Physical Perimeter Security Tools

I recently appeared on the American Warrior Show to speak about physical security with host Mike Seeklander. In the show I promised to post a list of links to some of the tools I talked about, so here it is! I will keep adding to this list and push it to the top as it is updated. Continue reading “Physical Perimeter Security Tools”

Privacy & Security Browser: Brave Review

In my quest for “backup options” to the security and privacy tools I use daily, I have recently rediscovered Brave. I tried it a few months back at a reader’s request. At the time I didn’t really give it the chance it deserved because Firefox met all my browsing needs and my attention was probably elsewhere. Recently, in the interim between the launch of Firefox 57 and the release of the new NoScript, I gave Brave a second chance. I’ve found there’s a lot to like about it, and it is officially my “backup browser.” This Brave review will explain its features and how to use it. Continue reading “Privacy & Security Browser: Brave Review”

The Search for a New iOS-Friendly VPN

As regular readers here know, I have used and advocated for Private Internet Access for quite some time. A couple of months ago my subscription was nearing its end, and I wanted to shop around a bit. While I don’t have a single complaint about PIA, I have recently come to the realization that I need to stay flexible in my choices. I don’t want to be scrambling for a replacement if the day comes that PIA is no longer trustworthy or no longer meets my needs. This is part of a larger push to have pre-selected alternatives to the apps and services that I rely on for privacy and security. With this in mind I headed to https://www.privacytools.io/ and began my search for an iOS-friendly VPN. Continue reading “The Search for a New iOS-Friendly VPN”

The Amazon Key Security Nightmare

In case you haven’t heard, Amazon recently rolled out “Amazon Key.” This service allows delivery persons to leave packages inside your home. I’m sure I’m largely preaching to the choir here, but I can’t let this one go unanswered. I want to talk about Amazon Key security, and some of the problems it creates. Continue reading “The Amazon Key Security Nightmare”

The Ultimate Security & Privacy Gift Guide

I thought I would do something I’ve never done before: write up a privacy gift guide ahead of Black Friday and Cyber Monday. Privacy people are hard to shop for. We don’t use Amazon’s Wish List because it’s creepy. Obviously we won’t tell you over SnapChat and Facebook isn’t going to recommend anything because we don’t use it. Since you probably already know what you want, share this privacy gift guide with someone that doesn’t know what you want! Because, you know…privacy. Continue reading “The Ultimate Security & Privacy Gift Guide”

HTTPS Certificate Fingerprinting

I’ve talked a lot about HTTPS (and we talked about it in podcast Episode 054), but no one really explains how to make sure your connection is really valid. In some situations I have wanted to look beyond the green padlock icon. This concern has grow with reports of various public Wi-Fi services intentionally breaking HTTPS connections. Hardware manufacturers have shipped devices with what amounts to pre-installed malware for the same purpose. I’ve written about this before but I thought it was worth doing a video on HTTPS certificate fingerprinting.

HTTPS – What it is and Isn’t

Before we go into that, let’s talk briefly about why HTTPS is important. Most people know that it’s important, but not many people know why. An HTTPS (Hypertext Transfer Protocol [Secure]) connection is one that is encrypted from your device to the website you are visiting. The encryption is ridiculously strong AES-128. These connections, if established properly, are (currently) impossible to break…assuming the correct “handshake” has been made and and you haven’t been served a bogus certificate. Making sure you haven’t been served a phony cert requires HTTPS certificate fingerprinting as described in the video.

The encryption a proper HTTPS connection offers is excellent. I always recommend using HTTPS versions of sites and running HTTPS Everywhere in your browser. It is not a substitute for a VPN, however. HTTPS does not protect your packet headers. The URLs to which your browse to are completely exposed in these headers, as is your true IP address. I consider this a strong layer of security, but only a layer in a much bigger picture.

Without further ado, check out the video!

HTTPS Certificate Fingerprinting

The website I talked about in the video: https://www.grc.com/fingerprints.htm

Operational-Security Official URL Update

This is just a quick announcement to say that the URL for what I have been calling “Operational-Security.com” is officially https://operational-security.com. I am attempting to consolidate my rather confusing set of URLs, and lower my own cost by reducing the number of HTTPS certificates and domains I maintain.

Unfortunately this is going to create a bit of headache for some of you. If you have linked to blog posts at “blog.yourultimatesecurity.guide…” (or added them as bookmarks or favorites) you will probably find many of these links broken. For that I apologize. All new posts and updates will appear at the new URL. Thank you for your patience!

JC

Radical Personal Finance Podcast Interview

I was recently invited to be on Joshua Sheats’ Radical Personal Finance Podcast. Joshua is a big fan of the Complete Privacy & Security Podcast, and wanted to bring some digital security to his audience. This interview is long (running almost 2 hours), but we covered some excellent information. Continue reading “Radical Personal Finance Podcast Interview”

Wire Private Messenger

Wire Private Messenger is my new favorite encrypted messaging service. It is rapidly replacing Signal in my day-to-day use, though it will be a long time before it replaces Signal entirely. There are a lot of things to recommend this relative newcomer. Continue reading “Wire Private Messenger”