The need of privacy in the actual telecommunication based World is a fact that most of Internet citizens do not properly realize.
The wide spread privacy concept is: Alice, alone in her room, telecommunicating with Bob, alone in his room. It seems that Alice and Bob are communicating privately and no one else is able to read Alice and Bob’s dialogue. That’s not true.
It’s a technology fact: virtual peripherals controls hardware peripherals in the virtual domain size.
Once a system is connected to the Internet, the virtual domain assumes the dimensions of the Internet: worldwide.
Your screen, your webcam, your microphone, your input methods, your disks… practically each part of your computer/smartphone/device is controllable by the Internet.
Sometimes these features are enabled by the owner, other times by pirates attacking the system of the victim with a malware and least but not last, standing to Snowden revelations, even Governmental interception systems has the capability of activate a data stream from you computer.
Your notebook is getting old and you are going to earn some money to get the new powerful, shiny model, selling your old laptop on ebay.
On the other part of the World, a rich lucky guy with the new powerful, shiny model needs to perform some core fucking operations and so decides to get a used laptop on ebay to avoid any risks on his jewel.
So, the scenario is simple: the seller doesn’t know anything about the buyer and viceversa.
When you sell your notebook think as you are going to sell your gun to an unknown. Who is it? A kid? A worker? A paedophile? A malicious Hacker? A terrorist? Or maybe the next Snowden, hunted by secret services worldwide?
I’ve written this small guide to help and maybe improve the security process in preparation of Android devices.
Common tablets and smartphones are widely used in a Company and Professional environment, so it’s good that the IT Department enforce the security of these devices before deploying them to the employees.
This small guide will help Sys Admins, working like a checklist to the most common security enforcing operations. The scenario analyzed is the setup of a secure tablet for an employee that have to keep this device with him in a job travel.
Please, contact me to signal eventual errors or to give me advices to improve this guide.
DOWNLOAD ANDROID HARDENING FOR PROFESSIONAL DEVICES PDF
It’s a common way to think that enhanced computer security is a practice for paranoids or for criminals that have something to hide.
That’s an absurd common place! If you encrypt the hard drive of your PC or you use a secure communication system it’s probable that you will be well know as a strange computer guy or worse… a suspect criminal.
I’ve developed, waiting for the event Reset the Net ,a collection of wizards to simplify the use of encryption on GNU/Linux.
With Two Cents Crypto Frontend (TCCF) you can easly
- create encrypted partitions or external disks
- create encrypted storages in a regular files and mount them
- encrypt and decrypt single files with a password
- use asymmetric encryption to securely communicate with electronic mail for example
- secure delete files and entire partitions or disks
The script runs in bash shell.
You have to simply run
$ /bin/bash tccf.sh
or, if you want, you can run any of the scripts separately if you don’t want to navigate through menus
but first of all, download the entire suite here: DOWNLOAD
I’M NOT RESPONSIBLE OF ANY DAMAGE OCCURRED USING TCCF SUITE.
Security sometimes is about to clean the OS from all the things that may constitute a threat for the system and limit the connections between programs and user capabilities. This is fundamentally why my Windows Phone is theoretically more secure than my Windows 7 installation: because WP, by default, is (sometimes insanely 😀 ) more sandboxed and limited respect to the desktop OS.