/cyber/ - Cyberpunk & Science Fiction

>>35041

>network.dns.disableIPv6 Set to true

I too like not being able to access any server in a years time. IPv6 is an improvement/expansion on IPv4. Blocking IPv6 would make as much sense as blocking all IPv4 addresses.

This guide looks pretty bland. I always thought that at least 1/3 of 8ch follows such.

What's wrong with ublock orgin?

>>35042

then how am I still posting

>>35053

its shilled alot by some shills who want to kill good addons.

>>35043

bland? for you I suppose?

at least others can benefit.

ANONS ANONS HEAR YE HEAR YE

give this guide a quick glance, link has more complete parts of the guide with more redpills.

without a doubt there are at least a few things each anon has overlooked within the Paranoid /Tech/ Guide.

this isn't just some spazzbot dumping wackynoodle text, this is a figurative WAR against lies and disinformation at the hands of the evil shills who want to take all your cyber tech away!

will you stand for that!

>>35042

>ipv6

>secure or any bit improved

Oh you poor ignorant shazbot.

>>35071

IIRC, there are many options at about:config that needs to be switched off. Also add section about VPNs, and recommendation of services.

>a figurative WAR

>the evil shills

I hope you are 12, otherwise bad news for you

>>35099

IPv6 isn't meant to be improved or more secure, its just an address space expansion.

Doesn't Adblock edge allow companies to whitelist themselves globally. I'm really not trying to shill but unlock origin definitely does not allow companies to pay for whitelisting

This guide does not suggest to obfuscate your user agent info (instead suggests you use "most common", which will stay that way until you decide to manually switch it again, among other problems); this guide suggests tons of user settings that both break and needlessly restrict your own use of your browser; it does not educate you of why you would set any of this; it calls Linux Mint a trojan OS with no evidence (stating that it uses SystemD when it's optional and containing no substantial argument against SystemD, in fact immediately after listing KISS philosophy as a bad thing); far too much EMPHASIS TEXT; suggesting Ablock Edge, an adblocking addon that allows Google panoptic ads. Despite whatever interests, this likely just discredits privacy awareness.

There are some good things in the guide, sure. A lot of tracking features to disable and good addons are suggested. But the tone and arrogance really puts me, and I'm sure others, off.

My tl;dr-ish guide to privacy:

-Use an open source OS. Better if it uses KISS philosophy, but even if not, you're far better off than using MS shit.

-Keep your identifying social networks separate from your regular use. Avoid Facebook, Google, and any other popular service that benefits from identification as much as possible, if not completely.

-Avoid Javascript as much as you can stand; obfuscate all other software and hardware details as much as possible.

-Use a non-Five Eyes-based VPN service. Do not allow personal connection to such VPN and change service often. Bitcoin is not an anonymous payment method unless you tumble to a new wallet first. Pass through port 443 to appear as encrypted HTTP traffic.

-Avoid Android and Microsoft OSes. Apple is suspect being closed source, but they have been acting in favor of privacy. Use Linux when possible.

-Cover, faraday, and/or remove batteries of devices that contain mics or cameras when possible.

-Encrypt any and all media you own. Keep as many passwords as possible or separated by its purpose. Assume that any infiltrator knows your password generation philosophy and create strong passwords with that assumption (XKCD password philosophy is a good start, but generally longer=better).

-Practice online communication patterns different from your own, and prefer sites that are relatively unknown or that you have not visited often to further obfuscate your identity.

Lastly, know WHY you take any specific security measure, and what threat model your practices fulfill. While you may wish to protect yourself from advanced spying techniques, such as those utilized by the NSA, GHCQ, etc, you're better off assuming these agencies have already compromised your system, and instead work on minimizing revealing information that can be obtained. However, there are many other lower level agencies and private parties you can and should protect yourself against. From copyright trolls to career hackers, strong security practice will protect your individual freedom and security for many years. Practicing even one of the points I have mentioned will set you far above the common person.

>>35102

uBlock Origin and uMatrix are fine. It's just a single guy who has been trying to force that meme on /tech/ just because a lot of people recommended it when it got released simply because it was good.

Following his same logic, it would be more or less like saying Linux is botnet just because /tech/ loves recommending it.

uBlock Origin is a fine substitute for the discontinued Edge (or Latitude for Pale Moon users).

Flashblock is pointless, since you shouldn't be using flash anyway, plus NoScript/uMatrix can handle that. These last two are a toss up, they share some features and each one has an advantage over the other, but due to the resources they eat, they aren't really complimentary.

Https Everywhere is a must.

FEBE/Cleo/Opie are pointless. Ypu can do the same by copypasting your profile folders.

Better Privacy, Cookie Monster and Cookies Manager are fluff once you have the ones recommended bove+Self-Destructing Cookies

>>35053

Nothing besides being the best and thus some anons getting mad at it being mentioned so much.

Any browser plugin can spy on you, you're trusting a 3rd party with seeing everything you type and browse.

Even worse, if that plugin utilizes the NDK then you can break out of the sandbox.

My advice would be to block ads at the network level, then your browser should be a minimalist custom build which disables all extentions.

>>35099

>>35100

IPv6 is certainly an improvement, and was most certainly designed to be such.

If you have any evidence to the contrary state it plainly.

>>35147

the problem is nobody can properly configure their ipv6 stack http://www.theregister.co.uk/2015/06/30/worlds_best_vpns_fall_flat_in_security_tests/

tons of inaccurately configured ipv6 stacsk around easily exploitable

>>35102

adblock PLUS is the one that pulled a ghostery on everyone.

Adblock Edge is a fork meant to not whitelist any badguys by defualt.

>>35103

>all this butthurt

>anti-paranoid anon guide shilling

>tl;dr

I have a head ache, please try again.

>>35132

>uBlock Origin and uMatrix are fine. It's just a single guy who has been trying to force that meme on /tech/ just because a lot of people recommended it when it got released simply because it was good.

DAMAGE CONTROL

>>35140

>uBlock Origin is a fine substitute for the discontinued Edge (or Latitude for Pale Moon users).

wow, would you like a glass of fancy bread with that fine?

>Flashblock is pointless,

OY M8

>since you shouldn't be using flash anyway,

so you didn't read the fucking guide?

>plus NoScript/uMatrix can handle that. These last two are a toss up, they share some features and each one has an advantage over the other, but due to the resources they eat, they aren't really complimentary.

noscript is the only way to go, why trust umatrix, same maker as ublock.

>Https Everywhere is a must.

Trying to confuse people by telling lies Half the time eh?

to break the confusion- yes Https everywhere is good.

>FEBE/Cleo/Opie are pointless.

OY M8 CHIPPY F*** WAFFLES

>Ypu can do the same by copypasting your profile folders.

depends on how you want to do backups.

>Better Privacy, Cookie Monster and Cookies Manager are fluff once you have the ones recommended bove+Self-Destructing Cookies

Better privacy is actually very useful because it can handle a very dangerous type of cookie that isn't normally accessible by your browsers cookie deleting functions.

cookie monster is like a request policy/noscript for cookies

cookies manager is an easy to use frontend GUI for another setting in your cookie preferences that makes it alot more clear and well presented.

>>35147

get the fuck out ipv6 shill

>>35154

Betterprivacy is useless because it only deletes flash cookies, which you only have if you use flash. Same for flashblock.

I read the guide, the guy basically copypasted a bunch of shit from plugin guides and the arch wiki. He has little understanding of what's actually going on and rants about systemd for about 3 full posts instead of just suggesting that people use openrc.

Nobody uses uBlock here, only uBlock Origin which is faster than ABE while being more adaptable. uBlock is shady like ABP.

>>35155

>I don't know anything about IPv6 so I'll call him a shill

>>35175

>Betterprivacy is useless because it only deletes flash cookies, which you only have if you use flash. Same for flashblock.

both have use and functionality beyond flash. having fun bitching and whining about easy to implement second layers of protection?

flashblock prevents all videos from running the moment the page loads among other things.

>I read the guide, the guy basically copypasted a bunch of shit from plugin guides and the arch wiki.

Oh no I saw someone reccomend noscript on a wiki so this OP must be full of shit! I'm going to cry and drink my own tears now, boo hoo

>He has little understanding of what's actually going on and rants about systemd for about 3 full posts instead of just suggesting that people use openrc.

and there you have it, Proof that this dumbass troll didn't read a freaking thing and just wants to stir up shit.

>Nobody uses uBlock here, only uBlock Origin which is faster than ABE while being more adaptable. uBlock is shady like ABP.

Both Ublock and origin are on my blacklist. you trying to muddy the waters.

Okay, seriously. What's wrong with uBlock Origin?

>>35184

did you read ANY of the OP

>>35185

Yes. So, what's wrong?

Can anyone explain to me, what exactly is this "shilling" mentioned here? Because OP's image looks more like trolling and less like facts.

I would like to know more about why uBlock is bad.

>>35188

That's exactly how I see this entire thread, but since everyone seems so butthurt over uBlock I wanted to ask if there is any legitimate reason behind it

>>35189

There's literally no reason to hate it. Most people only hate it because I think it's been said that the creator was a jew. And I've also heard most people hate it because the person made it for free then "had the hide" to ask for donations.

It's okay when linux distro makers do it though, of course.

>>35188

Yep this is pretty much it. Doesn't help that everyone is only capable of attacking each other (oh geez I created a feedback loop).

This guide is so incoherent yet correct enough to be a real 10/10 troll attempt. Bravo, OP, I am rustled, butthurt, and I hope you and everyone else in here kills themselves. Also brb killing myself.

>>35210

>>35209

>>35189

>>35188

all you pathetic deception artists can do is desperately damage control and accuse the guide "le epic trolling" because you don't want anyone to take it seriously. too fucking late. the pidgeon has landed.

>>35243

Someone needs to revise this guide so it can be taken seriously. I'm not expecting something like privacytools.io, just something that actually educates instead of a plain list and sounding ridiculous while at it. I'd like to do it myself but honestly I'm a lazy fuck.

Btw no offense taken at accusing me of being a shill or anything. Internet discussion has gone to shit these past few months and I wouldn't hesitate to blame it on astroturfing.

>>35244

>organize the guide more

Heh, you should'ah seen how it was before m8

this is nice and neat now.

I hope it helps someone out there.

>>35243

so what was wrong with uBlock?

read the OP :^)

>paranoid guide

>using clearnet web browsers

My hat goes off to you OP for actually trying to make it easier for people to lock their shit down, but giving a guide on addons for firefox just isn't going to cut it when it comes to the truly paranoid. Under normal circumstances a clearnet web browser, even with heaps of privacy addons, should only be used when doing things you are knowingly using your own personal identity for such as shopping or online banking. This is depending upon your threat model of course, if your enemies don't include the government or agencies with resources that liken to the gov then you probably don't have to worry about it as much.

The unmodified Tor Browser with javascript disabled is your best bet for staying secure and anonymous online. If you're really paranoid then use Tails. It's good enough to keep the pedos, carders, thieves, snowdens, and other users safe from the best the NSA and FBI can throw at it. Just keep in mind that Tor is not a magic bullet and that proper OPSEC is what you really need to be aiming for.

https://cryptome.org/0005/tor-opsec.htm

https://www.youtube.com/watch?v=HHoJ9pQ0cn8

>>35154

>ublock

>same maker as uMatrix

Seems you knowledge is outdated, shill.

>Better privacy

>it can handle a very dangerous type of cookie

Again, seems someone is stuck in the Netscape-era.

>cookie monster is like a request policy/noscript for cookies

Pointless, since it is much more limited than just doing it manually, yet also takes more time than many other optional addons that aren't redundant when paired with the previous recomendations.

>cookies manager

Useless, since it is even more limited than doing it thorugh FF itself.

>>35177

Seems you just are one of those "behind 7 proxies l33t haxors" that think quantity of redundant protection equals actual security.

>>35325

I don't trust tor, its too mainstream. people get screwed using tor ALL the time. hate me if you want.

>>35340

>>35340

*

>cookies manager

>Useless, since it is even more limited than doing it thorugh FF itself.

depends on what kind of gui you want to see your cookies thorugh

>>35339

>too mainstream

Security through obscurity doesn't work. Tor has been tested and still proves to be secure as far as we know. 99% of the times people get caught are when they fuck up with opsec

https://grugq.github.io/blog/2013/10/09/it-was-dpr/

i2p and freenet are perfectly valid alternatives, you just don't have access to the clearnet through them

>>35346

What about JohnDonym? Tor brings a lot of attention to one's self, and a browser built for private clearnet browsing seems like a good middle ground.

>>35343

>uBlock and uMatrix are not maintained by the same person.

>Chris Aljoudi owns uBlock, gorhill owns uBlock Origin and uMatrix.

I don't know why you are bringing that up as a point, not as if it were ever argued against. the point is Both are bad.

>ABP is poorly written and ABE performs exactly the same.

Personally, like a million years ago I used to use adblock plus from wladmir.

then a bunch of "whitelisted by default" advertisements made their way into the addon and defeated the purpose of the addon in the first place. that is when everyone moved to the FORK of adblock plus called Adblock Edge, that was made for the very specific reason of having no whitelisted garbage. It's job was to block ads, nothing more, nothing less. That being said, I perhaps had my previous browsers on different computers very long ago in the past have slow down's with ABP, but I never experienced my browsers have any problems, or did they ever slow down with Adblock Edge.

>uBlock Origin can be used for more than just adblocking but I wouldn't advise it,

I don't care what extra speshul features it has, I don't trust it and I'm never going to use it.

>NoScript and RequestPolicy are king when it comes to browser access controls. >I'm not sure what you have to gain by being so persistently wrong.

But I said I LIKE NoScript and RequestPolicy. are shills slowly becoming retarded?

>betterprivacy

>Flash-cookies (Local Shared Objects, LSO) are pieces of information placed on your computer by a Flash plug-in. Those Super-Cookies are placed in central system folders. They are frequently used like standard browser cookies. Although their thread potential is much higher as of conventional cookies, only few users began to take notice of them.

>The above is taken from BetterPrivacy's about page. BetterPrivacy literally does nothing except delete LSO cookies, which don't exist if flash isn't on your computer. If you have a flash plugin, your browser is not secure. If you don't have a flash plugin, BetterPrivacy is useless and only wastes resources while increasing your attack surface. If you must open swf files, do it in a read-only sandbox with the offline flash player.

That's why the guide specifically mentiones you shouldn't be using flash anyway, but I always keep the addon just in case some screwed up flash cookie is given to me by accident (or intentionally as many aggressive websites tend to do)

>Cookie Manager can be used to modify the cookie settings for individual sites. Firefox doesn't have that capability built in. It's not useless.

I didn't say it was useless.

>>35348

>>35346

the biggest mistake is believing you are 100% secure running what is supposed to be "good software" on really bad and compromised hardware.

>are you using an ordinary computer from an ordinary store?

well you are not 100% secure.

what we really need to do is create free and open source hardware and software.

>>35348

https://anonymous-proxy-servers.net/en/law_enforcement.html

>JonDonym does not make it impossible to uncover individual users

>JonDonym is no technology for preventing law enforcement on the internet.

It all depends upon your threat model, who are your adversaries?

>>35356

>the biggest mistake is believing you are 100% secure running what is supposed to be "good software" on really bad and compromised hardware

You're right in thinking that open hardware and free software is more secure, but even completely open hardware and completely free software systems can be compromised. The US and other governments stockpile zero-days, some of which are for free software no doubt. While you might be far better off running only free software debian on a beaglebone black, or trisquel on a libreboot x200, there are still a plethora of attacks potential adversaries might use. There is no system that is truly 100% secure, new attacks are being found every day.

If you want to see just how far the rabbit hole goes for security…

https://github.com/maqp/tfc-otp

This defeats attacks against encryption, exploitation, and virtually every digital attack vector. If you add a faraday cage to this you can defend against even TEMPEST attacks. At this point the weakest link is going to be your implementation of all of these procedures and physical security. So unless you have the resources to build concrete and steel bunkers set into mountains completely off the grid, this is the best you're going to get.

*And even after all of that this system still has potential weaknesses*

https://iicybersecurity.wordpress.com/2015/07/15/8-technologies-that-can-hack-into-your-offline-computer-and-phone/

You can only do so much to defend yourself against attackers and you will never be perfectly 100% safe, you just have to do the best you can against your known threats. Right now people are using tools that have proven to be secure alongside insecure ones mainly due to ignorance. In addition, people use secure software and use shitty OPSEC. Using GPG to send solidly encrypted messages over i2p isn't going to help you out when you're sending it to an undercover agent. Likewise, using a libreboot laptop with tor isn't going to protect you from shoulder surfers when you're using it in starbucks.

The best thing you can do is educate yourself and start thinking independently.

IPflood is pretty incredible, wish I knew about this earlier

>>35355

>I don't know why you are bringing that up as a point, not as if it were ever argued against.

Actually, you claimed that uBlock and uMatrix were made by the same person.

>the point is Both are bad.

Based on what evidence? I have provided evidence that uBlock Origin is superior to Adblock Plus/Edge. I'm perfectly willing to listen to any reason why I shouldn't use uBlock Origin, since I would like a fast and secure browser which leaks as little information as possible. If you're just going to keep repeating baseless claims then I see no reason for me to continue this discussion.

>something something, i used to use ABP but now I use ABE, it's not slow

We're all aware of the whitelisting issue with ABP, but the only changes made when forking to ABE are whitelist related. ABE and ABP perform the exact same in all tests related to performance. While you might not notice any issues with ABE, it is still poorly written and sometimes performs worse than no adblocker at all.

>But I said I LIKE NoScript and RequestPolicy. are shills slowly becoming retarded?

I know you did. You're overly defensive and have trouble understanding when I'm agreeing with you. They are the most essential addons for any web browser,

>That's why the guide specifically mentiones you shouldn't be using flash anyway, but I always keep the addon just in case some screwed up flash cookie is given to me by accident (or intentionally as many aggressive websites tend to do)

Are you aware that you cannot get a flash cookie if you don't have flash? What you are talking about is beyond the realm of the possible. LSO's are generated by a swf running inside the flash player, web sites do not create or transmit them and your browser is not capable of storing them, end of story.

>I didn't say it was useless.

Neither did I, and I didn't imply that you did. I was just explaining why it's not useless so that other users would have a better understanding.

Any /cyber/ anons have techniques for evading browser fingerprinting? Is there some way of denying websites knowledge of what plugins etc you're running? Would this even be desirable? Because right now I'm feeling pretty snookered.

>>35382

using tor

>>35360

>This defeats exploitation

It's not as simple as that. Read the threat model from white paper or blog posts:

https://maqp3d.wordpress.com/2015/09/28/bulk-cne/

https://maqp3d.wordpress.com/2015/09/29/end-point-security/

https://maqp3d.wordpress.com/2015/09/29/tfc-cev/

RE: Potential weaknesses

#1 TEMPEST

It's not part of the original threat model. This is physical close proximity surveillance. A Faraday cage should fix it.

#2 Power consumption

Make sure everything behind data diode is battery-powered.

#4 Smartphone accelerator

Keep the smartphone in fridge. This should also block FM reception.

#5 Tracking via motion sensor

Maybe relevant when exchanging keyfiles. Leave cellphones at home.

#6 Keyboard monitoring

elecrtical: battery operated TCBs.

visual: Snowden's got this http://i.stack.imgur.com/bDeLe.png

#7 Heat

Again, targeted attack, requires LoS.

#8 Ultrasound

Not sure if you can make a netbook / SoC emit them. Hiding the feature to familiar circuit might be hard, though the transmitter could be covert. Interdiction is a serious problem.

-maqp

>>35382

>>35388

Is the best answer, even things like your screen size are potentially identifying. At the very least the tor browser looks the same everywhere.

>>35452

TBB warns the user about changing the size of window.

Check how identifiable your browser is here https://panopticlick.eff.org/

>>35428

Do note that I was referring to digital attack vectors and was trying to make the point that even if you have a theoretically perfect digital setup with a perfect encryption scheme and perfectly isolated computing systems you are still vulnerable to physical attacks, some of which are absolutely unbelievable to someone who has never heard of things like Van Eck phreaking. I know the first time I ever heard about these attacks I just wanted to throw every electrical device I owned in the trash and go innawoods. To think that even if you use a one-time-pad and digital diodes to prevent attackers from being able to exfiltrate data you can still be exploited by the FBI van across the street listening to the fucking electromagnetic radiation of your house…

The link for the air-gap vulnerabilities wasn't intended to be an exact list of potential weaknesses but more to show ways that this system can be broken if you don't know of these attacks. It's not like you're going to be using a smartphone to send TFC-OTP chat messages. And like I mentioned before, new attacks are being discovered every day, you can hardly defend yourself against attacks you've never heard of.

I'm sure if someone had the resources to setup an implementation of TFC-OTP properly they would use appropriate measures to protect against all of those physical attacks as is outlined in the whitepaper and more. [faraday cage, soundproof room with no windows, physical locks on doors, proper OPSEC when it came to defending your house, using an off-grid power supply for all devices behind data-diodes, etc] But all of that is well beyond anybody that isn't proud to wear their tinfoil hat. The best thing to do is to educate yourself, learn just what's going on under the hood, understand why you shouldn't use short passwords, why you should use encryption, why you should use GNU/linux or BSD, how hackers might be able to attack you and what you can do to prevent that from happening and so forth.

>>35460

>you can still be exploited by the FBI van across the street listening to the fucking electromagnetic radiation of your house.

If you trust the RxM hasn't been exploited in a way it shows different ciphertext, you could edit the software to do OTP say, mod 26.

You could then do OTP by hand provided that you have a way to tamper-evidently store the pad and a way to detstroy messages and pad. This approach is TEMPEST proof.

>wasn't intended to be an exact list of potential weaknesses–

Naturally. TFC addresses many known unknowns and possibly even some unknown unknowns – not all; Users need to create an informed threat model.

I don't think you should be choosing between whether you use TFC with every additional layer or whether you don't use the tool at all. Choose between the ways you're going to secure the physical environment. Tails is a great way to anonymize your identity and physical location, it doesn't necessarily protect your endpoint from compromise. TFC does that. If you're using

TFC through Tails, you just might be able to hide your physical location, so the combination it's all you need. Most of XMPP-servers are reached via exit nodes, yet some operate as hidden services; You should use them. I'm looking into integrating NH.py features with Ricochet that uses more decentralized approach inside Tor network. The developer seems to be busy with his work atm.

The most important thing is to ensure the separation of TxM and RxM. If you use netbooks as TxM and RxM, you already have battery operated devices, so there's very little to do apart from removing the sensors etc.

Secure communication isn't just about principle and basic human rights, many people depend on these tools with their lives. It would also appear mass surveillance is expanding to bulk CNE, where anyone's computer can be exploited in the future. TFC remains for now, the only tool that keeps you safe from this modern panopticon.

Can someone explain to me what's wrong with uBlock Origin? I see people complain everywhere but no one tells me why it's actually bad.

>>35533

There is a line between "using free software to stay safe", and "being a filthy hipster who just HAS to be different". The people claiming that uBO is bad crossed that line long ago, and now that it's becoming FOTM, are spreading disinfo simply because it makes them more hip in their own eyes, and purist in the eyes of other freetards. So people swallow it without a second thought.

>>35537

So there's nothing wrong with it and its the work of a handful of lone trolls. Makes since considering the posting patterns (seems like there are only one or two shazbots repeating the same shit baselessly).

>>35455

https://panopticlick.eff.org/

>Currently, we estimate that your browser has a fingerprint that conveys . bits of identifying information.

only useful if those bits of information are in anyway actually correct.

>>35533

>doesn't read the OP

>acts like a dumbass

>>35537

>>35542

>>35533

hello shills

https://media.8ch.net/cyber/src/1445341808336.png

>>35655

I read the OP, pic in the OP and link in the OP. Discussion is becoming ridicilous right now, because no one answered what is wrong with ublock.

Rephrasing for autists:

– What is wrong with ublock?

– Don't you know? Its shills. Shills!!!

Please don't answer anymore, prevent yourself from zashquaring even more

>>35658

you can leave now, shill.

>>35655

>>35649

Given your fervor in pushing people away from what appears to be a good ad blocker, it makes me wonder if you might be the shill here.

>>35662

so you didn't read the OP

>>35665

>didn't even read the OP intensifies

>keeps saying they don't trust OP

>OP points them to the guide they stupidly refuse to read

>they keep not reading the guide and complaining

GET OUT

>>35666

NO U

>>35663

>>35666

I did, and the OP guide says nothing about why it's bad, only that you should use an adblock fork with worse performance that's not being updated anymore.

Fuck off back to doubleclick or wherever you came from, shill.

pretty good list of addons, i don't know/need all of them though.

ad blockers are entirely useless imho.

evil ads are blocked through refcontrol/noscript already and if there are any tracking methods left then Disconnect (which is missing on the list) should take care of that, or is there reason to distrust that too?

>>35864

Fuck off shazbot

>>35722

I believe Disconnect is just a more botnetty RequestPolicy

>>35866

why are you disagreeing with me, and then going on to say disconnect sucks? I'm on your side aren't I? OP mentions how bad disconnect is.

Modified hosts lists save you a lot of hassle.

For everything else (i.e. youtube ads and the ilk) Really, any adblock extension should do the work, but go with something you can view the sourcecode of if you're actually paranoid.

>>35041

well OP, I installed literally everything in that list and broke my icecat so it just crashes every time I open it

10/10

>>35943

Setting up hosts list is a pain though.

And my PC's keep breaking ~once a year, so I just can't be bothered even to install an ad blocking plugin anymore.

So is hating uBlock Origin just some ebin meme or is there actually something wrong with it?

>inb4 shill

>>41903

All I found is that current uBlock maintainer is a twat.

Nothing on uBlock Origin, though. Guess it gets flak just by association.

>Tfw you don't know shit about this

It's depressing, in order to understand this i should be studying a shitton of computer theory.

I'm already doing it, but it feels really bad knowing that you must learn all this shit just to enjoy privacy.

I hate that i chose chemical engineering as a major, if i had chosen CS or some engineering related to pcs i could understand this better.

>>41908

Nothing's stopping you from learning. Computers are more complicated than just learning CS. I'm bad at networking and penetration testing just because I prefer to write code and work on FOSS and personal projects. Just because you want to be smart and actually be safe doesn't mean you have to go full blown autist.

>>41910

By the way, i have started learning C some months ago, and assembly. I've been reading on networking too.

My idea is to be able to REALLY understand what's going on on my pc. Because i feel like blindly following guides on the Internet could fuck my shit up too, even if i trust the chans a bit more that the propaganda bloated mainstream.

Do you think i'm wasting my time?

>>41949

Not in my mind, but I'm biased towards encouraging people to learn about computers and shit.

bump

Any copperheadOS users here?

>V.2

Where is version V.1?

>>49603

In the hell of outdated guides.

Something up to date would be:

uBlock Origin

Pretty much no competition here, although Pale Moon has some unique options and some browsers have their own implementation (See Brave, Qupzilla, etc).

Https-Everywhere

Pointless these days since now most of the web is https, and those that aren't just don't have the capabilities implemented. Thus you'd be giving a certain entity a log of every site you visit just to get a few more sites with partially implemented https working for your browser.

Classic Theme Restorer

Is mostly a question of preference on Firefox Forks.

uMatrix

Recommended versus NoScript, since the latter has fallen behind in development and catching up with new features. +Request Policy is dead.

Plenty of good cookie destruction options out there. Pick your favorite, but get ONE.

TrackMeNot is a meme, just get an Agent Spoofer.

>>35147

Can you show where or how IP6 was designed to be more secure? IP6 borked expertise on IPv4 that existed, people misconfigure stack, and are unaware a stack is even operating and don't firewall ip6. IP6 doesn't feature any additional auth or condfidentiality features. Its not more reliable than 4. (Thats CIA triad right there). IP6 is based on the idea of not having have nat, and connecting each host directly to internet which requires better host security.

There are enhancements to IP through IPSEC that have authentication (AH), or encryption features. IP6 isn't magic, and requires additional expertise to be used securely.

>>43240

Yes. Disappointed with it tho.

>>>/poltech/

They need this as well

>>35041

This issue with threads like these is that they always get the base-line fine, but only rarely do they ever rise above it much at all. Like yes, 101, install Ublock and noScript or whatever.

I wish there were more of these related to a higher level discussion and with a much higher level of actual advice for facing off against high level threat actors.

I want to know how to manually disable kernel modules to stop firewire attacks, not how to install browser addons.

>>50760

Agreed. We have a shitload of guides/infographics for the basic stuff.

How about some advanced shit? Hardening a personal Unix, encrypting your disk in the first place, stripping your kernel of shit you don't need and potential security holes?

How about some information on what you can't changed but should know about (IME & Co.), as well as limits on personal hardening imposed by laws?

Basic stuff is probably the only stuff that will fit in a simple infographic.

Someone would have to put effort into a guide which only ~5 people will ever use.

Basic stuff requires less effort and more people will use it.

I still agree though; a catalog of basic/advanced infographics and guides would be nice.

>>50767

>>50772

Simplified guide books would work

>>50772

>>50868

Well, let's get to it. Someone could create a repository on Bitbucket/Github (have the man host the guides to evade the man) and we could just add the stuff as markup files.

This board's usually all bickering and no doing, wanna change that?

>>50869

get in and start the school bus #school:matrix.ordoevangelistarum.com

>>50868

I'd consider making a bunch of pdfs if /cyber/ made a list of useful things to know.

>>50998

I don't have materials for you but I know what's important so you can start looking:

-Explain the implications of Snowden documents. Collect good articles published by The Intercept for example. Wikipedia has good summaries too "Global Surveillance Disclosures (2013-)".

-Explain what free and open source software is. Explain how it's better than open source (because it emphasizes responsibility of developer and freedom of user over freedom of developer to do whatever they want). Maybe put the context of freedom in "ethics vs anarchy". Explain how it's easier to verify what the software is actually doing.

-Explain how proprietary operating systems can not be verified and thus can not be trusted. Explain how it's especially the case with Windows, that's a service (making brouzouf by spying on its users like Facebook). Explain why Linux, BSD and last but not least, OSX are superior choices over Windows.

-Make guide for Full Disk Encryption with different operating systems.

-Explain why SSL is not proper encryption in situations where server is not the destination, but ill-advicedly trusted middle-point between user and their contact who are exchanging information. Explain how end-to-end encryption protects user from server.

-Make guide for end-to-end encrypted messaging with good communication apps like Signal and Wire (and not apps like Tox written by amateurs, not proprietary apps like iMessage, Wickr and Threema, and definitely not incomplete apps like Telegram or Riot/Matrix with E2EE disabled by default).

-Explain difference between content and metadata. Explain importance of metadata in surveillance. Watch e.g. http://agoodamerican.org/ to get a good grasp on the topic. Explain implications of Signal not protecting your metadata.

-Explain why native clients are more secure than JS downloaded over every session using just SSL.

-Explain why PGP in 2018 is a bad choice. Explain what are forward secrecy and deniability and why they are needed.

-Explain why VPNs are nothing but glorified proxies, useful only against local hackers in e.g. airports, doing things like ARP/DNS poisoning or SSL-stripping or HTTP eavesdropping. Explain how Tor is anonymity through technology, and VPN is "anonymity" through VPN provider's policy. Explain the legal implications of that. Explain that MPAA is different threat model than government looking for dissidents. Explain that while MPAA maybe can't walk over jurisdictions and while VPN protects people downloading torrents from them, NSAs of this world do not play by the same rules. To them VPN is not even a challenge. Tor however is. Back this up with NSA's Tor Sticks slides.

-Show how much tracking takes place with Firefox Lightbeam by Mozilla.

-Show how difficult it is to make normal browser blend in (i.e. appear non-unique) with https://panopticlick.eff.org and show how Tor browser succeeds in that. Explain why that's important.

-Make guide for anonymous browsing with Tor. Check Tor's FAQ for risks involved with anonymous browsing. Make sure to include those.

-Explain Tor hidden services and their implications regarding server's non-existent IP logs.

-Explain importance of whistle-blowing sites like https://securedrop.org/ for healthy democracy and how Tor helps in that context.

-Make guide for anonymous (metadata-free) chats with Ricochet.

-Make guide for anonymous file sharing with OnionShare.

-Explain Man-In-The-Middle attacks and importance of public key fingerprints in messaging apps. Explain why authenticity of OnionShare or hidden service URL, RicochetID and Signal fingerprint are so important.

-Link to good resources like https://ssd.eff.org/

>>50772

If you can't make your buddy use super secure messaging apps then they are a bottleneck in your overall security. But even if they use insecure comms apps, a good hardened OS is always better than a Windows with its telemetry features.

I think people here should look into Qubes-OS if they want more security before looking into stripping modules from their Kernel.

>>51004

You guys mistake 'friend' for 'accomplice'. You talk to your friends on Facebook. You don't talk to your accomplice online, at all, unless you have to and then you do it securely.

But, to have an accomplice, you need to have done something. Then, had someone else give enough of a shit about it to have done it with you. Then, have it be big and complex enough to have actually needed to discuss it.

None of you motherfuckers do anything, ever, so we all know you got no accomplices and belong on Facebook with all the other bitch ass pussies that don't do shit.

>>51006

Your logic is faulty because you assume getting people off facebook to better alternatives isn't doing something meaningful in itself.

It's you who isn't getting anything accomplished. It's you who's whining here, telling No True Scotsman talks to accomplice online.

It's not like you can find accomplices online if you don't get close to them, and it's not like you can get close to anyone in monitored chats of Facebook.