In a similar vein to the "What is your security setup these days?" thread, I'm curious what your privacy setup is. We don''t need to confine ourselves to Windows setups, if you wrap aluminium foil around your credit card, let us know. If you've made yourself a tin-foil hat, mmm maybe we don't need to know that. I'll start: Putting aside the recent WoT issues, I've just bought a home phone which allows me to block telemarketers. Here it is - Telstra Call Guardian 302 youtube.com/watch?v=JAoZ2d-ps6Y It gives me peace without being bugged by telemarketers.
Windows 7 x64 F-Secure Freedome VPN uBlock Origin (Chromium and Firefox) using Startpage for search Sandboxie (delete all locally stored data when browser is closed) CCleaner never browser net while logged in any account sometimes I use VPN + Virtual machine + Tor browser iPhone 5S disabled location services disabled synchronization with iCloud (I sync only what I want on demand) disabled mobile data (I enable it when I need it) disabled other privacy invading features regularly delete history in Safari browser using F-Secure Freedome VPN Nexus 7 (2013) enable WiFi only when needed disabled privacy invading options clear history after each browser session CCleaner F-Secure Freedome VPN Acer Aspir One Windows 10 with some privacy related tweaks CCleaner used only for testing
@Minimalist , Cool! Thanks for sharing. I've put my "smart" phone away and gone back to my dumb flip-phone.
I was thinking of doing similar but decided to go with iPhone for now. So far I like it's configuration options.
Not much. Ublock Origin, VPN sometimes. SSL, HTTPS when it's available. I don't have FB so that's a big advantage I guess ^^.
I use a dumb phone, aside the fact, it is safer and even cheaper, the battery lasts for weeks. I keep the number as secret as possible to avoid spam calls. Windows: DNS.Watch (located in Germany) a collection of tweaks, like no pagefile/indexing/superfetch, they can keep records CCleaner - I turn off my computer with CCleaner to clean everything and with tweaks to reset settings disabled network services - it makes Windows and some software (HitmanPro) think, there is no internet, therefore they do not even try to call home Browser: OpenDNS (EU servers) via an inbuilt dnscrypt I use Yandex to sync to Russian servers StartPage search via EU servers uBlockOrigin to block trackers CanvasFingerprintBlock WebRTC Control Internet: I use the same username and mostly the same silly password for everything - the more you hide, the more you stand out Facebook and others - a fake birthday, since it could be used to get my ID number, something like a social security number For the record, I did, but just to stop headaches caused by EM radiation and maybe a few reptilians listening to my thoughts.
Debian 8.5 MATE 1gbps Home Fiber Connection Cisco ASA 5516-X Router w/ FirePOWER Services IPS/URL Filter/AMP Long Range WiFi Extender: Distance 5 to 10 k's Connect WiFi Connect VPN 1>VPN 2> VPN 3>Virtual Machine with FreeBSD>SSH 1>SSH 2>TOR
Linux Mint VPN Whonix in VirtualBox Icedove - e-mail TOR browser NoScript uBlockOrigin HTTPS Everywhere Lastpass
I've been thinking about installing TOR browser just to check it out as I don't have any real need for that level of obscurity, but I haven't as yet because I think just using TOR might raise red flags with those security departments. Is that a valid concern?
yes it is. several TOR's exit points are NSA/CIA owned. However if you can avoid them, it is still secure and anonymous enough.
My concern is that my ISP would notice I was using TOR browser and notify, in my case ASIO or the AFP, or who knows who else, and I can understand that to a point. They may well wonder what I'm trying to hide, even if it is absolutely nothing.
This several exit points owned by NSA/CIA are equivalent a how much of the total exit nodes? I doubt that this information is avaible but that makes me wonder. Sorry for my poor english
"A rule in the source code shows that X-Keyscore is keeping track of all visitors to torproject.org, according to the NDR report." https://www.cnet.com/news/nsa-likely-targets-anybody-whos-tor-curious/
i didn't tell you that, if we knew the approximate number, we could start finding them by eliminating the ones reputed safe.
This is a new setup I've been tinkering with recently; any comments, critiques and/or suggestions are welcome! Ultimately my goal is to create a concise and up-to-date hardening tutorial - I'd love any input. This stuff is becoming more important by the hour and I'd like to get the best info into the most hands ASAP. Email Site-specific public email addresses route messages via various remailers which dump into a private & encrypted email service Remailer 33mail.com (primary) Email service Protonmail.ch (Switzerland-based) Firefox Search Startpage (by Ixquick) Primary search engine Privacy-centered search which offers the power of Google without the invasive tracking DuckDuckGo result ranking leaves something to be desired but I rely on it to escape Google's bubble when necessary Misc. Prefetching, search suggestions, search history, etc. disabled Add-ons: Better Privacy Manage and delete LSOs/Cookies Canvas Blocker Mitigate HTML5 canvas fingerprinting Decentraleyes Local CDN emulation; mitigates tracking Complements and plays nicely with the other blockers/privacy add-ons Google Search Link Fix Prevents Google/Yandex from altering result links HTTPS Everywhere Force HTTPS Privacy Settings Pretty neat; no more digging around in about:config to configure the default prefs individually Disables DOM witchcraft, becons, geo, webgl, and plenty of other hoodoo Self Destructing Cookies Purges respective cookies and LocalStorage as soon as you close its tabs; expunges lingering sessions. Closest I've come to cookie-free browsing without breaking every site in the process. uBlock Origin Better than AdBlock Plus; more powerful, easier on CPU/Memory, better interface (IMO) UA Spoofing, block remote fonts, etc. uMatrix Point-and-click matrix-based firewall, w/ privacy-enhancing tools Too much to gush about, see for yourself: https://github.com/gorhill/uMatrix No Resource URI Leak (suggested by Krusty13) Additional fingerprinting/tracking mitigation; seems especially useful for a setup with multiple plugins (such as this one) which otherwise increases the ease with which the browser may be fingerprinted Random Agent Spoofer Fingerprinting protection; robust profiles which spoof not only useragent strings but a host of other characteristics to afford increased protection from browser fingerprinting attempts. OS(s) Multi-booting various Linux flavors and Windows 7 (for testing only); Kali Linux, Whonix VMs, Plan9 (for S&G) Stripped down as much bloat as possible (looking at you, Windows) and pared everything down to essentials to minimize attack surface Misc. OpenDNS, looking into DNS.Watch Minimum 15 char. passphrases w/ mixed cases, numbers and multiple salts Passphrases are unique to every service No password managers: pen and paper until I commit the passphrases to memory I avoid TOR for a few reasons, which may or may not be founded Developed by the US Government. Exit-node attacks (like the recent attempt targeting SIGAINT) are the least troubling IMHO; who knows what other shenanigans were baked into that thing. As mentioned above, it would be a very simple way to wind up on a watch list (Xkeyscore) Lastly, I don't really have a need for it and God only knows what sort of ugliness is waiting in there anyway.
Thanks. Just added this to FF and CF. I was recently recommended No Resource URI Leak, which you could look at. It may not be needed with your setup though.
@TomeiNingen Nice setup. How comes you don't use a VPN or multiple VPNs to hide your IP from sites you're visiting and to hide your traffic from your ISP?
To be perfectly candid, I just don't have a ton of familiarity with them. I'm very wary of associating any financial information with whichever online identity I'm using and I haven't heard of a free, reliable, and trustworthy VPN service yet. Any you know of that you might recommend? Nice, thanks! I was looking for something just like this.