File /etc/machine-id Security and Privancy Concern

Message

#31 Post by **crazysquirrel** » Sun Mar 17, 2019 12:24 pm

Perhaps hyou might want to look it up yourself as to how portals access your information and computer ID's and such.

Remember, HTML5 is the ENEMY and all modern portals now use that.

Perhaps you could start by going to browserspy then GRC?

#32 Post by **figueroa** » Sun Mar 17, 2019 2:34 pm

crazysquirrel wrote: ↑Sun Mar 17, 2019 12:24 pm Perhaps hyou might want to look it up yourself as to how portals access your information and computer ID's and such.

Nope, you are the crazysquirrel that made the claim as a broad overarching generalization. Sorry you can't back it up. And, it's OK.

#33 Post by **skidoo** » Sun Mar 17, 2019 2:59 pm

JonDo maybe... but I wouldn't point toward browserspy, nor GRC, as reference reading sites.
@figueroa, FWIW there is some merit to the point(s) mentioned in that most-recent squirrely post.

eff.org article (Aug 2017) How Captive Portals Interfere With Wireless Security and Privacy

a list of links//references Online Privacy Test Resource List (maintained by a longtime fellow wilderssecurity.com participant)

#34 Post by **figueroa** » Sun Mar 17, 2019 11:37 pm

skidoo wrote: ↑Sun Mar 17, 2019 2:59 pm JonDo maybe... but I wouldn't point toward browserspy, nor GRC, as reference reading sites.
@figueroa, FWIW there is some merit to the point(s) mentioned in that most-recent squirrely post.

Thanks for the references. I'm not even certain that's what the OP meant (re: portals). I'm a bit of a security oriented user back to when viruses were passed around on 180K floppy disks. I just think that broad generalizations (as in the squirrely post) are not helpful to users or the overall knowledge base. I've never lived in Missouri, but I like their "show me" attitude.

#35 Post by **crazysquirrel** » Tue Mar 19, 2019 10:33 am

skidoo wrote: ↑Sun Mar 17, 2019 2:59 pm JonDo maybe... but I wouldn't point toward browserspy, nor GRC, as reference reading sites.
@figueroa, FWIW there is some merit to the point(s) mentioned in that most-recent squirrely post.

eff.org article (Aug 2017) How Captive Portals Interfere With Wireless Security and Privacy

a list of links//references Online Privacy Test Resource List (maintained by a longtime fellow wilderssecurity.com participant)

those are mere starting points for the undereducated folks who ask questions

Browserspy is a good place to START as it shows you that weaknesss do exist. And GRC is a great place to obtain more information.

Eventually you will wind up in the deep/dark web to gain more information.

But everyone should start on the easy things first.

#36 Post by **crazysquirrel** » Tue Mar 19, 2019 10:42 am

This causes “untrusted connection” warnings about fake certificates for websites that users otherwise expect to be safe.

Yep I get those occasionally. I click off and do something else.

Usually get them from a public library (they use reverse proxies sometimes).

I also get the Your Windows Defender is (something) and you need to call 888-xxx-xxxx to have us fix it message.
I laugh every time. I use Linux LOLOLOL

But a friend got duped into that and got ripped off. They constantly call them saying for $200 they can fix their problem.
But they switched to linux.

Libraries and such can alter the https but they might not be able to SEE the information depending on the info.

Example would be TOR.

They could alter the https bit then the TOR browser wouldn't work correctly. Or at all.

I do wonder if they are able to tamper with a VPN though.

Many places like Libraries use DPI to snoop. And without your permission too!

#37 Post by **crazysquirrel** » Tue Mar 19, 2019 10:53 am

many times I get the portal login screen.
I use one dedicated browser (iron usually) to log in. Then CLOSE that browser and open a different browser. This minimizes some of the risks.

But security is always a problem no matter what you do.

Btw, those portals can allow THEM into your system. The access is due to browser security vulnerabilities mostly.

Personally I want the nastiest worst virus known to man on my computer so long as my computer is immune to said virus.
That way if I am accessed they will be quite unhappy with the result lol

I knew a white-hat hacker years ago. They used nested firewalls with very nasty custom made malware between the layers.

The internet is like sleeping with a lady who has lots of 'relations' and uses crack. Eventually you WILL catch something.....

#38 Post by **Eadwine Rose** » Tue Mar 19, 2019 11:33 am

Mod note: Can you please collect everything in one post? Multiposting like this makes one quickly lose the overview, thanks!

#39 Post by **crazysquirrel** » Tue Mar 19, 2019 11:44 am

sorry hard to keep track sometimes. Many things are easily interrelated.

#40 Post by **crazysquirrel** » Tue Mar 19, 2019 11:51 am

Top
User avatarfigueroa
Forum Regular
Forum Regular
Posts: 202
Joined: Thu Dec 20, 2018 10:20 pm
Contact: Contact figueroa
Re: File /etc/machine-id Security and Privancy Concern
#32 Post by figueroa » Sun Mar 17, 2019 1:34 pm
crazysquirrel wrote: ↑Sun Mar 17, 2019 11:24 am
Perhaps hyou might want to look it up yourself as to how portals access your information and computer ID's and such.
Nope, you are the crazysquirrel that made the claim as a broad overarching generalization. Sorry you can't back it up. And, it's OK.

No overreaching anything. Just posting the facts.

Letting ANY company into your system by ANY means makes you vulnerable. Especially when you click 'i agree'.

If you do not want to know then that is ok with me. If you do want to know I sent two suggestions where to get started and where you will end on that quest for information.

For me I use somewhat reasonable measures and do the breadcrumb thing....

Good luck in your quest.