Using proxy servers on Linux

There are some times when you need to connect your PC to an access point which requires you to route your connections through a web proxy. No panic! It is really simple to config your linux desktop (or server, for that matter) to do it.

You just have to modify your http_proxy and https_proxy environment variables. For example,

export http_proxy=http://1.2.3.4:3128
export https_proxy=http://1.2.3.4:3128
export HTTP_PROXY=http://1.2.3.4:3128
export HTTPS_PROXY=http://1.2.3.4:3128

After that, just execute your favorite web browser then test your new settings. Beware! You have to execute your web browser through the command-line, in the same shell that you have exported those environment variables. For example:

$ export HTTP_PROXY=http://1.2.3.4:3128 && chromium &

Starting the .desktop application of your web browser, for example, wouldn’t work, unless you store those environment variables in a system wide directory (good recommendations include /etc/profile and /etc/profile.d/). However, from my experience, this is limited in the sense that it would be the default proxy of your system, which isn’t what you probably want — the common use case is: connect to some AP, switch to its proxy, and after a while disconnect from it *and throw away its proxy.

Simple, isn’t it? If you want to automate this task a little more, please refer to the ArchWiki [1]

[1]: https://wiki.archlinux.org/index.php/Proxy — from where this post was originally inspired. Also, I needed to apply this setup in a real world situation and I can confirm it works really well.

Using proxy servers on Linux

Privacy / ResetTheNet Paradise

Update (2014-07-15): http://prism-break.org/ — Thanks Ramon for pointing me out this additional source.

Completing one year since Snowden’s whistleblowing over the NSA, some folks out there decided to launch a campaign called Reset the Net.

Its principle is very simple: let’s encrypt everything!

Since this is not always straightforward, I’ll list here some tools I’ll try for the next days. I strongly encourage you to do the same. This is not only about the privacy itself; but it is also a opportunity to learn new ways to do new things.

First: if you want to follow my suggestion, but skip through my personal list, feel free to go upstream and choose your own tools.

Tools

Secure messaging

I’m trying RedPhone and ChatSecure; I tried TextSecure once. The point here is to use something to encrypt your communications over the web. You should notice Facebook Chat is not a secure channel (neither WhatsApp, Google Hangouts, Skype…).

Telegram also has a secure chat feature and can be used as a replacement for WhatsApp.

Mailing Lists / E-mails

I strongly encourage the use of OpenPGP to sign e-mails – and, if you send many e-mails to a specific person, that you two also encrypt them. I created two posts here with several references and motivations to use this tool. First and second one (they are in portuguese).

Today I use it to sign e-mails I send to mailing lists. Unfortunately, nobody in Brazil that I know uses OpenPGP, so it only makes sense to me to use it in a context where people at least know what a signed e-mail is.

Password Managers

I don’t like the idea of your web browser managing your passwords – this applies both to Firefox and Chromium. I prefer to use a external tool to do that. There are several ones available: I recommend LastPass and KeePassX. For OS X, there are even more, like MasterPassword.

Two factor authentication

If you have a smartphone, then just use 2auth! There are no excuses for not using it. At least use it in your most important accounts – nowadays, probably Google, Facebook and Dropbox. I also use it for other services, but these three are the most important ones.

Encrypting Facebook Messages

I just found this amazing browser extension called CryptoCat. Oh man, just install it then send me a message through Facebook using it. I thought a tool like this would never be available.

Overall

Now, please just visit the upstream URL of the project and pick up what matters to you. My goal wasn’t to duplicate its contents here, but just to select some tools from its list – also, you might notice I’ve listed other tools not available there.

Some add-ons I described in this post are still relevant.

That’s it people. Of course, if you want to contribute, just leave a comment saying which tools you like or use.

Privacy / ResetTheNet Paradise

Web Privacy with Firefox

In this post I’ll show you a taste of what you can achieve with the Firefox Web Browser regarding privacy issues.

Firefox is a trademark of Mozilla
Firefox is a trademark of Mozilla

Motivated by PRISM, taylored ads, cookie tracking and several other inconvenient annoyances from the 2013 (today) web, I think we should be more alerted and conscious about what companies are trying to do with our precious data.

Maybe, more important than only consciousness, is that we should protect this data, acting to do something about it.

The following is what I use (actually, what I’m trying to use) to “protect” myself. I recommend you to adopt all or some of these settings. For the freedom \o/.

1 – I’ve recently switched my default search engine [from Google] to startpage. Please don’t get me wrong. I love Google, but I decided Google is tracking way too much my search habits. I don’t want this anymore. Startpage uses Google as its (back) engine, but it does that in a way Google can’t really link my searches to me. Besides, Startpage doesn’t store my IP Address. You can discover more in 10 Ways StartPage Helps You Take Back Your Privacy.

If you wanna definitively get rid of Google, try DuckDuckGo.

You can integrate startpage with Firefox by following this guide.

2 – Add Adblock Edge to Firefox. It blocks nothing more than…ads! I don’t recommend Adblock Plus anymore because it includes (by default) Google Ads. You can still use Adblock Plus by opting-out of this feature, but I disagree that it is enabled by default. It’s like the Amazon ads Canonical includes (by default) with Ubuntu. You can opt-out of them too, but most users won’t do that because either they don’t know or they don’t care with it.

I support (some) ads (like Reddit or Kongregate ones, for example) and I have consciousness the web wouldn’t function right without them, but I will not tolerate ads I don’t [want / haven’t requested] getting in the way of my web experience.  Buuuuut I advise you to enable ads of the services / websites that you like (love). Think carefully about it. They may break (literally) if they don’t get revenue from ads. You can read more about it here.

Adblock Edge is open source.

3 – Add Ghostery to Firefox. It blocks several tracking and analytics services and URLs. You can get surprised if you see how many tracking services are out there in some popular websites, like WSJ. My ghostery have blocked at least 10 of them there.

YSK ghostery is not open source (it is proprietary). You can discover more on Reddit.

4 – Add Self-Destructing Cookies to Firefox. (I know I’m being a bit redundant repeating Firefox all over the items…). It does exact what you would expect it to: destroys cookies from a tab as soon as you close it. And (even) more. You can control what websites won’t have its cookies (automatically) destroyed.

If you don’t allow the cookies of the websites you use often, you’ll end up losing the patience, having to logging in again every time you close all the tabs of them.

5 – And, finally: add NoScript to Firefox. It is the wildcard of all these add-ons. You can selectively control what websites (domains) are allowed to execute scripts in your browser. You can block several malware with it.

If I had to choose only one add-on to use with Firefox, certainly I would choose NoScript.

You should be aware that Noscript can be even more annoying than Self-Destructing Cookies at the first times you use it. By default, all scripts are blocked, and you have to enable (A.K.A. add to its whitelist) the URLs you trust (or use more often…). You can enable the reverse behavior too, of course: allow every script, blocking the ones you distrust (this is a bit crazy, though).

Conclusion

This is a basic setup of one that worries about web privacy. I won’t say it gets you 100% anononymous on the web, because it doesn’t. Of course there are more ways to get even more privacy (like Tor, for example), but they are out of scope of this post. Maybe I’ll write another post about it and some other goodies.

Thank you for reading.

OBS.: This is my first english post written here. It will probably end up with several typos or semantical errors, but I don’t care (actually: I care — obviously — but I’m more focused on the contents of the post than in the english itself…anyway, if you want to help me, please point me out any errors you’ve found,  either in the comments or with an e-mail message. Thank you for the patience.)

Web Privacy with Firefox