Feeds:
Posts
Comments

DNS Leak Test

Image1What is a DNS leak and why should I care?

When using an anonymity or privacy service, it is extremely important that all traffic originating from your computer is routed through the anonymity network. If any traffic leaks via the underlying connection, any entity monitoring your traffic will be able to log your activity.

DNS or the domain name system is used to translate domain names such as http://www.privacyinternational.org into numerical IP addresses e.g. 123.123.123.123 which are required to route packets of data on the Internet. Whenever your computer needs to contact a server on the Internet, such as when you enter a URL into your browser, your computer contacts a DNS server and requests the IP address. Most Internet service providers assign their customers a DNS server which they control and use for logging and recording your Internet activities.

Under certain conditions, even when connected to the anonymity network, the operating system will continue to use its default DNS servers instead of the anonymous DNS servers assigned to your computer by the anonymity network. DNS leaks are a major privacy threat since the anonymity network may be providing a false sense of security while private data is leaking.

If you are concerned about DNS leaks, you should also understand transparent DNS proxy technology to ensure that the solution you choose will stop the dns leak 

Take the DNS leak test here

indexNick Clegg blocks Tory plans for a ‘snoopers’ charter’ link

‘Dead for now:’ CISPA halted in the Senate link

From yahoo! news

password-login-computer-online-internet-jpg_103341

The ideal password is, well, it’s probably not a word for starters. As the comic geniuses at online comic The Oatmeal put it, the ideal password is one that looks like a “cat took a 12 hour nap on the keyboard.”

But that’s not very realistic — people can only remember so many things, so many letters, uppercase, lowercase, random symbols, blah blah blah. So what’s your best bet?

We spoke with Marion Merritt of Norton Security about how regular people can create a solid password. Here’s the scoop so you can avoid your own personal Cybergeddon.

The passwords not to use
So, the basics. You don’t want to use dictionary words. You don’t want to use obvious combinations of letters and numbers. That would mean things like going across your keyboard like “WERTY,” or even something as bizarre sounding as “QAZWSX” is just going down the keyboard. The only reason I know about that one is, if you look at the list of most commonly used passwords, those are some of the things that show up.

The reason that even something like that becomes a problem is that hackers can use all the data from data breaches as a dictionary to launch hacks from. So even if it’s not something that makes a word, we know people use it as a password, which means it is something to avoid.

Always use a different password for your email
The piece of advice I give the most often is that of all your passwords, the most important is the one you use on your email. The reason for that is, every website you go to as a “forgot your password” feature. We couldn’t live without that feature because you’re always being told to create a unique password. So if a hacker has control of your email account they can change everything.

That one account password needs to be as unique and complex as possible. You never reuse a password. And when I say, ‘You never reuse,’ the reality is people reuse. They’ll come up with really great password and it’s super complicated but then they’ll use it everywhere. Which means, that if gets hacked or something goes wrong, you’ve given away the keys to the kingdom. So, again, the email password needs to be totally special.

Can password managers help?
What’s good about a password manager is it makes the whole process of creating unique and complex passwords and retaining and reusing them — it makes it really easy.

So I actually do recommend people use them. The Norton one is great because it encrypts everything and you can store everything in the “cloud”… so if you’re logging in from your brother-in-law’s computer to print out a boarding pass, you can log in from the cloud and get the passwords there. Norton and others provide those capabilities.

I’ll be the first to say that managing passwords has gotten worse, not better. Every site requires a password and because of that I think consumers have password fatigue. So, when people say, ‘I have my cool passwords that I use for email and social networking and then I have this one that I use for everything,’ as long as the ‘everything’ doesn’t include sites where you could lose money like your credit card, you bank, online shopping where you store credit card information, I’m less concerned…

If you’re logging into your hometown newspaper, and you have a standard password you use, there’s probably nothing too serious [that could happen], but if you get notified that there was a data breach for some program or some site you use, how are you going to remember where you used that password… So, you do have to be senseful. And that’s, again, why a password manager is so great. If you ever found yourself in a situation where you say, ‘Gosh, I was using 123456 and I know I shouldn’t have been, but I was’… a password manager can tell you where else you’ve used it.

How hackers can ‘guess’ your passwords
The way most websites work is, you can enter a password incorrectly three times and then you get locked out. It isn’t just the number of times, it may also be the number of seconds in between requests. The typical user is going to have some delay. A hacker fan run through an entire database in the number of allotted seconds. So, even though you think, ‘How could they do more than five attempts at my name?,’ they can. Not only do they have a database of dictionary terms, they also have a database of previously used passwords in addition to information available on social networks…

How to create super-strong passwords
There are different theories as to how to make a password strong. One is to take the first letter from each word from a sentence you have memorized. For example, “The duck flies at midnight but only if the moon is full.” Your password would then be the first letters of each word: Tdfamboitmif. Is that a good idea for a password? Well, here’s what great about it. You’ve come up with a unique phrase that won’t be in any dictionary and it’s not likely to be in any hack database unless you’ve used it before.

What’s bad about it — if it does get hacked and it’s the password you use everywhere then it’s as good as nothing. So I tell people to come up with a phrase and customize it for every website you use – for instance, by using letters near the ones you use on the keyboard, which is easier to remember.

From thehonestreviews.com

 

Image1IPVanish is one of the newer VPN service companies which started out in 2012, but don’t let that discourage you. It seems like they know what they are doing because I’m loving them. IPVanish currently has 3500+ IPs on 90+ servers in 41 different countries which is already better then the majority of the VPN service provider out there.

 

IPVanish Features

  • 3500+ IPs on 90+ servers in 41 different countries
  • Unlimited VPN traffic and uncapped bandwidth
  • High Speed Connection
  • FREE IPVanish VPN Software
  • OpenVPN, L2TP, and PPTP Protocols
  • Prevent Hot Spot Dangers
  • Secure & safe browsing
  • 24/7 Support

IPVanish Pricing

Here are the current VPN packages at IPVanish:

  • 1 Month – $10 (17% savings)
  • 3 Month – $26.99 (25% savings)
  • 1 Year – $77.99 (46% savings)

If you pick the yearly plan, it will only cost you $6.49/month which comes out to a huge 46% in savings. $6.49 is as cheap as it gets for a premium VPN service so you are definitely getting your money’s worth. You also have the option of signing up for the 1 month plan then upgrading to the yearly plan after if you want.

There is a 7 days money back guarantee on all of the plans so if you aren’t happy for any reason within 7 days of signing up, you can request a cancellation and you will get a full refund.

FREE IPVanish Software
The VPN IPVanish software is free and it’s available in your account’s control panel. Here are some noteworthy features:

  • List of servers when online/offline status
  • Automatically reconnect if disconnected
  • Able to connect when Windows start
  • Can automatically connect to IPVanish once the software starts
  • Lets you know your response time for each server

I really like the Auto-Reconnect feature as it will reconnect if you disconnect from the servers. The only downfall is that your real IP will be shown for a few seconds while it reconnects itself to the IPVanish servers.

IPVanish GUI

It’s a basic VPN software which lets you connect to IPVanish VPN servers with a few noteworthy features. You do not need to use this software to connect to their servers as this software is only optional. IPVanish provides detailed directions for other methods to connect to their servers as well.

Compatible Devices

  • Windows
  • MAC OS X
  • UBuntu
  • iPhone, iPad, Android
  • DD-WRT compatible routers
  • Any devices that lets you use PPTP and L2TP

IPVanish Speed Test

Speed is important when choosing a VPN service provider and IPVanish doesn’t disappoint. Here’s a result from my speed test using IPVanish.

That’s my max download/upload speed for my ISP which is great. You won’t even notice that you are behind a VPN connection. This means watching videos on sites such as YouTube will be quick.

Bandwidth is not capped and you are allowed unlimited VPN traffic which means you can keep the VPN connection on 24/7 if you wanted to.

How Many Computers Can You Use IPVanish On?

You are allowed to installed and use IPVanish on an unlimited number of computers and devices, but you are only allowed to have two devices connected to IPVanish at the same time. Also, you are only allowed to connect to 1 OpenVPN and 1 other connection (L2TP or PPTP) at the same time. This means you cannot have 2 OpenVPN connections connected to IPVanish at a time.

For example, your computer can be connect to IPVanish using OpenVPN while your mobile phone is connected to either L2TP or PPTP.

Type Of IP Addresses

IPVanish offers dynamic IP addresses which means you will get a new IP address every time you connect to their servers. This offers you the best anonymity because your traffic will be spread throughout their 3500+ IP addresses instead of being associated with just one IP address.

Since you are sharing IP addresses with other IPVanish users, your traffic will merge with their traffic making it impossible to find out which traffic belongs to which user.

Data Encryption

You do not have to worry about your ISP or even hackers spying on you as IPVanish provides 256-bit encryption for OpenVPN and 128-bit encryption for PPTP and L2TP.

Logging Policy

IPVanish only logs when you connect and disconnect from their VPN servers. They do not log what websites you visit, what you download or who you chat to. Some type of logging is require for all VPN service providers to stay in business so I wouldn’t worry about it.

Money Back Guarantee

IPVanish offers a 7 day money back guarantee for all of their VPN plans.

IPVanish Support

Support by email is 24/7 while live support chat is available M-F during business hours. IPVanish also offers support by forum.

Final Thoughts

IPVanish does a great job as a VPN service provider even though they just started this year. The speed, price and reliability is outstanding. The price is great for the service they provide and it’s a lot better than using free proxies and definitely better than the majority of VPN providers on the market. I honestly can’t find anything I hate about them especially for the price and speed.

 

From Lifehacker

“Just months after the internet censorship bills SOPA and PIPA were taken off the floor, a new and similarly scrutinized bill, the Cyber Intelligence Sharing and Protection Act (CISPA) has passed through the House of Representatives and is on its way to the Senate. So, what’s the bill all about, and does it really resemble SOPA? Let’s take a look.

We wrote this back when CISPA first came about, but it seems like the bill that won’t die. As of April 18th, 2013, CISPA has resurfaced and passed the House of Representatives, with a few minor differences.

The Basics of CISPAs

If passed, CISPA would amend the National Security Act of 1947 to allow government agencies to swap customer data from Internet service providers and websites if that data is a threat to “cyber-security.” On a basic level the bill is meant to provide a means for companies and the government to share information with one another to fight against cyber threats. These threats are defined as:

The term cyber threat information’ means information directly pertaining to a vulnerability of, or threat to, a system or network of a government or private entity, including information pertaining to the protection of a system or network from-
(A) efforts to degrade, disrupt, or destroy such system or network; or
(B) efforts to gain unauthorized access to a system or network, including efforts to gain such unauthorized access to steal or misappropriate private or government information.

The information gathered can be used to obtain information for five express purposes:

  1. Cybersecurity
  2. Investigation and prosecution of cybersecurity crimes
  3. Protection of individuals from the danger of death or physical injury
  4. Protection of minors from physical or psychological harm
  5. Protection of the national security of the United States

Essentially, CISPA makes it possible for private companies to share potential cyber threat information with the government if the government concludes it needs it for cyber security information (and vice versa) immediately, without a complicated process.

Why Technology Companies Are Supporting CISPA

The main reason companies are supporting CISPA is because it takes the pressure to regulate users off the private company (you can find a huge list of the key players and their positions over on ProPublica). CISPA transfers that role and responsibility over to a government entity. Effectively, it protects companies from being sued if they break their Terms of Service to hand over user information if it’s deemed a threat to cyber security.

In Facebook’s letter of support, Joel Kaplan, Vice President of U.S. Public Policy, puts the reason behind its support simply:

Your legislation removes burdensome rules that currently can inhibit protection of the cyber ecosystem, and helps provide a more established structure for sharing within the cyber community while still respecting the privacy rights and expectations of our users. Through timely sharing of threat information, both public and private entities will be able to more effectively combat malicious activity in cyberspace and protect consumers.

CISPA transfers the burdensome task of regulating its users content and activity to a government entity and this makes a company’s job simple. For instance, if you were posting code snippets of a proposed cyber attack on your private Facebook page the government could request the information and Facebook would be able to hand over every piece of information they have on you immediately. However, this is an entirely voluntary step. If Facebook said no, the government agency asking for the information would have to find another means to get the information. From a company’s perspective, CISPA is an opportunity to share information about potential cyber attacks with a branch of the government that could act on it.

On the surface it’s not that horrible of a thing, but activists worry about the language used in the bill and how it could be construed in a variety of ways to violate a person’s privacy.

Why Technology Rights Groups Are Worried About CISPA

Much like SOPA, the wording in CISPA is broad and the broadness is the root of many of the concerns. A number of activists and rights groups have spoken out against the bill, including Anonymous who reportedly took down trade websites USTelecom and TechAmerica’s in retaliation for their support. The White House has also threatened to veto the bill if it passes. Digital rights group The Electronic Frontier Foundation (EFF), issued a statement condemning CISPA’s surveillance possibilities:

Hundreds of thousands of Internet users spoke out against this bill, and their numbers will only grow as we move this debate to the Senate. We will not stand idly by as the basic freedoms to read and speak online without the shadow of government surveillance are endangered by such overbroad legislative proposals.

The privacy implications of the broadly defined “cybersecurity threat” is the cause for concern among CISPA’s opposition. It’s feared the information gathered would be released too easily and would violate the Fourth Amendment because it offers a simple, warrantless means to acquire personal data.

Several other advocacy groups echo this sentiment, including the American Library Association, which has this to say:

The ALA is concerned that all private electronic communications could be obtained by the government and used for many purposes–and not just for cybersecurity activities. H.R.3523 would permit, and sometimes even require, Internet service providers and other entities to monitor all electronic communications and share personal information with the government without effective oversight by claiming the sharing is for “cybersecurity purposes.”

CISPA could only be used if the government sees a cyber security danger in one of the five purposes mentioned in the first section above. Opponents to CISPA worry that those five reasons would still open the door to spying because they’re broad enough to be applied to several different activities online.


It boils down to this: companies like Facebook and Microsoft are supporting CISPA because it’s beneficial for them. The opposition is against it because it worries the bill could be used as a simple way to spy on people.

You can read the full text—including new amendments—of the Cyber Intelligence Sharing and Protection Act on the Permanent Select Committee on Intelligence’s website and track its amendment progress to see if the language is tightened up as it heads to the Senate. If you find yourself against CISPA, civic organization Avaaz has a petition and Demand Progress has set up links to contact your representative.”

fuck-cispa1

From bestvpnz.com

Top Ten VPN Providers

Logo
Name
Reviews
Server Locations
Price From
BTGuard

Visit Provider

$6.95
Private Internet Access

Visit Provider


$6.95
PureVPN

Visit Provider



$9.95
Kepard

Visit Provider

$7
Leafy VPN

Visit Provider


$9.00
UK Proxy Server

Visit Provider


£6.25
VPNService

Visit Provider

$12
Le VPN

Visit Provider


€11.95
HideIpVPN

Visit Provider

$5.99
HideMyAss

Visit Provider





$11.52

imagesMore than a year ago TorrentFreak took a look at a selection of the web’s VPN providers to see which ones really take privacy seriously.

During the months that followed we received dozens of emails begging us to carry out an update and today here it is.

The first installment in our list of VPN providers that due to their setup cannot link user activity to external IP addresses and activities.

Read the full article here