There are a number of different software pieces to use while I am working on Openmobo in order to fill some gaps while I work on a complete front to back solution. Check the releases section on their githubs if you want to just download a Binary/working app.
I don't want my data getting vacuumed up anymore. I spent time in 2018-2021 building and writing implementations for Openmobo Relay, had it in Github, used draw and a number of other apps to communicate with my team and magically Apple came out with iCloud Private relay and it felt too coincidental. When I left Verizon to work on Coldsky, a moderation tool using machine learning for Youtubers, Youtube removed the dislike button causing creators to take a strong stance on any form of consumer feedback moderation. Let's say that it is just coincidence. I'd rather be safe than sorry. After doing enough data analytics using Splunk at Verizon and as a consultant, I understand the impact data can drive from both security and otherwise.
There has been several cases where employees violate company policy or data isn't masked if it is tied back to you. Evernote had a policy change allowing employees to access your data for example.
Aside - A good application either has enough eyes on it that someone notices when something goes awry, is from a large trusted company with national security in mind, or has enough financial incentives to put the user first. There is such a thing as good telemetry though that won't be the point of today's topics. Quite the opposite.
Considerations using open software
The software should be apps I can browse, scan, verify that they are clean, and the software itself easy enough to read.
- we are in a cold-war era state with Russia, China over trade and foreign policy
- software should be simple to read code
- serve a basic purpose to get work done
- shouldn't be a bitch to download, install and use
- I do a quick scan of contributors usually
- Use external tools to have software scanned
- if a NetSec research university/school, russian or chinese localized contributor maintains the software, I try to skip that repository because I do not want to end up in a state sponsored hack despite that they may be good people, and some NetSec universities have a tendency for compromising repos in 2020 to point out flaws
I recommend this read if you want to learn how to ferret out security oddities.
I recommend Linux Mint and Debian.
Debian is old as dirt, stable, just works, and I love it. I recommend this link that contains the proprietary blobs for things like WiFi to get it working.
- It can use
appimagefiles to just work
- very similar to Linux Mint and Windows with its
- Very Stable, reliable
- Damn near no telemetry
- Most software projects support it...its one of the 'big' linux distros
- Since Linux Mint was a fork of Ubuntu, and Ubuntu I believe at one point was a fork of Debian, they all play nice together. Software like the Aptitude package manager comes from this realm and works nicely.
- Your server environment and your desktop environment will have virtually everything in common
Debian not working for some reason or want some smooth experience for UI? Try Linux Mint.
- Comes with the drivers for most proprietary systems that you would need right on the ISO or image - less time screwing with technology and it just working
- Again, I recommend 'Cinnamon' desktop environment due to its similarity to Windows and good design
- Little to no telemetry
A quick story – I started in 2010-ish with Linux when I didn't have a laptop or anything. My grandmother gave me her old Toshiba Satellite and I was interested in Game Design and C++ programming which lead me to a love affair with computers. The toshiba satellite was "dead" by her standards. Definitely had hard drive issues.
One evening at a Barnes and Nobles here in the US, I encountered a friend from school reading a magazine called Linux Format. Still to this day one of my favorite publications, it came with a new Linux OS Distribution to try in a CD sleeve on the front cover. The conversation went something like this:
What are you reading? -me
This Linux Magazine. Its a free operating system built by all these guys that basically does the same things as Windows but better, and everything is free. You should try it.
For free? Are you sure? - me
I was in shock. Windows at the time cost $100 or more. We weren't in the cloud era and they weren't giving away operating systems for free at that time because telemetry didn't exist like it does today. Splunk and ELK were brand new or non-existent. Industry vets were just exploring and creating Hadoop for Yahoo and Google and reinventing search/data.
Here I am going to buy this magazine anyways, you can have my disk.
When I went home I booted to the disk from my broken laptop that was collecting dust. I really wanted to be able to play minecraft with friends. I installed Linux, quickly leaving Windows behind. The UI was beyond beautiful at the time. I got minecraft working and it felt like a merging of creative concepts and free software and I was in love. Later my friends told me only real wizards use Debian and install and build the entire OS from source. So I did it myself, burned it to disk, and found a desktop and lugged it from a computer store that was giving away an old pentium 4 machine downtown on my bike, installed my from-source Debian on it.
Firewall & Application Monitoring
A big piece of running open source software is understanding what they might be reaching out for. You're trusting dozens to hundreds of developers to all write code that won't be malicious on your system and more than a dozen institutions to facilitate that.
Closed source but I still recommend ~ On Windows, we have Glasswire. On Mac, we have LittleSnitch. I believe Mac OSX does not let software run down at kernel level for network access anymore and full capture, so LittleSnitch may be neutered but it still holds validity as far as OS-X goes.
On Linux we have OpenSnitch which is an attempt to recreate LittleSnitch in Linux. It is very informative with a simple UI to view logs by application and source:destination format.
Download the daemon here - https://github.com/evilsocket/opensnitch/releases
Download the GUI for the daemon here - https://github.com/evilsocket/opensnitch/releases/
Getting Files synced up
Software like OwnCloud or NextCloud are great. What I try to shoot for is something like Dropbox but with ease of setup. The two aforementioned clouds hit the mark on ease of setup, and multi platform apps. A close second here is Syncthing.
A bit antequated but works well enough if you can stomach the setup - Gitdocs - https://github.com/nesquena/gitdocs - is a Dropbox "compatible" open source implementation. It does the job and seems to cover a few niches.
Pair it with Maestral - an open source client for this stuff. https://github.com/SamSchott/maestral
Writing Code without it 'calling home'
VSCodium - https://vscodium.com/ - an open source fork of the open source Visual Studio Code is my favorite editor. You can bring over and use all the same plugins as VSCode but without giving away the milk to Microsoft.
I caught Visual studio code a number of times sending data to all sorts of microsoft data services in a monitoring software called Glasswire. I will tell you right now, there is no reason for a text editor to send data to Microsoft servers. Anyone telling you there is either works for, is invested in, or a simp for Microsoft and is drinking strong amounts of Copium. There is a ton of telemetry in there and it is clear that Microsoft is invested in AI for code services. This is all fine but I don't need it or them looking at whatever is in my text editor.
REST API Tools
Open source Alternative to Postman
Insomnia.rest - https://github.com/Kong/insomnia - is a commercial but open source multi platform product for keeping collections for ReST APIs.
Very clearly Postman is a near - to cloud service. When it comes to putting in security keys or production servers, I don't want any of that sh*t logged or sent to the cloud or how I use the product collected. Again peace of mind.
https://github.com/electerm/electerm- an open source multi platform alternative to Termius or any other paid alternative. It uses Electron as the backend so whatever Chrome has for security, it has. Memory heavy but it works well across multiple operating systems.
- All Offline
- Key saving and credential management
- SFTP built in
- SSH client
Downloads - https://github.com/electerm/electerm/releases
Keepass or Bitwarden
http://keepass.info/ - I would recommend Bitwarden as well but I don't have hands on experience yet. I don't recommend Lastpass as they've gone over acquisitions and I can't look at the code. So Bitwarden gets an honorable mention.
An open source credential manager to keep on your machine. Generate safe passwords, have unique passwords for different sites, and search them with ease. It just works.
Keepassx Github - https://github.com/keepassx/keepassx
Bitwarden Github - https://github.com/bitwarden
Bitwarden Chrome Extension - https://chrome.google.com/webstore/detail/bitwarden-free-password-m/nngceckbapebfimnlniiiahkandclblb?hl=en
Thank you for reading!
Those are the big ones that I love using and work well. Keep a copy on hand. Keep your OS updated, too!
Thanks for reading and I hope this gives people some options outside of the commercial garbage we are so used to consuming, with modern day considerations for getting work done. If you like a project, find a way to pay them for their services or donate to what they do.
Join EFF - https://supporters.eff.org/donate/pu--SM