Puppy Crypt 528

For talk and support relating specifically to Puppy derivatives
Message
Author
sgk
Posts: 6
Joined: Tue 28 Nov 2006, 16:43
Location: USA

Limiting New Programs

#21 Post by sgk »

@DPUP5520

You wrote on Sun., Oct. 23, "..... what I do recommend is not installing anything else which isn't included already as I have it set up to provide maximum security and any extra installs or modifications can override/screw up security settings that are in place."

First, let me say that I joined in Nov. 2006, tried dozens of Puppys as well as other distros since then, and was always disappointed in either their ease of use, security, or both. I like Puppy because it has a unique Save file, and is fast. Another reason, is that it can be easily remade into what you want by using Universal Installer. However, I was always wary, no reference to Wary Puppy, which gave me the most problems compared to Puppy 431, about running in "root." I don't want to get into a "root" discussion, so I'll leave it at that.

I am happy to see that someone, namely you, has decided to try to create a real safe Puppy puplet. I tried Puppy Crypts, but it did not impress me too much, but your remake is very interesting.

Now, my question, which comes off of your statement above. I understand your concern about not wanting to "break" Puppy Crypt-528 with new, or added programs, but what if someone, me, wants to add other PETs that I have been using in other Puppys over the years in order to get work done? What do I (or others) do? Submit a list of my (our) programs for you to test on Puppy Crypt-528 before we add them in?

I understand that you want to run a tight ship. I do share your fear of using Tor, but aren't all "proxy servers" a danger too? I use Tor, but less than I have been, and only for good reasons. Steve Gibson of "Security Now!" once said in his podcast, "There is no such thing as security..... only making something more secure than before." So, I understand the limits, and think that it's worth continuing to try to be "more secure than before."

I have been into Linux since 1993 ( as well as Windoze), and security is the biggest problem all of us have faced. It's too bad that most users think security (being more secure) is a joke.

I started the first off-campus Linux group in Philadelphia in the early 1990s. It was called PLUG (Philadelphia Linux Users Group) at the Highwire Gallery. The campus was LaSalle College, and the umbrella organization was PACS (Philadelphia Area Computer Society). I remember the transition from BBSs to the Internet. It was exciting, and your interest in making things safer keeps the excitement going! Thanks!

Keep up the good work!

sgk2 (formerly sgk)
Posts: 1
Joined: Tue 25 Oct 2011, 19:56

Name Change, Old E-mail Address

#22 Post by sgk2 (formerly sgk) »

The above post is mine. sgk is sgk2 (formerly sgk). I changed my e-mail address to a new one, and I got locked out. The easiest way for me to continue with the Puppy Forum was to re-register. This should avoid any confusion, I hope!

DPUP5520
Posts: 800
Joined: Wed 16 Feb 2011, 05:38

#23 Post by DPUP5520 »

I understand that you want to run a tight ship. I do share your fear of using Tor, but aren't all "proxy servers" a danger too? I use Tor, but less than I have been, and only for good reasons. Steve Gibson of "Security Now!" once said in his podcast, "There is no such thing as security..... only making something more secure than before." So, I understand the limits, and think that it's worth continuing to try to be "more secure than before."
While it is true that all "proxy servers" can be dangerous, most notably when you are not using a cascade as that single server that you are routing through would technically be able to read any information you pass through it , however when using a cascade such as which JAP (JonDo) uses that helps to nullify that problem.
As for adding programs into Puppy Crypt, as long as the programs have no access to the internet and don't modify anything already existing I don't see a problem or any real threat however if they do connect to the internet or modify any existing scripts built in you would be taking a risk on hurting the security of Puppy Crypt, I would basically say do so at your own risk in that case unless if you would want me to test it out id be more than glad to.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69651][b][i]PupRescue 2.5[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]

User avatar
jim3630
Posts: 791
Joined: Mon 14 Feb 2011, 02:21
Location: Northern Nevada

#24 Post by jim3630 »

DPUP5520 wrote: As for adding programs into Puppy Crypt, as long as the programs have no access to the internet and don't modify anything already existing I don't see a problem or any real threat however if they do connect to the internet or modify any existing scripts built in you would be taking a risk on hurting the security of Puppy Crypt, I would basically say do so at your own risk in that case unless if you would want me to test it out id be more than glad to.
DPUP5520, adding another browser and giving it java privileges and light use on the net upon closing it will increase risk when use the built in armored ff?

DPUP5520
Posts: 800
Joined: Wed 16 Feb 2011, 05:38

#25 Post by DPUP5520 »

Depends on the browser, something like SeaMonkey, aurora (Firefox development) or anything based on Firefox/Mozilla then yes it will affect the security of the built in browser.
I'm not really trying to run a "tight ship" as sgk2 suggested but rather just giving suggestions on how to keep security tight on the distro as I said before it's main purpose is security and anonymity so realize that anything added to the distro which can connect to the net or modify any built in scripts is a threat to your being anonymous on the web and to the distro itself. For example when running with the built in Firefox through Freedom you are running a completely stateless session where cookies blocked and your header signature is scambled, there is also no http authentication data being sent.
What you can do is use Noscript to allow only certain sites that you trust to use the Java extension by "White-listing" them which would be more secure than installing a new browser.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69651][b][i]PupRescue 2.5[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]

sgk
Posts: 6
Joined: Tue 28 Nov 2006, 16:43
Location: USA

How to Setup Your-Freedom

#26 Post by sgk »

@DPUP5520

BTW, I got my original ID, sgk, back, so I'll continue to use that.

I was going to gather up those programs that I wanted you to test if you could, but first I thought that I would try to use Your-Freedom. I read your "How to Setup Your-Freedom," and so I followed your steps beginning with Step 1.:

1.To use Your-Freedom, you must first sign-up. You can easily sign up using a throw-away email.

I went to Spamgourmet (https://www.spamgourmet.com/), and signed up for a "throw-away e-mail." Then, I went to the Your-Freedom web site (https://www.your-freedom.net/), and tried to sign on so I could then use the Your-Freedom program in Puppy-Crypt-528. The Your-Freedom web site rejected my whatever-name-I-used@spamgourmet.com e-mail address. I tried it a second time, and I was again rejected. There's nothing like "being rejected." It does little to boost the ego.

Can you suggest another "throw-away e-mail" site that the Your-Freedom site might not reject? I noticed only two more "disposable e-mail address" sites on Wikipedia (https://en.wikipedia.org/wiki/Disposable_e-mail_address), and they were Mailinator (http://www.mailinator.com/), and TrashMail (https://ssl.trashmail.net/), and I intend to try them, but I have a feeling that if Spamgourmet got the axe, those two might also get shafted.

I would think that a outfit like Your-Freedom would want to work with a "disposable e-mail address" site to further enhance our desires to maintain the most security for ourselves, unless they suspect Spamgourmet of being up to no good, or Your-Freedom would rather want to know who we really are by us giving away our well known e-mail providers' addresses to them. That doesn't sound too cool, or am I jumping the gun, so to speak? What do you think?

Thanks.
Last edited by sgk on Wed 26 Oct 2011, 17:04, edited 1 time in total.

P123
Posts: 87
Joined: Sat 05 Sep 2009, 14:35
Location: Northern Ireland, UK

Disposable email addresses

#27 Post by P123 »

There are a few disposable email extensions or apps for Google Chrome or for Chromium.

For example Instant Email Address or TrashMail.net.

User avatar
jim3630
Posts: 791
Joined: Mon 14 Feb 2011, 02:21
Location: Northern Nevada

#28 Post by jim3630 »

tend to think any email address such as something@yahoo.com could be a throw away if you use it only once.

sgk
Posts: 6
Joined: Tue 28 Nov 2006, 16:43
Location: USA

Disposable E-mail addresess

#29 Post by sgk »

@P123

Thanks.

I'm familiar with TrashMail, but the second one that you mentioned, I am not, so I'll try that one too.

P123
Posts: 87
Joined: Sat 05 Sep 2009, 14:35
Location: Northern Ireland, UK

#30 Post by P123 »

Does anyone how if there is a pet file to create a multiboot cd/dvd? I did a search for multiboot cd http://murga-linux.com/puppy/search.php & there was only 457 posts that matched this. Just searching for multiboot gives the same results.

I am hoping to create a cd/dvd with PuppyCrypt, PupRescue, Wary, R.I.P. Linux & Linux Mint or Ubuntu Rescue Remix.

sgk
Posts: 6
Joined: Tue 28 Nov 2006, 16:43
Location: USA

Disposable E-mail addresess

#31 Post by sgk »

@jim3630

Thanks for your input too, jim3630.

P123
Posts: 87
Joined: Sat 05 Sep 2009, 14:35
Location: Northern Ireland, UK

Disposable E-mail addresess

#32 Post by P123 »

I just did a quick search for "Disposable E-mail addresses" & there is none available for Firefox 7.0.1.

DPUP5520
Posts: 800
Joined: Wed 16 Feb 2011, 05:38

#33 Post by DPUP5520 »

I usually use Hotmail, yahoo, and Gmail for disposable email addresses. As for a multboot program there is one called sardu I think, and puppyluvr has one but I can't remember the name of it.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69651][b][i]PupRescue 2.5[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]

P123
Posts: 87
Joined: Sat 05 Sep 2009, 14:35
Location: Northern Ireland, UK

#34 Post by P123 »

I did see a few posts about sardu (look like a lot of reading) & I will check puppyluvr's posts later.

sgk
Posts: 6
Joined: Tue 28 Nov 2006, 16:43
Location: USA

Top 6 Disposable Email Address Services on About.com

#35 Post by sgk »

I thought I might share some of my findings on "Disposable E-mail Addresses." I used the search engine, DuckDuckGo, and found "Top 6 Disposable Email Address Services" at About.com. I copied the part of the page as follows:

=======================

Top 6 Disposable Email Address Services
By Heinz Tschabitscher, About.com Guide

If you give web sites and new contacts a disposable email address instead of your real one, you can selectively disable a disposable address as soon as you get spam through it, but continue using all other aliases.
All disposable email address services provide this basic functionality, but some have other neat features that make life with email less spam and more fun.

(Updated May 2011)

1. Spamex: - http://www.spamex.com/
Spamex provides a solid, useful, and almost feature-complete disposable email address service.

2. Spamgourmet: - https://spamgourmet.com/
Before you choke on all that spam, try the feature-rich and flexible disposable email addresses from Spamgourmet for protection.

3. E4ward.com: - https://www.e4ward.com/
E4ward.com is a down-to-earth and very useful disposable email service that makes it easy to prevent spam to your real email address with easily erasable aliases. You can use your own domain with E4ward.com, but address masking in your replies is a bit cumbersome and auto-expiring aliases are not offered.

4. GishPuppy: - http://www.gishpuppy.com/
GishPuppy is a disposable email address service that shines with simplicity and functionality. Unfortunately, GishPuppy's functionality does not encompass replacing your real email address with the appropriate alias in replies.

5. Mailinator: - http://www.mailinator.com/
Mailinator lets you use any email address @mailinator.com and pick up the mail at their site. Since there's no connection to your real address, you sure won't get spam from using Mailinator addresses. Keep in mind that all mail sent to Mailinator is made public.

6. Yahoo! Mail Classic: - https://mail.yahoo.com/
Yahoo! Mail Classic is a comfortable, reliable and secure email service with unlimited storage. A pretty good spam filter (including disposable email addresses) keeps the junk out.
Note that disposable addresses are deleted when you cancel your Yahoo! Mail Plus account.

What You Need to Know About Disposable Email Address Services - located at the following web address: http://email.about.com/cs/disposableadd ... e_addr.htm

=======================

I hope that those who are interested in disposable e-mails can find something in the list above. The site is at - http://email.about.com/od/disposableema ... osable.htm.

I would also like to say that I managed to set up JonDo :) , and it works well on Puppy Crypt-528 on my Acer netbook.

DPUP5520
Posts: 800
Joined: Wed 16 Feb 2011, 05:38

#36 Post by DPUP5520 »

I would also like to say that I managed to set up JonDo , and it works well on Puppy Crypt-528 on my Acer netbook.
Thats awsome, just beware of JonDo's autoconfiguration for the cascades, it tends to like to point you towards the single server japanese proxy which is less secure than the other cascaded proxy servers.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69651][b][i]PupRescue 2.5[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]

ant2ne
Posts: 5
Joined: Wed 04 Jan 2012, 18:35

#37 Post by ant2ne »

Dont mind me, I'm just jumping in on this thread. Looks like a very interesting project and as soon as I post this I'm going to download the iso and try it out. In fact, if my wifi is support I just might trash this ubuntu install in favor of your pup.

User avatar
kooliepup
Posts: 292
Joined: Sat 14 Jan 2012, 03:40
Location: Victoria, Australia

#38 Post by kooliepup »

I have a prob that I have never had with other 528 puplets.

After doing a multisession remaster, it saves to a new folder on shutdown, as it should, but won't load a folder on startup.

Also savesession-dvd doesn't work.

Any clues?
There's no place like 127.0.0.1

DPUP5520
Posts: 800
Joined: Wed 16 Feb 2011, 05:38

#39 Post by DPUP5520 »

I'm not really sure, I can look into it but it may take me a while as I don't have any CDs or DVDs here yet im still waiting to get them shipped to me. I was planning on updating Puppy Crypt but haven't had a chance as i've been quite busy with work and I use another one of my pups as my day to day distro. I will look into the issue as soon as I get a chance and report back as soon as possible.
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=69651][b][i]PupRescue 2.5[/i][/b][/url]
[url=http://www.murga-linux.com/puppy/viewtopic.php?t=72178][b][i]Puppy Crypt 528[/i][/b][/url]

User avatar
kooliepup
Posts: 292
Joined: Sat 14 Jan 2012, 03:40
Location: Victoria, Australia

#40 Post by kooliepup »

I love your Dirty Little Secret. :)

Any CDs yet?
There's no place like 127.0.0.1

Post Reply