Security

what distro d you reccommend?

Thanks for this
I hear Snowden uses QubesOS, I'm fine wih Manjaro. Look into Libreboot/Coreboot

Be sure that you dig into about:config before doing anything.
>>browser extensions: uBlock Origin and uMatrix. Use as few extensions as you can because it makes your fingerprint less unique.
>what's blender
Also self-destructing cookies, decentraleyes, greasemonkey and https everywhere.
>>e-mail: ProtonMail and throwaway addresses
cock.li and tutanota are good too
>>chat: Signal
>shilling for botnet
How much do they pay you? Jabber.
>>online storage: Google Drive. There is no proof you can trust encrypted cloud storage services, therefore the best solution is to upload it anywhere in an encrypted form.
>having google account
Your own cloud storage.

pastebin.com/nhvh5YiF

For everyday use, a hardened Debian or OpenBSD is great with LUKS. Don't forget to encrypt swap and temp folders, too.

>>shilling for botnet
Any proof?

>>having google account
Don't be silly. It doesn't matter for Google whether you have an account or not, they can identify you. It is completely irrelevant where you upload your files because they are encrypted.

*if they are encrypted

woops, wrong Sup Forums pastebin

here is the guide on security pastebin.com/5XfDX4wL

User agent randomizer, uBlock, uMatrix, noscript

>protonmail
PGP is better. cock.li is literally the best email provider for privacy, that it's run by one random guy with joke names makes it specially embarrassing for current e-mail providers.
>GCHQ? Impossible
No. All modern hardware are backdoored, but the backdoor is too valuable for them. They would prefer to not pursue you if you're not valuable enough for them to give up the secrecy of their universal backdoor. Similar with software, if you take proper precautions you can limit their options to expensive 0-day exploits or even fancier (and more expensive) targeted cracking.
Anyway, here is some good advice
prism-break.org/en/
privacytoolsio.github.io/privacytools.io/

## Baseline

Harden the router and the OS (Not windows, Linux Mint or anything *buntu related)

cons: systemd init
pros: Gentoo, BSD and their hardened derivatives

PGP is fine for random mails to friends into gaymes and 18+ female contacts, but do not blindly trust shilled techs like PGP as, historically, an old version that the NSA didn't tamper with is nearly unreacheable now.

If you're following me, the version is 3.6 and the developer talked about it, related to NSA backdoors, many years ago. Lurk more if interdasted.

Same with TOR. Casual normie shitposts are fine on TOR IMHO simply because the more people use it, the more the NSA has to werk hard on it.

Browsers, +1 for Icecat and deleting unneeded about:config botnet as SafeBrowsing and Crapphishing by GOOGLE INCORPORATED.

Use any addon that randomizes your browser.

OBFUSCATION is far superior to the shitty idea that hiding into a group of sheeps make you smart.

VPNs are a joke, it has been proven many times with serious studies and real life cases of LAW ENFORCEMENT vs various criminals from loli-lovers to shitcoin bois.

BTW you can fake using a VPN with an addon or proxy that modifies some headers and puts a random IP of various VPN in it. It works.

Good luck w/ your endeavours.

FreeBSD security is a joke, and OpneBSD is a PIA. I would recommend NetBSD if you are a BSD fanboy, but better options are in the Linux world. GuixSD, Gentoo or Source Mage, those are the distros you would care.

When I'm paranoid it all seems like a really good idea but when I have more clarity it all seems like a lot of work for nothing, Still a good learning exercise though.

Too bad people confuse being paranoid with being exaggerated. In this day and age everything happens.

> but the backdoor is too valuable for them
They'd just do a parallel case against you that adheres to the law.
They're fucking GCHQ. They could turn you in to a child-raping terrorist demon from Hades even if you were the nicest person alive.
In fact, being the nicest person alive would get you ON many watch-lists, ironically.
Your nice-to-cunt ratio would be too high on the nice side.

if they HAVE your shit, they can plant ANYTHING they want on it, fake the dates and be done with it.
Even if they got the best forensics experts on it, it'd matter not because it is trivial to write over stuff on drives to make them seem older than they are. (SpinRite does the opposite, it does this to re-align to ensure integrity)
All it takes is write your target data, invert 5 times, finally your target. Boom, "imprint" on the disc that seems older despite still being freshly written.

Just don't fucking piss off GCHQ and you're fine.
If you HAVE to do some super duper ultra hacker stuff, fucking buy a RPi at Maplin with cash dressed up in drag, and only use at McDonalds / Starshmucks.

Hello, I work at CISEN here at Mexico, every user that acces to Sup Forums immediately gets flagged and traced for a month using some Israeli SW.

Considering we are third world, you're fucked.

...

Are Whonix and Tails honeypots? Has Tor been compromised?

>Google drive, signal and verashit
Disregard this completely

Just because the technology doesn't exist now doesn't mean it wont. You're an absolute fool if you don't run your own home server.

...

>Silence for text
>Self hosted XMPP with conversations.im for IM
>Tox or kontalk/redphone
>Self hosted email with pgp + protonmail + throwaway emails
>OpenVPN and ssh for server running hardened debian. Everything fully encrypted with dmcrypyt/luks. Use initramfs/dropbear with usb for remoteheadless boot.
>Password manager keepassxc
>Copperheados for phone. No gapps everything foss.
>no form of social media

So your connections are through an open VPN server you own?
Isn't that kind of useless for the purpose of stealth navigation?

It's mostly for use on untrusted networks and access to other things on my network like my router or plex.

If you want stealth browsing use ungoogled chromium or iridium with kb ssl enforcer, decentralyes, ublock origin or umatrix.

I don't use debian on my main pc, thinking about setting up a dmz as well.

Secondly you could pay for a vps in a privacy respecting country like switzerland and setup another vpn or ssh tunnel.

>privacy respecting country like switzerland
Is Switzerland a honeypot, though?

>recommending CBC mode for FDE in 2017

the one question I always had about this is - has there ever been a file system / OS devoid of all timestimes at all levels? Systemclock and that's it?

>Has Tor been compromised?
Never.

two academics were about to present a vulnerability, but they got silenced by their superiors

Source?

Why is the flag flying upside down?

Signal of distress or an expression of discontent and protest.

Know that you're not anonymous online just like everyone else, so use that to your advantage

create your own ISP