I bought like three lighters recently and they've all been BIC'D, so I had to figure out a way to get flame from an old dead lighter. Maybe this information will help someone, somewhere.
You need:
-A dead lighter, it only needs a working flint.
-Cotton. I used Q-Tips. (Maybe they'll sponsor me.)
-A piece of dry wood and something to cut it with, like a knife.
Process:
1) Grab a qtip and pull the cotton on one end out, so its really thin and frayed. We need loose fibers, so they catch on fire easily. Then cut a thin long strip wood, like a match, also so that it catches aflame easily.
2) Grab your dead lighter, remove the top piece and safety so that the flint is fully exposed.
3)Hold the frayed cotton right next to the flint and strike the flint repeatedly until the cotton catches on fire. the second it does, light the piece of wood on fire. Hold it upside down so it keeps burning.
And for a few seconds, you've got flame!
Sunday, July 27, 2014
Wednesday, July 23, 2014
Resetting the Net: Make the Adversaries Life Harder
Resetting the Net: Make the Adversaries Life Harder
Use Tor or a Secure VPN
The Tor network is one of the best ways to remain anonymous online. I'm not going to get into how it works here, however there is a thorough explanation of Tor's magic here. Yes, Tor is slow and not always convenient to use. That's why I only use it when I'm feeling really paranoid. For most of my other online activities, I use a virtual private network (VPN). VPN's tunnel all of your computers internet traffic through another server, located somewhere else (preferably on the other side of the Earth in a politically neutral country). Although a VPN does not give you nearly the anonymity that Tor does, it provides you with very powerful end-to-end traffic encryption. Our traffic remains encrypted until it exits the VPN server in (for example) Switzerland, then continues to it's final destination. We don't care what Switzerland thinks about our web browsing habits, and they aren't interested, so it's a win-win. A great VPN service with servers in many different geo-political regions is PrivateInternetAccess.com.
Use Open Source Software
It's amazing and sad to me that 90% of personal computers still run Microsoft Windows when there are so many better (and free) options out there. Consider making the switch to Linux, you will be happy you did. However, there's still ways to securely use a Windows system. Consider installing Pigdin Instant Messenger, which allows you to use encrypted instant messaging on services like Facebook Messenger or Google Talk. Use an open source browser like Firefox. Open source=people can read the source code=the software has been scrutinized by thousands of security-minded developers, so you can be pretty sure there are no back-doors/gaping security holes.
Be Smart
Be careful what you send through email. Unless you are using encryption, assume anything sent through email can be intercepted. In fact, assume anything sent over the internet can be intercepted. Therefore, it is best to send as little personally identifying information over the internet as possible, even when using Tor. Install the browser add-on HTTPS Everywhere, which will force use of https whenever available. Pay attention to the warnings that your browser gives you about unverified connections. If an https certificate cannot be verified, either the site you're visiting has not registered it, or you are the victim of a Man in the Middle Attack.
Knowledge is Power
Learn about how technology works so that you can better make educated decisions about your online activities. It is helpful to have a basic understanding of Internet Protocol and Public Key Encryption.
If you are tech savvy, you can configure your own VPN server by renting a cheap VPS somewhere and installing openvpn-server.
Edit: fuck that. They're great for convenience, but for some reason, I just don't trust them anymore. Find an overseas vps and pay for it with mixed up bitcoin.
If you already administer a VPN, rotate your keys right now, and use a
Security Tips for Administering a VPS
The internet is kind of like the wild west. Everything is fair game, there are seldom consequences to anything, and when it comes to sever security it's every man for himself (unless you pay someone to manage your server). Recently it seems that a lot of people are starting to buy their own vps (virtual private server), so there are going to be a lot of people looking for security solutions. Here is some advice I've gathered from my experience as a system administrator.
The golden rule of internet security is to keep a low profile. For example, don't leave port 22 open to the whole internet, even if you have ssh secured with a 4096 bit RSA key. In fact, don't use port 22 at all. Ever. It's like putting a sign on your server that says "hack me". When attackers scan the internet for targets, they use tools like nmap. Nmap by default scans the 1000 most commonly used ports. By avoiding using and filtering those ports you will save yourself a lot of trouble. Notice I said "filter" and not "close". When a port is closed, it sends a reply saying so when someone tries to access it. A filtered port does not acknowledge the request, so you can't be sure whether it's open or closed. It's a good idea to keep the default incoming policy to filtered, as is the standard setting on Linux UFW.
If you are running a web server you are probably going to want to use the default port 80 or 443 (https), so you want to make sure Apache, or whatever you are using is as secure as possible. One thing that I think is really important is to disable CGI if you are not using it. If you are running Debian/Ubuntu than that's as easy as commenting out the cgi bin alias in your main configuration.
#ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
#<Directory "/usr/lib/cgi-bin">
# AllowOverride None
# Options +ExecCGI -MultiViews
# Order allow,deny
# Allow from all
# </directory>
Doing this will prevent people from trying to execute arbitary code on your server. Another things that is cool and very secure is Openvpn. Set up an openvpn server and run it on a random high port like 61500. Use TLS authenification and strong key bit strengths. Then configure your firewall so that ssh or any other administrative/personal services are only accessible from the vpn netmask. This way in order to hack your server you would have to crack the vpn AND the ssh keys, quite a task even for a resourceful, seasoned hacker. Another bennifit here is that if you use UDP for your vpn and close all outside ports than chances are that nobody will ever find that one UDP port because UDP scanning is rare and takes forever. 99 out of 100 times it's TCP ports that they're looking for. Lastly, openvpn is really, really secure!
Of course this is just the tip of the iceberg, but these are some good tips. The good thing about linux is that it rarely will allow anything bad to happen without your consent. So, don't allow root login via ssh, for example. Log into another account, then log in to root if you need to. Close off every port that is not totally necessary for your server to operate. Think blackout zone over London... if they don't see us, they won't bomb us.
Subscribe to:
Posts (Atom)