Difference between revisions of "MyLaptop"

From Technologia Incognita
Jump to: navigation, search
m (add links)
m
 
(28 intermediate revisions by the same user not shown)
Line 7: Line 7:
 
== Goal ==
 
== Goal ==
  
* Make my laptop more MY laptop (and my e-mail.. my calendar... backup... social networks... and well, anything really)
+
Make my laptop more MY laptop (and my e-mail.. my calendar... backup... social networks... and well, anything really)
* Document it. A summary will be placed somewhere on this wiki including relevant links. I'll document it as a sort of diary on my own blog (http://www.van-schaik.org/)
 
* Achieve more privacy in your own virtual environment
 
 
 
== Why ==
 
 
 
I do not have to explain this, or do I?
 
  
 
== How ==
 
== How ==
Line 19: Line 13:
 
* Attend/contribute to the [[Privacy_Software_Workshop_Series]]
 
* Attend/contribute to the [[Privacy_Software_Workshop_Series]]
 
* Read what others have written ([https://www.bof.nl/ons-werk/internetvrijheid-toolbox/ Bit of freedom], [http://www.cryptoparty.in/, Crypto party] for example)
 
* Read what others have written ([https://www.bof.nl/ons-werk/internetvrijheid-toolbox/ Bit of freedom], [http://www.cryptoparty.in/, Crypto party] for example)
* Find alternatives for all-the-stuff I use now
+
* Find (open source) alternatives for all-the-stuff I use now
 
* Make my laptop more mine, step by step
 
* Make my laptop more mine, step by step
* Write and/or point to tutorials
+
* Write and/or point to tutorials and other useful sites
 +
 
 +
== Some of the things I did so far ==
  
== What did I do so far ==
+
'''Several things below were/are new to me, so if you have suggestions for other options or for improvements, please let me know.'''
  
To the tech savvy people this is probably just basic stuff, but for me it isn't and I guess it isn't for the average internet user
+
=== Laptop / phone ===
* Checked the tickbox to encrypt my home directory (Ubuntu)
+
* OS
* Removed the mail forwarding to google mail and switched back to my own provider. That doesn't help - link to news item data retention here -. Actually you need to install your own mail server
+
** Encryption of my home directory (ticked the box to encrypt my home directory in Ubuntu)
 +
** [https://www.eff.org/deeplinks/2012/10/privacy-ubuntu-1210-amazon-ads-and-data-leaks Ubuntu sends searches to Amazon], disabled this
 +
** Reinstalled laptop with Debian
 +
* Changed browser: using firefox now i.s.o. chrome
 +
* Installed [[http://fixtracking.com/ several browser plugins], e.g.
 +
** HTTPSeverywhere - make use of https as much as possible
 +
** Better privacy - remove super cookies
 +
** DoNotTrack - block advertisement, trackers, web stat trackers
 +
** Ghostery - comparable with DoNotTrack, but works better
 +
** NoScript - block JavaScript and Java stuff
 +
* Alternatives for Google stuff
 +
** Use [https://duckduckgo.com/ DuckDuckGo] in stead of google search
 +
** Removed the mail forwarding to google mail and switched back to my own provider. Actually, it would be better to install your own mail server.
 +
** <s>Using a paper agenda now - couldn't find a good portable electronic alternative yet. This works just fine. (use the calendar of owncloud?)</s>
 +
** Using owncloud calendar, synchronized with phone
 +
** Replaced analytics with [http://piwik.org/ Piwik]
 +
** [http://www.openstreetmap.org/ OpenStreetMap] i.s.o. google maps
 +
* Removed mail and online banking from my mobile phone (can perhaps be put back after I changed the OS)
 
* [[Privacy:SSH |SSH tunnel]] to encrypt internet traffic from another network (e.g. a public wifi spot) to a place I trust more
 
* [[Privacy:SSH |SSH tunnel]] to encrypt internet traffic from another network (e.g. a public wifi spot) to a place I trust more
* Installed [https://www.eff.org/https-everywhere HTTPSeverywhere] - make use of https as much as possible
+
* [https://projects.gnome.org/tomboy/ Tomboy notes] with [https://rsync.samba.org/ rsync] in stead of Evernote
* To take a look at: Ghostery plugin
 
* [https://projects.gnome.org/tomboy/ Tomboy notes] with rsync in stead of Evernote
 
 
* Created a [[Privacy:PGP |PGP key]] and set the default settings to "encrypt mail" for the people who are already in my list (key ring)
 
* Created a [[Privacy:PGP |PGP key]] and set the default settings to "encrypt mail" for the people who are already in my list (key ring)
 +
** Getting a [[User:Narya/Notes/SmartCardPgp |PGP smartcard]] to work
 +
* Social media
 +
** Played around with [https://joindiaspora.com/ Diaspora] (as alternative to Facebook)
 +
** Checked out [http://retroshare.sourceforge.net/ Retroshare] - it's retro... and you can share things (chat, forum, mail, file, all friend2friend), uses PGP
 +
** Problem: no friends :( Have shut down my FB account anyway. Added bonus: more time to do more important stuff than clicking away evenings
 +
** Tried to install a Diaspora pod. Too complicated. I might try again once the debian package comes out
 +
** Betting on http://pump.io/ now. Installation up to configuration was easy. So far, so good. Next step is to configure it.
 +
* File storage, sharing, backup
 +
** Using encfs together with Dropbox - [http://www.howtogeek.com/121737/how-to-encrypt-cloud-storage-on-linux-and-windows-with-encfs/ How to]
 +
** Have switched to ownCloud (see section "Server")
 +
* Text messages via https://threema.ch/en/ but I'll probably replace this with messaging via my own communication server
 +
 +
=== Server ===
 +
* Installed [http://www.debian.org/ Debian]
 +
* Encrypted disk (option during setup)
 +
* Have set firewall rules (with [http://shorewall.net/ Shorewall])
 +
* Have installed [http://owncloud.org/ ownCloud] - can be used ala dropbox, and it has apps for calendar and contacts
 +
** I want to have the data on at least two different locations (because... backup):
 +
*** Have to figure out how to set up a virtual encrypted disk which is synchronized with another location
 +
*** If possible synchronize the user database too, so that I can run mirrored ownCloud instances
 +
*** Relevant thread: https://mail.kde.org/pipermail/owncloud/2012-June/003918.html
 +
*** Raspberry Pi with external USB drive might work. Synchronization by BTsync or something like that
 +
** Need to investigate how to make use of this more secure ([http://booki.flossmanuals.net/owncloud/owncloud-and-security/ info here])
 +
* Working on setting up https ([http://www.symantec.com/connect/articles/apache-2-ssltls-step-step-part-1 some explanation], [https://beeznest.wordpress.com/2008/04/25/how-to-configure-https-on-apache-2/ example 1], [http://www.onlamp.com/pub/a/onlamp/2008/03/04/step-by-step-configuring-ssl-under-apache.html example 2])
 +
** Forwarded the https port. Now I need to figure out how to redirect http requests to https
 +
* Installed [http://etherpad.org/ Etherpad], [https://github.com/ether/etherpad-lite/wiki/How-to-deploy-Etherpad-Lite-as-a-service as a service], only accessible from certain ips - for making and sharing notes
 +
** To do next: integrate etherpad with owncloud
  
== To do ==
+
=== Communication ===
* A lot
+
* Comm server
* Have fun and not become too paranoid (I already noticed that you get aware of many issues when you dive into this)
+
** The plan is to use SIP phones and a client for chatting and/or video calls
* Be realistic: if you have a secret, don't put it on the interweb or on your computer
+
** Installed [http://www.asterisk.org/ Asterisk] and tried out the [http://www.linphone.org/ LinPhone] and [http://icanblink.com/ Blink] clients
 +
** Communication works, now stuck at making TLS and sRTP work [https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial Tutorial]
 +
* [https://subrosa.io/ Subrosa] is a really nice alternative for Skype. You can install it on your own server or use it via subrosa.io. It is web based
 +
* Trying out [https://www.mailpile.is/ Mailpile] - a web client for your mail with PGP encryption
  
 
[[Category:Privacy]]
 
[[Category:Privacy]]

Latest revision as of 23:09, 28 December 2015

Projects
Participants Narya
Skills Software, Social Networking, Common sense, Cryptography, Learning
Status Active
Niche Software
Purpose Education

Goal

Make my laptop more MY laptop (and my e-mail.. my calendar... backup... social networks... and well, anything really)

How

Some of the things I did so far

Several things below were/are new to me, so if you have suggestions for other options or for improvements, please let me know.

Laptop / phone

  • OS
    • Encryption of my home directory (ticked the box to encrypt my home directory in Ubuntu)
    • Ubuntu sends searches to Amazon, disabled this
    • Reinstalled laptop with Debian
  • Changed browser: using firefox now i.s.o. chrome
  • Installed [several browser plugins, e.g.
    • HTTPSeverywhere - make use of https as much as possible
    • Better privacy - remove super cookies
    • DoNotTrack - block advertisement, trackers, web stat trackers
    • Ghostery - comparable with DoNotTrack, but works better
    • NoScript - block JavaScript and Java stuff
  • Alternatives for Google stuff
    • Use DuckDuckGo in stead of google search
    • Removed the mail forwarding to google mail and switched back to my own provider. Actually, it would be better to install your own mail server.
    • Using a paper agenda now - couldn't find a good portable electronic alternative yet. This works just fine. (use the calendar of owncloud?)
    • Using owncloud calendar, synchronized with phone
    • Replaced analytics with Piwik
    • OpenStreetMap i.s.o. google maps
  • Removed mail and online banking from my mobile phone (can perhaps be put back after I changed the OS)
  • SSH tunnel to encrypt internet traffic from another network (e.g. a public wifi spot) to a place I trust more
  • Tomboy notes with rsync in stead of Evernote
  • Created a PGP key and set the default settings to "encrypt mail" for the people who are already in my list (key ring)
  • Social media
    • Played around with Diaspora (as alternative to Facebook)
    • Checked out Retroshare - it's retro... and you can share things (chat, forum, mail, file, all friend2friend), uses PGP
    • Problem: no friends :( Have shut down my FB account anyway. Added bonus: more time to do more important stuff than clicking away evenings
    • Tried to install a Diaspora pod. Too complicated. I might try again once the debian package comes out
    • Betting on http://pump.io/ now. Installation up to configuration was easy. So far, so good. Next step is to configure it.
  • File storage, sharing, backup
    • Using encfs together with Dropbox - How to
    • Have switched to ownCloud (see section "Server")
  • Text messages via https://threema.ch/en/ but I'll probably replace this with messaging via my own communication server

Server

  • Installed Debian
  • Encrypted disk (option during setup)
  • Have set firewall rules (with Shorewall)
  • Have installed ownCloud - can be used ala dropbox, and it has apps for calendar and contacts
    • I want to have the data on at least two different locations (because... backup):
      • Have to figure out how to set up a virtual encrypted disk which is synchronized with another location
      • If possible synchronize the user database too, so that I can run mirrored ownCloud instances
      • Relevant thread: https://mail.kde.org/pipermail/owncloud/2012-June/003918.html
      • Raspberry Pi with external USB drive might work. Synchronization by BTsync or something like that
    • Need to investigate how to make use of this more secure (info here)
  • Working on setting up https (some explanation, example 1, example 2)
    • Forwarded the https port. Now I need to figure out how to redirect http requests to https
  • Installed Etherpad, as a service, only accessible from certain ips - for making and sharing notes
    • To do next: integrate etherpad with owncloud

Communication

  • Comm server
    • The plan is to use SIP phones and a client for chatting and/or video calls
    • Installed Asterisk and tried out the LinPhone and Blink clients
    • Communication works, now stuck at making TLS and sRTP work Tutorial
  • Subrosa is a really nice alternative for Skype. You can install it on your own server or use it via subrosa.io. It is web based
  • Trying out Mailpile - a web client for your mail with PGP encryption