Pi-Hole

Network-wide ad blocking via your own Linux hardware

The Pi-hole® is a DNS sinkhole that protects your devices from unwanted content, without installing any client-side software.

✅ Easy-to-install: our versatile installer walks you through the process, and takes less than ten minutes
✅ Resolute: content is blocked in non-browser locations, such as ad-laden mobile apps and smart TVs
✅ Responsive: seamlessly speeds up the feel of everyday browsing by caching DNS queries
✅ Lightweight: runs smoothly with minimal hardware and software requirements
✅ Robust: a command line interface that is quality assured for interoperability
✅ Insightful: a beautiful responsive Web Interface dashboard to view and control your Pi-hole
✅ Versatile: can optionally function as a DHCP server, ensuring all your devices are protected automatically
✅ Scalable: capable of handling hundreds of millions of queries when installed on server-grade hardware
✅ Modern: blocks ads over both IPv4 and IPv6
✅ Free: open source software which helps ensure you are the sole person in control of your privacy

Pihole Info:

https://pi-hole.net

https://pi-hole.net/blog

https://docs.pi-hole.net

https://github.com/pi-hole/pi-hole/#one-step-automated-install

r/pihole


📡 @NoGoolag 📡 @Libreware
#pihole #pi-hole #block #ads

Dropkick Google with Pi-Hole On Your Network
Resource

from https://www.old.reddit.com/r/degoogle/comments/e9ryy0/dropkick_google_with_pihole_on_your_network/

Greetings fellow De-Googlers. Today, as we crest over the 20k mark in membership, I’d like to talk about a tool you can use in your fight against intrusive corporations like Google. I’m talking about a great project called Pi-Hole. Some of you may be familiar with Pi-Hole, while to others this may be new information. If it’s new information, I’m happy to report there is a sub right here on Reddit just for Pi-Hole ( r/pihole ). The mods there are very helpful with any problems you may encounter along the way with this project.

Before I go any further, I’d like to point out that Pi-Hole is open source software, available for free on their website at https://pi-hole.net/. However, I would like to encourage users to donate to this worthy cause and become a Patron of the project.

In a nutshell, Pi-Hole is a Raspberry PI project that acts as an ad blocker. Unlike browser based ad blockers that you may be used to such as uBlockOrigin, Pi-Hole works at the DNS level.

You can run Pi-Hole in a Docker container, deploy directly in conjunction with Raspbian on a Raspberry Pi Zero W, or deploy in conjunction with Centos, Fedora, or Debian or an old desktop running Ubuntu. There are even some folks running Pi-Hole on an old laptop. For all the features of Pi-hole and for what it does, it doesn’t require a lot of overhead to run.

I won’t go into recreating the installation procedures, but I can tell you that with limited tech savvy, anyone can have this set up and running in an afternoon.

So how does this all tie into De-Googling I hear you ask. One of the great features of Pi-Hole is it’s ability to use custom block lists. These block lists contain hundreds of domain names that you don’t want accessing your network. Here is one such list that completely blocks Google and it’s many domains from your network:
• https://raw.githubusercontent.com/nickspaargaren/pihole-google/master/pihole-google.txt

Nick Spaargaren maintains this list and his GitHub is located at:

• https://github.com/nickspaargaren/pihole-google

If we were to take a peek inside this particular block list, we can see all the domains it will block from your network:

www.googleanalytics.com
click.googleanalytics.com
ssl.googleanalytics.com
www.google-analytics.com
cctldtest.google-analytics.com
click.google-analytics.com

…..and hundreds more! With a couple clicks of the mouse, you can just about eradicate Google from your network as if it didn’t exist. There are tons of other lists that are available for Pi-Hole that will block all manner of things from your network. For now we are concentrating on the Google aspect.

In closing, I will leave you guys with some links to get you started on your way to a Google free, intrusion free network using Pi-Hole.


#pihole #pi-hole #block #ads

Data octopuses: Not only Google wants to know where you are and what you do

Google's location tracking on Android devices is legendary. Privacy is almost always a huge problem. Data protectors regularly go to the barricades. Law enforcement agencies are rubbing their hands more and more often. What's more, the largest data octopus of all has created an "unprecedented" data collection system for law enforcement agencies. A data collection that we usually always and mostly unknowingly agree to. But our Android smartphone or iPhone also reveals a lot about us. And that regardless of whether we want it or not.

Why do we unknowingly agree with the passion for data collection, some readers will surely ask. You can turn off location tracking in the settings. Or I simply switch to the so-called "aircraft mode", or alternatively take my SIM card out of the mobile phone. Then Google can no longer track my location and everything is fine, you think. Why this is not quite right and what our android or iPhone and others collect so much data about us, we want to take a closer look at today in this article.

Location tracking: Google doesn't do things by halves
Even if we deactivate the "location history" or "location history" for iPhones and Android smartphones, the data octopus Google continues to locate its users. Even if the function "location history" is switched off, Google or Apps, which we have installed on our Android, evaluates the user's location and saves it locally on the respective device. If we open certain apps or services, the data is then transferred. Even in "airplane mode" or without a SIM card, Google collects location data for each of our steps in the background, i.e. indirectly. As soon as our smartphone has access to the Internet again, the data collected about us in the meantime is automatically uploaded to Google's Sensorvault database.

📺 Video:
https://news.1rj.ru/str/NoGoolag/76

👉🏽 Google is Malware
https://www.gnu.org/proprietary/malware-google.html

👉🏽 Read more:
https://tarnkappe.info/datenkraken-nicht-nur-google-moechte-immer-wissen-wo-ihr-seid/

#DeleteGoogle #GoogleMalware #DataStealers #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Your annual reminder that Facebook tracks your location after you opt out
https://thenextweb.com/facebook/2019/12/18/your-annual-reminder-that-facebook-tracks-you-even-with-location-settings-turned-off/

https://redd.it/ec9y1i
@r_privacy

Facebook admits it can track your movements and bombard you with adverts even if users turn OFF location settings

🔵 Facebook sent a letter to two US senators which contained the admission

🔵 It can piece together a person's location based on various available information

🔵 Facebook says there are many advantages to knowing where people are

🔵 Tagged pictures, IP addresses and purchasing on Facebook Shopping provide clues to a person's location

https://www.dailymail.co.uk/sciencetech/article-7804121/Facebook-says-locate-users-opt-tracking.html

Read Via Telegram

FACEBOOK'S PRIVACY DISASTERS

📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@NoGoolag

Firefox Announces New Partner in Delivering Private and Secure DNS Services to Users

https://blog.mozilla.org/blog/2019/12/17/firefox-announces-new-partner-in-delivering-private-and-secure-dns-services-to-users/


#firefox #ff #dns

Minimal MicroG Installer V2.4

18 december, 2019

By MOVZX and FatherJony and FriendlyNeighborhoodShane

A simple, flexible MicroG Installer

-- Changelog:

+ Update all APKs
+ Fix Standard bootloop on Q
+ Added AuroraServices only pack

For y'all younglings that don't know what MinMicroG is, check readme.md inside or https://news.1rj.ru/str/NoGoolag/202


📡 @NoGoolag
#microg #minmicrog

Browser activating the front-facing camera: Big Brother or just a bug?

This post is about a disturbing (in terms of privacy) situation that we have recently encountered.

Here’s what happened: we were approached by one of our readers, who claimed that when he was reading our website (which, ironically, has the BanCam anti-facial recognition campaign banner on a main page), the front-facing camera was activated.

📺 https://youtu.be/JVrfUhc6l0M

👉🏽 Read more:
https://medium.com/@mva.name/browser-activating-the-front-facing-camera-big-brother-or-just-a-bug-e7a2ff9d6856


#Google #camera #popup #DeleteGoogle #PoC #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Trannoscription (read: copy paste):

Hi, everyone!

My name is Vadim, I am a tech consultant and a system administrator at RosKomSvoboda.

This post is about a disturbing (in terms of privacy) situation that we have recently encountered.

It could have been in a “A-a-a-a-a-a-a-a-a! Look, Big Brother (Google) is watching us” style, but I will rather try to do some analysis and make some assumptions about why this might have happened.

Here’s what happened: we were approached by one of our readers, who claimed that when he was reading our website (which, ironically, has the BanCam anti-facial recognition campaign banner on a main page), the front-facing camera was activated.

He owns a phone with a sliding front camera. So it slid out right after loading the page as shown on a video.

Big Brother?

As you probably have guessed, at first I thought, that despite all the security measures I have taken for the website, we were hacked and “trojanized”.

However, the investigation has shown, that our site was fine.

After discussing the investigation’s findings with my colleagues from RosKomSvoboda, I remembered that I had came across several forum posts before, which were describing how “Trojan” apk-packages were distributed through the ad networks (when opening the forum from an Android phone) (The idea is that a user would install them, thinking that it is the official forum client).

I suggested checking the list of ad trackers which were allowed on that page (the reader uses Firefox and the uBlock addon with it).

A couple of hours of experiments have shown that the camera stops activating only when the google.com domain access in being blocked in the addon’s settings. Around this time the user told us, that the website “kod.ru” was also activating the camera (before that, we considered the problem to be only on our website).

After digging a little deeper, I found out, that requests to google.com are made not only by Google trackers (aka analytics), but even by the YouTube video iframe module on that page. Same thing occurring at kod.ru also fitted this theory. As it turned out, that page had also had an embedded YouTube video in it.

In order to once again check my theory, I Googled a random blog post with a built-in video in it. The camera opened again.

To sum up, what we have discovered: the presence of built-in YouTube video on a page triggers the loading of some noscripts from google.com, and those, in turn, trigger the camera.

Okay, let’s keep digging.

Having gone through all the browser debugging tools, I found out, that a highly obfuscated noscript, which even has an obfuscated name, is loaded via www.google.com domain whenever a user accesses the page. None of the de-obfuscation tools I tried could deal with it.

Considering that it is Google, I can assume that soon this noscript will disappear, and will be replaced with a different (but equally unreadable) one. So, here’s it’s code, just in case.

A brief overview of the noscript didn’t show any camera mentions, but you can try to do it yourself.

Let’s now look at it this way:

My own phone has no sliding camera, so I could not see a camera sliding out, but I can connect it via USB and use “adb logcat | grep -i -C5 camer” (I’ve used grep because otherwise there is too much irrelevant info) command. So I did it…

First try: Loading the test sites and… nothing!

Starting to think that this issue is on a client’s side.

In the same time we are discussing the situation in the aforementioned RosKomSvoboda technical chat room. After a while, one of the participants said, that mobile browsers can sometimes be tricky: they don’t always ask for a global camera access permissions, because if they know there is none they may not ask for them!

I check the application’s settings and see, that Firefox has no camera permission. I turn it on, check once again, and see a bunch of camera related info popping up in the console like that:

adb logcat | grep -i -C5 camer

Gotcha! A request!

Moreover, right after the “get device info” line there is an explicit opening of the camera device:

12–12 17:10:14.734 751 6924 I QCamera : <HAL><INFO> int qcamera::QCamera2Factory::cameraDeviceOpen(int, struct hw_device_t **): 405: Open camera id 0 API version 256

I check it once again with Chrome, and everything looks the same: if you take away the camera permission — nothing is in the log, and if you allow the app to access the camera — same logs appear.

Turns out that:
а) problem is not local
b) problem is not browser-specific.

What is interesting about that, is the fact that none of these browsers have ever requested a camera permission for any of the sites that participated in the test (and, however, for YouTube and google.com — too).

Taking all this discoveries into consideration I came up with two versions:
1) Either Big Brother is really watching us or
2) that oddly obfuscated noscript from Google triggers Camera API in browsers in order to fingerprint the user, but avoids accessing camera directly. That’s why there is no permission request popping up (however, if you look at the video at the beginning of the article closely, you can see how an LED blinks between opening and closing the camera, which raises certain concerns).

Browser’s logic here is simple: When initializing the Camera API, if there is no camera permission — do not do anything (do not even ask for it until there is a real necessity) and if there is one — initialize the cameras and check what kind of modules are there and what are they capable of (might be the reason why the camera slides out).

The user’s phone vendor, as it seems, programmed the camera software simply: whenever the camera is accessed — it slides out.

Afterall, turns out the issue is not as serious, as it seemed to be in the beginning and I’d like to believe that no photos are taken (anyway I’m not qualified enough neither to prove nor disprove that, maybe one of you, the readers, could do that).

However, the very fact that opening any webpage that has an embedded YouTube video iframe in it leads to a camera request (and even some communication with the module) is pretty sad and disturbing in terms of privacy and I think it’s worth the community’s attention.

What is your opinion?

Russian version: https://habr.com/ru/company/roskomsvoboda/blog/480056/

WRITTEN BY

Vadim Misbakh-Soloviov

Avoid Google apps spyware!

📡 @NoGoolag (links at @microGsupport)

★English Group:
https://news.1rj.ru/str/joinchat/FyFlS0X2D7eDayZ4R4Gkzw

★Indonesian Group:
https://news.1rj.ru/str/joinchat/HVU5S1HNr9FuSwsX0vRCuQ

★Off-Topic Group:
https://news.1rj.ru/str/joinchat/LepbVElZLJbkWMRBNhcPfA

★Guide: t.me/NoGoolag/63
★Installers: t.me/NoGoolag/182

More software
📡 @Libreware

📡 @AuroraOfficial Aurora sw channel

💬 @AuroraSupport Aurora Store group (Foss playstore alternative)

💬 @AuroraDroid Aurora Droid group (F-Droid client)

💬 @AuroraOSS
Group to discuss upcoming Aurora projects (Contacts & Dialer, Aurora Services, Aurora Sync, Aurora Maps)

🦊 @qd_invitation
Firefox Configuration Hardening
DNScrypt Proxy Android
Mixplorer updates

News
📡 @cRyPtHoN_INFOSEC_EN
📡 @cRyPtHoN_INFOSEC_DE

Fifth Fired Google Worker Files Federal Labor Complaint

A fifth former Google worker has filed a complaint with federal regulators accusing the company of improperly firing employees for labor organizing activity.

Kathryn Spiers, a security engineer, said Google fired her after she created a pop-up notification for employees to inform them of their labor rights.

In late November, Google fired four other workers for what the company said were violations of its data security policy. Those workers say they don’t believe they violated company policies and that Google was really firing them because they were all involved in various organizing activities at the company. Google disputes that.

https://www.securityweek.com/fifth-fired-google-worker-files-federal-labor-complaint

Read Via Telegram

📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@NoGoolag

Twelve Million Phones, One Dataset, Zero Privacy

Every minute of every day, everywhere on the planet, dozens of companies — largely unregulated, little scrutinized — are #logging the #movements of tens of millions of #people with #mobile #phones and storing the information in gigantic #data #files. The Times #Privacy #Project obtained one such file, by far the largest and most sensitive ever to be reviewed by journalists. It holds more than 50 billion location pings from the phones of more than 12 million Americans as they moved through several major cities, including Washington, New York, San Francisco and Los Angeles.

Each piece of #information in this file represents the precise location of a single #smartphone over a period of several months in 2016 and 2017. The data was provided to Times Opinion by sources who asked to remain anonymous because they were not authorized to share it and could face severe penalties for doing so. The sources of the information said they had grown alarmed about how it might be abused and urgently wanted to inform the public and lawmakers.

After spending months sifting through the data, tracking the movements of people across the country and speaking with dozens of data companies, technologists, lawyers and academics who study this field, we feel the same sense of alarm. In the cities that the data file covers, it tracks people from nearly every neighborhood and block, whether they live in mobile homes in Alexandria, Va., or luxury towers in Manhattan.

One search turned up more than a dozen people visiting the Playboy Mansion, some overnight. Without much effort we spotted visitors to the estates of Johnny Depp, Tiger Woods and Arnold Schwarzenegger, connecting the devices’ owners to the residences indefinitely.

If you lived in one of the cities the #dataset covers and use #apps that share your# location — anything from weather apps to local news apps to coupon savers — you could be in there, too.

If you could see the full trove, you might never use your phone the same way again.

Read more:
https://www.nytimes.com/interactive/2019/12/19/opinion/location-tracking-cell-phone.html

#surveillance #privacy #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Satire
Area man constantly mentioning he doesn't use Facebook

PALO ALTO, CA -- Area resident John Grey does not maintain a Facebook account, a fact he repeatedly points out to real-world friends, family, and co-workers -- as well as coffee shop baristas, Wal-Mart door greeters, and panhandlers he passes on the street.

"I, personally, would rather spend my time doing something useful than login to Facebook," he told a random woman Monday at Moondollars Coffee House after noticing she was glued to her mobile phone posting status updates.

According to Alice Perkins, a co-worker at Bob's Bargain Basement, a thrift store, Grey steers the conversation toward Facebook whenever possible, just so he can mention that he has never set up an account.

"A few days ago, [store owner] Bob "Bargain" Bottenfield was saying his wrists were bothering him," Perkins said. "The second he said that, I knew John would pounce. He was like, 'It sounds like you might suffer from carpal tunnel. I'm really lucky to have avoided that problem. I'm guessing it's because I don't post constant updates to Facebook. In fact, I don't even have an account."

She added, "He always makes sure to read Slashdot, just so he can point out all the terrible upgrades and privacy-invading features that Facebook unveiled in the last hour."

"I'm not an elitist," Grey said. "It's just that I'd much rather watch a TED talk or chuckle at something from The Onion than sit there posting mindless updates to the whole world complaining about climate change or speculating on the progress my stomach is making digesting lunch."

"If I feel the need to share my opinions with peers, I'll craft a carefully worded Letter to the Editor of the local newspaper," he droned. "I certainly wouldn't waste my time wading through status updates about virtual cabbage fields or make-believe mobster battles."

He concluded, "I'm free from the tyranny of Mark Zuckerberg and his Big Brother overlords. I can't begin to tell you how happy I am to be without Facebook."

Despite Grey's absense from the social-networking universe, Facebook has already amassed a dossier on him. After several classmates and ex-girlfriends searched for his name, one of Facebook's privacy-invading features automatically deduced his name, education level, age, and carbonated soda preference (Diet Pepsi).

"We know all about him," boasted Eric Wellorian, who lives in a nearby apartment and has suffered from one of Grey's lectures about the evils of Facebook when they briefly crossed paths near the mailboxes. "I just started working at Facebook, a fact that I've been careful to avoid mentioning in case he goes supernova. It doesn't matter, though. He can run from Facebook, but he can't hide."

Source: http://humorix.org/10926
#satire #facebook #deletefacebook

Tor Browser

Private browsing without tracking, surveillance, or censorship

https://www.torproject.org

If the link above is censored in your country try:

https://tor.eff.org/
https://tor.stalkr.net/
https://sela.io/mirrors/torproject.org/
https://mirror.freedif.org/TorProject/

if these links are all blocked too:
Step 1: Send a request to GetTor (gettor@torproject.org) specifying your operating system (and your locale). Ex: "windows es"

Step 2: GetTor will send you back a reply with links to download Tor Browser from our supported providers.

FAQ:
https://support.torproject.org

Documentation:
https://2019.www.torproject.org/docs/documentation.html.en

An attempt to document commonly believed misconceptions about Tor
https://github.com/epidemics-scepticism/writing/blob/master/misconception.md

Download

https://www.torproject.org/download

📱 Android

https://www.torproject.org/download/#android

Google Playstore
https://play.google.com/store/apps/details?id=org.torproject.torbrowser_alpha

Fdroid status:
•https://gitlab.com/fdroid/fdroiddata/merge_requests/4676
•https://trac.torproject.org/projects/tor/ticket/27539

On Guardian Project F-Droid repo
https://f-droid.org/app/org.torproject.torbrowser_alpha

💻 PC (*nix):

Don't use the packaged version of your distro, it may be old and it installs as any other binary, meaning there could be a greater data leak if someone has physical access to your pc.

If the executable file doesn't work, open a terminal in the same directory as the .desktop file and type chmod +x start-tor-browser.desktop

-> use obfs4 bridges if your country throttles/blocks Tor
-> if your country has DPI try the meek-azure bridge
-> if meek-azure is broken (you're in xinjiang etc) meek-amazon sometimes works
-> otherwise if you're in xinjiang you're doomed


📡 @NoGoolag 📡 @Libreware
#tor #browser