xbdms' Blog

Space in the time continuum.

December 15, 2021

In this blog, I will show you some very easy to implement ways that will greatly enhance your browsers privacy, stop trackers, spoof your user agent to prevent fingerprinting, and block ads and annoying java script, below you will find links to all of the tools I discussed in this blog.

Requirements:

Firefox

Extensions:

Ublock origin extension

Decentraleyes extension

User Agent switcher

December 15, 2021

In this blog, I will discuss the recent happenings with the Antivirus company Avast. Avast has recently been caught selling user web browsing data via a subsidiary company called Jumpshot.

Some of this Data that Avast has been selling includes:

Google searches

Lookups of locations

GPS coordinates

people visiting companies

particular YouTube videos

people visiting porn websites

Avast should know most users don't want their data being collected and sold, maybe its time to uninstall Avast.

Link to the article:

https://www.cnet.com/tech/services-and-software/antivirus-firm-avast-is-reportedly-selling-users-web-browsing-data/

December 15, 2021

In this blog, I will show you how to maximize your Firefox Browser Privacy and Security with no browser extensions by going into about:config and changing the settings for better privacy and security.

Requirements:

Firefox

about:config tweaks:

Disable WebRTC:

WebRTC can give up your real IP even when using VPN or Tor.

media.peerconnection.enabled = false

Enable fingerprint resistance:

With this alone we pretty much negate the need for canvas defender, or any other fingerprint blocking addon.

privacy.resistfingerprinting = true

3DES Cypher:

3DES has known security flaws.

security.ssl3.rsadesede3_sha = false

Require Safe Negotiation: Optimize SSL

security.ssl.requiresafenegotiation = true

Disable TLS 1.0, 1.1:

security.tls.version.min = 3

Enable TLS 1.3:

tls.version.max = 4

Disable 0: round trip time to better secure your forward secrecy

security.tls.enable0rttdata = false

Disable Automatic Formfill:

browser.formfil.enable = false

Disable disk caching:

browser.cache.disk.enable = false

browser.cache.diskcachessl = false

browser.cache.memory.enable = false

browser.cache.offline.enable = false

browser.cache.insecure.enable = false

Disable geolocation services:

geo.enabled = false

Disable plugin scanning: Can improve functionality, as some sites scan for adblockers and script blockers. Should be used even on non-hardened firefox.

plugin.scan.plid.all = false

Disable ALL telemetery:

browser.newtabpage.activity-stream.feeds.telemetry browser.newtabpage.activity-stream.telemetry = false

browser.pingcentre.telemetry = false

devtools.onboarding.telemetry-logged = false

media.wmf.deblacklisting-for-telemetry-in-gpu-process = false toolkit.telemetry.archive.enabled = false

toolkit.telemetry.bhrping.enabled = false toolkit.telemetry.firstshutdownping.enabled = false toolkit.telemetry.hybridcontent.enabled = false toolkit.telemetry.newprofileping.enabled = false

toolkit.telemetry.unified = false

toolkit.telemetry.updateping.enabled = false toolkit.telemetry.shutdownpingsender.enabled = false

Disable WebGL: Allows direct access to GPU.

webgl.disabled = true

Enable first-party isolation: Prevents browsers from making requests outside of the primary domain of the website. Prevents supercookies. may cause websites that rely on 3rd party scripts and libraries to break, however those are generally only used for tracking so fuck em anyway.

privacy.firstparty.isolate = true

Disable TLS false start:

security.ssl.enablefalsestart = false

Conclusion:

This may be alittle outdated or they changed the names of these, If you find they re-named about:config tweaks, You can email me about them and i will update the blog post.

December 15, 2021

Explore CVE-2021-44228, A vulnerability in log4j affecting almost all software under the sun.

On December 9th, 2021, the world was made aware of a new vulnerability identified as CVE-2021-44228, affecting the Java logging package log4j. This vulnerability earned a severity score of 10.0 (the most critical designation) and offers remote code trivial remote code execution on hosts engaging with software that utilizes this log4j version. This attack has been dubbed “Log4Shell”

Today, log4j version 2.16.0 is available and patches this vulnerability (JNDI is fully disabled, support for Message Lookups is removed, and the new DoS vulnerability CVE-2021-45046 is not present). https://github.com/apache/logging-log4j2/releases/tag/rel%2F2.16.0

However, the sheer danger of this vulnerability is due to how ubiquitous the logging package is. Millions of applications as well as software providers use this package as a dependency in their own code. While you may be able to patch your own codebase using log4j, other vendors and manufacturers will still need to push their own security updates downstream. Many security researchers have likened this vulnerability to that of Shellshock by the nature of its enormous attack surface. We will see this vulnerability for years to come.

For a growing community-supported list of software and services vulnerable to CVE-2021-44228, check out this GitHub repository:

https://github.com/YfryTchsGD/Log4jAttackSurface

This room will showcase how you can test for, exploit, and mitigate this vulnerability within Log4j.

While there are a number of other articles, blogs, resources and learning material surrounding CVE-2021-44228:

https://www.huntress.com/blog/rapid-response-critical-rce-vulnerability-is-affecting-java

https://log4shell.huntress.com/

Note from the author:

Please use the information you learn in this room to better the security landscape. Test systems you own, apply patches and mitigations where appropriate, and help the whole industry recover. This is a very current and real-world threat — whether you are a penetration tester, red teamer, incident responder, security analyst, blue team member, or what have you — this exercise is to help you and the world understand and gain awareness on this widespread vulnerability. It should not be used for exploitative gain or self-serving financial incentive (I'm looking at you, beg bounty hunters)

Additionally, please bear in mind that the developers of the log4j package work on the open source project as a labor of love and passion. They are volunteer developers that maintain their project in their spare time. There should be absolutely no bashing, shame, or malice towards those individuals. As with all things, please further your knowledge so you can be a pedestal and pillar for the information security community. Educate, share, and help.

December 16, 2021

In this blog, I will show you how to maximize your Brave Browser Privacy and Security with no browser extensions by going into brave://flags and changing the settings for better privacy and security.

Brave Browser Flags Hardening

  • Override software rendering list (Enabled) – Overrides the built-in software rendering list and enables GPU-acceleration on unsupported system configurations. – Mac, Windows, Linux, Chrome OS, Android
  • Enable Reader Mode (Disabled) - Allows viewing of simplified web pages by selecting 'Customize and control Chrome'>'Distill page' – Mac, Windows, Linux, Chrome OS
  • Hardware Secure Decryption (Disabled) - Enable/Disable the use of hardware secure Content Decryption Module (CDM) for protected content playback. – Windows
  • Allow invalid certificates for resources loaded from localhost (Enabled) – Allows requests to localhost over HTTPS even when an invalid certificate is presented. – Mac, Windows, Linux, Chrome OS, Android
  • Anonymize local IPs exposed by WebRTC. (Enabled) – Conceal local IP addresses with mDNS hostnames. – Mac, Windows, Linux, Chrome OS
  • Smooth Scrolling (Enabled) – Animate smoothly when scrolling page content. – Windows, Linux, Chrome OS, Android
  • Experimental QUIC protocol (Enabled) – Enable experimental QUIC protocol support. – Mac, Windows, Linux, Chrome OS, Android
  • GPU rasterization (Enabled) – Use GPU to rasterize web content. – Mac, Windows, Linux, Chrome OS, Android
  • Block insecure private network requests. (Enabled) – Prevents non-secure contexts from making sub-resource requests to more-private IP addresses. An IP address IP1 is more private than IP2 if 1) IP1 is localhost and IP2 is not, or 2) IP1 is private and IP2 is public. This is a first step towards full enforcement of CORS-RFC1918: https://wicg.github.io/cors-rfc1918 – Mac, Windows, Linux, Chrome OS, Android
  • Parallel downloading (Enabled) – Enable parallel downloading to accelerate download speed. – Mac, Windows, Linux, Chrome OS, Android
  • Desktop Screenshots Edit Mode (Disabled) - Enables an edit flow for users who create screenshots on desktop – Mac, Windows, Linux, Chrome OS
  • Strict-Origin-Isolation (Enabled) – Experimental security mode that strengthens the site isolation policy. Controls whether site isolation should use origins instead of scheme and eTLD+1. – Mac, Windows, Linux, Chrome OS, Android
  • Strict Extension Isolation (Enabled) – Experimental security mode that prevents extensions from sharing a process with each other. – Mac, Windows, Linux, Chrome OS
  • Heavy ad privacy mitigations (Enabled) – Enables privacy mitigations for the heavy ad intervention. Disabling this makes the intervention deterministic. Defaults to enabled. – Mac, Windows, Linux, Chrome OS, Android
  • Privacy Review (Enabled) – Shows a new subpage in Settings that helps the user to review various privacy settings. – Mac, Windows, Linux, Chrome OS, Android
  • HTTPS-First Mode Setting (Enabled) – Adds a setting under chrome://settings/security to opt-in to HTTPS-First Mode. – Mac, Windows, Linux, Chrome OS, Android
  • Omnibox Updated connection security indicators (Enabled) – Use new connection security indicators for https pages in the omnibox. – Mac, Windows, Linux, Chrome OS, Android
  • Reduce User-Agent request header (Enabled) – Reduce (formerly, “freeze”) the amount of information available in the User-Agent request header. See https://www.chromium.org/updates/ua-reduction for more info. – Mac, Windows, Linux, Chrome OS, Android
  • New Tab Page Branded Wallpapers (Disabled) – Allow New Tab Page Branded Wallpapers and user preference. – Mac, Windows, Linux, Chrome OS, Android
  • New Tab Page Demo Branded Wallpaper (Disabled) – New Tab Page Demo Branded Wallpaper Force dummy data for the Branded Wallpaper New Tab Page Experience. View rate and user opt-in conditionals will still be followed to decide when to display the Branded Wallpaper. – Mac, Windows, Linux, Chrome OS, Android
  • Collapse HTML elements with blocked source attributes (Disabled) – Cause iframe and img elements to be collapsed if the URL of their src attribute is blocked – Mac, Windows, Linux, Chrome OS, Android
  • Enable cosmetic filtering (Enabled) – Enable support for cosmetic filtering – Mac, Windows, Linux, Chrome OS, Android
  • Enable support for CSP rules (Enabled) – Applies additional CSP rules to pages for which a $csp rule has been loaded from a filter list – Mac, Windows, Linux, Chrome OS, Android
  • Shields first-party network blocking (Enabled) – Allow Brave Shields to block first-party network requests in Standard blocking mode – Mac, Windows, Linux, Chrome OS, Android
  • Enable dark mode blocking fingerprinting protection (Enabled) – Always report light mode when fingerprinting protections set to Strict – Mac, Windows, Linux, Chrome OS, Android
  • Enable domain blocking (Enabled) – Enable support for blocking domains with an interstitial page – Mac, Windows, Linux, Chrome OS, Android
  • Enable Brave Super Referral (Disabled) – Use custom theme for Brave Super Referral – Mac, Windows, Android
  • Enable Brave Rewards verbose logging (Disabled) – Enables detailed logging of Brave Rewards system events to a log file stored on your device. Please note that this log file could include information such as browsing history and credentials such as passwords and access tokens depending on your activity. Please do not share it unless asked to by Brave staff. – Mac, Windows, Linux, Chrome OS, Android
  • Enable Brave Ads custom notifications (Disabled) – Enable Brave Ads custom notifications to support rich media – Mac, Windows, Linux, Chrome OS, Android
  • Enable Brave Ads custom push notifications (Disabled) – Enable Brave Ads custom push notifications to support rich media – Mac, Windows, Linux, Chrome OS, Android
  • Allow Brave Ads to fallback from native to custom push notifications (Disabled) – Allow Brave Ads to fallback from native to custom push notifications on operating systems which do not support native notifications – Mac, Windows, Linux, Chrome OS, Android
  • Enable Brave Sync v2 (Disabled) – Brave Sync v2 integrates with chromium sync engine with Brave specific authentication flow and enforce client side encryption Mac, Windows, Linux, Chrome OS
  • Enable Brave News (Disabled) – Brave News is completely private and includes anonymized ads matched on your device. – Mac, Windows, Linux, Chrome OS, Android
  • Enable Brave Wallet (Disabled) – Native cryptocurrency wallet support without the use of extensions – Mac, Windows, Linux, Chrome OS, Android
  • Enable decentralized DNS (Disabled) – Enable decentralized DNS support, such as Unstoppable Domains and Ethereum Name Service (ENS). – Mac, Windows, Linux, Chrome OS, Android
  • Enable IPFS (Disabled) – Enable native support of IPFS. – Mac, Windows, Linux, Chrome OS, Android
  • Enable Crypto Wallets option in settings (Disabled) – Crypto Wallets extension is deprecated but with this option it can still be enabled in settings. If it was previously used, this flag is ignored. – Mac, Windows, Linux, Chrome OS
  • Enable Gemini for Brave Rewards (Disabled) – Enables support for Gemini as an external wallet provider for Brave – Mac, Windows, Linux, Chrome OS
  • Enable SpeedReader (Disabled) – Enables faster loading of simplified article-style web pages. – Mac, Windows, Linux, Chrome OS
  • Enable internal translate engine (brave-translate-go) (Enabled) – Enable internal translate engine, which are build on top of client engine and brave translation backed. Also disables suggestions to install google translate extension. – Mac, Windows, Linux, Chrome OS

Brave Browser Settings Hardening

  • How to get into brave settings? – Type this in the URL: brave://settings/ or Use the 3 lines dropdown symbol and click settings.
  • Setup your profile name and icon.
  • Make brave your default browser.
  • On upon brave startup, Choose: Open the New Tab page.
  • Click on the New Tab Page roll in your settings, And choose: Dashboard.
  • Click on Shields:
  • Advanced instead of simple to view more about the trackers and ads you block.
  • Make trackers and ads: Aggressive.
  • Upgrade connections to HTTPS (enabled).
  • Block scripts (disabled). (Enabling this will block alot of websites)
  • Cookie blocking (Only cross-site).
  • Fingerprint Protection (Strict, may break sites).
  • Click on social media blocking settings and disable everything.
  • Click on privacy and security settings:
  • Autocomplete searches and URLs (Disable)
  • WebRTC IP Handling Policy (Disable Non-Proxied UDP)
  • Use Google services to push messaging (Disable)
  • Allow privacy-perserving product analytics (P3A) (Disable)
  • Allow send daily usage ping to Brave (Disable)
  • Help improve Brave's features and performance (Disable)
  • Enable on clear browsing data and click on the tab that says, “On Exit”, Make everything enabled.
  • Enable on Cookies and other site data, In “General Settings”, Choose “Block third party cookies”.
  • Enable “clear cookies and site data when you close all windows”.
  • Enable “send do not track request with your browsing traffic”.
  • Enable “Standard Protection”.
  • Enable “Always use secure connections”.
  • Enable “Use secure DNS”, And choose custom. Register at NextDNS.
  • Click on “Site and Shields Settings”:
  • Location Permissions: Disable
  • Camera: Disable
  • Microphone: Disable
  • Notifications: Disable
  • Motion Sensors: Disable
  • Clipboard: Disable
  • Virtual Reality: Disable
  • Click on “Search engine” setting:
  • Delete all the other search engines, Except Startpage, Brave Search, And DuckDuckGo. (Incase you want the top 3 privacy search engine to switch between!)
  • Click on “Extensions” setting:
  • Allow google login for extensions: Disable
  • Hangouts: Disable
  • Media Router: Disable
  • Private Window with Tor: Disable (Brave with tor doesn't feel right, Just download the tor browser seperate. It also had a dns leaks when using brave with tor also. You can do your own research about that issue.)
  • WebTorrent: Disable
  • Widevine: Disable (Enable, If you watch netflix or any other streaming website)
  • Click on “Wallet” setting:
  • Default cryptocurrency wallet: none
  • Click on “IPFS” setting and disable everything.
  • Click on “Autofill” setting and disable everything.
  • Click on “Help tips” setting and disable Show Wayback Machine prompt on 404 pages.
  • Click on “System” setting and disable Continue running background apps when Brave is closed.
  • Disable Use hardware acceleration when available.

Brave Browser Ad-Block Hardening Settings

  • How to get into brave custom adblock? – Type this in the URL: brave://adblock/ or Use the 3 lines dropdown symbol and click Brave adblock.

⚠️ This will help built-in brave ad-blocker add more domains for ads and tracking blocking.

  • Enable “Easylist-Cookie List – Filter Obtrusive Cookie Notices”.
  • Enable “Fanboy Annoyances List”.
  • Enable “Fanboy Social List”.
  • Enable “ABP X Files”.
  • Enable “uBlock Annoyances List (used with Fanboy Annoyances List)”.
  • Scroll down to “Subscribe to filter lists” and enter this custom url: https://block.energized.pro/unified/formats/domains.txt (This may break a lot of websites, So use it with caution)

Brave Browser NextDNS Hardening

  • Login and go to denylist to block the domains that collect user data on you. Once these brave analytics is blocked. It should not collect information on you.
  • brave-core-ext.s3.brave.com
  • static1.brave.com
  • laptop-updates.brave.com
  • variations.brave.com
  • grant.rewards.brave.com
  • api.rewards.brave.com
  • rewards.brave.com
  • p3a.brave.com

December 16, 2021

In this blog, Recent news of Apple opening up to right to repair and supplying third party repair shops with parts and training to do repairs on their devices.

December 16, 2021

In this blog, I will show you how to install cordless, a terminal based discord client, you can view the github repository here: https://github.com/Bios-Marcel/cordless

If you want to build from source like I did in this blog, you'll first need to install GO from: https://golang.org/dl/

once you download the tar extract it to /usr/local sudo tar -C /usr/local -xzf go1.14.5.linux-amd64.tar.gz

then export it to your path

export PATH=$PATH:/usr/local/go/bin

then download and build cordless with this command

GO111MODULE=on go get -u github.com/Bios-Marcel/cordless

if you want to be able to use cordless from anywhere in your terminal you should copy the cordless binary from go/bin into /usr/local/bin

December 16, 2021

The Mexico government has recently passed a law that would make hardware and software modifications of your electronic devices illegal. This means certain activities like installing a non oem OS to your PC (Linux & bsd to a store bought computer, illegal. Running a modified ROM or loading APKs from sources outside of the google store illegal. Using offbrand printer ink or kcups illegal. Reverse engineering software and using “hacking” tools on them to understand what they do and find security vulnerabilities for research purposes illegal.

Links to articles:

Spanish: https://www.xataka.com.mx/legislacion-y-derechos/reparar-tu-smartphone-instalarle-rom-sera-delito-mexico-nueva-ley-que-proteje-candados-digitales-explicada

English translate with google translate: https://www-xataka-com-mx.translate.goog/legislacion-y-derechos/reparar-tu-smartphone-instalarle-rom-sera-delito-mexico-nueva-ley-que-proteje-candados-digitales-explicada?_x_tr_sl=es&_x_tr_tl=en&_x_tr_hl=en-US

December 16, 2021

In this blog, I will tell you how to secure your home wi-fi network, starting with basic things like enabling strong encryption with a powerful password.

Encrypt your network: Encrypting scrambles the information sent through your network. That makes it harder for other people to see what you’re doing or get your personal information. You encrypt your network by simply updating your router settings to either WPA3 Personal or WPA2 Personal. WPA3 is the newer — and best — encryption available, but both will work to scramble your information.

Older Router? No WPA3 or WPA2 options on your router? Older routers have WPA and WEP, which are outdated and not secure. If those are the only options listed, try updating your router software. Then check again to see if WPA2 or WPA3 are available. If they’re not, consider getting a new router to keep your information secure.

Change your router’s preset passwords: Some routers come with preset passwords out of the box. But hackers can easily find these passwords, so it’s important to change them to something more complex. There are two passwords on your router that you’ll need to reset.

1. The Wi-Fi network password: this is the one you use to connect your devices to the network. A unique and secure Wi-Fi network password prevents strangers from getting onto your network.

2. The router admin password: this is the one that lets you into the administrative side of the device. There, you can do things like change settings (including the Wi-Fi network password). If a hacker managed to log into the admin side of your router, the hacker could change the settings (including your Wi-Fi password). That would undo any other security steps you may be taking.

To find instructions for changing your router’s admin and network passwords, first, find the name of your router’s manufacturer. Then go online and search for “how to change [your router manufacturer] admin password” and “how to change [your router manufacturer] Wi-Fi network password.” Still having trouble? Contact the manufacturer directly.

Keep your router up to date: Before you set up a new router or make updates to your existing one, visit the manufacturer’s website to see if there’s a newer version of the software available for download. To make sure you hear about the latest version, register your router with the manufacturer, and sign up to get updates. If you got your router from your Internet Service Provider (ISP), like Verizon or Comcast, check with your ISP to see whether it sends out automatic updates.

Turn off “remote management,” WPS, and Universal Plug and Play (UPnP) features: Some routers have features that can be convenient but weaken your network security. For example, remote access to your router’s controls allows you to change settings over the web. WPS lets you push a button on the router to connect a device to the internet instead of entering the network password. Lastly, UPnP lets your devices find each other on the network. These features may make it easier to, say, add devices to your network or let guests use your Wi-Fi — but they can make your network less secure.

Set up a guest network: Many routers let you set up a guest network with a different name and password. It’s a good security move for two reasons:

  1. Having a separate login means fewer people have your primary Wi-Fi network password, and

  2. In case a guest (unknowingly) has malware on their phone or tablet, it won’t get onto your primary network and your devices.

Log out as administrator: Once you’ve set up your router or are done changing settings, don’t forget to log out as administrator. When you’re logged in as administrator, you can change passwords and otherwise manage settings that control the security of your network. If a hacker got into your administrator account, they could easily get into your network and devices.

Protect your devices: Just as hackers can get to your data through unsecured networks, they can also get to your network through unsecured devices. To find tips on locking down your devices, read about keeping your devices secure.

Protect your router with firewall: Enabling a firewall will protect you from most hackers and from the outside world, If your router supports enabling firewall or port scan protection + dos protection.

December 16, 2021

In this blog, I will discuss how to secure DNS from those who may want to snoop on your DNS queries. I use NextDNS for the setup, but you can also use AdGuard or a more self-hosted approach Pi-Hole.

Check if QNAME minimisation is enabled:

dig +short txt qnamemintest.internet.nl

Check how secure you are against attacks:

Conclusion:

This is all checked for me, This is only for cloudflare 1.1.1.1 DNS. I use NextDNS, As they do not detect other dns providers. But still detect the other security features i have enabled in my browser.

Enter your email to subscribe to updates.