Thread: what are your best practices to ensure privacy ?
View Single Post
  #4   (View Single Post)  
Old 2nd April 2012
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
  
Join Date: May 2008
Location: USA
Posts: 7,983
Default
Privacy:

These must be defined differently because the applications are entirely different in their privacy implications:

One at a time:

  1. Internet Email is public. Internet Email is a post card. That is because the Email contents are "plaintext" messages. Transmissions between Email servers (Mail Transfer Agents, or MTAs) may be encrypted, but there is no requirement, and mail may be sent in-the-clear. The messages at rest on the MTA are also plaintext, and may be read by anyone with appropriate access, or perhaps by an adversary.

    The only privacy possible is through encrypting Email content. However, encrypting the contents does not encrypt Email headers, which include source and destination information, and an adversary can learn a great deal from encrypted Email traffic.
  2. FTP authentication is plaintext. The UserID and the Password are sent in the clear. "Privacy" of authentication/authorization information is therefore not possible, unless the FTP server and FTP client are on a trusted network. The data transferred is also plaintext; privacy can only be assured through encryption.
  3. Web "privacy" under almost any definition is nearly an impossibility -- along with cookies stored locally matched to records kept by the web application, the servers your browser communicate with will often store your IP address, flags for the OS you use, your chosen browser and its particular configuration.

    For example, I reach this forum from a variety of IP addresses, and VBB Forum software logs IP addresses. The admins here can look in the logs here to determine where I live and where I work (I've had the same large customer for about five years) if they had any interest.

    TOR might mask my IP address. But for many of the world's web applications, that wouldn't necessarily hide me.
----
Email:

Personally, I use mutt for my Email client (Mail User Agent) on OpenBSD. I used to use GnuPG or some similar encryption tool, but I never encrypted any outgoing Email, and no longer use it with Mutt. I don't send or receive private information in Email. (Links to secure applications, with authentication/authorization steps, are the most common way to transfer private information via Internet Email for me these days.)
These days, my work is non-technical and I have a great deal of Email that must remain private between parties. These Emails do not transit the Internet directly. They go intra-company on secure networks or inter-company via VPN. OpenBSD is not used in MUA or MTA; my customer has chosen proprietary solutions.
---
FTP:

Due to plaintext authentication, I only use FTP configured for anonymous FTP for public file transfers of read/only files. As an example, the ISO images for my live media are transferred via FTP.

For integrity, authentication, authorization, and privacy of data in transit, I use OpenSSH for file transfers, using either sftp(1) or scp(1) as appropriate. The former is "ftp command compatible" and the latter is easy to script.
At one time I had a need to use FTP for file transfers from a machine incapable of using OpenSSH. (It was a Windows machine where neither Putty nor Cygwin were able to be downloaded and executed.) For this one, singular use case, I set up a userid on OpenBSD with S/Key authentication, for use with FTP. Using S/Key, authentication of the Windows FTP client was conducted with a one-time-pad of passphrases. For more info, see skey(1) and login.conf(5), and their SEE ALSO collection.
---
Web Browsing:

This is such a large can-of-worms, it could easily have its own thread, even its own subforum. I'll bet there are forums out there dedicated to discussing browsing privacy, since it is ever evolving. I'll leave it to others.

---

Your defined scope is limited to a subset of OpenBSD environments where these three applications may be involved. There are a wide variety of environments you are not considering. On the client side, for example:
  • Multiple users of a single workstation
  • Thin client users of server-based client applications. See diskless(8) and pxeboot(8).
On the server side:
  • Mail servers (MTAs), FTP servers
  • Interlocked web servers, application servers, data base servers, message queue servers, authentication servers .... etc. that might, in their entirety, make up what is commonly described as a "web-based application".
  • The integrated federation of the above web-applications with a myriad set of third party web-applications designed to track web usage by browser users, in order to sell information about them to others.
Reply With Quote