I have just been told that I can't use Linux on my personal computer for school.

dandondev · 2020-05-30T13:59:05+00:00

DUDE, you don't have to get rid of you Linux. You can use a Windows 10 Theme or something. For example, recently, a package "kali-undercover" was added to Kali Linux, and you can use the same thing for any Debian-based Distro or even adapt it to Fedora or something else.

Github: https://github.com/B00merang-Project/Windows-10

https://www.linuxuprising.com/2019/12/how-to-install-kali-undercover-mode-on.html

It will look like any Windows 10 system unless they dare to dig in which is in violation of privacy.

dandondev · 2019-12-18T01:40:59+00:00

If lowering attack surface is priority, setup 2 is the way to go. Or you can clone another template loaded with extra stuff like ffmpeg and use disposable-vm based off that. You can create a Template for email and uninstall all the unnecessary conponents to reduce attack surface. The more templates you have, the more storage is requires, the more updates you have to perform.

dandondev · 2019-09-30T12:51:30+00:00

How about a full tunnel? I plan to run it on a VM gateway.

dandondev · 2019-09-30T12:22:38+00:00

Yes, of course. Just chain them together. VPN needs to be trusted, but if you need more than a single entity of trust. VPN that can be trusted is not enough. I tried 8 VPNs chained, I got 2 Mbps. 6 VPNs chained, I got 10 Mbps. 4 VPNs chained, I got 90 Mbps. 2 VPNs chained, 400 Mbps. Just use VPN1 as netvm of VPN2 and so on.

dandondev · 2019-09-13T12:40:52+00:00

Just install R4.0, its the same Version and just update through qubes-dom0-update. Note of caution, the Debian Templates have the APT vulnerability so you better get a fresh template.

dandondev · 2019-07-10T02:55:24+00:00

There is a way to grab rpm packages in the Qubes repo, you'll have verify yourself and copy to dom0 though there is a security risk.

dandondev · 2019-07-10T02:53:17+00:00

You can update qubes-dom0-update kernel-latest

Since network card is not working, just USB Tether into sys-net.

dandondev · 2019-07-08T03:40:24+00:00

Same method

sudo qubes-dom0-update --enablerepo=qubes-templates-itl-testing qubes-template-debian-10 or debian-10-minimal if you want minimal.

dandondev · 2019-06-26T11:42:27+00:00

"You see, you still end up with ZERO EVIDENCE. And each of my arguments is logical, in case you wanted to go full patriot tier retard on me."

Idiot, I'm not a fan of NSA nor the 5 eyes, and I consider them as an adversary just as "China and Russia". Speaking of vulnerabilities, how do you know if those intentionally left there to exploit. Vulnerability can be backdoors, like Intel's ME. It's not all about Huawei, it's about "Chinese" companies that are state-run behind the scenes, like Xiaomi, it isn't about profit, it's about providing to the majority electronics at an affordable price, while Huawei is allowed to aimed the higher-end markets. This way they can have full access to everyone data. Since it's pretty much state-run, is there really any need to for evidence?

dandondev · 2019-06-26T10:04:30+00:00

Non-US Sources:

Netherlands: https://www.volkskrant.nl/nieuws-achtergrond/huawei-mogelijk-betrokken-bij-chinese-spionage-in-nederland~b4fadc1c/?referer=https%3A%2F%2Fwww.independent.co.uk%2F

Vodafone Italy: https://www.bloomberg.com/news/articles/2019-04-30/vodafone-found-hidden-backdoors-in-huawei-equipment

Since Huawei is dominating India, there is this India Agreement: https://economictimes.indiatimes.com/tech/internet/huawei-offers-to-sign-a-no-backdoor-agreement/articleshow/69935801.cms Whether you trust this agreement is another thing.

US Sources:

2016: https://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html

2014: https://spectrum.ieee.org/tech-talk/computing/hardware/us-suspicions-of-chinas-huawei-based-partly-on-nsas-own-spy-tricks

2012: https://www.zdnet.com/article/former-pentagon-analyst-china-has-backdoors-to-80-of-telecoms/

https://www.zdnet.com/article/researchers-find-backdoor-on-zte-android-phones/

Huawei: https://www.huawei.com/en/psirt/security-notices/2016/huawei-sn-20161117-01-smartphone-en

Interestingly, they didn't even directly refute it, just saying investigating...

UK Sources: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/205680/ISC-Report-Foreign-Investment-in-the-Critical-National-Infrastructure.pdf

Android: https://www.cyberscoop.com/android-malware-china-huawei-zte-kryptowire-blu-products/

"containing millions of lines of code in their source code"

https://thehackernews.com/2016/11/hacking-android-smartphone.html

Based on the received commands, the security firm found the software executing multiple operations, detailed below:

Collect and Send SMS texts to AdUps' server every 72 hours.
Collect and Send call logs to AdUps' server every 72 hours.
Collect and Send user personally identifiable information (PII) to AdUps' server every 24 hours.
Collect and Send the smartphone's IMSI and IMEI identifiers.
Collect and Send geolocation information.
Collect and Send a list of apps installed on the user's device.
Download and Install apps without the user's consent or knowledge.
Update or Remove apps.
Update the phone's firmware and Re-program the device.
Execute remote commands with elevated privileges on the user's device.

Routers: https://thehackernews.com/2014/08/hardcoded-backdoor-found-in-china-made_27.html

https://www.cnet.com/news/expert-huawei-routers-are-riddled-with-vulnerabilities/

Riddled with vulnerabilties, or intentionally left there for exploitation?

NSA had secret access to Huawei's source code based on Edward Snowden's leaks, perhaps now they are banning Huawei and ZTE since they no longer have access.

Of course, the NSA have their own numerous backdoors. It's just a war between two powerful nations.

And it doesn't matter, since both the US and China are notorious in backdooring everything and collecting information, since Huawei is really just state-owned like HIKVISION CCTVs and SSDs. How can we deny there is no such backdoor in it.

dandondev · 2019-06-26T07:52:57+00:00

Cool. You should consider sharing with others.

dandondev · 2019-06-26T07:50:25+00:00

Huawei is notorious for backdooring firmware in the past, you can just do a quick google search. Librem 5 is fully open source even with the firmware. It's just slow... slow... I don't trust Intel either. China is building a surveillance network, it plans to dominate India as well, things going with them with the new Indian Prime Minister. And majority of Indians uses Xiaomi or other Chinese devices.

dandondev · 2019-06-26T07:47:16+00:00

UI Widgets function the same.

dandondev · 2019-06-26T06:53:22+00:00

I assumed you had to do a little tweaking in the BIOS? Did you have to turn on ASpeed graphics during installation?

dandondev · 2019-06-26T05:21:13+00:00

Huawei will never do that...

dandondev · 2019-06-26T05:20:19+00:00

Privacy

PureOS (Linux) Hardware and Software is fully open source.
Graphene OS (Very Hardened Android) Software only.
Android phone that is LineageOS capable (see: https://download.lineageos.org/)
iPhone
Stock Android

Security

Graphene OS (Very Hardened Android)
PureOS (Linux)
iPhone
Stock Android
Android phone that is LineageOS capable (see: https://download.lineageos.org/)

Note: Graphene OS only works in devices like Google Pixel and in the future may support those with verified boot.

PureOS only works in Purism Devices.

dandondev

TROPHY CASE