Tor privacy settings adoption on Firefox

firefoxRegular readers of TuxDiary might remember Panopticlick, an EFF effort to identify a browser uniquely using fingerprints. as we discussed earlier, Tor takes privacy to a higher level and makes it more difficult to track a browser. The good news is, Mozilla is working actively to bring Tor privacy settings to regular Firefox, sans additional plugins. Continue reading Tor privacy settings adoption on Firefox

QtPass: Qt GUI for pass

QtPass

We explored pass, a multi-platform powerful command-line password manager in one of our earlier articles. pass is more or less a standard on Unix systems but the cli may deter users migrating from a different platform from using it. Here’s the good news – pass recently got a QT based GUI front-end, thanks to QtPass. Continue reading QtPass: Qt GUI for pass

vim as an encrypted cloud note manager

vim_compvim is one of the most popular editors on Linux. You can edit multiple notes in vim simultaneously. However, it is not a generic note manager by design. You can turn it into one using the vim-notes plugin, which also means you need to remember more commands. We already explored how to encrypt files with vim. Let’s try a simple way to turn vim into a note manager. I use it everyday for my notes. Continue reading vim as an encrypted cloud note manager

Panopticlick 2: test browser security

eff_compPanopticlick from EFF (Electronic Frontier Foundation) got a new update in version 2. It’s an online service is to check how secure your browser is from online tracking. Our regular readers might remember, EFF is also the team behind Privacy Badger. Continue reading Panopticlick 2: test browser security

Android VTS: check vulnerabilities

android_compAndroid VTS is a security vulnerability checked app for Android. While Google patches to Nexus devices are regular for known security issues or CVEs (Common Vulnerabilities and Exposures), the response time varies widely between OEMs to the extent of no patches at all. Continue reading Android VTS: check vulnerabilities

Magento CMS users, beware of Linux ransomware!

A ransomware encrypts data on your system and asks for payment to decrypt them. They are existing for a while now. However, attacks on Linux haven’t been heard of. It seems that we have encountered the first registered ransomware attacking Linux systems (codenamed Linux.Encoder.1). Continue reading Magento CMS users, beware of Linux ransomware!

KeeFarce: extract KeePass secrets at runtime

security_compWe wrote about the risks of using cloud based password managers in an earlier article. To speak the truth, password managers installed locally on your system are not safe either, IF the system is compromised. KeeFarce is a new tool that proves the point. However, the principles of KeeFarce work only when you are allowing it to run on your system. Continue reading KeeFarce: extract KeePass secrets at runtime