Automatically Protect All Devices From Internet Malware and Adult Content

Automatically Protect All Devices From Internet Malware and Adult Content

I just love it when with just a few mouse taps I can add a solid layer of security to all the devices under my roof. It’s just icing on the cake when it’s free!

The Problem

All of the internet-connected devices under your roof need to communicate over the internet in order to function. This includes computers, tablets, smartphones, webcams, smartwatches, smart doorbells, smart thermostats, printers, and more.

With your computers, tablets, and smartphones, you can add a layer of protection against malware by installing quality antimalware software. But what about your printer, smartwatch, doorbell, thermostat… you get the picture. Each of these smart devices are open to a breach, and few offer any option to install or configure security.

The other possible problem is adult content. Should you be a parent that would prefer little Jane and Johnny to not have access to adult content, it can be a full-time job playing content cop.

The Solution

All of your home and business devices must connect to the internet through your router. Inside of each router is a setting specifying which Domain Name Server (DNS) the router will use to learn where to direct this internet traffic. If a DNS server was knowledgeable about which web addresses held malware or adult content, the DNS could pass this info along to the router, blocking access to these sites.

Lucky you! There are DNS servers with this knowledge, and Cloudflare offers them at no charge.

The How To

If you would like to block known malicious and adult content sites from all of your home and business devices, you just have to change your router DNS settings. By default, most routers use your internet provider’s DNS servers. You will change this IP address to those of Cloudflare.

CenturyLink Modem

Every router has a unique interface. In the example below I’m using a CenturyLink Actiontec C3000A.

  1. Log in to the modem. If you aren’t familiar with the process, call your internet provider for instructions.
  2. From the menu bar, select Advanced Setup.
  3. From the sidebar, select DHCP Settings.
  4. In the main area of the page, scroll down to 5. Set the DNS servers allocated with DHCP requests.
  5. From this area, select Custom Servers.
  6. For malware only protection, set the Primary DNS to 1.1.1.2, and Secondary DNS to 1.0.0.2. For malware and adult content protection, set the Primary DNS to 1.1.1.3, and Secondary DNS to 1.0.0.3
  7. Tap the Apply button.
  8. Your modem may reboot. The protection will be in place immediately.

It’s Your Data… Protect It

Most people ignore their cybersecurity and internet privacy because they think it is too difficult or expensive. But what if it was fast, easy, and (almost) free? Our guides have been written by certified experts, with step-by-step illustrated instructions so that even a child can harden your security like a pro.

Visit https://thepracticalparanoid.com for the easiest, most comprehensive cybersecurity and internet privacy guides you can buy. Guaranteed!

Amazon Set to Share Your Internet With Neighbors – How to Opt Out

Amazon Set to Share Your Internet With Neighbors – How to Opt Out

Amazon Set to Share Your Internet With Neighbors – How to Opt-Out

Come this Tuesday, June 8, 2021, Amazon will launch the Amazon Sidewalk service. This service for Echo and Ring devices automatically opts-in to share your internet bandwidth with other Amazon devices in the neighborhood.

At first glance, this service is a great idea. Share a small slice of your internet bandwidth – 80Kb/s and a 500Mb monthly cap – with other Echo and Ring devices that have lost connection with their home wi-fi. For example, if your next door neighbors’ Ring doorbell loses connection with the home wi-fi, the Ring doorbell will automatically connect with the neighbor’s home wi-fi for uninterrupted service. Or if a dog wearing a Tile escapes from their yard, as long as the dog is within range of a network using Amazon Sidewalk, the Tile will accurately report the location of the dog.

Add on to this service that it is free to Echo and Ring customers (well, at least initially), and it is a great deal.

However, there are only a few big-tech companies that have proven to handle internet privacy responsibly, and Amazon is not one of them.

The Amazon Sidewalk white paper states that any sensitive data transmitted through Sidewalk is encrypted and that Amazon does not have a way to decrypt the packets. If that is true, they need to start hiring better engineers. Even if it is true, very serious hacks of secure systems is a daily news item.

Perhaps my biggest gripe is that the system is set to automatically opt-in. I’ll take this as tacit acknowledgement by Amazon the many/most of it’s customers would choose to opt-out instead.

What You Can Do – Opt-Out

If you have an eligible Echo or Ring device and do nothing, you are automatically part of the Amazon Sidewalk system.

If you prefer to not be a part of the Amazon Sidewalk system, follow these steps:

For Amazon Echo Device Owners

  1. Open your Amazon Alexa App.
  2. Select the More option in the bottom right corner of your screen.
  3. Select Settings > Account Settings > Amazon Sidewalk.
  4. Toggle the Amazon Sidewalk to Disabled.
  5. Close the Amazon Alexa app.

For Amazon Ring Device Owners

  1. Open your Ring app.
  2. Select the 3-line icon to open the menu, then go to Control Center > Amazon Sidewalk.
  3. Toggle the Amazon Sidewalk to Disabled.
  4. Close the Ring app.

More Reasons to Ditch Your Browser Extensions

More Reasons to Ditch Your Browser Extensions

More Reasons to Ditch Your Browser Extensions

As reported today, May 26, 2021 in the Record, a paper presented at the MADWeb workshop at the NDSS 2021 security conference, researchers from the CISPA Helmholtz Center for Information Security analyzed 186,434 Chrome browser extensions, finding 2,485 that disabled at least one security header used by the top 100 most popular websites.

Security headers are a server response to the browser request that allows site administrators to enable security features inside the browser or other client applications. the most common security headers include the ability to have a site work via an encrypted HTTPS connection, protecting users from cross-site scripting attacks, and that code running inside iframes can’t steal browser data.

What We Can Do About The Issue

Unfortunately, the list of culprit extensions is not included in the report, nor was any significant work performed on Firefox extensions. However, this serves as a solid reminder to keep browser extensions to the bare minimum.

  1. Open your browser to the Extensions page.
  2. Research each found extension.
  3. If the extension is from a suspect developer or does not provide essential services to you, delete the extension.
  4. Repeat for each browser in use.

The research paper titled First, Do No Harm: Studying the manipulation of security headers in browser extensions is available here.

 

More Reasons to Ditch Your Browser Extensions

Linux on Chromebook is Exiting Beta

Linux on Chromebook is Exiting Beta

Google announced today that Linux on Chromebooks is finally coming out of beta with the next release of Chrome OS (v91).

If you are a Chromebook user, this is GREAT news.

I’m a huge proponent of Chrome OS. Although not the best solution for some users, for many (most?) folk, it is an ideal solution.

Chrome OS offers:

  • Good performance…
  • on minimal hardware…
  • which significantly reduces the price of the machine.
  • Great security.
  • In the event of catastrophic corruption, has the fastest and easiest system reset of any computer.

When the very simplified Chrome OS doesn’t offer what you need, you can install Android 11 compatible apps. And when the apps don’t offer what you need, you can jump right into Linux.

In many ways, using a Chromebook is like having the best of three worlds on just one inexpensive laptop.

Enable Linux on Chrome OS

If you are a Chrome OS user that hasn’t yet explored Linux, you don’t have to wait for the next OS update to use Linux. It is already on your machine just waiting to be released. The following are excerpts from the Practical Paranoia Chromebook Security Essentials book and workshop.

Assignment: Enable Full Linux

In this assignment, you enable the full version Linux on your Chrome device.

  • Prerequisite: A Chrome device that can run Linux.
  • Prerequisite: Fully updated Chrome OS.

Update Chrome OS

  1. Go to Settings > About Chrome OS > Check for updates.
  2. Install all available updates.

Enable Linux Support

  1. Go to Settings > Developers > Turn On.
  • If you do not see Linux in Settings, your device is not compatible with Linux. It may be time to upgrade to a newer device.
  1. In the Set-up Linux (Beta) on your Chromebook, select Next.
  2. Enter a username, set the Disk size, then select It may take up to 30 minutes to install.
  3. When a black window opens, you now have Linux installed! This black window is called the Terminal. It is where commands are typed/entered.

Update Keys

We need to verify all security keys used to install Linux updates are up to date.

  1. In Terminal, enter the following. When done, tap the Enter key. When your username reappears in the Terminal, the command has been completed:
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com

Update Packages (Software, Dependencies, etc.)

  1. In Terminal, enter the text below, followed by the Enter key.  Try to commit this to memory. This is how you always update & upgrade Linux and associated software.
sudo apt update && sudo apt upgrade

Assignment: Give Linux Access to Downloads and Google Drive

By default, Linux is restricted to accessing only the files in the Linux folder. To make it more usable on your device, give it access to your Downloads folder and Google Drive.

  1. Open Files.
  2. Right-tap on Downloads > Share with Linux.
  3. Right-tap on Google Drive > Share with Linux.

What Else Can You Do in Linux

As great as Chrome OS is, sometimes you just need a quality word processor or the desktop version of a web browser, perhaps the security and privacy of the Signal Messenger? All of this and much more are available through Linux on Chrome OS.

As one example, let’s install LibreOffice (a direct competitor to Microsoft Office, free, open-source).

Assignment: Install LibreOffice on Linux

LibreOffice is an open-source replacement for Microsoft Office. By installing it, you have a full-featured word processor application on your device.

  1. Verify all upgrades and updates are applied to Linux. Enter the text below, followed by the Enter key:
sudo apt update && sudo apt upgrade
  1. Verify all repository keys are current. Enter the text below, followed by Enter:
sudo apt-key adv --refresh-keys --keyserver keyserver.ubuntu.com
  1. In Terminal, enter the text below, followed by Enter.
sudo apt install libreoffice -y

Explore Libre Office

When you install a Linux application, it is a full desktop app, running under the Linux operating system, not under the Chrome browser user interface.

  1. Open Libre Office by going to Launcher > (you may need to expand the Launcher window) > Linux apps > Libre Office.
  2. Set the default text format to MS Office .docx. In Libre Office, go to Tools > Options > Load/Save > General > Document type > Text document, then to Always save as > Word 2007-2019 (*.docx). When done, select
  3. Set the default spreadsheet format to MS Office .xlsx. In Libre Office, go to Tools > Options > Load/Save > General > Document type > Spreadsheet, then to Always save as > Excel 2007-2019 (*.xlsx). When done, select OK.
  4. Take a few minutes to explore the menu structure and interface of Libre Office. While not quite the same as Microsoft Word, most people feel at home after a few hours working in it.

Secure Your Chromebook, Communications, and Your Privacy

Take the next step to secure your digital life. Practical Paranoia Chromebook Security Essentials is the fastest, easiest, most comprehensive, and fun book and workshop available. We Guarantee it!

Practical Paranoia Security Essentials v5.0.1 Released

Practical Paranoia Security Essentials v5.0.1 Released

Practical Paranoia Security Essentials version 5.0.1 released

WAHOO!!! We have reached a new milestone with Practical Paranoia. All five books (Android 11, Chromebook, iOS 14, macOS 11, and Windows 10) have been updated to version 5.0.1. With this update, all books now have:

  • Synchronized chapters, sections, and assignments. This means if you want to lock down your security and privacy on both your Windows laptop and Android phone, and perhaps your mother’s Chromebook and iPhone, each chapter for each book will be identical with the exception of the specifics of the device being worked on.
  • Chapter timings have been added. For those taking the live or prerecorded Practical Paranoia workshops, you now know going in how long it will take to complete a chapter, and approximately how long the homework will take.

Synchronization is huge. To accomplish it, we started from scratch to rewrite each book. But the results are amazing. For someone wanting to learn about more than one platform, this literally cuts learning time by 50-75%.

This makes Practical Paranoia Security Essentials not only the easiest and most comprehensive cybersecurity and internet privacy guide available for a regular end-user, but it is now the fastest available.

Look Inside Practical Paranoia Security Essentials v5.0.1

Download the Look Inside preview of Practical Paranoia Security Essentials v5.0.1, and discover why this is the easiest, most comprehensive, fun, and fastest way to harden your cybersecurity and internet privacy.