Manage Internet uploads with Portmaster
Full Control
Security and anonymization play an increasingly important role on the Internet due to the endless appetite of Internet companies for personal data. Portmaster and the Safing Privacy Network will help you protect your privacy – even if you're not a security expert.
Intensified data grabbing is making life difficult for users on the Internet. It's not just the usual suspects like Google or Facebook who are collecting user data. Even conventional software packages have increasingly started phoning home and sending "telemetry data" to their vendors or third parties.
Users typically don't notice this data transfer and cannot track what data is being sent to whom. To stop this bad habit, a startup by the name of Safing, which has already twice received funding from the Austrian innovation incubator Netidee, has developed an application firewall called Portmaster that lets everyday users track and control the flow of data to hidden recipients [1].
Idea
Portmaster combines several privacy-related services in a single package. Included within the Portmaster application is a firewall, a system of filter lists to identify trackers and other undesirable sites, a secure DNS service, and an optional privacy service (similar to the TOR network) called the Safing Privacy Network (SPN).
Perhaps the most interesting part of Portmaster is the way the developers have encapsulated all that functionality into a single user interface that you don't have to be an expert to understand and manage. The intuitive Portmaster user interface makes it easy to monitor and block network connections, set filters to automatically block trackers and adware, and configure different filter settings for different applications. Portmaster is free software hosted on GitHub [2] and provided under the GNU Affero General Public License (AGPL 3.0).
How It Works
Under the hood, what is known as a Portmaster Core Service that sits between the kernel and the user interface on one side and the kernel and the Internet on the other (Figure 1). This core service consists of several components, the most important of which are the SPN, the privacy filters, and the Secure DNS service.
The Secure DNS service uses the DNS-over-TLS (DoT) protocol, which sends DNS queries over an encrypted TLS connection. This encrypted connection stops unauthorized third parties from viewing the DNS queries. The privacy filters, which act much like a firewall, also use filter lists. The system references the filter lists to block undesirable connections.
The manufacturer is continuously developing the filter lists – lists of sites associated with malware, tracking, phishing, or other nefarious activities. The lists are maintained on a separate GitHub page (Figure 2). You can also add your own entries defining sites you wish to filter.
The SPN is an ambitious project that is still in its early stages of development. The company's long term plan appears to be to continue to give Portmaster away for free, but to sell access to SPN, which the company says will eventually obfuscate IP addresses [3] and prevent third parties from viewing data. SPN routes data packets through multiple servers on the Internet in an approach that is similar to the TOR service. (See the article on the TOR network elsewhere in this issue.) SPN is currently in what the company describes as the alpha stage. According to the Safing website, "Treat the SPN as a VPN in your threat model for now. Please be aware that there are not enough users and servers during the alpha phase in order to protect you from VPN traffic analysis" [4]. But even if you don't decide to experiment with SPN, the intuitive user interface and background services of Portmaster are worthy of some attention.
Installation
Portmaster is available in binary package form for most popular Linux distros. A compatibility list available in the documentation shows which kernel versions and desktop environments Portmaster supports.
Most recent Linux kernels are fully compatible with Portmaster, except for version 5.6, which has a problem accessing the Netfilter queue. The widely used KDE Plasma, Gnome, Xfce, and Cinnamon desktop environments all work with Portmaster, although Budgie appears to have a problem with displaying the Portmaster icon in the taskbar.
The project's website offers installation instructions for many popular Linux distros, including information on the dependencies you need to resolve in order to achieve a speedy installation.
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
So Long Neofetch and Thanks for the Info
Today is a day that every Linux user who enjoys bragging about their system(s) will mourn, as Neofetch has come to an end.
-
Ubuntu 24.04 Comes with a “Flaw"
If you're thinking you might want to upgrade from your current Ubuntu release to the latest, there's something you might want to consider before doing so.
-
Canonical Releases Ubuntu 24.04
After a brief pause because of the XZ vulnerability, Ubuntu 24.04 is now available for install.
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.