From 91365d1b57245b6584e95f3ab86e53abfb536bb5 Mon Sep 17 00:00:00 2001 From: Sun Knudsen Date: Thu, 3 Dec 2020 06:29:52 -0500 Subject: [PATCH] Refactored guides --- docs/README.md | 1 + .../README.md | 57 ++++---- .../README.md | 10 +- ...rformance-using-speedtest-and-sysbench.png | Bin .../README.md | 14 +- .../app-cleaner.sh | 0 .../app-cleaner.sh.sig | Bin ...ing-appcleaner-open-source-alternative.png | Bin .../README.md | 4 + .../README.md | 24 ---- .../README.md | 24 ++++ ...nt-without-using-personal-phone-number.png | Bin .../README.md | 4 + .../README.md | 2 + .../README.md | 2 + .../README.md | 8 +- .../README.md | 2 + .../README.md | 136 ++++++++++-------- .../apple-configurator-certificates.png | Bin .../apple-configurator-general.png | Bin .../apple-configurator-vpn.png | Bin ...ev2-ipsec-vpn-server-for-ios-and-macos.png | Bin .../ulagen.py | 0 .../ulagen.py.sig | Bin .../README.md | 14 +- .../first-names.txt | 0 ...ostname-automatically-at-boot-on-macos.png | Bin .../mac-address-prefixes.txt | 0 .../README.md | 2 + 29 files changed, 175 insertions(+), 129 deletions(-) rename {how-to-benchmark-performance-of-server-using-speedtest-and-sysbench => how-to-benchmark-server-performance-using-speedtest-and-sysbench}/README.md (93%) rename how-to-benchmark-performance-of-server-using-speedtest-and-sysbench/how-to-benchmark-performance-of-server-using-speedtest-and-sysbench.png => how-to-benchmark-server-performance-using-speedtest-and-sysbench/how-to-benchmark-server-performance-using-speedtest-and-sysbench.png (100%) rename {how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative => how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative}/README.md (58%) rename {how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative => how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative}/app-cleaner.sh (100%) rename {how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative => how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative}/app-cleaner.sh.sig (100%) rename how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative.png => how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative.png (100%) delete mode 100644 how-to-create-a-signal-account-without-using-your-personal-phone-number/README.md create mode 100644 how-to-create-signal-account-without-using-personal-phone-number/README.md rename how-to-create-a-signal-account-without-using-your-personal-phone-number/how-to-create-a-signal-account-without-using-your-personal-phone-number.png => how-to-create-signal-account-without-using-personal-phone-number/how-to-create-signal-account-without-using-personal-phone-number.png (100%) rename {how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos => how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos}/README.md (87%) rename {how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos => how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos}/apple-configurator-certificates.png (100%) rename {how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos => how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos}/apple-configurator-general.png (100%) rename {how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos => how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos}/apple-configurator-vpn.png (100%) rename how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png => how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png (100%) rename {how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos => how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos}/ulagen.py (100%) rename {how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos => how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos}/ulagen.py.sig (100%) rename {how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos => how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos}/README.md (85%) rename {how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos => how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos}/first-names.txt (100%) rename how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos.png => how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos.png (100%) rename {how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos => how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos}/mac-address-prefixes.txt (100%) diff --git a/docs/README.md b/docs/README.md index d5065d2..5a71ad0 100644 --- a/docs/README.md +++ b/docs/README.md @@ -3,6 +3,7 @@ Title: Privacy guides docs Description: Learn how to contribute, get help, peer review and sign the reference material. Author: Sun Knudsen Publication date: 1970-01-01T00:00:00.000Z +Listed: false --> # Privacy guides docs diff --git a/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md b/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md index 221f57b..bc52311 100644 --- a/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md +++ b/how-to-backup-and-encrypt-data-using-rsync-and-veracrypt-on-macos/README.md @@ -26,29 +26,28 @@ Listed: true ## Setup guide -### Step 1: download and install [FUSE for macOS](https://osxfuse.github.io/) - -Go to [https://osxfuse.github.io/](https://osxfuse.github.io/), download and install latest release. - -### Step 2: install [Homebrew](https://brew.sh/) +### Step 1: install [Homebrew](https://brew.sh/) ```shell /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)" ``` -### Step 3: disable Homebrew analytics +### Step 2: disable Homebrew analytics ```shell brew analytics off ``` -### Step 4: install [GnuPG](https://gnupg.org/) +### Step 3: install [FUSE for macOS](https://osxfuse.github.io/) and [GnuPG](https://gnupg.org/) + +> Heads-up: if `brew install --cask osxfuse` fails, try `brew cask install osxfuse` (see [#9382](https://github.com/Homebrew/brew/issues/9382)). ```shell +brew install --cask osxfuse brew install gnupg ``` -### Step 5: import VeraCrypt’s public key +### Step 4: import VeraCrypt’s public key ```console $ gpg --keyserver hkps://keys.openpgp.org --recv-keys 0x821ACD02680D16DE @@ -57,11 +56,11 @@ gpg: Total number processed: 1 gpg: imported: 1 ``` -### Step 6: download [VeraCrypt](https://www.veracrypt.fr/en/Home.html) +### Step 5: download [VeraCrypt](https://www.veracrypt.fr/en/Home.html) Go to [https://www.veracrypt.fr/en/Downloads.html](https://www.veracrypt.fr/en/Downloads.html) and download latest release and its associated PGP signature to `~/Downloads` folder. -### Step 7: verify VeraCrypt release signature using GnuPG +### Step 6: verify VeraCrypt release signature using GnuPG Replace `VeraCrypt_1.24-Update7` with current release. @@ -80,9 +79,9 @@ Good signature 👍 -### Step 8: install VeraCrypt +### Step 7: install VeraCrypt -### Step 9: create and test VeraCrypt symlink +### Step 8: create and test VeraCrypt symlink ```console $ ln -s /Applications/VeraCrypt.app/Contents/MacOS/VeraCrypt /usr/local/bin/veracrypt @@ -95,17 +94,13 @@ VeraCrypt 1.24-Update7 👍 -### Step 10: set temporary environment variable - -> Heads-up: using `b` as encrypted volume file name to make things inconspicuous. - -`BACKUP_VOLUME_PATH` path to VeraCrypt volume +### Step 9: set temporary environment variable ```shell -BACKUP_VOLUME_PATH="/Volumes/Samsung BAR/b" +BACKUP_VOLUME_PATH="/Volumes/Samsung BAR/backupackup" ``` -### Step 11: create encrypted volume +### Step 10: create encrypted volume > Heads-up: volume size cannot be increased later. @@ -168,7 +163,7 @@ Done: 100.000% Speed: 24 MiB/s Left: 0 s The VeraCrypt volume has been successfully created. ``` -### Step 12 (optional): mount, rename and dismount encrypted volume +### Step 11 (optional): mount, rename and dismount encrypted volume By default, VeraCrypt encrypted volumes with Mac OS Extended filesystem are named “untitled”. @@ -176,7 +171,7 @@ By default, VeraCrypt encrypted volumes with Mac OS Extended filesystem are name ```console $ veracrypt --text --mount --pim 0 --keyfiles "" --protect-hidden no "$BACKUP_VOLUME_PATH" /Volumes/Backup -Enter password for /Volumes/Samsung BAR/b: +Enter password for /Volumes/Samsung BAR/backup: ``` #### Rename encrypted volume @@ -192,7 +187,7 @@ Volume on disk3 renamed to Backup veracrypt --text --dismount "$BACKUP_VOLUME_PATH" ``` -### Step 13: create `/usr/local/bin/backup.sh` script +### Step 12: create `/usr/local/bin/backup.sh` script ```shell cat << EOF > /usr/local/bin/backup.sh @@ -254,7 +249,7 @@ EOF chmod +x /usr/local/bin/backup.sh ``` -### Step 14: edit `/usr/local/bin/backup.sh` script +### Step 13: edit `/usr/local/bin/backup.sh` script ```shell vi /usr/local/bin/backup.sh @@ -262,7 +257,7 @@ vi /usr/local/bin/backup.sh Press i to enter insert mode, edit backup script, press esc to exit insert mode and press shift+z+z to save and exit. -### Step 15: create `/usr/local/bin/check.sh` script +### Step 14: create `/usr/local/bin/check.sh` script ```shell cat << EOF > /usr/local/bin/check.sh @@ -289,7 +284,7 @@ EOF chmod +x /usr/local/bin/check.sh ``` -### Step 16: create `/usr/local/bin/restore.sh` script +### Step 15: create `/usr/local/bin/restore.sh` script ```shell cat << EOF > /usr/local/bin/restore.sh @@ -324,6 +319,10 @@ EOF chmod +x /usr/local/bin/restore.sh ``` +👍 + +--- + ## Usage guide ### Backup @@ -332,10 +331,10 @@ chmod +x /usr/local/bin/restore.sh ```console $ backup.sh -Enter password for /Volumes/Samsung BAR/b: +Enter password for /Volumes/Samsung BAR/backup: Inspect backup and press enter Generate hash (y or n)? y -SHA512(/Volumes/Samsung BAR/b)= 281a3b0afec6708eff9566effdfa67de357933527688dfa2dfabae5dda5b7681f0fb84f6cfec6c3f7ac20246517f18f40babbd4f337b254a55de30ff67d6dd2e +SHA512(/Volumes/Samsung BAR/backup)= 281a3b0afec6708eff9566effdfa67de357933527688dfa2dfabae5dda5b7681f0fb84f6cfec6c3f7ac20246517f18f40babbd4f337b254a55de30ff67d6dd2e Done ``` @@ -347,7 +346,7 @@ Done ```console $ check.sh -Backup hash: SHA512(/Volumes/Samsung BAR/b)= 281a3b0afec6708eff9566effdfa67de357933527688dfa2dfabae5dda5b7681f0fb84f6cfec6c3f7ac20246517f18f40babbd4f337b254a55de30ff67d6dd2e +Backup hash: SHA512(/Volumes/Samsung BAR/backup)= 281a3b0afec6708eff9566effdfa67de357933527688dfa2dfabae5dda5b7681f0fb84f6cfec6c3f7ac20246517f18f40babbd4f337b254a55de30ff67d6dd2e OK ``` @@ -359,7 +358,7 @@ OK ```console $ restore.sh -Enter password for /Volumes/Samsung BAR/b: +Enter password for /Volumes/Samsung BAR/backup: Restore data and press enter Done ``` diff --git a/how-to-benchmark-performance-of-server-using-speedtest-and-sysbench/README.md b/how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md similarity index 93% rename from how-to-benchmark-performance-of-server-using-speedtest-and-sysbench/README.md rename to how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md index 4cda397..54789fe 100644 --- a/how-to-benchmark-performance-of-server-using-speedtest-and-sysbench/README.md +++ b/how-to-benchmark-server-performance-using-speedtest-and-sysbench/README.md @@ -1,6 +1,6 @@ -# How to benchmark performance of server using Speedtest and SysBench +# How to benchmark server performance using Speedtest and SysBench -[![How to benchmark performance of server using Speedtest and SysBench - YouTube](how-to-benchmark-performance-of-server-using-speedtest-and-sysbench.png)](https://www.youtube.com/watch?v=zcq2iZUcQQY "How to benchmark performance of server using Speedtest and SysBench - YouTube") +[![How to benchmark server performance using Speedtest and SysBench - YouTube](how-to-benchmark-server-performance-using-speedtest-and-sysbench.png)](https://www.youtube.com/watch?v=zcq2iZUcQQY "How to benchmark server performance using Speedtest and SysBench - YouTube") > Heads-up: Speedtest is known for tracking users therefore it is recommended to run the following benchmark tests on disposable servers. @@ -81,6 +81,8 @@ $ apt update apt install -y speedtest sysbench ``` +👍 + --- ## Usage guide diff --git a/how-to-benchmark-performance-of-server-using-speedtest-and-sysbench/how-to-benchmark-performance-of-server-using-speedtest-and-sysbench.png b/how-to-benchmark-server-performance-using-speedtest-and-sysbench/how-to-benchmark-server-performance-using-speedtest-and-sysbench.png similarity index 100% rename from how-to-benchmark-performance-of-server-using-speedtest-and-sysbench/how-to-benchmark-performance-of-server-using-speedtest-and-sysbench.png rename to how-to-benchmark-server-performance-using-speedtest-and-sysbench/how-to-benchmark-server-performance-using-speedtest-and-sysbench.png diff --git a/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/README.md b/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/README.md similarity index 58% rename from how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/README.md rename to how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/README.md index 35563f5..e0d638c 100644 --- a/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/README.md +++ b/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/README.md @@ -1,6 +1,6 @@ -# How to clean uninstall apps on macOS using AppCleaner open source alternative +# How to clean uninstall macOS apps using AppCleaner open source alternative -[![How to clean uninstall apps on macOS using AppCleaner open source alternative - YouTube](how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative.png)](https://www.youtube.com/watch?v=0nVOB0EE5ps "How to clean uninstall apps on macOS using AppCleaner open source alternative - YouTube") +[![How to clean uninstall macOS apps using AppCleaner open source alternative - YouTube](how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative.png)](https://www.youtube.com/watch?v=0nVOB0EE5ps "How to clean uninstall macOS apps using AppCleaner open source alternative - YouTube") ## Guide @@ -24,10 +24,14 @@ sudo chown $USER:admin /usr/local/bin ### Step 2: download [app-cleaner.sh](app-cleaner.sh) ([PGP signature](./app-cleaner.sh.sig), [PGP public key](https://sunknudsen.com/sunknudsen.asc)) ```shell -curl -o /usr/local/bin/app-cleaner.sh https://sunknudsen.com/static/media/privacy-guides/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/app-cleaner.sh +curl -o /usr/local/bin/app-cleaner.sh https://sunknudsen.com/static/media/privacy-guides/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/app-cleaner.sh chmod +x /usr/local/bin/app-cleaner.sh ``` +👍 + +--- + ## Usage ```console diff --git a/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/app-cleaner.sh b/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/app-cleaner.sh similarity index 100% rename from how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/app-cleaner.sh rename to how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/app-cleaner.sh diff --git a/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/app-cleaner.sh.sig b/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/app-cleaner.sh.sig similarity index 100% rename from how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/app-cleaner.sh.sig rename to how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/app-cleaner.sh.sig diff --git a/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative.png b/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative.png similarity index 100% rename from how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative/how-to-clean-uninstall-apps-on-macos-using-appcleaner-open-source-alternative.png rename to how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative/how-to-clean-uninstall-macos-apps-using-appcleaner-open-source-alternative.png diff --git a/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md b/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md index 3df11da..926e47b 100644 --- a/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md +++ b/how-to-configure-self-hosted-vpn-kill-switch-using-pf-firewall-on-macos/README.md @@ -473,6 +473,8 @@ cat << EOF | sudo tee /Library/LaunchDaemons/local.pf.plist EOF ``` +👍 + --- ## Want things back the way they were before following this guide? No problem! @@ -512,3 +514,5 @@ sudo rm /Library/LaunchDaemons/local.pf.plist ```shell sudo pfctl -F all -f /etc/pf.conf ``` + +👍 diff --git a/how-to-create-a-signal-account-without-using-your-personal-phone-number/README.md b/how-to-create-a-signal-account-without-using-your-personal-phone-number/README.md deleted file mode 100644 index 94cfec0..0000000 --- a/how-to-create-a-signal-account-without-using-your-personal-phone-number/README.md +++ /dev/null @@ -1,24 +0,0 @@ - - -# How to create a Signal account without using your personal phone number - -[![How to create a Signal account without using your personal phone number - YouTube](how-to-create-a-signal-account-without-using-your-personal-phone-number.png)](https://www.youtube.com/watch?v=b9aMJZjZ4pw "How to create a Signal account without using your personal phone number - YouTube") - -Don’t forger to replace `+12345678901` with your mobile phone number. - -```xml - - - - {{From}}: {{Body}} - - -``` diff --git a/how-to-create-signal-account-without-using-personal-phone-number/README.md b/how-to-create-signal-account-without-using-personal-phone-number/README.md new file mode 100644 index 0000000..c79f70b --- /dev/null +++ b/how-to-create-signal-account-without-using-personal-phone-number/README.md @@ -0,0 +1,24 @@ + + +# How to create Signal account without using personal phone number + +[![How to create Signal account without using personal phone number - YouTube](how-to-create-a-signal-account-without-using-your-personal-phone-number.png)](https://www.youtube.com/watch?v=b9aMJZjZ4pw "How to create Signal account without using personal phone number - YouTube") + +Don’t forger to replace `+12345678901` with your mobile phone number. + +```xml + + + + {{From}}: {{Body}} + + +``` diff --git a/how-to-create-a-signal-account-without-using-your-personal-phone-number/how-to-create-a-signal-account-without-using-your-personal-phone-number.png b/how-to-create-signal-account-without-using-personal-phone-number/how-to-create-signal-account-without-using-personal-phone-number.png similarity index 100% rename from how-to-create-a-signal-account-without-using-your-personal-phone-number/how-to-create-a-signal-account-without-using-your-personal-phone-number.png rename to how-to-create-signal-account-without-using-personal-phone-number/how-to-create-signal-account-without-using-personal-phone-number.png diff --git a/how-to-disable-ipv6-on-ios-cellular-only-and-macos/README.md b/how-to-disable-ipv6-on-ios-cellular-only-and-macos/README.md index ce65114..0687213 100644 --- a/how-to-disable-ipv6-on-ios-cellular-only-and-macos/README.md +++ b/how-to-disable-ipv6-on-ios-cellular-only-and-macos/README.md @@ -52,6 +52,8 @@ Open “Settings”, then “Profile Downloaded” and tap “Install” ![ios-install-profile](./ios-install-profile.png?shadow=1&width=375) +👍 + ## macOS guide ### Step 1: list network interfaces @@ -91,3 +93,5 @@ networksetup -setv6automatic "Wi-Fi" networksetup -setv6automatic "iPhone USB" networksetup -setv6automatic "Thunderbolt Ethernet" ``` + +👍 diff --git a/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md b/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md index e1241e0..0a37fe0 100644 --- a/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md +++ b/how-to-encrypt-sign-and-decrypt-messages-using-pgp-on-macos/README.md @@ -99,6 +99,8 @@ sub rsa4096 2020-06-16 [E] echo "keyserver hkps://keys.openpgp.org" >> ~/.gnupg/dirmngr.conf ``` +👍 + --- ## Usage guide diff --git a/how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences/README.md b/how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences/README.md index f9b6aa1..b1a3bc7 100644 --- a/how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences/README.md +++ b/how-to-mitigate-fingerprinting-and-ip-leaks-using-firefox-advanced-preferences/README.md @@ -34,3 +34,5 @@ privacy.resistFingerprinting = true privacy.trackingprotection.enabled = true webgl.disabled = true ``` + +👍 diff --git a/how-to-protect-mac-computers-from-cold-boot-attacks/README.md b/how-to-protect-mac-computers-from-cold-boot-attacks/README.md index 982cec2..47bc7a5 100644 --- a/how-to-protect-mac-computers-from-cold-boot-attacks/README.md +++ b/how-to-protect-mac-computers-from-cold-boot-attacks/README.md @@ -18,9 +18,11 @@ Listed: true sudo pmset -a destroyfvkeyonstandby 1 hibernatemode 25 standbydelaylow 0 standbydelayhigh 0 ``` -`destroyfvkeyonstandby 1` tells macOS to destroy password (override it with random data) when computer goes to standby mode. +👍 -`hibernatemode 25` tells macOS to store the content of the RAM to the hard drive (which is encrypted using FileVault) and power off the RAM (which clears its data). +`destroyfvkeyonstandby 1` tells macOS to destroy password when computer goes to standby mode. + +`hibernatemode 25` tells macOS to store the content of the RAM to the hard drive and power off the RAM (which clears its data). `standbydelaylow 0` tells macOS to enable standby mode immediately when battery is low and computer is put to sleep. @@ -37,3 +39,5 @@ See `man pmset` for more information. ```shell sudo pmset -a destroyfvkeyonstandby 0 hibernatemode 3 standbydelaylow 10800 standbydelayhigh 86400 ``` + +👍 diff --git a/how-to-remove-exif-metadata-from-images-on-macos/README.md b/how-to-remove-exif-metadata-from-images-on-macos/README.md index 6ce4a91..5dc8560 100644 --- a/how-to-remove-exif-metadata-from-images-on-macos/README.md +++ b/how-to-remove-exif-metadata-from-images-on-macos/README.md @@ -32,6 +32,8 @@ brew analytics off brew install exiftool ``` +👍 + --- ## Usage guide diff --git a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md similarity index 87% rename from how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md rename to how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md index ce520bb..3d42da4 100644 --- a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md +++ b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/README.md @@ -1,6 +1,6 @@ -# How to self-host a hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS +# How to self-host hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS -[![How to self-host a hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS - YouTube](how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png)](https://www.youtube.com/watch?v=HY3F_vHuTFQ "How to self-host a hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS - YouTube") +[![How to self-host hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS - YouTube](how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png)](https://www.youtube.com/watch?v=HY3F_vHuTFQ "How to self-host hardened strongSwan IKEv2/IPsec VPN server for iOS and macOS - YouTube") > Heads-up: when following this guide on IPv4-only servers (which is totally fine if one knows what one is doing), it’s likely IPv6 traffic will leak on iOS when clients are connected to carriers or ISPs running dual stack (IPv4 + IPv6) infrastructure. Leaks can be mitigated on iOS (cellular-only) and on macOS by following this [guide](../how-to-disable-ipv6-on-ios-cellular-only-and-macos-and-why-it-s-a-big-deal-for-privacy). @@ -27,7 +27,7 @@ Listed: true ## Guide -### Step 1: create SSH key pair (on Mac) +### Step 1: create `vpn-server` SSH key pair (on Mac) When asked for file in which to save key, enter `vpn-server`. @@ -74,7 +74,22 @@ Replace `185.193.126.203` with IP of server. ssh root@185.193.126.203 -i ~/.ssh/vpn-server ``` -### Step 3: create `vpn-server-admin` user +### Step 3: disable root bash history + +```shell +echo "HISTFILESIZE=0" >> ~/.bashrc +source ~/.bashrc +``` + +### Step 4: set root password + +When asked for password, use output from `openssl rand -base64 24` (and store password in password manager). + +```shell +passwd +``` + +### Step 5: create vpn-server-admin user When asked for password, use output from `openssl rand -base64 24` (and store password in password manager). @@ -100,7 +115,7 @@ Enter the new value, or press ENTER for the default Is the information correct? [Y/n] Y ``` -### Step 4: copy root’s `authorized_keys` file to vpn-server-admin’s home folder +### Step 6: copy root `authorized_keys` file to vpn-server-admin home folder ```shell mkdir /home/vpn-server-admin/.ssh @@ -108,21 +123,13 @@ cp /root/.ssh/authorized_keys /home/vpn-server-admin/.ssh/authorized_keys chown -R vpn-server-admin:vpn-server-admin /home/vpn-server-admin/.ssh ``` -### Step 5: set root password - -When asked for password, use output from `openssl rand -base64 24` (and store password in password manager). - -```shell -passwd -``` - -### Step 6: log out +### Step 7: log out ```shell exit ``` -### Step 7: log in as `vpn-server-admin` +### Step 8: log in as vpn-server-admin Replace `185.193.126.203` with IP of server. @@ -130,7 +137,16 @@ Replace `185.193.126.203` with IP of server. ssh vpn-server-admin@185.193.126.203 -i ~/.ssh/vpn-server ``` -### Step 8: switch to root +### Step 9: disable vpn-server-admin bash history + +```shell +sed -i -E 's/^HISTSIZE=/#HISTSIZE=/' ~/.bashrc +sed -i -E 's/^HISTFILESIZE=/#HISTFILESIZE=/' ~/.bashrc +echo "HISTFILESIZE=0" >> ~/.bashrc +source ~/.bashrc +``` + +### Step 10: switch to root When asked, enter root password. @@ -138,7 +154,7 @@ When asked, enter root password. su - ``` -### Step 9: update SSH config to disable root login and password authentication and restart SSH +### Step 11: disable root login and password authentication ```shell sed -i -E 's/(#)?PermitRootLogin (prohibit-password|yes)/PermitRootLogin no/' /etc/ssh/sshd_config @@ -146,7 +162,7 @@ sed -i -E 's/(#)?PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh systemctl restart ssh ``` -### Step 10: update APT index and upgrade packages +### Step 12: update APT index and upgrade packages #### Update APT index @@ -160,7 +176,7 @@ apt update apt upgrade -y ``` -### Step 11: install and configure Vim +### Step 13: install and configure Vim #### Install Vim @@ -187,7 +203,7 @@ syntax on EOF ``` -### Step 12: set timezone (the following is for Montreal time) +### Step 14: set timezone (the following is for Montreal time) See [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) for available timezones. @@ -195,7 +211,7 @@ See [https://en.wikipedia.org/wiki/List_of_tz_database_time_zones](https://en.wi timedatectl set-timezone America/Montreal ``` -### Step 13: detect network interface and save to environment variables +### Step 15: detect network interface and save to environment variables ```console $ ip -4 route | grep "default" | awk '{print "STRONGSWAN_INTERFACE="$5}' | tee -a ~/.bashrc @@ -204,7 +220,7 @@ STRONGSWAN_INTERFACE=eth0 $ source ~/.bashrc ``` -### Step 14: install cURL and Python, generate random IPv6 ULA and save to environment variables +### Step 16: install cURL and Python, generate random IPv6 ULA and save to environment variables #### Install cURL and Python @@ -219,13 +235,13 @@ Shout out to [Andrew Ho](https://gist.github.com/andrewlkho/31341da4f5953b8d977a The following command downloads and runs [ulagen.py](./ulagen.py) ([PGP signature](./ulagen.py.sig), [PGP public key](https://sunknudsen.com/sunknudsen.asc)). ```console -$ curl -s https://sunknudsen.com/static/media/privacy-guides/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py | python | grep "First subnet" | awk '{print "STRONGSWAN_IPV6_ULA="$3}' | tee -a ~/.bashrc +$ curl -s https://sunknudsen.com/static/media/privacy-guides/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py | python | grep "First subnet" | awk '{print "STRONGSWAN_IPV6_ULA="$3}' | tee -a ~/.bashrc STRONGSWAN_IPV6_ULA=fdcb:f7a1:38ec::/64 $ source ~/.bashrc ``` -### Step 15: install iptables-persistent +### Step 17: install iptables-persistent When asked to save current IPv4 or IPv6 rules, answer `Yes`. @@ -233,7 +249,7 @@ When asked to save current IPv4 or IPv6 rules, answer `Yes`. apt install -y iptables-persistent ``` -### Step 16: configure iptables +### Step 18: configure iptables ```shell iptables -N SSH_BRUTE_FORCE_MITIGATION @@ -264,7 +280,7 @@ iptables -P INPUT DROP iptables -P OUTPUT DROP ``` -If the server is IPv4-only, run: +If server is IPv4-only, run: ```shell ip6tables -P FORWARD DROP @@ -272,7 +288,7 @@ ip6tables -P INPUT DROP ip6tables -P OUTPUT DROP ``` -If the server is dual stack (IPv4 + IPv6) run: +If server is dual stack (IPv4 + IPv6) run: ```shell ip6tables -A INPUT -i lo -j ACCEPT @@ -312,7 +328,7 @@ ip6tables -P INPUT DROP ip6tables -P OUTPUT DROP ``` -### Step 17: log out and log in to confirm iptables didn’t block SSH +### Step 19: log out and log in to confirm iptables didn’t block SSH #### Log out @@ -337,14 +353,14 @@ When asked, enter root password. su - ``` -### Step 18: make iptables rules persistent +### Step 20: make iptables rules persistent ```shell iptables-save > /etc/iptables/rules.v4 ip6tables-save > /etc/iptables/rules.v6 ``` -### Step 19: add and enable dummy network interface +### Step 21: add and enable dummy network interface If server is configured to use `/etc/network/interfaces`, run: @@ -377,7 +393,7 @@ EOF systemctl restart systemd-networkd ``` -### Step 20: install, configure and restart dnsmasq +### Step 22: install, configure and restart dnsmasq #### Install dnsmasq @@ -403,7 +419,7 @@ EOF systemctl restart dnsmasq ``` -### Step 21: install strongSwan +### Step 23: install strongSwan If you are shown an “Old runlevel management superseded” warning, answer `Ok`. @@ -411,11 +427,11 @@ If you are shown an “Old runlevel management superseded” warning, answer `Ok apt install -y strongswan libcharon-extra-plugins ``` -### Step 22: configure strongSwan +### Step 24: configure strongSwan -#### Find server’s DNS nameserver(s) +#### Find server DNS nameserver(s) -Depending on the server’s configuration, DNS nameserver(s) can be found using one of the following commands (ignore nameservers starting with `127`). +Depending on server configuration, DNS nameserver(s) can be found using one of the following commands (ignore nameservers starting with `127`). Fist, run: @@ -441,7 +457,7 @@ $ systemd-resolve --status | grep "DNS Servers" | awk '{print $3}' #### Set DNS nameserver(s) -Replace `95.215.19.53` with server’s DNS nameserver(s). +Replace `95.215.19.53` with server DNS nameserver(s). Separate nameservers using commas with no leading spaces (example: `93.95.224.28,93.95.224.29`). @@ -455,7 +471,7 @@ STRONGSWAN_DNS_NAMESERVERS=95.215.19.53 cp /etc/ipsec.conf /etc/ipsec.conf.backup ``` -If the server is IPv4-only, run: +If server is IPv4-only, run: ```shell cat << EOF > /etc/ipsec.conf @@ -489,7 +505,7 @@ conn ikev2 EOF ``` -If the server is dual stack (IPv4 + IPv6) run: +If server is dual stack (IPv4 + IPv6) run: ```shell cat << EOF > /etc/ipsec.conf @@ -584,7 +600,7 @@ sed -i 's/After=network-online.target/After=dnsmasq.service/' /lib/systemd/syste systemctl daemon-reload ``` -### Step 23: create `strongswan-certs` folder +### Step 25: create `strongswan-certs` folder > Heads-up: for security reasons, steps 23 to 27 are done on Mac vs server. @@ -595,7 +611,7 @@ mkdir ~/Desktop/strongswan-certs cd ~/Desktop/strongswan-certs ``` -### Step 24: create OpenSSL config file +### Step 26: create OpenSSL config file #### Set client common name @@ -640,7 +656,7 @@ extendedKeyUsage = serverAuth, 1.3.6.1.5.5.8.2.2 EOF ``` -### Step 25: generate certificate authority cert +### Step 27: generate certificate authority cert ```console $ openssl genrsa -out ca.key 4096 @@ -652,7 +668,7 @@ e is 65537 (0x10001) $ openssl req -x509 -new -nodes -config openssl.cnf -extensions ca -key ca.key -subj "/C=US/O=Self-hosted strongSwan VPN/CN=vpn-server.com" -days 3650 -out ca.crt ``` -### Step 26: generate server cert +### Step 28: generate server cert ```console $ openssl genrsa -out server.key 4096 @@ -669,7 +685,7 @@ subject=/C=US/O=Self-hosted strongSwan VPN/CN=vpn-server.com Getting CA Private Key ``` -### Step 27: generate client cert +### Step 29: generate client cert When asked for export password, use output from `openssl rand -base64 24` (and store password in password manager). @@ -692,7 +708,7 @@ Enter Export Password: Verifying - Enter Export Password: ``` -### Step 28: copy/paste the content of `ca.crt`, `server.key` and `server.crt` to server and make private key root-only. +### Step 30: copy/paste the content of `ca.crt`, `server.key` and `server.crt` to server and make private key root-only. On Mac: run `cat ca.crt` @@ -708,15 +724,15 @@ On server: run `vi /etc/ipsec.d/certs/server.crt`, press i, paste out On server: run `chmod -R 600 /etc/ipsec.d/private` -### Step 29: restart strongSwan +### Step 31: restart strongSwan ```shell systemctl restart strongswan ``` -### Step 30: configure sysctl +### Step 32: configure sysctl -#### Backup and override `/etc/sysctl.conf` +#### Backup and edit `/etc/sysctl.conf` ```shell cp /etc/sysctl.conf /etc/sysctl.conf.backup @@ -725,7 +741,7 @@ sed -i -E 's/#net.ipv4.conf.all.accept_redirects = 0/net.ipv4.conf.all.accept_re sed -i -E 's/#net.ipv4.conf.all.send_redirects = 0/net.ipv4.conf.all.send_redirects = 0/' /etc/sysctl.conf ``` -If the server is IPv4-only, run: +If server is IPv4-only, run: ```shell cat << "EOF" >> /etc/sysctl.conf @@ -735,7 +751,7 @@ net.ipv6.conf.lo.disable_ipv6 = 1 EOF ``` -If the server is dual stack (IPv4 + IPv6) rune: +If server is dual stack (IPv4 + IPv6) run: ```shell sed -i -E 's/#net.ipv6.conf.all.forwarding=1/net.ipv6.conf.all.forwarding=1/' /etc/sysctl.conf @@ -747,7 +763,7 @@ sed -i -E 's/#net.ipv6.conf.all.forwarding=1/net.ipv6.conf.all.forwarding=1/' /e sysctl -p ``` -### Step 31: create VPN profile for iOS and macOS using [Apple Configurator 2](https://support.apple.com/apple-configurator) +### Step 33: create VPN profile for iOS and macOS using [Apple Configurator 2](https://support.apple.com/apple-configurator) > Heads-up: when configuring strongSwan using certs and dnsmasq, two devices cannot use the same provisioning profile simultaneously. @@ -757,7 +773,7 @@ In “General”, enter “Self-hosted strongSwan VPN” in “Name”. ![apple-configurator-general](apple-configurator-general.png?shadow=1) -In “Certificates”, click “Configure” and select “ca.crt”. Then click “+” and select “john.p12”. The password is the one from [step 27](#step-27-generate-client-cert). +In “Certificates”, click “Configure” and select “ca.crt”. Then click “+” and select “john.p12”. The password is the one from [step 29](#step-29-generate-client-cert). ![apple-configurator-certificates](apple-configurator-certificates.png?shadow=1) @@ -769,7 +785,7 @@ The “Child SA Params” are the same as “IKE SA Params”. Finally, click “File”, then “Save”, and save file as “john.mobileconfig”. -### Step 32: add VPN profile to iPhone using Apple Configurator 2 +### Step 34: add VPN profile to iPhone using Apple Configurator 2 Unlock iPhone, connect it to Mac using USB cable and open Apple Configurator 2. @@ -785,7 +801,7 @@ On iPhone, open “Settings”, then “Profile Downloaded” and tap “Install sed -i '' '/DNS<\/key>/,/<\/dict>/d' ~/Desktop/strongswan-certs/john.mobileconfig ``` -### Step 33: add VPN profile to Mac +### Step 35: add VPN profile to Mac This step is super simple, simply double-click “john.mobileconfig” and follow instructions. @@ -795,18 +811,20 @@ This step is super simple, simply double-click “john.mobileconfig” and follo sed -i '' '/DNS<\/key>/,/<\/dict>/d' ~/Desktop/strongswan-certs/john.mobileconfig ``` -### Step 34: connect to VPN on iPhone or Mac +### Step 36: connect to VPN on iPhone or Mac On iPhone, open “Settings”, then enable “VPN”. On Mac, open “System Preferences”, click “Network”, then “Self-hosted strongSwan VPN” and finally “Connect” and enable “Show VPN status in menu bar”. -### Step 35: test for leaks +### Step 37: test for leaks Open Firefox and go to [https://ipleak.net/](https://ipleak.net/). Make sure listed IPv4, IPv6 (if server is dual stack) and DNS servers do not match the ones supplied by client ISP. -### Step 36: create additional provisioning profiles +### Step 38: create additional provisioning profiles -Repeat steps [24](#step-24-create-openssl-config-file), [27](#step-27-generate-client-cert) and [31](#step-31-create-vpn-profile-for-ios-and-macos-using-apple-configurator-2). +Repeat steps [26](#step-26-create-openssl-config-file), [29](#step-29-generate-client-cert) and [33](#step-33-create-vpn-profile-for-ios-and-macos-using-apple-configurator-2). + +👍 diff --git a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-certificates.png b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-certificates.png similarity index 100% rename from how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-certificates.png rename to how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-certificates.png diff --git a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-general.png b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-general.png similarity index 100% rename from how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-general.png rename to how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-general.png diff --git a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-vpn.png b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-vpn.png similarity index 100% rename from how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-vpn.png rename to how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/apple-configurator-vpn.png diff --git a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png similarity index 100% rename from how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png rename to how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos.png diff --git a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py similarity index 100% rename from how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py rename to how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py diff --git a/how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py.sig b/how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py.sig similarity index 100% rename from how-to-self-host-a-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py.sig rename to how-to-self-host-hardened-strongswan-ikev2-ipsec-vpn-server-for-ios-and-macos/ulagen.py.sig diff --git a/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/README.md b/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/README.md similarity index 85% rename from how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/README.md rename to how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/README.md index 6e7567f..ac4148c 100644 --- a/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/README.md +++ b/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/README.md @@ -1,6 +1,6 @@ -# How to spoof your MAC address and hostname automatically at boot on macOS +# How to spoof MAC address and hostname automatically at boot on macOS -[![How to spoof your MAC address and hostname automatically at boot on macOS - YouTube](how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos.png)](https://www.youtube.com/watch?v=ASXANpr_zX8 "How to spoof your MAC address and hostname automatically at boot on macOS - YouTube") +[![How to spoof MAC address and hostname automatically at boot on macOS - YouTube](how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos.png)](https://www.youtube.com/watch?v=ASXANpr_zX8 "How to spoof MAC address and hostname automatically at boot on macOS - YouTube") > Heads-up: unfortunately this guide does not work on Macs equipped with the new T2 chip running macOS Mojave. If that’s your case, please consider upgrading to Catalina. @@ -92,7 +92,7 @@ chmod +x /usr/local/sbin/spoof.sh This list includes the top 2048 most popular baby names from the [USA Social Security Administration](https://www.ssa.gov/oact/babynames/limits.html). ```shell -curl -o /usr/local/sbin/first-names.txt https://sunknudsen.com/static/media/privacy-guides/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/first-names.txt +curl -o /usr/local/sbin/first-names.txt https://sunknudsen.com/static/media/privacy-guides/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/first-names.txt ``` ### Step 6: download [mac-address-prefixes.txt](mac-address-prefixes.txt) @@ -100,7 +100,7 @@ curl -o /usr/local/sbin/first-names.txt https://sunknudsen.com/static/media/priv This list includes 768 Apple MAC address prefixes. ```shell -curl -o /usr/local/sbin/mac-address-prefixes.txt https://sunknudsen.com/static/media/privacy-guides/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/mac-address-prefixes.txt +curl -o /usr/local/sbin/mac-address-prefixes.txt https://sunknudsen.com/static/media/privacy-guides/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/mac-address-prefixes.txt ``` ### Step 7: create `local.spoof.plist` launch daemon @@ -177,3 +177,5 @@ rm /usr/local/sbin/spoof.sh rm /usr/local/sbin/first-names.txt rm /usr/local/sbin/mac-address-prefixes.txt ``` + +👍 diff --git a/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/first-names.txt b/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/first-names.txt similarity index 100% rename from how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/first-names.txt rename to how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/first-names.txt diff --git a/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos.png b/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos.png similarity index 100% rename from how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos.png rename to how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos.png diff --git a/how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/mac-address-prefixes.txt b/how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/mac-address-prefixes.txt similarity index 100% rename from how-to-spoof-your-mac-address-and-hostname-automatically-at-boot-on-macos/mac-address-prefixes.txt rename to how-to-spoof-mac-address-and-hostname-automatically-at-boot-on-macos/mac-address-prefixes.txt diff --git a/how-to-use-multiple-compartmentalized-firefox-instances-simultaneously-using-profiles/README.md b/how-to-use-multiple-compartmentalized-firefox-instances-simultaneously-using-profiles/README.md index 30f843d..f06252d 100644 --- a/how-to-use-multiple-compartmentalized-firefox-instances-simultaneously-using-profiles/README.md +++ b/how-to-use-multiple-compartmentalized-firefox-instances-simultaneously-using-profiles/README.md @@ -25,3 +25,5 @@ Listed: true ```shell nohup /Applications/Firefox.app/Contents/MacOS/firefox-bin -p work --no-remote > /dev/null 2>&1 & ``` + +👍