Differences
This shows you the differences between two versions of the page.
learn:how-tos [2020/06/12 21:35] – [Understand] 127.0.0.1 | learn:how-tos [2022/05/08 11:42] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 95: | Line 95: | ||
==== Firefox Browser ==== | ==== Firefox Browser ==== | ||
- | For browsing that doesn' | + | For browsing that can' |
**Ad block plugins** | **Ad block plugins** | ||
Line 186: | Line 186: | ||
Services can be removed, disabled, or configured to only listen locally. | Services can be removed, disabled, or configured to only listen locally. | ||
+ | |||
+ | |||
+ | ==== Secure communication ==== | ||
+ | |||
+ | **Public key encryption** | ||
+ | |||
+ | Uses who desire secure communication, | ||
+ | |||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | For people who want slightly more detailed look into how Diffie-Hellman and RSA algorithms work, see | ||
+ | |||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | **General principles** | ||
+ | |||
+ | * Symmetric encryption can protect content such as any length message, call, file, or even video stream. | ||
+ | * Symmetric encryption doesn' | ||
+ | * Key delivery of symmetric key is handled by asymmetric ciphers. | ||
+ | * Diffie-Hellman (derive key by combining private and public value) | ||
+ | * RSA (encrypt key with another key) | ||
+ | * Diffie-Hellman is better than RSA for key | ||
+ | |||
+ | **Encryption must be end-to-end** | ||
+ | |||
+ | * Client-server encryption is useful when browsing web, accessing online bank, bying things online: Effectively End-to-end encryption because other end is the server. | ||
+ | * When the other end becomes a buddy we want to talk to, server becomes an untrusted third party. | ||
+ | * Many bad messaging apps like Telegram by default send everything via client-server encryption, meaning server can read, modify, and copy the message content. | ||
+ | * For messaging with buddies we need end-to-end encryption, where messages are encrypted and decrypted only by you and your buddy. | ||
+ | * This is equally important, whether we're talking about email, instant messaging, calls, or video calls. | ||
+ | |||
+ | **End-to-end encryption requires two equally important parts** | ||
+ | |||
+ | * Private key(s) must never leave the user's device without password protection that only the user knows | ||
+ | * Public keys from contact' | ||
+ | |||
+ | |||
+ | ====== Chat ====== | ||
+ | |||
+ | ===== Signal protocol ===== | ||
+ | |||
+ | Signal-protocol is a modernized version of OTR-protocol that is designed to work in asynchronous environments such as on smartphones. This is because on smartphones apps open and close so frequently, OTR-sessions (that need to be established for each time they' | ||
+ | |||
+ | More information | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | Applications that use Signal protocol or similar (so called [[https:// | ||
+ | |||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | |||
+ | ===== OTR ===== | ||
+ | |||
+ | **Warning, the OTRv3 is starting to show its age, e.g. wrt. the key size used (1536-bits). The [[https:// | ||
+ | |||
+ | Off-the-Record (OTR) messaging allows you to have private conversations over instant messaging by providing: | ||
+ | |||
+ | * **End-to-end encryption**: | ||
+ | * **Authentication**: | ||
+ | * **Deniability**: | ||
+ | * **Forward secrecy**: If you lose control of your private keys, no previous conversation is compromised (assuming control of log files was not lost at the same time). | ||
+ | |||
+ | A variety of chat clients are available which use OTR: | ||
+ | |||
+ | Clients that support the [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | Clients with built in support for OTR | ||
+ | |||
+ | * ChatSecure ([[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | === How to use === | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | Advanced: | ||
+ | |||
+ | * [[https:// | ||
+ | |||
+ | |||
+ | ===== IRC ===== | ||
+ | |||
+ | ==== IRC over Tor ==== | ||
+ | |||
+ | Note that if you don't use the Tor Browser Bundle (but just tor) replace 9150 with **9050** | ||
+ | |||
+ | For the **XChat** | ||
+ | |||
+ | * Start Tor. | ||
+ | * In Xchat go to Settings→Options→Network Setup and enter the following: | ||
+ | |||
+ | < | ||
+ | Hostname: 127.0.0.1 | ||
+ | Port: 9150 | ||
+ | Type: Socks5 | ||
+ | Use Proxy for: both | ||
+ | </ | ||
+ | |||
+ | * Save and make sure you don't connect with the nickname you use without tor. | ||
+ | |||
+ | For the **irssi** | ||
+ | |||
+ | For the **mIRC** | ||
+ | |||
+ | * Press Alt+O to open the options dialog | ||
+ | * Go to Connect → Proxy section | ||
+ | * Under Connection select Both | ||
+ | * Under Protocol select Socks | ||
+ | * Under Hostname enter " | ||
+ | * Under Port enter 9150 & press OK. | ||
+ | |||
+ | There are also tor-internal IRC servers to which you can only connect once you set up the above. [[http:// | ||
+ | |||
+ | ==== IRC with I2P ==== | ||
+ | |||
+ | * Set up I2P [[: | ||
+ | * Start it, as well as your IRC-Client (ie mIRC or Xchat) | ||
+ | * Connect to a new server: 127.0.0.1 Port 6668 | ||
+ | * Done. There are also more IRC servers than the default one above. For learning how to join them read the bottom of [[http:// | ||
+ | * // | ||
+ | |||
+ | ===== Pidgin over Tor ===== | ||
+ | |||
+ | * Go to the Accounts, select your Account | ||
+ | * Select Edit Account | ||
+ | * Go to the Advanced Tab | ||
+ | * Under Proxy Options select proxy type SOCKS v5 | ||
+ | * Enter 127.0.0.1 for the host and 9150 for the port | ||
+ | * Leave user/pass blank | ||
+ | |||
+ | See also: [[https:// | ||
+ | |||
+ | ===== Securing pidgin on GNU/Linux ===== | ||
+ | |||
+ | * For information on how to secure pidgin on GNU/Linux [[https:// | ||
+ | * For information on how to properly install Apparmor: [[https:// | ||
+ | |||
+ | ===== Other ===== | ||
+ | |||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | |||
====== Email ====== | ====== Email ====== | ||
Line 389: | Line 546: | ||
* [[https:// | * [[https:// | ||
- | |||
- | ====== Chat ====== | ||
- | |||
- | ===== OTR ===== | ||
- | |||
- | Off-the-Record (OTR) messaging allows you to have private conversations over instant messaging by providing: | ||
- | |||
- | * **End-to-end encryption**: | ||
- | * **Authentication**: | ||
- | * **Deniability**: | ||
- | * **Forward secrecy**: If you lose control of your private keys, no previous conversation is compromised (assuming control of log files was not lost at the same time). | ||
- | |||
- | A variety of chat clients are available which use OTR: | ||
- | |||
- | Clients that support the [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | |||
- | Clients with built in support for OTR | ||
- | |||
- | * ChatSecure ([[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | |||
- | === How to use === | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | |||
- | Advanced: | ||
- | |||
- | * [[https:// | ||
- | |||
- | ===== Signal protocol ===== | ||
- | |||
- | Signal-protocol is a modernized version of OTR-protocol that is designed to work in asynchronous environments such as on smartphones. This is because on smartphones apps open and close so frequently, OTR-sessions (that need to be established for each time they' | ||
- | |||
- | More information | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | |||
- | Applications that use Signal protocol or similar (so called [[https:// | ||
- | |||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | |||
- | ===== IRC ===== | ||
- | |||
- | ==== IRC over Tor ==== | ||
- | |||
- | Note that if you don't use the Tor Browser Bundle (but just tor) replace 9150 with **9050** | ||
- | |||
- | For the **XChat** | ||
- | |||
- | * Start Tor. | ||
- | * In Xchat go to Settings→Options→Network Setup and enter the following: | ||
- | |||
- | < | ||
- | Hostname: 127.0.0.1 | ||
- | Port: 9150 | ||
- | Type: Socks5 | ||
- | Use Proxy for: both | ||
- | </ | ||
- | |||
- | * Save and make sure you don't connect with the nickname you use without tor. | ||
- | |||
- | For the **irssi** | ||
- | |||
- | For the **mIRC** | ||
- | |||
- | * Press Alt+O to open the options dialog | ||
- | * Go to Connect → Proxy section | ||
- | * Under Connection select Both | ||
- | * Under Protocol select Socks | ||
- | * Under Hostname enter " | ||
- | * Under Port enter 9150 & press OK. | ||
- | |||
- | There are also tor-internal IRC servers to which you can only connect once you set up the above. [[http:// | ||
- | |||
- | ==== IRC with I2P ==== | ||
- | |||
- | * Set up I2P [[: | ||
- | * Start it, as well as your IRC-Client (ie mIRC or Xchat) | ||
- | * Connect to a new server: 127.0.0.1 Port 6668 | ||
- | * Done. There are also more IRC servers than the default one above. For learning how to join them read the bottom of [[http:// | ||
- | * // | ||
- | |||
- | ===== Pidgin over Tor ===== | ||
- | |||
- | * Go to the Accounts, select your Account | ||
- | * Select Edit Account | ||
- | * Go to the Advanced Tab | ||
- | * Under Proxy Options select proxy type SOCKS v5 | ||
- | * Enter 127.0.0.1 for the host and 9150 for the port | ||
- | * Leave user/pass blank | ||
- | |||
- | See also: [[https:// | ||
- | |||
- | ===== Securing pidgin on GNU/Linux ===== | ||
- | |||
- | * For information on how to secure pidgin on GNU/Linux [[https:// | ||
- | * For information on how to properly install Apparmor: [[https:// | ||
- | |||
- | ===== Other ===== | ||
- | |||
- | * [[http:// | ||
- | * [[https:// | ||
- | * [[https:// | ||
- | * [[http:// | ||
- | * [[https:// | ||
Line 518: | Line 563: | ||
A darknet is an internet or private network, where information and content are shared by darknet participants anonymously. More accurately all of them share being //anonymous overlay networks//. | A darknet is an internet or private network, where information and content are shared by darknet participants anonymously. More accurately all of them share being //anonymous overlay networks//. | ||
- | ===== Tor Hidden | + | ===== Tor Onion Services ===== |
- | Tor can also provide anonymity to websites and other servers. Servers configured to receive inbound connections only through Tor are called hidden services. Rather than revealing a server' | + | Tor can also provide anonymity to websites and other servers. Servers configured to receive inbound connections only through Tor are called |
* Follow the [[: | * Follow the [[: | ||
- | * That's it already. [[http:// | + | * That's it already. [[http:// |
===== I2P ===== | ===== I2P ===== |