected however this comes with the compromise of security. So what is the best way to secure your network when using IoT or Smart Home devices?

Smart Adblock

Smart Adblock

SmartAdBlock is the only tool you need to browse a clean ad free internet, even on the most hostile websites. Browse putlocker 123movies solarmovie or any other streaming website without ads or popups. For an optimal experience use only one adblocker to avoid any interference.

How to painlessly remember your passwords – Data Driven Investor – Medium

How to painlessly remember your passwords – Data Driven Investor – Medium

Hence, that example satisfies all requirements for creating a secure password to have upper, lower case letters, special character and number and in the same time noticeably effortless to remember the phrase, today’s computer technology will require at least 550 years to crack that password!

No More Glass Safes: tnnl Brings Privacy to Digital Assets

PRAGUE, Oct. 31, 2018 /PRNewswire/ -- At Devcon4, Cryptographic Applications Research, LLC (Cryptario) today released a "dark" paper and protocol specification detailing tnnl, a privacy-layer for the Ethereum network.

#18 - Build our own internet with André Staltz by

#18 - Build our own internet with André Staltz by

#18 - Build our own internet with André Staltz by published on 2018-10-28T11:00:58Z This time however, we go a more non-technical route, and chat about how we can build our own internet, and how other people are already doing it.

How to set up untraceable websites (eepsites) on I2P

How to set up untraceable websites (eepsites) on I2P

An eepsite is a website that is hosted anonymously, a hidden service which is accessible through your web browser. If you use I2P webserver, you can check your destination by clicking “I2P webserver” in “I2P HIDDEN SERVICES”.

Quantum Computing – Is the World of a Security Internet Over?

Quantum Computing – Is the World of a Security Internet Over?

After decades and billions of dollars in research, designs are finally coming online that can solve tasks faster than classical computer designs.

Developing privacy-aware applications with Python and I2P

For example, this is how you connect to "udhdrtrcetjm5sxzskjyr5ztpeszydbh4dpl3pl4utgqqw2v4jna.b32.i2p", send HTTP GET request and read the response (it is "i2p-projekt.i2p" web server): remote_host = "udhdrtrcetjm5sxzskjyr5ztpeszydbh4dpl3pl4utgqqw2v4jna.b32.i2p" reader , writer = await i2plib .

How to increase the value of your anonymized data? – Generate Vision – Medium

How to increase the value of your anonymized data? – Generate Vision – Medium

From figure 3 we can see that faces images processed by conventional anonymization methods not only produce bad segmentation boundaries, but also make the segmentation model to infer completely new object classes that were never present in the original image, like cats or bottles.

Aaron Jones - Introduction to I2P

Aaron Jones - Introduction to I2P

Presented at the Phoenix Linux Users Group's security session on March 15th 2018 Aaron is an experienced Linux user with several years of teaching experience. If you like what you see here, the Phoenix Linux Users Group meets several times a month.

Press release: UK intelligence agency admits unlawfully spying on Privacy International

Press release: UK intelligence agency admits unlawfully spying on Privacy International

https://privacyinternational.org/sites/default/files/2018-03/A1.%20Claimant%27s%20re-amended%20statement%20of%20grounds.pdf The challenge to the acquisition, use, retention, disclosure, storage and deletion of ‘Bulk Personal Datasets’ (BPDs) and Bulk Communications Data (BCDs) by the UK Intelligence Agencies was commenced by Privacy International on 8 June 2015.

Security experts say Chrome 69’s ‘forced login’ feature violates user privacy

Security experts say Chrome 69’s ‘forced login’ feature violates user privacy

A new feature in the latest version of Google Chrome that logs users into the browser when they sign in to a Google site has come under fire.

ESNI: A Privacy-Protecting Upgrade to HTTPS

ESNI: A Privacy-Protecting Upgrade to HTTPS

Today, the content-delivery network Cloudflare is announcing an experimental deployment of a new web privacy technology called ESNI. Hosting providers and CDNs (like Cloudflare) still know which sites users access when ESNI is in use, because they have to serve the corresponding content to the users.

'I am admin' bug turns WD's My Cloud boxes into Everyone's Cloud

'I am admin' bug turns WD's My Cloud boxes into Everyone's Cloud

Researchers at infosec shop Securify revealed today the vulnerability, designated CVE-2018-17153, which allows an unauthenticated attacker with network access to the device to bypass password checks and login with admin privileges.

Three years later, Let’s Encrypt has issued over 380 million HTTPS certificates

Three years later, Let’s Encrypt has issued over 380 million HTTPS certificates

That means bloggers, single-page websites and startups alike can get an easy-to-install certificate for free — even news sites like TechCrunch rely on Let’s Encrypt for a secure connection.

Are you a hostage of the Filter Bubble? – Jan Tegze – Medium

Are you a hostage of the Filter Bubble? – Jan Tegze – Medium

First option: You can use other engines like Bing, but if you would like to use Google results you can try a search engine like Startpage.com. It is an Internet search engine that emphasizes protecting searchers’ privacy and avoiding the filter bubble of personalized search results.

Feedify Hacked with Magecart Information Stealing Script

Feedify Hacked with Magecart Information Stealing Script

A script used by the customer engagement service Feedify has been hacked to include the malicious MageCart script. MageCart is malicious code used by attackers to steal credit card details and other information from e-commerce sites when a user submits a form.

Guardian Mobile Firewall

Guardian Mobile Firewall

The justification pop up presented to users when requesting access to Location Services, for app versions 6.0.2 (released August 17, 2018) and later, uses the following text: “MyRadar needs your location to show your position on the map, as well as for advanced features including critical weather warnings.

HTTPS crypto-shame: TV Licensing website pulled offline

HTTPS crypto-shame: TV Licensing website pulled offline

The UK's TV Licensing agency has taken its website offline "as a precaution" after being blasted for running transactional pages that were not sent over HTTPS.

Sadd: anonymous virtual desktops with Tor built-in

Sadd: anonymous virtual desktops with Tor built-in

Two of the main downsides to using the service are that it is restricted to 15 minutes of virtual desktop access at a time and that HTTPS is not used to connect to the virtual environment for free users.

WebScan of thepiratebay.org

High-Tech Bridge provides you with a free API to test your web server for security related configuration. $ curl -XPOST -d 'job_id=2a9e1f1bc92dc0c7a4bde930dff488771eea6d36988208d34163c5496227b8dc' 'https://www.htbridge.com/websec/api/v1/get_result/1451425590.html' $ curl -XPOST -d 'tested_url=twitter.com&choosen_ip=any&dnsr=off&recheck=false&follow_redirects=true&verbosity=1' 'https://www.htbridge.com/websec/api/v1/chsec/1451425590.html' $ curl -XPOST -d 'tested_url=twitter.com&choosen_ip=any&dnsr=off&recheck=false&follow_redirects=true&verbosity=1' 'https://www.htbridge.com/websec/api/v1/chsec/1451425590.html' $ curl -XPOST -d 'tested_url=0.0.0.0&choosen_ip=any&dnsr=off&recheck=false&follow_redirects=true&verbosity=1' 'https://www.htbridge.com/websec/api/v1/chsec/1451425590.html'

Spyware in browser extensions — it’s worse than you think

54.86.66.252 - - [19/Aug/2018:20:37:26 +0200] "GET /clearly-this-is-a-honeypot-for-big-star-labs/ HTTP/1.1" 200 257 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25" 54.86.66.252 - - [19/Aug/2018:20:37:26 +0200] "GET /clearly-this-is-a-honeypot-for-big-star-labs/ HTTP/1.1" 200 257 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25"

Mozilla wipes 23 Firefox add-ons off the map for tracking user activity

Mozilla has eradicated 23 Firefox add-ons for monitoring user browsing habits and covertly sending data to remote servers. In a Mozilla Bugzilla update, engineer Jorge Villalobos said that while it is reasonable for some add-ons to check web pages in order to ascertain whether or not they are secure, additional issues were also brought up.