How To Achieve Indelible Fingerprints

 

 

 

 

 

 

in·​del·​i·​ble  - that cannot be removed, lasting.

 

Hey, welcome to the blog.

 

I got to successfully assemble and futureproof my computer PC desktop last month.

 

I started a week ago by installing first my video driver on August 13, 2021.

 

It was only at this date that I finally attained a "hardened security status", which I will share in a separate blog post the details in the future.

 

In a nutshell, I was able to achieve my aim/objective which was to get all my connections to the world wide web totally encrypted.

What? That's right.

 

Indelible in security speak is intended for a totally ENCRYPTED Server Name Indication (ESNI) that is, what I dub my version of a  "secure web connection heaven."

 

By the way, there are four (4) tools/things that you will need to use/tweak in order to achieve FULL ESNI as follows:

 

I.    GRC Fingerprints

 

II.   Cloudflare

 

III. Firefox ESR

IV.    Bitdefender

I.  "FINGERPRINTS"

I always validate my SNI using Steve Gibson's cool site (multi-millionfold thanks and kudos!) and in his home page under Services Tab is a drop down selection called,

HTTPS Fingerprints.

Here's the link below:

 

https://www.grc.com/fingerprints.htm 

So, with my registrar/domain which is Cloudflare, I tested my site https://www.avianquests.com in Steve Gibson's Fingerprints.

 

At this phase, take note first of your Security Certificate's Authentic Fingerprint.

 

 

 II.     Cloudflare

To check if your current browser is already ESNI ready, click on the link below for that procedure.

 

https://www.cloudflare.com/ssl/encrypted-sni/

The four (4) green checkmarks MUST be generated above to indicate that your browser is ESNI-capable and ready as evidenced by the following :

 

Secure DNS

 

DNSSEC

  

 

TLS 1.3

 

Encrypted SNI

 

 

 

Again, it is very, very important that you are able to generate the abovementioned four (4) criteria when you run the test.

 

Question:  If I pass all four tests, am I secure no matter which site I browse?

Caveat: Not necessarily. Even if you pass all four tests, if the domain/web site URL that you are visiting must also need to support DNSSEC, TLS 1.3, and Encrypted SNI, then you are still potentially vulnerable, even if your browser supports these technologies.
 

To further double check that, you have to click to another link below to be positively sure:

https://www.cloudflare.com/cdn-cgi/trace

 

The Cloudflare link above will display this result/example below:

 

Since I am using Firefox ESR, which generated the report above, notice, it says, "sni=encrypted."

(Also, for security reasons, I erased the values of my IP address, TS and f1 details above.) 

For example purposes, and to further check  that it is SNI encrypted, type the following in your browser prompt , https://www.google.com and hit enter, and it will result to the following.

"Site information for www.google.com  

Connection secure."

 

 

By clicking on the right arrow of Connection secure in the abovementioned example, it will bring up another prompt below as follows:

 

You are securely connected to this site.  

 

Again, by clicking on More Information tab of the abovementioned screenshot will bring up the certificate information below as follows:

 

This is the screenshot of the Google "Fingerprint" of security certificate generated by my Firefox ESR browser.

 

 

 

On the SHA-1, you can compare that with Steve Gibson's Fingerprint analyzer to be the same/identical.

 

If not the same fingerprint values, your browser/connection to the internet is NOT ENCRYPTED, and thus, you must now remediate it and follow the steps that I did to attain a FULL ENCRYPTION status.

So, today as I write this blog post, in my case, it is around seven - eight days depending on your location, and running a browser of choice, which I am running on total ESNI Encryption without encountering any security problems in my web browsing experience.

So, last but not the least, is that, we've reached the third and final part of the ESNI Fingerprinting enablement/walk through.

 

 

III.     FIREFOX ESR version 78.13.0

 

In my particular experience for my desktop PC, which is ESNI-compliant, which again, to fully ensure that I am totally ESNI-compliant, and whenever I view my domain/blog site's fingerprint and/or other web sites with an indelible ESNI signature, moving forward, I now use only FireFox ESR browser.

I tried other browsers, however, they do not generate an encrypted SNI.

 

Here's the link/address:

https://www.mozilla.org/en-US/firefox/enterprise/ 

 

 

 

 

Once Firefox ESR gets successfully installed in your PC/laptop, a little tweaking of the browser default must be done.

 

Again for example purposes, 

type https://www.google.com

 

 

Click on the three horizontal stripes on the right most portion of the Firefox ESR browser and a drop down menu will be presented and then chose, and  Options.

 

  

Under the General Tab, scroll down to the bottom of the page.

On the Network Settings Option Click on Settings located at the right side.

 

In the Connection Settings, make sure No Proxy option is chosen (ticked).

 

Enable DNS over HTTPS box which is again, ticked (check marked)  then click on OK.

 

IV.    BITDEFENDER

Last but not the least, if you use Bitdefender as firewall, you have to make some exception entries in the firewall rule to fully allow ESNI.

Run Bitdefender as an Administrator.

 

On your Bitdefender Protection Features choose Protection and click on the Open on the Advance Threat Defense choice.

After which you will be prompted to the abovementioned screen, then click on  Settings.

 

 On the third row, click on Manage Exceptions.

On the Manage Exceptions screen above, click on Add exceptions.

 

On the blank row, I typed Google.com as an example. Then hit the Save, button.

And below are managed exceptions which Bitdefender's Advance Threat Defense will bypass/allow thus, one will get the unadulterated encrypted SNI from the domain. 

Really, no rocket science here, very straightforward.

Once you have set your exceptions, you're good to go.

In summary, here are the major takeaways/benefits running your browser in FULL ESNI mode:

 

- Elimination of MITM (Man-In-the-Middle);
- Elimination of ransomware vulnerability;
- Peace of Mind;
- Adherence to the best security practices; and

- Et cetera.
 

And of course, it's totally "free" just invest your time and effort to make it happen. 

 

It's a big thing for me to be able to get back to this "state of security connectivity" online and have peace of mind knowing that your internet connection is safe/secure.

Other tests, (If you like to do, it's quite fun actually.)

CHECK DNS SPOOFABILITY
   
    https://www.grc.com/dns/dns.htm

 

 

References: 

https://blog.cloudflare.com/encrypted-sni/

 

 

https://blog.cloudflare.com/esni/
 

 

https://www.cloudflare.com/learning/ssl/what-is-sni/
 

 

https://www.cloudflare.com/learning/ssl/what-is-encrypted-sni/

 

 

https://www.grc.com/fingerprints.htm

 

 

https://www.bitdefender.com

 

 

 

If you like this blog, 

  

Till next blog post. 

Keep safe, and keep blogging.

Do check me out/follow me at the social media channels below:

 

Instagram: avianquest

 

Twitter: avianquest

 

Facebook:  avianquest

Blog:  avianquests.com

 

   





   

            

 

 

 

 

 

 

 

Somewhere in Mines View Park

 

 

 

 

 

It's been quite sometime (4 years ago) to be exact since my last update about Mines View Observation Deck inside Mines View Park. 

In the northeastern part of Baguio City which is approximately four kilometers from Session Road is a highly sought after tourist destination called Mines View Park.

But just recently while our planet is in a state of "pandemic", I managed to visit Mines View Park to check what changed or remained static.

 

By the way, if you're planning to visit Baguio City, the link below will be very useful in addressing health protocols, guidelines, et cetera.

 

Baguio City Health Declaration Form

Let me start with the "not so good news". As of writing, February  18, 2021, the road leading to Mines View Park cannot be accessed directly due to ongoing infrastructure road repair/rehabilitation by qualified contractors of the Philippines Department of Public Works and Highways.

   

Let's cross our fingers and hope that this portion of Mines View Road (via Outlook Drive) gets finished by the end of month of February 2021.  

 

However, you can still reach Mines View via an alternative route using the Gibraltar Road, Baguio City.

Getting to Mines View Park is stress-free, since most jeepneys, taxi cabs, or if you have a personal motorcycle, bike  will bring you right in the front of the park itself, and you will see one of this ground signages.

Just a few steps from the ground signage is the Mines View Park entrance. Again, if still in doubt, you can ask the person/s on duty at the Mines View Barangay Hall on the left side of the entrance/gate.

The entrance/gate of Mines View opens very early in the morning (whole week) say, 6:00 a.m. since the businesses inside will have to prepare their display products, produce, et cetera for selling.

Lately, the City Government of Baguio through the City Treasurer's office started to charge entrance fees for the access of the Mines View Park which generated approximately Philippine Pesos 661,000.00 last fiscal year 2020. 

Link below on Baguio City generating Philippine Pesos 2.6 million from entrance fees in city parks in 2020.

For illustrative purposes, you will receive a ticket stub per head (just like this used one which was issued to me) once you pay the entrance fee of Mines View Park.

 

 

Mines View Observation Deck is located within Mines View Park and is accessed via the combination of cemented walkways and safe winding stone-constructed stairways.

Well, one of the amenities so far, is the updated support facilities that the park offers in terms of ease of access it provides to PWD (Persons With Disabilities). This will enable wheel chair drive through safely starting from the entrance and going to-and-fro the park.

 

Nowadays, an Android or an iOS app for measuring number of steps taken is most often used, and much more reliable calculator.

 

Personally, taking brisk walks in the City of Baguio is highly recommended especially in areas where there are lots of trees like, South Drive, Camp John Hay. 

Mines View Park is a  smoke/Vape-free zone and thus, violators get issued citation tickets.

 

The Mines View Observation Deck is not only a tourist destination , but presents to all the chance and experience of bonding with family, friends, acquaintances. Photography, selfies is highly encouraged in the park.

The Mines View Park  is highly sought after location due to it's observation deck or platform which allows walk-in visitors, tourists, bagpackers to enjoy the breathtaking landscape panorama of Itogon, Benguet.  I took this photo in the afternoon.

The observation deck is designed to be enjoyed by almost everyone which is equipped with a safety perimeter of cemented railings for added protection especially small children and deck visitors. Just make sure to stay within the confines of the railings and you'll be fine.

If you happen to visit the observation deck in the afternoon, the sunlight will be coming from the back so viewing the landscape will be easy and taking pictures without the need of camera flash. I will tell you the reason why sometimes afternoon photo shoots have its unique advantages versus early morning photo shoots.

 

The observation deck is also a cool destination in the afternoon while if you go in the morning, it will very cold especially in the months of September through February. So, always be prepared and bring with you a shawl, thick jacket/sweater to keep yourself warm and comfortable and protect yourself from the possibility of hypothermia.

 

Another feature of Mines View Park is an area before the observation deck, which offers a venue taking your picture with family, friends, acquaintances using a live horse and wearing Indian-inspired costume/props for 50.00 Philippine pesos for three posed pictures. 

 

Also, children/adults can mount the horse with the assistance of the local operators and take their pictures again, for a small fee. This is a unique livelihood of the "Pony Boys" group of Baguio to augment their source of income.

Now, horses or equine that are employed in the paid photo sessions are fine bred ones (good-natured and friendly) from Wright Park.

Another hit thing to do whilst in Mines View Park is taking pictures by posing in ready made Benguet ethno-indigenous costumes. Your pictures can become instant "post-cards" for your social media accounts like Instagram, Facebook and serve as indelible memories of your visit of the park.

The afternoon weather can be normal as depicted here and sometimes, if you visit the observation deck you will not be able to see the landscape due to thick fog banks.

 

For those engaged in horticulture or just plain plant and flower lovers, and you are looking for potted plants and flowers to purchase, well, just head over to Mines View Park and the place offers different varieties at affordable prices.

Now, don't haggle for prices, since we would want to help the local's earn decent income from this livelihood.

I was surprised to even find Stevia potted plants for sale. How about that for natural food sweetener.

Well, up to this point of the park journey is all about how to access the park as a casual visitor.

Now, there comes an occassion where those who are bitten by the "photography bug" are not only as enthusiasts, but professional photographers even go through the extremes of sacrificing their time to capture the best landscape during predawn, dawn, and sunrise hours of the beautiful views of what Mines View Observation Deck offers.

 

By the way, whilst the park is maintained daily in terms of cleanliness, let us also do our part to dispose properly personal trash at designated garbage bins in the park, and avoid littering e.g., candy wrappers, used chewing gum, or any waste by product.. As a practice, Clean As You Go.

 

My focus is not just about the park per se, but in particular the Mines View Observation Deck; a venue especially for persons inclined in landscape photography, enthusiasts and/or professional photographers who love landscape photography.

 

Me and my photography friends, and mentors miss the days when there were no entrance fee to the park.

In those days, we can access the park as early as 4:30 a.m. and prepare for predawn, the arrival of dawn and catch the sunrise hours.

 

Patience is one virtue which tests one's stamina with time especially the waiting game.

Photographers who have imbibed as their second nature of waking up before the sun rises can capture long exposure photography techniques. This technique takes time to master and needs some investment of camera filters, tripods, wired/wireless camera shutter triggers.   

Sometimes it is not only the Mines View deck where a photo composition works but also utilizing the surroundings of the park itself.  Again, stretching one's imagination and trying it out does not cost a centavo, but just a little bit of effort and out of the box ideas.

 

Sometimes the brrr (cold) months of Baguio City works to the advantage of composition of landscape images especially a mix of low lying clouds, fog banks, and sunlight create extraordinary scenes.    

 

 

Some of my photos are by chance and whilst taking this photo, a millennial photo enthusiast was taking also shot. So, why not do a shooter shooting another shooter composition. So, it turned out a good human interest capture. 

 

Again, here's another example of a shooter shooting a shooter shooting the sunrise. Click! 

This Baguio City promontory is considered as one of the highly sought after tourist spots in Baguio City because of landscape photography as one of the reasons reasons. 

 

This happens especially on the first day of the first month of the year, that's a 01.01. Well, it has auspicious significance and to me ushers new beginnings and insights in meeting the new year, and actually kind of works with photography. 

Before the practice was sending postcards to our friends, family, acquaintances to the places of interest that he have visited. However nowadays, it's easy-peasy of being Instagram-ready, and yes, it is, and of course it doesn't disappoint to take landscape photography, selfies which can be instantly shared in social media with technology using mobile phones, tablets, cameras.

 

Using a 360 degree omni-drectional camera, I was able to take this photo.

If you're tying to take photos to be National Geographic-ready, well the deck is the place to be.

 

Well, one has to develop a keep eye and watch and observe the unfolding drama of the interaction of the fog, clouds, with the mountains and hills of the landscape below.

Looking for great light in photography, well early morning dramatic ambient light is easily accessible in the deck. Constant practice and exercise of one's craft and doing it right the first time makes one improve and create meaningful art.

 

However, timing is the key as sometimes the weather is not always cooperative. So, always check the present weather forecast.

To some photographers, foggy or cloudy scenes and atmospheric mood/texture to their compositions.

Again, it boils down to each personal preference on the importance of fog banks, cloud scenery.

 

Sea of clouds, look again, look no further. Again, timing and preparation completes the essence of capturing these ephemeral white beauty elements.

 

 More early morning low carpet and dramatic cloudscapes.

At the end of the day, anyone with the knack of documentation can use any technological implements such as (mobile phones with cameras, DSLR, pocket cameras, 360 omni-directional cameras, et cetera) which produces photographic images, videos.

The most important realization that I want to share is, photography is an avenue of opening one's mind's eye as a detached observer, and the developing virtues and positive values whilst one goes through his/her life journey in time.

 

Mines View Park and Mines View Observation Deck is just one of the destinations offered to everyone in Baguio City, so make time off to visit (and bring your cellphone camera or any implements to take photographs with). 

 

Enjoy and keep the clicking (shutter). I'll see you when I see you. thanks for dropping by. Stay safe.

 

If you like this blog, 

  

Till next blog post. 

Keep safe, and keep blogging.

Do check me out/follow me at the social media channels below:

 

Instagram: avianquest

 

Twitter: avianquest

 

Facebook:  avianquest

Blog:  avianquests.com