Linux HowTo: Windows 10 disable internet in search

Original Source Link

I just installed Windows 10 Pro (version 10.0.19041) and I noticed that the “Start menu” search (the one you get when you hit the Windows button on the keyboard and start typing) searches the internet, despite me having disabled this.

What I tried before came from this question:
How to disable internet search results in start menu post Creators Update?

I updated the following in the registry:

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSearch]
"BingSearchEnabled"=dword:00000000
"AllowSearchToUseLocation"=dword:00000000
"CortanaConsent"=dword:00000000

and I updated the following in the Local Group Policy Editor:

Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Search

  • Allow Cortana: Disabled
  • Do not allow web search: Enabled
  • Don’t search the web or display web results in Search: Enabled

Then I restarted the computer. Although initially this did work and the search no longer connected to the internet, now (maybe since a Windows update was installed?) it is searching again, I think through Bing since that is the logo it is displaying underneath the search results.

The ellipsis-menu in the search app says Build: 2020.06.03.6245959, in case that is relevant?

Edit: The reason I ask this is because I consider this a privacy issue. I press the windows key to start applications (which I find much faster and convenient than using my touchpad), but I don’t want every keystroke to be sent to the internet.

Tagged : / /

Making Game: I’m at a friend’s place, on his wifi. Can he tell what websites I visit?

Original Source Link

I’m staying at a friend’s place for a few days and use his wifi. Can he tell what websites I visit? His wifi is password protected (WPA2). Note: my friend is a software engineer.

I have read stuff about Wireshark and other tools but something bugs me: surely wifi box makers want wifi to be secure, so that employees in a company or family members don’t “spy” on each others. So would my friend be able to see what urls I connect to?

It’s certainly possible. His router has complete control over routing traffic on his network, which would let him at least see the names of the sites you connect to through DNS requests your device(s) make. It’s less likely he’d be able to see information those sites display, though.

Unless you use something like a VPN, in which case all he would see is a connection to a VPN. That said, if you’re concerned about him possibly spying on you, perhaps you shouldn’t be staying with him.

I NOTE THIS IS ALL WHAT CAN BE DONE – NOT AN INDICATION ITS EASY OR LIKELY. Most non-experts could not what you are asking, and many experts won’t.

Its your friends network, so yes, if he has the technical nous and is so inclined he can spy on you in a limited way if he has set his network up to do so. I’ll break it down –

It is his network, so the level of WIFI security is irrelevant – he knows the passphrase, and even if he doesn’t – just like any ISP or provider between you and the sites you visit, he can get access to the data after it has left the WIFI network and is transiting his router.

Most websites now use HTTPS, and this does offer you some protection against spying. A rough and very simplistic general assessment is he will be able to see what sites you visit, but not exactly what pages. (Unless he manages to install his own certificate on your computer or you ignore computer warnings about untrusted certs). There are at least 2 ways he can gleen this information – By looking through the DNS requests your system makes, and by looking at the headers. Although sites are encrypted with HTTPS, most often the information about the site address is not encrypted due to limitations of having multiple secure sites on a single server/IP address.

Using a VPN will allow you to encrypt all traffic between your computer and him, and will overcome the shortcomings above – if you are careful not to use his nameservers – which is sometimes not obvious. Of-course, the VPN provider can get the data instead of him.

There is another attack vector – as you are at his place, he can likely get access to your hardware. Once he can do this he can install a key logger or other means of getting access to your systems. You may want to google “Evil Maid attack” for this class of problem.

Tagged : / /

Linux HowTo: I’m at a friend’s place, on his wifi. Can he tell what websites I visit?

Original Source Link

I’m staying at a friend’s place for a few days and use his wifi. Can he tell what websites I visit? His wifi is password protected (WPA2). Note: my friend is a software engineer.

I have read stuff about Wireshark and other tools but something bugs me: surely wifi box makers want wifi to be secure, so that employees in a company or family members don’t “spy” on each others. So would my friend be able to see what urls I connect to?

It’s certainly possible. His router has complete control over routing traffic on his network, which would let him at least see the names of the sites you connect to through DNS requests your device(s) make. It’s less likely he’d be able to see information those sites display, though.

Unless you use something like a VPN, in which case all he would see is a connection to a VPN. That said, if you’re concerned about him possibly spying on you, perhaps you shouldn’t be staying with him.

I NOTE THIS IS ALL WHAT CAN BE DONE – NOT AN INDICATION ITS EASY OR LIKELY. Most non-experts could not what you are asking, and many experts won’t.

Its your friends network, so yes, if he has the technical nous and is so inclined he can spy on you in a limited way if he has set his network up to do so. I’ll break it down –

It is his network, so the level of WIFI security is irrelevant – he knows the passphrase, and even if he doesn’t – just like any ISP or provider between you and the sites you visit, he can get access to the data after it has left the WIFI network and is transiting his router.

Most websites now use HTTPS, and this does offer you some protection against spying. A rough and very simplistic general assessment is he will be able to see what sites you visit, but not exactly what pages. (Unless he manages to install his own certificate on your computer or you ignore computer warnings about untrusted certs). There are at least 2 ways he can gleen this information – By looking through the DNS requests your system makes, and by looking at the headers. Although sites are encrypted with HTTPS, most often the information about the site address is not encrypted due to limitations of having multiple secure sites on a single server/IP address.

Using a VPN will allow you to encrypt all traffic between your computer and him, and will overcome the shortcomings above – if you are careful not to use his nameservers – which is sometimes not obvious. Of-course, the VPN provider can get the data instead of him.

There is another attack vector – as you are at his place, he can likely get access to your hardware. Once he can do this he can install a key logger or other means of getting access to your systems. You may want to google “Evil Maid attack” for this class of problem.

Tagged : / /

Ubuntu HowTo: Time vault application

Original Source Link

Can application time vault save internet pages in memory and later we check it even if we blocked that page from seeing us?
I am installing the latest ubuntu 20.04 on Windows 10 computer. I had ubuntu only installed on computer as main program before,older version that was updating and time vault on it so i remember how it worked.

Tagged : / / /

Making Game: Disable Windows search history

Original Source Link

Question: how can I disable Windows search history? (Screenshot)

What I did: disabled “My device history” and “cleared my device history” from Windows Permission & History settings. All data-collection settings from Windows privacy settings are disabled. Yet, it still remembers my search history.

Update: it seems that there’s no option to disable it. Just to add more clarification to the solution, here’re the steps for scheduling a cleaning task: Task scheduler > Create task. Name it, select run with highest privileges and choose the trigger (e. g: on startup). Now, in the actions, add an action and fill in the following:

  1. Program/script: powershell.exe
  2. Add arguements: Remove-Item -Path 'HKCU:SOFTWAREMicrosoftWindowsCurrentVersionExplorerWordWheelQuery*'

Note: for me, it didn’t work without removing the asterisk at the end of the command.

Yet, it still remembers my search history.

File Explorer search history cannot be disabled but it can be cleared. After performing a search you can easily clear your search history through the UI.

enter image description here

If you are attempting to automate this functionality you will have to write a script to delete the following registry key.

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerWordWheelQuery

I absolutely would test this script before you implement it but something as simple as the following PowerShell command.

Remove-Item -Path "HKCU:SOFTWAREMicrosoftWindowsCurrentVersionExplorerWordWheelQuery*"

The simplest solution would be to create a Scheduled Task, that runs a PowerShell script when the user logs out of the computer, this would clear the recent search history.

Source: How to Delete the Search History in Windows File Explorer

Tagged : / / /

Linux HowTo: Disable Windows search history

Original Source Link

Question: how can I disable Windows search history? (Screenshot)

What I did: disabled “My device history” and “cleared my device history” from Windows Permission & History settings. All data-collection settings from Windows privacy settings are disabled. Yet, it still remembers my search history.

Update: it seems that there’s no option to disable it. Just to add more clarification to the solution, here’re the steps for scheduling a cleaning task: Task scheduler > Create task. Name it, select run with highest privileges and choose the trigger (e. g: on startup). Now, in the actions, add an action and fill in the following:

  1. Program/script: powershell.exe
  2. Add arguements: Remove-Item -Path 'HKCU:SOFTWAREMicrosoftWindowsCurrentVersionExplorerWordWheelQuery*'

Note: for me, it didn’t work without removing the asterisk at the end of the command.

Yet, it still remembers my search history.

File Explorer search history cannot be disabled but it can be cleared. After performing a search you can easily clear your search history through the UI.

enter image description here

If you are attempting to automate this functionality you will have to write a script to delete the following registry key.

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerWordWheelQuery

I absolutely would test this script before you implement it but something as simple as the following PowerShell command.

Remove-Item -Path "HKCU:SOFTWAREMicrosoftWindowsCurrentVersionExplorerWordWheelQuery*"

The simplest solution would be to create a Scheduled Task, that runs a PowerShell script when the user logs out of the computer, this would clear the recent search history.

Source: How to Delete the Search History in Windows File Explorer

Tagged : / / /

Making Game: Windows 10 disable internet in search

Original Source Link

I just installed Windows 10 Pro (version 10.0.19041) and I noticed that the “Start menu” search (the one you get when you hit the Windows button on the keyboard and start typing) searches the internet, despite me having disabled this.

What I tried before came from this question:
How to disable internet search results in start menu post Creators Update?

I updated the following in the registry:

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSearch]
"BingSearchEnabled"=dword:00000000
"AllowSearchToUseLocation"=dword:00000000
"CortanaConsent"=dword:00000000

and I updated the following in the Local Group Policy Editor:

Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Search

  • Allow Cortana: Disabled
  • Do not allow web search: Enabled
  • Don’t search the web or display web results in Search: Enabled

Then I restarted the computer. Although initially this did work and the search no longer connected to the internet, now (maybe since a Windows update was installed?) it is searching again, I think through Bing since that is the logo it is displaying underneath the search results.

The ellipsis-menu in the search app says Build: 2020.06.03.6245959, in case that is relevant?

Edit: The reason I ask this is because I consider this a privacy issue. I press the windows key to start applications (which I find much faster and convenient than using my touchpad), but I don’t want every keystroke to be sent to the internet.

Tagged : / /

Linux HowTo: Alternatives to TAILS for anonimity on TOR unfriendly websites

Original Source Link

I’m a happy TAILS user since a while. I’ve immeditaly fallen in love with the simplicity of the installation and user experience in general: no code, minimal competences required to get everything up and runniing, and next thing you know is that you are surfing the net anonymously with an encripted storage for your local files. Wonderful.

BUT

From time to time I get to very TOR unfriendly websites, who just don’t let me in.

Be it an infinite sequence of google captcha, or just being excluded outright by their firewall, there’s just no way to access them, let alone interact with them. Some for example would let me surf, but won’t accept me subscribing to them.

I therefore started to think how to bypass the problem, and I finally decided to opt for NordVPN over a reasonably anonymous OS, with Firefox installed and all the privacy addons.

And here is my problem: what OS would I consider to be safe? Windows and iOS would be excluded outright, as they are basically software designed to collect your data and send them over to Cupertino and Redmond.

Linux would be my safest bet. The problem is that I can’t find an easy way to get something like a:

  • Portable
  • Persistent
  • Encrypted
  • Non-TOR

Linux distro that can be combined with NordVPN with relative ease.

All my attempts have failed miserably so far. I basically experimented with Ubuntu, but to no avail. When it comes to software installations is a nightmare, and I can’t get past that point, especially when trying to get NordVPN installed to protect my traffic.

I then read somewhere that any new software needs to be adapted to the new Ubuntu release, and that’s why most software just does not work unless highly personalized (excuse any nonsense here, as I said I ain’t no Linux expert…).

In this case, I’d definitely say that rather having a wonderfully anonymous linux I prefer to follow as many privacy recommendations as possible, and have some kind of clean windows installation that I only use to navigate over NordVPN for as few interactions as possible with the outer world.

So, just to briefly recap: just assume all the rest is in place, no messing with multiple identities in the same place, an anonymous connection, etc. What would be your best advice to get an encrypted, portable, persistent, non-TOR OS?

Thanks for your contributions!!

The runner up to Tails in terms of privacy and security is typically Qubes OS. You can set up a VPN connection on it by configuring it through the NetworkManager inside the NetVM. Qubes does not require all connections to be through Tor so you shouldn’t have issues there.

Tagged : / / /

Making Game: Alternatives to TAILS for anonimity on TOR unfriendly websites

Original Source Link

I’m a happy TAILS user since a while. I’ve immeditaly fallen in love with the simplicity of the installation and user experience in general: no code, minimal competences required to get everything up and runniing, and next thing you know is that you are surfing the net anonymously with an encripted storage for your local files. Wonderful.

BUT

From time to time I get to very TOR unfriendly websites, who just don’t let me in.

Be it an infinite sequence of google captcha, or just being excluded outright by their firewall, there’s just no way to access them, let alone interact with them. Some for example would let me surf, but won’t accept me subscribing to them.

I therefore started to think how to bypass the problem, and I finally decided to opt for NordVPN over a reasonably anonymous OS, with Firefox installed and all the privacy addons.

And here is my problem: what OS would I consider to be safe? Windows and iOS would be excluded outright, as they are basically software designed to collect your data and send them over to Cupertino and Redmond.

Linux would be my safest bet. The problem is that I can’t find an easy way to get something like a:

  • Portable
  • Persistent
  • Encrypted
  • Non-TOR

Linux distro that can be combined with NordVPN with relative ease.

All my attempts have failed miserably so far. I basically experimented with Ubuntu, but to no avail. When it comes to software installations is a nightmare, and I can’t get past that point, especially when trying to get NordVPN installed to protect my traffic.

I then read somewhere that any new software needs to be adapted to the new Ubuntu release, and that’s why most software just does not work unless highly personalized (excuse any nonsense here, as I said I ain’t no Linux expert…).

In this case, I’d definitely say that rather having a wonderfully anonymous linux I prefer to follow as many privacy recommendations as possible, and have some kind of clean windows installation that I only use to navigate over NordVPN for as few interactions as possible with the outer world.

So, just to briefly recap: just assume all the rest is in place, no messing with multiple identities in the same place, an anonymous connection, etc. What would be your best advice to get an encrypted, portable, persistent, non-TOR OS?

Thanks for your contributions!!

The runner up to Tails in terms of privacy and security is typically Qubes OS. You can set up a VPN connection on it by configuring it through the NetworkManager inside the NetVM. Qubes does not require all connections to be through Tor so you shouldn’t have issues there.

Tagged : / / /

Ubuntu HowTo: Install and run Zoom Client inside a sandbox

Original Source Link

With COVID-19 pandemic there was a boom of video conferencing. Although there are good free and open source alternatives like Jitsi (with e2ee coming soon), Zoom became popular. Is not a secret that have some privacy issues (EFF, ProtonMail Blog, The Guardian, The Verge).

For the ones forced to install it, it would be nice to have a friendly way to install it and run it without giving up privacy so easily. Maybe using it inside a sandbox like firejail (there is a zoom profile), selecting file system access.

If installed using snap package: It’s worth noting that even removing “Play and record sound” from Permissions on Ubuntu software it’s still can play and record sound. IMO a serious security bug on snapd/snappy/snap-store.

Also, audio-record connection (AKA interface) shouldn’t auto-connect, but people behind snap store override this rule on purpose.

screenshot

Zoom is available as a Snap: snap install zoom-client

Snaps are confined to their own filesystem using squashfs loop mounts and AppArmor rules. However, Zoom needs routine access to quite a lot of your hardware (USB ports, audio, screen, camera, network) in order to be useful. Also, the application needs to be detectable by others on the system (so e-mail invitation links work). So complete sandboxing seems a challenge.

Some problems with Zoom (like the ability to bruteforce an access code) are outside the OS’ control.

Tagged : / / /