My employer has this odd policy where they force you to change your password, once every six months or so. Its annoying, because sometimes, you forget your password. Its inherently more insecure to write it down somewhere, isn’t it? Plus, you can’t reuse passwords.
However, my mail client always has my password. And therein comes, a useful Thunderbird add-on, called Password Exporter.
Now, I can see what my last known password was, and login when need be.
Today, I found out Michael Arrington of TechCrunch fame got spat on, but worse, he had death threats against him and his family previously (consequently, he will take a break during February to re-focus). It reminded me of what happened with Kathy Sierra, a while back, which made her stop blogging. Then it reminded me of the events of 2002, in where someone did the same thing to me.
When you’re public facing, and on the Internet, you tend to have a lot of your information spewed online. Social networking sites, and the constant need for you to share with others, helps drive the fact that any stalker can find information about you easily. Some even get their iPhone’s to update the Location field in Twitter automatically (wait, I think twibble on the Nokia phones does that too). We’re geotagging photos. Dopplr or TripIt tells others where you are planning to go – so this problem can also be cross-border.
We’re slowly giving up our privacy, to some extent. And we’re allowing malicious folk to know intimate details of our lives. Details that we wouldn’t mind sharing with a friend, but details that can be used to cause attacks, or even identity theft.
So, my question is: is this an online-only phenomena? I mean, journalists in traditional media do the same thing. OK, they have journalistic integrity, and the editors have strict guidelines to ensure that what is in print, isn’t drivel. Rumours tend not to be published, and everything is fact backed. Blogs tend to lack that, sometimes. Its harder to pinpoint and contact an individual journalist – you’ll just be getting to the editor. In a world where everyone can have the potential to be a journalist, without the integrity of one, is leaving yourself vulnerable online a good thing?
From a personal perspective, my incident about seven years ago hasn’t taught me much. I don’t paste my home address with GPS co-ordinates online anymore on my site – instead I use a PO BOX. But on social networking sites like Facebook, my friends get to see more details. With other people tagging photos of me, you even one even gets to see where I’m hanging out. And when I’m bored, I might tweet where I might be. And with geotagging, co-ordinates start showing up (especially if you have Location Tagger running automatically on the Nokia E71).
How do you deal with potential threats? Do you even think of it? Have you been threatened before?
Here’s hoping Mike has a good break and comes back blogging even stronger. Don’t give up!
Dear (mac/bsd) Lazyweb,
Any idea how I can do the following, on Mac OS X?
iptables -t nat -A PREROUTING -p tcp -d my.pop.server –dport 110 -j DNAT –to-destination 127.0.0.1:1235
iptables -t nat -A OUTPUT -p tcp -d my.pop.server –dport 110 -j DNAT –to-destination 127.0.0.1:1235
Does ipfw(8) work in OS X? What magic will I have to use for this to work? All I really want is for my.pop.server:110 to point to localhost:1235, so if the SSH tunnel isn’t up, I can’t POP my mail. I wrote about this in Secure travelling tips with iptables and SSH port forwarding, as that’s what I do on Linux.
Why do I ask? I’m thinking that my personal laptop (currently a Dell Inspiron 640m running Linux) might actually be replaced with a MacBook Air in the near future (lighter, easier to carry, etc.). Oh, if you have comments about the Air, don’t hesitate to tell them to me as well.
Eli White from Digg presented. It was an interesting talk… He covered:
You are going to get hacked…
- SQL injection
- XSS
- CSRF (cross site request forgery)
- Session Hijacking
Slides (PDF, ODP) have SQL injection/XSS example, with the hole, the attack, and the prevention.
Technorati Tags: mysqlconf, mysql, mysqluc08, mysqluc2008, eli white, digg, hacked, security, sql injection, xss, csrf, slides
The general paranoia at conferences is such that there almost always is WiFi, and there almost always is someone wanting to snoop your traffic. I guess, in a similar vein, this could also happen at Starbucks. So, on day 1, at foss.in I tried to recollect what I used to do, ages ago (when I used to run Fedora on my R51, before the disk died, and I realised I lacked a backup of /root).
iptables
Firewalls break networks? They also secure networks. I have access to some legacy POP servers, that don’t support SSL/TLS like the IMAP servers I have access to. Firing up Thunderbird, to change the settings, to point to localhost, just seems like a waste of time. So the magic of iptables comes into play.
iptables -t nat -A PREROUTING -p tcp -d my.pop.server --dport 110 -j DNAT --to-destination 127.0.0.1:1235
iptables -t nat -A OUTPUT -p tcp -d my.pop.server --dport 110 -j DNAT --to-destination 127.0.0.1:1235
The above, ensures that to access my.pop.server:110, the traffic is automatically routed now to localhost:1235. Clearly, I don’t run a POP server on my laptop, so this is where SSH port forwarding comes into play.
SSH port forwarding
Provided you have access to a server via SSH, and you trust it, you can tunnel your traffic through it. Its made very easy by the:
-L localport:my.pop.server:foreignport
So using the above example, that would be -L 1235:my.pop.server:110.
Then, let’s not forget the useful -C option, to compress traffic.
And hey, web surfing isn’t secure either, so lets create a SOCKS5 proxy while we’re at it. ssh supports the -D option, which works a charm. Use it such that you have something like:
-D 8188
And now, configure your web browser, to use a SOCKS proxy, localhost:8188. You can also configure it in GNOME, under the Network Proxy, but it seems like not all applications respect it (for instance, I can get pidgin to segfault, and Liferea will not get RSS updates for some reason, etc.).
So to sum it up, your SSH command should look something like:
ssh -D 8188 -L 1235:my.pop.server:110 -C my.ssh.server
Discuss
Am I missing something? Do you have an easier iptables rule? Yes, I realise I can also use a VPN. If you have other tips, please don’t hesitate to comment. Thanks.
Technorati Tags: ssh, iptables, travel, tips, wifi, open access points, socks5