STOP. Before continuing, click here for important Internet security information about browsing this site.
If a web address is not clickable, copy and paste it into the address bar of a new tab.
Try to switch to using https://github.com/pinotes/pinotes.github.io if you find yourself visiting this site regularly.
PINotes
Internet Security
Web Browsing
Internet Security / Web Browsing
Internet security information for/from Proletarian Internationalist Notes—news, reviews and analysis from a Maoist global perspective
Browsing this site securely
Revised March 12, 2016
Don’t click on any external link on this page or site; copy and paste it. Browsers try to send the previous page’s address to the server of a requested page.
It does help anti-imperialist and anti-war movements in general when everyone practices good security regardless of their own needs, so please read to the end of this document. You might find something useful in it.
There is much more to online privacy than turning off history and cookies or clicking on the “private” browsing/window item in your browser’s menus, which is less than the absolute minimum many people should be doing.
PINotes is put together by MIM-Orchid, a communist cell motivated to provide accurate information about current events and culture as a public service. It has a particular need to acquire knowledge about Internet security.
While not claiming to have insight into the details about how to carry out Maoist revolutionary struggle in particular oppressed nations, PINotes has a certain global perspective and differs from other publications in many respects. A variety of readers—not just communists or potential future communists—would be interested in the info on a site like this, but various readers would also have a need for good security practices and assumptions with this site.
There are relevant distinctions between anonymity and privacy. An examination of this site’s code and server infrastructure would show MIM-Orchid, though it could easily insert code to gather information about visitors, doesn’t now have access to the IP addresses and access date-times of visitors. So, one could use an unsafe browser on an unsafe computer with an unsafe connection and still have both anonymity and privacy with respect to MIM-Orchid since MIM-Orchid can’t find how who you are or see what you’re reading. There could be a hundred other people around or in between you and this site, though, with whom you may not have strong anonymity or privacy. GitHub, your roommate, your proxy (particularly if it isn’t an onion router) despite having a “warrant canary,” your “computer person,” library staff, the next user of the same computer, Wi-Fi café operators and customers, hackers and others all pose risks regardless of their intentions because it is possible to spy through them or their own devices without their knowing. More to the point, you could have privacy with great security on your end, but make it possible for somebody at the PINotes or GitHub end of things to trace a visit back to you because of a mistake in configuration or a typo in the address bar revealing something about you. Or you could have the most perfect anonymous connections, but leave information on your computer that can be used to find out the sites you were visiting. There may be both anonymity and privacy issues to consider at every step, at every point. A government can run both a website and a proxy so steps may need to be added if they can be added without decreasing security overall. Unfortunately, it is typical to have some anonymity in relation to a website, that might be operated or watched by a potential enemy, but have poor security along the way there. Many will have a particular need for both strong anonymity and strong privacy in every context if they must use the Internet.
Even if you are connected anonymously with end-to-end encryption, assume this website’s operator(s) are probably trying to spy on you or that a third party is attempting to spy on you, specifically or in a general way, through PINotes. With or without MIM-Orchid’s knowledge. PINotes’ unique content, without dumbing things down, makes its readership more interesting relative to many other sites’ readership.
If the address in your address bar doesn’t begin with “https://”, add that at the beginning, or insert the “s”, and press <Enter>. That will make it slightly harder for some third parties to figure out which pages you are reading. Don’t ever visit this site without HTTPS again (even if the web server switched you to HTTPS), and try to use HTTPS with all sites you go to regardless of content.
If you are browsing this site from home, a library, school or work without any kind of proxy, or you don’t know what that means, you should stop right now and consider whether you may need to use one or should browse from another location. If you don’t, you may be manually or automatically put on some list by your work or a government. Computer/network administrators, IT departments and Internet service providers have the technical capability to record web surfing activity in detail, and many ISPs keep records of some type for years. Anything—an account, a piece of hardware—involved in how you connect to the Web that can be connected to your name, school/work ID, library card, or face, poses a risk. If browsing in a public place or using an open Wi-Fi hotspot, you should still consider your physical and location privacy needs and should be aware of what a MAC address is, for example.
Consider turning off image loading in your browser, which may lessen the risk of website fingerprinting through analysis of traffic.
Readers should be familiar with the principles involved in the use of “onion routing” and “live CDs” to make snooping more difficult. MIM-Orchid doesn’t recommend the use of Tor especially. No connection method is perfect and a percentage of connections through any popular onion-router-type anonymity network would be subject to easy snooping by those who control/compromise enough nodes or spy on enough nodes’ ISPs. (Most nodes are outside the United States, which actually doesn’t help.) Tor vulnerabilities are discovered now and then. Problems are often in how Tor is used, in the particular operating system or computer it is used on, in the browser it is used with, or in a package or disc including Tor, rather than being intrinsic to Tor’s current design. One could make things worse by using any “anonymous” connection software with a bad computer setup or configuration. Simply using Tor can raise a flag, however. The widespread use of Tor and security researcher interest in it are good for security and development, but Tor’s popularity also makes it a target. Tor itself has known limitations, but could be useful if these are understood and the risks are known and accepted. If you are considering using Tor, see the links toward the end of this document. If you decide to use Tor, check for updates often. Some may find it prudent to use software like this, or the Internet, sparingly for political purposes.
One drawback of using Tor with a live CD/DVD is that the “entry guard” may change more frequently if the user doesn’t do anything about it.
At the time of this writing in January 2016, the number of Tor relays is around 7000.(1) The number of relays with an exit flag is around 1000. Ordinary people who run exit nodes have to deal with potential harassment.(2) The number of relays with a guard (entry node) flag is around 2000.
The United States has tens of billions of dollars in opaque or mislabeled budgets. Those who act like NATO or Western governments don’t have the resources to run hundreds of high-bandwidth Tor relays are wrong. At some point, using Tor is like playing Russian roulette even without wiretap-type surveillance. Governments may not go after all the tons of small fish using Tor for drugs or U.$. Democratic Party campaign and influence operations, but visits to radical websites can be of greater interest. Tor is not for everyone, as even those trying to expand Tor’s user base and network—to make Tor more secure—imply by their words and actions.
Even if you are already known to the state, people can make provocations or conduct other operations drawing from knowledge of what sites a target has visited. What reason could there be for making the work of the state and other potential adversaries easier? An individual’s security choices or indifference can affect others’ security.
One may wonder what is so different about MIM-Orchid that it has to have a notice like this. It comes down to that politics that can actually help the oppressed also present opportunities for spying. Some with the most superficial resemblance to MIM-Orchid are spied on because imperialist states find their contacts with Third World people useful. If they don’t have a notice like this, it may be because they don’t know or care, or they have underestimated what the oppressed can do with strong security, or the state tolerates them because they are useful to it at the moment. Others who sound like MIM-Orchid in a very limited way may have more-popular websites and not so much of an Internet spying problem though they may be involved in other kinds of spying intentionally or unknowingly. Many “Marxist,” or “socialist” or liberal websites are just too watery or bourgeois to do much of anything interesting to spies.
Despite major differences that are beside the point, there hasn’t been anything in the West to compare with the “Arab Spring” since Nazi advances in Western Europe. Everyone can see that easily. First World people who know where the center and source of revolutionary forces and armed resistance is are good at infiltrating Third World movements and helping United $tates-friendly rebellions. The idea that armed struggles involving oppressed people are going on in the Middle East and in the Third World, and that the First World has no large revolutionary class, is not as unusual as some might think. It is in fact an explicit or tacit belief of many including the U.S. Democratic Party, the CIA, the U.S. State Department, post-modernist post-Marxists, and even so-called revolutionary organizations that pander to the First World labor aristocracy and other petty-bourgeoisie using poetry and other pre-scientific appeals. Mario Cuomo and then Hillary Clinton said “campaign in poetry,” but poetry wouldn’t be needed to that extent if there were an actually revolutionary class or organization. “Prose” is those reactionary, counterrevolutionary and murderous actions taken after getting into power.
MIM-Orchid differs in that MIM-Orchid upholds Marxism-Leninism-Maoism, which among many other things includes the concepts of proletarian dictatorship and seizure of power by armed struggle, and concepts of oppressed nations and the international proletariat’s waging armed struggle against imperialist countries with large labor aristocracies. The reason the vast majority of First World people don’t belong to any revolutionary class is that a vast majority are imperialist country exploiters in violent conflict with oppressed nation proletarians. MIM-Orchid is opposed to armed struggle in the First World at this time and is opposed to armed struggle in the Third World led by people in any imperialist country. As a matter of scientific integrity as well as ethical responsibility, MIM-Orchid acknowledges the eventuality of armed struggle in the First World under the right conditions, which include mass support that is lacking with First World people due to the extent to which they benefit from exploitation. Barring a massive change in class structure and outlook that is unlikely, revolutionary forces will come from without the First World, with the possible exception of some lumpen and internal semi-colony people. In saying these things, MIM-Orchid attracts the attention of imperialism despite the fact that what it is saying is supposed to be protected from government attack in many imperialist countries. Free speech does not exist in reality when people are pressured to say uncontroversial things or pressured to withhold controversial thoughts that the public nonetheless needs to know to be informed. Intimidation is common. Even if MIM-Orchid had free speech in its country, a state could spy on website visitors.
It ultimately wouldn’t require the conscious cooperation of MIM-Orchid or any Internet service provider. Website operators and ISPs should be accountable—by making improvements most importantly—for what they do or don’t do that allows spying, but website operators and website visitors need approaches to security that don’t depend on the trustworthiness, intentions, or even competence or success, of individuals in security matters.
The views expressed on this website are MIM-Orchid’s own unless indicated otherwise, and the web space provider has no control over the content of this website legally and may not even read it. Nevertheless, somebody else could conceivably make a change deliberately or inadvertently impacting web browsing security—another reason to forbid script execution. A compromised Tor exit node could insert code into webpages it grabs and hands off.
There is very little new content here at the time of this writing and MIM-Orchid has no delusions about that. One doesn’t need to have a high estimation of MIM-Orchid’s work to understand that browsing this site can be a piece of data for people with hostile intentions in the future.
The threat that people are facing with MIM-Orchid is spying (or political misdirection if MIM-Orchid deviates) in connection with this website remaining online. MIM-Orchid doesn’t provide any writing that others couldn’t come up with on their own, or any illegal content, so there is somewhat less need at this time for this website to be on a darknet though no doubt there will be some undisciplined petty-bourgeois people irritated by this website’s presence who might try to take it down at some point. Many different trade-offs are involved in deciding to be or not be on a darknet. Some might say MIM-Orchid has already made an opportunist mistake in having this website here.
In addition to what has been mentioned above, MIM-Orchid recommends studying the principles involved in keylogging, Van Eck phreaking, ARP, DNS and MAC spoofing, and SSL hijacking. Large-scale government spying on/with ISPs and telecommunications companies is another topic of importance. The mainstream media in First World countries caters to the petty-bourgeoisie and bourgeoisie or serves their interests generally, but because of intra-bourgeois conflicts domestically and internationally there is a lot of valuable reporting in the mainstream media about electronic mass surveillance. When reading various sources of information, one should always keep in mind the proletariat’s own goals.
A relatively recent issue, related to technology that wasn’t widespread a decade ago, is geolocation privacy and location sensing/sharing. Many mobile devices and some laptops have a GPS chip. Webpages can ask for your location. It is possible to disable some location capability at a software level or on an app-/site-specific level. Device and browser settings and add-ons like NoScript can help with improving geolocation and IP address privacy generally when used together with a proxy and other methods. Turning off location history and location reporting may not be enough for some users because a phone’s approximate location can still be determined using cell towers and multilateration, and associated with use of a certain Wi-Fi hotspot for example.
These links constitute a starting point for studying the technical aspect of Internet security, particularly web browsing privacy:
- “What about security?” http://www.prisoncensorship.info/archive/etext/faq/security.html
- “Social networking, smartphones and reliance on the masses,” http://www.prisoncensorship.info/news/all/US/908/
- “Bridging the gap in computer security warnings : a mental model approach,” http://lorrie.cranor.org/pubs/bridging-gap-warnings.pdf
- “MAC addresses: the privacy Achilles’ Heel of the Internet of Things,” http://www.computing.co.uk/ctg/news/2433827/mac-addresses-the-privacy-achilles-heel-of-the-internet-of-things
- “Research finds MAC address hashing not a fix for privacy problems,” https://threatpost.com/research-finds-mac-address-hashing-not-a-fix-for-privacy-problems/104893/
- “Understanding man-in-the-middle attacks - Part 4: SSL hijacking,” http://www.windowssecurity.com/articles-tutorials/authentication_and_encryption/Understanding-Man-in-the-Middle-Attacks-ARP-Part4.html
- “ARP cache poisoning: what it is and how to protect your network,” https://www.auditwest.com/arp-cache-poisoning/
- “A review of man-in-the-middle attacks,” http://arxiv.org/ftp/arxiv/papers/1504/1504.02115.pdf
- “Wi-Fi hotspots: the ugly – session hijacking & credential harvesting through SSL,” http://comm-pletesecurity.com/2014/07/10/wi-fi-hotspots-the-ugly-session-hijacking-credential-harvesting-through-ssl/
- “How to spoof a MAC address,” http://www.techrepublic.com/blog/it-security/how-to-spoof-a-mac-address/ Note: As with the previous link, the point is to be aware of the principles involved so you can protect yourself, not using a particular technique.
- “Hunting down wireless devices doing MAC spoofing,” http://www.networkworld.com/article/2296641/network-security/hunting-down-wireless-devices-doing-mac-spoofing.html
- “WebRTC found leaking local IP addresses,” https://threatpost.com/webrtc-found-leaking-local-ip-addresses/110803/
- “Electronic eavesdropping risks of flat-panel displays,” https://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf
- “Eavesdropping attacks on computer displays,” https://www.cl.cam.ac.uk/~mgk25/iss2006-tempest.pdf
- “EMI, EMC, MIL-STD & Tempest receivers,” http://www.ramayes.com/Receivers.htm Note: MIM-Orchid doesn’t suggest using any of this equipment. What MIM-Orchid is saying here is that people need to understand this kind of thing is real (and probably common in certain contexts), nor just theoretical or cinematographic. Governments actually do buy this type of equipment, or make their own, and use it in conjunction with other hardware and software.
- “Automated EMI & TEMPEST receiver systems,” http://www.ramayes.com/Automated_EMI_Receiver_Systems.htm Note: see previous
- “Test & measurement,” https://www.rohde-schwarz.com/us/products/test-measurement/overview_1/test-measurement_229579.html Note: see previous
- “Compromising electromagnetic emanations of wired and wireless keyboards,” https://www.usenix.org/legacy/events/sec09/tech/full_papers/vuagnoux.pdf
- “Keystroke logging (keylogging),” http://adventuresinsecurity.com/images/Keystroke_Logging.pdf
- An Introduction to Keyloggers, RATS and Malware, http://memberfiles.freewebs.com/99/60/67186099/documents/An%20Introduction%20To%20Keylogger%2C%20RATS%20And%20Malware.pdf Note: MIM-Orchid doesn’t endorse any of the software and techniques mentioned in this book. It is interesting because of the concepts and issues it raises.
- “Using a hardware keylogger for monitoring employee productivity,” http://www.keydemon.com/files/MonitoringEmployeeProductivity.pdf
- “How Tor works: part two - relays vs. bridges,” http://jordan-wright.com/blog/2015/05/09/how-tor-works-part-two-relays-vs-bridges/
- “Using traffic analysis to identify The Second Generation Onion Router,” http://data.openduck.com/wp-posts/2011/10/paper-tor/traffic.pdf
- “Users get routed: traffic correlation of Tor by realistic adversaries,” http://www.ohmygodel.com/publications/usersrouted-ccs13.pdf
- “RAPTOR: routing attacks on privacy in Tor,” http://vanbever.eu/pdfs/vanbever_raptor_tor_bgp_arxiv_2015.pdf
- “Anti-RAPTOR: anti routing attack on privacy for a securer and scalable Tor,” http://icact.org/upload/2015/0442/20150442_finalpaper.pdf
- “Traffic analysis,” https://blog.torproject.org/category/tags/traffic-analysis
- “Attacks,” https://blog.torproject.org/category/tags/attacks
- “Forensic analysis of the Tor Browser Bundle on OS X, Linux, and Windows,” https://research.torproject.org/techreports/tbb-forensic-analysis-2013-06-28.pdf
- “Tor Browser forensics on Windows OS,” http://www.dfrws.org/2015eu/proceedings/DFRWS-EU-2015-short-presentation-1.pdf
- “Surfing safely over the Tor anonymity network,” https://www.owasp.org/images/f/f9/Winter_Koppen_Tor_OWASP_20150319.pdf
- “Tor vs. I2P: the great gnion debate,” https://dguiney.wordpress.com/2015/09/13/tor-vs-i2p-the-great-onion-debate/
- “I2P’s threat model,” https://geti2p.net/en/docs/how/threat-model
- “Towards unconditional Tor-like anonymity,” http://infoscience.epfl.ch/record/209306/files/1570154977.pdf
- “Issues with corporate censorship and mass surveillance,” https://trac.torproject.org/projects/tor/ticket/18361
- “Mac OS X forensics: collecting & analyzing artifacts,” http://www.dataforensics.org/mac-os-x-forensics-analysis/
- “Mac OS X forensic artifact locations,” http://computerforensicsblog.champlain.edu/wp-content/uploads/2016/01/Report_Mac-Forensics.pdf
- “Mac OSX 10.11 El Capitan,” http://docs.hardentheworld.org/OS/OSX_10.11_El_Capitan/
- “Windows 10 forensics,” http://computerforensicsblog.champlain.edu/wp-content/uploads/2016/02/Windows-10-Forensics-Report.pdf
- “Windows forensics and security,” https://articles.forensicfocus.com/2014/04/14/windows-forensics-and-security/
- “Disabling third-party cookies doesn’t (meaningfully) improve privacy,” http://kevinmontrose.com/2011/09/26/disabling-third-party-cookies-doesnt-meaningfully-improve-privacy/ Note: It’s not that people shouldn’t disable cookies, but this article and the comments raise several issues, including fingerprinting, and is worth reading.
- “Top sites (and maybe the NSA) track users with “device fingerprinting”,” http://arstechnica.com/security/2013/10/top-sites-and-maybe-the-nsa-track-users-with-device-fingerprinting/
Computer/router hacking and firewall penetration are also relevant to web-browsing security, as are “malware” (including trojan horses, viruses, worms, and spyware), email attacks such as phishing attacks, and anti-malware and anti-tracking methods/settings that don’t compromise privacy in other areas. More-restrictive settings are often good, and one may want to update software in computers and other devices as security-related updates become available. There are general concepts involved here that are important (and to an extent commonly known with media coverage of celebrity hacks, data breaches, identity theft, and ransomware), but vulnerabilities and methods are often specific to hardware, the operating system, or how things are set up.
Glossaries:
- “Computer security glossary,” http://www.webroot.com/us/en/home/resources/articles/pc-security/resources-glossary
- “Glossary,” http://security.uconn.edu/resources/glossary
- “Internet security glossary,” https://us.norton.com/security-glossary/article
- “Network security glossary,” http://www.watchguard.com/glossary/
Blogs:
- Champlain College Computer & Digital Forensics Blog, http://computerforensicsblog.champlain.edu/blog/
- The Mac Security Blog, https://www.intego.com/mac-security-blog/
- Network Security Blog, http://www.mckeay.net
- Schneier on Security, https://www.schneier.com
- Thisweekin4n6, https://thisweekin4n6.wordpress.com
- Threat Level, http://www.wired.com/category/threatlevel
- Threatpost, https://threatpost.com
- ZoneAlarm Security Blog, http://www.zonealarm.com/blog/
Tools:
- Fingerprints, https://www.grc.com/fingerprints.htm
- Panopticlick, https://panopticlick.eff.org
Other:
- “Anonymity,” https://www.eff.org/issues/anonymity
- Tor metrics, https://metrics.torproject.org
On printing:
- “Do your printers pose a security risk,” http://www.windowsecurity.com/articles-tutorials/misc_network_security/Do-Your-Printers-Pose-Security-Risk.html
- “Best practices for printer security,” http://www.networkworld.com/article/2190118/lan-wan/best-practices-for-printer-security.html
- “Printers: an overlooked security risk,” http://privacyoffice.med.miami.edu/awareness/tips/printers-an-overlooked-security-risk
- “7 ways to protect your printers,” http://www.pcworld.com/article/245213/7_ways_to_protect_your_business_printers.html
- “FTC examines privacy risks of copier hard drives,” http://www.csoonline.com/article/2125207/privacy/ftc-examines-privacy-risks-of-copier-hard-drives.html
- “Printer spool (CUPS),” http://appleexaminer.com/MacsAndOS/Analysis/CUPS/CUPS.html
Bourgeois struggle:
- Courage Foundation, https://couragefound.org - Some exploiters have an intimate, if partial, understanding of repression because they are involved in doing it or in less-democratic or less-open kinds of activism. MIM-Orchid doesn’t agree with various imperialist country sentiments about “democracy,” “liberty,” and “public’s right to know,” but some of the information on Courage and other sites is a minimum a persyn should be aware of if ey thinks ey is against U.S. imperialism today.
- Electronic Frontier Foundation, https://www.eff.org
- “Secrets, lies and Snowden’s email: why I was forced to shut down Lavabit,” http://www.theguardian.com/commentisfree/2014/may/20/why-did-lavabit-shut-down-snowden-email
Other topics to cover:
audio, cameras, Flash, Java, JavaScript, duration and patterns of network use
Notes:
1. “Tor metrics—relays and bridges in the network.” Retrieved 2016 January from https://metrics.torproject.org/networksize.html
2. “Tips for running an exit node with minimal harassment.” Retrieved 2016 January from https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
_____________________________________
home | latest | campaigns | movie reviews | newsletter