Published on: October 8, 2019 by Albert Reilly
The ability of an individual or group to seclude themselves, or information about themselves, and thereby express themselves selectively is called Privacy. With the advancement of the digital age, personal information vulnerabilities have increased and data security has become a concern. A need to limit the information to be made available public came along with this. Information privacy is considered an important aspect of information sharing which can be applied in numerous ways, including encryption, authentication and data masking, each attempting to ensure that information is available only to those with authorized access. These protective measures are geared toward preventing data mining and the unauthorized use of personal information, which are illegal in many parts of the world.
Here, we will list or discuss some measures or guidelines that can be followed while using Linux to make information restricted or private.
Normally, when you delete a file, that portion of the disk is marked as being ready for another file to be written to it, but the data will be still there. If a third party were to gain physical access to your disk, using advanced techniques, they could access the data that you thought you had deleted. shred is a program that will overwrite your files in a way that makes them very difficult to recover by a third party. The way that shred accomplishes this is to overwrite repeatedly, as many times as you specify, the data you want to destroy, replacing it with some random data.
If you just want to overwrite a file, use
$ shred <filename>
By default, shred overwrites a file 3 times. However, you can change this number (say 10) using the -n option.
$ shred -n 10 <filename>
If you want to delete the file as well, use the -u option
$ shred -u <filename>
If you require only to overwrite a set number (say 10) of bytes from the file, you can use the -s option.
$ shred -s 10 <filename>
$ cat a 012345678901234567890123456789 $ shred -s 10 a $ cat a �ಽ�V#n�C01234567890123456789
To show verbose information about the shredding progress, use -v option.
$ shred -v a shred: a: pass 1/3 (random)... shred: a: pass 2/3 (random)... shred: a: pass 3/3 (random)...
To add a final overwrite with zeros to hide shredding, use -z option. You will see an empty file when using cat command, but the file will be of some size.
$ cat a 012345678901234567890123456789 $ shred -z a $ cat a $ ll a -rw-rw-r-- 1 user user 1048576 Aug 30 21:33 a
We can make the command executed in the terminal to be hidden from the bash history. This can be done by adding a space “ “ before the command. However, even these can be captured in the history. We can alter this using the HISTCONTROL variable. HISTCONTROL controls how bash stores command history. There are two possible flags: ignorespace and ignoredups. The ignorespace flag tells bash to ignore commands that start with spaces. The other flag, ignoredups, tells bash to ignore duplicates. You can concatenate and separate the values with a colon, ignorespace:ignoredups, if you wish to specify both values, or you can just specify ignoreboth.
$ history 1 whoami 2 pwd 3 history $ HISTCONTROL= ignorespace $ touch test.txt $ history 1 whoami 2 pwd 3 history 4 HISTCONTROL= ignorespace
To clear the history, you can use the -c option with history command.
$ history -c
This will clear all the commands in the current session. We can clear an individual line using the -d option and full wipe using -cw.
$ history -d $ history -cw
A file can be encrypted and decrypted from the command line using openssl.
The syntax for encrypting a file using an algorithm is as below. You can enter the input filename (with-in option) and the required output filename (with-out option). Furthermore, you can securely remove the original file using the shred command as we discussed above. To see the available algorithms, you can press “tab” key twice after openssl.
$ openssl aes-128-cbc -in testin -out testout enter aes-128-cbc encryption password: Verifying - enter aes-128-cbc encryption password:
Do remember the password to decrypt the file. Use -d option to decrypt.
$ openssl aes-128-cbc -d -in testout -out testresult enter aes-128-cbc decryption password:
We have dealt with encrypting a file from the command line. We can furthermore encrypt a file using the Vi/Vim editor. For this, you will need to type the :X in the command line mode. Then save and quit using :wq.
To see the contents of the file, you will need to open it using the vi editor and enter the secret key.
By default Vi will use the zip algorithm to encrypt. You can change it using the below.
To show the encryption method for the current file, use
To decrypt the file permanently, use
Chrome is the most used web browser. Chrome is owned by Google and acts as a gateway between us and the Internet. A large amount of our data is been collected by Google through Chrome and this is used for ads. Its entire business model is based on using that data to generate revenue through ads. Privacy is probably Chrome’s biggest weakness as a browser. Although it’s possible to delete the data Google has on you, it’s difficult to trust how effective this is. That’s because the company has been involved in various privacy scandals, such as cooperating with the NSA’s PRISM program and continuing to collect location data, despite users turning off location services.
The best browser used for anonymity is the Tor browser. Tor directs Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity to the user. This includes visits to websites, online posts, instant messages, and other communication forms. Tor’s intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.
The advantages include these:
Tor has some disadvantages also:
Apart from this, there are a few more browsers that have improved privacy protection. They include Epic, Brave and Safari. You will have the option to choose the data collected by most of the browsers from its preference. However, opting out may not completely stop it.
Using a secure search engine is becoming more common and popular as privacy concerns grow in and increased public awareness of the problems. Some of the best ones with improved privacy features are listed below.
Search Encrypt uses local encryption to secure your searches. It combines AES-256 encryption with SSL encryption. Search Encrypt then retrieves your search results from its network of search partners. After you’re done the searching, your search terms expire so they are private even if someone else has access to your computer. Features include privacy-friendly news, videos, and maps that can be viewed right on their search interface, search terms and history expire when the session is done, eliminates pre-roll adds when viewing the video.
DuckDuckGo is probably the most well-known alternative search engine. Searches are sourced mostly from Yahoo and brought to users via a secure search interface. Users can directly search other sites, like Amazon, Wikipedia, or Youtube, by starting their query with an exclamation mark without collecting cookies and other user data from you.
StartPage uses results from Google, which is a good thing if you prefer Google’s result without tracking. Ixquick, which is an independent search engine that uses its own results, developed StartPage to include results from Google. Its features include a proxy service, URL generator, and HTTPS support. The URL generator is a unique feature that eliminates the need for cookies. It remembers your settings in a privacy friendly way. StartPage conducts searches via a proxy server. It doesn’t record IP addresses, location, or search terms.
Gibiru sources its search results from a modified Google algorithm. It provides reliable search results without all the tracking that Google does today. It can be used with a VPN and employs HTTPS 256-bit encryption. There is no cookies or IP address tracking and follows a strict no-log policy.
Other secure search engines include Privatelee, Swisscows, Disconnect Search, WolframAlpha, Yippy, and Qwant.
Category : Customer Care, Security