Browser: Chromium - Under the hood - Content Settings
1. Allow local data to be set for the current session only
2. Block third party cookies and site data
3. Clear cookies and other site and plug-in data when I close my browser

Plug-ins: Ghostery

Search engine and search page: Starting page.com

DNS-server: Norton DNS

Browser:

- Opera (for browsing naked) sandboxed
- Tor Browser Bundle run from USB stick sandboxed - automatic secure deletion of the sandbox (Eraser 3 passes)

TBB add ons: Ghostery, Request Policy, NoScript, HTTPS Everywhere, Better Privacy

Search engine and homepage: Ixquick.com

DNS server: my ISP's DNS - suggestions?

Browser: Chromium Dev. build - Always incognito, click to play, no cookies, no javascript.

OS: Linux Mint - LUKS Encryption + anti-forensics scripts that fill the filesystem with garbage (encrypted files with random content inside encrypted files). This makes forensics a nightmare because you would have to brute force each password to figure out if there was anything in the file but since the contents are random you could never be certain there isn't something there :D

Other: TAILS Live CD w/ Fake Mac Addy + public hotspot for when I am paranoid :/

-{ Quote: " + anti-forensics scripts that fill the filesystem with garbage (encrypted files with random content inside encrypted files).
" }-

Uhhmm that are quite dramatic counter measurements

I don't care companies know my clicking behaviour, I just don't want advertisements as a return. Same/simular option as I have in the real world.

In Holland there are several customer loyalty systems with 'cards' which collect your buying behaviour and summarize the 'points' one has collected with it. So I am not against data mining and suppliers optimizing their supply chain (and stock) with this info. I think they cross the line when they offer me stuff I have not asked for.

That is why I use a search service (based on Google ??) which does not provide my IP and try suppress tracking cookies

-{ Quote: "Uhhmm that are quite dramatic counter measurements
" }-

Yeah true. But I had some sensitive data stored in an encrypted vault (truecrypt) and I was worried that it may get copied by someone. (It was for work and contained sensitive information).

I have left the garbage data there because at least if someone does manage to dump data they will have a lot of work to do. I usually use the script to fill TrueCrypt hidden volumes. That way if I ever give up the password to the outer volume it's all garbage but looks like I was trying to hide something there

Normally:
Firefox disabled unnecessary history (download and form)
Adblock Plus EasyPrivacy
NoScript
PrivacyChoice TrackerBlock
Google (encrypted) and sometimes ixquick search plugins
PeerBlock
Sandboxie auto-delete
CCleaner regularly
Comodo outbound control

For really private matters:
Tor Browser Bundle
TrueCrypt triple-encryption

How does Norton DNS help with privacy overall? It may make you less identifiable, but give another company your DNS records.

Very nice :thumb:

TrueCrypt Cascades FTW

-{ Quote: "anti-forensics scripts that fill the filesystem with garbage (encrypted files with random content inside encrypted files). This makes forensics a nightmare because you would have to brute force each password to figure out if there was anything in the file but since the contents are random you could never be certain there isn't something there" }-
Interesting idea. Are these continually created and destroyed or are they static? If static, wouldn't they be able to limit the search by file dates?

-{ Quote: "Yeah true. But I had some sensitive data stored in an encrypted vault (truecrypt) and I was worried that it may get copied by someone. (It was for work and contained sensitive information).

I have left the garbage data there because at least if someone does manage to dump data they will have a lot of work to do. I usually use the script to fill TrueCrypt hidden volumes. That way if I ever give up the password to the outer volume it's all garbage but looks like I was trying to hide something there" }-

If it's all that sensitive, wouldn't it be best not to post about it online so much? :P

Interesting. What scripts are you using? Custom made or from somewhere else?

-{ Quote: "If it's all that sensitive, wouldn't it be best not to post about it online so much? :P" }-

LOL true but it's not like it's on a system that's online. The data is offline use only and stored at my company behind locked doors on an encrypted hard drive in a safe.

( Yes I know paranoid but if you knew what was on it ( nothing bad, but very sensitive) you would be too)

-{ Quote: "Interesting. What scripts are you using? Custom made or from somewhere else?" }-

From IntX80 of dualcore and Hak5 they are over here:

https://github.com/int0x80/anti-forensics/blob/bb2ced1813df8180388b08ded4bb35fadc672fea/durrhurr

There are more there but I only use that one and the steghide one. The rest seem like asking for trouble (wiping unknown flash drives and filling them with random data seems like an easy way to a destruction of evidence charge).

On my typical Chrome Canary I only block 3rd party cookies and AdblockPlus also has Do Not Track built in. I also use KBSSL enforcer.

On my "Secure" profile I use ScriptNo to block tracking as well with frames and widgets all blocked..

1. VPN

2. Block 3rd Party Cookies

3. Delete ALL cookies on close of browser session

4. Full Drive System Encryption

And I do it only on principle. Privacy = Freedom. Freedom = Privacy. You can't separate the two. You give up one - the other's right behind.

-{ Quote: "Browser: Chromium
Search engine and search page: Starting page.com
" }-
Kees, are you able to search from the address bar with Starting Page?

I added Starting Page to my list of search engines in Chrome and then made it my Default search engine.

I'm using this URL- https://www.startingpage.com/do/search%s

But when I search from the address bar it doesn't give the desired search results, it just goes to the startingpage.com home page.

-{ Quote: "Kees, are you able to search from the address bar with Starting Page?

I added Starting Page to my list of search engines in Chrome and then made it my Default search engine.

I'm using this URL- https://www.startingpage.com/do/search%s

But when I search from the address bar it doesn't give the desired search results, it just goes to the startingpage.com home page." }-


You can, Mats. Same for DuckDuckGo, Ixquick and pretty much anything else. This is what you're looking for.
https://startingpage.com/do/metasearch.pl?query=%s
https://duckduckgo.com/?q=%s
https://ixquick.com/do/metasearch.pl?query=%s

-{ Quote: "Kees, are you able to search from the address bar with Starting Page?

I added Starting Page to my list of search engines in Chrome and then made it my Default search engine.

I'm using this URL- https://www.startingpage.com/do/search%s

But when I search from the address bar it doesn't give the desired search results, it just goes to the startingpage.com home page." }-

Did you try this https://startingpage.com/eng/download-startingpage-plugin.html

-{ Quote: "Browser: Chromium - Under the hood - Content Settings
1. Allow local data to be set for the current session only
2. Block third party cookies and site data
3. Clear cookies and other site and plug-in data when I close my browser

Plug-ins: Ghostery

Search engine and search page: Starting page.com

DNS-server: Norton DNS" }-
Pretty the same config here,
one difference is I use Chrome not Chromium.
I also have enabled this options (in chrome://flags Tab):
- Disable hyperlink auditing (Disable sending hyperlink auditing pings.)
- Block all third-party cookies (When the option to block third-party cookies from being set is enabled, also block third-party cookies from being read.)

All my internet browsing is done inside a type 2 hypervisor.

Browser in the local VM is firefox 10 with noscript/request policy installed.

The VM reverts to a clean state at shutdown so all tracking cookies for flash/silverlight etc get wiped every time. No need to worry about forever cookies.8)

-{ Quote: "From IntX80 of dualcore and Hak5 they are over here:

https://github.com/int0x80/anti-forensics/blob/bb2ced1813df8180388b08ded4bb35fadc672fea/durrhurr

There are more there but I only use that one and the steghide one. The rest seem like asking for trouble (wiping unknown flash drives and filling them with random data seems like an easy way to a destruction of evidence charge)." }-

His presentation at the 'Louise' is on YouTube, it was good. Those bash scripts were awesome. And hey, you won't be destroying evidence...just the collection mechanism, LOL ;D

PD

-{ Quote: "All my internet browsing is done inside a type 2 hypervisor.

Browser in the local VM is firefox 10 with noscript/request policy installed.

The VM reverts to a clean state at shutdown so all tracking cookies for flash/silverlight etc get wiped every time. No need to worry about forever cookies.8)" }-

Doing this now! +1 for the idea. I'm running Debian inside a VM on a Linux Mint Host. Both encrypted with LUKS.

-{ Quote: "You can, Mats. Same for DuckDuckGo, Ixquick and pretty much anything else. This is what you're looking for.
https://startingpage.com/do/metasearch.pl?query=%s
" }-

Excellent, that worked.

Thanks!

I use Sandboxie to sandbox my web browsers with the Eraser configuration.

I have started running my browsers (Firefox and chrome) from inside of a truecrypt container. I started doing this because data is still left on the hard drive even after the sandbox is wiped with Eraser.

I use Returnil.

I recently added Microsoft fixit to clear the pagefile when I shut down my computer. I have no idea if this is sufficient. But I added it because Returnil doesn't virtualize the pagefile.

I use a multihop VPN much of the time. But I do have some email accounts that I have had forever that I do not always use a VPN with. They are just used for family and friends and that sort of thing. But I use separate email accounts for blogging and message boards. I never use these email accounts outside of the context of the blogs or message boards. And I always delete the sandbox before logging into another account.

I use some tyruecrypt containers sometimes and I have an external hard drive that is encrypted completely. I recently did this to store backups of everything that I own. Most of what I have is not stored in treucrypt containers. But I am probably going to start storing everything that I own on an encrypted hard drive. So I will have 2 copies of all of my music and videos and ebooks etc... in case something happens. Actually I may add a third one just to be safe.

I don't know how to use a VM yet but I am going to give that a try pretty soon. But I doubt that I will use it a lot because I like to download a lot and I guess that's something that you can't do with a VM.

-{ Quote: "I also use KBSSL enforcer." }-

So this is like HTTPS Everywhere? I use to use HTTPS Everywhere in Firefox but I quit using it because I do a lot of searches with the cached feature to highlight terms. But with HTTPS Everywhere I don't get the highlighted terms in Google. Does KBSSL enforcer also prevent this feature?

-{ Quote: "

The VM reverts to a clean state at shutdown so all tracking cookies for flash/silverlight etc get wiped every time. No need to worry about forever cookies.8)" }-

What kind of virtual machine do you use? Is it automatically set to revert to a clean state or do you have to do something extra with it?

VPN inside a vm with Firefox. No firewall no AV