write.privacytools.io

Reader

Read the latest posts from write.privacytools.io.

from Deckard1982 on Technology

Firefox Nightly

There are different branches of Firefox out there, Firefox Stable, Firefox Beta, Firefox Developer Edition, Firefox ESR, and Firefox Nightly. I'm going to go over and cover these branches to ease you in making a decision. I will be covering Firefox only for computers, I won't be covering Firefox for Android/iOS. I also won't be going into much detail, so don't expect a lot to be covered here.

  1. Firefox (Stable Branch)

This the Firefox that is commonly found on a large number of computers. Each new major update brings new additions that improve your browsing experience. With other updates fixing issues and patching vulnerabilities. This branch is good for generally good for anyone who just wants to use Firefox and nothing more. Unlike the beta or nightly branch, updates aren't too frequent. Although an emergency update may be issued quickly, should there be a major problem that warrants one. You can view the release calendar here. Release notes for new major releases can be found here.

  1. Firefox (Beta Branch)

Firefox Beta allows for anyone who's interested, to try out new features for Firefox, these changes usually are moved to the beta branch from nightly. Although not as often as nightly, Firefox Beta is still updated quite frequently and is not recommended for people who just want to browse the web without any unnecessary issues. Only install Firefox Beta if you are willing to help test out features and help refine them before making it to the stable branch. This means you're encouraged to help report any issues that may occur.

  1. Firefox (Developer Edition)

Firefox Developer Edition includes tools useful for web developers, or people studying web development. Other changes are made for web development.

  1. Firefox (Nightly Branch)

Firefox Nightly incorporates code changes daily. This allows you to try out new features that are introduced, or changes to existing features. Nightly is not recommended for anyone who isn't expecting some (or many) things to encounter problems while testing. Again these new features or changes are supplied on a daily basis, so updates are at their most frequent. Use Firefox Stable or Beta is this is too much for you.

  1. Firefox (Extended Support Release)

Firefox ESR is a branch that receives extended support, this branch will generally include critical patches, and will not receive any of the latest features at a regular interval. See here for additional coverage. The ESR branch is usually meant for organizations like businesses and universities, that deploy and maintain on a large scale.

Final words

It all depends on what you want. I usually stick with using the stable release, as I no longer wish to participate in testing new things often. That's all for now.

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

License

 
Read more...

from HyperSphere

Hello again! Last time we talked about how to install and run a Linux distribution, specifically Endeavour OS, but this tutorial will work for every major Arch-based distribution. In this post we'll talk about:

  • How to use the package manager: “pacman”
  • How to use the AUR
  • How to keep your installation up to date

Without further ado, let's get started.

How to use “pacman”

Pacman, short for package manager, is the package manager for Arch Linux and Arch-based distributions. It is my personal favorite package manager for it's simplicity and ease of use, while also being extremely robust. One advantage of Linux over Windows is the way that you install software. In Linux you'll be using a package manager to install your software almost all the time, advantages include:

  • Easy installation of software with just a single command, no more having to download .exe files and installing manually.
  • Simple way to manage software and their updates, no more using outdated software, although you can if you wanted to with just a few configurations.

  • Extra added security assuming you're downloading from a trust and reliable repository. pacman Before we do install or uninstall anything with pacman, let's make our system up to date. Because Arch Linux is a rolling release distribution, you'll get updates as soon as they're available on the repository, so expect frequent updates for all of your software. Follow the mentality of “Install once, update daily.” Unlike non-rolling release distributions, Arch Linux doesn't really have a “version,” like how Centos has Centos 7 or Centos 8; Arch Linux is just Arch Linux, and you shouldn't need to reinstall just to keep your system up to date, just update with pacman and you're good! In order to update your system with pacman, use the command “sudo pacman -Syu”. I'll break down each part of the command so that you can understand it:

  • sudo: this means run the command as the root (admin) user. Because we are upgrading the packages for every user on the system, we need to run the command as root so that the packages can be installed in the correct place. Use “sudo” in front of any command to run the command as the root user.

  • pacman: this is just running the command pacman, our package manager.

  • -Syu: A combination of -S, -y, and -u.

    • -S: synchronize (install/update) packages with the remote repository. Package manager download packages off of repositories, in this case the Arch Linux repos, but you can add your own custom repos too, so long as they work with Arch Linux.
    • -y: refresh and get a fresh copy of the repository database. This is essentially updating our repo database with the remote repo database.
    • -u: upgrades all packages that are out of date according to the repo database. Because we refreshed the database with the -y command, -u will now compare the currently installed software version with the software version in the database, if it is out of date then pacman will update it.

I know that it seems a bit confusing, but honestly you don't even really have to know what the command means. All you need to know that running “sudo pacman -Syu” will update your system, and you should run it daily in order to not fall behind on updates. Because we just did a fresh install of Endeavour OS, depending on how old the ISO was, we might be very far behind on updates, or not at all; you might get only a few updates needed, or a few hundred, in either case, just run the command, proceed by hitting “y,” and go grab a cup of coffee.

Hopefully the update went smoothly and no errors occurred. A reboot of the system is highly recommended as some packages like the Linux kernel needs a reboot for the changes to take effect. Once you reboot, everything should've hopefully booted fine and you should be back on the desktop environment.

Great! Now that our Linux is all up to date, let's learn how to install a single package:

  • sudo pacman -S “package-name”

Easy right? But what if you don't know the package name on hand? We can search for packages by using the command:

  • pacman -Ss “part of package name or description”
    • Notice how we don't need root access in this command because we aren't actually installing anything.

Now let's learn how to uninstall a package:

  • sudo pacman -R(sn) “package-name”
    • The “-sn” is optional, it basically means “uninstall package along with all of it's dependencies that aren't needed by other packages.” For example, let's say a software needs 5 dependencies, and when you installed it, you installed 6 packages, the software itself and it's 5 dependencies. When you uninstall the software with just “sudo pacman -R,” it only removes the software, but not the 5 dependencies. With “sudo pacman -Rsn,” it removes the software, along with the 5 dependencies, assuming the dependencies aren't required by any other package.

That should cover the basic necessities for using pacman! We now know how to install, update, and uninstall. If you need to do anything else with pacman, remember that search engines are always your best friends, unless they're spyware search engines, in which case don't use them. Stackoverflow gets a lot of bad rep but for a beginner user, they're pretty good.

How to use the AUR.

As explained in the last post, Arch Linux comes with AUR support, a community ran repository of software that can't be found on the main repository. If the package on the AUR becomes popular enough, often time it can move from the AUR to the official Arch Linux repos. Keep in mind though that because AUR packages are ran by users and managed by them, it can be risky as some users can be total dickbags and install malware on your machine; although this is extremely unlikely, you should always exercise caution when using the AUR.

There are many ways to install packages from the AUR, but the most popular and easy way is to use an “AUR Helper.” In this case, Endeavour comes with “yay,” a very popular and robust AUR Helper. If you're comfortable with using pacman, using yay will be second nature because a lot of the commands are identical.

In order to install an AUR package, first find the package name. What I like to do is search up “Arch Linux “package-name” on my favorite search engine, and this finds me the package name 99% of the time. Keep in mind that if the package isn't on the AUR but on the official repos, then using yay isn't necessary and pacman will work fine. You can also go to the AUR homepage and search for packages from there.

Once you've found the package name of the package you want to install, installing it is a piece of cake:

  • yay -S “package-name”
    • yay recommends not running yay as root due to permissions issue involving another command makepkg. But don't worry as it will prompt you for the sudo password midway through the installation.

Once the AUR package has been installed, the package is now being managed by pacman,so you can uninstall the package with either “pacman -R(sn)” or “yay -Rsn,” your choice. Keep in mind that yay is basically a front-end to pacman, with support for the AUR. So in theory you could just use exclusively yay for installing, removing, and updating software. But I don't do this because idk I probably have autism. So for the pacman section above, every command listed up there that has the word “pacman” can be replaced with “yay,” but please note that sudo still isn't required as you are using yay now, yay will have it's own way of prompting you for root access

Removing programs with yay is simple, it's the exact same as the pacman command:

  • yay -R(sn) “package-name”

As stated before, you can uninstall packages not installed through yay, with yay. So packages on the main repos installed through pacman can be managed by yay because in a sense yay is just pacman with some extra features like AUR support.

Anyways that should do it for this blog post. Thanks for taking the time to read all of it. I know that it can seem confusing at parts but always remember that this should be fun, but a hassle or a chore. Search engines are your best friend as always, and feel free to contact me with any and all questions you have.

 
Read more...

from HyperSphere

Welcome to the first post of my blog, the HyperSphere! If you read the description, you'll know that this blog will mainly focus on tutorials and articles relating to privacy/security on Linux. I'll try and keep every article as brief as possible with the minimal amount of required prior knowledge.

Without further ado, let's get right into the first tutorial! Because I'll be writing mainly about doing stuff on Linux, I better teach you how to install and use it.

Linux

You've probably heard of Linux before, whether it was from your computer-addicted friend, or your boomer dad, Linux is everywhere and is the backbone of almost every service that you touch and use. Linux powers some of the world's most important servers and companies, and best of all, it's completely open source and is free of telemetry and spyware (I'm looking at you Windows 10...). Now keep in mind I am referring to the Linux kernel being free of spyware, not the distribution (distro) itself, so that is up to your preference. If you're one of those people that refer to Linux as GNU/Linux, you're probably cringing right now at this article, but that's how I call it and you're gonna have to live with it.

Now time for the distribution that I'll be teaching you how to install:

arch

WAIT DON'T LEAVE YET!!!!

I swear there's a really good reason as to why I recommend Arch Linux as a beginner's first distribution: the AUR.

The Arch User Repository, also known as the AUR, is a community repository of software that is made by Arch users, for Arch users. It extremely simplifies the installation of software because almost all well known software, and even some of the niche ones can be found on the AUR, which eliminates having to build the software from source, which is something a Linux newbie shouldn't have to deal with. Pacman is also an extremely robust package manager, and the Arch Wiki is so extensive and full of knowledge that it applies to other distributions as well, but Arch is the main focus.

Now if you don't want to go through the installation process of Arch Linux, which is probably the only “difficult” thing about Arch, you can choose from a wide selection of Arch-based distros that have a GUI installer and also supports the AUR. My personal favorite used to be Antergos, but that distro was discontinued a few months back but luckily a new one has appeared and it seems to be extremely promising:

endeavour

Now Manjaro is an extremely popular distro that is also based off of Arch, but it uses it's own repository and often comes with a lot of programs, which for some might qualify as bloat. So Endeavour in my opinion gives the most pure and pristine Arch Linux experience without the tedious install process.

Steps to install Endeavour OS:

  1. Go to the official Endeavour website and grab the latest ISO from downloads.
  2. Make a bootable USB device using Rufus, choose your USB from the device list, and choose your ISO for the boot selection. If you run UEFI that supports GPT, then select GPT for Partition Scheme, otherwise use MBR. rufusimg
  3. Now that you have a bootable USB drive, plug it in and restart your PC. You need to bring up the boot device selection screen before your operating system starts, the key differs between motherboard manufacturers and laptops, so do some research. For me personally on a HP Laptop, F9 brings up the boot selection screen. Pressing Escape during booting might pause the booting and give you a list of options too. boot
  4. Now that you have booted into the USB, you should hopefully see a screen that says Endeavour OS with a list of boot options, just choose the first option, or the second if you're not running 64-bit. Now you should be inside a fully working live environment running Endeavour OS.
  5. An installation prompt should've popped up the moment you logged into the environment, and because we're assuming that you're not dual-booting, we're going to let the installer do all the partitioning for us. install Click on the second tab of the prompt, and click “Install Endeavour OS to disk.”
  6. The installation process should be fairly straightforward, for the partitions part of the install, just choose erase disk, and set swap to whatever you want, but normally swap isn't needed; 2-4 GB should be a safe bet. part For the users portion, you can use the same password for both your user account and administrator (root) account, just make sure your password is long and secure! Search up “diceware.”
  7. Continue with the install, and wait for the installation process to finish. Go grab a coffee while you wait. installation process Once the install is done, check “restart now” and click done.
  8. Once the computer boots back up, congratulations! You have now successfully installed a Linux distribution that will most likely be the easiest and most enjoyable distribution you'll ever try.

Now I don't expect you to not meet some hurdles while following this tutorial, and that's good! Meeting obstacles is a fantastic way to learn, and you're gonna meet a lot more the more you go into this vast horizon. The only advice that I can give to you is don't give up, and search engines are your best friend; just don't use Google. Duckduckgo should be good for just about everything.

If you have any questions, feel free to contact me via ways listed on the “contact” blog post.

Next post I'll go into details about how to use Arch and Arch-based distros. I'll talk about the package manager, the AUR, software, and various other things that should be useful.

 
Read more...

from thecolorjay

Apt

Configuring Apt.

Using HTTP with Apt.

  • Overwrite /etc/apt/sources.list with the following entries.
sudo nano /etc/apt/sources.list

deb http://archive.ubuntu.com/ubuntu/ bionic main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ bionic main restricted universe multiverse

deb http://archive.ubuntu.com/ubuntu/ bionic-security main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ bionic-security main restricted universe multiverse

deb http://archive.ubuntu.com/ubuntu/ bionic-updates main restricted universe multiverse deb-src http://archive.ubuntu.com/ubuntu/ bionic-updates main restricted universe multiverse

  • Update package list.
sudo apt update -y

sudo apt install apt-transport-https curl debian-keyring -y

Using Tor with Apt.

  • Write the following entries to the /etc/apt/sources.list.d/torproject.list file.
sudo nano /etc/apt/sources.list.d/torproject.list

deb https://deb.torproject.org/torproject.org bionic main deb-src https://deb.torproject.org/torproject.org bionic main

  • Add the Tor Project signing key.
curl https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --import
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
  • Update package list.
sudo apt update -y

sudo apt install apt-transport-tor tor deb.torproject.org-keyring -y
  • Overwrite /etc/apt/sources.list.d/torproject.list with the following entries.
sudo nano /etc/apt/sources.list/torproject.list

deb tor://sdscoq7snqtznauu.onion/torproject.org bionic main deb-src tor://sdscoq7snqtznauu.onion/torproject.org bionic main

Update, upgrade and cleanup packages.

  • Update package list.
sudo apt update -y
  • Upgrade packages.
sudo apt dist-upgrade -y
  • Cleanup packages.
sudo apt autoremove -y

Uncomplicated Firewall

Installing and configuring UFW.

Install packages.

sudo apt install ufw gufw -y

Reset, enable or disable UFW.

  • Reset ufw, and disable start up on boot.
sudo ufw reset
  • Enable ufw, and enable start up on boot.
sudo ufw enable
  • Disable ufw, and disable start up on boot.
sudo ufw disable

Deny, allow or limit all incoming requests by default.

sudo ufw default deny incoming

sudo ufw default allow incoming
  • Limit all incoming requests by default. (Blacklisting with incoming DDoS protection)
sudo ufw default limit incoming

Deny, allow or limit all outgoing requests by default.

sudo ufw default deny outgoing

sudo ufw default allow outgoing
  • Limit all outgoing requests by default. (Blacklisting with outgoing DDoS protection)
sudo ufw default limit outgoing

Disable or enable logging.

  • Disable logging.
sudo ufw logging off
  • Enable low logging.
sudo ufw logging low
  • Enable high logging.
sudo ufw logging high

Deny, allow or limit incoming requests from a specific IP address to any IP address on a specific port.

  • Deny incoming TCP requests from a specific IP address to any IP address on a specific port. (If you're allowing all incoming requests by default)
sudo ufw deny in proto tcp from <ip-address> to any port <port>
  • Allow incoming TCP requests from a specific IP address to any IP address on a specific port. (If you're denying all incoming requests by default)
sudo ufw allow in proto tcp from <ip-address> to any port <port>
  • Limit incoming TCP requests from a specific IP address to any IP address on a specific port. (If you're denying all incoming requests by default, and you require incoming DDoS protection)
sudo ufw limit in proto tcp from <ip-address> to any port <port>

Deny, allow or limit outgoing requests to a specific IP address on a specific port from any IP address.

  • Deny outgoing TCP requests to a specific IP address on a specific port, from any IP address. (If you're allowing all outgoing requests by default)
sudo ufw deny out proto tcp to <ip-address> port <port> from any
  • Allow outgoing TCP requests to a specific IP address on a specific port, from any IP address. (If you're denying all outgoing requests by default)
sudo ufw allow out proto tcp to <ip-address> port <port> from any
  • Limit outgoing TCP requests to a specific IP address on a specific port, from any IP address. (If you're denying all outgoing requests by default, and you require outgoing DDoS protection)
sudo ufw limit out proto tcp to <ip-address> port <port> from any

Display the status, verbose status or numbered status of UFW.

  • Display the status of ufw.
sudo ufw status
  • Display the verbose status of ufw.
sudo ufw status verbose
  • Display the numbered status of ufw.
sudo ufw status numbered

ClamAV

Installing and configuring ClamAV.

Install packages.

sudo apt install clamav clamav-daemon clamav-freshclam clamtk -y

Update database.

  • Update Virus Definitions.
sudo freshclam

Scan for viruses.

ClamAV is able to scan separate files or if necessary entire directories.

  • Scan a file.
sudo clamscan <file>
  • Scan a directory.
sudo clamscan --recursive=yes --infected /home
  • Scan a directory, and remove infected files.
sudo clamscan --recursive=yes --infected /home --remove
  • Scan a directory with files larger than 20Mb.
sudo clamscan --max-filesize=2000M --max-scansize=2000M --recursive=yes --infected /home
  • Scan a directory with files larger than 20Mb, and remove infected files larger than 20Mb.
sudo clamscan --max-filesize=2000M --max-scansize=2000M --recursive=yes --infected /home --remove

AppArmor

Installing AppArmor.

Install packages.

Firejail

Installing and configuring Firejail.

Install packages.

sudo nano /usr/local/bin/firefox

#!/bin/bash /usr/bin/firejail —apparmor —seccomp —private —dns=1.1.1.1 —dns=1.0.0.1 /usr/bin/firefox -no-remote -private-window

sudo chmod +x /usr/local/bin/firefox

That’ll set it up so that by default, your Firefox profile will erase itself completely when you’re done with it.

After this, you’ll want to create a launcher for each of your sandboxed Firefox profiles using Firejail.

  • Create a launcher for your Firefox Personal profile.
sudo cp /usr/share/applications/firefox.desktop /usr/share/applications/firefox-personal.desktop

firefox-personal

firejail --apparmor --seccomp --private=/home/user/Desktop/Firejail/Firefox/Personal --dns=1.1.1.1 --dns=1.0.0.1 firefox -no-remote -private %u
  • Create a launcher for your Firefox Work profile.
sudo cp /usr/share/applications/firefox.desktop /usr/share/applications/firefox-work.desktop

firefox-work

firejail --apparmor --seccomp --private=/home/user/Desktop/Firejail/Firefox/Work --dns=1.1.1.1 --dns=1.0.0.1 firefox -no-remote -private %u
  • Create a launcher for your Firefox Banking profile.
sudo cp /usr/share/applications/firefox.desktop /usr/share/applications/firefox-banking.desktop

firefox-banking

firejail --apparmor --seccomp --private=/home/user/Desktop/Firejail/Firefox/Banking --dns=1.1.1.1 --dns=1.0.0.1 firefox -no-remote -private %u
  • Create a launcher for your Firefox Shopping profile.
sudo cp /usr/share/applications/firefox.desktop /usr/share/applications/firefox-shopping.desktop

firefox-shopping

firejail --apparmor --seccomp --private=/home/user/Desktop/Firejail/Firefox/Shopping --dns=1.1.1.1 --dns=1.0.0.1 firefox -no-remote -private %u

This will set it up in the same way that Firefox Multi-Account Containers would, only you're sandboxing everything with Firejail.

WireGuard

Installing and configuring WireGuard.

Install packages.

  • Add WireGuard repository.
sudo add-apt-repository ppa:wireguard/wireguard
  • Update package list.
sudo apt update -y

sudo apt install wireguard -y

wg-ipv4-ch1ro1

wg-ipv6-ch1ro1

  • Copy the configuration file over to the /etc/wireguard directory.
sudo cp mullvadch1ro1.conf /etc/wireguard
  • Update the permissions.
sudo chown root:root -R /etc/wireguard && sudo chmod 600 -R /etc/wireguard

Start or stop WireGuard.

  • Start WireGuard.
sudo wg-quick up mullvadch1ro1
  • Stop WireGuard.
sudo wg-quick down mullvad-ch1ro1

Enable or disable WireGuard start up on boot.

  • Enable WireGuard start up on boot.
systemctl enable wg-quick@mullvadch1ro1
  • Disable WireGuard start up on boot.
systemctl disable wg-quick@mullvadch1ro1
 
Read more...

from thecolorjay

“If they want to get you, over time they will.” Edward Snowden.

A Tor circuit consists of 3 relays. A bridge/guard relay, middle relay, and exit relay. All of your DNS queries are encrypted via your Tor circuit. Only the Tor exit relay is able to decrypt your DNS queries.

A VPN circuit consists of 1 server (or 2-3 servers if you're using multihop). All of your DNS queries are encrypted via your VPN circuit. All of the VPN servers are able to decrypt your DNS queries.

With Tor, you're anonymous. Whereas with a VPN, you're pseudonymous.

But, why? A VPN is centralized, whereas Tor is decentralized. Your VPN provider is a Man-in-the-middle (MITM) to your VPN circuit.

For plausible deniability, you'll want to set up a Tor bridge/guard relay over your VPN.

By doing this, you'll generate white noise (cover traffic) so your VPN provider won't be able to distinguish your subscriber traffic from other subscriber traffic, providing you with better anonymity.

If you're using Firefox, I'd enable DNS over HTTPS (DoH) and Encrypted SNI (ESNI). I recommend using BlahDNS as your DoH resolver.

user_pref("network.trr.mode", 3);
user_pref("network.trr.uri", "https://doh-jp.blahdns.com/dns-query");
user_pref("network.trr.bootstrapAddress", "45.32.55.94");
user_pref("network.security.esni.enabled", true);

All of your DNS queries will be encrypted via your DoH resolver, over your VPN. Only your DoH resolver will be able to decrypt your DNS queries.

As for Android, you'll want to install NetGuard for your firewall, WireGuard for your VPN, Orbot for your Tor bridge/guard relay, Bromite for your web browsing, Silence for your secure SMS/MMS messaging, and Syncthing for peer-to-peer file sharing.

 
Read more...

from toki pi jan Julo

tenpo suno ni, la mi sona e kulupu pi toki pona lon ilo Siko. nimi pi tomo toki li nimi “ma pona pi toki pona”. mi pilin pona mute tan ni: ona li kulupu suli. jan mute li lon “ma tomo pi toki pona”. tenpo ala, la mi sona e kulupu suli pi toki pona. pona mute a!

 
Leer más...

from Curva do Rio – onde tudo que não presta vai parar

Flávio QueirozEsta é uma dupla bem sucedida. O Bode já roubou milhões da prefeitura e do povo e continua livre para viajar, jogar, roubar de novo. Breno roubou a Cooperbom e o Sindicato Rural até que não tivesse mais nada para roubar. Também continua livro, solto, e fugido em Miami. Foi lá que a dupla Corrupção e Estelionato se reuniu para comemorar a liberdade usando o dinheiro roubado Clique aqui para ver as malas das compras em Miami.

Os roubos do Haroldo todo mundo conhece. Quando era prefeito em Bom Despacho, nunca fez uma obra sem levar pelo menos 10%. Nunca fez um asfalto sem embolsar a diferença de 2 cm de diferença. Nunca autorizou um loteamento sem ganhar 20 lotes. Mas os trambiques do estelionatário Breno Marques Gontijo, seu parceiro, amigo e motorista são menos conhecidos. Pois então aqui vai um resumo.

Breno do Fio, ou Brenão, conseguiu ser diretor da Cooperbom. Lá roubou, mas não foi pouco. No final, mais de um milhão. Fazia compra no mercado da cooperativa e não pagava. Levava semente, adubo e ração para casa e não pagava. Vendia bezerros da fazenda da Cooperativa e embolsava o dinheiro. Recebia como se estivesse fornecendo leite, mas não estava. Para não perder a oportunidade, pegava uma comissão nas compras.

Mas não ficou por aí. Pegou dinheiro adiantado por fornecimento que nunca existiu. Quando a coisa apertava e ele queria mais alguns trocados para bancar sua vida de rico, encontrava uma saída fácil na troca de cheques. Ele entrava com um cheque sem fundos no caixa da cooperativa e tirava o troco em dinheiro.

Com estes golpes grandes e pequenos, ele e o Zé do Nô quase levaram a cooperativa à falência. Depois se juntaram para ser candidato a prefeito em Bom Despacho. Pode?

Pelo jeito pode, pois seu amigo Bode já foi prefeito três vezes!

Depois de sair da cooperativa, Brenão arranjou outro lugar para roubar, que foi o Sindicato Rural. Lá tinha pouco. O Sindicato já estava quebrado. Mas ele não se apertou. Conseguiu emendas parlamentares, enganou fazendeiros e comerciantes e ainda conseguiu roubar um tanto até bom. Só numa caminhonete que vendeu ele apurou uns R$ 40.000,00. Foram diretamente para o seu bolso.

Comemoração Para comemorar a roubalheira e a impunidade, a dupla Bode e Breno, também conhecida como Corrupção e Estelionato se reuniram em Miami. Uma reunião de família. Como diz a música de fundo, esta família é muito unida. Nela, quem não rouba dá cobertura para quem rouba. Os pequenos são trombadinhas.

No vídeo abaixo você pode ver o entusiasmo com que o Bode comemora com seu parceiro Breno. É só alegria. A tristeza fica por conta dos bondespachenses roubados, do asfalto ruim, das escolas que deixou abandonadas.

Bode e BrenoClique aqui para ver o vídeo da amizade Fora do alcance da Justiça Apesar dos muitos processos contra Bode & Breno, os dois se sentem foram do alcance da justiça. O Bode parece que tem proteção na justiça e no ministério público porque por muito menos do que eles fizeram muitos prefeitos já foram presos, mas ele continua solto. O ex-prefeito está aí, fazendo deboche, gastando nosso dinheiro e viajando para jogar no Paraguai e em Las Vegas. O Breno está em Miami, gozando a vida e rindo dos bondespachenses. Até quando, ninguém sabe, mas enquanto isto o ministério público faz vista grossa e a justiça dorme.

As farras da dupla Bode & Breno, também conhecida como Corrupção e Estelionato são mais um símbolo de que neste país, ser corrupto e estelionatário vale a pena. Agora, ser honesto... bem, ser honesto pode ser bem perigoso.

Veja também estas biografias Cessão Queiroz, a primeira dama do ladrão Acir Parreiras, o cupincha Tereza Raquel Queiroz, a filha do ladrão Haroldo Queiroz condenado pelo TCU Haroldo Queiroz o ladrão cria da casa Cláudio Boca Preta, o gigolô do INSS Mozart Fosquete Agostinho Santos – Gigolô da Prefeitura Maurício Reis – o picareta que veio de fora

 
Read more...

from Curva do Rio – onde tudo que não presta vai parar

Flávio Queiroz: segunda-feira é dia de trabalho, mas só para quem precisa

Flávio QueirozQuatro coisas o neto aprendeu com o avô: jogar a dinheiro, beber, fumar e fugir do trabalho. Fumar maconha ele talvez tenha aprendido por conta própria. Será? Este é Flávio Queiroz, neto de Haroldo Queiroz. É burro, analfabeto e preguiçoso como o avô. Num momento de descontração ele afirma que a vida é difícil para quem precisa trabalhar numa segunda-feira, mas para ele, que não precisa de trabalhar, é uma moleza. Por isto começa o dia numa piscina que o avô tem em casa e que mantém azul e limpa com água que rouba da Copasa com ajuda do seu velho amigo Afonso.

Cessão QueirozNa rua, quem ensina malandragem ao menino é o avô, mas em casa, quem ensina preguiça e dá boa vida é a avó Cessão Queiroz. Assim segue o jovem aprendendo suas lições de vida que é passar o dia de segunda-feira na piscina e passar as noites na jogatina. Veja aqui o vídeo em que o neto do Bode debocha do trabalhador bondespachense

Veja também como o ex-prefeito gasta o dinheiro do bondespachense em viagem internacional: HQ em MiamiBode gasta o nosso dinheiro em Miami.

 
Read more...

from Curva do Rio – onde tudo que não presta vai parar

Bode ZuiudoO ex-prefeito Haroldo Queiroz torrou dinheiro em Miami. Mas não foi dinheiro dele, foi dinheiro seu e meu. Ouça a declaração dele, leia a mensagem (que não foi ele quem escreveu) e tire suas conclusões.

Quando Haroldo Queiroz gasta com viagens, baralho, bebida ou festa, quem paga é você. Sempre foi assim e se o eleitor bobear, vai continuar sendo. Faz três semanas Haroldo levou a família inteira para fazer compras em Miami. Quando a farra foi divulgada, ele disse que viaja com o dinheiro dele e ninguém tem nada com isto. Será que o dinheiro é dele mesmo?

Para começar, clique aqui para ver o vídeo que ele gravou e divulgou. Observe que o motorista dele é o estelionatário Breno do Fio. (amanhã falamos sobre os canos que ele deu em Bom Despacho antes de fugir para Miami). No final do vídeo, observe a alegria da filha dele que faz questão de mostrar as malas das compras (tudo comprado com nosso dinheiro).

Agostinho SantosClique aqui para ler o que alguém escreveu para ele publicar (ele não sabe escrever.)

Clique aqui para ver o vídeo do Bode exibindo a família, seu motorista particular Breno do Fio, e a filha Tereza Raquel exibindo as malas.

Haroldo não é empresário, é ladrão e estelionatário

Haroldo espalha por aí que ganha dinheiro como empresário. Ele não é empresário. Ele teve empresas, mas estão todas falidas faz muitos anos. Elas devem impostos, têm dívidas com trabalhadores e com fornecedores. Estão com as portas fechadas faz uns 20 anos. Haroldo é corrupto, falsário, estelionatário. E demagogo.

Onde você for na cidade Haroldo tem dívida. Pode ser nos supermercados, nos bares, restaurantes, lojas de roupas, fornecedores de bebidas. Ninguém vende fiado nem para ele nem para sua família porque ele não paga. Então como ele ganha dinheiro? Vendendo o que roubou quando estava na prefeitura. Ele roubou dinheiro, roubou ônibus, roubou máquinas e roubou lotes. Muitos lotes. Uns 300. Está tudo nas mãos dos seus cumpinchas e de alguns empresários desonestos. Quando ele precisa de dinheiro, vende alguns lotes ou máquinas, apura o dinheiro e vai fazer compras em Miami, jogar no Paraguai ou em Las Vegas.

Veja um exemplo de roubo do Haroldo.

PlanilhaClique aqui para ver a imagem. Os destaques amarelos mostram quantos porcento ele pagou a mais para depois receber de volta da empresa. O resultado deste roubo foram muitos milhões. Ele roubou dinheiro que veio da CODEVASF e dinheiro que veio da COPASA. Por causa deste desvio ele já foi condenado pelo TCU e pelo TCE-MG. Mas pela justiça, aquela que manda para a cadeia, ele ainda não foi condenado embora estes crimes tenham acontecido já faz 10 anos.

“Viajo com meu dinheiro” — Será mesmo?

Depois de gastar o nosso dinheiro em Miami, Haroldo também gravou este áudio dizendo que o dinheiro é dele e que ninguém tem nada com isto. Clique aqui para ouvir o cara de pau dizer que viaja com dinheiro dele e ninguém tem nada a ver com isto.) ___ Você pode ver outros membros da quadrilha nesta página Você pode conhecer e votar nos maiores malas de Bom Despacho nesta página Você pode conhecer a primeira dama da quadrilha nesta p ágina Você pode conhecer quem financiou a tentativa de volta da quadrilha à prefeitra nesta página.

Veja também estas biografias Cessão Queiroz, a primeira dama do ladrão Acir Parreiras, o cupincha Tereza Raquel Queiroz, a filha do ladrão Haroldo Queiroz condenado pelo TCU Haroldo Queiroz o ladrão cria da casa Cláudio Boca Preta, o gigolô do INSS Mozart Fosquete Agostinho Santos – Gigolô da Prefeitura Maurício Reis – o picareta que veio de fora

 
Read more...

from jal

Anteriormente escribí un artículo sobre cómo hacer Multihop con la app de Mullvad (aunque usando el protocolo OpenVPN) para así evitar el espionaje de vuestro operador de internet, evitando que sepan la IP con la que estás usando internet. Podeis leer este artículo aquí:

https://write.privacytools.io/jal/usar-la-vpn-mullvad-con-multihop

Ahora quiero poneros una forma fácil de hacer lo mismo pero con el protocolo Wireguard. ¿Por qué?: porque da mucho más juego. Me explico...

Desde la app de Mullvad puedes crear tus llaves para usar tu VPN con el protocolo Wireguard dentro de las opciones avanzadas en su última opción: Clave de Wireguard.

Una vez creadas las llaves, aunque la app de Mullvad conecte únicamente a un solo servidor (sin usar Multihop directamente, aunque puedes poner esta opción en el modo Automático), luego puedes cambiar en tus programas que soporten Socks5 (tus navegadores basados en Mozilla o tu programa de descarga de torrents por ejemplo) la conexión que va a usar usando el servidor Socks5 de Wireguard del país que te apetezca.

Es decir, imagina que la app de Mullvad conecta usando el protocolo Wireguard a un servidor de España, tal como lo configuraste. Luego en un navegador basado en Mozilla, como Firefox, pones en la configuración manual del proxy un servidor Socks5 de Japón, en el navegador Palemoon (basado en Mozilla) pones un servidor Socks5 de la República Checa, y en tu programa de descarga de torrents (como qBittorrent, que es el que recomiendo) pones un servidor Socks5 de Suiza.

¿Entiendes ahora las posibilidades que te ofrece esto?. En un navegador estás haciendo unas cosas desde un país, en otro navegador lo haces desde otro país diferente, en las descargas de torrents otro diferente, y tu operador de internet no sabe que estás usando internet con ninguna de estas IPs o países. Él solo conoce (en este ejemplo anterior) que te conectaste a un servidor de España y desde ahí no sabe nada más.

Para ello debes visitar los servidores Socks5 que ofrece Mullvad para el protocolo Wireguard aquí:

https://mullvad.net/es/servers/wireguard/

Vereis que en cada servidor, más a la derecha, viene reflejado el servidor Socks5 bajo el titular Nombre SOCKS5, del tipo: xxx-wg.socks5.mullvad.net (xxx hay que cambiarlo por la abreviación del servidor o país que usa Mullvad, como vereis en la lista).

Recuerda que el puerto que hay que poner en Socks5 para cada servidor será 1080, y que en la Configuración de red del navegador tienes que dejar señalada la opción: DNS proxy usando SOCKS v5. Y que al usar qBittorrent con el protocolo Wireguard debes cambiar el Interfaz de Red dentro de la opción Avanzado por el que está usando ahora. En GNU/Linux haz en el terminal un ifconfig y mira qué interfaz debe estar usando ahora, posiblemente tun1 aunque puede cambiar de nuevo a tun0.

Nada más, así de sencillo. Te da más facilidad de cambiar de país cuando quieras directamente en tus programas que soportan Socks5.

Si se cayera la conexión VPN dejarían de conectarse estos programas. Es lo bueno que tiene la configuración de los servidores Socks5 en Mullvad: sólo funcionan dentro de la VPN. Si se cae la VPN no conectan en absoluto, por lo cual tienes mucha más protección ante cualquier fuga de datos.

Es posible hacer directamente MultiHop usando el protocolo Wireguard bajando un archivo .conf desde su web, pero te aconsejo por su sencillez hacerlo mejor de esta forma.

 
Read more...

from jal

Imagina que quieres navegar anónimamente por internet y no quieres que se envíe ningún otro dato o conexión de tu smartphone.

En Netguard puedes hacerlo de esta manera (con sus opciones de pago):

Teniendo instalada la app Tor browser for android y permitida en esta app la conexión hacia internet con Netguard, la abres pulsando en ella dentro de Netguard y ahí señalas la casilla Permitir en modo de bloqueo. A partir de ahora, cuando estés conectado a internet y quieras usar únicamente el navegador de Tor sin más conexiones, en la pantalla principal de Netguard vas a la parte superior derecha, donde están los 3 puntos, y al pinchar eliges la casilla Bloquear tráfico.

A partir de ese momento, únicamente saldrá a internet la app que permitiste en modo de bloqueo: Tor browser for android. Ninguna más, ni siquiera las apps del sistema. En mi caso me funciona incluso sin tener activada la app del demonio DNS.

Otro truco con Netguard es hacer que todas las apps de tu smartphone, que tienen permiso para salir a internet a través de Netguard, salgan a través de Tor. Pero ya hice un artículo de cómo hacerlo. Quería volver a recordaroslo ahora:

https://write.privacytools.io/jal/todo-tu-smartphone-a-traves-de-tor

Espero que os sirva.

 
Read more...

from jal

Bueno, llegamos a la última parte de esta serie de artículos sobre Android sin rastreadores y con mayor privacidad.

Otro programa libre muy útil para conocer las conexiones que hace tu smartphone es Net Monitor que puedes descargar desde F-droid. Lo ejecutas, das al icono del play y te saldrán las apps con sus conexiones, al pulsar cada conexión te dará mucha información de la misma. Un ejemplo:

NetMonitor4

NetMonitor5

Pero volvamos a Netguard.

Ahora vamos a ir almacenando en cada app las conexiones que va realizando. De esta manera, si analizas dentro de cada app las conexiones que hizo, ahí mismo podrás bloquear un dominio u otro.

Para ello vamos a los Ajustes de Netguard y a sus Opciones Avanzadas. Ahí verás una pestaña que puedes señalar que dice Registrar acceso a Internet. Señalala y desde ese momento cualquier conexión que haga una app quedará registrada dentro de ella. Es decir, al abrir Netguard y ver el listado de apps, si pulsas en alguna de ellas verás dentro las conexiones que hizo. Un ejemplo:

Netguard-Fdroid

Cuando una conexión está permitida la verás de un color, como viste en esta imagen, que si pulsaras uno de los dominios te dará varias opciones, una de ellas bloquear dicho dominio. Cuando no lo esté la verás de esta manera:

Netguard-NavegadorPrivado

Como verás, así podrás comprobar fácilmente si una app se está conectando a Google, Facebook, Amazon o a cualquier sitio que no deseas y poder bloquear esa conexión para siempre. Te sorprenderías de cuantas apps conectan a estas empresas y lo bien que siguen funcionando cuando bloqueas únicamente dichos dominios dejando permitidos los que son realmente necesarios.

Puedes también bloquear la app del GPS (Google o Android no respeta que quites la geolocalización, sigue enviando datos a Google y Amazon para esto), dominios de Google DNS que usan muchas apps (y que ocurre en otras ROM, s también, no solo en un Android por defecto, pero usa muchos otros servidores DNS, puedes bloquear los de Google), dominios de Google que requiere tu smartphone para ponerlo en hora (usa muchos dominios diferentes, no te preocupes por bloquear solo el de Google), etc... Ya irás aprendiendo sobre la marcha analizando los registros de tus apps en Netguard.

Ahora hablaremos de los Ajustes de tu smartphone.

Especial importancia tienen los permisos de cada aplicación, las aplicaciones por defecto, los permisos generales de aplicaciones y los accesos especiales de las aplicaciones. Todo esto lo verás dentro de los Ajustes de tu smartphone, en el apartado de Aplicaciones y notificaciones. También las notificaciones debes revisarlas por si quieres evitar sonidos y cambiarlo por algo como Mostrar en silencio y minimizar. Pero eso te lo dejo a ti.

En las Aplicaciones predeterminadas, asegúrate de que no tienes ningún asistente de voz (un peligro para la privacidad), y que son correctos los valores siguientes: Navegador, el lanzador o Aplicación de página principal, el Teléfono y la Aplicación de SMS. Si has cambiado un lanzador debes ponerlo aquí para que se aplique siempre, lo mismo con los demás.

Seguidamente vamos al apartado de Permisos de aplicaciones, que es un apartado más general y donde vienen enumerados todos los permisos más importantes y el número de aplicaciones que tienen concedidos esos permisos: Almacenamiento, Calendario, Contactos, Cámara, Micrófono, etc...

Asegúrate que por ejemplo solo tienes el permiso de Micrófono para el Teléfono, y el permiso de Cámara para la cámara que uses (mejor una libre como te puse en un artículo anterior). Y así con todos los demás. Cuida mucho estos permisos porque son de vital importancia para tu privacidad y seguridad. Hazlo cada ciertos días por si hay algo que haya cambiado y debes corregir.

También debes revisar el apartado de Acceso especial de aplicaciones. Analiza cada opción y con sentido común piensa en las consecuencias de dar permiso para esto a quien no debe tenerlo. Como ejemplo, solo querrás dar permiso de Instalar aplicaciones desconocidas a F-droid, al Administrador de Archivos (en caso de que instales archivos .apk que descargues. En caso contrario no lo hagas), a la app ApkGrabber si la estás usando, y lo mismo a la app Aurora Store. A todas las demás seguramente no necesitarán esto y puedes quitarle este permiso. Con un poco de sentido común ve revisando cada opción y actúa en consecuencia por tu seguridad.

Es también importante para tu privacidad el servicio DNS que estés usando. Elige alguno que te de confianza y no te rastree ni guarde registros o logs. Debes poner dicho servidor DNS en tus redes (si es un solo servidor ponlo igual en los 2 apartados que lo pide), y también dentro de Netguard: vas a los Ajustes, a Opciones Avanzadas y donde pone VPN DNS (salen dos opciones) repites el mismo servidor en los 2 lugares.

Asimismo, no vayas con el Bluetooth ni el NFC siempre conectados. Conectalos únicamente cuando te haga falta. En estos casos debes darles permisos en Netguard temporalmente para poder usarlos. Ya sabes, usa el buscador de Netguard y pones Bluetooth o NFC y aceptas las apps necesarias para que funcionen.

De vez en cuando borra de cada app la caché que ha ido acumulando. De esta manera vas dejando menos huellas en el caso de que tengas que desconectar Netguard por algún motivo.

Y por supuesto, si vas a apagar o a reiniciar tu smartphone hazlo siempre en Modo avión o sin tener el Wifi o los datos conectados. Una vez que esté en funcionamiento y esté ya Netguard funcionando, entonces es cuando debes activar los datos o el Wifi (Internet).

Con estos artículos creo que he podido explicarte cómo evitar rastreadores en tus apps de varias maneras, como analizar conexiones e ir bloqueándolas, como evitar apps que únicamente quieren sacar provecho de ti y anular tu privacidad, a la vez que consumir más datos de tu teléfono o conexión a internet, así como más recursos. Si sigues estos consejos tu smartphone conectará pocas veces al exterior, lo imprescindible, y lo hará con mayor privacidad y seguridad para ti, aunque lo más importante eres tu mismo y lo que hagas.

Sé que no será sencillo para muchísima gente el seguir todo esto, y otras no se molestarán en hacerlo, pero cada cual es dueño de su intimidad y de hacer lo que mejor le convenga. Al menos creo que he puesto mi granito de arena en intentar ayudar un poco para los casos en que cualquier persona con un Android normal que no desea rootearlo ni poner otra ROM pueda reducir al mínimo el riesgo a su privacidad.

Igual me dejo algunas cosas, en ese caso iré retocando este último artículo para añadirlas.

 
Leer más...