Sorry, this was a little late, I spent the last few weeks rebuilding my Raspberry Pi NAS, again. I’ll be doing a write up on that in the near future.
This post is the fourth part of the series building my OSINT VM to do Open Source Intelligence. These are my experiences using a different Xubuntu for my base, compared to Michael Bazzell’s walkthrough in his book, which used Ubuntu.
There are two sections to this posting. Chrome, and TOR. Though I didn’t do much with TOR.
I used Firefox to download Chrome. The site gave me the option to download the Linux based .deb file. After downloading, I opened the terminal window and changed to the Downloads directory and installed it with dpkg.
sudo dpkg -i google-chrome-stable_current_amd64.deb
When I started Chrome, I unchecked both “Make Google Chrome the default browser” and “Automatically send usage statistics and crash reports to Google.”
While I could go through the steps from the Firefox section to find the appropriate addons, I’m only using uBlock Origin and HTTPS everywhere, and the Chrome specific addons, since the goal is to use Firefox for investigations.
The book doesn’t line up very well with the version of Chrome that I have on the VM. So here is what I did:
Under “People,” make sure the option isn’t set to sync. Then go through “Sync and Google services” and turn everything off.
Under Autofill, in “Passwords,” I turned off “Offer to save passwords” and “Auto Sign-in.” In “Payment Methods,” I turned off “Save and fill payment methods.” Under “Addresses and more,” I turned off “Save and fill addresses.”
Moving down to the Privacy and security section, I turned off “Allow Chrome sign-in.” This should prevent Chrome from signing in when logging in to a Gmail or other Google account.
I also made sure to turn on “Send a ‘Do Not Track’ request with your browsing traffic.” In theory, this will tell any site you visit that you don’t want to be tracked, but it really is up to the site operator if that is honored. It could also make you stick out if you have that set because it is a way to help fingerprint your browser.
Next, I turned off, “Allow sites to check for saved payment methods.” While I don’t have any saved, I don’t see why the web site should have a reason to check for that.
The last change is under System. I turned off “Continue running background apps when Google Chrome is closed.”
To clear data stored in Chrome, I had to search the word clear. This action found the advanced feature to clear data. I cleared all data to the beginning. Much like Extensions, discussed next, the clear data option can also be found under the Settings menu. Click the three vertical dots, and then click on more tools.
Following Michael’s advice, I removed Google Docs Offline, Docs, Sheets, and Slides. Since these were on and I didn’t install them.
Prophet has a newer version out called Prophet II. Going to the link previously provided by Michael in the book takes the user to a website that talks about the tool, and a button on the page asking the user to sign up for email. Clicking the button takes the user to a 404 page. Using the site search option at the top of the page, with the word “prophet,” will find several links to Prophet II.
When I went to install Hunchly, there were some missing dependencies. I used the commands
sudo apt update
sudo apt install libgconf-2-4 libcanberra-gtk-module
sudo apt --fix-broken install
to install them. The third command was because there were other unmet dependencies for the packages being installed.
After those were installed, I ran the following command:
sudo dpkg -i hunchly.deb
Hunchly installed with no further problems.
Lastly, I had to create the HunchlyData directory under /home/osint/Documents and copy the license file to that location, which was the steps on the Hunchly install page.
TOR – The Onion Router
I didn’t set up TOR, The Onion Router, but the setup is simple. Down the lad the version for your computer and then install it.
The downside to TOR is that a lot of sites block the exit nodes, at least the sites I want to hit to investigate. I have also found that most of the stuff I need to investigate aren’t on the Darknet, but out in the open Internet.
See you next time. It’ll be either the blog post for part five of this, installing the Linux applications, or it will be a post about the Rebuild of the raspinas, and having to try and save data from the failing USB flash drive using ddrescue.