Securing internet connection with hostile ISP

Please excuse the lack of details, you can understand why. I have a friend in a foreign country who is certain that he is a surveillance target of his local government. Other people he knows in his same category have already had their internet connections spied on, and seen contents of their emails leaked. He refuses to use his local ISP because the government runs it, so he uses another means of internet but which is very unreliable.

He really would like to use a landline ISP for it’s stability, but knows he can’t trust it. I thought of setting him up with a serious firewall (like pfSense) with a permanent VPN tunnel to a provider that is based outside of his country.

Given these considerations, would this be a safe solution? Or rather if the ISP is compromised, are all bets off?

Just adding basic token by POST parameter for securing the API. It is safe?

Let’s say I have an address for an API like this:

mywebsite.com/api/mydata 

If accessed, a JSON will appear like this:

[   {     "id":"1",     "name":"John"   },   {     "id":"2",     "name":"Smith"   } ] 

The result defaults will be displaying the entire data if a post has no parameters. If you use post "ID" and the ID parameter value is one of the existing data in the API, it will only display objects from the data selected based on the ID. The API can be accessed by anyone. API needs to be accessed using token parameters to secure the data.

Let’s say I add a token parameter to be able to access data like this:

yourtoken="yourtoken"  if (post_param[token]==yourtoken) {   // Displaying JSON } 

so if you want to open the API, you need to add a token parameter.

Is simple security like this worth using? what vulnerabilities will arise if I use this? is there a better way than this?

Securing application server for a single user

I’m building some simple dashboard app for myself, but I want to have them on multiple devices – hence the server and front end. As I will be the only user who will access the application server, what security should I implement.

Stack: Postgres Ktor (Kotlin) server, HTTPS, only REST API Front end

I’ll run AWS Lightsail instance since I don’t need anything heavy. Postgres and application server will be there, with only ports 443 and 22 open. Front end will be on S3 with CloudFront.

I’m doing this because it’s easier for me to make a browser "app", than to make an Android app + something for desktop and keep them in sync.

I’ll be using the app from multiple networks. At home (where I don’t have a static IP, which would solve some of the problems), from mobile network, from work, when traveling to other countries, etc.

For background, I’ve been working on server for almost 3 years, Spring + Hibernate, Postgres. I have a fair knowledge of linux, hosting a server on it, some of AWS services and basic knowledge of database administration. I’ve done a bit of front end, but I’ll have to get back to that soon. I have almost no knowledge of security beyond basic JWT and SSH.

Can I use my own implementation of a widely used, supposedly secure cryptographic algorithm for securing data at rest?

I know you shouldn’t roll your own crypto and generally its not a good idea to implement (and then deploy) any extensively tested and recommended algorithms by yourself either.

I have already seen this question, and as far as I understand, the main problem with implementing things yourself is that you will probably remain vulnerable to a host of side-channel attacks.

But suppose I have already implemented AES (just for fun and as a learning experience). What if I now use that implementation for simply encrypting files locally (and then perhaps back them up on the cloud or on removable media)? Since nobody other than me would be using the implementation, most of the side channel attacks would not apply. For instance, since no attacker can request an encryption/decryption (the way it works with a server), no timing attack can be carried out. Would this scenario be sufficiently secure?

In other words would using my own implementation of AES provide security for data at rest or will using it still be a stupid idea?

Securing a Linux VPS: is it rational to be terrified?

Like so many others on the web, I’m an intermediate web developer who is starting to get into the security side of things and I’m looking to start running a VPS. For years, I’ve resisted the move to VPSs because of the security implications. There are many, many guides available on the internet and even questions on this StackExchange.

However, I’m still terrified about exposing the server by missing something (because as we all know just because somebody writes a blog post doesn’t mean they know what they’re talking about). Am I overreacting by making a mountain out of a molehill? Is hardening a VPS actually possible for a non-expert?

Securing media uploading to the cloud from reverse engineering

I own an RPG multiplayer game written in Java, where players can fight each other in the game.

Recently I planned to invent a new feature, where the last 15 seconds of your fight and the “knockout” will be saved and a gif will be created of the fight’s ending and automatically uploaded and can be linked to your account and viewed on the game’s website gallery.

Strategy I planned to use:

  1. Server sends a start-recording packet to the client to start recording the graphics buffer
  2. Client will clear the buffer and only keep the latest 15 seconds (X frames) of the current fight.
  3. When the fight ends, server sends stop-recording packet, this packet will contain a pre-signed URL generated by the server in which the client will use to upload the gif that the client will create in this step. the presigned URL will have the user’s ID encoded so that way it is linked, and a record will be created in the database aswell on the presign or on upload callback.

Might use AWS S3 as my storage.

What is the issue?

People can reverse-engineer my client, and can basically start fights and upload any gifs that they would want to, pornographic and unrelated content.

Is there a way, besides image-processing to solve this issue\?

Securing SMTP server and its logs

Looking for general mail server security best practices here.

I did some research and it’s really hard to find the information out there.

  1. How do you safe guard a smtp server log? Are there any encryption tools out there? Our reason is if the server is compromised, at least the logs are not in plaint text format for attackers to see without obtain our tool/keys.

  2. It seems like most SMTP servers out there stores recipient information in the log files, how can we ensure these information are not stored or at a minimum are scrambled. Is that possible?

Thank you and I’m still researching on the subject.

Securing an API for 3rd party users

I’m having issues finding the right language to search for answers to my problem so hopefully I can explain it here.

I am trying to create an API that will be accessed by a 3rd party. This 3rd party authenticates their users using some unknown system (they use something like auth0 or Okta). Their web application will be making requests to our API on behalf of the users. We need to validate the these requests are coming from authenticated users from the specific 3rd party, but we don’t want to keep track of the 3rd party’s users. We need these requests to have tokens containing claims pertaining to the individual user, but it would be up to the 3rd party to handle these claims.

Is what I’m describing here possible? I’ve been reading up on Federated SSO, but it doesn’t quite seem to solve the problem that we’re having.