Home Forums Hunting & Shooting Hunter's Campfire Secure Communications Options (from an IT security professional)

Wonderful. Scratch Opera.

Check out the company that own the Signal Messenger. It's up 375% today LOL.

Thanks OH, I ran across that earlier. Looks like it would work fine.

Jake

I've installed Signal messaging on my phone. Does everyone i wanna message need to install Signal for messages to be secure?

*misread

Yeah. This is one of those tools that I am considering for secure communications in my community with a core group of like minded people where we need to pass information securely at a TACTICAL level. that's all I'll say about that. But certainly, if it picks up popularity, maybe it could be used as more of a mainstream app for general instant messaging. I'm at the point where I am in the process of creating a group of local people by word of mouth that can all have Signal or something similar installed on their phones and blast out quick reaction information securely, such as civil unrest and response. We, as Patriots, need to organize, at least at the local level to be able to protect our communities without big brother showing up at our doorstep imo. The enemy does it, we have to do it too. Signal looks like it may fit the bill.

We are out numbered by liberal whites and the mud races and have been for a long time. When was the last time a conservative won the popular vote maybe Regan?

just added this extension to Chrome, it seems to work well

Facebook stock down 4% and Twitter stock down 6% today.

Security is not a checkbox. Without even identifying what your risks are, how can you expect to manage risk?

While I may not "like" Facebook, how is looking at pictures of my dog's breeder's puppies a security risk?

A lot of people will forgo any effort to secure their privacy because they'll say, "I have nothing to hide." Essentially, they'll acquiesce in apathy because they don't see how it matters if "someone" can somehow read their email which is mostly junk and spam anyway. They probably even have several different accounts and don't think that they would use any of them for "secure" communications -- at least not until they needed "something" and nothing else occurred to them.

Ditching invasive tech is a good idea when you can do it, but more "secure" alternatives are usually a hassle that most people aren't willing to deal with. They will gladly trade their privacy and information security for a little convenience.

If you really want to repel the invaders, the first thing to get rid of is your cell phone. How many people are willing to do that? I ditched mine 3 years ago and haven't looked back.

Most people are wrapped up enough in their smart phone that they don't even use email anymore. If they do, they've given it all to yahoo or gmail. I ditched webmail providers years ago on principle.

I helped one person switch from Whatsapp to Signal. Signal, fwiw, depends on both ends having signal for end-to-end encryption. However, if the other party does not have Signal, you can still send and receive unsecured SMS via the Signal app.

The principled solution is to use hardware you own and control (no web-based, cloud-hosted, or SaS), an operating system and applications that are free (as in freedom and liberty) software.

Jake,

I'm a bit confused about your statement suggesting turning off browser password saving and autofill. Could you explain the dangers of not doing so please.

As an aside I installed Brave last night on both my desktop and Android 8.0 phone. Imported logons, passwords, bookmarks, from FF to Brave without issues. That import function is not available in the mobile version.

No issues at all.
FWIW I have Brave 1.18.78, Firefox 84.0.2, Waterfox Classic 2020.10, and Edge 87.0.664.75 (all 64-bit flavors) on my Windows 10 [Home (x64) Build 19042.685 (20H2)] desktop. Everything functions fine in all of these although I've made Brave the default and never use Edge unless a page won't display in any of the other browsers which, thankfully, has become much less of an issue in recent times.


Trying Qwant per your suggestion. Had been using DuckDuckGo with their Privacy Essentials extension....

I'm also running Comodo Internet Security Premium (firewall and anti-virus) and use Malwarebytes and their adwcleaner every 2 days.

This is with the assumption that a person uses a password vault for saving and filling in credentials. That was probably the context of my statement. If not, sorry for the confusion. Depending on the browser, your account data may be saved to the cloud. Even if it isn't, if the browser gets compromised, your account information may be stolen. The password vault applications are designed to more securely protect your credentials. As an example, I have my browser set to not save and not autofill passwords. I use something called Bitwarden password vault. When I go to a web site, I fill the credentials from my vault. It's an extra step, but more secure. As an added benefit, your credentials are always in your vault, so if you are in the habit of having your browser store that stuff, and you change browsers, your account info is still in the vault. Those programs also have password generators to randomize passwords if you want. Some of them even have a feature where they can look at your accounts and see if any of them show up on a security breech alert. If so, you can update your password for that impacted account immediately before it's hijack hopefully.

Thanks Jake... that explanation helps. Brave doesn't store anything in the Cloud.

While I have your attention I'm curious... you approve of my firewall / anti-virus / anti rootkit & bot protection measures?

And do you believe Brave's Tor privacy mode is better than Firefox's DNS-over-HTTPS (DoH) mode?

Tag

Twitter was down 2x more early on.
I wonder if they are using this to drive the price down for buybacks. Something to watch for sure.


Another IT webmaster question for you (if it's in your kettle)
Since FB/TWatr get revenue based on traffic (unique visits), then stripping those little "follow me" icons out of websites should help reduce their traffic. Right? And it is fairly simple from what I recall from the last site I built...

This is true.

Free and Open software is one of the shining stars in the coming tech dystopia.

Tor is very different from DNS over HTTPS.

Tor actually creates a 3 hop connection to your destination and securely hides your originating IP address from view at the destination server.

DNS over HTTPS is just encrypting your DNS requests. This is good but it does not hide your IP address from anybody. It just adds some level of protection and privacy to your DNS requests. (A DNS request is how the domain name like example.com gets translated into an actual IP address).

So for privacy Tor is better.

Not an IT expert, but know enough to be dangerous. NOTHING is secure. Any encryption, it is just a matter of time before that too will be broken.Steps to be more secure have been mentioned. Typing here perhaps, is not a good idea...

Nothing is secure is a good maxim to live by.

You lost me at the bakery... (Old Laugh-In joke)..