Tuesday, March 17, 2015

Libertas Tablet Second Batch Available Now

16 and 32 GB Libertas models have been added to the Store page inventory.

As more tablet hardware shows up I will add it to the inventory. The particular hardware I am using is getting more and more difficult to get my hands on so I am only listing what I actually have in my possession at any given moment. I am also testing hardware for the next model and will provide updates as that progresses.

I will also be making some user friendly guides for the various tools available on the Libertas.

Stay tuned....

Friday, March 6, 2015

Shrinking Your Online Vulnerability

"As NSA general counsel Stuart Baker has said, 'Metadata absolutely tells you everything about somebody's life. If you have enough metadata, you don't really need content."
-- Dr. David Cole

"We kill people based on metadata."
-- Michael Hayden, former NSA and CIA director

Metadata is data about data...

"The main purpose of metadata is to facilitate in the discovery of relevant information, more often classified as resource discovery. Metadata also helps organize electronic resources, provide digital identification, and helps support archiving and preservation of the resource. Metadata assists in resource discovery by "allowing resources to be found by relevant criteria, identifying resources, bringing similar resources together, distinguishing dissimilar resources, and giving location information."
-- National Information Standards Organization


In the realm of communications security, and specifically internet based communications, it is generally agreed that the largest attack surface for end users is the web browser. This applies whether you are using an "unsafe" operating system like Windows/Mac or a safer Linux based one. I have touched on the operating system issues in past articles and will cover it again in greater detail later, but for now lets take some small easy steps to bolster our privacy defenses.

First off, and I just want to address this briefly as it is an article unto itself, this guide assumes that you are utilizing a VPN for most if not all of your internet adventures.

Second, we will be working with the latest Firefox build (Chrome/Chromium still have some trouble respecting your privacy). We are going to employ a series of "under the hood" hacks as well as some various browser extensions. I am going to list them in order of importance and offer some alternatives as well (you may find some of the addons less annoying than others).

First lets get under the hood - open your Firefox browser and follow along,

1. type about:config into the address bar and hit Enter. Accept the warning that pops up, type tls in the search bar and confirm the following "value" column settings:

security.tls.version.max    3
security.tls.version.min     1

If they do not match the above settings, change them to match.

2. Go back to the search bar where you first typed "tls" and instead type media.peer . Find "media.peerconnection.enabled" and change it from true to false.

So what we have done so far is to make sure that the web browser will not allow a site with depreciated SSL (Secure Sockets Layer - how websites encrypt HTTP traffic) to achieve a connection, which would leave your traffic potentially exposed. Ideally, the sites you visit will have option "3" enabled (TLS 1.2) which provides PFS (Perfect Forward Security).....in other words, a site using TLS 1.2 for encryption will negotiate a new key for every session, meaning if a key or session was somehow compromised, it would only give the attacker access to that one session and not your complete browsing history.....the implications should be obvious.

Now we will tackle the Firefox addons in order of importance.

It is debatable which of the following addons belong at the top of the list, as differing circumstances can shift the relative importance of the addon. That being said, I am going to start off with -

1. HTTPS Everywhere which enforces an encrypted website session as long as the website being contacted supports it.

2. Ghostery (this can be found in the Firefox menu under addons), is effective at blocking a large amount of the cookies, analytics and trackers that plague the internet. An alternative that is pure opensource is Disconnect. In my experience Ghostery is the more effective of the two, but your results may vary.

3. Random Agent Spoofer . Your default user agent string is a big part of that metadata mentioned earlier, as it is one of the contributing data points used for browser fingerprinting. This clever addon will, as the name implies, randomly select user agent strings to present to internet land thus shrinking a major metadata factor.

4. No script is a script management addon. A script (javascript in this case) in layman's terms, gives a browser the ability to run "programs". Some of these "programs" could be malicious in nature and in fact this, historically speaking, is responsible for the majority of computer attacks. Even if you choose to disable the script blocking function (it can make browsing difficult at times), it still offers some valuable protective features and is highly recommended.

5. FreeSpeechMe . This addon gives you access to ".bit" websites. Dot-bit, unlike .com - .net - .org and all the rest of them, does not rely on centralized corporate or government control. Instead it uses a bitcoin style decentralized blockchain to secure the domains. Read up on it, this is the future of free internet.

6. Better Privacy. This addon deletes those sneaky, hard to find cookies that might be missed by Ghostery or Disconnect.

7. Adblock Edge blocks adware without the sneaky corporate whitelist that regular Adblock uses.

8. Secret Agent is a child of the Dephormation project. It offers quite a bit of protective features and user settings. It can, however, bog down your browser - so be forewarned.

Some other settings that may need some attention:

Go into Preferences, Privacy, set it to always use private browsing mode, or at the very least, never accept 3rd party cookies and clear history on exit.

Go to Advanced, Data Choices, and de-select everything.


Another useful tool is to download the JonDoFox browser configuration. Once installed, this will ask you what type of Firefox session you want each time you start Firefox. The JonDo variant has several privacy controls built in and is suitable for TOR browsing as well. Be aware that if you want to use it on the regular "clear net", you need to go into Preferences, Advanced, Network, Settings - and select no proxy.


There is much more that needs to be done to mitigate your online risk, but this is an easy place to start that anyone can do.

More steps to follow......

Dangerous Distractions


Thursday, March 5, 2015

Regarding Solar Options

Being that I have been off-grid for the last five years and built
several small to large solar systems, I thought I would pass on what I
have learned.

First, Goal Zero does make some quality stuff....never had any
noteworthy problems with them. That being said - if you are going to go
with their Yeti 1250, do yourself a favor and skip the Goal Zero Boulder
panels and order a full sized 240-250 watt (mono or poly) solar panel.
It's a lot more bang for your buck and 250 watts is about the max the
Yeti's internal charge controller can handle. You would need to also get
the MC4-to-anderson power pole converter cord (goal zero sells this
item, but you have to call them) and enough MC4 (10awg) cord to support
your setup. It's worth mentioning that you can also add a second battery
and double the storage capacity of the Yeti 1250, giving you around 2500
watts of power. You need to make sure and match the internal battery of
the yeti which is a 12v 100ah SLA/AGM (can be found at your local
Batteries Plus store or ordered on Amazon, but shipping will hurt).

Second, if you want to try and roll-your-own, I would highly encourage
the use of AGM batteries as opposed to flooded lead acid as another
commenter had mentioned. Flooded Lead Acid are a better value money
wise, but present several problems that preclude them from serious
consideration, especially if you have mobility in mind. Compared to FLA
batteries, SLA/AGM (Sealed Lead Acid/ Absorbed Glass Mat) batteries are
sealed and do not appreciably off gas hydrogen, making them much safer
for enclosed living areas. They also can tolerate being turned on their
side and are more tolerant of temperature extremes. They do, however,
cost a bit more than FLA's, but due to the factors mentioned, they are
all I use in my own projects.

A simple setup (comparable to the Yeti above) would be to purchase the
following items:

1. 12volt / 100ah SLA/AGM battery

2. 100 watt folding solar panel

3. 10amp, 12/24 volt MPPT charge controller (might go with a 20 or 30
amp for future upgrades)

4. Medium size rolling toolbox ("dolly" style)

5. 1000watt AC/DC inverter

6. 10awg cables w connectors for your chosen panel, 8awg cables for

7. automotive/ blade style fuse holders and fuses (match the amps of the
chosen charge controller)

8. Optional - NOCO wicked smart battery charger (if you want to top it
off when you have access to the grid or a generator.

Start by securing battery in the bottom of your "toolbox" housing, then
mount the inverter and charge controller inside, making sure that they
all have space between them and room for airflow as cooling is
important. Connect the cables that run between the panel and the charge
controller to the CC adding one of the in-line fuse holders to the
positive cable. Run a set of the 8awg cables to the battery (leave the
positive disconnected for now). Run a set of 8awg cables from either the
battery or the CC, depending on the model, to the inverter (inverter
should have it's own fuses). Connect the solar panel to the first cables
you set up, make sure all your fuses are in place and connect the
positive battery cable. The CC should read the state of the battery and
begin charging or maintaining the battery.
This setup will give you the same 1200 watt rating that the Yeti 1250
has out of the box for about half the price. If you wish to use the NOCO
charger, you would just attach its alligator clips to the battery, plug
it into a 120AC wall socket, select the appropriate voltage and battery
type on it's faceplate and you are in business.

A quick note regarding inverters. There are two basic types of inverters:

- Pure sine wave (more expensive)

- Modified sine wave (less expensive)

Besides the cost consideration, care must be taken as a modified sine
wave inverter can cause problems with more sensitive electronics, such
as computers. I don't know if modified sine wave would present problems
for the charging or powering of radio equipment - perhaps Sparks or Dan
can chime in here?


Another option would be to purchase a small folding 14-16watt panel and
a lithium/ion battery pack for use in the charging of phones, tablets
and other handhelds in the field. This style of battery pack has come a
long way and 12000mah - 30000mah units can be found on Amazon with ease.
This is a power solution I will be offering for my tablet project as well.

While this has been a rather breviloquent guide to setting up a solar
system and there is obviously much more info available on the subject,
this should get you started on the right path. If there is more interest
from the readership I can put together a more detailed post on the setup
or possibly just build and ship them for those that want that.