/cyber/ - Cyberpunk & Science Fiction

>>33903

-No social media

-I'd switch to linux but my motherboard is so new there's no GNU/Support for it, my PC goes on infinite loop when trying to boot linux (tested on every distro known to me)

-Trying to create my own encryption cipher to encrypt all my shit with and then implement this algorithm with a program I'll make (probably in C#). I've got a general idea of how it works but reversing it to decrypt it is a bit harder than I thought. </rant>

-Never use my real name online (I broke that five minutes ago to make my paypal account so I could get a refund, but other than that never used it)

-Use extentions on browser to ensure you browse https and stuff

-Tor for everything except the chans and torrenting (might run a Tor relay or exit node)

absolutely nothing.

nothing to hide, nothing to fear

:^)

>hiding data from your loving government

What are you OP some sorta criminal? Only wrongdoers fear persecution.

>>33923

>might run a Tor relay or exit node

Isn't that basically inviting child pr0n to pass through your network?

or is all the traffic hidden?

I'm not sure how relay networks operate.

>>33934

is there a difference?

>>33935

touche, but yes.

I use a Macbook.

Please don't laugh at me.

Anyway:

>Stick with Safari despite the limited functionality because Firefox seems to be a mess at the moment and Chrome's a botnet

>Have Adguard, ClickForFlash, HTTPS Everywhere plugins

>Disabled Java

>Got rid of my social media accounts except for an Instagram under a burner email I post art to

>All the social media accounts I got rid of were under fake names/burner emails anyway

>Access internet through a VPN with browser set to private whenever possible

Currently using the free version of CyberGhost, because I need to put some brouzouf aside for a paid VPN. Worth the investment or should I just start browsing through TOR? One thing that worries me about paid VPNs is unless I can find one that'll accept Bitcoins through TOR there's going to be a paper/brouzouf trail leading back to my real name and bank account.

Honestly I don't do anything exactly controversial online besides browsing 8chan, but I really resent being surveilled. I don't like the idea of government agencies, advertising companies, etc trading my information and building a profile of me for god knows what purpose.

>>34026

>Firefox seems to be a mess at the moment

Download an old version. 17.0.1 - 27 is functional, just don't update it.

>>34026

>Honestly I don't do anything exactly controversial online besides browsing 8chan

Uuurrrrgh I cringe everytime I use this.

If you're not gonna run Gnu-Linux or BSD or something at least use Torbrowser for the web and Jitsi plus a Jabber account for chatting with friends. Jesus.

I use i2p, Tor, Tomb, Tox, Trisquel, Jabber+OTR, GPG with email, no social networks, almost never use a phone unless it's to call a doctor or something.

>>34026

There are plenty of Firefox forks out there that can work for your needs.

Other than using GNU/Linux, what other simple ways can I increase my privacy without going full tin-foil?

>>34135

> 2015

> still using winblows

try unplugging your computer from the internet

>>33903

Nothing.

>>34165

You do realize he probably is ALREADY not using windows and thus why he is asking for recos besides that?

>>34078

I'm confuse. Do people really use a proxy to access /cyber/? I don't.

>>34165

Extremism is really depressing, read the post again.

>>38855

lolno

GNU/Linux. Different writing styles for different websites. Throwaway accounts.

Which country provides the best privacy laws for a VPN? I want to get one but they're pointless in USA because everything is wiretapped by default. Is Switzerland good?

>>38869

sweden and finland are good. Check out Mullvad. https://torrentfreak.com/anonymous-vpn-service-provider-review-2015-150228/

>>38855

I don't either

>>34078

Tor + OSX/Win is a bit redundant. If you care enough to use Tor, you'll care enough to change systems.

>>33934

if your gonna run your own exit, then best of luck. read the tor site and eff site of exit nodes before the feds take your door down. as for relays and entrances (gateways?) you can't get in trouble as far as i know.

>>34135

host files to block evil/tracking/malicious domains

Bare-essential apps on Android phone only.

No personal information on phone.

Passwords in 1Password or similar encryption.

uBlock/HTTPS Everywhere in Chrome

>>38915

i would say adaway (root), xprivacy (xposed), keepassdroid for password managment (dont want my credentials zapping around the cloud), and for a browser maybe firefox with noscript, even orfox with orbot if you need tor

>>33923

>Trying to create my own encryption cipher

ever heard of Kerckhoff's principle ? probably not

>>38869

It doesn't matter which country they're in, unless you mask your VPN traffic with other means. Otherwise they'll just use timing attacks, like they do with TOR users or man on the side type of interception.

>>33903

Live parallel lives.

no facebook

I use whatsapp though, which is owned by them.. so I am slipping.

No snapchat.

No apps.

Reducing the amount of important email addresses I have and using throwaways.

>>33934

op here. gov/corp are both fine

I use at least six proxies at all times

Im running a scripted fake online persona that interacts unconspicuously on different social media accounts, runs typical searches based on the most popular keywords

Everything else is going heavily encrypted over a backbone in karachi

>>34026

Try Seamonkey, it's like Firefox but without the bullshit. And there're Netscape themes for it.

>>33903

> doing absolutely nothing of interest to anyone

Seems to have worked so far

http://without-systemd.org/wiki/index.php/Main_Page

http://judecnelson.blogspot.mx/2014/09/systemd-biggest-fallacies.html

http://devuan.org/

http://without-systemd.org/wiki/index.php/How_to_remove_systemd_from_a_Debian_jessie/sid_installation

http://git.busybox.net/busybox/commit/?id=accd9eeb719916da974584b33b1aeced5f3bb346

SJW's role in trying to destroy free open source projects exposed

https://archive.is/dgilk

https://archive.is/deeN1

http://voxday.blogspot.com/2015/10/exposing-true-face-of-sjw.html

also if you are running linux, remove EVERYTHING that says zeitgeist and telnet whether you use synaptic or any other manager. also remove everything that says "remote desktop viewer"

>intel

gathers intel on you

>microsoft windows

can look through your windows

avoid intel like the plague. There's been alot of good news about AMD being bro's in a world of jerks lately. give them support and they will be supported.

The best thing you can do is educate yourself and think critically, systematically, meticulously, obsessively, and autistically. you have to think inside the box, outside the box, inside looking out, outside looking in, stomping on the box, throwing it away, and then questioning if the box ever even existed in the first place. you must be the hand that can bend light so that the eye can see around the corner of plato's cave.

firefox about:config guide

Warning:

following these instructions may severely break your computer and firefox and may ruin your privacy and your entire life.

do any of these things at your own risk.

I am not responsible for anything bad that happens to you.

Some of these things DO mess up your ability to use 8chan and screw up the way the site functions so pick and choose carefully, use saves/different profiles or something.

This may void your warranty.

Ask a professional and the mozilla team before doing anything.

You have been warned.

first open about:config

keep in mind that you will have to go back and check each and every single one of these every time you update your firefox/ firefox fork as the bastards love tricking people and making sure they are un-deleted or un-disabled during the updates. they actively go out of their way to undo the users changes behind their back deep in about:config where they aren't looking.

I also suggest that you install the FEBE addon first, and make backups along the way before changes while constantly checking if the browser will even start. sometimes something will break and the browser will refuse to even start up, crashing as you click on the icon.

so make a FEBE backup, make changes, exit the browser and start it back up. check if everything still functions, then make another backup before making any more changes.

somtimes it just works fine, sometimes you need to reload a backup a few tries until you find out what you were changing that broke everything. some good advice is that if you are completely unsure as to what something does do alot of research before changing it or don't mess with it at all -however, things that look bad might be a good idea to trust instincts on.

also be aware disabling dom storage disables some 8chan features

make sure to ask Fredrick for more 8chan website support for users who

dont use dom storage such as captchas and 8chan settings that work regardless

(don't worry captcha works everywhere still if javascript is off)

to protect against SSLv3 exploit you can use the mozilla addon "SSL version control"

or set security.tls.version.min = 1 in about:config for Mozilla Firefox.

To restore change the value back to the security.tls.version.min = 0. That's it.

In Mozilla Thunderbird you can set it also in about:config, which You can find in: Tools → Options → Advanced → General → Config Editor.

Always use a firefox fork that gets regular good security updates. never use a main distribution. the underdogs are your friends.

Also, I know that this seems like alot but if you just try to get through it all its a big relief when you are done overhauling the whole thing.

I also want everyone to understand that almost all of this garbage and bloat has no excuse to be in the browser in the first place and reveals just how far down the slippery slope internet browsers have gone. The fact that users actually need to un-google and un-facebook and security harden their brownsers in the first place, even change them from what they originally are from vanilla, is unacceptable.

remember to explore "about:permissions" as well.

remember to search in about config: "handlerservice" "scan" "beacon" "healthreport" "profiler" "profile" "health" "service" "avatar" "handler" "diagnostics" "marketplace" "account" "google" "facebook" "microsoft" "social" "sync" "promo" "ringtone" "ajax" "media" "pocket" "browser.send" "peer" "bing" "yahoo" "datareporting" "duckduckgo" "loop" "hello" "geo" "geoip" "tool" "toolkit" "statistic" "monitor" "inspector" "warning" "trace" "host" "remote" "wifi" "scan" "forbid" "experiment" (disable all experiments) "error" "reporting" "report" "crash" "cell" "ping" "errorreporting" "share" "exception" "black-box" "learn" "buzz" "privacy" "private" "support" "screenshot" "uitour" "sync"

"telemetry" "screensharing" "broadcast" "logging" "gecko" "log" "server" "status" "app" "sync" (Disable almost everything in sync) "browser.safebrowsing" as they have huge amount of URL to delete or settings to disable. "URL" and "URI" alone has a huge amount of really stupid pointless and useless urls to delete. (set all "autoupdate" "auto" "update" search results to false for more control)

(unless you want update all your addons one by one, don't delete the urls that update your addons. Don't mess with things that say "" "addon" "extension" "update" "" in the setting or you might not be able to update. you can reverse this by creating another profile and copying the url from about:config and pasting it back in your original profile's about:config where the settings delete url goes and deleting the non-needed profile

my computer is getting attacked with cross scripting attacks as I post this.

browser.search.geoSpecificDefaults FALSE

browser.trackingprotection.updateURL DELETE URL

browser.trackingprotection.gethashURL DELETE URL (yea right, protecting people from tracking by tracking them by having their browser call home to a url?)

privacy.trackingprotection.enabled FALSE

browser.uitour.url DELETE URL

browser.geolocation.warning.infoURL DELETE URL

loop.feedback.baseUrl DELETE URL

loop.feedback.product DELETE URL

loop.contacts.gravatars.promo FALSE

loop.browserSharing.showInfoBar FALSE

loop.CSP DELETE URL

loop.ringtone DELETE URL

loop.server DELETE URL

loop.seenToS DELETE URL

loop.showPartnerLogo FALSE

network.http.pipelining.ssl TRUE

network.http.proxy.pipelining TRUE

media.getusermedia.screensharing.allowed_domains (delete url)

browser.search.order. (delete urls)

browser.search. (check this well)

browser.search.geoip.url (delete url)

media.getusermedia.screensharing.enabled FALSE

network.http.max-persistent-connections-per-proxy Right click, select modify, set it to 15

network.http.max-persistent-connections-per-server set it to 15

network.http.max-connections-per-server set it to 15

network.http.pipelining.maxrequests also set to be 15

network.http.redirection-limit Set to 3

network.dns.disableIPv6 Set to true

network.http.fast-fallback-to-IPv4 Set to false

dom.popup_maximum set to 3

loop.support_url DELETE URL

loop.legal.privacy_url DELETE URL

loop.legal.ToS_url DELETE URL

loop.learnMoreUrl DELETE URL

loop.gettingStarted.url DELETE URL

network.prefetch-next FALSE (disables prefetching)

network.dns.disablePrefetch TRUE (extra layer of telling fox to not prefetch)

(REMEMBER TO USE A FORK OF FIREFOX! main firefox is SJW NAZI BOTNET GOOGLE NOW!)

icecat/palemoon/seamonkey/iceweasel/ are FORKS! don't use google chrome or other junk browsers!

https://ftp.gnu.org/gnu/gnuzilla/

http://ftp.gnu.org/gnu/gnuzilla/38.5.2/

newest icecat version 38.5.2 is now out and has been very nice, fast, and stable for a while now since some older versions!

this may be outdated, and much newer versions may now exist!

disable google geolocation and reporting:

dwhelper.social-share.service.google.enabled FALSE

dwhelper.social-share.service.google_buzz.enabled FALSE

geo.enabled FALSE

geo.wifi.logging.enabled FALSE

geo.wifi.uri (delete the value)

browser.safebrowsing.appRepURL (delete the value)

browser.safebrowsing.debug FALSE

browser.safebrowsing.enabled FALSE

browser.safebrowsing.gethashURL (delete the value)

browser.safebrowsing.malware.enabled FALSE

browser.safebrowsing.malware.reportURL (delete the value)

browser.safebrowsing.reportURL (delete the value)

browser.safebrowsing.updateURL (delete the value)

services.sync.prefs.sync.browser.safebrowsing.enabled FALSE

services.sync.prefs.sync.browser.safebrowsing.malware.enabled FALSE

(take a break here and read how to fix the internet for everyone)

- install TOR software on EVERY router, complete unfiltered

- force EVERYONE to use PGP, no exceptions

- forbid non open source software in essential parts of using the internet (webbrowser, mail client…)

- build a company which is only there for pen-testing, if something is found, they have to call/mail the website owner and inform him

- build a company which is completly transparent, the only thing they do is build network hardware, everyone has the right to look into their files/production processes to verify there are no backdoors in the hardware

- same for computer manufacturers

- ISPs are forbidden to give "middle traffic speed", but they have to give you a minimum traffic speed for every time

(break is done, keep on going!)

media.peerconnection.enabled FALSE

browser.search.suggest.enabled DISABLE IT

Turn off the new tab page, and makes it about:blank:

browser.newtab.url => about:blank

Turn off file virus-scan after download:

browser.download.manager.scanWhenDone => false

some of these are really optional:

Override the useragent to most common useragent (not needed with UA Switcher):

New > string: general.useragent.override =>

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:20.0) Gecko/20100101 Firefox/20.0

Force installation of non-updated add-ons:

New > boolean: extensions.checkCompatibility.[version #] => false

keyword.URL erase and leave blank

Increase the amount of connections/requests Firefox will make:

network.http.pipelining.maxrequests => 15

network.http.max-connections => 15

network.http.max-persistent-connections-per-server => 15

Speed up the security delay when installing add-ons:

security.dialog_enable_delay => 500

changing how your browser stores cache, and uses ram instead (but less ram overall) as a result.

browser.cache.disk.capacity 0

browser.cache.memory.enable FALSE

network.http.use-cache FALSE

browser.cache.memory.max_entry_size 0

browser.cache.memory.disk FALSE

browser.cache.disk.capacity 0

browser.cache.disk.enable FALSE

browser.cache.disk.metadata_memory_limit 1 (just in case 0 might mean unlimited)

browser.cache.disk.smart_size.enabled FALSE

browser.cache.disk.smart_size.first_run FALSE

browser.cache.disk.smart_size.use_old_max FALSE

browser.cache.disk.smart_size_cached_value 0

browser.cache.disk_cache_ssl FALSE

browser.cache.offline.capacity 0

browser.cache.offline.enable FALSE

don't forget to bookmark "about:memory" so that you can click the "minimize memory usage button" it can really help alot.

maybe useful in a tor browser setup, (accidentally clicked bad things never hits your disk):

browser.cache.disk.parent_directory=/tmp/ffcache and put /tmp/ in ram.

(there is no guaranteed way of making this work and often doesn't work for anyone, so its considered broken unless you can figure it out)

dom.storage.default_quota 0 (1kB is ample to track so disabled completely *zero* is better)

dom.storage.enabled FALSE

Disable pings:

browser.send_pings FALSE

browser.send_pings.max_per_link 0

browser.send_pings.require_same_host TRUE (extra layer of protection)

Disable suggestions on searchbar:

browser.search.suggest.enabled FALSE

Disable keywords:

keyword.enabled FALSE

browser.ssl_override_behavior => 2

Disable DNS proxy bypass:

network.proxy.socks_remote_dns TRUE

true would Have the proxy server perform DNS lookups

false would Perform DNS lookups on the client (this is what you don't want)

http://kb.mozillazine.org/Network.proxy.socks_remote_dns

https://www.browserleaks.com/

https://panopticlick.eff.org/

ooooooooooooooooooooo

also search through these to delete HUGE amounts of links from.

datareporting

browser.contentHandlers

browser.safebrowsing

browser.search

gecko.handlerService

ooooooooooooooooooo

services.sync.prefs.sync.browser.search.update FALSE

services.sync.prefs.sync.browser.search.selectedEngine FALSE

browser.search.update.interval (set to ZERO )

browser.search.searchEnginesURL ERASE URL

(adblock edge filter list links to add into ABE)

http://spam404bl.com/spam404scamlist.txt

https://easylist-downloads.adblockplus.org/easyprivacy.txt

https://easylist-downloads.adblockplus.org/easyprivacy+easylist.txt

https://easylist-downloads.adblockplus.org/easylist.txt

http://pie.estiva.org:1223/data/abl/sw_aio.txt

http://pie.estiva.org:1223/data/abl/nm_easyprivacy.txt

http://pie.estiva.org:1223/data/abl/nm_easylist.txt

http://pgl.yoyo.org/adservers/serverlist.php?hostformat=adblockplus&mimetype=plaintext

https://www.fanboy.co.nz/r/fanboy-ultimate.txt

https://easylist-downloads.adblockplus.org/malwaredomains_full.txt

https://easylist-downloads.adblockplus.org/fanboy-social.txt

https://easylist-downloads.adblockplus.org/antiadblockfilters.txt

///////////////////////////////////////////////

you could possibly use FEBE to save everything (depending on how you do it to avoid ruining the settings of Tor) and send your extensions to the Tor Browser

https://www.torproject.org/projects/torbrowser.html.en

datareporting.healthreport.service.firstRun DISABLE IT

datareporting.sessions.current.clean DISABLE IT

toolkit.telemetry.enabled DISABLE IT

browser.search.suggest.enabled DISABLE IT

media.peerconnection.enabled DISABLE IT

geo.enabled DISABLE IT

toolkit.telemetry.infoURL (delete url)

toolkit.telemetry.server (delete url)

network.websocket.enabled FALSE

network.http.sendSecureXSiteReferrer FALSE

services.sync.prefs.sync.privacy.trackingprotection.enabled FALSE

dom.event.clipboardevents.enabled FALSE

services.sync.prefs.sync.browser.safebrowsing.enabled FALSE

services.sync.prefs.sync.browser.safebrowsing.malware.enabled FALSE

typing in "safebrowsing" will show many options

media.eme.enabled FALSE

media.gmp-eme-adobe.enabled FALSE

search adobe and disable these, might break flash, but why are you using flash!!!

loop.enabled FALSE

camera.control.face_detection.enabled (VERY CREEPY) FALSE

device.sensors.enabled FALSE

security.tls.unrestricted_rc4_fallback FALSE

security.tls.insecure_fallback_hosts.use_static_list FALSE

pdfjs.disabled TRUE

extensions.blocklist.enabled FALSE

(delete all these links after searching "extensions.blocklist",

or firefox sends data without permission, beware:

its up to you to not install unsafe addons from unsafe places now.)

network.http.speculative-parallel-limit (SET TO ZERO)

disable your live bookmarks and rss feed bookmarks and delete them as well, only use ordinary bookmarks.

browser.aboutHomeSnippets.updateUrl (delete the url)

browser.startup.homepage_override.mstone (set the value to ignore)

extensions.getAddons.cache.enabled FALSE

dom.ipc.plugins.flash.subprocess.crashreporter.enabled FALSE

toolkit.crashreporter.infoURL DELETE URL

breakpad.reportURL DELETE URL

toolkit.crashreporter.infoURL DELETE UR

browser.pocket.enabled DISABLE

webgl.disabled TRUE

dom.server-events.enabled FALSE

media.peerconnection.enabled FALSE

media.peerconnection.use_document_iceservers FALSE

media.peerconnection.video.enabled FALSE

media.navigator.enabled FALSE

media.navigator.video.enabled FALSE

media.navigator.permission.disabled TRUE

dwhelper.social-share.service.facebook.enabled FALSE

also search "facebook" and delete all the links unless mentioned in an extensions prefs

facebook will be mentioned if you block facebook in noscript.

social.manifest.facebook ERASE and leave blank

social.remote-install.enabled FALSE

social.whitelist ERASE and leave blank

media.autoplay.enabled FALSE

dom.use_watchdog FALSE

dom.workers.websocket.enabled FALSE

media.audio_data.enabled FALSE

browser.selfsupport.url (delete url)

ooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

noscript does have a few google things inside of it so

noscript.ABE.wanIp FALSE

noscript.ABE.wanIpCheckURL https://secure.informaction.com/ipecho/ (delete this)

oooooooooooooooooooooooooooooooooooooooooooo

also, watch the progress of Devuan.org

(systemd-less debian in the works)

and guide done.

bumping for anons

>>42491

Wikipedia is hardly useful per se. I think it'd be much more productive to have books on everything you can imagine might be useful.

That way you'll have meaningful knowledge on the subjects forever, instead of simply an overview. Go on /tech/, i believe they still have a stick with everything related to programming, from eletronics, electricity and mathematics to front end development. It's the valuable useful torren't i've ever downloaded.

>>42492

>I think it'd be much more productive to have books on everything you can imagine might be useful

That's not very portable or cyberpunk

>>42498

But its also a smarter decision in the long run. The best compromise would be ebook versions of actual books for ease of replicating and storage. Having wikipedia articles is the equivalent of having a bunch of Cliff Notes versions of books rather than actually reading them.

>>42498

E-books dummy, things aren't cyberpunk because they look cyberpunk, they are in a specific context.

Having a shitload of books in a flashdrive is useful, specially if you have an e-reader that lasts basically forever.

As i mentioned, gentooman's library for programming, mathematics, network and even electricity is a really great start for that sort of collegion. A lot of them are in PDF though, i don't think it's usable in an e-reader, just cellphones and such.

>>42507

Some e-readers can. I believe even first gen Kindle could.

>>42509

> do you guys do to protect your smartphones? Is ubuntu phone any good or there aren't enough apps to make it viable as a smartphone?

I protect by installing a custom rom on it + remove camera / front camera and microphone.

>>42516

They keep track of your location anyway though, that was proved last year.

>>42520

>>>/cyber/42338

>>42520

>>>/cyber/42338

this for sure.

>>42523

whoops, and it doesn't let me delete. 8ch.net is so busted. when will they fix it?

>>42509

>>>/cyber/42339

and this

>>34026

>and Chrome's a botnet

You're using MacOS 10 and Safari.

>>33931

Government is a type of corporation, ya dip.

>>42524

Hadn't seen it from that particular perspective.

But yeah, smartphones are blackbox devices.

For starters, the smartphone was a mistake, and it's a terrible idea to use a smartphone at all. Period.

There is absolutely no need for a smartphone, whoever thinks otherwise is a tool of Da System™.

That said, even normal cell phones are tracking deviced by their very own nature, and you can't be sure that they don't have some sort of backdoor either.

If you have an Intel chip, your PC was compromised out the box. Sorry chummers.

https://en.wikipedia.org/wiki/Intel_Active_Management_Technology

I do the basics: VM's, GNU/Linux, Tor, I2P, ZeroNet, VPN, no google, custom android rom no gapps, etc..

>>38911

you can only get in trouble for exits. Ran a guard for 3 years off a Raspberry Pi, since all Tor traffic has to pass through at least 3 or 5 nodes only the exit node is unencrypted. In the US at least you can't get into trouble for allowing random encrypted traffic on your network (yet)

>>42452

>how to make bombs

yes if you google that you're a moron and deserve to be redflagged

I'm posting in this thread using Tor for starters.

I also ditched Facebook, and mostly keep in touch with friends via Signal.

And cash, glorious cash. I spend it.

Tor, VPN, no SNSs (facebook, google etc), brouzouf purchases, no chat clients, gpg with email, no mobile phone contract, stuff.

>>46991

impressed with that level of privacy, I don't think I could ever get to that level

I just live a very simplified life.

>>47004

It's not as hard as it sounds (even if you aren't a friendless NEET). Facebook is too uncool to use anyways, and google is easily replaced with Startpage with almost no sacrifice to convenience. You get used to paying for everything with cash, and it helps you keep track of your spending. Burner refillable phones are extremely cheap and usually less costly in the long run than contracts.

One of the more effective things you can do is to simply never make accounts for anything you don't need to, and to use new burner emails and usernames for each account you have to make.

>>47010

Did you know that even if you don't have a Facebook account, they're profiling you anyway ? (Same shit with google, tweeter etc…)

See those share/tweet buttons on every webpage ? Consider those as websites. This way, they log your IP/time/localization without having an account.

The only way is to redirect every domains to your machine with your host file.

Guys, it's pointless sometime.

>>47072

Isn't that what umatrix/noscript/request policy is for?

>>47072

>The only way is to redirect every domains to your machine with your host file.

or use tor or proxy

>>33923

That sounds like a bios problem. Check if it boots under legacy or UEFI.

Surprisingly, UEFI seems to work much better than legacy.

Then try it again under either Arch Linux (you don't have to keep arch, though). Arch generally supports everything, so compatibility won't be an issue.

>>47077

That doesn't always work anymore since we use DNS. If you block it through DNS, though, then you won't have issues.

>>39178

Kerckhoffs's principle isn't the same as "don't invent your own ciphers". Of course one shouldn't invent or implement ciphers (but use existing cryptographic libraries like libsodium or something else. See https://en.wikipedia.org/wiki/Comparison_of_cryptography_libraries)

Kerckhoffs's principle is general advice for transparency and moreover, advice that the method of encryption shouldn't be secret in itself. That's why encryption algorithms are keyed, similar to how locks are keyed. Lock is secure although everyone knows the principle behind the lock. Kerckhoffs's principle states "don't assume security because nobody's going to drill one lock to see how it works, and find the weakness".

>>50952

To further expand on this point, no one ever said 'Don't create your own encryption', they said 'Don't count on your home brewed encryption.'

If you want to create a cipher, and you really think you've got something special, then release the source for analysis.

If you think you whipped up a cipher on your own in your basement that the letter agencies won't cut like a hot knife through butter, you're almost certainly, laughably, wrong.

That doesn't mean don't do it, just don't use it anywhere.

If you're so paranoid that you honestly think every available encryption alg has a backdoor or is already broken, by all means do a second layer of your own special sauce. Maybe use someone else's reference implementation of one of the slower algs that was never chosen for mass use.

Don't let the fact that a good encryption alg needs to be reviewed by peers stop you from trying your own implementations.

That's how, eventually, we end up with devs who are implementing and auditing new algs. You gotta cut your teeth on something.

Just, for the love of god, know they're toy implementations and treat them as such.

>>50953

I fully agree one should release the source always. However, if one expects a peer review, the road to the top is of the rockiest out there: https://www.schneier.com/crypto-gram/archives/1998/1015.html#cipherdesign

Related to the Dunning-Kruger effect and over-confidence your reply touched, this top answer is fantastic:

https://security.stackexchange.com/questions/18197/why-shouldnt-we-roll-our-own

>That doesn't mean don't do it, just don't use it anywhere.

Fully agree. Always attach a warning sign "WARNING! This is a toy cipher intended for the purpose of learning about cryptography! Do not use it for anything serious!"

With that banner, feel free to play with crypto all you want. No expert or expert novice is going to bother blaming you for snake oil salesmanship.

>Maybe use someone else's reference implementation of one of the slower algs that was never chosen for mass use.

It's harder to verify 3rd party implementation of e.g. Serpent – deemed more secure but slower than AES – is 1) correct b) side-channel free.

Personally I'd only use vetted ciphers. But caveat emptor, there's room for healthy amount of skepticism towards NIST after DUAL_EC_DRBG. https://safecurves.cr.yp.to/ lists NIST's P-curves insecure.

>>34080

can you do this and have irl friends?

>>50966

friends are a threat to your privacy beware

>>50966

No, and he's also on a list for being 'abnormal'.

I use stuff the way you'd normally use stuff, unencrypted email, pics of my wife and kid on facebook, ect … then I have a separate laptop for doing other things.

That way there's no black hole in my social profile, I just don't stick out at all.

>>50978

You can pretend that being a filthy disgusting normalfag somehow is a good thing, because you've just got a really sick cover, but in actuality you're just a filthy disgusting normalfag.

>>51028

> you're just a filthy disgusting normalfag.

What's sad is you pretending you're special. I said there's value in making a conscious decision about what to share, and sharing enough that you don't stick out, but I'm getting the vibe that you're an autist who shares pedo porn and gun picks on Tor, thinking that makes you super cool, and it's everyone else that's wrong. Meanwhile, the letter agencies have had you on a list for years, not because you're special, but because you're socially retarded, and don't know any better.

It's not about leaving NO footprint and vanishing completely.

It's about leaving enough of a (non-compromising) footprint that nobody will raise an eyebrow.

Living two lives looks much more dangerous to governments than living in privacy. Which one sounds like a newsworthy article: "A hermit was found living without social media" or "Man was found living two lives". One of those scares us more because that could be anyone around us. That's what's currently driving the domestic spying programs: The enemy within.

The government can see you making changes, and they will observe the amount of changes you make to your life to determine how much you desire privacy. Take two cases

A: "the guy downloaded Tor browser, he must be a criminal"

B: "the guy downloaded dozens of add-ons and tweaked hundreds of settings in their browser and the add-ons, and actively manages their cookies, headers, VPN etc., he must be a criminal" (some of the good posters in this thread)

In these cases, just using Tor browser does not make you hundred times bigger threat because it's hundred times more effective than all the other measures of case B combined. Had the person set up another Tor-like, global anonymity network themselves, injected proxy clients to devices of thousands of innocent users just to bounce their traffic, that would look (and probably be) hundred times more dangerous than case B, which to government actually looks A LOT more dangerous and dedicated than case A.

Why is Tor browser more secure then? It's because it's the result of more than a decade of work towards anonymity and privacy by privacy activists, hackers and security experts. That effort is not the fault of the users however. They just download the client and be done with it. Perhaps they might tweak the single privacy setting slider prompted by the browser during initial start. Not only is that hundred times more effective, it's hundred times less effort. Again, because it's less effort, it looks less dedicated and so, less dangerous.

Why is it more effective then?

Whenever you browse the internet you assume the server and the ad-displaying backend is trying to deanonymize you. They do this with a massive, never-ending game of "Guess Who" where they tie information about the user across sessions with cookies, and run all sorts of analytics systems about user behavior and compare them to databases about users, sold from business to business (that type of trading is invisible to end users).

If you make yourself anonymous, it means that session is not tieable to any other sessions, even if your AT&T works together with the destination server, and when the network of analytics companies connected to destination server work together. It's not just what information you make available, it's the metadata about how much information you leave. In case B you might have succeeded so well you display totally different data every time you connect. But you also caused the browser to leave about 11 bits of random identifying information, and everyone else has 2..1000 times as much. So they can link your sessions together with reasonable reliability. All it takes is one mistake. You publish something that's identifiable, say your password manager auto-typed the wrong password the company logs, and that random password is leaked from another company's plaintext database along with your first.last@name.com email. All those sessions are now tied to you, and while they won't show you ads based on that, all that analytical data can now be sold to a company that has backroom dealings with the government interested in users with small digital footprint.

With Tor, every browser looks exactly the same as long as you don't go tweaking it. Imagine playing Guess Who where you have 50 identical Tor logos on your side of the board. There is only one question to ask: "Does your person look like a Tor user?" In such situations there is no risk of retrospective deanonymization either. Every action could have done by any of the more than 2 million daily Tor users.

Tor is not enough however: The site tries to deanonymize you by observing what you read from the site, and by what you post to the site (searches, writings). By disabling javascript in Tor browser, you can prevent the web site from dynamically analyzing what you do, where your mouse is etc. Then it's up to the content. Do not post too much information in one go, always reset the Tor browser session between posts and when changing domain. Never click links. Always right click and copy-paste address to hide referrer information from next site. If the link on clipboard has referrer information, delete it manually or try to find the destination with search engine based on e.g. headline next to original link. Alter your writing style when possible. Sometimes even argue with yourself in subsequent replies or call yourself a newfag.

>>51032

>It's about leaving enough of a (non-compromising) footprint that nobody will raise an eyebrow.

That's actually a considerable amount of work compared to the former of just dropping off completely, which is a shame.

Surprised nobody has developed a piece of software that continually floods your network with mundane traffic, like watching all the "Trending" videos on Youtube, and reading the most popular Buzzfeed/Guardian fluff pieces.

>>51478

I will guarantee you the second someone comes up with it the government will just adjust their algorithms. The only place I see this spreading is some site like hackbb but they nuked it and I haven't found a replacement.

>Surprised nobody has developed a piece of software that continually floods your network with mundane traffic, like watching all the "Trending" videos on Youtube, and reading the most popular Buzzfeed/Guardian fluff pieces.

it's been done years ago fellow anon

https://www.nyu.edu/projects/nissenbaum/papers/HoweNissTMN.2.8d.pdf

>>33903

A Huge oversight on these boards is that a technical security program isn't good enough to protect your privacy. Because your privacy is being violated constantly offline by every commercial interaction , and even as you walk around retail stores.

Check out The Complete Privacy Security and OSINT show by MB . He details an offline privacy program including privacy.com credit cards, faraday bags, CMRAs, mysudo , blur, 33mail to help remove identifiers from your life and protect your privacy.

>>33903

>what are YOU doing to stop intruders from spying on your everyday life?

1. use internet services as little as possible, eg no social media

2. when i do use internet services, i use ones that (claim) to not store data, eg google -> duckduckgo

3. when i use internet services i obfuscate the data i give them, eg use tor to obfuscate data going to ISP

>>33903

>>57465

You're know Searx exist, right?

https://searx.space/#

Meta-searx such this one, even replace links with official .onion mirrors of sites:

http://searxes.wodferndripvpe6ib4uz4rtngrnzichnirgn7t5x64gxcyroopbhsuqd.onion/

I would argue against what some of you lads have said regarding Social Media. Part of internet security is creating a smoke screen which indicates to any observers a normal pattern of behaviour. Create the most normal looking social media. Craft it so that people only know what you want them to know. It's the same with browsing and proxies.

>>33932

running a relay node is safe. Running an exit node needs a legal team.

>>57961

>https://cypherpunklabs.com/

Cypherpunks Labs will host an exit relay for you for $10 / mo.

Only use open, decentralized protocols for communication, with support for end-to-end encryption. Encrypt your drives. Get a security key. Secure your home network.

Good opsec, while still participating in "normal" life, is more or less impossible. No amount of leenucks or phone ricing will change the cameras on the streets or the smartcard you use to get into your apartment.

>>58337

Can you give me some tips for OPSEC and PERSEC?

>>58343

https://sizeof.cat/links/

Some links