From bogus@does.not.exist.com Tue Jun 21 04:55:03 2011 From: bogus@does.not.exist.com () Date: Tue, 21 Jun 2011 11:55:03 -0000 Subject: No subject Message-ID: keystroke-logging software to unscramble confidential email messages. Investigations by Aliso Viejo, California-based eEye Digital Security Inc suggest that Network Associates' PGP Desktop Security 7.0.4, PGP Personal Security 7.0.3 and PGP Freeware 7.0.3 products are susceptible. For the rest of this article go to: http://www.theregister.co.uk/content/55/26184.html also - http://www.wired.com/news/technology/0,1282,53782,00.html Security-news note: This is NOT a flaw in PGP itself, this is a flaw in the use of the PGP plugin by Outlook. To remedy this, de-install the Outlook plugin for PGP and use a manual encrypt rather than the auto-feature in Outlook. ***** How To: Defensive Strategies - How to Limit WWW Search Exposure by kendra at resist.ca ***** There's this irritating language trend out there these days - which is using the word "google" as a verb - as in - "I googled myself" or "I googled my new partner to see what i could find out about them". Essentially what this means is to put yourself or another person's name into a search engine to see what turns up. The fact that "google" is now being used as a verb like this speaks not only to the awesome dominance that Google has in the search engine scene, but really to the fact that the act of finding out information about individuals through simple www search engines is remarkably commonplace these days. If you haven't ever searched for data on yourself using your full name, I suggest you go take a try at it right now.... If there's nothing out there on you yet - excellent! It means you're either new to the web or just good at covering your tracks. Most people who use the web regularly however will find this is not the case. It's surprising how much data comes back when you conduct a simple search. This is data that not only may be of interest to a new partner or an employer - but also the police or other investigators trying to analyze your habits or those of the activist community. A lot of online information about you may be out of your immediate control, but there are ways to limit what others can find. * It's good to periodically do Internet searches on your name and regular email address to see what turns up. Use mutliple search engines, since different engines catalogue different data. If there is information that you prefer not to have publicly available, contact the site owner. Search engine databases will typically reflect the changes within six to eight weeks. * When making postings to the Internet, Usenet discussion groups or e-mail lists that archive messages, use a nickname or an alias rather than your full name. You may want to post from an email address that is not publically associated with your legal name. * Take steps to prevent a personal Web site or Weblog from being noted by the robotic programs that "crawl" and index the Web (for example, a family Web page that you want only friends and family members to see). Information on how to do that is available at http://www.robotstxt.org * If you sign a petition online, understand that the information could become public and searchable on the Internet. Online petitions are largely ineffective anyway, so there's not much reason to be signing them with your legal name. * If you want to put personal photos on the Internet, consider using an online photo service that can "share" photos with families and friends using a password but are not indexed for search engines. * If you are handling information or photographs that involve other people - GET THEIR PERMISSION FIRST. * Remember that e-mail sent in confidence can be forwarded, intentionally or inadvertently, and even wind up on the Web. If you want to protect yourself from email forwarding - USE PGP and the Secure Viewer option when encrypting your mail. For more information on PGP and how to use it - check out http://security.tao.ca For more on this topic: http://www.nytimes.com/2002/07/25/technology/circuits/25GOOG.html?todayshead *************************************************************** Security-news Good security is no substitute for good sense! To unsub go to http://resist.ca/mailman/listinfo/security-news *************************************************************** From bogus@does.not.exist.com Tue Jun 21 04:55:03 2011 From: bogus@does.not.exist.com () Date: Tue, 21 Jun 2011 11:55:03 -0000 Subject: No subject Message-ID: four actions against hunting clubs and one action against a Food and Drug Administration building in Maine. The actions essentially boil down to break and enter, spray painted walls, broken windows and doors, and stolen stuffed animal heads, which were returned to their natural environment to rest in peace according to the Communique received by the Press Office. Chronology In July 1999 I took over the ALF Press Office and became the North American spokesperson. The actions in Maine were some of the first I worked on in my new role, giving interviews to Maine media outlets in Sept. 1999. Four months later on Jan. 23, 2000 Kennebec County Sheriff Everett Flannery made a request for a search to be conducted against my home. On Oct. 11, 2000 and on May 14, 2001 supplemental requests for a search were made by U.S. authorities to the Canadian Minister of Justice. Almost one year later, on May 07, 2002, the Canadian Justice Minister approved the request, and two and a half months after that on June 25 RCMP Cpl. Derrick Ross swore out an Information to Obtain a Search Warrant which was approved and signed by Associate Chief Justice Patrick Dohm of the BC Supreme Court. (Dohm was recently in the news regarding another search warrant he signed against a former Premier of British Columbia. In that instance, RCMP officers traveled to California where Dohm was vacationing at the time to obtain his signature for the warrant, apparently wanting to ensure they got the warrant signed. Dohm is known for being extremely conservative; perhaps another Justice might have refused their request.) (Perhaps not-so-coincidentally, Dohm was also the Justice who authorized wiretaps to be placed in my home and vehicle back in 1996 in regard to an RCMP investigation of mail bombs sent to fascists and razor-blade letters sent to hunters. Charges of sending razor-blade letters to BC guide outfitters were laid in 1998 but dropped in 2000 for lack of evidence and because the RCMP did not want to disclose critical information as ordered to by a judge.) On July 30, 2002 the Search Warrant was executed by four INSET members and five Vancouver Island based RCMP members. It must be noted that I am neither charged nor under investigation for any actions or crimes in either country. "I have no real interest in Barbarash at all," said Sheriff Flannery. (Comox Valley Record, Aug. 09, 2002) Information to Obtain To secure a Search Warrant an officer must swear out an Information to Obtain, upon which a judge will make the determination if he/she will authorize a search and seizure. The Information will spell out the crimes being investigated, the connection the person to be searched has to the investigation, the list of items to be searched and seized, and all supporting documentation. Usually there must be fairly strong evidence to suggest the person to be searched is connected in some way with the actual crime, and there must be strong supporting documents and/or affidavits included, as the Information to Obtain is the only report the judge looks at to make a decision. In this situation there is only one document connecting me to the events in Maine: a single newspaper article published by Blethen Maine Newspapers on Oct. 05, 1999 after I gave an interview to reporter Dennis Hoey. That's all there is - one newspaper article, which quotes me as saying basically the same things I've said hundreds of times in the past three years in my role as ALF spokesperson. This was apparently enough to get an authorization for a search warrant. The Grounds for Belief in the Information to Obtain as presented by Cpl. Ross consist of twelve paragraphs: eight lay out the minor offences being investigated, two deal with my current address and phone numbers, and two read as follows: "In Sept. 1999, Dennis Hoey of the Blethen Newspapers in Brunswick, Maine wrote a newspaper article about the attacks. Attached hereto and marked as Exhibit "B" is a copy of Mr. Hoey's article. In that article, Mr. Hoey writes that David Barbarash relies on Animal Liberation Front anonymous letters and videotapes to publicize the groups activities. "Furthermore, Mr. Hoey advised Detective Sergeant Turcotte that David Barbarash had sent a press release claiming that Barbarash had received some form of communication from the Animal Liberation Front activists in Maine relating to the criminal activities that they had committed at the Rod & Gun Clubs in Maine." My role as spokesperson means that I will usually receive some form of communication from ALF activists following an action or raid where a claim of responsibility is made, which is what happened with these Maine incidents. I then draft a press release, which would include the Communique, and send it out to local media where the action took place. I am then available for media interviews to discuss the tactics and philosophy of the ALF, and the animal abuse being highlighted in the action. And that's it, end of story. The newspaper article submitted as Exhibit "B" states, in part: "David Barbarash, North American spokesman (sic) for the animal rights organization, said Monday that acts of vandalism should be expected for groups that harm or torture animals. "'I think they will continue their activities, but not necessarily against sportsmen's clubs,' said Barbarash, who lives in Vancouver, B.C. 'Sportsmen's clubs are just one target of many.' "Barbarash, who says he never communicates directly with activists, relies on their anonymous letters and videotapes to publicize the groups activities. "Barbarash said the Maine activists told him they stole stuffed animals from one of the clubs so they could be 'returned to their natural environment to rest in peace.' "The group targeted the sportsmen's clubs because - as Barbarash said the group told him in its recent communique - 'they are hangouts for killers and must be destroyed.'" It is an outrage that the type of invasion and harassment which I've been subjected to can take place against a spokesperson, the messenger, who has nothing at all to do with any illegal direct actions in the role as media liaison. I am neither aware of any action prior to its occurrence, nor am I aware of the identities of any ALF activist. The type of communication I receive from activists is anonymous and one-way. It is even more of an outrage that the actions warranting this type of harassment are nothing more than minor property destruction offences, and it is pouring salt deeper into the wound to discover that a solitary newspaper article can stand alone as the sole supporting document giving a judge enough of a basis to issue a search warrant. Indeed, the apparent crimes in Maine are of a political nature and are more appropriately classified as economic sabotage, a political strategy used by social justice activists for centuries. In this era of "smoking out the terrorists," economic sabotage, or non-violent property damage done for political reasons, is now egregiously labeled "terrorism." B.C. Civil Liberties Association spokesperson Murray Mollard commented, "It raises the question what is terrorism? This would not be the kind of action we consider terrorism. (The raid) appears to be using a criminal matter to permit the United States to come into Canada. It's an expansion of authority on what is essentially a criminal issue." (Comox Valley Echo, Aug. 09,2002) Search Warrant The Search Warrant called for a shopping list of items to be seized, including: - photos, negatives, videos, and cameras - computers, computer disks, software and hardware - paper files, address books, phone records, lists of names of ALF activists - maps of past or future ALF targets and ALF members' residences - records of disposition of funds between myself and ALF activists The key to this list is that all items to be seized must be related to "activities or members of the Animal Liberation Front in the State of Maine." How then, one might ask, are the following seized items related to the investigation or covered by the Warrant: - notes from the kitchen table with instructions to friends on feeding our cats and watering our garden while away on vacation - an address book belonging to my housemate - U.S. postal mail bags (received as "M Bag" mail) - A.L.F. 2001 Direct Action Report, a publicly available document - numerous videotapes of publicly available documentaries regarding animalrights, environmental, and social justice issues - videos, documents, and computer files seized by the RCMP in a previous raid in 1997 and later returned after the conclusion of the previous campaign ofharassment - a report I produced for my lawyer in 2000 documenting a covert RCMP/NSIS (National Security Investigation Section) undercover operation used against me from 1995 - 1997 (an operation documented by personal notes and videos, and RCMP documents and reports, which attempted to set me up to burn down a building) In a Briefing Note filed by INSET member Sgt. Frank Martino on July 31, 2002, he lists upfront some of the items seized, seemingly indifferent to their apparent disassociation from the criteria listed in the Search Warrant. In fact, the only item that might have any connection are phone bills from 1999 showing calls made to Maine. Now the RCMP have an extensive collection of fax and phone numbers for Maine media outlets! In addition to stealing items they didn't even have the authority to take by their own rules, a callous and ruthless attitude was evident in the wake of the raid. Aside from the unnecessary smashing of my front door, several rooms were literally upturned. Files and garbage were strewn about my office and personal letters were removed from files and placed open around the room. Our friends were questioned, threatened, and harassed when they arrived to feed the cats, and our indoor cats were let outside to fend for themselves. The day following the raid the RCMP released my name and address to the media even though I had not been charged with any crime, contrary to their own policy. They did this knowing I had previously filed a complaint when I received implied death threats (bullets left on my car) and verbal attacks and threats from hunters in the Fall of 2000 after hunters invaded an animal rights video night I was hosting in Courtenay. One of my biggest fears then, and now, and which I made very clear in my complaint, was that these hunters would discover my home address. It seems the RCMP are not concerned with threats of violence against people they don't like, and are apparently willing to help facilitate such violence. There is little doubt in my mind that the real reasons behind this raid have very little to do with minor actions in Maine three years ago. The RCMP, now with the overt complicity of U.S. law enforcement, are continuing their campaign of harassment against the ALF's most vocal and visible supporter. The police know that I don't have any information to help identify ALF activists; this is nothing more than a case of shooting the messenger. Although the bullets being used are in the form of search and seizures, the real damage is in the form of attempting to disrupt my life and my work, and attempting to increase the stress in my life. B.C. Supreme Court Hearing On Sept. 24 a hearing will take place in B.C. Supreme Court in Vancouver to discuss the Warrant and its execution. As well, an order will be sought by U.S. authorities to send the seized items to Maine. Through my lawyer I will be fighting back, and I will be seeking an order to quash the Warrant based on flimsy and non-existent grounds for conducting the search, and also, an order will be sought for the return of all my property. In addition, I'll be making a formal complaint to the RCMP Public Complaints Commission concerning the raid and its execution, the needless and inappropriate damage to my residence, the seizure of items not listed in the Warrant, the harassment of my friends, the release of my cats into the outdoors, and the release of my name and address to the media. In the meanwhile, the ALF Press Office is seeking monetary donations to help cover our legal expenses, and to help cover the cost of replacing computers and software. Donations and requests for more information can be sent to P.O. Box 3673, Courtenay, BC V9N 7P1 Canada, or write us at naalfpo at tao.ca or call 250-703-6312. On a final note, there is one thing that we must be clear on. This raid was not about animal rights issues or actions, this raid was about how we all have lost a large chunk of basic civil liberties and human rights. It's about how we really do live under the rule of a police state where it's no longer allowable to speak your mind or express beliefs which oppose oppression, and which challenge the corporate/military governments. To do so risks police raids, possible arrest and lengthy jail terms. For many of us, we've understood and watched the erosion of our freedoms for many years, and we've become very alarmed at how this deterioration has increased drastically since Sept. 11, 2001. And yet, still it takes a major police action, like this latest raid, for the concept to really sink in. Our "western civilization" is nothing more than a glorified prison. This is it. The time is now. This is our life, and how events unfold in our lifetime will be the difference between a life of freedom for all or a life lived under the boot of fascism. The police state is here; do we live, and fight, on our feet? Or do we die on our knees? Drastic words, perhaps, but what kind of world do we really want to live in? SIDEBAR: Insidious INSET By David Barbarash The RCMP used a post-Sept. 11 newly formed anti-terrorist team to raid the home of Animal Liberation Front spokesperson David Barbarash on July 30, 2002. Formed in June, less than two months before the raid, four multi-agency Integrated National Security Enforcement Teams (INSETs) will use the premise of "national security" to invade people's homes and attempt to disrupt lives even when no crimes have been committed. >From an RCMP Press Release issued June 18, 2002: "(INSET) will help ensure early detection and prevention of any potential threats to national security. The importance of greater integration of resources and intelligence has been heightened by the reality of terrorism since the tragic events of September 11th, 2001. "Through shared federal, provincial and municipal resources - the INSET members will be better able to track and put a stop to the criminal activities (major or minor offences) of terrorist groups or individuals who pose a threat to Canada's national security. This type of increased capacity will enable INSET members to work with their partners nationally and internationally towards the common goal of detection and disruption of potential terrorist threats. "The Integrated National Security Enforcement Teams (INSETs) will apply Canada's laws, acts and regulations, and the new anti-terrorist legislation to assist in the early detection and disruption of any actual or intended terrorist acts. This integrated approach between intelligence and enforcement groups at the early stages of criminal activity has proven to be a highly effective model for successful prosecution." INSET has field offices in Vancouver, Toronto, Montreal, and Ottawa, and integrates law enforcement officers from the RCMP, provincial police in Ontario and Quebec, and major metropolitan police forces. It will share information with CSIS (Canadian Security and Intelligence Service), immigration officials, and international police forces. RCMP Superintendent Wayne Pilgrim says the new agency is also ready to use new counter-terrorist laws, including the power to make preventive arrests to stop terrorists from carrying out attacks. "We basically operate on the premise of prevention, and that's either through prosecution or disruption.... whatever means are provided to us within the legal framework that we can operate," he said. (CBC, June 20,2002) *************************************************************** Security-news Good security is no substitute for good sense! To unsub go to http://resist.ca/mailman/listinfo/security-news *************************************************************** From bogus@does.not.exist.com Tue Jun 21 04:55:03 2011 From: bogus@does.not.exist.com () Date: Tue, 21 Jun 2011 11:55:03 -0000 Subject: No subject Message-ID: with rules that block them from spying on people and groups without evidence that a crime has been committed. They say these rules, forced on them in the 1970's and 80's to halt abuses, now prevent them from infiltrating mosques and other settings where terrorists might plot. At the same time, federal and local police agencies are looking for systematic, high-tech ways to root out terrorists before they strike. In a sense, the scuba dragnet was cumbersome, old-fashioned police work, albeit on a vast scale. Now officials are hatching elaborate plans for dumping gigabytes of delicate information into big computers, where it would be blended with public records and stirred with sophisticated software. In recent days, federal law enforcement officials have spoken ambitiously and often about their plans to remake the F.B.I. as a domestic counterterrorism agency. But the spy story has been unfolding, quietly and sometimes haltingly, for more than a year now, since the attacks on the World Trade Center and the Pentagon. Some people in law enforcement remain unconvinced that all these new tools are needed, and some experts are skeptical that high-tech data mining will bring much of value to light. Still, civil libertarians increasingly worry about how law enforcement might wield its new powers. They say the nation is putting at risk the very thing it is fighting for: the personal freedoms and rights embodied in the Constitution. Moreover, they say, authorities with powerful technology will inevitably blunder, as became evident in October when an audit revealed that the Navy had lost nearly two dozen computers authorized to process classified information. What perhaps angers the privacy advocates most is that so much of this revolution in police work is taking place in secret, said Cindy Cohn, legal director of the Electronic Frontier Foundation, which represented Reef Seekers. "If we are going to decide as a country that because of our worry about terrorism that we are willing to give up our basic privacy, we need an open and full debate on whether we want to make such a fundamental change," Ms. Cohn said. But some intelligence experts say that in a changed world, the game is already up for those who would value civil liberties over the war on terrorism. "It's the end of a nice, comfortable set of assumptions that allowed us to keep ourselves protected from some kinds of intrusions," said Stewart A. Baker, the National Security Agency's general counsel under President Bill Clinton. Tearing Down a Wall The most aggressive effort to give local police departments unfettered spying powers is taking place in New York City. It was there 22 years ago that the police, stung by revelations of widespread abuse, agreed to stop spying on people not suspected of a crime. The agreement was part of a containment wall of laws, regulations, court decisions and ordinances erected federally and in many parts of the country in the 70's and 80's. The F.B.I.'s spying authority was restricted, and the United States' foreign intelligence agencies got out of the business of domestic spying altogether. States passed their own laws. On the local level, ordinances and consent decrees were enacted not just in New York but also in Los Angeles, Chicago, San Francisco and Seattle. In the years since, these strictures have "become part of the culture," Mr. Baker said. But the wall is under attack. Last month, a special appeals court ruled that the sweeping antiterrorism legislation known as the U.S.A. Patriot Act, enacted shortly after the September 2001 attacks to give the government expanded terror-fighting capacity, freed federal prosecutors to seek wiretap and surveillance authority in the absence of criminal activity. In Chicago last year, a federal appeals court threw out the agreement that restricted police surveillance. Some officials in Seattle would like to follow suit, saying they are effectively sidelined in the terrorism war. In New York, the Police Department has sued in federal court in Manhattan to end the consent decree the department signed in 1980 to end a civil rights lawsuit over the infiltration of political groups. Attorney General John Ashcroft and New York's police commissioner, Raymond W. Kelly, say the wall is a relic - unnecessary and, worse, dangerous. David Cohen, the former deputy director of central intelligence who is now the Police Department's deputy commissioner for intelligence, argues that the consent decree's requirement of a suspicion of criminal activity prevents officers from infiltrating mosques. "In the last decade, we have seen how the mosque and Islamic institutes have been used to shield the work of terrorists from law enforcement scrutiny by taking advantage of restrictions on the investigation of First Amendment activity," Mr. Cohen said in an affidavit. The police in other cities cite the same need. "We're prohibited from collecting things that will make us a safer city," said Lt. Ron Leavell, commander of the criminal intelligence division of the Seattle police. Mr. Cohen did not argue in his affidavit that the authorities, if unshackled, could have prevented the Sept. 11 attacks. But he did suggest that the F.B.I.'s failure to dig more deeply into the information it had before the attacks turned on agents' fears that they could not climb the wall. "The recent disclosure that F.B.I. field agents were blocked from pursuing an investigation of Zacarias Moussaoui because officials in Washington did not believe there was sufficient evidence of criminal activity to support a warrant points out how one person's judgment in applying an imprecise test may result in the costly loss of critical intelligence," Mr. Cohen said. Mr. Cohen has also asked that his testimony before the federal court be given in secret, unheard even by opposing lawyers. Last week, a judge told New York City that it needed to present better arguments to justify such extraordinary secrecy. Civil libertarians, frustrated that they cannot draw the other side into a debate, argue that questions about the need for such expanded powers are critical, and far from answered. "Who said you have to destroy a village in order to save it?" asked Jethro Eisenstein, one of the lawyers who negotiated the original consent decree. "We're protecting freedom and democracy, but unfortunately freedom and democracy have to be sacrificed." Even the police are far from unanimous about how intrusive they must be. The Chicago police, who have been free from their consent decree for nearly two years, say they have yet to use the new power. The Los Angeles police have made no effort to change their guidelines. "I have not heard complaints that the antiterrorist division has been inhibited in its work," said Joe Gunn, executive director of the Los Angeles Police Commission. A joint Congressional inquiry into intelligence failures before Sept. 11 concluded that the failures had less to do with the inability of authorities to gather information than with their inability to analyze, understand, share and act on it. "The lesson of Moussaoui was that F.B.I. headquarters was telling the field office the wrong advice," said Eleanor Hill, staff director of the inquiry. "Fixing what happened in this case is not inconsistent with preserving civil liberties." `It Smacks of Big Brother' The Congressional inquiry's lingering criticism has added impetus to a movement within government to equip terror fighters with better computer technology. If humans missed the clues, the reasoning goes, perhaps a computer will not. ***** How to: Data security for Linux power users By Thomas C Greene in Washington 07/11/2002 - https://theregister.co.uk ***** (we ran the first security howto on this topic in issue #10 of security-news) A couple of months ago I wrote a security howto for Linux newbies, the goal of which was to help people achieve decent security using easy and safe techniques. Now it's time to address you power users out there, by which I mean people comfortable with the command line, using a text editor from the console, and tweaking configuration files -- people confident enough in their ability to recover from unpleasant surprises to take a bit of risk with their systems in the interest of securing their data and their privacy. I'll get into the Linux home network soon in a forthcoming article with our John Lettice. For now I'll concentrate on data hygiene and on-line anonymity. Why? because your Linux box is literally peppered with data traces indicating the Web sites you've visited, the files you've uploaded and downloaded, and every file you've recently accessed. You think encryption is the way to go? Think again. It's only as private as your passphrase is strong. It may be impractical for a remote attacker to crack it, but a brute-force attack is quite plausible for someone who has physical possession of your box and plenty of time. Like a police forensics lab, say. We used to worry chiefly about people in neurotic countries like China and Saudi Arabia, where the mere possession of forbidden information or politically inconvenient materials can result in criminal action. But now, in the wake of the 9/11 atrocity, we in the enlightened West have narrowed the gap. In Europe there is a movement underway to mandate data retention for all carriers. In the USA electronic surveillance orders which used to require a judge's approval are now available for the asking. Black bag jobs are going mainstream. Librarians have been conscripted into rat duty for the Ashcroft/Ridge Black and Tans, and risk prosecution if they so much as whisper about the loathsome things they're now forced to do in the name of Homeland Security. A recent report by the FISA (Foreign Intelligence Surveillance Act) court of appeals found that the FBI had lied like children about their evidence on over seventy recent occasions to get surveillance warrants they weren't entitled to, and that all happened before 9/11. Western governments are exploiting 9/11, making every move towards authoritarianism that they can get away with, and will only continue to test the waters and grant themselves ever more authority to regulate our lives and supervise our private affairs. The convenient myth of cyber-terrorism is never far removed from the rhetoric of bureaucrats and politicians. The momentum is all wrong, and building steadily. So for these reasons we need strict data privacy and on-line anonymity. Unfortunately, the Internet and the personal computer are designed for the storing and exchanging of data, not for its security. You think your Linux box is somehow more secure than a Windows machine? Think again. The beauty of Linux is its modularity; but this is also its curse. There are so many possible configurations that securing it is considerably more challenging than securing Windows (though the ultimate result will be better if you know what you're doing). Therefore we'll be dealing with only one filesystem, only one browser, only one desktop. To attempt more would require me to write a book, not an article. Forget journaling Everyone is talking about the journaling file systems for Linux: ext3, ReiserFS, XFS and JFS, etc. If uptime is job one for you, these are the way to go (my personal faves from a performance POV are Reiser and JFS, incidentally). But if security and data hygiene are your priorities, then there is only one way to go: ext2. The journal is a little treasure chest of data about your data. Get rid of it. Now, Reiser, XFS and JFS are designed for performance, and they really do deliver -- JFS in particular IMHO. But consider that they need memory and that this is a significant performance issue for Linux. Some of what you'll lose in data access speed will come back to you in the form of freed RAM, so it's not quite as sad a choice as some would have you believe. Furthermore it is rock solid. But yes, ext2 is generally slower and takes forever to recover from a crash. But if security is your first priority this is a no-brainer. I'll be providing a few homebrew tools for secure data wiping below, but I really can't recommend them on any other filesystem. Unless you're using ext2 you won't be able to exploit them fully. KDE I use KDE, as I hope all you happy Tuxers out there do. If you don't, then I'm not going to be able to help you as much as I'd like; but read on anyway -- there's a lot you can use below. KDE stores an absurd amount of data. Did you think that by disabling the recently-accessed files menu on your desktop via the KDE Control Center you'd no longer have a record of them stored on your machine? I hate to break it to you but KDE dutifully records all of it in a directory called /home/youraccountname/.kde/apps/share/RecentDocuments. Just wipe everything in that directory and change its permissions to read-only. Problem solved. Oh, but there is so much more. Go to /home/youraccountname/.kde/share/apps/ and start nosing around. The sub-directories I'd be most concerned with here are /RecentDocuments, /kbear, /kcookiejar, /konqueror, /krusader, and /noatun. In /konqueror you'll find several files, some of which need to be opened and given the 'select all/delete/save' treatment and their permissions set to read-only, in particular faviconrc and konq_history. I assume you're not foolish enough to bookmark 'dangerous' sites, so leave bookmarks.xml alone for convenience. You can always use Google as a way of avoiding bookmarking and of avoiding typing in the browser's address bar when you're surfing on the wild side. But I can't recommend konqueror as a secure browser because I haven't figured out where it keeps your URL address-bar history (greping for this is going to take days on my machine, sorry), and cookies are not as easily managed as with Mozilla, which we'll be dealing with in detail presently. I haven't used kbear but I suspect that the directory will contain all the details of your uploading and downloading history, so get into that subdirectory and start reading, and if this info is stored give each file the 'select all/delete/save' treatment and set the permissions to read-only. Do the same for any suspicious file in any of the sub-directories mentioned above. /noatun has a file called splitplaylist.xml which can get you into incredible hot water if you've ever opened a KP flick accidentally during your neverending pr0n quest. Now go into /home/youraccountname/.kde/share/cache and do exactly the same as I described above: delete text and change permissions with a vengeance. If you're one of those devil-may-care studs who works exclusively from the root account, then just do all this in /root/.kde/etc... 'Zilla I have a longstanding love/hate relationship with Mozilla. I use it exclusively and accept it willingly, warts and all. It is buggy. It is also quite easy to configure for maximum data privacy and on-line anonymity. But of course you do have to configure it. Let's assume you've installed the latest stable build (and if you haven't, you should). Here are my tips for making it tolerably secure: Go to Edit/Preferences in the drop-down menus and do a thorough walk-through along these lines. Start with Navigator/History. Select zero for "Remember visited pages for the last X days." Clear the location bar history, and come back and do that often. Now go to Helper Applications and disable everything. Next go to Smart Browsing and disable everything. Go to Downloads and tick "Don't open anything." Next go to Mail & Newsgroups and disable everything. Kmail is the only client I recommend for the home user. It imports gnupg easily and defaults to a plain-text display which thwarts worms and malicious scripts. Stick with it unless you really know what you're doing. Now head into Privacy & Security and start with Cookies. Choose "Enable cookies for the originating site only" which thwarts third-party advertisers, and set "Limit maximum lifetime" to "Current session only." Don't worry about cookie-borne passwords, which will be lost whenever you close the browser. You can save some of them (not crucial ones like those for your bank accounts) with the Password Manager. You definitely don't want cookies piling up on your machine. They can reveal your entire browsing history. While you're mucking about here go to "Manage stored cookies" and delete all of them. Do this regularly. Now go to Images and restrict them to those originating from the Web site you're visiting. Magically, a score of irritating advertisements will disappear from your surfing experience. This is also excellent for those times when you want to use the Google cache as a proxy. You won't be fetching images from the ultimate target site and you will therefore not show up in their server logs. When accessing controversial sites it's always a good idea to search via Google and to view only cached pages. This prevents the site name from appearing in your bookmarks, URL history and favicons list; and the Images trick above prevents you from making direct contact. Restricting your cookies to the originating Web site means that only Google will plant one; and setting them to expire with each browser session will prevent the notorious Google cookie from swelling and storing your comings and goings over time. Now go to Pop-ups and reject. Go to Forms and do the same: forget about storing this data; it's evil. You can go to Passwords and store those that aren't important. For example, my login information for the New York Times is stored. Of course my NYT profile identifies me as a 76-year-old Ethiopian grandmother of eight with a keen interest in fine wines and fast cars ;-) Now go to Advanced and disable Java. Go to Advanced/Scripts & Plugins and disable everything there. If you need to use these viral items you can enable them temporarily but you should run without them as much as you can. Now go to Cache. Enable the memory cache and give it as much as you can reasonably spare. Set the disk cache size to zero. While you're about it, click on the button to clear the disk cache. (Later we'll verify that it's empty and make it a read-only file.) The cache is important; it can store immense volumes of your surfing history including images, some of which may be verboten. It is possible in the USA and other neurotic nations to bust any poor bugger for KP possession merely on the basis of images stored in the browser cache. That you may have been deceived into following a link to some sicko Web site will do you no good in court. Child-protective hysteria reigns and you need to protect yourself from it. Finally, go to Networking/Debug and disable the disk cache and enable the memory cache. I don't know what effect this has but it seems prudent. With this setup you're going to have problems with aggressively viral Web sites like MSN and Hotmail which demand all sorts of access to your machine in exchange for the privilege of visiting them. You will have to adjust your cookie, Java and JavaScript permissions for each visit and then restore them when you're finished. You can create a separate profile for occasional unsafe browsing if you wish. Or you can just stay away from these sites, which is what I do. If I can't access a Web site with tight browser settings, then I figure the site in question doesn't need my business. If enough people did this they'd soon ease up on their Java, JS and ActiveX requirements. Now, Mozilla will have graciously recorded your entire http and ftp download history, so we'll need to deal with that. Go to /home/youraccountname/.mozilla/yourprofilename/whatever the next directory is and find downloads.rdf. Give it the old select all/delete/save treatment and make it read-only. Have a look at what's inside history.dat and history.mab. If you don't like what you see, do the same with them. Now go to the subdirectory /Cache and wipe everything inside it. Make this directory read-only too. Snoop around in the /.mozilla directory tree and wipe and/or make read-only any file or directory that makes you even vaguely uneasy. Don't just delete directories. Many of them may be re-created by the application (this is true for KDE too). It's better to empty them and make them read-only. Some files may also have to be present for the app to run properly. Here again, deleting the contents and making it read-only is the better way to go. For information on using proxies for additional on-line anonymity, and numerous other tips, see our previous Linux security article. One last tip: your bash history is a significant convenience that I would hate to see you do without. But pay attention to your commands. Ones like shred -z /home/me/docs/atomic_bombmaking.pdf or DaddyRapesSister.avi are not particularly healthy to keep in history. When it comes to file wipes the GUI is actually safer, and I would recommend using Krusader so there's no history of which files you've shredded. Wiping Now we have a few problems. For maximum security I advise using a non-journaling fs, and I also advise strapping on extra RAM in lieu of using a swap partition. Of course we can wipe the swap partition occasionally; and we can wipe the unused space on our active partitions. Unfortunately there's nothing I know of that will securely wipe the file slack-space on an active Linux fs (readers feel free to come to the rescue here); but I have dashed off three shell scripts which will securely wipe, according to your needs, an entire disk and its contents, only the unused space on an active disk, or a swap partition. I would like to have integrated the script which wipes free space with the one which wipes the swap partition, but the former can be run safely in the background while the disk is in use, while wiping the swap partition may cause applications to crash. It needs to be run separately from the console with nothing else going on. Obviously, wiping an entire disk is something you do from a boot floppy or from a separate HDD in preparation for a new tabula rasa sort of installation. These routines take an incredible amount of time, up to 48 hours for an entire disk of say, 40GB. With the WipeFree script we're overwriting the unused disk space in /root, /var, /home and /tmp with random data, and then overwriting that with zeroes to conceal the fact that we wiped it in the first place. With the WipeAll script we're devastating an entire HDD in basically the same way, but overwriting all data. With the WipeSwap script we're eliminating the contents of an entire swap partition, but I do recommend setting up a Linux box with no swap partition if you can afford enough RAM. I am not aware of any Linux app that absolutely requires disk swapping, though with Windows several will fail to load without disk swapping no matter how much RAM you have (e.g., Photoshop). Each of the scripts would be quite easy to run from the command line. There's no magic here. I'm not a programmer and I don't play one on TV. I've scripted them simply for convenience. For example, you might wish to run WipeFree.sh before going to bed and expect to rise after it's finished. If you did the same from the command line you'd have to wake every three hours or so to switch directories. There are caveats for WipeFree.sh. There is no wiping of file slack space. Using it on a journaling fs is not secure since the journal maintains data about your data. Even using it on an non-journaling fs is only effective if you're truly paranoid and proactive. Your own bad habits can easily defeat it. And then there's the slack space problem. 'Trust nothing, fear nothing' is the best security mantra I can offer. In any event you can download the utilities here. If anyone (like a real programmer, say) wishes to assist me in improving them, by all means please contact me. ?? *************************************************************** Security-news Good computer security is no substitute for good sense! To sub or unsub - http://resist.ca/mailman/listinfo/security-news ***************************************************************