Privacy

What do the denizens of Sup Forums do to maximize their privacy?

Other urls found in this thread:

github.com/pyllyukko/user.js/)
twitter.com/SFWRedditVideos

i use opera vpn :^)

Hope you've patched all the IP leaks.

I use duckduckgo and startpage.

I use chrome with my gmail signed in

I route all of my traffic through nsa servers so ruskies cant phish me

I use incognito mode

I got nothing to hide

>searx.me
>Different profiles in FF
>Firefox + user.js (github.com/pyllyukko/user.js/)
>Certificate Patrol
>HTTPS Everywhere and HTTPS by default
>No Resource URI Leak
>Decentraleyes
>Generally browse the web less and use ZeroNet & Tor more

I could go further by using RequestPolicy & NoScript but generally they're pita for me.

>duckduckgo
>maximize their privacy

Close my curtains

>What do the denizens of Sup Forums do to maximize their privacy?

>deleted Facebook and whatsapp
>VPN
>Firefox with privacy badger, dencentraleyes, https everywhere, ublock.
>Wire
>duckduckgo
>protonmail

Hardest to give up is Google Drive fuck it's so practical.

Air gap.
Burner phones, laptop, account.
False online persona.
Password manager.
Plain clothes and general appearance.
Safe box.
Use Chromium with the usual extensions.
Use iPhone.
Use GNU/Linux.
Ninja traps.

The most practical thing is to gain power in government though. NSA higher-ups most likely have the best protections.

I watch porn at the local coffee shop while I do my taxes.

I unironically do most of these.

no mention of self-destructing cookies?

I've done the most logical thing: Given up on notions of online privacy.

just focus on personal privacy

ignore the nsa/botnets/etc and look out for yourself

I use self-destructing cookies, along with ublock origin (extra filter lists enabled), umatrix (JS on default-deny), and random agent spoofer (set to use a new UA for every connection), along with Decentraleyes, Refcontrol, and Greasemonkey with Reek's adblock script.

I use that GHacks custom user.js to turn on a lot of anti-fingerprinting options I disallow websites from using their own fonts, disable canvas, webGL, and a lot of other newfangled things. I also disable telemetry, safebrowsing, and other things that could leak information about the sites I visit.

I do all my browsing in a Linux VM connected to a VPN. I change what server I connect to now and then. My VPN provider does their own DNS, but I have my router set to use OpenNIC in the event of any leaks. I use HTTPS Everywhere and have older ciphers disabled in my browser. I also disable session tickets to make it more likely that I'll get forward secrecy. I'm peeved that some sites still refuse to negotiate anything better than TLS 1.0, though, I'd like to disable that.

I use Startpage for my search and email to avoid Google. Sometimes I split my searches among SP, DDG, and searx.me. If I want to use Youtube I use youtube-dl in a different VM connected to a different VPN server to download the link and then view the video locally. I put a custom ROM on my phone without Gapps, and I make a point of leaving my phone at home unless I know I'll need it. If I do know I'll need it, I try to keep it turned off until I do. I always turn it off before entering a store. I keep all my passwords in a (local) password manager. They're all different, all at least 16 characters, including mixed-case alphanumeric and symbols. I use full-disk encryption.

I still feel like I'm behind the curve. Is there anything else I could be doing?

>all that VM.
That's Qubes?

Nope, just an ordinary VM in VirtualBox.

about once a year I try to switch away from virtualbox to KVM with virt-manager but something always goes wrong and I can't get it to work at an acceptable speed and give up. I suspect that only virtualbox expects you to be running a graphical desktop in your VMs, and KVM/virt-manager tacitly assumes it needn't care about making that work fast since everyone running VMs is running server processes that are just command-line anyway.

Underrated post

thank you for your service

I really don't care anymore. Not like Google or Microsoft are going to call my employer because I post anti semitic memes.

>False online persona
Shoot. How do you do it user? Do you also use a fake name when creating accounts?

I don't use any Google services.
I don't log into FB.
I don't have Twitter.
I use Russian services whenever possible since these are beyond the reach of US law.
I don't use Dropbox.
I don't store my data in the cloud.
I clean up my cookies and local data after each browser shutdown.
I use Linux.
I don't use Android.

>airgapped
>posting on Sup Forums
explain

I pay for a vps in Switzerland with bitcoins, use truecrypt 7.1a and have a hidden os. Ssh tunnel through it. Use two phones, one for encrypted data and the other for work/no data.

You can also set up fake facebooks for obfuscation. I avoid vpns because they're still capable of storing your data and subject to their host countries laws. VPN chaining is alright if you have multiple.

I'd tell you.

But, then I'd have to kill myself.

I will tell you this: I search for myself regularly on the Internet using numerous methods. My name is unique in the world ... actual literally nobody else in the world with my name.

There are only about ten hits for me, all related to some science papers I helped author a few years ago.

Feels incredible.

Step 1: no social media accounts tied to my real name.

Don't use the internet.
Live in an underground bunker.
Wear a ski mask when U go shopping for groceries.

A computer for browsing and a computer for working that's never been connected to the Internet.

I have a unique name as well and have no results on any search engine.

I have a unique name but the only result is my cousin who's a celebrity in Sweden.

Nothing. I have nothing to hide

Some people do ;)

lol. free and VPN are two words that should never go together.

Opera is owned by some Chinese ad company, fuuuuck that shit.

You're a real fucking Sup Forumsentooman user, I wish I could follow your foot steps.
My only issue is that I have a bunch of random accounts that I don't know the password or email to. (Facebook is one of them)
One of these days I am gonna start working on removing myself from the botnet.

Join me user, I'm working on switching to Ubuntu and full-disk encryption. Already have VeraCrypt and TOR Browser.

>veracrypt
>ubuntu
>browsing clearnet with tor
>everything else posted from winblows
Kek what a moron

I would like to make the full switch to Linux but that might be a bit difficult currently.
I wish I had a little Intel NUC or something with a k/m and HDMI switch so I can choose whichever PC I want on the fly.
That actually might be a feasible idea.

Integrating as much of my phone with Google to avoid using third party apps. Reduce the amount of people who spy on you.

I have an account with ivpn, which doesn't do a whole lot. My torrent server is routed through that. I also occasionally bounce Chromium through it to double up how many http downloads I can get from services like File Boom or Keep2Share.
I run a gamut of web blocking services. uBlock Origin, Ghostery, Disconnect, NoScript. RefControl. HTTPS-Everywhere. Self-Destructing Cookies.
My phone is the weird place where I see ads for things I've looked up on other services. I should probably lock that down one day.

Oh and when I'm away from home I can pump my traffic over VPN to my house to get around HTTP blocks and make sure no one is MitM for my traffic.

My cookies are deleted when the browser closes. This is a browser feature

use many profiles in firefox (+ noscript) + other browsers for different things

>use ZeroNet & Tor more
>I could go further by using NoScript
you are doing it wrong... Tor + JS is a huge risk

I'm like you but I maintain a professional persona with typical normie things like FB and Gmail and LinkedIn . I obviously make this as private as possible within their own sites, as in non searchable, all info is private etc.

I tried doing the separate VM for banking but it's too impraxtical. I already run Linux and it should be fine.

And I also keep a phone , with the said normie profiles. I'm not worried about anything so I just keep my normie accounts clean. I have no permanent internet aliases anyway.

If I have a reason to go full tinfoil I would get a burner phone on a prepaid plan. Use hardened Gentoo and only connect to public cafes on Russia VPN or if I am in Russia, an American VPN.

What is your password manager ?

whatever i can do that's easy to do, but i've mostly given up. there's nothing i can do about my massive online footprint built from spending my youth on the internet and internet privacy is fucking unsalvageable in this day and age. we've already lost

KeePass. I like my password database just being an encrypted file that only I know the password to. I don't have to trust any cloud service or any of that crap. It has a good password generator, and you can add notes to entries. I use that so I can give nonsense answers to security questions and then just note them down next to the password.

I keep the database backed up in (at least) four separate places.

>use either Coreboot or Libreboot as a free and open source BIOS replacement
>disable the Intel management engine
>set GRUB as a payload in Coreboot/Libreboot with OS prober on so the bootloader is now a part of the BIOS and harder for a physical attacker to fuck with
>set GRUB password
>main hard drive has Debian 8 encrypted with Twofish using LUKS
>router runs OpenWrt
>I have a paid VPN service

My main machines are a Thinkpad T400 and T420. I also have a custom built desktop for muh gaymes but it runs Windows 10 so nothing important stays on that and I pull the power cable when I'm not playing muh video gaymes.

I use Firefox Nightly as my main browser. Decentraleyes and HTTPS Everywhere are good. I also use uBlock Origin and self-destructing cookies.

Yeah, social media also has to go. Facebook users are a bunch of mouth breathers anyways.

Beat me to it.

Pic related.

>is now apart of the BIOS and harder for a physical attacker to fuck with
i chuckled a bit

And still NSA knows who you are, when you shitpost, and who you meet when.

It's stored on the same EEPROM chip and accessed by Coreboot or Libreboot, so yes.

>and who you meet when
Wrong. I don't carry a personal tracking device.

I change my persona, devices, habits etc. every 3-4 years. I mean literally, I change field of work (but it's still generally IT), place of living and country (currently I travel between South Asian countries - it's cheap + infrastructure has dramatically improved for last 5 years), sell or destroy my laptops and phones and buy new ones, change all social accounts (only github is staying untouched), phone number, email provides, create new passwords etc. I try to repeat this loop every 3 years (but sometimes such iteration can go on for 4 years) for 2 main reasons: firstly, this is the only way to keep your privacy because in reality it's imposible to prevent all leaks on one's own and secondly it helps to have more interesting life because you are getting out of the comfort zone by meeting up with new people and culture in different countries, getting additional knowledge and information because you try to learn new skills when you have change place of work and so on

> I already run Linux and it should be fine.

You're delusional. GNU/Linux is possibly the least secure OS available today, with the exception of QubesOS I suppose. Running any GUI over xserver, you may aswell class your system as compromised.

Who are you and why are you spreading this meme everywhere?

>twofish
You were so close
also the ME has its own battery so it still works on your windows 10 machine when you pull the plug

>https
SSL is literally spy-ware from the certificate authorities.
Everywhere you go you need to phone home to the certificate authority.

I have a unique name (every member of my immediate family does) and have absolutely no social media but my name's still online just because I've been in the news so many times for awards I've won

What's wrong with Twofish? Its key setup is more complicated and it can't benefit from hardware acceleration generally only available for AES (still faster than Serpent though), but otherwise it's a modern 128-bit block cipher.

How should I encrypt my external hard drives? Full encryption vs volumes vs hidden volumes?

Use secure private e-mail and IM software. Do most of web browsing that I don't need to identify myself through Tor. No Facebook. My phone only runs FOSS + WhatsApp, which unfortunately I need to communicate.

How do you use your email? Looking for completely secure and private email myself.

Not him, you'd have to find out yourself because anything private and mainstream eventually becomes breakable.

t. NSA gaslighter

Does anyone know if earth VPN is a good service?

Why are free VPN so fucking bad?
Why do I have to pay for a good VPN?
Please tell me if there any good free VPNs that even Sup Forums agrees with...

vpnbook

Host it yourself.

Is it me or people on Sup Forums don't understand how privacy work ?

YOU CANNOT HAVE FULL PRIVACY ON THE INTERNET.

You can't have some temporary but that pretty much it. It more a way of living and habits more than anything else.

I do believe we need our privacy but stop asking how to get it. You cannot have simple answer either you care about it enough to search yourself or you just want to fit in a group so you force yourself.

Privacy =/= Anonymity

first and foremost install gentoo

>you are doing it wrong... Tor + JS is a huge risk
Well, I'm obviously using the TorBrowser with high settings, and it's mostly to browse onion sites.

I don't use NoScript in my normie FF profile.

Who is going to pay for a VPN that hands over their logs?

How is a free VPN going to pay for itself (hardware and bandwidth)?

Really boils that noodle.