• Home
  • Top Articles
  • About
  • the_simple_computer

    Research for Security & Privacy

    Guide to Full Disk Encryption with Ubuntu

    Sept. 12, 2014

    Here is a complete guide to full disk encryption using Cryptsetup, dm_crypt and LUKS, allowing you to tailor the encryption settings to your specification. The title says Ubuntu and the walkthrough is in Mint but the instructions should apply to any distro which gives you either a live session or a shell where you can get root access to Cryptsetup.

    AppArmor tSc Style

    Jul. 13, 2014

    Recently I've been putting together some Apparmor profiles for Ubuntu based distros, just some default and useful internet facing programs. They're completely custom made, a 95% finished product and you just need to fill in some blanks for personalization and to shape them to your system.

    Ode to Those Unsung Heroes of Surge Protection

    Jun. 6, 2014

    Here's an especially mythical but useful topic. I want to dive deep into surge protection and how to best apply the concept to shelter your building's tender electronic insides. My thesis: Surge protectors at your building's service entry point for electrical, signal and data is, without question, the most cost-effective solution and will provide the highest level of surge protection. But that probably doesn't mean what you think...

    tSc's Windows XP Survival Toolkit

    Apr. 15, 2014

    Did you know that many people and businesses have no intention of changing their systems from Windows XP any time soon? The bloggers, security companies and tech news sites have all warned of biblical doom awaiting those who persist with their old ways of XP, but I'm not buying the fear and hype. Choice and practicality don't always coincide with software release cycles. I'm not saying you should indefinitely use Windows XP, my personal decision would be not to, but what's written here will at least buy you some more time as you form a decision.

    It's Good to be Back! (again, sort of...)

    Apr. 4, 2014

    They say good things come in threes, or is it bad things? No matter, because today marks the third time tSc has been completely remodeled. This renovation reverses the move from version 1 to version Wordpress so tSc is now pure & lovely HTML 5 and CSS 3 with a touch of non-essential JavaScript. The site is now lighter, faster, free of the huge rendering inconsistencies between browsers and entirely self-contained. Of course it also drops the entire Wordpress backend, thus eliminating what is a substantial security risk compared to not using it. I am pleased. However, one thing it does not do—nor is it intended—is work correctly in Internet Explorer below version 9.

    1 Month with the Midori Web Browser

    Jan. 2, 2014

    I installed Midori on a computer running Ubuntu 13.10 with the goal of displacing as much of my web browsing to there as possible for the next 4 weeks. Midori only needed 2 days to knock me into shock and awe. Sure, there were hiccups along the way but the overall browsing experience was about as glorious as could be.

    Oh /dev/sda! How Have I Displeased Thee?

    Oct. 22, 2013

    /etc/fstab is home to one of several files which tell a Linux box what partitions, drives and devices to mount and at which places in the filesystem to do so. What I attempt in this installation of tSc goodness is to condense the fstab experience into something palatable for new(ish) users. I have for you a range of settings to choose from and I’ve done some light benchmarks for some of those settings. Updated Apr. 29, 2014.

    Encrypt Your Linux Home Folder: 2 Ways and 10 Steps

    Sept. 28, 2013

    Here’s a quick & dirty guide to encrypting your home partition for Ubuntu & Debian based distributions.

    Opt Out of PRISM...You're Probably Doing it Wrong

    Jul. 4, 2013

    I’ve always tried to distinguish between protecting yourself from advertisers & malicious internet users and government threats. PRISM is the latter, and you can’t shake off a world superpower nearly as easily as marketing companies. I want to caution that most services and programs on prism-break.org will NOT protect you either.

    It's Good to be Back!

    Jun. 28, 2013

    the_simple_computer has received a facelift and returned from its hiatus of hosting problems. The past 2 weeks have been a reminder of how the internet is awesome, except for the times when it sucks. Apologies for the downtime and if you tried to contact tSc lately, I likely didn’t receive your message so please resend.

    Choosing a Linux Music Player

    May. 19, 2013

    In Userland, managing your music library is more important than kernels, ASLR, access control or any of that lame stuff. Thus I see no wrong in going full OCD and Synaptic shopping for a music player you’d want to get all snuggly with. Updated Nov. 25, 2013.

    Adventures in Linux TCP Tuning

    Mar. 19, 2013

    Recently I looked deep into adjusting Ubuntu’s TCP stack to squeeze out any extra performance. When the dust settled, it proved a worthwhile effort. I gained an increase in download speed on my home internet connection but there’s a lot more to the story than that. Updated Aug. 21, 2014.

    10 Exceptional Reader Questions

    Feb. 20, 2013

    I thought it a good idea to hunt down the best questions I’ve been asked by readers over the past year.

    Bitcasa, Google Drive and Phantom File Downloads

    Dec. 19, 2012

    Bitcasa and Google Drive are two attractive choices for cloud storage. However, I found that both services preserve shared links when the linked file is deleted from the account. It will, simply put, mean that you’re still sharing files when you thought you were not.

    Behind the Curtains of Encrypted Cloud Storage

    Dec. 2, 2012

    This round of tSc spectacle is a list of 22 different cloud storage providers which I'll judge by their cryptographic implementations and account authentication for both the client software and browser login.

    Tough Love: A Review of CryptoHeaven Secure Email

    Oct. 2, 2012

    Recently I was contacted by CryptoHeaven and asked to take a look at their secure email service and write up a review. Their open source desktop client manages your CryptoHeaven account which includes email, chat & cloud storage--all over true end-to-end encryption. Even CryptoHeaven states they have absolutely no way of accessing your messages.

    Yet this is not merely a review of CryptoHeaven, this is a chronicle of my experience with the software, the service and everything in between. I predict atmospheric highs and desperate lows both lie ahead, but I’ve already written a paragraph so I’m committed to seeing this through.

    Free Webmail for Better Privacy

    Aug. 10, 2012

    In the wake of 2013′s Summer of Surveillance, demand for ‘private’ email services has skyrocketed. New providers have popped into existence as a result of the Snowden leaks while other viable options have disappeared. Reasonable privacy and security are possible with email, but it requires some thought and work. Here is a list of email providers whose free services are a practical starting point. Updated Aug. 28, 2014.

    A Very Close Look at Comodo Dragon

    Jul. 15, 2012

    Comodo Dragon stepped onto the web browser scene in November of 2009 and like SRWare’s Iron, billed itself as the de facto privacy friendly alternative to Google Chrome. Dragon is closed source but built from Chromium’s source code. Dragon is Windows only, comes in 32-bit flavor and its release cycle generally keeps pace with Chrome stable. Like Chrome, Dragon auto-updates itself and themes & extensions for Chrome can be used in Dragon. Updated Aug. 25, 2012.

    Fingerprinting, CDI & How to Deal With It

    Jun. 10, 2012

    To set the tone, I’m just going to come right out and say it—you can’t spoof your way out of this one. The idea of fingerprinting is that an attacker can use many individual properties available from your system (ex. your screen size, browser, plugins, fonts, etc.) to reliably identify it. This means you just went from being 'the blonde' to 'the blonde in the red dress near the window with an espresso'. Get it? Updated Feb. 18, 2013.

    Google Chrome Allows Unauthorized Cookies

    Feb. 28, 2012

    Current versions of Google Chrome, Chromium and Chromium based browsers save cookies from certain domains even when the browser is told not to accept any cookies whatsoever. Unless the browser is set to delete cookies on exit, users who have disabled local storage are actually still accruing cookies and being tracked when they are explicitly under the impression that this is not happening. See my bug report to track this issue further. This has since been fixed.

    A List of DNS Service Providers

    Jan. 24, 2012

    Changing your DNS provider is one of the smaller layers to an overall security setup. It can provide benefit to browsing security and would certainly be necessary from a privacy perspective under a few circumstances. If you care about neither of those things, there are still several situations for when you’d want to use an alternative and even a few when you wouldn't. Updated Aug. 29, 2014.

    Search Engines for (almost) Everyone

    Jan. 1, 2012

    It's hard to top the convenience and speed of web searches through the address bar. Modern browsers can store multiple search engines to be summoned by keyword or letter of your choosing but just because there isn't an add-on or plugin to search your favorite website doesn't mean you're doomed. It just means you have to get creative. Updated Mar. 5, 2014.

    The Private Life of Chromium Browsers

    Dec. 30, 2011

    There is little argument that Chromium based web browsers are currently the most secure available but when it comes to Google and user privacy, the company has a controversial and unassuring history. Nonetheless, it is entirely possible to use a Chromium based browser with all the security benefits and no data mining downsides. Updated Mar. 31, 2014.

    tSc's Firefox Tweak Guide

    Nov. 21, 2011

    Since the beginning of time there have been websites dedicated to about:config switches with hopes of squeezing that last drop of performance out of Mozilla Firefox. In newer browser versions, the list of things to do on the configuration page has shrunken as some of these things have been rendered obsolete while others have been implemented as default. In this article, the changes still worth making are benchmarked in Firefox 7 to show the boost in performance they can give. We then end it with some some additional tweaks for security & privacy. Updated Jan. 14, 2014.

    The Site has Launched, Go Forth and Multiply

    Oct. 28, 2011

    So it begins