I recently posted about how to create a sandboxed firefox profile to compartmentalize (and shred) your firefox browsing history in an Ephemeral Firefox session. But so far I’ve only covered how to create a simple vanilla firefox profile. What if you want your Ephemeral Firefox to include a few basic extensions?
This post will cover how to add extensions to your Ephemeral Firefox profile.
Part 1/3: Ephemeral Firefox in Ubuntu Part 2/3: Ephemeral Firefox with Extensions Part 3/3: Ephemeral Firefox as a Site-Specific Browser Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
This post will describe how to create an Ephemeral Firefox session. The ultimate goal of an Ephemeral Firefox session is to unlink your browsing sessions day-to-day and reduce tracking via fingerprinting.
Part 1/3: Ephemeral Firefox in Ubuntu Part 2/3: Ephemeral Firefox with Extensions Part 3/3: Ephemeral Firefox as a Site-Specific Browser
This technique can also be used to compartmentalize your internet activity by using the Ephemeral Firefox session as a Site Specific Browser. This can be especially useful for websites that are infamous for tracking users across the internet and selling the data they collect. For example, you can blacklist all facebook domains in your main browser and only use Ephemeral Firefox sessions that have been whitelisted exclusively for facebook domains–effectively compartmentalizing your facebook activity from the rest of your internet activity.
Another great use-case for an Ephemeral Firefox is for public access computers such as those at libraries, hotels, and printing shops.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
About six months ago, I discovered something on my smartphone that horrified me: I went to undelete a file in DiskDigger, and I stumbled upon a plethora of unexpected jpegs: screenshots of my activity. Screenshots that I didn’t take. Screenshots of my conversations. Screenshots of my GPS position. And screenshots of my bitcoin wallet.
I was perplexed. I was astonished. And, to be honest, I was scared. How did this happen? Was it a vulnerability shipped with LineageOS? Could it be some malicious binary embedded into AOSP? Or is it some exploit in one of those damned closed-source apps that I was forced to install through social pressure (*cough* whatsapp)?
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
This post will describe what hardware to buy & how to configure it so that you have 2 wireless networks in your house: One that seamlessly forces all of the traffic on that network through a VPN–and one that connects to the Internet normally . When finished, the internet activity for any device connected to the first network will be entirely encrypted so that the ISP cannot see which websites are visited*, what software you use, and what information you send & receive on the internet.
* Assuming your config doesn’t leak DNS; see improvements section
Update 2017-08-25: Added “kill switch” firewall rule that prevents LAN traffic from escaping to the ISP unless it passed through the VPN’s vtun0 interface first. Following this change, if the VPN connection is down, the internet will not be accessible (as desired) over the ‘home’ wifi network (without this, the router bypasses the VPN by sending the packets straight to the ISP–giving a false sense of privacy).
I’ve been using Synapse for a few months now. This software is invaluable to my experience on my PC because: # I can *quickly* do what I want to do without fighting with a big, hierarchaial menu # It doesn’t require any huge dependencies (I use XFCE, so I don’t want something that requires Gnome or KDE libraries)
Unfortunately, the documentation is non-existant. So when I wanted to be able to configure Synapse to execute a custom command when I typed a custom keyword, it took me a while to figure it out.
This post explains how to define custom commands in Synapse to execute custom commands in your terminal. For example, I’ll show how to make “Google Drive” open a firefox window to https://drive.google.com
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
This month (September 2011), UCF officially killed the “UCF” SSID to be replaced by “UCF_WPA” and “UCF_WPA2.” Configuring Ubuntu Linux to connect to the UCF WPA2 network is neither trivial nor documented by UCF.
To aid other UCF Ubuntu users, I created a Wireless article on the unofficial UCF wiki. This includes links to the official UCF certificates and instructions on how to connect to the UCF_WPA2 network in Ubuntu.
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
In a given week, I touch maybe a half dozen different Operating Systems/Distributions. Some are similar to others (centos, rhel), some–not so much (solaris). The common commands are easy enough to remember ( @ls@ vs @dir@ ), but I always forget how to search through each OS’s package manager for a software package. For my reference (and perhaps yours?) here’s a list for each of the OSs’ package managers I use frequently:
yum – RHEL/CentOS
yum list
apt – Debian/Ubuntu
apt-cache search
pacman – Arch
pacman –sync –search pacman -Ss
portage – Gentoo
emerge –search # pkg names only emerge –searchdesc # pkg names & descriptions emerge -S # alias of –searchdesc
See Also: “Install ‘build-essential’ on RHEL/CentOS and OpenSolaris”:/wp/?p=231
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
In Ubuntu–and most gnome-based linux distributions, for that matter–the default PDF viewer is Evince Document Viewer. However, a much better alternative PDF viewer exists: xpdf
In my experience, xpdf uses only about 5% as much RAM as evince!
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡
Every now and then, linux crashes (and consequently, hell feels a little cold). I’m not sure how to diagnose the issue, but I’m almost certain it’s a result of some unstable openGL screensaver, some faulty X app, or basically anything but hardened command-line driven applications (which is simply to say: linux is perfectly stable without a GUI).
Anyway, even fewer times than a crash occurs, I sometimes cannot boot my system following the crash due to a corrupt journal on my main, root partition. To fix it, I have to boot to a live-cd (typically my gentoo minimal install CD), and type one simple command that I have scrawled in huge writing, double boxed on a desk pad. I can’t tell you how many times this little command has saved my life.
Type this to fix an ext3 journal corruption:
e2fsck -b 32786 /dev/sda3
Michael Altfield
Hi, I’m Michael Altfield. I write articles about opsec, privacy, and devops ➡