/bootbg/ - Break Out Of The Botnet General

i have nothing to hide

The internet is a prerequisite for participating in a lot of aspects of society such as work, so yes even though you can't completely break out of the botnet while using it you can take steps to mitigate it.

As the OP says (which is just one example of a counter-argument), aclu.org/blog/you-may-have-nothing-hide-you-still-have-something-fear

>what else?
Possibly guides about selinux, running suspicious software in VM / chroot / docker, liberating router and mobile phone, firefox addons and about:config setup.

Are there any good VPN addons for Firefox?

This company is working towards security-focused Linux laptops. They have coreboot running and successfully disabled Intel ME on their 13" Laptop

puri.sm/

I haven't bought from them, because I bought a new computer too recently, so I can't actually speak to their quality, but I've been keeping an eye on them, and I think they look good.

>you can take steps to mitigate it.
The CIA can hack anything. If it has code on it, you're fucked.

Great suggestions. So far we got:

OS (including OS tweaks like SELinux)
Browser/browser tweaks
Search Engines
Office Suites
Running suspicious software in VM/chroot/docker

Routers/router tweaking

TVs/TV tweaking (how to stop your SmartTV from spying on you so much)

Phones/phone tweaking

doesn't mean you have to make it easier on them.

>doesn't mean you have to make it easier on them.
>implying NSA-developed software like SELinux doesn't have backdoors
>implying $randomsupersekritsearchengine matters, when all your traffic gets logged at the IX level anyway
>implying office suites matter
>implying the Linux kernel is not backdoored

Get a load of this freeturd.

>The CIA can hack anything. If it has code on it, you're fucked.
It was discussed for million times. Having or not having code does not affect hackingness. But if code is open, it will be audited by people who want to fix exploits, not hack. Binary will be audited only with bad intensions, so free software is more secure.
>it is hard so don't even try
You are retarded heavily if you think so

Nice try, bronie

>But if code is open, it will be audited by people who want to fix exploits
Yeah, just like "press backspace 28 times to get root" was discovered so easily... after years! lmao

Nice fallacy right there. "Only good people look at open source code"

Custom ROM's for Android phones, line Copperhead

Ungoogled won't let me install add ons like ublock. It is hard coded not to do certain Google things.

How about you post this, manchild:
libreboot.org/amd-libre/

Recently in the Libreboot project, we've been informed about the new Ryzen platforms being released and sold by AMD. They are currently taking input from the community. Here are ways you can contact AMD to tell them that you demand libre hardware:

reddit.com/r/Amd/comments/5x4hxu/we_are_amd_creators_of_athlon_radeon_and_other/def5h1b/
community.amd.com/places?filterID=all~objecttype~space
amd.com/en-us/who-we-are/contact (has contact links for multiple countries)
AMD's CEO, Lisa Su, can be contacted directly via email. Tell her that you demand libre hardware: [email protected]

How to escape android botnet?
Is it possible to have android without botnet?
If no, what alternatives there are?

I'm gonna setup GPU passthrough so windows is not longer my main OS. Where do I go once OSs are good?

Install GNU operating system on your device instead. But you still have proprietary kernel modules and drivers tho.

firefox comes with lots of crap settings out of the box, it also uses safebrowsing (which contacts google), though this all can be turned off in about:config
I recommend icecat, which is basically ff with all this stuff turned off

haasn made a list of these settings, seems a bit outdated, but have a look gist.github.com/haasn/69e19fc2fe0e25f3cff5

Fair point, I will include this in the next OP.

That's true, I will clarify that you have to do some tweaking in the next OP. Also thanks for letting me know that about IceCat, I thought it was literally just firefox with 100% free images

Along with ublock and umatrix this toy here should also be on the list of essencial Firefox addons addons.mozilla.org/en-us/firefox/addon/decentraleyes/

guess you confused icecat with iceweasel, which is/was actually just a renamed firefox on debian doe to license issues

fuck off pablo

>Search engine
searx.me
>source code on github
>can host your own

Uselful addons for FF
uBlock Origin
Privacy badger
HTTPSEverywhere
HTTP by default
No resource URI leak
Canvas Blocker
Decentraleyes
Certificate Patrol

Things to do
Stop posting on 4chins or teh webz in general since most sites relay on Google for captchas and analytics and go back to IRC. That's where the cool kids are.

Hardened browser is better than a dedicated security browser

>Hosts File
>Add all google analytics shit and friends
>Add all this shit
github.com/StevenBlack/hosts
>Chromium with no google sync shit
>Add u matrix
>Add u block
>Add self destructing cookies equivalent

Done

Forgot to add, Harden Firefox by using a better config file

github.com/pyllyukko/user.js/

also this: addons.mozilla.org/en-Us/firefox/addon/canvasblocker/
because of this: browserleaks.com/canvas

SOMEONE POST THE TINFOIL HAT BINGO!
thanks

see

searx is actually nice, beginners should be reminded to change the default engines to their likings (remove endgines they dont need), to speed up the whole thing

>97.56% (4318 of 176794 user agents have the same signature)

What does this mean?

What's the most up to date guide on GPU passthrough? All the ones I find involve the kernel messing with, and that's not needed anymore

>posting on Sup Forums which uses Google recaptcha and uses Google analytics
>breaking out of the botnet

inb4 use a Sup Forums pass
That doesn't stop Google analytics and Chinkmoot as well as PayPal have your payment information.

en.wikipedia.org/wiki/Canvas_fingerprinting
That's some evil shit.

>just give up guys
>follow my example
>here is my butt
>just push it in
>everyone is welcome

That's not what I'm saying.
I'm saying in order to start, you'd have to ditch Sup Forums as well.

Ungoogled chromium contains all the iridium patchsets, plus the debian ones, plus the inox ones, plus their own custom patchsets.

Read the FAQ dumbass. It explains exactly how to install extensions from the chrome webstore.

So because Sup Forums is bad when it comes to privacy we should give up our privacy for the whole world wide web?

I paid for my pass with anonymous bitcoins.
And I block GA with uBlock

>And I block GA with uBlock
lmao, google still gets your ip with the captcha, retard

/tread

I don't have a captcha, and I made sure its iframe is blocked anyway. Also I use a VPN.

I don't speak russian.

/thread

>implying I do all my browsing from this IP

It's a worthwhile gain to wall off what you can from Google even if you can't hide everything. Don't fall into the trap of thinking that if you can't plug every single leak in the world, then you shouldn't bother doing anything at all. That is false.

proxies are against the rules user

Not if you have a pass. You get an exception from that rule.

use tor.

I don't know, most of the methods in this thread shield you primarily from advertising companies. If that's the goal, go right ahead.

Should you be *directly* be targeted by a state sponsored actor, you're pretty much fucked unless you turn to the most extreme methods (such as dropping off the grid entirely), using stolen identities etc.

I'm already pretty extremist when it comes to my personal data, I do not exist to google or any social network. There are no pictures of myself (as far as I am able to tell) on the web either.
But that's mostly due to not even once using my real name on the web, with all it's drawbacks.

>>Should you be *directly* be targeted by a state sponsored actor, you're pretty much fucked
Well its also the case that targeted surveillance is more difficult and expensive for three-letter agencies by orders of magnitude. That makes defending yourself and others against easy, cheap, dragnet mass-surveillance a worthwhile endeavor. And a lot of what you need to do to do that is the kind of stuff you want to do to defend against ad companies anyway.

Then leave the thread

How is iridium safe? I thought not even chromium is debotneted.

The sticky has everything you need

Ungoogled chromium contains the iridium patches so use it instead see Anyway, its safer because it removes all known telemetry and tracking methods currently integrated into chromium. It applies patches to skip over that code and make the browser believe it was successful in uploading the information.

The Protonmail app doesn't send notifications without Google Services on your phone, but you can read and send mail, FYI.

Not gnu/linux but rather any OSS OS.

Linage os, replicant

It cant be done you dumb nigger, Intel ME and AMD PSP have put the botnet into the hardware layer, any pc past 2006 ish is hardcucked.

It can be completely disabled in some PCs up to about 2009, and badly crippled in one or two newer i-series chipsets.

So, not all computers, but it is pretty bleak.

The only thing I need help doing to break out of the bother is convincing my friends to use apps like telegram or signal instead of Hangouts.

If the CIA cares enough to be looking into your activities then yes, you're fucked. If they're not then all you're really preventing is megacorps from having your information.

Not getting your shit tracked is worthwhile even if you're not worried about the CIA. Stuff gets hacked sometimes. How do you know some Russian douchebag isn't going to hack Google and leak your shit to the public?

Like anyone cares that you jerk it to cartoon dogs fucking lolis

Modern firefox is literally turbobotnet. Meanwhile palemoon explicitly removes botnet features from firefox on top of hardening it and responding to firefox CVEs much faster than mozilla does (by months!).

Additionally, you should use firejail to isolate everything. This prevents the botnet from knowing specifics about your environment (though of course your hardware can still clue the botnet in).

I'm currently using Tor for everything except Sup Forums and I have Debian. Have I escaped?

Add LibreJS and html5 everywhere.

No because both tor and debian are botnet.

Source? Tor is listed in the leaked NSA documents (Snowden) and the New CIA documents (Vault 7) as a "Catastrophic threat" and debian has been audited a bunch of times.

>debian
>audited
HAHAHHAHAHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHAHHAHAHAHAHAHAHHAHAHAA MY FUCKING SIDES!

Use coreboot. Libreboot is sjw

Tor exit nodes aren't safe. Tor browsing of clearnet is pointless. Tor browsing onions is fine as long as you stay out of 14eyes.

Safer to use a vps in Switzerland and ssh tunnel.

OS Alpine Linux
Devuan
Slackware
Freebsd
Openbsd

freebsd and openbsd (openbsd: by design, freebsd: by incompetence) are hypercompromised. Install Hardened Gentoo.

Ungoogled chromium with
Ublock origin
Https everywhere or kb ssl enforcer
Disable Java by default

There's some good roms for android getting around. Nano rom for s6 is one of the best with microg

S4 and s5 have a balance between hardware and community support.

Conversations on self hosted xmpp is the current champion of im

Still need the firmware to communicate with the hardware backdoor. If you're packet sniffing, software and hardware firewall, ip tables are strong and your system is encrypted to stop cia niggers then you're good

nigger do you even have any idea how tor works?
it doesn't matter if the exit node isn't save, because you're still behind 9001 proxies

tor is save, all the "hacks" and "compromize" meme crap is related to other stuff that may expose identity like running flash or javascript when using tor

>coreboot
this is a thread against botnet, not pro-botnet

Just let the exit node see everything you're doing, right. You're a joke. That's why they say don't log on to your Facebook through tor. Tor is only useful for the 'deep web' onion sites.

>using post 2006 hardware
your problem

Explain. Libreboot is deranged, the devs are out of touch with reality. Coreboot doesn't have backdoors or work for government entities

>everything
yeah right, like the 2-3 things til the next exit node cycle, you have no idea

It is a vulnerability. Tor nodes work through proximity too so it can be exploited

>Break Out Of The Botnet General
Pretty easy. Don't use proprietary software.

chromebook = usb encryption "tokens" with private/public key exchange + read-only frimware (physical screw)

also Windows 10 if u create secure domain for it

aslo Linux had one of the largest botnet few years back, cuz nobody suspected it would have any

...

I laugh in your general direction

I had a similar issue trying to get my friends off of Facebook. I was able to convince them by showing them how shit messenger was feature wise compared to telegram. Not sure if Hangouts is any good in that respect tho

How do I purchase online without being tracked? What are some good online markets that take Bitcoin? I'm also too pleb to use anything other than coinbase, how do I get anonymous Bitcoin?

Hardware wallet or local wallet. Trade your btc for eth or monero