Comrades, we need a thread on privacy. Any decent activist should try ways of staying anonymous on the web and prevent being tracked by governments and corporations.General tips===* Use free software as much as you can.* Use GNU/Linux and keep it up-to-date, to be sure that you don't have unpatched security exploits* Don't use Flash Player, use youtube-dl instead for watching streaming videos online* Do not use Google, use DuckDuckGo or StartPage instead* Use a password manager like Keepass or for GNU/Linux users keepassx. Create new passwords for every site that you visit and use a strong password as a master password. A tip for easy remembering of your master password is to use a sentence. "i fucking love cookies and tits!" with extra capital characters etc. is easier to remember than some random characters and long enough to prevent brute force attacks of any kind.* Use the Tor Browser Bundle if you really want to stay anonymous.Firefox====* Go to Preferences -> History and set History to "Never remember history". * See for additional tweaks:
https://github.com/amq/firefox-debloat and
https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-securityAdd-ons-----------* Use uBlock Origin for preventing tracking etc. Bonus: use hard-mode to manually whitelist external domains on sites. Don't use uBlock but be sure to use uBlock Origin
https://github.com/gorhill/uBlock/wiki/Blocking-mode:-hard-mode* HTTPS Everywhere* DecentralEyes: prevents CDN hosting from tracking you (Google for Jquery etc.)* Self Destructing Cookies: only allow cookies that you choose to allowOS==* Encrypt your hard drive or home partition at least* If you use GNU/Linux, you can try to restrict systemd or syslog from logging. * Use a distribution which takes security seriously. Also, be sure that you don't install a lot of things outside the repository. It will cover most of your needs.Real life tips===* Pay with cash if you canFeel free to provide tips to each other comrades!
202 posts and 20 image replies omitted.>>14608appreciate the reply. So it's a lack of connectivity or infrastructure that's the main reason something like mullavad doesn't exist outside the control of the west, in a country mentioned above?
Wouldn't almost anything resembling it, run and controlled outside the west, be an attractive service for many global citizens? Hosting, vpns, vps, whatever.
So it wouldn't have the same connectivity as something based in the west would have, but wouldn't some service be operable on a smaller scale?
I want to coreboot my trusty thinkpad but it seems I chose a bad time to do it.
https://www.techradar.com/news/good-luck-getting-a-raspberry-pi-anytime-soon-unless-you-want-to-buy-thousandsIs there anything else I can use to securely flash a motherboard?
>>14691As someone who tried and failed to coreboot, did you even read the most basic guides you total…comrade :)
The other option to the Pi is a chip flasher. I got the recommended one from alibaba for a few dollars. When it arrived, detailed reading (500 tabs open) revealed that some of these flashers have a manufacturing defect or something that causes them to output the wrong voltage or something.
I took a chance and went ahead. Failure happened when I couldn't actually get the pomona clip to securely attach to the bios chip so that a data connection was made.
It's probably because my sight, just could not see wtf was going on, shits too small. Spent a couple of hours but only got the connection operating one time. Planning on trying again with a magnifying glass.
Can't remember the type of pomona clip chip flasher, now but it's mentioned a couple of times in the most popular guides.
>>14697Wait I thought you needed a device (like a raspberrypi)
and a CH341A Pro with a SOIC-8 clip? Now that I read a bit it seems the CH341A Pro is an alternative to using a raspberrypi.
Lmao I feel retarded now, I do need to RTFM…
>>14595Nobody else see the value in a mullavad-style service based outside the n+1 eyes countries?
Can't understand why nothing similar exists already, even if only for PR purposes.
>>14815Can't understand the negativity and discouragement tbh.
Why would it have to be government-sponsored? The popular western vpn + hosting services aren't technically government-sponsored but very government accessible. The service would be as ostensibly distant from local government as any western vpn service.
Are there not many people outside the west, as well as many western leftist types like me, that would pay something for a service based outside the n+1 eyes countries?
Firefox is pretty much the way to go. Based off of Netscape, probably the most used browser out there so generic against potential fingerprinters, modern and sleek, etc. You probably already have it installed, or have yet to fetch it from your distro's repo, who knows.
There are countless hardening guides out there for Firefox. Generally you want to disable Pocket, WebRTC, telemetry (sending data to Firefox's servers as a sort of feedback) blah blah blah. Take a gander:
https://web.archive.org/web/20181031171622/https://www.privacytools.io/#about_confighttps://chrisx.xyz/blog/yet-another-firefox-hardening-guideJavascriptThis will probably be your biggest worry after fucking around in your settings and about:config, as it concerns privacy, unobstructed use, CPU usage, important stuff. There are several add-ons that deal with this. Definitely get LocalCDN. LibreJS deals similarly with essential Javascript code that has restrictive licenses, which might be a worry to varying degrees. Apart from that, uMatrix is fine-grain as hell. uBlock Origin also works alongside all of these as a convenient blacklist for ad-fuckers.
https://www.localcdn.org/https://www.gnu.org/software/librejs/https://addons.mozilla.org/en-US/firefox/addon/umatrix/https://ublockorigin.com/ProxyingScroll down to the bottom of General Settings. Click on the button for Network Settings. Check Manual Proxy Configuration and put 127.0.0.1 in SOCKS host and the port whatever your OpenVPN or Wireguard or TOR is running on. For TOR I think it's 9050, look it up idk. Check "Proxy DNS when using SOCKS v5", DNS is easily the biggest weakness and most common cause for slip-ups when proxying.
Search engineYou want something that doesn't collapse because you can't run their precious Javascript and to not instantaneously ping a 3- or 4-letter agency's server farm. Duckduckgo.com is alright, also poke around the instances on searx.space.
>>15518But tor explicitly allows for SOCKS5 proxying. In many cases its better than vs not doing it, also TB is extremely limited in functionality for "heavier" web applications, like even Element/matrix with a lot of people / rooms chatting (SOCKS5 proxied Element Desktop is then preferable).
Another similar area is also RSS. Most browsers, including Firefox (and TB) removed support and you're thus forced to use a standalone application. Here again its better to torify the traffic via SOCKS5 proxy than vs not doing it.
Wouldn't you agree?
>>15525torsocks doesn't work for all uses and isn't guaranteed to route everything
shell out some time and use whooonix instead
>>16110No, why?
My statement has nothing to do with tor "speeds", I know the tor network is on average several times slower than your regular connection due to onion routing. I'm talking about how fucking weird and wonky the presumably JS code is. Like you will press a button and it won't even register. Other buttons will work sometimes but also not, refresh will be unresponsive, etc.
>>16112 (me)
Even to the point where I will have a less buffer:y experience streaming video through invidious, than I do Piped, and the prior is supposedly abandoned shitware if you take the word of the Piped people.
>>14809you can set one up yourself with some server management and web programming know-how and a small amount of money capital
VPNs in five eyes countries are more desired though thanks to stable high speed ISPs and lack of serious censorship
>>2111Some tips:
* Install GNU/Linux. Start with Linux Mint. If you want to dual-boot get another SSD or use windows disk management tools to shrink a partition (reserve at least 60GB for GNU/Linux). If you want to learn more advanced GNU/Linux skills, there is a free book at:
https://linuxcommand.org/* Use Tor Browser when you can but do not log into any accounts when you are using Tor, unless you access that account always from Tor
* Encrypt your email:
https://emailselfdefense.fsf.org/en/ Also note that you can encrypt files with GnuPG (use tar to pack up files and then use gpg's –symmetric option). If you need an email client program, Claws Mail is a good free software email client that has a GUI.
* Clean meta-data from your files that you upload or send. Use exiftool or something.
* Use Firefox with arkenfox user.js or Ungoogled-Chromium
* Use SearX or SearX-ng as your search engine:
https://searx.neocities.org >>21300disroot is a good email provider if ur not willing to set up ur own
they have a tor proxy
u can set up torsocks through socks5 settings on claws mail or thunderbird/icedove
>>24720There was some shit online around Oct 7 like
>Hamas kept their plans secret using this one simple trick: Huawei phonesbut to operate on western networks they would have to have the same backdoors as western phones, right? When will chatGPT write secure firmwares for the box of old phones I got here.
>>24709glow
>>24738lol is this true? vry funny if so. however i dont see y israel/NSO needs a backdoor for the phones. they already own all the celullar towers. so in a theoretical world were hamas ain't an Israel proxy, and they rly is playin cat and mouse, can't they jus man-in-middle crack the channels and chats? is there sum insane Chinese-encryption scheme im unaware of?
>>24709Go back, feds.
>>24740Is it as safe as an i2p outproxy?
>>24744 (me)
Wait a sec. Why not just use an i2p outproxy instead of a VPN or proxychains? VPN leaks your IP address to your VPN provider and your VPN usage to your ISP provider. And VPN through i2p adds an extra performance hit. And proxychains are static unless you constantly change them yourself, neither do they provide encryption. And VPNs and proxies weren't designed for anonymity in the first place. So what do VPN through i2p and proxychains do better that an i2p outproxy does not?
>>24742>lol is this true?yeah there was some reports at the time
>they already own all the celullar towersexactly, which is why the reports seemed like bullshit
>>24745>very good tip indeed.what is a very good tip?
Unique IPs: 13