web – PrivaSecTech https://privasectech.com/ Wed, 13 Nov 2019 18:33:33 +0000 en-US hourly 1 https://wordpress.org/?v=5.4.2 Change your default search engine https://privasectech.com/change-your-default-search-engine/ https://privasectech.com/change-your-default-search-engine/#comments Sat, 10 Nov 2012 23:40:23 +0000 http://privasectech.com/?p=341 Continue reading Change your default search engine]]> Most of us use a search engine such as Google or Yahoo daily without taking much time to consider the inherent privacy implications.  If you have some time, I recommend you review the privacy policy of startpage and DuckDuckGo as they’re easy to understand and informative about the risks of using search engines, and then for contrast check out Google’s privacy policy. If you’re like me and make your online privacy a priority, the information found in these privacy policies will lead you to want to cease using Google and choose between startpage from ixquick, and DuckDuckGo for your online search needs.  Neither of them collect or share your personal information (this is not the case with Google).

While you can use either these pages for search, I recommend you choose one to be your new default search engine once you have a preference. Make sure you choose the https:// (secure) option and not the http:// version!

If you’ve done this correctly, now you can securely and privately search using the URL bar of your browser.

If you know of any other privacy-forward search engines, let me know!

https://privasectech.com/change-your-default-search-engine/feed/ 1
A must have hosts file https://privasectech.com/a-must-have-hosts-file/ Tue, 25 Jan 2011 04:58:24 +0000 http://privasectech.com/?p=71 Continue reading A must have hosts file]]> My friend Dan Pollock has been compiling the must have hosts file for some time. According to Wikipedia, the hosts file is a computer file used in an operating system to map hostnames to IP addresses. The hosts file is a plain-text file and is traditionally named hosts. What Dan’s host file does it list all of the known hostnames that are undesirable, and redirect them to localhost (back to your computer instead of to their website). This makes your web surfing faster, more private and more secure. Check out Dan’s list. I recommend you replace your host file with Dan’s, there are instructions on how to do this on his website.


On MacOSX:

  • Open Terminal (Under Utilities). Type this:
  • sudo cp /etc/hosts /etc/hosts.backup
  • # this backs up your current /etc/hosts in case something goes wrong, you can “sudo cp /etc/hosts.backup /etc/hosts”Enter your password, and you should be back at the prompt when this is complete
  • Copy and paste this entire file  to your Desktop as a file called “hosts” in TextEdit in UTF-8 after choosing: Format: Make Plain text. (Uncheck the box checked that says if no extension provided leave as .txt)
  • Now go back to Terminal and type:
  • sudo cp ~/Desktop/hosts /etc/hosts
  • (If you’ve taken more than a few minutes between steps here, you’ll likely have to enter your password again here)
  • Now run the command in terminal:
  • grep Last /etc/hosts
  • If it shows a date, you’re all set (the date is which version of Dan’s file you’re using)! For example, as of writing this, mine says:
  •  # Last updated: Apr 17th, 2012 at 01:44
  • If at any time you want to backup to your old file in Terminal:
  • sudo /etc/hosts.backup /etc/hosts


Borrow your neighbours identity https://privasectech.com/borrow-your-neighbours-identity/ Thu, 28 Oct 2010 00:21:28 +0000 http://privasectech.com/?p=50 Continue reading Borrow your neighbours identity]]> If you have a wireless card in your laptop or netbook, you should see if it can be put into monitor mode/promiscuous mode. If so, this means you can “sniff packets” (watch all the internet data flying by your antenna). In a coffee shop or internet cafe, or near a condo/apartment building, this can be quite a lot. With software like wireshark you can log all of these packets and see what type of fun information you can find. This will include all of (non-encrypted) web surfing, and emails going by!
In 2007, Errata Security released Hamster and Ferret software which packet sniffs certain packets of data called session cookies. This process is called HTTP session hijacking which is more commonly called sidejacking. You load the Hamster proxy in your browser, and it will list all of the session cookies it was able to find. This allows you to login to existing web sessions on websites like gmail and Facebook, and hundreds of others as another individual.
This week Eric Butler released Firesheep which does the same thing, it’s just a lot prettier and a lot easier to use. It has got a lot of media attention. Just remember, sidejacking is nothing new, and with software like wireshark you can sniff all internet traffic, not limiting it to just session cookies!
While we don’t condone malicious activity, anything that can raise awareness to the benefits of encryption is a good thing. Did you realize that almost every website you go to, and every email you send is also in plain text? Even if you’re not using wireless, but a wired connection, these packets all go across dozens of computers on the internet like a postcard until they get to the intended recipient? Perhaps it’s time we all start encrypting our emails and demanding websites use encryption. It helps us maintain both privacy and security.