Differences between revisions 16 and 17
Revision 16 as of 2007-08-14 06:50:31
Size: 5259
Editor: ?MonicaFlorian
Comment:
Revision 17 as of 2007-08-14 07:27:29
Size: 3320
Editor: PaulWise
Comment:
Deletions are marked like this. Additions are marked like this.
Line 33: Line 33:
HenningSprang has lots of comments: HenningSprang has lots of comments: 
Line 43: Line 43:
 [http://smocks.dreamstation.com/28.html gran canaria weather] | [http://acetates.exactpages.com/74.html naughty house wives] | [http://licente.9cy.com/17.html lesbians using vibrators] | [http://lamplights.bravepages.com/91.html large grannies] | [http://euphuist.o-f.com/61.html sweet young masturbation] | [http://parrot.100freemb.com/89.html latex fetish housewife] | [http://reunifies.exactpages.com/86.html tranny whores] | [http://pen.1sweethost.com/69.html celebrities with chlamydia] | [http://guallatiri.1accesshost.com/35.html knickers off] | [http://lifetime.bravepages.com/93.html hole girl oral] | [http://cacciatore.00freehost.com/4.html deviant video fisting] | [http://triumphed.100freemb.com/85.html celebrity stars porn] | [http://misgoverns.100freemb.com/96.html ass fisting] | [http://disclaimer.wtcsites.com/78.html gorgeous tgirl] | [http://molybdenum.fcpages.com/48.html hbo vanity shemale] | [http://ombudsman.wtcsites.com/67.html piss and blow] | [http://triumphed.100freemb.com/65.html fat boobies] | [http://reunifies.exactpages.com/96.html transexual teen] | [http://spookiest.g0g.net/67.html easter 2006 date] | [http://buxom.9cy.com/73.html hand trampling] | [http://whiteys.kogaryu.com/32.html dildo babe] | [http://chiapas.freewebsitehosting.com/71.html hanukkah dates] | [http://gilding.freewebsitehosting.com/49.html lactating fetish stories] | [http://misgoverns.100freemb.com/59.html guy fucking grandma] | [http://fervently.00freehost.com/49.html fat dildo] | [http://repressive.1sweethost.com/71.html lesbian pissing teen] | [http://swooshes.150m.com/21.html monster xxx vid] | [http://chavez.wtcsites.com/49.html free fart squirt] | [http://refocussed.150m.com/41.html nurse foot fetish] | [http://sonant.o-f.com/55.html old anime man] | [http://boil.150m.com/49.html mom gangbang videos] | [http://freshet.exactpages.com/70.html teen glory holes] | [http://baht.fcpages.com/58.html pdx gloryholes]

Safer Hex in public places and at home

A BOF held a DebConf5 in Helsinki - the [http://layer-acht.org/download/safer_hex/ slides] are finally there)

[http://www.hermann-uwe.de/blog/towards-a-moderately-paranoid-debian-laptop-setup--part-1-base-system Towards a moderately paranoid Debian laptop setup]

Tools, that make you aware you're vulnerable

  • dsniff, dnsspoof, mailsnarf, sshmitm, webspy
  • driftnet
  • ethereal (can safe VOIP streams as .au files)

Tools, that can help you protect your privacy

  • crytofs for /home, /var and swap. crypto rootfs also doesn't hurt
  • ssh, ssh port forwarding, openvpn, ipsec
  • gnupg
  • SILC or encrypted jabber for IM
  • encrypted backups
  • tor, esp. in conjunction with privocy (but make sure to keep the privocy logs short)
    • for any tcp protocol, e.g.
    • for browsing the web
    • you can use tor for r2e too
  • ctrlproxy / screen+irssi/bitchx - but the problem of people keeping irc logs forever remains
  • mixminion (for email)
  • smartcard crypto usbsticks are becoming almost as cheap as normal usbflashdrives (33euro, ask on #debian.de, see [http://lair.fifthhorseman.net/~dkg/egate/] and [http://people.debian.org/~bod/])

Tools, that you shouldn't use

  • gpg-plugins for IRC & IM clients

  • gmail (you should at least read the EULA)
  • orkut (you should at least read the EULA)


HenningSprang has lots of comments:

  • where are the slides? :) (probably they make some of the following questions superflous)

  • it would be nice to add reasons WHY those tools shouldn't be used
  • pointing to an IRC channel to find out where to buy hardware is interesting, but does not at all raise the probability that people reading this will be using such a device soon, because it's already very complicated to only find out where to buy such a device (especially for people not willing to use the cleartext IRC protocol)
  • links to the programs mentioned above would be very helpful, a google search for "tor" doesn't seem to find anything connected with crypto or security at a first glance, and that's the only one i tested now.
  • p.s.: what about using google? I think it can considered harmful, also - apart from the risk that we loose lots of important information and the ways to important data, when google would be switched off today, we need an independent search engine of which we can make sure that it doesn't track who is searchign for what to eventually sell that info to marketing or otherwise bad people
  • hmm, encouraging to use encrypted jabber vs. NOT using gpg-plugins for jabber? ( /me uses gpg-plugin for jabber with a special key, why not?)
  • contact to the author of this page would be also very cool, to ask further questsions...
  • at least some info on the talk can be found at http://wiki.debian.net/?DebConf5Talks - the video is there: http://dc5video.debian.net/2005-07-16/Safer_Hex_in_Public-Holger_Levsen.mpeg

  • last but not least: what can/should/must developers of free software do, to make it easier (say: VERY easy!, say: no additional work at all) for users to use ncrypted anmd secure alternative solution to get their work done? How can we get even more secure while flawlessly working default configurations for our software?