Blog Posts

Privacy and Anonymity Tool Kit

This page is a work in progress, so expect regular updates and amendments.
Got any suggestions or feedback for this article? Message me here.

Red Pill

The short version...

  • Zoho Vault: Online password manager (free for personal use)
  • Keybase.io: Crypto made easy, for everyone (free).
  • ProtonMail: Encrypted email (free account available).
  • ProtonVPN: Virtual Private Network (free account available).
  • Tor: Surf the Internet anonymously (free).
  • StartPage and DuckDuckGo: Private search engines (free).
  • 1.1.1.1: Secure, private DNS for a faster, better Internet (free).
  • Signal: Secure messaging app. It's free, fast, simple and secure.
  • VeraCrypt: Free open source disk encryption software.
  • Qubes OS: A reasonably secure operating system (free).

If you would like 1-to-1 online training, you can hire me.

I'm going to start the list off with an absolute must have app. Zoho Vault is an online password manager that is perfect for individual or corporate use. It's FREE for personal use and only $1 per user for the corporate plan (sharing passwords and secrets within your teams is a key feature of the corporate plan). Unlike most other password managers on the market, you can use the FREE version across multiple devices at no cost, no strings attached.

Another must have, is the

The next app in our tool kit is Keybase.io. With Keybase, anyone can encrypt or decrypt messages and files using strong cryptography. Absolutely no knowledge of PGP/GPG is required. The app is available for every platform, including Android and MacOS. You can use the software to verify ownership of social media accounts, websites and other online accounts. You can chat with friends, family and colleagues or complete strangers using end-to-end encryption. All without knowing a thing about cryptography. If you only use one app on this list, make sure it's Keybase.io

Next up is ProtonMail. Simply put, it's email with encryption built-in. You can register and use it anonymously, which makes it a great choice for whistle blowers, freelance journalists and hacktivists alike. Your inbox, sent items, drafts folders etc are all encrypted and can only be accessed with your decryption key, meaning that even if someone hacked your account, without the encryption key, they will just see lots of encrypted text. The only drawback to encrypted email in my experience, is that both you and your recipient must be using an encrypted email service for it to be secure.

ProtonVPN is another great app by the makers of ProtonMail. You can download and use the service for free. Giving you a limited but very secure connection when needed. Use it when accessing public networks or checking your ProtonMail etc. A Virtual Private Network lets you connect to external websites and other cloud services via a secure (tunnelled) connection. Anyone trying to intercept the traffic between your computer and the destination server/service, will only see encrypted data.

Continuing with encrypted connections. Tor offers you both the ability to browse the Surface Web and Deep Web anonymously, and even host your own hidden (website) service. The Surface Web is anything that can be indexed by regular search engines like Google. The Deep Web websites are those sites that can only be accessed if you know the server IP or private domain name (search engines are oblivious to their existence), Tor is also used to access .onion websites, the Darknet (slightly deeper and more hyped than the Deep Web). I highly recommend using Tor for all your browsing.

If you prefer to use your regular browser instead of Tor, then consider using StartPage or DuckDuckGo for your online search engine needs. These two search engines let you search anonymously, with no tracking cookies, no geolocation logging, just simple unfiltered search results. Of course, what happens after you navigate away from these search engines, is entirely down to the website you visit. So, consider using StartPage and DuckDuckGo with Tor and ProtonVPN.

Now a quick tip for hiding your DNS footprints. Cloudflare have teamed up with APNIC to offer the Internet community a better, faster more private alternative DNS. So ditch your ISP's default DNS and start using 1.1.1.1 today. More on "Domain Name System" here.

Do you use Whatsapp ? So do I, for family and friends that is. A more secure alternative to Whatsapp, is either Keybase.io, as mentioned earlier. This pretty much does it all, from encrypted messages to secure file storage and providing a secure verifiable method of showing proofs for social media account ownership etc. But If you're only interested in the messaging side of things and you really like the feel of Whatsapp, then Signal offers the same experience but is open source, which means you or anyone else can review the source code and even compile from source.

An open source alternative to Microsoft BitLocker is VeraCrypt, a free open source disk encryption tool for Windows, Mac OSX and Linux. VeraCrypt is based on TrueCrypt and comes with all the features you'd expect from a disk encryption tool, though my favourite feature of all is the Plausible Deniability with support for hidden partitions and hidden operating systems.

I'm going to end my recommendations with the ultimate in online privacy and anonymity. Qubes OS is a Linux operating distro built with anonymity and privacy in mind. In short, Qubes OS can be configured to run apps in isolated areas of memory, called Qubes. You can even set up your email client to create single-use disposable Qubes for opening attachments. Which means, isolating any potential security risks to that single Qube, firewalling it off from the rest of the system.

If you would like support or 1-to-1 online training, you can hire me.

VeraCrypt

It's actually key to our privacy | Alex Winter | TEDxMidAtlantic

Directed by Alex Winter.

WordPress “MUST HAVE” Plugins.

Wordfence Security - "Wordfence Security - Anti-virus, Firewall and Malware Scan".

WPS Hide Login - "Protect your website by changing the login URL and preventing access to wp-login.php page and wp-admin directory while not logged-in".

Webcraftic Clearfy - "Disables unused WordPress features, improves performance and increases SEO rankings, using Clearfy, which makes WordPress very easy".

Remove Dashboard Access - "Removes Dashboard access for certain users based on capability".

WP Smush - "Reduce image file sizes, improve performance and boost your SEO using the free WPMU DEV WordPress Smush API".

WP Super Cache - "Very fast caching plugin for WordPress".

WP-Sweep - "WP-Sweep allows you to clean up unused, orphaned and duplicated data in your WordPress".

Page Builder by SiteOrigin - "A drag and drop, responsive page builder that simplifies building your website".

Black Studio TinyMCE Widget - "Adds a new 'Visual Editor' widget type based on the native WordPress TinyMCE editor".

Shortcodes Ultimate - "A comprehensive collection of visual components for WordPress".

Menu Icons - "Spice up your navigation menus with pretty icons, easily".

Menu Item Visibility Control - "Control the display logic of individual menu items".

Crayon Syntax Highlighter - "Supports multiple languages, themes, highlighting from a URL, local file or post text".

Yoast SEO - "The first true all-in-one SEO solution for WordPress, including on-page content analysis, XML sitemaps and much more".

wpDiscuz - "Better comment system. WordPress post comments and discussion plugin. Allows your visitors discuss, vote for comments and share".

WP Mail SMTP - "Reconfigures the wp_mail() function to use SMTP instead of mail() and creates an options page to manage the settings".

Jetpack by WordPress.com - "Bring the power of the WordPress.com cloud to your self-hosted WordPress. Jetpack enables you to connect your blog to a WordPress.com account to use the powerful features normally only available to WordPress.com users".

Cloudflare - "Cloudflare speeds up and protects your WordPress site".

BASH

Linux Terminal on Windows 10

If like me you prefer Microsoft Windows GUI and extensive product support over Linux, but you prefer the Linux terminal command line utilities (such as ssh, git, whois, etc) over Windows PowerShell. Then you’re in luck, because now you can have the best of both worlds.  All thanks to the Microsoft Subsystem for Linux.

Here’s what you need to do to install Linux terminal on Windows 10:

  1.  Right mouse click your start menu and select the option: Windows PowerShell (Admin)
  2.  Type or copy and paste the following line in to the PoweShell terminal.
    Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux [ then ENTER ]
  3.  Open the Microsoft Store app and search for your preferred Linux distro (Ubuntu, OpenSUSE or Kali Linux)
  4.  Click the Get button and when the download is complete click the launch button.

It’s that simple. No need to have dual boot or VirtualBox if all you need Linux for is the command line tools.

Tor Project - Hidden Service

Create a Tor Website on Ubuntu

This article will show you how to create a Tor Hidden Service website on Ubuntu Linux.

This is in no way an exhaustive set up procedure and we highly encourage you to read Tor best practices. With that said though, if you follow the instructions below, by the end of this article you will have yourself a fully working Hidden Service website on the Tor network. Continue reading