48

TLDR: Nothing is safe, for complete privacy, move inna woods and live like a caveman

TLDR2: If you're not a glowie, currently the most private setup is to have a 2nd hand laptop, running non-persistent Tails on starbucks wifi. Never use your home internet, real name, don't reuse usernames or passwords. Memorise as much as possible, don't write shit down anywhere.

Ok, so for most of us that isn't possible. However I do see a lot of posts on this forum that are, unfortunately, wrong, or at least unintentionally misleading, so I want to try clear things up a bit.

Specifically, questions like "best VPN", "best cloud storage" etc. seem to come from people who are quite new to online privacy, and tend to come from the wrong mindset. Namely, that any data you store on networked hardware, or anything 'cloud', then you must assume that it has been harvested by LE and will be available for them to review at any point in the future. The old adage of "there is no cloud, it's just someone elses computer" applies here.

Are you a fat pedo with 100TB of CP? Are you a darknet heroin seller? Are you a journalist in China? Are you a (god forbid) free-thinking citizen who does not 100% agree with the current narratives?

This matters, and does dictate the level of opsec you need to implement.

IF YOU ONLY CLICK ONE LINK, MAKE IT THIS ONE This is quite a comprehensive guide, which covers most privacy basics -

https://anonymousplanet.org/guide.html

KICK JACK & ZUCK OUT OF YOUR LIFE FOR GOOD List of alternatives to big tech platform, fediverse etc

https://wiki.techxodus.org/en/home

and

https://gitlab.com/FSMdotCOM/foss-front-ends-and-alternatives

If you have more time, understand that cybersec is always evolving faster than any individual can keep up with. Get to know the history of the field, the motivations of LE which make our lives oh so wonderful, and learn how to mitigate against them.

These are good places to start:

https://en.wikipedia.org/wiki/Global_surveillance

https://en.wikipedia.org/wiki/List_of_government_mass_surveillance_projects

https://en.wikipedia.org/wiki/ECHELON

I'M NOT A CRIMINAL THOUGH neither were Charlie Chaplin, Princess Di or John Lennon... but they're on this list:

https://en.wikipedia.org/wiki/List_of_people_under_Five_Eyes_surveillance

INCENSER, aka intercepting traffic from the backbone of the internet

https://www.electrospaces.net/2014/11/incenser-or-how-nsa-and-gchq-are.html

DARKWEB Safer - never use JS, never maximize the Tor window, assume that one day you'll be caught anyway. Not going to hold your hand here but d/Opsec is a good place to start.

(Edit: There was another subdread (d/DNMbusts) that had lots of useful info but it appears to have been deleted. However, the general idea of looking how people have been caught and mitigating against those methods is a useful one, and lots of useful info can be found on this on the clearnet.)

Start here, you're on your own from there on -

dark.fail

or its DN address:

darkfailenbsdla5mal2mxn2uz66od5vtzd5qozslagrfzachha3f3id.onion

Even then, you're not safe, know that a lot of universities, LE and other people that don't know how to have fun spend a lot of time trying to 'disrupt' the dark web.

Pastebin link discussing how people are deanon'd on the DN:

https://zerobin.net/?e7bb1676c24b4bda#kZhNYD3L8zfBYE/5nNfv86eZLPw+crCtb3TkP0T7v4w=

and how this was done:

https://zerobin.net/?5381524b75d99885#krVptUhQzB1fkFaGW6HhfEvAAGtUh6QGtHr7jTxggpY=

Using AI to track people in TOR:

https://news.mit.edu/2019/lincoln-laboratory-artificial-intelligence-helping-investigators-fight-dark-web-crime-0513

Shit can, and will, come around to bite you in the ass. Here's a guy that got sentenced in 2021 for doing something in 2011:

https://cointelegraph.com/news/alleged-366m-bitcoin-mixer-busted-after-analysis-of-10-years-of-blockchain-data

Understand the importance of FUD and the emotional techniques behind it - you can only defend yourself against it if you know what it is and how it works.

FREE SOFTWARE Only use open source software you can audit yourself. If you absolutely need to open a binary, scan it with something like Malwarebytes, open it in a VM, run it through Ghidra, thanks to the boys at the NSA

https://github.com/NationalSecurityAgency/ghidra

That's all I have for now. Please let me know if I got anything wrong, feel free to share this. (If you really want to know, I think Mullvad is the best VPN). Also happy to answer any questions, but just know that I'm no cybersec professional, just a retard with a keyboard

And remember - you just run them over

https://invidious.namazso.eu/watch?v=AbG6u86t4bA

Edit: Thanks for providing more useful links in the comments.

I'll keep adding useful links as I find them too, they are:

List of companies that aren't pozzed by communists: https://www.cancelthiscompany.com/News-Alt-Tech-Outlets.html

Another useful site with lots of general info: https://www.privacytools.io/

I'm currently using Proton email, however I think I read on here recently that it wasn't as private or secure as it's purported to be. What email services would you recommend?

13

I've been paying two phone bills for eight months trying to unravel my old phone number from everything on my business letterhead and stuff, move my voice mail, bla bla bla. I'm finally there, ditching the old phone number and now only giving out my phone.com voice mail number.

I will soon have a website so anyone that googles me can send me a message, I'm not as concerned that people from the past won't be able to find me.

Yep then that's it. I have a flip phone but the only people with that number are my wife and the two folks at the front desk at work, nobody else gets it. Otherwise nobody knows that the number I give out is vm only.

I have a PinePhone64 that I can use for this or that but I need to ditch my carrier account and switch to prepaid, and even then I don't think I'll use it much. Like I really need to "do banking" in line at Panda.

13
22
13

You guys think the FBI will be able to get any data off his phones they siezed? James seemed pretty confident on Hannity tonight that they have his data now. If he had his two iphones fully updated and didn't use iCloud backups with a strong passcode, what are the chances the FBI will be able to get in without a new 0day bug being discovered?

Hello, I am in the process of transiting to controlling my own email home server Hilary Clinton style. Any suggestions for servers?

The ideal solution to me is something of this nature:

  1. Water proof and rated.
  2. Fire proof (30 mins+) rated.
  3. Raid 1 or higher, with two (or three) drives for replication.
  4. No fans for noise
  5. Minimalist, running linux or openbsd.
  6. High reliability

RAM or disk sizes are not a problem (i.e. I can go very low because no games).

Does no one offer DURABLE servers as a package deal, to protect ones most important data...? It seems providers assume the facility will provide the protection so the servers don't have this protection, but for a home server I don't have this 'facility' in place...

The closest I have found are https://iosafe.com (but its only the drives and no servers) and https://www.onlogic.com (has servers+ drives, but they are not rated for fire or water --- just dust and shocks).

Hello,

I'm stuck at a point where I have to use a two-factor authentication of some form.

I don't need to explain my interest in privacy and do not want to have it related to my phone (even though I might use it through my phone) or those MFA authenticators by Google or Microsoft. What would be the most privacy-keeping and safe MFA that I could use? Or relevant alternative?

Thanks!

If you have almost no idea about computer security, there's a few things you can do to trick Big Brother into thinking you must.

One of the oldest forms of security from spying is to just keep two sets of books.

Get a new security browser like Brave, Iridium or Ghostery Dawn.

When you get it downloaded, open it up and look in it's settings and go down the line telling it not to spy on you - and I mean turn security on, on nearly every setting they have.

Try to remember the kinds of settings - anti tracking, anti ads, all this.

Go to the Chrome store and look up the free VPNs that have thousands, upon thousands, of good reviews. Try to NOT select one that's obviously chinese people.

When you get the VPN, turn it on, put it's settings somewhere around you OR - conversely on the other side of your country, that's really probably a DASH safer but not too much.

I'm gonna give you a list of add-ons.

Cookie manager. All of them are similarly templated and have a box in settings that says ''Show "Delete and Block All Cookie For This Site Button.''

Also look up and get NEXTDNS's free version of their 1024 bit deep encrypted DNS requests service. This stops governments from spying on whether you just WENT to whatever web pages because you don't use public DNS - you're using the same public tables, downloaded by private people, and then encrypting for free, all your DNS requests.

This is hard to spy on and you're WAY ahead of a lot of people just with that.

If you're having ads already get another ad blocker and turn off your browser's ad blocker if you won't. Try to cover yourself but not run too much redundant security software so you don't crash sites too bad.

When you get a ''do not track/fingerprint/spy'' situation going, it helps a lot of times if you get one that gives you three settings out of the box, no security, average security and high security.

In this second browser rate all you can, ''high security.''

Tell ALL ENEMY DOMAINS like google, fagbuk, Instagram, Amazon, Ebay, - EVERYWHERE there's commercial activity that you might browse - camping gear, guns, knives, cars, stuff from Amazon YOU NAME IT - put a LINK to ALLLLLL your favorite places on this second browser.

Now. What to do with your original browser.

If your original browser has real-world information on it about you - if you have ANY google gmail, or ANY government, or ANY business, or ANY schools, or ANY other government type, REAL LIFE stuff - INCLUDING real life social media - leave it on that browser. It's already compromised, so we're gonna fix some shit.

Over the next week, month... you know... on all your sites like this, on ALL your social sites, you can easily make a new account with - make one. A new one.

For ALL places where to sign in and talk, use something like ''Email on Deck dot com.''

It's among the best of them: it doesn't give, a domain name identifying it as email on deck - it gives you a temporary box with a new, clean domain name every new day.

Get a temp email and if they won't take it - almost ALLLL places do it's the genius of this kind of temp email place, this ''new domain name for email boxes every day'' can't really be stopped without people taking extreme measures.

*For EVERY PLACE YOU SHOP ONLINE, get a LINK to it on the NEW browser.

ALL BROWSING for products to buy - do them on the second browser with all cookies blocked etc, with all tracking blocked, security high, VPN on, DNS encryption on, HTTPS on ALWAYS on,

and when you find a product you're gonna buy, go to the address bar and copy it,

open your REAL world browser, put that address in the address bar. You'll show up on that product's page on Ebay or Amazon or F-15s Are Us, already signed in, just like always with your main browser.

Click ''buy product now'' and when they confirm, CLOSE THAT BROWSER, N.O.W.

Click open. Click put address in addres bar, Click hit enter. Click ''Buy Now.'' When you see confirmation, Click close the browser NOW.

And this stops people from spying on the shit you shop for so they can brand you a Let's Go Brandon Terrorist Married Heterosexual Christianic.

DON'T shop EVER again BROWSING using your old, original browser.

Over a couple of weeks, you should start noticing your REAL-LIFE browser, NEVER comes on, unless you're gonna use REAL- WORLD only services there.

some people post on a business facebook account, whatever, and they can't avoid the advertising these large venues provide.

NEVER - EVER - visit ANY of these on your second browser. Not once not ever.

ALL real-world stuff is accessed ONLY on the original browser which you are after some weeks, going to start cleansing. Get rid of links to all political websites.

Get rid of links to ANY kind of things that tell how you think.

Clear the history of the browser once in awhile, and learn to live, letting it sit there closed, 90% of the time,

and TRY to never again go online, without being on SOME kind of VPN.

Second tip for this from me today:

So many people are only windows people. Back in the day I was a networking guy and these were all educational and court house and jail and prison and fire house, and police station customers and they are nearly ALL windows so I had to learn to be a windows mechanic, integrating wireless comms and telemetry, and wired security, with peoples' windows networks.

Also I was a twitch gamer, for a couple of years I was #1/world pub hO in a couple of first person shooter games, and I ran high capability motherboards and every last setting was overclocked, memory was, chipset was, main processor was, it was all over volted using graphite traces and small wires, that's the kind of person I am,

and one of the things I did was go into windows and manipulate about 40 different settings turning off every last thing in Windows, that wasn't named ''the game I was playing.''

I even turned off Windows explorer itself so my windows installs were all basically like Linux machines - NOTHING was automated. NOTHING happened automatically.

I dropped out of gaming and for years just ran stock windows installs that I turned off several things from memory on and that was that but last couple of years I started looking around, for a way to turn a bunch of stuff off in Windows.

There is an anti-Microsoft spying company and they give away a free app called ''OOShutup 10'' and this stands for when you're trying to do computing and windows logging ENDLESSLY, talking to microsoft ENDLESSLY, doing automatic stuff ENDLESSY just never shuts the FUCK up and your computer acts like it's computing in syrup with lumps in it.

You can turn off nearly every last byte of information Microsoft EVER to itself on your windows machine.

I watch videos, lots of gaming videos like Karmakut's Squad vids, lots of Enlisted game watching, this sorta thing I played those kinds of games as a pub hO

and I do stuff reading and writing here, and i watch a lot of news and self help videos.

Out of 80 settings where you have a green light or no light on - green meaning ''safe, not communicating with Microsoft,

I have ALL but THREE turned so the green light is on and this element of windows is NOT communicating with Microsoft.

I left on:

Allow computer to turn on built in camera Allow computer to turn on microphone for camera Allow private video app to access camera.

Those three are on, the green light is not on,

out of about 80 individual settings.

Since all this talking and pausing to log that I just opened excel, and pausing to log that I turned excel off, - ALLLLLLLLLLL this MASSSIVE machine logging and the CONSTANT automatic talking to microsoft over location, is your screen turned on, are you using ______ or _________ or ___________ or weather, or geolocation, or YADA yada fuckin YADA - this makes the computer run like it's JUST about to throw up from being so high.

That's gone again, now. My windows 10 machine runs smooth as fucking glass.

It is TRUE I set all the stuff to performance, instead of wiggling app links and .gif this, and transparent that - I turn that off anyway cause it's overhead I don't need, so that much is ALSO true but -

go get OOShutup 10 and - listen - you don't INSTALL that. You download it, you don't tell windows installer, jack shit - you OPEN the app, the switches are there, look them over, see what's going on, there's six divisions of settings for things like 'Weather' and 'Geolocation' and 'windows products updates' and 'Windows update' - stuff like that-

and you just turn stuff till the green light comes on if you don't think you're gonna be wanting them to talk about you related to that computing activity.

Your Windows will run with nearly ZERO bumps and struggles and lags.

It will run sO much smoother and you can hit ctrl/alt/delete and look at the wireless graph, all this and it'll show you every single time the computer is sending pings to the internet.

NEXTDNS talks to your networking etc a little, a few DOZEN bytes here, a few HUNDRED bytes there per minute but it SHOWS you if it's WINDOWS contacting microsoft and mine - it doesn't.

A second browser with a free VPN that has a LOT of users and a LOT of thumbs up - this means it works, at least.

NinjaVPN, VEEPN, Zenmate, Browsec,

something like this.

Where you REALLY get the guys who were gonna be using these to spy on you, is when you use NEXTDNS.

Also to check how well your stuff is actually securing you go to these websites that announce ''what is my ip?''

and that announce ''check my computer for security leaks''

and when you do this you should see that VERY fucking little gives back information about you.

There's like 35 or 40 questions machines ask other machines to identify your computer. These sites test this for you for free, and nearly EVERY last thing should come up ''We think your computer may be dead/and/or using a body double cause it isn't informing us about SHIT.''

When you're running like this, nothing important breaks because you're not talking to your BANK or the GOVERNMENT so there's no real DEMAND for authentication so you just go everywhere almost completely unknowable.

Your REAL WORLD life is kept completely closed 90% of the time except for a few hours monthly to pay bills and then: close again and use the SECOND browser,

for basically everything.

It'll take you a week or so before you hardly open the real-life browser any more.

In two weeks it'll be ONLY when you shop on the OTHER browser, and open the real-world one with your credit cards on it for shopping, paste in a product's address in the address bar, select ''buy now'' and close that browser immediately so you CAN'T accidentally forget and start prowling around your old political/news haunts cause you forget.

That's all for now I realize it's kinda long but such is the subject matter of computing ... stuff gets long.

The reason is because I don't want any of the smart phone manufacturers or associated software companies logging where I am and where I look up directions to, or what speed I'm going, or any of that shit.

At first I mounted it on the left of the driver's seat on the windshield but that blocked my view for turning left, so moved it to the middle of the windshield into a "notch" in my dash that's a little lower than the rest, so it connects to the windshield but doesn't really obscure my vision of much. I might have to watch a LITTLE more closely when changing lanes to the right, maybe keep an eye out for motorcycles a little more carefully.

The sound is fine, I can adjust it independent of what's going on with my mp3 player (yes, a separate and standalone mp3 player) for books on tape and podcasts, and now I'm not being tracked by my GPS and I'm not sending information on what I'm listening to straight to the FBI.

The screen is significantly bigger than my iphone7s, which is nice. Data is quick and easy. Up to date information on traffic and weather, update "forever" whatever that means.

15

On 28 December 2014, Der Spiegel published slides from an internal NSA presentation dating to June 2012 in which the NSA deemed Tails on its own as a "major threat" to its mission, and when used in conjunction with other privacy tools such as OTR, Cspace, RedPhone, and TrueCrypt was ranked as "catastrophic," leading to a "near-total loss/lack of insight to target communications, presence..."

https://en.wikipedia.org/wiki/Tails_(operating_system)#In_mainstream_media

Install Tails OS:

https://tails.boum.org/install/index.en.html

Persistent storage:

https://www.youtube.com/watch?v=6tSJSXTkJ50&list=PLOZKbRUo9H_qXgyGp5UVYCoGQYo9YB5E8&index=3

Chat XMPP OTR over Tor Pidgin in Tails:

[email protected]

https://www.youtube.com/watch?v=HsSssbs-Sso&list=PLOZKbRUo9H_qXgyGp5UVYCoGQYo9YB5E8&index=8

The default IRC accounts no longer there so don't have to remove them.

I feel good knowing they can't be tracked with that ultrasound thing that's going around now. I can't believe how far they've gone in surveilling us.

I never would have agreed to any of this shit had I known in the beginning. I'd still have my stereo in stereo, and read books under a kick ass halogen lamp and been happy as fuck.

Now I have to take my dang TV apart to see if it's watching my children.

68
15
16

Firefox has an exploit where it leaks DNS requests. This is critical if you don't use a system-wide VPN which is the case in many configurations.

Normal DNS tests don't pick this up, but Astril VPN's website has a test that does, and Firefox and Waterfox fail.

Combined with the fact that Mozilla is looking pretty compromised these days, it seems the best browsers are based on degoogled builds of Chromium, which is sad. What are your conclusions regarding the most private browsers?

Asking for a fren...

23
16
view more: Next ›