Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 25 Oct 2014, 16:54
All times are UTC - 4
 Forum index » Advanced Topics » Puppy Derivatives
Puppy Crypt 528
Moderators: Flash, JohnMurga
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 2 of 4 Posts_count   Goto page: Previous 1, 2, 3, 4 Next
Author Message
jim3630


Joined: 13 Feb 2011
Posts: 792
Location: Northern Nevada

PostPosted: Mon 24 Oct 2011, 20:49    Post_subject:  

installed manual frugal to ext4 pfix=ram. like the way the ff browser is configured. without java and the other extensions it's low drag high speed.
after.install.rebooted.png
 Description   
 Filesize   22.47 KB
 Viewed   577 Time(s)

after.install.rebooted.png

Back to top
View user's profile Send_private_message 
DPUP5520

Joined: 16 Feb 2011
Posts: 801

PostPosted: Mon 24 Oct 2011, 21:15    Post_subject:  

the java plugin is actually a huge security risk in FF and well any mozilla browser which is why it is not there, as for the extensions that are in there simply using flashblock and imageblock make FF fly (theres no Flash in Puppy Crypt anyway, once again Huge security risk). The main reason for having imageblock in FF was because once you configure either JAP or Freedom and run FF through a proxy unless you use a paid subscription (I have a paid account with Freedom, securely and anonymously paid for of course) the browser will severely drag as JAP is limited to between 40-50kbit/s and Freedom at 64kbit/s. There are a few other ways in Linux to securely connect to the net that I haven't included cause they aren't as simple to set-up and also I will be removing the ISO I currently have up with a new one in a few hours with the version I had originally planned on putting out, the only difference is transmission is replaced with a bit-torrent client which allows for tunneling.
_________________
PupRescue 2.5
Puppy Crypt 528
Back to top
View user's profile Send_private_message 
DPUP5520

Joined: 16 Feb 2011
Posts: 801

PostPosted: Tue 25 Oct 2011, 02:21    Post_subject:  

Modified Puppy Crypt real quick and put out the version I was originally intending to, still has same name , is about 10MB bigger but you can now use proxy with bittorrent client (replaced Transmission with Tixati).
Also added in Enotes for creating encrypted notes/password lists.
Put up a quick tutorial for using Freedom and JAP programs on first post as well as reasons for using them or Elinks over the Also built-in Tor-Browser.
Also is the MD5sum for the ISO in the first post.

_________________
PupRescue 2.5
Puppy Crypt 528
Back to top
View user's profile Send_private_message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Tue 25 Oct 2011, 11:13    Post_subject:  

Quote:
I do not take responsibility for any wrongdoings done with Puppy Crypt


We blame Bugman (Puppy official scapegoat) for all wrongdoing. Wink
It is not my way to encrypt. No secret bank accounts or illicit affairs with mermaids . . .
However for those security conscious I would remind that Puppy Phone can communicate peer to peer and encrypt the conversation. Cool
Click on the red phone (on loan from Batman)
http://www.smokey01.com/menu/

This message will self destruct in 5 years . . . Cool

_________________
Puppy WIKI
Back to top
View user's profile Send_private_message Visit_website 
DPUP5520

Joined: 16 Feb 2011
Posts: 801

PostPosted: Tue 25 Oct 2011, 12:01    Post_subject:  

I actually took puppy psip out because I was having a hard time creating a secure connection with it. I'll retry after work and maybe add link to the first post for the pet to add back in.
_________________
PupRescue 2.5
Puppy Crypt 528
Back to top
View user's profile Send_private_message 
sgk

Joined: 28 Nov 2006
Posts: 6
Location: USA

PostPosted: Tue 25 Oct 2011, 15:33    Post_subject: Limiting New Programs  

@DPUP5520

You wrote on Sun., Oct. 23, "..... what I do recommend is not installing anything else which isn't included already as I have it set up to provide maximum security and any extra installs or modifications can override/screw up security settings that are in place."

First, let me say that I joined in Nov. 2006, tried dozens of Puppys as well as other distros since then, and was always disappointed in either their ease of use, security, or both. I like Puppy because it has a unique Save file, and is fast. Another reason, is that it can be easily remade into what you want by using Universal Installer. However, I was always wary, no reference to Wary Puppy, which gave me the most problems compared to Puppy 431, about running in "root." I don't want to get into a "root" discussion, so I'll leave it at that.

I am happy to see that someone, namely you, has decided to try to create a real safe Puppy puplet. I tried Puppy Crypts, but it did not impress me too much, but your remake is very interesting.

Now, my question, which comes off of your statement above. I understand your concern about not wanting to "break" Puppy Crypt-528 with new, or added programs, but what if someone, me, wants to add other PETs that I have been using in other Puppys over the years in order to get work done? What do I (or others) do? Submit a list of my (our) programs for you to test on Puppy Crypt-528 before we add them in?

I understand that you want to run a tight ship. I do share your fear of using Tor, but aren't all "proxy servers" a danger too? I use Tor, but less than I have been, and only for good reasons. Steve Gibson of "Security Now!" once said in his podcast, "There is no such thing as security..... only making something more secure than before." So, I understand the limits, and think that it's worth continuing to try to be "more secure than before."

I have been into Linux since 1993 ( as well as Windoze), and security is the biggest problem all of us have faced. It's too bad that most users think security (being more secure) is a joke.

I started the first off-campus Linux group in Philadelphia in the early 1990s. It was called PLUG (Philadelphia Linux Users Group) at the Highwire Gallery. The campus was LaSalle College, and the umbrella organization was PACS (Philadelphia Area Computer Society). I remember the transition from BBSs to the Internet. It was exciting, and your interest in making things safer keeps the excitement going! Thanks!

Keep up the good work!
Back to top
View user's profile Send_private_message 
sgk2 (formerly sgk)

Joined: 25 Oct 2011
Posts: 1

PostPosted: Tue 25 Oct 2011, 16:24    Post_subject: Name Change, Old E-mail Address
Sub_title: I had to rejoin the Forum because of an old e-mail address!
 

The above post is mine. sgk is sgk2 (formerly sgk). I changed my e-mail address to a new one, and I got locked out. The easiest way for me to continue with the Puppy Forum was to re-register. This should avoid any confusion, I hope!
Back to top
View user's profile Send_private_message 
DPUP5520

Joined: 16 Feb 2011
Posts: 801

PostPosted: Tue 25 Oct 2011, 23:40    Post_subject:  

Quote:
I understand that you want to run a tight ship. I do share your fear of using Tor, but aren't all "proxy servers" a danger too? I use Tor, but less than I have been, and only for good reasons. Steve Gibson of "Security Now!" once said in his podcast, "There is no such thing as security..... only making something more secure than before." So, I understand the limits, and think that it's worth continuing to try to be "more secure than before."


While it is true that all "proxy servers" can be dangerous, most notably when you are not using a cascade as that single server that you are routing through would technically be able to read any information you pass through it , however when using a cascade such as which JAP (JonDo) uses that helps to nullify that problem.
As for adding programs into Puppy Crypt, as long as the programs have no access to the internet and don't modify anything already existing I don't see a problem or any real threat however if they do connect to the internet or modify any existing scripts built in you would be taking a risk on hurting the security of Puppy Crypt, I would basically say do so at your own risk in that case unless if you would want me to test it out id be more than glad to.

_________________
PupRescue 2.5
Puppy Crypt 528
Back to top
View user's profile Send_private_message 
jim3630


Joined: 13 Feb 2011
Posts: 792
Location: Northern Nevada

PostPosted: Wed 26 Oct 2011, 01:25    Post_subject:  

DPUP5520 wrote:

As for adding programs into Puppy Crypt, as long as the programs have no access to the internet and don't modify anything already existing I don't see a problem or any real threat however if they do connect to the internet or modify any existing scripts built in you would be taking a risk on hurting the security of Puppy Crypt, I would basically say do so at your own risk in that case unless if you would want me to test it out id be more than glad to.


DPUP5520, adding another browser and giving it java privileges and light use on the net upon closing it will increase risk when use the built in armored ff?
Back to top
View user's profile Send_private_message 
DPUP5520

Joined: 16 Feb 2011
Posts: 801

PostPosted: Wed 26 Oct 2011, 04:16    Post_subject:  

Depends on the browser, something like SeaMonkey, aurora (Firefox development) or anything based on Firefox/Mozilla then yes it will affect the security of the built in browser.
I'm not really trying to run a "tight ship" as sgk2 suggested but rather just giving suggestions on how to keep security tight on the distro as I said before it's main purpose is security and anonymity so realize that anything added to the distro which can connect to the net or modify any built in scripts is a threat to your being anonymous on the web and to the distro itself. For example when running with the built in Firefox through Freedom you are running a completely stateless session where cookies blocked and your header signature is scambled, there is also no http authentication data being sent.
What you can do is use Noscript to allow only certain sites that you trust to use the Java extension by "White-listing" them which would be more secure than installing a new browser.

_________________
PupRescue 2.5
Puppy Crypt 528
Back to top
View user's profile Send_private_message 
sgk

Joined: 28 Nov 2006
Posts: 6
Location: USA

PostPosted: Wed 26 Oct 2011, 12:51    Post_subject: How to Setup Your-Freedom
Sub_title: This is a question about "how to setup Your-Freedom with a "throw-away e-mail."
 

@DPUP5520

BTW, I got my original ID, sgk, back, so I'll continue to use that.

I was going to gather up those programs that I wanted you to test if you could, but first I thought that I would try to use Your-Freedom. I read your "How to Setup Your-Freedom," and so I followed your steps beginning with Step 1.:

1.To use Your-Freedom, you must first sign-up. You can easily sign up using a throw-away email.

I went to Spamgourmet (https://www.spamgourmet.com/), and signed up for a "throw-away e-mail." Then, I went to the Your-Freedom web site (https://www.your-freedom.net/), and tried to sign on so I could then use the Your-Freedom program in Puppy-Crypt-528. The Your-Freedom web site rejected my whatever-name-I-used@spamgourmet.com e-mail address. I tried it a second time, and I was again rejected. There's nothing like "being rejected." It does little to boost the ego.

Can you suggest another "throw-away e-mail" site that the Your-Freedom site might not reject? I noticed only two more "disposable e-mail address" sites on Wikipedia (https://en.wikipedia.org/wiki/Disposable_e-mail_address), and they were Mailinator (http://www.mailinator.com/), and TrashMail (https://ssl.trashmail.net/), and I intend to try them, but I have a feeling that if Spamgourmet got the axe, those two might also get shafted.

I would think that a outfit like Your-Freedom would want to work with a "disposable e-mail address" site to further enhance our desires to maintain the most security for ourselves, unless they suspect Spamgourmet of being up to no good, or Your-Freedom would rather want to know who we really are by us giving away our well known e-mail providers' addresses to them. That doesn't sound too cool, or am I jumping the gun, so to speak? What do you think?

Thanks.

Edited_time_total
Back to top
View user's profile Send_private_message 
P123

Joined: 05 Sep 2009
Posts: 89
Location: Northern Ireland, UK

PostPosted: Wed 26 Oct 2011, 13:02    Post_subject: Disposable email addresses  

There are a few disposable email extensions or apps for Google Chrome or for Chromium.

For example Instant Email Address or TrashMail.net.
Back to top
View user's profile Send_private_message 
jim3630


Joined: 13 Feb 2011
Posts: 792
Location: Northern Nevada

PostPosted: Wed 26 Oct 2011, 13:08    Post_subject:  

tend to think any email address such as something@yahoo.com could be a throw away if you use it only once.
Back to top
View user's profile Send_private_message 
sgk

Joined: 28 Nov 2006
Posts: 6
Location: USA

PostPosted: Wed 26 Oct 2011, 13:11    Post_subject: Disposable E-mail addresess
Sub_title: Suggestions for Disposable E-mail addresess
 

@P123

Thanks.

I'm familiar with TrashMail, but the second one that you mentioned, I am not, so I'll try that one too.
Back to top
View user's profile Send_private_message 
P123

Joined: 05 Sep 2009
Posts: 89
Location: Northern Ireland, UK

PostPosted: Wed 26 Oct 2011, 13:12    Post_subject:  

Does anyone how if there is a pet file to create a multiboot cd/dvd? I did a search for multiboot cd http://murga-linux.com/puppy/search.php & there was only 457 posts that matched this. Just searching for multiboot gives the same results.

I am hoping to create a cd/dvd with PuppyCrypt, PupRescue, Wary, R.I.P. Linux & Linux Mint or Ubuntu Rescue Remix.
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 2 of 4 Posts_count   Goto page: Previous 1, 2, 3, 4 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Advanced Topics » Puppy Derivatives
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0922s ][ Queries: 12 (0.0074s) ][ GZIP on ]