It’s been over a month of dedicated TailsOS usage (due to main disk dying some bit ago).
I enjoy Tails, will continue using it (as with Debian, Whonix, Qubes, Arch).
But given restrictions found in privacy / anonymity focused operating systems, sometimes we need a longer term solution for working more productively (without driving ourselves crazy).
TODAY’S VIDEO
Decided to do a bit of ‘distrohopping’.
Installed Manjaro with (minimal) XFCE desktop. Downloaded XFCE ‘minimal’ image to try to make better use of older hardware.
Continuing to bring solutions and setup tips for all Linux distros (including Pop!OS).
Ubuntu has always been a tad heavy.
And so, nothing changing here. Will continue introducing ways you can customize your system in ways that protect your privacy, security. No matter the distro you run.
TRY XFCE
Ever get the urge for a full GNU/Linux desktop experience, on a lighter, faster level?
You may like to try XFCE.
Sure, it’s not the ‘lightest’ of all, but certainly lighter than KDE / Gnome.
SCREENSHOT:
This screenshot was taken the day of installation. Nothing has been changed. Wanted to capture the “post install moments” screenshot.
Always been a favorite of mine. XFCE desktop is actually what I’ve run most my years with Linux.
If you run Pop_OS (or any other distro), you can easily install XFCE.
When you add XFCE, it doesn’t automatically delete your old desktop! (you aren’t losing anything – as long as you don’t choose to remove your current)
After installing XFCE there is usually an option to select it at your login screen
It’s lighter than alternatives like KDE / Gnome
Nice option for older machinesThe great thing about Linux: tips here can be pretty universal. Sure, a few package manager commands are slightly different, but it’s generally a matter of either “apt” (Debian), “pacman” (Arch), or “dnf” (Fedora / Redhat / CentOS).
(I try to include command conversions on important tutorials)
TIP: Try out a lightweight XFCE desktop. No matter your operating system, XFCE is likely available.
Simply search your package manager (graphical or commandline) for xfce4, as a start.
Pop_OS / Debian: apt update && apt install xfce4
Manjaro / Arch Based: pacman -Ss xfdesktop
(if any of the above commands are wrong for your system (or you have trouble) comment)
Thanks for following and sharing this on Social Media, Telegram, everywhere.
Learning to check SSH fingerprints is a staple for using remote ssh safely. Failure to match fingerprints opens us to potential MiTM.
[ Did you miss ssh writeup Part I? We discuss how default Linux OS hostnames can sometimes give away default password, pitfalls in numerical passwords (changing default passwords should be priority #1).
First we identified the OS by default hostname, then we used a “most common numerical pin number wordlist” to crack the default SSH password in seconds, demonstrating how successful ssh cracking (using Hydra) looks, and offering solutions/advice HERE) ]
INTRODUCTION
Do you accept “new” ssh client key fingerprint prompts without checking them against the server in question’s own key fingerprint?
If you accept ssh key fingerprints (without verification), you may be setting yourself up to be an unwitting victim of a MITM (Man In The Middle Attack).
[This topic is covered in PART II (scroll down for Tutorial]
Additionally in PART II, we swap out weak default password authentication, to a much stronger (passwordless) RSA key authentication login assisted by ssh-keygen (we use to generate strong keys).
After which, we disable the password login option altogether (to prevent brute force attackers), and finally, we restart SSH for all changes to take effect.
As a Bonus, a video covers converting SSH server to a Tor Hidden .onion service, adding additional security/encryption benefits (without need for open ports).
(REFRESHER) PART I:
Part I video is below, covering weak default password examples in real Pinephone operating systems (applying to all Linux / UNIX machines / default logins).
In this scenario, we first scan machines on the LAN (as an attacker would), immediately identifying operating systems by their default hostname. After which we use Hydra (brute force cracker) to run known default username/pin number lists against the SSH server identified OS of our Pinephone.
After demonstrating how easy it can be to identify and crack SSH logins on machines sharing the same connection/LAN, we then go in to tighten up sshd_config settings to prevent future brute force attacks. As well as talk password security.
Today’s Video continues on from this SSHD Config angle.
As the introductory paragraph details, first we check key fingerprints shown by our ssh client against the server side’s ssh key fingerprint. We must ensure these fingerprints match, otherwise we risk MITM attack. Never accept new fingerprints without verifying.
ADD SSH KEY AUTHENTICATION (NO PASSWORD NEEDED)
(ssh more securely)
Have you ever accepted a fingerprint and wished to start over to be sure? (to: delete all saved keys for host / server and reconfirm fingerprint?)
REMOVE PREVIOUS KEY FINGERPRINTS (CLIENTSIDE):
ssh-keygen -R HostHere
CHECKING FINGERPRINT (SERVERSIDE):
ssh-keygen -lf /etc/ssh/ssh_host_ecdsa_key.pub
NOTE: THE ABOVE COMMAND IS ECDSA. LATEST AND GREATEST ADVICE IS FOR ED25519. CHECK THIS:
ssh-keygen -lf /etc/ssh/ssh_host_25519_key.pub
NEXT:
Connect (from clientside) to our SSH server to check the fingerprint output. Does it match the above “CHECKING FINGER (SERVERSIDE)” output?
See the screenshot below to watch this comparison in action.
SCREENSHOT CHECKING FINGERPRINT (COMMANDS ABOVE):
IMPORTANT: I felt the need to explain 01:56 — do not accept the key (unless you previously recognize it). This key fingerprint acceptance is to demonstrate the plain ‘password: ‘ prompt itself (fingerprint acceptance required to show). Follow below for fingerprint checking instruction (or follow video after 3min).
TIP #1 FINGERPRINT CHECKING: Check the server’s fingerprint from a separate network (if working remotely from it), or if you have physical access + a monitor, even better. By using a separate network to check the fingerprint upon connection, you are compartmentalizing both client checks from one another, further verifying fingerprints match from multiple networks.
Running the fingerprint checking locally (serverside) is always the best method (when possible).
TIP #2 FINGERPRINT CHECKING:
write hosts/fingerprints down , post them on your wall/corkboard/office: no risk in having a written list of your machines hostname/ip + correct ssh fingerprints. This can save you from having to check.
Why? You may one day need to login from a new machine without physical access to the server. Having record can help you check without risking the login/accepting fingerprints remotely.
After working on fingerprint checks, we add the key to our server, allowing our client machine to automatically login upon connection.
GENERATE RSA KEY PAIR
ssh-keygen -t rsa -b 4096
PASSWORD-FREE KEY AUTH: MORE SECURE SSH ACCESS
COPY KEY TO SERVER:
ssh-copy-id username@host
SEE SCREENSHOT BELOW FOR ABOVE STEPS IN ACTION
After successfully copying our key, we then connect by ssh to test it, if it lets us in without problem or password, we did it!
TESTING PASSWORD FREE KEY AUTHENTICATION
TIGHTEN UP SSHD_CONFIG (SERVERSIDE)
We add a few more lines to /etc/ssh/sshd_config, ensuring only our machine can login: (disabling password guessing by relying on our newly minted key alone)
/etc/ssh/sshd_config:
PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no
Restarting SSH allows our configuration changes to take effect:
sudo systemctl restart ssh
[Timestamps are found inside the video description]
* BONUS: PART III: Tor SSH .Onion (Hidden Service):
This 3rd (optional) video shows how to setup SSH access as a Tor Hidden Service.
BENEFIT #1: By disabling ssh locally and allowing only the Tor ssh we prevent unknown machines from attempting brute force attacks (if we failed to follow previous videos). The only ssh attempts will be from those you give the onion address to.
BENEFIT #2: Additional layer of end to end encryption between the tor clients on ssh client and server side. Add to this the ssh encryption keys/fingerprints themselves on your client/software side, and you have a much more secure ssh setup.
Comments/Questions Welcome below:
Like content/videos like this? Share it with Linux users (Reddit, Telegram, Discord, IRC).
ā¤ļø If you appreciate content like this and want to ā Buy Me a Coffee hit ‘support’ button on: Home Page
Thoughts, comments and any questions welcome below.
Share this post with everyone. Leave your thoughts below.
(Share to help this grow. ā¤ļø ———————————————————————- PUBLIC COMMUNITY SERVERS: š§ š ANONYMOUS GITEA (.onion):Books, Code/Scripts, Wiki, more (make a repository) š§ š PASTEBIN (.onion): anon pastebin pw protect, zk-256bit, “Burn After Reading” + more ———————————————————————- š š¤ SUPPORT (If you like) š EXTRAS: something unique for your Support here ———————————————————————- FOLLOW: āš MASTODON š¦ TWITTER šŗ š PEERTUBE šŗ š BITCHUTE šŗ š ODYSEE šŗ š YOUTUBE ——————————————————————— ā CONTACT ————————————————————————
NOTE: Most people don’t need this tutorial – in fact no one truly “needs this”.
But with Human Rights and Journalism under threat, war repressing rights around the world, this tutorial can serve as an example: a “zero trust” communication method, whereby no single point of failure is relied upon.
Does it enhance security/privacy over either PGP, or Tor Hidden Service, or Privatebin alone?Absolutely! We are compartmentalizing and multiplying! š
To be completely honest: Most people should not go through the trouble!
Part of my effort to bring unique tutorials to Politictech.
Big Thank You to the ā¤ļø Supporters (this month):
Greg and Tammy.
Tutorial now public!
First Shared with Supporters days ahead of time (sometimes weeks ahead as with other tutorial in progress).
If you want to Support this, you can now “buy me a coffee ā” at the bottom. 3 monthly membership options listed on frontpage “padlock Membership” button.
This displays an idea: combining multiple tools/security/privacy tricks we covered recently (avoiding each single point of failure + trust problem: seen in most encrypted communication)
TODAY WE COMBINE:
PGP Message 3072 bit RSA Encrypted PGP Message Pasted into:
PrivateBin 256bit zk-snark AES Encrypted (Stored on server without host having access)
Hosted As: Tor Hidden Service (RSA end to end encryption in transit – before reaching internet)
(All Videos/posts demonetized. No sponsors steer opinion / advice here. Support below.
In the above video, we shared a hypothetical situation, where a specific PGP key was shared.
Demonstrating sharing keys in the above video using privatebin pastebin is one option, all while selecting “burn after reading” to ensure only 1 person can possibly read that key.
But the conversation doesn’t have to end there…
If sharing a public key uses Privatebin, we could just as easily be sending encrypted PGP notes inside the passphrase protected AES 256bit Encrypted Private Pastebin.
MORE SECURE THAN PGP ALONE?
For communications opsec (operational security), we take advantage of PGP Tutorials we recently covered, combining this with the ore recently shared “zero knowledge” encrypted pastebin knowledge.
Keep reading for a unique tutorial…
If you missed those, this tutorial requires recommends first learning the GPG / GPA ropes below:
SECURITY TIP:We could share BOTH PGP public key AND the encrypted PGP messages within our AES password protected, “burn after reading” privatebin, for a more secure, compartmentalized situation.
OUR LOCAL KEYRING:
Open GPA —> Windows —> Keyring Manager —> New Key:
Creating temp usage key (set expiration date):
Once this key expires it no longer can be used by anyone else to encrypt new messages. And thus can’t be used to forge messages by you in future, if ever (somehow) compromised – as unlikely as that is.
Example Key Expiry: 2 Weeks
TIP: Setting the key to expire at the end of communication ensures no future messages will be encrypted by this key (in case it somehow became compromised in the future, however unlikely).
TIP: Expired key has no bearing on ability of private key to decrypt message.
We write our message in PGP Clipboard:
āļø We Have Our Temp Key
Choose: Who Is Our Message To And From?
(You may even write a message to yourself, if you like!)
After Hitting “OK” Our Encrypted Message Is Ready To Cut / Paste Anywhere:
Next: Pasting Into Tor Hidden Service zk-256bit AES Encrypted Pastebin:
(note we selected “burn after reading”, added passphrase and only pasted encrypted message itself)
Next We Hit “Send” To Create Our New 256bit AES Encrypted Message.
Then we right click to copy the password protected encrypted paste onion address:
Benefits:
No Single Point Of Failure Relied Upon.
All requirements must be met to read message sent this way.
“ALL” BE FULFILLED SIMULTANEOUSLY, TO READ OUR MSG:
Control of PGP Keys + associated keys passphrase AND
Burn After Reading: only ONE can view pastebin message AND
AES Encrypted “zero knowledge” (even host can’t read the encrypted PGP ciphertext – as little good that would do for them!) AND
256bit AES Encrypted Pastebin message passphrase further protects the PGP encrypted message itself
Tor Hidden Service providing End-To-End encryption for entire sequence of data (RSA encryption, .onion making up public key)
As you can see, our message is quite secure! š
More than most would ever care to use, or need, but serves as an example: how we can use a little creativity + combinations to further increase the privacy/security of any given message/communication.
On the receipt of Privatebin message, loading the sharable link opens 1 time (“burn after reading” setting), and requires a password to decrypt.
Opening the link in Tor Browser will prompt for password before even displaying the encrypted PGP message, which will then still need to be decrypted in GNU Privacy Assistant / gpg using the correct keys/passphrase:
This post first dedicated/available to Buy Me A Coffee Supporters. Thank you for your Support.
To those who join as monthly coffees membership: thanks for joining! š
I release what I can, when in position to do so.
Help me share this.
Advanced Tip: For more insanely private secure messages (unnecessarily so), we could combine: airgap PGP machines, steganography + encryption to embed PGP messages inside images, finally attaching this picture file to AES encrypted zero knowledge pastebin.
This would be far”too much” for most. Security usability has its limits. I find that a bit too far.
Still, decided to share some related concepts as unlikely as it were to be used.
See previous post/video on combining hidden steganography + encryption: Here. (encrypted volume inside video files tutorial)
Coming up we take a look at privacy respecting open source alternatives to the
Social Media giants.
Thank you for visiting! If you would like to help with coffee/sdcards/hardware costs for the channel/blog (ex: video rendering killed hard drive Jun 2022), Iād love that. Either way, I sincerely appreciate Likes, Shares and Comments! Thank you. š
———————————————————————- š š¤ SUPPORT š (If you like to:BTC listed here, Monero directly below) ā¤ļø M0NER0: 48qtspi5En44mJZLeiMoHYFEmuJfQYb5DLQxLDr7d1NXc53XaAvoT8PS3wBrhEc3VY1wxu5Rgw6oKBYgahpSAYnpHntbQNM š³ š EXTRAS: Support here for something in return – like your own privacybox: all in one encrypted pastebin + Nextcloud Tor Hidden Service Server/router. š¤ šµ CASHAPP: $HumanRightsTech ā¤ļø šŖ š Membership: private Nextcloud Tor Hidden Service “ā coffee room” chatroom + file share, early/extra access, more ———————————————————————- š² FOLLOW:ā¬ ā š MASTODON š¦ TWITTER šŗ š PEERTUBE šŗ š BITCHUTE šŗ š ODYSEE šŗ š YOUTUBE ———————————————————————-
šļø LINKS / PUBLIC SERVICE š
———————————————————————- š§ š GITEA SERVICE (.onion):Books, Code/Scripts, Wiki, more (make a repository) š§ š PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s) ——————————————————————— ā CONTACT ————————————————————————- THANK YOU for Sharing. ————————————————————————- If you aren’t registered for Odysee I’d love to see you over there. Use my invite link: https://odysee.com/$invite/@RTP ———————————————————–
ā¤ļø If you ever buy a grand total 6 āāāāāā coffees (whether 1 at a time, however, over any period of time, no matter how long ago), or are a ā¤ļø monthly member of 6+ months, and are interested in one of the supporter image (.img) in “extras“: please do, contact me. I will be happy to oblige.
I came up with the idea to create unique support incentive gifts, specifically designed to offer something “extra” as a gift to offer something in return for supporting this work. Supporting allows for more dedication of time, work, and resources, code and servers.
Your safety online matters to me. Ask away any questions you might have.
ā„ļø Thank you for visiting! If you like what I do and want to help with ā coffee / sdcards / hardware costs for the channel/blog (ex: video rendering killed hard drive Jun 2022), Iād love that. Either way, I sincerely appreciate Likes, Shares and Comments!
Thank you. š
šļø LINKS/SERVICES š
———————————————————————- š§ š GITEA SERVICE (.onion):Books, Code/Scripts, Wiki, more (make a repository) š§ š PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s) ———————————————————————- š š¤ SUPPORT š (Buy me a coffee (if you like), current BTC/M0NER0 Listed Here) š³ š EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server. š¤ šµ CASHAPP: $HumanRightsTech ā š š Politictech Membershipā¤ļø (monthly supporter option + early/extra access) šŖ Politictech Main Page: (info + current links/addresses) ———————————————————————- š² FOLLOW:ā¬ ā š MASTODON š¦ TWITTER šŗ š PEERTUBE šŗ š BITCHUTE šŗ š ODYSEE šŗ š YOUTUBE ——————————————————————— ā CONTACT ————————————————————————- THANK YOU for Sharing ————————————————————————- If you aren’t registered for Odysee I’d love to see you over there. Use my invite link: https://odysee.com/$invite/@RTP ————————————————————————–
I may add more text to this in future edits to add more information/facts/details for everyone. For now, the latest video.
āļø Thank You For Following! (making an account and comment/follow is FREE)
Share links to these tutorials / videos. Even random video comments helps this work move up in search engine rankings (engagement + backlinks) – thanks for your help. Telegram /Discord another great place to share.
Some unique topics are not searched for naturally + big tech is not interested in promoting real privacy going against their business model.
No, I’m not here selling you a sponsor VPN (that no one can audit). I’m here to bring you privacy tutorials honestly. Things you don’t have to pay for. Something you won’t find shared most places.
ā¤ļø But really, what I appreciate most, is those who take the time to repost these tutorials/videos. Thank you. Other optional Support options on Main Page including extras / membership.
š§ š Public Community Politictech Servers (Tor Browser Access: No Registration Needed)
First, we learn how to use symmetric ciphers in gpg to encrypt file backups to securely transfer files on email and any other platform (symmetric cipher keeps encrypted data secret except for those knowing the passphrase)
We learn to backup our PGP keys and transfer them to a new device (securely)
We learn to use scp (ssh file transfer) to transfer files directly using encrypted connection
(click image below to watch on decentralized Peertube channel or watch the embedded Youtube video below it)
Thanks for watching! š
If you missed the other related SSH and PGP guides, see:
Comments/questions welcome! Happy to answer questions. Free to register to comment/follow.
š ** Sharing links to this moves this content higher in algorithm. **
Thanks for Supporting this with š¤² Shares / Support options below.
āļø Thanks for being a follower (it’s FREE!). Followers get only the most interesting posts by email.
Options are below. Thanks for your Support.
Your safety online matters to me. Ask any questions you might have.
ā„ļø Thank you for visiting! If you like what I do and want to help with ā coffee / sdcards / hardware costs for the channel/blog (ex: video rendering killed hard drive Jun 2022), Iād love that. Either way, I sincerely appreciate Likes, Shares and Comments!
Thank you. š
šļø LINKS/SERVICES š
———————————————————————- š§ š GITEA SERVICE (.onion):Books, Code/Scripts, Wiki, more (make a repository) š§ š PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s) ———————————————————————- š š¤ SUPPORT š (If you like to) š³ š EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server. š¤ šµ CASHAPP: $HumanRightsTech ā š š Politictech Membershipā¤ļø (monthly supporter option + early/extra access) šŖ Politictech Main Page: (info + current links/addresses) ———————————————————————- š² FOLLOW:ā¬ ā š MASTODON š¦ TWITTER šŗ š PEERTUBE šŗ š BITCHUTE šŗ š ODYSEE šŗ š YOUTUBE ——————————————————————— ā CONTACT ————————————————————————- THANK YOU for Sharing this, Liking, and Subscribing. ————————————————————————- If you aren’t registered for Odysee I’d love to see you over there. Use my invite link: https://odysee.com/$invite/@RTP ————————————————————————–
When it comes to Human Rights, strong encryption can become the great equalizer.
š Upgrade Your Security / Privacy Game With PGP
(watch on decentralized Peertube by clicking the image below)
š½ļø Today’s video: Learn PGP in just 11 minutes of video.
Given the current political world climate + ongoing attacks on end to end encryption messengers, I felt this topic appropriate.
No matter what happens to encrypted messengers, PGP will always be there for you.
Many ways to use it, and I will continue covering different ways to use it for the community. š
Who is this for?You can use this on ANY operating system/computer.
(Even on a Pinephone: I use GPA on mine).
(Support / Extra options (including crypto) found at bottom of this post. Most of all Sharing this helps this content move up the algorithm. Thank You.)
PGP Public / Private Key Communication:
(watch video down below for demo + instruction)
Imported Public Key Verifies Signature:
Scenario: Alice writes message to Bob, signs using her private key, and Bob is able to verify it was from Alice herself, as he imported her public key into his keyring. This public / private key system (asymmetric) offers proof of signature.
Without being signed by her actual key, validation would not be proven.
FIRST STEPS: Add Contact’s Public Key To Your Keyring First: (To Communicate)
NEXT: Verify Fingerprint (see signature verification post below for more info on this process):
Watch below video to see the encryption demo + instructions on decryption process + benefits.
šŗ VIDEO TUTORIAL COVERAGE:
Write exclusive encrypted messages (only recipient can open)
Decrypt messages written exclusively for your key
Create new PGP keys
Learn how PGP provides stronger security to messengers
Learn to exchange public keys (making messages private/exclusive)
PGP allows compartmentalization of encryption from the message transport (allowing situations such as airgap)
Learn to verify signed Linux images to ensure you install safe software
Drawbacks? Some may say lack of perfect forward secrecy.
You can certainly get creative with versatile PGP!
NOTE: diagrams + screenshots found below video for your reference
š Upgrade Your Security / Privacy Game With PGP
(watch on decentralized Peertube by clicking the image below + mirrors below that)
After watching and learning about verifying your Tails Image (or other Linux downloads), why not setup Tails USB disk to continue the process and take full advantage of PGP benefits and have confidence in your Linux setup?
You can do it! Leave comments if you get stuck.
āļø Full Signed Linux Image PGP Verification/Integrity Guide (if you missed it):
šæ Related Flashback: Install Tails USB Encrypted Persistence/Customization: (since covering verifying Tails in example, this fits the post!)
These Tutorials are for everyone. Thanks for Sharing them.
Reaching people makes it worth it.
š ** Sharing links moves this content higher in algorithm. **
āļø Following is FREE!). Followers get only the most interesting posts by email.
Share to help grow past the algorithm.
Tutorial Posts for everyone, sometimes share extra/custom tips with those supporting this behind the scenes, helping to upgrade/dedicate hardware (ex: this last year costs included new microphone / screens/, dedicated hardware servers (like community dedicated: Tor Hidden Service š§ š Encrypted Pastebin + š§ š Gitea Onion Server for wiki/code).
ā¤ļø If you appreciate content like this you can now ā Buy Me a Coffee hit the support button on: Home Page + at bottom of this post.
ā„ļø Thank you for visiting! If you like what I do and want to help with ā coffee / sdcards / hardware costs for the channel/blog (ex: video rendering killed hard drive Jun 2022), Iād love that. Either way, I sincerely appreciate Likes, Shares and Comments!
Thank you. š
If everyone reposts links, this channel/tutorial community will rank higher on search engines (algorithm rewards backlinks to this).
Thank you for your help in this mission.
Online safety matters to me. Ask questions you might have.
šļø LINKS/SERVICES š
COMMUNITY SERVERS
———————————————————————- š§ š GITEA SERVICE (.onion):Books, Code/Scripts, Wiki, more (make a repository) š§ š PASTEBIN (.onion): options- password protect, zk-256bit, “Burn After Reading” + more (use Tor Browser for .onion’s)
SUPPORT THIS ———————————————————————- š š¤ SUPPORT š (If you like to) š³ š EXTRAS: (bonus offers / support). Support here offers something in return – like your own privacybox: encrypted pastebin + Nextcloud Tor Hidden Service Server. š¤ šµ CASHAPP: $HumanRightsTech ā š š Politictech Membershipā¤ļø (monthly supporter option + early/extra access) šŖ Politictech Main Page: (info + current links/addresses) ———————————————————————- š² FOLLOW:ā¬ ā š MASTODON š¦ TWITTER šŗ š PEERTUBE šŗ š BITCHUTE šŗ š ODYSEE šŗ š YOUTUBE ——————————————————————— ā CONTACT ————————————————————————- THANK YOU for Sharing this, Liking, and Subscribing. ————————————————————————- If you aren’t registered for Odysee I’d love to see you over there. Use my invite link: https://odysee.com/$invite/@RTP ————————————————————————–
Attorney General William Barr held a press conference recently. Wherein he requested “assistance” of major tech companies across USA, asking them to implement “encryption backdoors” to make prosecuting Americans easier work, all while risking the future of US tech industry in the same breath.
Also Pentagon signs contract with Turkish National run Sierra Nevada Corporation for “Surveillance Balloons” 65,000 feet above USA to “deter drug crime.” As I have mentioned in past work the “War On Drugs” is a farce Nixon first declared it to target anti war protesters & peace activists. Still used today to illegally target activists, human rights groups, etc. I used to fear saying it out loud, but it’s the truth. I will not stay silent.
For more on the backdoor threat to the US tech industry & surveillance balloons watching American citizens 24/7 see our latest video:
Please Like, Share & Subscribe. We appreciate your support.
So recently I discovered Parrot Linux Operating System. It’s great. No, really, it is! š
In the last 20 years I have used around 30 different Linux distributions & Parrot Linux has become my new daily driver.
Do you use Windows? Did you know Windows stores/saves ALL your private browsing data no matter which browser you use?
Do you trust the Windows Cloud? Cloud storage takes the power out of your hands & gives it to the administrators at Microsoft. You have no control over it or who accesses your data.
Do you trust Windows? Did you know Microsoft Windows 10 logs & tracks everything you do on the system & sends that information back to Microsoft? Could/would they or any of their employees selling customer data to data aggregators? (data aggregators make a ton of money building profiles on individuals & as seen in 2016 election, targeting them with ads/propaganda).
This is not intended to bash Windows. I just don’t like the direction the company is heading.
Linux is free. No, not just in price. Free as in freedom. You have full control over the entire repository of software installed on your system. You can add, remove, even modify anything you want. There is no forced cloud usage nor do most Linux systems log your activities. It is a great operating system choice for budding programmers given the wealth of compilers/editors.
This is where Parrot Linux comes in:
Anonsurf comes to let you direct ALL traffic through Tor, at will. This includes DNS traffic through OpenNic to prevent ISP from spying on you (did you know ISP’s now can legally sell your private data?)
Jailed programs: all programs are safely run inside a sandbox
Linux is a true multiuser system: this means a virus can’t destroy your entire system when running programs logged in as a low level user. Only the administrator privileges can destroy your system. Think of it as a safety/security hierarchy.
This operating system is also perfect for those trying to learn ‘hacking’ or penetration testing.
Still not sure? Well here is my review where I go over the features mentioned above along with other benefits of Parrot Linux:
Please like, subscribe & share to help show your support if you appreciate this content. It will motivate me to make videos/articles more often. It has been really hard to take off given my channel seems to be suppressed on Youtube. Given my stance on privacy it is not surprising.
Duckduckgo: an amazing Search Engine for an entirely new level of search engine privacy. DuckDuckGo was created with privacy in mind & even has its very own .onion Tor browser web address. This gives you multiple layers of privacy with proxy relays & encryption.
By using the .onion address (in tor) you are protected from sniffing/MITM (Man In The Middle Attacks) anywhere you use it. Whether that be for protection on Public Wifi at Starbucks or the office it keeps your information private from prying eyes & sniffer attacks.
Even if you choose not to use Tor for DuckDuckGo’s .onion web address it still avoids tracking you unlike all other search engines.
Learn more about how it protects you on public wifi networks:
HowTo: Privacy & Infosec 