No.14213
Alright, Lainfriends. Here's the deal.
One of my friends lives at home, and in the past, his dad has attempted to install keyloggers and other whatnot on said friend's PC while he's sleeping, demand access to his browser history, and other stuff. I have no idea why he does this, but according to said friend, he's gotten into major blowouts with his parents over discussing the possibility of him being gay on the internet before, among other things.
Anyway, he messaged me today, saying that he saw his dad using a packet sniffer earlier, and asked if there was something he could do. I told him that as far as I know, any encryption isn't any good since it's his local network that's being sniffed anyway.
Is there anything he can do?
>>
No.14214
-Install https everywhere.
-use dnscrypt-proxy (
https://dnscrypt.org/#dnscrypt-proxy)
-only browse in private mode
-encrypt his hard drive(this is optional but recommended)
Unless his dad is a pro, this should be more than enough to block any possibility of tracking.
If his dad *is* a pro, tell him to use tor browser and he's basically safe.
>>
No.14215
>>14214Wow. I thought that stuff is pointless if it's over a local network. That'll work?
>>
No.14216
If the packet sniffer isn't on your friends machine, with encryption he is ok.
Tell your friend that he needs to take steps to avoid being ARP poisoned (assuming that his dad hasn't messed with the router) by setting some static arp entries. A quick Google search for "static arp table windows" found this for me: '
https://serverfault.com/questions/102736/persistent-static-arp-entries-on-windows-is-it-possible', you need to get the mac address of your router and to follow the instructions here, replacing the mac address in the command here with the router's one.
He could probably invest in a VPN (although that would trip the dad up and make him take different steps, so make sure to buy it with something that they can't refund/cancel!) or avoid services that are cleartext and use browser extensions (Chrome/Firefox) like HTTPS Everywhere.
He could also probably try some nasty soykaf and try some Wireshark exploits (dos stuff) to make it hard for his dad to view the logs if he's using Wireshark.
>>
No.14217
>>14216 Actually let me retract my claim that if the packet sniffer isn't on your friend's machine then you're good. At every stage you're fine.
>>
No.14219
>>14215why not? dnscrypt can override the router dns settings, and https is encrypted client-side.
>>14216maybe generate fake traffic as well so he won't get suspicious?
>>
No.14221
>>14215nope, generally the computer does the encryption and the router just passes it along.
>>
No.14222
>>14214https doesn't encrypt where he is going, just the contents,
He will see what he will be doing.
dns proxy might help but your best bet is a onion browser like
tor or i2p etc.
>>
No.14230
>>14214That'll only prevent his dad from seeing DNS requests, but once the server's IP is sent back to the guy and he tries to access it, his dad will see the IP and will be able to copy/paste it in his browser.
The only solution is using a VPN, TOR, I2P or something like that.
>>
No.14233
>any encryption isn't any good since it's his local network that's being sniffed anyway. that's not how it works
also tell your friend to move the fuarrrk out
>>14216the attacker controls the LAN, ARP poisoning isn't necessary
>>14230The IP address only tells the host, not what part of the site (or even which site on shared hosts) is being accessed. So for example if the guy is worried about people knowing he looks at gay porn he can just go to redtube and tell them he's looking at straight white sex between married couples with the lights off and in the missionary position for the sole purpose of procreation.
>>
No.14235
>>14233 I don't think that this is a simple 'attacker owns the lan so preventative measures aren't necessary' situation.
OP's friend's father, by the sounds of things, isn't capable enough to install his own router or make the modifications needed to sniff his network and I can't think of any accessible mainstream routers with that functionality builtin. By the sounds of things this is a step that could be taken with success.
>>
No.14236
>>14233His privacy would still be invaded, and he wouldn't be able to go on his favorite gay porn-dedicated websites.
>>
No.14237
>>14234 Not necessarily if the server is on shared hosting, and cloudflare is common nowadays.
>>
No.14238
>>14236Well then he should get a job and rent his own place. If he's a fully grown man without some terrible disability still living at home I think it's perfectly reasonable for his parents to make some rules.
>>
No.14239
>>14213>>14214This is a good solution.
>>14222>torSeems a little ott for something like this, but it couldn't hurt. However his friends needs to be able to know how to really use it, configure everything correctly to be able to avoid attacks.
>>14214>encrypt his hard drive(this is optional but recommended)I'd say more than reccomended in these circumstances. His dad goes onto his sons machine to install a keylogger?
He should format his drive if he can and install a secure Linux distro, encrypt everything and follow the advice the other lainons posted.
Arch wiki has a somewhat decent section on their security page.
>>
No.14240
>>14238You're not answering the question by giving this answer.
>>14233What if, because he's browsing the gay section of a non-gay website, the website decides to load resources (css, images, js, frames...) that comes from a gay website? His dad would be able to see traffic going to an IP tat belongs to a gay website.
>>14239>>>14214>This is a good solution.No, this is not a good solution.
>>
No.14242
>>14239To stop ANY slip-ups just boot with tails every time he wants to go private. Job done and even if busted just eject DVD/pull out usb... all trace = gone... unless his dad is NSA.
>>
No.14245
An idea off into left field, but if he has a job, why doesn't he get a data plan from a company like AT&T and then he could tether his LTE to his laptop/desktop?
I know that isn't a great idea if you are into watching a lot of videos from Youtube or something but just getting your own internet connection that you can control wouldn't be a bad idea either.
>>
No.14246
>>14213>using a packet snifferthat's a weird roundabout way of enforcing abusive control
most abusive parents would just make random hard rules:
- no passwords, no encryption, no delete history, screen where they can see it. Fail to comply will result in instant lan ban
If I were your friend I wouldn't play the cat and mouse game. I would use the library, and generally try to get the hell out of there asap.
>>
No.14260
>>14240>No, this is not a good solution.Care to explain why it's not a good solution?
>>
No.14263
People are overcomplicating things... just use a VPN e.g. cryptostorm, and encrypt the harddrive
>>
No.14286
>>14260It has been explained by
>>14222,
>>14230 and
>>14240.
>>
No.14288
父さん is clearly hiding something himself. You should get your friend to sneak a keylogger on to the father's computer.
>>
No.14318
Get an account with Mullvad. They accept cash and you don't need to provide any personal information.
