Difference between revisions of "MyLaptop"
m (links to https-how-to examples) |
m |
||
(20 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
== Goal == | == Goal == | ||
− | + | Make my laptop more MY laptop (and my e-mail.. my calendar... backup... social networks... and well, anything really) | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== How == | == How == | ||
Line 22: | Line 15: | ||
* Find (open source) alternatives for all-the-stuff I use now | * Find (open source) alternatives for all-the-stuff I use now | ||
* Make my laptop more mine, step by step | * Make my laptop more mine, step by step | ||
− | * Write and/or point to tutorials | + | * Write and/or point to tutorials and other useful sites |
== Some of the things I did so far == | == Some of the things I did so far == | ||
+ | |||
+ | '''Several things below were/are new to me, so if you have suggestions for other options or for improvements, please let me know.''' | ||
=== Laptop / phone === | === Laptop / phone === | ||
* OS | * OS | ||
− | ** Encryption of my home directory ( | + | ** Encryption of my home directory (ticked the box to encrypt my home directory in Ubuntu) |
− | ** Ubuntu sends searches to Amazon, disabled this | + | ** [https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-and-data-leaks Ubuntu sends searches to Amazon], disabled this |
− | ** | + | ** Reinstalled laptop with Debian |
* Changed browser: using firefox now i.s.o. chrome | * Changed browser: using firefox now i.s.o. chrome | ||
− | * Installed several browser plugins, e.g. | + | * Installed [[http://fixtracking.com/ several browser plugins], e.g. |
− | ** | + | ** HTTPSeverywhere - make use of https as much as possible |
** Better privacy - remove super cookies | ** Better privacy - remove super cookies | ||
** DoNotTrack - block advertisement, trackers, web stat trackers | ** DoNotTrack - block advertisement, trackers, web stat trackers | ||
** Ghostery - comparable with DoNotTrack, but works better | ** Ghostery - comparable with DoNotTrack, but works better | ||
** NoScript - block JavaScript and Java stuff | ** NoScript - block JavaScript and Java stuff | ||
− | |||
* Alternatives for Google stuff | * Alternatives for Google stuff | ||
** Use [https://duckduckgo.com/ DuckDuckGo] in stead of google search | ** Use [https://duckduckgo.com/ DuckDuckGo] in stead of google search | ||
− | ** Removed the mail forwarding to google mail and switched back to my own provider. Actually, it would be better to install your own mail server | + | ** Removed the mail forwarding to google mail and switched back to my own provider. Actually, it would be better to install your own mail server. |
− | ** Using a paper agenda now - couldn't find a | + | ** <s>Using a paper agenda now - couldn't find a good portable electronic alternative yet. This works just fine. (use the calendar of owncloud?)</s> |
− | ** Replaced analytics with Piwik | + | ** Using owncloud calendar, synchronized with phone |
− | ** OpenStreetMap i.s.o. google maps | + | ** Replaced analytics with [http://piwik.org/ Piwik] |
+ | ** [http://www.openstreetmap.org/ OpenStreetMap] i.s.o. google maps | ||
* Removed mail and online banking from my mobile phone (can perhaps be put back after I changed the OS) | * Removed mail and online banking from my mobile phone (can perhaps be put back after I changed the OS) | ||
* [[Privacy:SSH |SSH tunnel]] to encrypt internet traffic from another network (e.g. a public wifi spot) to a place I trust more | * [[Privacy:SSH |SSH tunnel]] to encrypt internet traffic from another network (e.g. a public wifi spot) to a place I trust more | ||
− | * [https://projects.gnome.org/tomboy/ Tomboy notes] with rsync in stead of Evernote | + | * [https://projects.gnome.org/tomboy/ Tomboy notes] with [https://rsync.samba.org/ rsync] in stead of Evernote |
* Created a [[Privacy:PGP |PGP key]] and set the default settings to "encrypt mail" for the people who are already in my list (key ring) | * Created a [[Privacy:PGP |PGP key]] and set the default settings to "encrypt mail" for the people who are already in my list (key ring) | ||
+ | ** Getting a [[User:Narya/Notes/SmartCardPgp |PGP smartcard]] to work | ||
* Social media | * Social media | ||
− | ** Played around with Diaspora (as alternative to Facebook) | + | ** Played around with [https://joindiaspora.com/ Diaspora] (as alternative to Facebook) |
− | ** Checked out Retroshare - it's retro... and you can share things (chat, forum, mail, file, all friend2friend), uses PGP | + | ** Checked out [http://retroshare.sourceforge.net/ Retroshare] - it's retro... and you can share things (chat, forum, mail, file, all friend2friend), uses PGP |
+ | ** Problem: no friends :( Have shut down my FB account anyway. Added bonus: more time to do more important stuff than clicking away evenings | ||
+ | ** Tried to install a Diaspora pod. Too complicated. I might try again once the debian package comes out | ||
+ | ** Betting on http://pump.io/ now. Installation up to configuration was easy. So far, so good. Next step is to configure it. | ||
+ | * File storage, sharing, backup | ||
+ | ** Using encfs together with Dropbox - [http://www.howtogeek.com/121737/how-to-encrypt-cloud-storage-on-linux-and-windows-with-encfs/ How to] | ||
+ | ** Have switched to ownCloud (see section "Server") | ||
+ | * Text messages via https://threema.ch/en/ but I'll probably replace this with messaging via my own communication server | ||
=== Server === | === Server === | ||
− | * Installed debian | + | * Installed [http://www.debian.org/ Debian] |
− | * Encrypted disk | + | * Encrypted disk (option during setup) |
* Have set firewall rules (with [http://shorewall.net/ Shorewall]) | * Have set firewall rules (with [http://shorewall.net/ Shorewall]) | ||
− | * | + | * Have installed [http://owncloud.org/ ownCloud] - can be used ala dropbox, and it has apps for calendar and contacts |
− | * | + | ** I want to have the data on at least two different locations (because... backup): |
+ | *** Have to figure out how to set up a virtual encrypted disk which is synchronized with another location | ||
+ | *** If possible synchronize the user database too, so that I can run mirrored ownCloud instances | ||
+ | *** Relevant thread: https://mail.kde.org/pipermail/owncloud/2012-June/003918.html | ||
+ | *** Raspberry Pi with external USB drive might work. Synchronization by BTsync or something like that | ||
+ | ** Need to investigate how to make use of this more secure ([http://booki.flossmanuals.net/owncloud/owncloud-and-security/ info here]) | ||
+ | * Working on setting up https ([http://www.symantec.com/connect/articles/apache-2-ssltls-step-step-part-1 some explanation], [https://beeznest.wordpress.com/2008/04/25/how-to-configure-https-on-apache-2/ example 1], [http://www.onlamp.com/pub/a/onlamp/2008/03/04/step-by-step-configuring-ssl-under-apache.html example 2]) | ||
+ | ** Forwarded the https port. Now I need to figure out how to redirect http requests to https | ||
+ | * Installed [http://etherpad.org/ Etherpad], [https://github.com/ether/etherpad-lite/wiki/How-to-deploy-Etherpad-Lite-as-a-service as a service], only accessible from certain ips - for making and sharing notes | ||
+ | ** To do next: integrate etherpad with owncloud | ||
− | == | + | === Communication === |
− | * | + | * Comm server |
− | * | + | ** The plan is to use SIP phones and a client for chatting and/or video calls |
− | * | + | ** Installed [http://www.asterisk.org/ Asterisk] and tried out the [http://www.linphone.org/ LinPhone] and [http://icanblink.com/ Blink] clients |
+ | ** Communication works, now stuck at making TLS and sRTP work [https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial Tutorial] | ||
+ | * [https://subrosa.io/ Subrosa] is a really nice alternative for Skype. You can install it on your own server or use it via subrosa.io. It is web based | ||
+ | * Trying out [https://www.mailpile.is/ Mailpile] - a web client for your mail with PGP encryption | ||
[[Category:Privacy]] | [[Category:Privacy]] |
Latest revision as of 23:09, 28 December 2015
Projects | |
---|---|
Participants | Narya |
Skills | Software, Social Networking, Common sense, Cryptography, Learning |
Status | Active |
Niche | Software |
Purpose | Education |
Contents
Goal
Make my laptop more MY laptop (and my e-mail.. my calendar... backup... social networks... and well, anything really)
How
- Attend/contribute to the Privacy_Software_Workshop_Series
- Read what others have written (Bit of freedom, Crypto party for example)
- Find (open source) alternatives for all-the-stuff I use now
- Make my laptop more mine, step by step
- Write and/or point to tutorials and other useful sites
Some of the things I did so far
Several things below were/are new to me, so if you have suggestions for other options or for improvements, please let me know.
Laptop / phone
- OS
- Encryption of my home directory (ticked the box to encrypt my home directory in Ubuntu)
- Ubuntu sends searches to Amazon, disabled this
- Reinstalled laptop with Debian
- Changed browser: using firefox now i.s.o. chrome
- Installed [several browser plugins, e.g.
- HTTPSeverywhere - make use of https as much as possible
- Better privacy - remove super cookies
- DoNotTrack - block advertisement, trackers, web stat trackers
- Ghostery - comparable with DoNotTrack, but works better
- NoScript - block JavaScript and Java stuff
- Alternatives for Google stuff
- Use DuckDuckGo in stead of google search
- Removed the mail forwarding to google mail and switched back to my own provider. Actually, it would be better to install your own mail server.
-
Using a paper agenda now - couldn't find a good portable electronic alternative yet. This works just fine. (use the calendar of owncloud?) - Using owncloud calendar, synchronized with phone
- Replaced analytics with Piwik
- OpenStreetMap i.s.o. google maps
- Removed mail and online banking from my mobile phone (can perhaps be put back after I changed the OS)
- SSH tunnel to encrypt internet traffic from another network (e.g. a public wifi spot) to a place I trust more
- Tomboy notes with rsync in stead of Evernote
- Created a PGP key and set the default settings to "encrypt mail" for the people who are already in my list (key ring)
- Getting a PGP smartcard to work
- Social media
- Played around with Diaspora (as alternative to Facebook)
- Checked out Retroshare - it's retro... and you can share things (chat, forum, mail, file, all friend2friend), uses PGP
- Problem: no friends :( Have shut down my FB account anyway. Added bonus: more time to do more important stuff than clicking away evenings
- Tried to install a Diaspora pod. Too complicated. I might try again once the debian package comes out
- Betting on http://pump.io/ now. Installation up to configuration was easy. So far, so good. Next step is to configure it.
- File storage, sharing, backup
- Using encfs together with Dropbox - How to
- Have switched to ownCloud (see section "Server")
- Text messages via https://threema.ch/en/ but I'll probably replace this with messaging via my own communication server
Server
- Installed Debian
- Encrypted disk (option during setup)
- Have set firewall rules (with Shorewall)
- Have installed ownCloud - can be used ala dropbox, and it has apps for calendar and contacts
- I want to have the data on at least two different locations (because... backup):
- Have to figure out how to set up a virtual encrypted disk which is synchronized with another location
- If possible synchronize the user database too, so that I can run mirrored ownCloud instances
- Relevant thread: https://mail.kde.org/pipermail/owncloud/2012-June/003918.html
- Raspberry Pi with external USB drive might work. Synchronization by BTsync or something like that
- Need to investigate how to make use of this more secure (info here)
- I want to have the data on at least two different locations (because... backup):
- Working on setting up https (some explanation, example 1, example 2)
- Forwarded the https port. Now I need to figure out how to redirect http requests to https
- Installed Etherpad, as a service, only accessible from certain ips - for making and sharing notes
- To do next: integrate etherpad with owncloud