28

TLDR: Nothing is safe, for complete privacy, move inna woods and live like a caveman

TLDR2: If you're not a glowie, currently the most private setup is to have a 2nd hand laptop, running non-persistent Tails on starbucks wifi. Never use your home internet, real name, don't reuse usernames or passwords. Memorise as much as possible, don't write shit down anywhere.

Ok, so for most of us that isn't possible. However I do see a lot of posts on this forum that are, unfortunately, wrong, or at least unintentionally misleading, so I want to try clear things up a bit.

Specifically, questions like "best VPN", "best cloud storage" etc. seem to come from people who are quite new to online privacy, and tend to come from the wrong mindset. Namely, that any data you store on networked hardware, or anything 'cloud', then you must assume that it has been harvested by LE and will be available for them to review at any point in the future. The old adage of "there is no cloud, it's just someone elses computer" applies here.

Are you a fat pedo with 100TB of CP? Are you a darknet heroin seller? Are you a journalist in China? Are you a (god forbid) free-thinking citizen who does not 100% agree with the current narratives?

This matters, and does dictate the level of opsec you need to implement.

IF YOU ONLY CLICK ONE LINK, MAKE IT THIS ONE This is quite a comprehensive guide, which covers most privacy basics -

https://anonymousplanet.org/guide.html

KICK JACK & ZUCK OUT OF YOUR LIFE FOR GOOD List of alternatives to big tech platform, fediverse etc

https://wiki.techxodus.org/en/home

and

https://gitlab.com/FSMdotCOM/foss-front-ends-and-alternatives

If you have more time, understand that cybersec is always evolving faster than any individual can keep up with. Get to know the history of the field, the motivations of LE which make our lives oh so wonderful, and learn how to mitigate against them.

These are good places to start:

https://en.wikipedia.org/wiki/Global_surveillance

https://en.wikipedia.org/wiki/List_of_government_mass_surveillance_projects

https://en.wikipedia.org/wiki/ECHELON

I'M NOT A CRIMINAL THOUGH neither were Charlie Chaplin, Princess Di or John Lennon... but they're on this list:

https://en.wikipedia.org/wiki/List_of_people_under_Five_Eyes_surveillance

INCENSER, aka intercepting traffic from the backbone of the internet

https://www.electrospaces.net/2014/11/incenser-or-how-nsa-and-gchq-are.html

DARKWEB Safer - never use JS, never maximize the Tor window, assume that one day you'll be caught anyway. Not going to hold your hand here but d/Opsec and d/DNMbusts are good places to start (d/DNMbusts seems to be down currently)

Start here, you're on your own from there on -

dark.fail

or its dn address:

darkfailenbsdla5mal2mxn2uz66od5vtzd5qozslagrfzachha3f3id.onion

Even then, you're not safe, know that a lot of universities, LE and other people that don't know how to have fun spend a lot of time trying to 'disrupt' the dark web.

Pastebin link discussing how people are deanon'd on the DN:

https://zerobin.net/?e7bb1676c24b4bda#kZhNYD3L8zfBYE/5nNfv86eZLPw+crCtb3TkP0T7v4w=

and how this was done:

https://zerobin.net/?5381524b75d99885#krVptUhQzB1fkFaGW6HhfEvAAGtUh6QGtHr7jTxggpY=

Using AI to track people in TOR:

https://news.mit.edu/2019/lincoln-laboratory-artificial-intelligence-helping-investigators-fight-dark-web-crime-0513

Shit can, and will, come around to bite you in the ass. Here's a guy that got sentenced in 2021 for doing something in 2011:

https://cointelegraph.com/news/alleged-366m-bitcoin-mixer-busted-after-analysis-of-10-years-of-blockchain-data

Understand the importance of FUD and the emotional techniques behind it - you can only defend yourself against it if you know what it is and how it works.

FREE SOFTWARE Only use open source software you can audit yourself. If you absolutely need to open a binary, scan it with something like Malwarebytes, open it in a VM, run it through Ghidra, thanks to the boys at the NSA

https://github.com/NationalSecurityAgency/ghidra

That's all I have for now. Please let me know if I got anything wrong, feel free to share this. (If you really want to know, I think Mullvad is the best VPN). Also happy to answer any questions, but just know that I'm no cybersec professional, just a retard with a keyboard

And remember - you just run them over

https://invidious.namazso.eu/watch?v=AbG6u86t4bA

17
15
12

Has anyone considered what exactly these rewards programs are about?

It seems like every gas station convenient store REALLY wants you to get one. Sometimes they get realy annoyed when I tell them I dont like things like that. Its really obvious the amount of data they collect and then sell. It makes me really uneasy. Plus theres really very little reward for the data cow.

Is it just me?

44
33

Should I put a SIM in it or do anything to the phone at all before downloading Graphene?

Maybe once every 2 months I use a Windows VM for an hour or so.

I can't help but wonder about these virtual machine escape exploits though.

In 2018 alone, Oracle (VirtualBox) patched 10 of them:

https://archive.is/3aZBz

What do you guys think?

Would running the VM in an additional container like firejail even work and be helpful?

Thanks!

11
10

Do I want the gaming PC to be 100% spyware, only for gaming (aka windows) and use a different PC/laptop for everything else (internet, movies, music etc)?

Or do I try to shove gaming down Linux's unwilling throat?

10

I went ahead and made a basic one, but are there any channels already out there?

https://halogen.chat/#/room/!lEMxpILANIuheeUJnH:halogen.city

10

How does it know they're memes? Android on a pixel 2.

14
16

.

Am I able to take the SIM card out of my current daily driver which is on Verizon's network, put it into a brand new Pinephone, and begin using it to make calls, text, etc. immediately?

21

One I like is the Techxodus Wiki.

Are there any other good ones?

10
13

How would someone go about doing this, or is it even possible? I can't seem to be able to make an account. I get a blank page after submitting the new account form.

I've used Protonmail (free) for a while and like it, but am looking to upgrade to a premium email service for the option to have multiple aliases/addresses, but I still want encryption, servers hosted in a non collaborative country (meaning not in Germany, Canada, etc.)

I was just going to upgrade my protonmail account, but curious if there are others that may be better before I do? We all have seen what happened with DuckDuckGo over the years, and I kind of get the feeling the same is gonna happen (if not already) to Protonmail.

Just curious what you all use or recommend (even if that includes Protonmail)

view more: Next ›