/tech/ - Technology★

>addons

uBlock Origin in advanced mode, disabled js by default, disabled 3rd party scripts and frames by default. you really don't need anything else on your normie compartment browser other than maybe httpsEverywhere and uMatrix. on your private browser uBO + HTTPSEverywhere.

>realtime clock

>screen resolution

You can't get this without javascript.

privacy.resistFingerprinting = true -> fixes both issues on Firefox and is enabled on Tor by default. You just have to keep your window size at 1000x700 (like Tor) or 1366x768 since it's the most common resolution aside from 1080p.

>canvas

Also fixed with the above config or one of the other configs from privacytools.io.

>webRTC

media.peerconnection.enabled = false

>re-adjusting system clock

Pointless. Just keep it at GMT/0 like it is when you enable fingerprint protection.

>VPNs

Never use them, they're a scam. The less than 5 providers that may not be a scam are still not worth using since a VPN does absolutely nothing for privacy.

>webRTC and screen resolution tracking without JS

Are you retarded?

Also reminder to put your most frequently used sites into your host file.

>>1046941 uhhm anon what?

>VPN are scams

Im open to hear more on this if you dont mind. This is not an attack on what you know. But rather curiosity.

Ive been using Protonvpn-free. It has 5 servers and they work on my ethernet connection, no leaks. How ever I dont trust it for anything that would be totally absolutely illegal, but for browsing forums, i use it.

>resolution

isn't 1920x1080 more common resolution?

>>1047447

Not that anon but VPN truly does nothing for privacy. In the end you will still be giving your browser traffic data to a third party.

>>1047447

not that anon either but there is really no reason to use a vpn and a lot of reasons not to.

>>1047454>>1047450 This does make sense, I mean the data of what im searching has to be stored somewhere. Damn it. Another red pill, so cringy I thought I was safe.

Any alternatives for covery up trails? I'm using tor and I use icecat, but thats pretty much all I know.

>>1046924 (OP)

>>tor

>Are you that stupid?

Please enlighten me.

Is there current pasta from this year on a good base level, secure, FF about:config?

Thanks,

-anon

>>1047447

You're just mitigating your browsing history from your ISP to your VPN provider and their ISP. Though their ISP is usually unable to figure out what sites you yourself visited unless the VPN keeps logs or lets a 3rd party keep logs. In the end, what the hell did you achieve by all this? Browsing forums or doing anything that isn't illegal in your country doesn't need a VPN.

Anything hosted in 14 eye countries or countries cooperating with 14 eyes is a scam by default. ProtonVPN is among those countries, so you yourself are fucked already. And you should never trust a free proprietary service with your data.

Your actual privacy still depends on your browser being configured in a way that it's not fingerprintable, so you must use Firefox or something based on it, using a properly configured user.js, along with uBO and blocking js by default. You should also block the domains of Google, Facebook, Cloudflare and Microsoft.

VPNs are a scam because they promise a lot, but actually deliver very, VERY little. Anything they shill they can do you can achieve for free using Tor (or Tribler for torrents) and remain actually anonymous unless you fuck up.

https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/

https://restoreprivacy.com/vpn-logs-lies/

>>1047448

If you have a 1200p+ screen then sure.

The way resolution spoofing works is by telling the website that your browser window size = your resolution. Anyone with a 1080p or lower resolution is forced to use 768p or 700p if they want to spoof the resolution. Tor uses the 1000x700 resolution because it's small enough to fit your desktop space on a large majority of screens no matter where your panel/task bar is. If you're not using Tor then you might as well spoof a 768p or 1080p resolution, whichever you can fit onto your display.

The thing is your browser window size is always readable, no matter if you spoof your resolution or not. This means that if you maximize your window the websites will be able to tell how big your panel/task bar or title bar are. If they cared enough they could use this to figure out which desktop environment you have (if you're on Linux) or which version of windows you have (if you're on windows). People who modify their UI by moving or resizing the panel or title bar are then far easier to fingerprint. Even having the menu bar open reduces your inner window size.

>>1047488

user.js on github or this https://spyware.neocities.org/guides/firefox.html

Also see this: https://www.invidio.us/watch?v=lLessJ4R6w8

You should compartmentalize. He recommends Brave along with Firefox, but you can have 2 separate Firefox instances "installed". Download Firefox from their website and extract the archive into two locations and use each instance separately. Or just use Tor for everything where you aren't actively revealing your identity, and Firefox for everything else.

Is it safe to install Flash in a separate Firefox profile? There is one website I must use that requires flash. Are there risks when a Flash program is not running?

>>1047529

Thanks anon. I needed something in addition to Tor so I'm not running naked in the clearnet streets.

>>1047544

No, it's not. Flash player makes your OS vulnerable, not just the browser. https://www.invidio.us/watch?v=cyCLMp2rR0c

If it's not running then it's """safe""", but an exploit can be used to silently trigger flash and make you fully vulnerable. You can literally gain full control over an OS using flash player. Don't ever put it on your system, except *maybe* in a VM.

OP is a confirmed LEA nigger

he markets all this meme-shit that doesn't help in privacy, while ignoring Tor Browser and Tor

>What add-ons/extensions does anon use to enhance anonymity and protection against trackers/fingerprinting?

you don't, nigger. you install Tor Browser which already has that protection

>They can literally track your screen resolution, realtime clock, and user agent even if you spoofed them.

they cannot if you use Tor Browser on Safest setting (disabled javascript)

>without premium proxies

premium proxies are honeypot and don't protect from anything

you are nigger who sells premium proxies and you want use to buy them from you

also, if they are premium that means you have to pay for them and give them payment info (credit card etc)

>In case you stopped being bareip they will only need to track your canvas and other bloat 'renderer' fingerprints or make use of clever unpatched bugs or intentionally merged exploits tend to be used for the likes of anon.

they cannot use canvas if you use Tor Browser

>In case you blocked JS/cookies and the rest of the baddies, they'll just resort to tracking you by DNS/IP/webrtc(chrome niggers) and header/packet infos/date&time that you probably won't even bother changing.

DNS tracking doesn't work with Tor Browser, because DNS requests are made on Tor exit node, not locally

webrtc is disabled in Tor Browser

>So you finally learned how make your own VPN or tunnel everything to your remote rogue circuits. Good.

that's not good, that's fucking stupid. you will be the only person using your VPN. and how do you want to pay for VPS without leaking who you are?

>inb4 tor

>Are you that stupid? Though, I already know the answer.

reported

Arthur Edelstein

Tor Project

https://torproject.org

>>1047488

>Is there current pasta from this year on a good base level, secure, FF about:config?

Tor Browser contains those

>>1047523

>VPNs are a scam because they promise a lot, but actually deliver very, VERY little. Anything they shill they can do you can achieve for free using Tor (or Tribler for torrents) and remain actually anonymous unless you fuck up.

you can do that and a lot more with Tor Browser

Tor Browser will use different IP for every website you visit. VPN will give you same IP for all websites that you opened

>>1047488

https://github.com/pyllyukko/user.js/blob/master/user.js

>>1047692

I asked for a base FF config because you shouldn't use Tor for everything you do online. If you do, you're an idiot.

>>1047523

ah, that makes sense. how about fullscreen mode? doesn't that set your resolution to 1920x1080 and resizes only when you access default sized top bar?

>>1047776

Yeah, but it's not worth being in full screen when you can't access the url bar without revealing you're faking the resolution. The size of your top bar might be different depending on the OS, your browser's layout if you customised it and your desktop environment/system theme.

Someone give me an absolute answer on the FF SWJ meme. Is it compromised, as the devs are total libcucks (or so I hear). Given that FF IS run by SJWs, what should and shouldn't one use FF for, if anything at all? Perhaps forks of FF?

Trying to find more browsers to compartmentalize my browsing. Ex: use browser A for searching A content, using B browser for searching B content, C browser for strictly only downloads, D browser only for signing in on accounts, etc.

In FF's context, being that it is highly customizable with adons and aboutconfig's settings, it can block tracking from (((corporate entities))) I would think then that FF would be good for hiding non political activity / purchases where entities seek to create a unique fingerprint on you.

Any Anons use browsers in this fashion, that is compartmentalize their activity between them? Is it a useful way to use browsers?

brave has device recognition blocking built in, and also tor. there's no reason to use tor browser in current year.

>>1047933

Firefox isn't compromised. The default settings are somewhat spyware-like. Tor fixes this. IceCat fixes this. Librefox and user.js fix this. You can change the about config settings yourself.

>Is it a useful way to use browsers?

Yes, but only if you use it correctly. In your case, A and B content searches could be 2 different Tor browsers, your C could be Firefox or Tor browser with lowest security setting, your D could be Firefox or Brave.

>>1047942

Are you fucking retarded or just shitposting? Brave's Tor tabs are useless and completely miss the point since the browser has no anti-fingerprinting (that works). You're uniquely identified and with the lack of addons in the Tor profile you can't do shit to protect yourself. The Tor profile is just a glorified proxy.

>>1047951

>the browser has no anti-fingerprinting (that works).

You have no clue what you're talking about.

>using addons

>with tor

Confirmed 20 IQ.

>>1047933

What's more concerning than ot being SJW'd is it being Soros'd

>>1047704

>I asked for a base FF config because you shouldn't use Tor for everything you do online. If you do, you're an idiot.

you should use it for everything. if you don't, you are idiot

>>1047933

do not use firefox, use Tor Browser

>>1047942

>brave has device recognition blocking built in, and also tor. there's no reason to use tor browser in current year.

Tor Browser is not only about Tor network but it has many features against fingerprinting. using Brave with Tor is very stupid

check your stupid Brave here https://panopticlick.eff.org/ then compare Tor Browser's result

paranoid tinfoil hermits. smh.

like usual /tech/ repeats security mantras without even understanding them.

it's perfectly fine to use tor with your customized browser if your goal is just to anonymize your IP in order that some random dickweed mod off some stupid forum doesn't get it. Fingerprinting doesn't matter for shit in this case. It's also fine for visiting most non-illegal or technically-illegal-but-nobody-really-gives-a-shit (like piracy) .onion addresses. People go to such places without any anonymizing and nothing happens.

Also while it's true that your fingerprint could single you out when accessing various sites that use cloud services, in reality that doesn't really matter either if that fingerprint can't be connected to an identity. They might at best know it's the same dude but will still not know who that dude is. Of course, you shouldn't access sites via Tor with accounts that can be linked to your real identity then and should follow basic opsec rules.

Also, literally nobody cares about you shitposting on 8ch how Hitler did nothing wrong either. Fucking tinfoil basement dwellers indeed.

>>1048022

This.

Also Tor devs themselves recommend some addons in their FAQ and documentation.

RequestPolicy is fucking great for privacy and also keeps you safe. RefControl is neat too, so you don't leak which website you're coming from when clicking a link.

>>1048026

Did they finally make webextensions version of those add-ons? I used to used them before quantum, but couldn't find replacements for awhile

>>1048035

>Did they finally make webextensions version of those add-ons?

idk, i stopped updating for various reasons, i just occasionally update the tor binary :-/

I'm sure someone updated or recreated them by now. But fuck web browsers.

>>1048022

>>1048026

It defeats the fucking purpose, you idiots. The whole point is to have many indistinguishable and identical browsers. If everyone just used Brave or whatever the fuck browser then they're putting people who need anonymity at risk by reducing the number of non-unique browsers on the network. Maybe it's true that most Tor users aren't doing anything highly illegal either globally or in their country, but that doesn't mean that those people should just use Brave.

The strength of Tor is in numbers. If you suddenly only have 50 people who use anti-fingerprinting while 50000 don't then it's easy to find the 50 users.

>postin from Federal Way, Washington

Beat that plebs

>>1048038

Moron, if you connect to facebook.com on every fucking website you visit because none of your addons blocks connections to other domains then they can track you way easier.

WHICH IS WHY TOR DEVS AND COMMUNITY RECOMMEND CERTAIN PRIVACY-ENHANCING ADDONS.

Obviously if you enable javascript then those can be used to fingerprint you, but if you enable js you have other problems.

>>1048014

>paranoid tinfoil hermits. smh.

Fuck off back to /pol/

>>1047998

Yup, you're a dumbass. I cant wait for you to get Honeypot'd by some dirty exit node . Learn to read up on things instead of blindly following them: https://www.helpnetsecurity.com/2015/06/26/researcher-tests-tor-exit-nodes-finds-not-all-operators-can-be-trusted/

>>1048089

Again old news, idk why it was rehashed in 2015.

Again you forgot that tor takes precautions, in this case by using several hops instead of directly connecting to the exit node.

Unlike proxies, vpn and clearnet.

And again you forgot to post a safer alternative.

Are you shitposting here because KC is geoblocking gerfags today? Use Tor.

>>1048107

>old news

>rehashes how tor works but doesnt understand everything is decrypted at the exit node to be sent out to clearnet.

Fuckin' zoomers these days. The technology didn't change ya dindu.

>>1048116

dont use it as proxy then

>>1046924 (OP)

imagine not having your clock set to UTC

>>1048116

What are you talking about and who doesn't understand that tor doesn't magically keep your data encrypted until it reaches the clearnet destination?

>>1048149

Read the previous posts you lazy cunt

>>1048263

>Read the previous posts you lazy cunt

Are you retarded?

Nowhere in this entire thread does anyone, excluding you (OP), fail to understand the basic concept of tor.

You again forgot to post the uber-safe alternative to tor that you are using, glownigger.

>>1049032

>Arbitrarily calls people glowniggers

I dont think you understand how this works.

>>1049109

Buzzwords work because they are nebulous by definition. That's the reason why you can apply it to anything. If you don't like the ideas of a particular post, then you're a cuck soyboy glownigger kike shill.

>>1049117

That's how you win arguments around here. Just call someone a cuck, commie, /leftypol/, shill, kike, fbi, nigger, racemixer, neet, jew lover, jidf, faggot etc. Whoever get's accused of being a boogyman first loses, you kike

>>1047523

I get my internet shut off by my ISP the second I try torrenting something copyrighted without a VPN and obviously torrenting through TOR is a retarded idea. What would you propose?

At home, you should install VPN on your router not your PC. You'll get better performance, no DNS leaks, and fewer glitches.

>>1049150

>I get my internet shut off by my ISP the second I try torrenting something copyrighted without a VPN

No.

>and obviously torrenting through TOR is a retarded idea.

Yes but no.

>What would you propose?

Tell your family.

Tell your family.

They will understand.

Everyone can get tricked into doing horrible things, even becoming a shill.

Ask them for help, support and protection and they will get you out of this shit.

Same advice to all other glowniggers shitposting their anti-tor-bs.

Also, speaking as someone who has been absent for some time... The glownigger meme is one of the few really good ones that popped up in recent years.

Check out the ED article about those guys, it's pure win.

>>1049150

Tor to find magnet links or torrent files, Tribler to torrent.

>>1049117

Gtfo here /pol/

>>1046924 (OP)

>So you finally learned how make your own VPN or tunnel everything to your remote rogue circuits. Good. But sooner or later you'll find out your network, browser, or OS was parallel-phoning to something else because they've cracked your encryption or your browser/connection was rigged (or nigged like the most).

stfu nigger. >>>/4cuck/g