No.2111[View All]
Comrades, we need a thread on privacy. Any decent activist should try ways of staying anonymous on the web and prevent being tracked by governments and corporations.General tips===* Use free software as much as you can.* Use GNU/Linux and keep it up-to-date, to be sure that you don't have unpatched security exploits* Don't use Flash Player, use youtube-dl instead for watching streaming videos online* Do not use Google, use DuckDuckGo or StartPage instead* Use a password manager like Keepass or for GNU/Linux users keepassx. Create new passwords for every site that you visit and use a strong password as a master password. A tip for easy remembering of your master password is to use a sentence. "i fucking love cookies and tits!" with extra capital characters etc. is easier to remember than some random characters and long enough to prevent brute force attacks of any kind.* Use the Tor Browser Bundle if you really want to stay anonymous.Firefox====* Go to Preferences -> History and set History to "Never remember history". * See for additional tweaks:
https://github.com/amq/firefox-debloat and
https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-securityAdd-ons-----------* Use uBlock Origin for preventing tracking etc. Bonus: use hard-mode to manually whitelist external domains on sites. Don't use uBlock but be sure to use uBlock Origin
https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-mode* HTTPS Everywhere* DecentralEyes: prevents CDN hosting from tracking you (Google for Jquery etc.)* Self Destructing Cookies: only allow cookies that you choose to allowOS==* Encrypt your hard drive or home partition at least* If you use GNU/Linux, you can try to restrict systemd or syslog from logging. * Use a distribution which takes security seriously. Also, be sure that you don't install a lot of things outside the repository. It will cover most of your needs.Real life tips===* Pay with cash if you canFeel free to provide tips to each other comrades!
No.14589
So is there some obvious reason why there isn't already a venezuelan mullavad?
No.14590
Why would you use a VPN instead of Tor, except torrenting? For torrenting, why would you use a VPN instead of I2P?
>>14563There's also a need to host Tor nodes in those countries. Too many Tor nodes are in Germany.
No.14591
>>14590Are you talking individual users or leftypol as a whole?
Making leftypol an onion based site would be less feasible for 3 reasons:
1.tor is slower
2.tor only sites are more vulnerable to CP spam
3.most users don't connect via tor
No.14592
>>14589Well one obv reason is that the target demographic is usually liberals/proprietarians and so they would definitely not touch anything to do with heckin authoritarian socialist dictatorship Vuvuzuela
>>14590>Why would you use a VPN instead of Tor, except torrenting? That's a major reason. Also for a lot of regular stuff that needs login.
>For torrenting, why would you use a VPN instead of I2P?Because by comparison to "regular" trackers I2P is virtually unknown and barren. But I
wish this would change.
>>14591leftypol.org already has an onion server btw, I'm using it right now:
http://76i2c3hn55fcj5nut3tqlboqqbbh23zvphv7lefk3vftpx6wketlanyd.onion/tech/res/2111.html No.14593
>>14590hey Nym is a project which seeks to solve this problem. It's a paid mixnet that uses a blockchain to pay server providers to incentivize thirdies hosting servers instead of CIA hosting them. It's entering the final stages of deployment to mainnet now, i'd expect it to be ready for mass use in like 6 months but idk they keep promising to release more papers and shit and delay, so who knows. There's not like a browser for it rn…. but yeah anyways it exists and has potential
No.14594
>>14593also the threat model they developed it with is with the understanding that an adversary could theoretically see the whole of all internet connections, rather than tor basically hoping this doesnt exist… which works for now but has holes. nymtech dot net for their site
No.14595
>>14592>Well one obv reason is that the target demographic is usually liberals/proprietarians and so they would definitely not touch anything to do with heckin authoritarian socialist dictatorship Vuvuzuela There should be a viable global market for this though, you're maybe looking at this from a western-centric point of view.
Mullavad is a service based in the west, available globally.
So is there some other obvious reason why there isn't already an equivalent to mullavad, except based outside the west? Venezuela was used an example, there are other suitable countries mentioned in the thread.
>>14590>Why would you use a VPN instead of Tor, except torrenting? For torrenting, why would you use a VPN instead of I2P?The discussion isn't about Tor, it's about the lack of vpn services that are based outside the west. We don't seem to be able to answer why this is, so far.
>>14588>>>14557>idk why i said that in a way implying i could help currently, sorryhey no need to apologise, we're just kinda shittalking tbh. I think there's something there though, unless I'm missing something.
Again, is there some obvious reason why there isn't already a venezuelan (or similar country) mullavad?
No.14596
>>14595>the lack of vpn services that are based outside the west. We don't seem to be able to answer why this is, so far.Because internet and hosting in these countries
>>14563 is unreliable, slow and expensive.
No.14602
They wanna make Signal illegal in Belgium now. Don't know if Matrix clients stand a chance if this shit really gets implemented
https://www.standaard.be/cnt/dmf20220429_94515802 No.14605
>>14596Seriously, is that the main obstacle preventing something like a mullavad in those countries?
Isn't every country basically connected to the same internet these days? Like, this operation would be based in the capital city connected to the national backbone or whatever, so why would it be prohibitively unreliable, slow, or expensive? Everything should be cheaper in these countries, I thought.
No.14608
>>14605backbone/upstream networks are only as strong as the volume of traffic in downstream networks
Europe has a whole bunch of intra-regional IP routing providers like say Portlane with massive amounts of traffic, so they have higher connectivity on the internet as a whole as a result, as opposed to a country with a smaller amount of traffic coming from its backbone routers
No.14620
>>14608appreciate the reply. So it's a lack of connectivity or infrastructure that's the main reason something like mullavad doesn't exist outside the control of the west, in a country mentioned above?
Wouldn't almost anything resembling it, run and controlled outside the west, be an attractive service for many global citizens? Hosting, vpns, vps, whatever.
So it wouldn't have the same connectivity as something based in the west would have, but wouldn't some service be operable on a smaller scale?
No.14682
>>14620I want leftypolavad.ve please.
No.14691
I want to coreboot my trusty thinkpad but it seems I chose a bad time to do it.
https://www.techradar.com/news/good-luck-getting-a-raspberry-pi-anytime-soon-unless-you-want-to-buy-thousandsIs there anything else I can use to securely flash a motherboard?
No.14697
>>14691As someone who tried and failed to coreboot, did you even read the most basic guides you total…comrade :)
The other option to the Pi is a chip flasher. I got the recommended one from alibaba for a few dollars. When it arrived, detailed reading (500 tabs open) revealed that some of these flashers have a manufacturing defect or something that causes them to output the wrong voltage or something.
I took a chance and went ahead. Failure happened when I couldn't actually get the pomona clip to securely attach to the bios chip so that a data connection was made.
It's probably because my sight, just could not see wtf was going on, shits too small. Spent a couple of hours but only got the connection operating one time. Planning on trying again with a magnifying glass.
Can't remember the type of pomona clip chip flasher, now but it's mentioned a couple of times in the most popular guides.
No.14699
>>14697Wait I thought you needed a device (like a raspberrypi)
and a CH341A Pro with a SOIC-8 clip? Now that I read a bit it seems the CH341A Pro is an alternative to using a raspberrypi.
Lmao I feel retarded now, I do need to RTFM…
No.14719
>>14699like I said if you're getting the CH341A make sure it's the exact model that gives the exactly correct voltage for coreboot, there are versions…I got a clip + CH341A kit on ali
No.14809
>>14595Nobody else see the value in a mullavad-style service based outside the n+1 eyes countries?
Can't understand why nothing similar exists already, even if only for PR purposes.
No.14815
>>14809>government-sponsored VPN serviceyeah not sure that'll go over well
No.14846
>>14815Can't understand the negativity and discouragement tbh.
Why would it have to be government-sponsored? The popular western vpn + hosting services aren't technically government-sponsored but very government accessible. The service would be as ostensibly distant from local government as any western vpn service.
Are there not many people outside the west, as well as many western leftist types like me, that would pay something for a service based outside the n+1 eyes countries?
No.14851
What's up with the Tor guard system? Is it trustful?
No.14928
>>14851yeah you need to trust the guards somewhat. It relies on statistics or smth to assure you that its a better system than the alternative, which is just random circuits, but if you run anything you want to be secure (like a service accessible over Tor i mean) you have to host your own tor nodes and specify them as guard nodes or you're taking chances
No.15517
Firefox is pretty much the way to go. Based off of Netscape, probably the most used browser out there so generic against potential fingerprinters, modern and sleek, etc. You probably already have it installed, or have yet to fetch it from your distro's repo, who knows.
There are countless hardening guides out there for Firefox. Generally you want to disable Pocket, WebRTC, telemetry (sending data to Firefox's servers as a sort of feedback) blah blah blah. Take a gander:
https://web.archive.org/web/20181031171622/https://www.privacytools.io/#about_confighttps://chrisx.xyz/blog/yet-another-firefox-hardening-guideJavascriptThis will probably be your biggest worry after fucking around in your settings and about:config, as it concerns privacy, unobstructed use, CPU usage, important stuff. There are several add-ons that deal with this. Definitely get LocalCDN. LibreJS deals similarly with essential Javascript code that has restrictive licenses, which might be a worry to varying degrees. Apart from that, uMatrix is fine-grain as hell. uBlock Origin also works alongside all of these as a convenient blacklist for ad-fuckers.
https://www.localcdn.org/https://www.gnu.org/software/librejs/https://addons.mozilla.org/en-US/firefox/addon/umatrix/https://ublockorigin.com/ProxyingScroll down to the bottom of General Settings. Click on the button for Network Settings. Check Manual Proxy Configuration and put 127.0.0.1 in SOCKS host and the port whatever your OpenVPN or Wireguard or TOR is running on. For TOR I think it's 9050, look it up idk. Check "Proxy DNS when using SOCKS v5", DNS is easily the biggest weakness and most common cause for slip-ups when proxying.
Search engineYou want something that doesn't collapse because you can't run their precious Javascript and to not instantaneously ping a 3- or 4-letter agency's server farm. Duckduckgo.com is alright, also poke around the instances on searx.space.
No.15518
>>15517>Check Manual Proxy Configuration and put 127.0.0.1 in SOCKS host and the port whatever your OpenVPN or Wireguard or TOR is running on.You can be fingerprinted if you use a custom thing like that. Just use Tor Browser Bundle like most people.
No.15525
>>15518But tor explicitly allows for SOCKS5 proxying. In many cases its better than vs not doing it, also TB is extremely limited in functionality for "heavier" web applications, like even Element/matrix with a lot of people / rooms chatting (SOCKS5 proxied Element Desktop is then preferable).
Another similar area is also RSS. Most browsers, including Firefox (and TB) removed support and you're thus forced to use a standalone application. Here again its better to torify the traffic via SOCKS5 proxy than vs not doing it.
Wouldn't you agree?
No.15526
Firefox keeps on winning (or rather, Chromium keeps on losing).
https://news.itsfoss.com/chrome-extension-tracking/ No.15531
>>15525torsocks doesn't work for all uses and isn't guaranteed to route everything
shell out some time and use whooonix instead
No.15540
>>15529Fucking chromebooks
No.15802
>>15517You can do dynamic filtering in uBlock Origin like you would in uMatrix if you toggle the "advanced" features
https://github.com/gorhill/uBlock/wiki/Dashboard:-My-rules No.15804
>>15517Also make sure you're running TOR with obfs4proxy: install the package and add it to torrc like it says in the manpage, then restart the TOR daemon
No.15832
>>15529IIRC those numbers aren't really a decent reflection of reality, but idk
No.15858
>browse websites with tor browser
>fine
>browse 4ch
>slows to an unusable crawl after 10 pages every time
>ffs
No.16109
Ok so apparently there's a "slimmed" "faster" version of a youtube proxy (in the same vein of invidious) called "Piped". But whenever I use it on Tor Browser the performance is terrible. Any code fags able to explain why that is? There's something very weird with the site code, the buggy nature reminds me of the similar displeasure of using lemmygrad.ml's weird site code on Tor Browser. What is it with both site's codebase that lends itself to such poor performance on secured browsers?
No.16112
>>16110No, why?
My statement has nothing to do with tor "speeds", I know the tor network is on average several times slower than your regular connection due to onion routing. I'm talking about how fucking weird and wonky the presumably JS code is. Like you will press a button and it won't even register. Other buttons will work sometimes but also not, refresh will be unresponsive, etc.
No.16113
>>16112 (me)
Even to the point where I will have a less buffer:y experience streaming video through invidious, than I do Piped, and the prior is supposedly abandoned shitware if you take the word of the Piped people.
No.16114
>>16110Have a response to that, faggot?
No.21296
>>21295The SKS keyservers pool recommended in this is gone now. You'll have to make do with keys.openpgp.org and/or keybase.io which require e-mail identification or keyserver.ubuntu.com which doesn't.
No.21299
>>14809you can set one up yourself with some server management and web programming know-how and a small amount of money capital
VPNs in five eyes countries are more desired though thanks to stable high speed ISPs and lack of serious censorship
No.21300
>>2111Some tips:
* Install GNU/Linux. Start with Linux Mint. If you want to dual-boot get another SSD or use windows disk management tools to shrink a partition (reserve at least 60GB for GNU/Linux). If you want to learn more advanced GNU/Linux skills, there is a free book at:
https://linuxcommand.org/* Use Tor Browser when you can but do not log into any accounts when you are using Tor, unless you access that account always from Tor
* Encrypt your email:
https://emailselfdefense.fsf.org/en/ Also note that you can encrypt files with GnuPG (use tar to pack up files and then use gpg's –symmetric option). If you need an email client program, Claws Mail is a good free software email client that has a GUI.
* Clean meta-data from your files that you upload or send. Use exiftool or something.
* Use Firefox with arkenfox user.js or Ungoogled-Chromium
* Use SearX or SearX-ng as your search engine:
https://searx.neocities.org No.21302
>>21300disroot is a good email provider if ur not willing to set up ur own
they have a tor proxy
u can set up torsocks through socks5 settings on claws mail or thunderbird/icedove
No.21948
tell me privacy wasn't as easy as just using a huawei phone
>t. actually used replicant for a few months
No.22416
What VPNs can let me post here? I have a proton sub for email but it's annoying that I can't use protonvpn here. Anyone have suggestions?
No.22818
>security + privacy thread on 4chuck was taken over by cyb aesthetic posters
whatever. it was shitty anyway
>it gets 1% better. seems neutral in a careful way. All privacy and sec attention now goes to this thread.
whatever
>lord tripfag of the thread posts podcast rec
go on
>tldr: podcast makes reasonable point about torrent of civilwar/civilunrest themed netflix content
ok
>host calls Michelle Obama "Michael Obama"
noticed
>couple of days later……
=== /cyb/ News:
Mass immigration apocalyptic dystopia in otherwise perfect nordic state. Did you know!?!
Unique IPs: 14