Prep Raspberry for PiHole

Raspberry Pi is great for filtering adds (and more). Build your PiHole on a Raspberry Pi !

First purchase your Raspberry Pi (starterkit with all you need or grab the stuff you need yourselves).

During the first boot of Raspbian (the operating system), answer all questions (defaults are OK in most cases).

Now launch the settings menu and set a fixed IP address and enable SSH

Update all packages on you Raspberry (from a terminal) :

$ sudo apt-get update && dist-upgrade or sudo apt-get update && sudo apt-get upgrade

open a terminal and install “Webmin” for easy maintenance :

$ sudo apt-get install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions python
$ wget -qO- http://www.webmin.com/jcameron-key.asc | sudo apt-key add
$ sudo add-apt-repository "deb http://download.webmin.com/download/repository sarge contrib"
$ sudo apt update
$ sudo apt -y install webmin

Install PiHole (still in the terminal) :

$ curl -sSL https://install.pi-hole.net | bash

answer all questions (again defaults are OK in most cases).

 

Windows 10: How To Fix The Biggest Security And Privacy Flops

Microsoft privacy and security critics are concerned about the default OS settings that they say leave users vulnerable to security, privacy and, in some cases, malicious attacks.

Here are the top security gripes against Microsoft, and how to fix them.

Uninformed Consent: Windows 10 Default Install Setting Labeled Intrusive

Fix : Opt Out Of Installation Privacy Shakedown
To ensure Windows 10 isn’t sharing too much about you to Microsoft, when you install the operating system don’t choose “express install.” Instead, choose “custom install,” which gives you the options of reviewing privacy settings before you hand over your privacy keys to Microsoft.
Here you’ll be presented with nearly a dozen dialogue boxes featuring options that allow you to choose and tweak what you want to share with Microsoft from your location, personal contacts, and potentially sensitive information you are working on at the time your PC crashes and is sent back to Microsoft as part of an error report.

Windows 10 Users Get Targeted

Fix : To tell only Microsoft to take a hike when it comes to targeting ads to you, go to Settings > Privacy and then turn off “Let apps use my advertising ID for experiences across apps.” This tip also works with Windows 8.1.

Wi-Fi Sense Hysteria: Here’s The Antidote

Did you hear Microsoft is secretly sharing your network passwords behind your back? That was the largely overblown synopsis of many who were critical of Windows 10’s Wi-Fi Sense feature that was automatically turned off by default when people installed or upgraded to the new OS.
The feature is designed to help you, and the contacts you explicitly handpick, to share password-protected Wi-Fi hotspot information to speed up identifying and logging onto the hotspots. Wi-Fi Sense only shares Wi-Fi passwords between Windows 10 users that opt into the service, and only encrypted passwords are shared — preventing anyone from ever actually seeing a password.
The service allows you to choose from Outlook.com contacts, Skype contacts or Facebook friends.
Fix : To double-check that this feature is disabled, go to Settings > Network and Internet > Manage Wi-Fi Settings and make sure it’s off.

You Say Cortana, I Say Corta-NO

In order for Microsoft’s digital assistant Cortana to be effective, anticipating your needs and delivering geographically relevant query results, it needs to collect personal data about who you are and where you are. For some, who may favor Google Now or Apple Siri, they just want to say “no” to Cortana.
Fix : To ban Cortana from accessing your e-mails, contacts, location information and other data, turn it off by going to Start-> Settings -> Privacy -> Speech, Inking & typing and press the “Stop getting to know me” button.

Locking Down Microsoft’s Edge Browser

Microsoft Edge browser offers a refreshing, fast and uncluttered alternative to Internet Explorer. It’s definitely worth giving a shot. But, just like Chrome, IE and Firefox, there are settings that allow you to protect your privacy from advertisers and Microsoft.
To opt out of personalized ads served up from Microsoft using Edge, you’ll want to visit Microsoft’s “Personalized Ad Preferences” to turn off the targeted ads.
The Edge browser also works seamlessly with the Cortana digital assistant. One of the things Cortana does is track the URLs of the sites you visit with Edge so it can better answer Cortana queries based on your browsing patterns.
Fix : To turn Cortana on or off in Microsoft Edge, go to More actions > Settings, and under Advanced settings, select “View advanced Settings,” and then, under Privacy and services, turn the “Have Cortana assist me in Microsoft Edge” setting on or off.

Going Over The Edge?

Microsoft also tracks URLs you type in with a feature called SmartScreen Filter. Microsoft does this so it can automatically cross-reference the site you are about to visit with its own list of websites that are known to be malicious. Edge will warn you if the webpage has been blocked by redirecting you to a Microsoft page that details why you should avoid the webpage.
Fix : This feature is not unique and is something other leading browser makers do. Nevertheless, it may irk some privacy purists. To turn off this type of keystroke monitoring in your Edge browser, go to Settings > Advanced Settings and then below Privacy and Services, turn the “Help protect me from malicious sites and downloads with SmartScreen Filter” settings off.

App Permissions

Windows 10 is similar to iOS and Android in creating an app environment and Windows Store where you can download desktop and mobile apps. And just as Android and iOS, some Windows apps want to access account data such as name, a profile picture and other personal information.
Fix : To Microsoft’s credit, unlike Android and iOS, it offers a way to opt-out of that sharing. To opt-out of sharing, head over to your systems Privacy Settings > Account Info > and turn off “Let apps access my name, picture, and other account info.”

No Permission Granted

There are a host of apps that request access to your system’s camera, microphone and location. That type of access is typically innocuous, allowing you to use an app such as Facebook to access pictures on your device and share them with someone who is close by. Want to use voice-to-text to comment on your friends Facebook status? Then Facebook needs access to your devices microphone, and there are some notorious examples, such as flashlight apps, that ask for too much permission for no reason.
Fix : By default, Windows 10 allows for this type of access. To keep the prying eyes and ears of people away, head over to Settings > Privacy > Camera (or Microphone) to turn the option off. You can choose to manage the apps on a per-app basis. To put the kibosh on sharing location data choose Settings > Privacy > Location.

Greetz, M.

Windows 7 and 8.1 ‘spy patches’

Four recent Windows 7 and 8.1 patches — KB 3022345, 3068708, 3075249, and 3080149 — are sending data to Microsoft’s servers.
According to Microsoft, the four patches are part of the Customer Experience Improvement Program and are only offered as optional downloads to users participating in this initiative.

List of telemetry updates to avoid :
KB2952664 Compatibility update for upgrading Windows 7
KB2990214 Update that enables you to upgrade from Windows 7 to a later version of Windows
KB3021917 Update to Windows 7 SP1 for performance improvements
KB3022345 Update for customer experience and diagnostic telemetry
KB3035583 Update installs get windows 10 app in Windows 8.1 and Windows 7 SP1
KB3068708 (replaces KB3022345) Update for customer experience and diagnostic telemetry
KB3075249 Update that adds telemetry points to consent.exe in Windows 8.1 and Windows 7
KB3080149 Update for customer experience and diagnostic telemetry

So make your choice in which updates to install and which to avoid !

greetz, M.

All the passwords you should change because of Heartbleed (OpenSSL bug)

The Heartbleed security flaw was fixed in the newest version of OpenSSL, but you should still change your passwords on all of the sites affected by the bug.

If you’re still not sure which sites were affected, here’s the perfect chart for you. Major sites ranging from Facebook and Google to Pinterest and Flickr were affected. Luckily, many financial institutions were not.

HeartbleedFor more information about the Heartbleed OpenSSL bug, visit the Heartbleed.com website.

Greetz, M.

Privacy (policy), the thing that nobody actualy reads

Ever read one of the privacy policies that you have to agree with, before you can install software or use a (online) service ?
Check some of the most used, Google’s privacy policy and Apple’s privacy policy.

Also interesting is the recent lawsuit (class act) against some of the most used apps on iOS. If you read the class act document, you will notice that Apple makes life easy for app programmers to access personal data (like your address book) on your iOS device (ipad, ipod etc). Apple offers standard code plus description for accessing your address book.

So what privacy do they respect ?

Greetz, M.

Geen privacy op Twitter, gegevens worden zonder navraag aan justitie uitgeleverd !

Uit de meest recente ontwikkelingen van de rechtzaak die hacker, Xs4all-oprichter en privacy-activist Rop Gonggrijp, de IJslandse politica Birgitta Jonsdottir en Tor-ontwikkelaar Jacob Appelbaum tegen de Amerikaanse overheid hebben aangespannen, blijkt volgende :

Twitter moet onder andere het e-mailadres, telefoonummer, adres- en betalingsgegevens aan de Amerikaanse justitie overdragen. Twitter slaat die gegevens, het e-mailadres uitgezonderd, bij normale gebruikers echter helemaal niet op. Het is uitzonderlijk dat Twitter de gebruikers op de hoogte stelde van het verzoek om hun gegevens te overhandigen: de Amerikaanse justitie had verzocht dat niet te doen en in veel gevallen komen bevragingen niet aan het licht.

Het is maar dat je weet hoe er met je privacy wordt omgegaan (niet dus) …

gr. M.

Who’s watching you ?

Add the “ghostery” plugin to your browser and see who’s watching you …

Ghostery sees the invisible web – tags, web bugs, pixels and beacons. Ghostery tracks the trackers and gives you a roll-call of the ad networks, behavioral data providers, web publishers, and other companies interested in your activity.

Plugin available for Firefox, Chrome, Internet Explorer, Opera and Safari browsers.

Greetz, M.