privacy

Install Syncthing for continuous file synchronisation on Debian or Ubuntu

Syncthing is an open source tool that synchronises data across multiple devices. It transfers your files peer-to-peer, without the requirement to upload your information to the cloud. Packages are available for Android, Windows, macOS and Linux (including Synology DSM).

The usefulness of this project cannot be overstated.

Running the Syncthing stable channel

Syncthing is included in the Debian and Ubuntu repositories, respectively. These instructions are targeting the latest release of the Syncthing stable channel. It is therefore necessary to add the Syncthing repository to your list of APT sources.

In the following example, bookworm is the local username.

Step 1

Add the Syncthing release key for validation of packages downloaded from the Syncthing repository.

$ sudo curl -o /usr/share/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg

Step 2

Add the Syncthing repository.

$ echo "deb [signed-by=/usr/share/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list

Step 3

Install Syncthing on your system.

$ sudo -- bash -c 'apt update && apt install --yes syncthing apt-transport-https'

Step 4

Enable Syncthing for the local user bookworm.

$ sudo -- bash -c 'systemctl enable syncthing@bookworm.service && systemctl start syncthing@bookworm.service && systemctl status syncthing@bookworm.service'

Step 5

You may need to edit your firewall settings to open ports for incoming and outgoing traffic.

If you are using ufw as a host-based firewall

Configure ufw to allow connections to Syncthing.

$ sudo ufw limit syncthing

If you are using firewalld as a host-based firewall

Configure firewalld to allow connections to Syncthing.

$ sudo -- bash -c 'firewall-cmd --zone=public --add-service=syncthing --permanent && firewall-cmd --reload && firewall-cmd --info-zone=public'

Step 6

Access the Syncthing configuration page by using your browser to navigate to the following address:

http://localhost:8384

Step 7

Complete your setup by referring to the Syncthing documentation.

The process of security

“Security is a process, not a product. Products provide some protection, but the only way to effectively do business in an insecure world is to put processes in place that recognize the inherent insecurity in the products.” Bruce Schneier acknowledges that perfect computer security probably doesn’t exist. He reminds us that we need to understand our risk of exposure in order to be able to manage it.
www.schneier.com

Trust the process, Tina!

What’s in a PR statement: LastPass breach explained

“LastPass likely could have prevented this if they were more concerned about keeping their users secure than about saving their face. Their statement is also full of omissions, half-truths and outright lies. As I know that not everyone can see through all of it, I thought that I would pick out a bunch of sentences from this statement and give some context that LastPass didn’t want to mention.” Wladimir Palant helps to decode what LastPass had to say about their latest security breach.
palant.info

Das Fediverse: Social Media losgelöst von den Fesseln kommerzieller Interessen

“Soziale Medien werden von Plattformbetreibern dominiert, die das eigene Interesse in den Vordergrund rücken und jede Entscheidung daran messen, wie sich eine Profitmaximierung erzielen lässt. Hat man das einmal verinnerlicht, wirft sich einem unweigerlich die Frage auf, was an sozialen Medien eigentlich sozial ist. Sozial bedeutet anderen zu helfen, was auch bedeuten kann, die eigenen Interessen zurückzustellen. Also im Grunde genau das Gegenteil dessen, wie kommerziell ausgerichtete Plattformen wie Twitter, Facebook und Co. agieren.”
Mike Kuketz erklärt die Idee des Fediverse und unterstreicht, warum es sich damit so grundlegend von Platformen wie Twitter und Facebook unterscheidet. Dieser Beitrag ist von großer Wichtigkeit, nicht nur für die Nutzer der sozialen Medien…
www.kuketz-blog.de

Jan Böhmermann ist auch auf Mastodon!

Twitter buyout puts Mastodon into spotlight

“Mastodon is used to publish 500-character messages with pictures, polls, videos and so on to an audience of followers, and, in turn, to follow interesting people and receive their posts in a chronological home feed. Unlike Twitter, there is no central Mastodon website – you sign up to a provider that will host your account, similarly to signing up for Outlook or Gmail, and then you can follow and interact with people using different providers. Anyone can become such a provider as Mastodon is free and open-source. It has no ads, respects your privacy, and allows people/communities to self-govern.” Eugen Rochko preempted the planned aquisition of Twitter by a mere 6 years.
joinmastodon.org

They stormed the Capitol. Their apps tracked them.

“The location-tracking industry exists because those in power allow it to exist. Plenty of Americans remain oblivious to this collection through no fault of their own. But many others understand what’s happening and allow it anyway. They feel powerless to stop it or were simply seduced by the conveniences afforded in the trade-off. The dark truth is that, despite genuine concern from those paying attention, there’s little appetite to meaningfully dismantle this advertising infrastructure that undergirds unchecked corporate data collection.” Charlie Warzel and Stuart A. Thompson show the ease with which supposedly anonymised data from your smartphone is re-identified. From nothing to hide to nowhere to hide—we are all Americans now.
www.nytimes.com

The secrets of surveillance capitalism

“The game is no longer about sending you a mail order catalogue or even about targeting online advertising. The game is selling access to the real-time flow of your daily life—your reality—in order to directly influence and modify your behavior for profit.” According to Shoshana Zuboff, we urgently need to revoke the collective agreement with the practices that result in the dispossession of behavior.
www.faz.net

Return of the russian passenger

“After a secret breaks in the news, Reply All re-examines how Alex Blumberg’s Uber account was hacked.”

Die AAA-Bürger

“So wie Alibaba und Amazon wissen, wofür sich ihre Nutzer interessieren und was sie als Nächstes kaufen könnten, will der chinesische Staat aus den Datenspuren seiner Bürger ableiten, wie sie sich in der Vergangenheit verhalten haben und in der Zukunft verhalten könnten und sie nach einem Punktesystem entsprechend bewerten. Wer zum Beispiel über das Internet gesunde Babynahrung bestellt, soll Pluspunkte erhalten. Wer sich hingegen Pornos ansieht oder zu viel Zeit mit Computerspielen verbringt, muss mit Abzügen rechnen.” Da trifft es sich gut, daß Felix Lee nichts zu verbergen hat und ein solcher Umgang mit Nutzerdaten überhaupt nur in China in Erwägung gezogen wird…
www.zeit.de

With thanks to Michael August

Wie, Du bist nicht bei Whatsapp?

“Wer Whatsapp liebt, sollte besser nicht weiterlesen, oder vielleicht gerade dann, denn Liebe macht ja bekanntlich oft blind.” Boris Pohler, selbst Lehrer und Vater von zwei Kindern, bennent den Preis für die Verwendung des weit verbreiteten Dienstes und erklärt, warum jeder Nutzer gegen deutsches Recht verstößt.
blog.pohlers-web.de

Is Facebook spying on you?

“This year we’ve gotten one question more than any other from listeners: is Facebook eavesdropping on my conversations and showing me ads based on the things that I say?”

Zur Hölle mit den Reichen

“Das System ist zutiefst krank. Es ist unmoralisch und unanständig. Die Wut darauf wächst. Sie sucht sich nur die falschen Ziele. Der Hass der Betrogenen gilt eher dem Kriegs- als dem Steuerflüchtling. Unser Planet ist ein Paradies für Arschlöcher.” Jacob Augstein bringt es auf den Punkt.
www.spiegel.de

Motor der Ungleichheit

“Das vielleicht spektakulärste Beispiel dafür ist der Google-Mutterkonzern Alphabet. 2003, weniger als ein Jahr vor dem Börsengang, übertrug ‘Google USA’ seine Suchmaschinen- und Werbetechnologie an ‘Google Holdings’, eine in Irland eingetragene Tochter. Dank des irischen Steuerrechts kann das Unternehmen seine Gewinne mit einen Zwischenstopp auf den Bermudas versteuern. 15,5 Milliarden Dollar waren das bei Google im Jahr 2015, der Steuersatz für Unternehmen auf der Inselgruppe: null Prozent.” Gabriel Zucman fordert ein Finanzregister als effektive Waffe gegen die Intransparenz der Weltfinanzen.
www.sueddeutsche.de

End these offshore games or our democracy will die

“These are the fixes, but a real solution is ultimately political. We must accept that Big Finance and runaway inequality are incompatible with either a functioning democracy or a sustainable economy.” Aditya Chakrabortty sees a rotting core at the heart of our democracies.
www.theguardian.com

You are the product

“What this means is that even more than it is in the advertising business, Facebook is in the surveillance business. Facebook, in fact, is the biggest surveillance-based enterprise in the history of mankind. It knows far, far more about you than the most intrusive government has ever known about its citizens. It’s amazing that people haven’t really understood this about the company. I’ve spent time thinking about Facebook, and the thing I keep coming back to is that its users don’t realise what it is the company does. What Facebook does is watch you, and then use what it knows about you and your behaviour to sell ads. I’m not sure there has ever been a more complete disconnect between what a company says it does—‘connect’, ‘build communities’—and the commercial reality. Note that the company’s knowledge about its users isn’t used merely to target ads but to shape the flow of news to them. Since there is so much content posted on the site, the algorithms used to filter and direct that content are the thing that determines what you see: people think their news feed is largely to do with their friends and interests, and it sort of is, with the crucial proviso that it is their friends and interests as mediated by the commercial interests of Facebook. Your eyes are directed towards the place where they are most valuable for Facebook.” John Lanchester does not know what will happen should this $450 billion penny ever drop.
www.lrb.co.uk

How not to get phished

“Most humans can tell the difference most of the time, but if they are tired, or stressed, or in a rush, or have any number of other common obstacles to computer use, there’s a good chance they won’t notice the difference, will type their password into the wrong site, and will have their account taken over by bad guys.” Jacob Hoffman-Andrews identifies password managers as the average human’s best defence against phishing attacks.
jacob.hoffman-andrews.com

Conversations

“Welcome to this introduction to Conversations. It is gonna be a great introduction. It’s gonna be fabulous. Other instant messengers have fought Conversations for many years, but they couldn’t beat it. Just couldn’t do it. Total loosers. They’re all dead now. All the other messengers have failed. Forget WhatsApp, okay? Signal …total disaster. Threema is so bad, it’s not even a real messenger. It’s fake. Threema is a fake messenger. Converstations has got to be the best messenger in the world. It’s huge. OMEMO. You’ll love it. Best protocol. Tremendous. Absolutely fantastic. Nobody has messengers better than Conversations. This messenger is so big, you can even see it from the moon. And I am going to make you pay for it. It’s true. Important people tell me that Conversations is so great, it’s unbelievable. So great, it’s beautiful. Conversations is the best instant messenger that God ever created.”
conversations.im

The swedish kings of cyberwar

“Among the many questions posed by Scandinavia’s embrace of mass surveillance is one that has lingered at the margins throughout the Snowden debate: Are advanced democracies any different than their authoritarian counterparts in seeking to gain broad access into the private lives of citizens?” Hugh Eakin shines a light on the underreported activities of Sweden’s FRA in spying on people everywhere.
www.nybooks.com

With thanks to Michael August

We let technology into our lives. And now it’s starting to control us

“Our concern about government snooping sometimes distracts from self-awareness of our complicity as consumers of products so ubiquitous they have become everyday verbs.” Rachel Holmes is joining the resistance, because the so-called neutral platforms in reality facilitate hate against women, racism and homophobia.
www.theguardian.com

Complexity is the enemy of security: how to stay relevant in a hacked world

“And one way to fight back is through Open Source. To make sure that the systems we use are trustworthy and can be verified and can be veryfied by anybody [sic]. Relying on Open Source to bring us privacy and trustworthy security is a crucial point for our future on the Internet. The Utopia is gone, it’s not coming back. But we can do what we can to maintain as much trust on the Internet as possible. And openess is key to trust. Without openess there is no trust—without trust there is no democracy.”
Mikko Hypponen