OpenVPN vs IPSec, WireGuard, L2TP, & IKEv2 (VPN Protocols 2019)

What are VPN protocols and why do you need to understand the different options?
— What is IPSec?
👉 https://t.me/BlackBox_Archiv/66

— What is IKEv2/IPSec?
— L2TP/IPSec
👉 https://t.me/BlackBox_Archiv/67

—WireGuard
— PPTP
— SSTP
👉 https://t.me/BlackBox_Archiv/68

— OpenVPN UDP vs OpenVPN TCP
— What is the best VPN protocol?
— VPN protocols conclusion
👉 https://t.me/BlackBox_Archiv/69

#OpenVPN #IPSec #L2TP #IKEv2 #WireGuard #guide
📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

How Android Q improves Privacy and Permission Controls over Android Pie

https://www.xda-developers.com/android-q-privacy-permission-controls

#android #q #permissions

The Big DNS Privacy Debate at FOSDEM

https://blog.powerdns.com/2019/02/07/the-big-dns-privacy-debate-at-fosdem

HN comments:
https://news.ycombinator.com/item?id=19104167


#dns #doh #fosdem

🇬🇧 Surveillance — Self-Defense
Your Security Plan

Trying to protect all your data from everyone all the time is impractical and exhausting. But, have no fear! Security is a process, and through thoughtful planning, you can put together a plan that’s right for you. Security isn’t just about the tools you use or the software you download. It begins with understanding the unique threats you face and how you can counter those threats.
🇬🇧👉 https://t.me/BlackBox_Archiv/71

🇩🇪 Überwachung — Selbstschutzmaßnahmen
Ihr Sicherheitsplan

Der Versuch, alle Ihre Daten jederzeit vor jedem zu schützen, ist unpraktisch und anstrengend. Aber haben Sie keine Angst! Sicherheit ist ein Prozess, und durch eine durchdachte Planung können Sie einen Plan zusammenstellen, der für Sie geeignet ist.
🇩🇪👉 https://t.me/BlackBox_Archiv/73

#Surveillance #SelfDefense #SecurityPlan #Security
📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

Algeria Ranked ‘Least Cyber-Secure’ Country in the World, Japan ‘Most Cyber-Secure’

Which countries have the worst (and best) cybersecurity?

With so much of our information (including incredibly personal data) being found online, cybersecurity is of the utmost importance.

So just where in the world are you cyber safe – if anywhere?
https://www.comparitech.com/blog/vpn-privacy/cybersecurity-by-country/

Read Via Telegram

#vulnerability #cryptomining #hacking
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE

The truth about e-mail

A short beginner-friendly intro on e-mail ins and outs

Before reading this article, you might want to take a look at the “Threat Modeling” article:
👉 https://t.me/NoGoolag/806

There are many misconceptions about e-Mail, thanks to marketing efforts of companies looking to score a quick buck off the privacy scandals. Such companies include Protonmail, Tutanota et al. This post intends to teach you some basics so you can make an educated decision, unswayed by corporate greed.

‼️ E-Mail is almost always public. E-Mails are essentially postcards. It can be encrypted in transit [1], but it will always be visible and accessable to the servers involved. There is absolutely no way to avoid this. The e-mail protocol is old and was never designed for privacy.

‼️ You need to encrypt yourself. The most common way to do so is PGP, which is supported by a wide array of clients [2] and thoroughly tested.

‼️ Even PGP is not a a perfect solution. Some of the metadata will always be unencrypted. Subject line/sender/recipient/timestamp/etc. can already be used to create detailed profiles of you. There is no way to avoid this. You might want to keep the subject line light.

‼️ Providers claiming they cannot scan/sell/analyze your data are always a scam. They can, and as stated before: there is no way around it.

‼️ A way to ensure fully private e-mail communication is to only use a single server that you trust. Internal messages stay on that server/in that network, provided you use TLS/SSL. More on selfhosting at a later point.

‼️ If you don’t pay, you are most likely the product. Unless your provider of choice is an actual non-profit organisation run by a small community of ordinary people you should stay away from free providers if you possibly can. This is a general rule. There are cheap services that you might be able to afford. While of course not being any more trustable tech-wise, there’s at least a smaller conflict of interest with them.

[1] You can check if your message was encrypted in transit with a Thunderbird addon called Paranoia.
[2] You can use Enigmail for Thunderbird to easily deploy PGP in daily life without any effort on your end.

Source (a big thanks) and more info at: https://lushka.al/truth-about-email/
🇩🇪👉 https://t.me/cRyPtHoN_INFOSEC_DE/2114

#email #security #guide

🇬🇧 Google Screenwise:
An Unwise Trade of All Your Privacy for Cash

Imagine this: an enormous tech company is tracking what you do on your phone, even when you’re not using any of its services, down to the specific images that you see. It’s also tracking all of your network traffic, because you’re installing one of its specially-designed routers..(...)
🇬🇧👉 https://t.me/BlackBox_Archiv/76

🇩🇪 Google im Blickfeld:
Ein unkluger Handel mit Ihrer gesamten Privatsphäre für Bargeld

Wenn Sie sich vorstellen: Ein riesiges Technologieunternehmen protokolliert, was Sie auf Ihrem Handy tun, auch wenn Sie keinen seiner Dienste nutzen, bis hin zu den spezifischen Bildern, die Sie sehen. Es verfolgt auch den gesamten Netzwerkverkehr, da Sie einen seiner speziell entwickelten Router installieren...(...)
🇩🇪👉 https://t.me/BlackBox_Archiv/78

#google #privacy #panopticon
📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

🇬🇧The Problem with Mobile Phones

Mobile phones have become ubiquitous and basic communications tools—now used not only for phone calls, but also for accessing the Internet, sending text messages, and documenting the world.
🇬🇧👉 https://t.me/BlackBox_Archiv/92

🇩🇪 Überwachung — Selbstschutz
Das Problem mit Mobiltelefonen

Mobiltelefone sind zu allgegenwärtigen und grundlegenden Kommunikationsmitteln geworden - nicht nur für Telefonate, sondern auch für den Zugang zum Internet, das Versenden von Textnachrichten und die Dokumentation der Welt.
🇩🇪👉 https://t.me/BlackBox_Archiv/85

#surveillance #selfprotection #mobilephones #selfdefense
#Überwachung #Selbstschutz #Handys
📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

🇬🇧📺 I Cut the 'Big Five' Tech Giants From My Life. It Was Hell

Week 6: Blocking them all

A couple of months ago, I set out to answer the question of whether it’s possible to avoid the tech giants. Over the course of five weeks, I blocked Amazon, Facebook, Google, Microsoft, and Apple one at a time, to find out how to live in the modern age without each one.
To end my experiment, I’m going to see if I can survive blocking all five at once.

📺 https://gizmodo.com/i-cut-the-big-five-tech-giants-from-my-life-it-was-hel-1831304194

📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

🇬🇧 Open letter to Facebook

Political actors use disinformation campaigns that prey on our emotions and values to manipulate our behaviour. We have a right to know who is paying to influence our vote, and Facebook is responsible for making sure that happens on their platform. They have made many promises to European lawmakers and users to make political ads more transparent, but so far we’ve seen little action. So we decided to pen an open letter telling them to implement what they've promised in enough time to protect users during the European elections.

Dear Facebook:

We are writing you today as a group of technologists, human rights defenders, academics, journalists and Facebook users who are deeply concerned about the validity of Facebook’s promises to protect European users from targeted disinformation campaigns during the European Parliamentary elections. You have promised European lawmakers and users that you will increase the transparency of political advertising on the platform to prevent abuse during the elections. But in the very same breath, you took measures to block access to transparency tools that let your users see how they are being targeted.

In the company’s recent Wall Street Journal op-ed, Mark Zuckerberg wrote that the most important principles around data are transparency, choice and control. By restricting access to advertising transparency tools available to Facebook users, you are undermining transparency, eliminating the choice of your users to install tools that help them analyse political ads, and wielding control over good faith researchers who try to review data on the platform. Your alternative to these third party tools provides simple keyword search functionality and does not provide the level of data access necessary for meaningful transparency.

Actions speak louder than words. That’s why you must take action to meaningfully deliver on the commitments made to the EU institutions notably the increased transparency that you’ve promised. Promises and press statements aren’t enough; instead, we need to see real action over the coming months, and we will be exploring ways to hold Facebook accountable if that action isn’t sufficient.

Specifically, we ask that you implement the following measures by 1 April 2019 to give developers sufficient lead time to create transparency tools in advance of the elections:

Roll out a functional, open Ad Archive API that enables advanced research and development of tools that analyse political ads served to Facebook users in the EU.
Ensure that all political advertisements are clearly distinguished from other content and are accompanied by key targeting criteria such as sponsor identity and amount spent on the platform in all EU countries.
Cease harassment of good faith researchers who are building tools to provide greater transparency into the advertising on your platform.

We believe that Facebook and other platforms can be positive forces that enable democracy, but this vision can only be realized through true transparency and trust. Transparency cannot just be on the terms with which the world’s largest, most powerful tech companies are most comfortable.

We look forward to the swift and complete implementation of these transparency measures that you have promised to your users.

Sincerely,
Mozilla Foundation
https://foundation.mozilla.org/en/campaigns/eu-misinformation/

#DeleteFacebook #Openletter #MozillaFoundation
📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

COSP ROM

Our goal is to have an Pixel-like android ROM that isn't spying on you and uses as few system space as possible. Also, we provide the option to go completely without GApps using MicroG support.

We are focusing on stability and performance, having an debloated ROM is essential for that. Also, we want Users to decide what kind of Store they want to use, either F-Droid or the Play Store.
Also, we take User requests serious. To suggest something, contact us on telegram.

https://t.me/cospcommunity

https://t.me/cospnews


Features:

1) All systemUI tuning elements
2) An handy Network indicator
3) Charging Information
4) Lawnchair and Quickstep as default
5) Quick Settings mods
6) Signature spoofing
7) OP gestures
8) Navbar tuner
9) Rootless Substratum (with fixes to theme system correctly)
10) Screenshot/screenrecord tile
11) Advanced power menu
12) Double tap to sleep on statusbar
13) Option to disable quick settings/power menu on secure lockscreen

OTA Updating for official devices enables Users to get the newest version with ease.

ROM Source: https://github.com/cosp-project

#cosp #rom

http://researchprofiles.herts.ac.uk/portal/files/15699230/DIB_Final_published.pdf

LTE RSRP, RSRQ, RSSNR & Local Topography Profile Data for RF Propagation Planning & Network Optimization In An Urban Propagation Environment

- Oluyomi Simpson, Yichuang Sun

School Of Engineering & Technology, University Of Hertfordshire, Hatfield, AL10 AB, United Kingdom

http://usatcorp.com/wp-content/uploads/2016/06/lte-singal.png

SINR/SNR – The signal-to-noise ratio of the given signal.
RSRP – The average power received from a single Reference signal, and Its typical range is around -44dbm (good) to -140dbm(bad).
RSRQ – Indicates quality of the received signal, and its range is typically -19.5dB(bad) to -3dB (good).
RSSI – Represents the entire received power including the wanted power from the serving cell as well as all cochannel power and other sources of noise and it is related to the above parameters through the following formula:

RSRQ=N*(RSRP/RSSI)

Where N is the number of Resource Blocks of the E-UTRA carrier RSSI measurement bandwidth.

https://f-droid.org/app/com.lesspass.android

LessPass is a stateless password manager. It derives a site, a login and a master password to generate a unique password. You don't need to sync your password vault across every device.

The Facebook Dilemma

The promise of Facebook was to create a more open and connected world. But from the company’s failure to protect millions of users’ data, to the proliferation of “fake news” and disinformation, mounting crises have raised the question:

Is Facebook more harmful than helpful? This major, two-night event investigates a series of warnings to Facebook as the company grew from Mark Zuckerberg’s Harvard dorm room to a global empire. With dozens of original interviews and rare footage, The Facebook Dilemma examines the powerful social media platform’s impact on privacy and democracy in the U.S. and around the world.

🇬🇧 📺 The Facebook Dilemma (Part 1)
https://t.me/BlackBox_Archiv/116

🇬🇧 📺 The Facebook Dilemma (Part 2)
https://t.me/BlackBox_Archiv/117

📺 https://www.pbs.org/wgbh/frontline/film/facebook-dilemma/
Credits: https://www.pbs.org/wgbh/frontline/film/facebook-dilemma/credits/

#DeleteFacebook #Frontline #Part1 #Part2 #Podcast #Video
📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

Nearly 200 extensions for Chrome and Firefox vulnerable to data theft

The extensions open internal programming interfaces for web applications. This allows a malicious Web site to access the data available to the extension. While Firefox and Opera delete the add-ons, Google checks whether the errors can be corrected.

👉 Empowering Web Applications with Browser Extensions
Universite Cote d’Azur / Inria, Francedoliere.some@inria.fr
http://www-sop.inria.fr/members/Doliere.Some/papers/empoweb.pdf

#browser #extensions #chrome #firefox #datatheft
📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

iOS: Google services increasingly found in iOS apps

Some iOS users have deliberately decided to buy an iPhone in order to escape Google. I'm currently testing more apps on the iOS platform. It is becoming increasingly clear that app developers are more and more turning to Google services and integrating them into their apps.

Immediately after the start and/or during the use then various Google servers are supplied such as *.googleapis.com or app-measurement com with fresh data.

❗️This is not necessarily personal data. However, I believe Google is capable of creating a personal reference.

👉 So much about the idea:

I buy Apple so Google won't receive any data from me.

https://www.kuketz-blog.de/ios-google-dienste-vermehrt-in-ios-apps-zu-finden/

📡 @cRyPtHoN_INFOSEC_DE
📡 @cRyPtHoN_INFOSEC_EN

🇬🇧 Forge alliances - and create awareness!

Action day "against upload filter" on 23 March.
First demonstrations are currently being registered. Do yourself together with other people, ally yourself with initiatives, discuss, plan, exclude right-wing radicals from your alliances, have fun - and register a demo with the local assembly authority, public order office or police. Mobilize your friends, explain to your parents and colleagues why upload filters are dangerous. Paint signs, design memes, write appeals, post videos - and call your parliamentarians.

🇩🇪 Verbündet Euch – und klärt auf!

Aktionstag "gegen Uploadfilter" am 23. März.
Erste Demonstrationen werden jetzt gerade angemeldet. Tut euch zusammen mit anderen Menschen, verbündet Euch mit Initiativen, diskutiert, plant, schließt Rechtsradikale aus Euren Bündnissen aus, habt Spaß – und meldet bei der örtlichen Versammlungsbehörde, Ordnungsamt oder Polizei eine Demo an. Mobilisiert im Freundeskreis, erklärt Euren Eltern und Kollegen, warum Uploadfilter gefährlich sind. Malt Schilder, entwerft Memes, schreibt Aufrufe, postet Videos – und ruft Eure Abgeordneten an.

🇬🇧 https://medium.com/@TouristInSpace/should-laws-affecting-500-million-lives-be-forged-behind-our-backs-615324a88f20
🇬🇧 https://www.eff.org/deeplinks/2019/02/final-version-eus-copyright-directive-worst-one-yet
🇩🇪 https://netzpolitik.org/2019/uploadfilter-jetzt-hilft-nur-noch-protest-auf-der-strasse/

#NoUploadFilter #NoRacism #CreateAwareness