Bongocat
kiwifarms.net
- Joined
- Jun 20, 2020
The Online Privacy/Security Thread
- Thread starter Dread First
- Start date
-
🐕 I am attempting to get the site runnning as fast as possible. If you are experiencing slow page load times, please report it.
- Joined
- Jun 24, 2020
If you’re super into privacy this setup is as good as you can get and be on the internet
they also have a great wiki for good opsec for just about any case.
they also have a great wiki for good opsec for just about any case.
Garm
kiwifarms.net
- Joined
- Jun 5, 2019
I know I talk about this a lot but have you guys reviewed the FreedomBox stuff?
www.freedombox.com
I know enough about computers to get in trouble but not enough to know if that does a decent job.
www.freedombox.com
I know enough about computers to get in trouble but not enough to know if that does a decent job.
ItsTheShitt
kiwifarms.net
- Joined
- Feb 18, 2021
Dead link, I think you meant freedombox.org
It seems to be an easy way for normies to host free services like MediaWiki, Gitweb, my fav I2P, and more
It's a good project, hope it gets popular
- Joined
- Mar 17, 2019
I've done this with a Lenovo Chromebook past ChromeOS EOL.
There's a guy who does coreboot FW development in an easy package for a wide variety of Chromebooks. Possibly the only coreboot developer who isn't a MTF tranny. You generally have to open 'er up and toggle a jumper or remove a screw to open up FW flashes to allow this, which I would recommend researching for a specific model especially if you're buying it to do this with, but it's all done in quite an easy way.
MrChromebox.tech
MrChromebox.tech : Custom coreboot firmware and firmware utilities for your Chromebook/Chromebox
mrchromebox.tech
- Joined
- Aug 5, 2019
- Joined
- Nov 28, 2018
What makes you think that? I've heard a lot of people say it's a botnet and full of spyware, but I genuinely want to know why?
- Joined
- Sep 9, 2019
What is? Neither one really can be to my knowledge.
Ungoogled Chromium is debotnetted, it does not phone in to google or anyone else for that matter and its code is up on github for all to see.
Ublock is a adblock script manager, and a powerful one at that. Vital to security on the modern web. I imagine it does phone home, but only to keep itself and its scripts updated.
- Joined
- Nov 28, 2018
Sorry I meant to specify about Brave. I had a look at some stuff about Brave having spooky spyware on it, but all it was was external libraries, fonts, and the Brave BAT system doing affiliate link checks from time to time. Although the section about telemetry was slightly concerning, it can be manually turned off (using Wireshark you can see there's no more messages being sent out to static1.brave.com anymore).
Plus Brave is open-source also.
need shoeonhead nudes
kiwifarms.net
- Joined
- Jan 30, 2021
- Joined
- Aug 5, 2019
I get the feeling that people who claim that are turbo autists who value theoretical privacy over pragmatism. I'm all for infosec but I'm not gonna avoid 90% of the modern Internet because muh spyware botnet concerns.
- Joined
- Dec 7, 2020
- Joined
- Aug 13, 2020
A few easily actionable steps you can take that I didn't see mentioned here:
- Disable WebRTC, because it can reveal your real IP address, it can even evade VPN software in some cases. The website has to decide to use it but if someone can trick you into going to a webpage they control, they can get your IP address.
- Regular DNS is plain-text, so anyone who can observe your traffic (your ISP, government, etc) can trivially find out what domain name you are going to, even if you see HTTPS in the browser bar
- You can use DNS over HTTPS if you think you can trust the providers of the services in question. You probably can't fully but it's probably better if the service is in another jurisdiction.
- Use a separate browser profile for browsing you don't want connected to your main profile - use your personal gmail account on a different browser profile to the one you browse KF on for example. Of course, you're still browsing from the same IP address but it could be someone else on your network so it's not as likely for the traffic to be linked to your profile.
- Joined
- Apr 29, 2021
I know someone who torrented a Game of Thrones file both with and without Mullvad.
He got a notice from his ISP without Mullvad on, and no notice when he used Mullvad.
- Joined
- Aug 13, 2020
Perhaps you know this already but for those that don't, the systems that do this are largely automated these days. Effectively it works like so:
- Someone uploads a torrent
- Anti-piracy firm connects to the tracker and sees you downloading a torrent they care about
- They find the IP address, look up the ISP's ASN and send an email to an abuse or anti-piracy contact (I assume the message has an attachment follows some sort of data driven format like CSV that is easily parseable)
- The ISP automatically sends you a message to knock it off
- Optionally the anti-piracy firm subpoenas the ISP and tries to sue you but this doesn't seem to happen so much these days
I would trust a VPN for my regular thoughtcrime posting and for civil offences like torrenting but you must know that nothing is bulletproof and if you use it to perform acts that are actually illegal then you are still taking a serious risk. I would expect intelligence organisations to attempt to compromise major VPN services (by turning individual employees for example), and there are potential temporary takeover methods on Tor, although I don't know how workable they are today.
- Joined
- Dec 16, 2019
You can use dnscrypt-proxy to send encrypted DNS requests to a customizable list of DNS servers.
You can use public invidious, nitter, libreddit, and searx instances to proxy requests to popular websites and search engines. If you're autistic enough you can hop instances for each thing you do (search, video watch, etc.) so the people hosting each instance have only get a fragment of your activity.
Tangentially related but firejail (linux only) can isolate programs into sandboxes that have very fine-grained customization (deny access to the network, allow access to certain files, replace certain folders with other folders, allow only certain binaries to be executed, etc.). Useful for denying programs the ability to phone home if you're suspicious, and I assume it can mitigate the impact of any security holes in software by denying it access to your filesystem or the internet.
You can use public invidious, nitter, libreddit, and searx instances to proxy requests to popular websites and search engines. If you're autistic enough you can hop instances for each thing you do (search, video watch, etc.) so the people hosting each instance have only get a fragment of your activity.
Tangentially related but firejail (linux only) can isolate programs into sandboxes that have very fine-grained customization (deny access to the network, allow access to certain files, replace certain folders with other folders, allow only certain binaries to be executed, etc.). Useful for denying programs the ability to phone home if you're suspicious, and I assume it can mitigate the impact of any security holes in software by denying it access to your filesystem or the internet.
- Joined
- May 6, 2020
Yep. Can pull trusted ones from OpenBuildService or just build yourself, which is what I'm doing. Brave is garbage.
- Joined
- Mar 17, 2019
duh
lol
yes, you could use it for normie shit like that if youj must, but obviously it isn't real protection for anything important
- Joined
- Aug 16, 2020
You don't have to, but there are more and more hoops necessary to balance convenience and privacy.
- VPN
- Secured browser (lots of room for personal preference)
- Picky on software and services used on personal devices due to telemetry
- Track all online accounts you have and their account details
- Block ads
- Block trackers
- Use a javascript whitelist
- Don't use Windows
- Don't use certain online services (social media, linkedin (aka job facebook), discord, google, etc)
- Don't use stock Android (limits phones you can buy)
- Block bullshit DNS requests (another form of online tracking)
- Varied email accounts for varied services
If you’re super into privacy this setup is as good as you can get and be on the internet
they also have a great wiki for good opsec for just about any case.
Played around with this after Mental Outlaws video on it and it's pretty cool, I like it. It's like a comfy blanket reassuring me that anything I do in the VM is definitely going through Tor and it's super easy to set up. The only downside is it is relatively resource-heavy since you have to run 2 VMs but neither of them need much to work well.
Last edited:
Kill a Troon for Pikamee
kiwifarms.net
- Joined
- Feb 25, 2021
Unearthing this to ask some questions. The fat Linux fag deciding he's a tranny made me decide to learn some Linux stuff because I want to be as cool as a morbidly obese Linux tranny. Since KF went fullw Tor I got into the habit of using the brave Tor tab for almost everything I do on the internet but I want to become more paranoid and my motivation is pure spite (glowies seethe if you're invisible)
My main thing is that I want to procure a separate laptop and give it a maximum schizo setup. This is my plan:
1. Buying a X230 (16gb ram)
2. Using 1vyrain to remove the Intel spyware shit
3. Installing Qubes OS and configuring it to move ALL network through Whonix/Tor. Ideally I want this laptop to remain a clearnet virgin forever and only connect to the Internet via Tor
Is everything up to this point correct or am I forgetting something?
Now the next thing that might be problematic is that I would still be connectting to the internet through my normie router plus my ISP would see that I'm a dangerous schizo using tor 24/7. This is probably not that much of a problem but still seems suboptimal. How can I counteract it? I was thinking about buying one of these fancy WiFi antennas and le epic hacking into one of my neighbors wifi, is that feasible long-term?
(please note that I'm a windows user and I don't know absolutely anything about Linux or how the internet works, this will be an edutainment project)
My main thing is that I want to procure a separate laptop and give it a maximum schizo setup. This is my plan:
1. Buying a X230 (16gb ram)
2. Using 1vyrain to remove the Intel spyware shit
3. Installing Qubes OS and configuring it to move ALL network through Whonix/Tor. Ideally I want this laptop to remain a clearnet virgin forever and only connect to the Internet via Tor
Is everything up to this point correct or am I forgetting something?
Now the next thing that might be problematic is that I would still be connectting to the internet through my normie router plus my ISP would see that I'm a dangerous schizo using tor 24/7. This is probably not that much of a problem but still seems suboptimal. How can I counteract it? I was thinking about buying one of these fancy WiFi antennas and le epic hacking into one of my neighbors wifi, is that feasible long-term?
(please note that I'm a windows user and I don't know absolutely anything about Linux or how the internet works, this will be an edutainment project)