What is your Privacy Setup

Discussion in 'privacy technology' started by Krusty, Nov 5, 2016.

  1. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    In a similar vein to the "What is your security setup these days?" thread, I'm curious what your privacy setup is. We don''t need to confine ourselves to Windows setups, if you wrap aluminium foil around your credit card, let us know. If you've made yourself a tin-foil hat, mmm maybe we don't need to know that.

    I'll start:

    Putting aside the recent WoT issues, I've just bought a home phone which allows me to block telemarketers. Here it is - Telstra Call Guardian 302

    youtube.com/watch?v=JAoZ2d-ps6Y

    It gives me peace without being bugged by telemarketers.
     
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    Windows 7 x64

    F-Secure Freedome VPN
    uBlock Origin (Chromium and Firefox)
    using Startpage for search
    Sandboxie (delete all locally stored data when browser is closed)
    CCleaner
    never browser net while logged in any account
    sometimes I use VPN + Virtual machine + Tor browser

    iPhone 5S

    disabled location services
    disabled synchronization with iCloud (I sync only what I want on demand)
    disabled mobile data (I enable it when I need it)
    disabled other privacy invading features
    regularly delete history in Safari browser
    using F-Secure Freedome VPN

    Nexus 7 (2013)

    enable WiFi only when needed
    disabled privacy invading options
    clear history after each browser session
    CCleaner
    F-Secure Freedome VPN

    Acer Aspir One

    Windows 10 with some privacy related tweaks
    CCleaner
    used only for testing
     
  3. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    @Minimalist ,

    Cool! Thanks for sharing.

    I've put my "smart" phone away and gone back to my dumb flip-phone.
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    I was thinking of doing similar but decided to go with iPhone for now. So far I like it's configuration options.
     
  5. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    517
    Not much.
    Ublock Origin, VPN sometimes. SSL, HTTPS when it's available.
    I don't have FB so that's a big advantage I guess ^^.
     
  6. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    3,418
    Location:
    Slovakia
    I use a dumb phone, aside the fact, it is safer and even cheaper, the battery lasts for weeks. I keep the number as secret as possible to avoid spam calls.

    Windows:
    DNS.Watch (located in Germany)
    a collection of tweaks, like no pagefile/indexing/superfetch, they can keep records
    CCleaner - I turn off my computer with CCleaner to clean everything and with tweaks to reset settings
    disabled network services - it makes Windows and some software (HitmanPro) think, there is no internet, therefore they do not even try to call home

    Browser:
    OpenDNS (EU servers) via an inbuilt dnscrypt
    I use Yandex to sync to Russian servers
    StartPage search via EU servers
    uBlockOrigin to block trackers
    CanvasFingerprintBlock
    WebRTC Control

    Internet:
    I use the same username and mostly the same silly password for everything - the more you hide, the more you stand out
    Facebook and others - a fake birthday, since it could be used to get my ID number, something like a social security number

    For the record, I did, but just to stop headaches caused by EM radiation and maybe a few reptilians listening to my thoughts. :cool:
     
  7. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    I don't do social media.
     
  8. Debian 8.5 MATE
    1gbps Home Fiber Connection
    Cisco ASA 5516-X Router w/ FirePOWER Services IPS/URL Filter/AMP
    Long Range WiFi Extender: Distance 5 to 10 k's
    Connect WiFi
    Connect VPN 1>VPN 2> VPN 3>Virtual Machine with FreeBSD>SSH 1>SSH 2>TOR
     
  9. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    Everyone knows to be truly protected you need to live in a Faraday Cage. :rolleyes:
     
  10. snerd

    snerd Registered Member

    Joined:
    Dec 8, 2007
    Posts:
    130
    Location:
    Arkansas USA
    Linux Mint
    VPN
    Whonix in VirtualBox
    Icedove - e-mail
    TOR browser
    NoScript
    uBlockOrigin
    HTTPS Everywhere
    Lastpass
     
    Last edited: Nov 9, 2016
  11. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    I've been thinking about installing TOR browser just to check it out as I don't have any real need for that level of obscurity, but I haven't as yet because I think just using TOR might raise red flags with those security departments. Is that a valid concern?
     
    Last edited: Nov 6, 2016
  12. guest

    guest Guest

    yes it is. several TOR's exit points are NSA/CIA owned.

    However if you can avoid them, it is still secure and anonymous enough.
     
  13. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    My concern is that my ISP would notice I was using TOR browser and notify, in my case ASIO or the AFP, or who knows who else, and I can understand that to a point. They may well wonder what I'm trying to hide, even if it is absolutely nothing.
     
  14. guest

    guest Guest

    Even if your ISP noticed it, it shouldn't be a problem.
     
  15. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,351
    This several exit points owned by NSA/CIA are equivalent a how much of the total exit nodes? I doubt that this information is avaible but that makes me wonder.

    Sorry for my poor english
     
  16. guest

    guest Guest

    if we knew , those nodes will become useless ;)
     
  17. boredog

    boredog Registered Member

    Joined:
    Feb 1, 2015
    Posts:
    2,499
  18. ExtremeGamerBR

    ExtremeGamerBR Registered Member

    Joined:
    Aug 3, 2010
    Posts:
    1,351
    I don't ask wich nodes are owned bt NSA/CIA, just a estimative of how many nodes.
     
  19. guest

    guest Guest

    i didn't tell you that, if we knew the approximate number, we could start finding them by eliminating the ones reputed safe.
     
  20. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    9,252
    Yes, that's a concern. I only use Tor through nested VPN chains :) And many people use VPNs.
     
  21. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,797
  22. TomeiNingen

    TomeiNingen Registered Member

    Joined:
    Nov 8, 2016
    Posts:
    50
    Location:
    Fort Meade, Maryland
    This is a new setup I've been tinkering with recently; any comments, critiques and/or suggestions are welcome! Ultimately my goal is to create a concise and up-to-date hardening tutorial - I'd love any input. This stuff is becoming more important by the hour and I'd like to get the best info into the most hands ASAP.

    • Email
      • Site-specific public email addresses route messages via various remailers which dump into a private & encrypted email service
        • Remailer
          • 33mail.com (primary)
        • Email service
          • Protonmail.ch (Switzerland-based)
    • Firefox
      • Search
        • Startpage (by Ixquick)
          • Primary search engine
          • Privacy-centered search which offers the power of Google without the invasive tracking
        • DuckDuckGo
          • result ranking leaves something to be desired but I rely on it to escape Google's bubble when necessary
        • Misc.
          • Prefetching, search suggestions, search history, etc. disabled
      • Add-ons:
        • Better Privacy
          • Manage and delete LSOs/Cookies
        • Canvas Blocker
          • Mitigate HTML5 canvas fingerprinting
        • Decentraleyes
          • Local CDN emulation; mitigates tracking
          • Complements and plays nicely with the other blockers/privacy add-ons
        • Google Search Link Fix
          • Prevents Google/Yandex from altering result links
        • HTTPS Everywhere
          • Force HTTPS
        • Privacy Settings
          • Pretty neat; no more digging around in about:config to configure the default prefs individually
          • Disables DOM witchcraft, becons, geo, webgl, and plenty of other hoodoo
        • Self Destructing Cookies
          • Purges respective cookies and LocalStorage as soon as you close its tabs; expunges lingering sessions. Closest I've come to cookie-free browsing without breaking every site in the process.
        • uBlock Origin
          • Better than AdBlock Plus; more powerful, easier on CPU/Memory, better interface (IMO)
          • UA Spoofing, block remote fonts, etc.
        • uMatrix
        • No Resource URI Leak (suggested by Krusty13)
          • Additional fingerprinting/tracking mitigation; seems especially useful for a setup with multiple plugins (such as this one) which otherwise increases the ease with which the browser may be fingerprinted
        • Random Agent Spoofer
          • Fingerprinting protection; robust profiles which spoof not only useragent strings but a host of other characteristics to afford increased protection from browser fingerprinting attempts.
    • OS(s)
      • Multi-booting various Linux flavors and Windows 7 (for testing only); Kali Linux, Whonix VMs, Plan9 (for S&G)
      • Stripped down as much bloat as possible (looking at you, Windows) and pared everything down to essentials to minimize attack surface
    • Misc.
      • OpenDNS, looking into DNS.Watch
      • Minimum 15 char. passphrases w/ mixed cases, numbers and multiple salts
        • Passphrases are unique to every service
        • No password managers: pen and paper until I commit the passphrases to memory
      • I avoid TOR for a few reasons, which may or may not be founded
        • Developed by the US Government. Exit-node attacks (like the recent attempt targeting SIGAINT) are the least troubling IMHO; who knows what other shenanigans were baked into that thing.
        • As mentioned above, it would be a very simple way to wind up on a watch list (Xkeyscore)
        • Lastly, I don't really have a need for it and God only knows what sort of ugliness is waiting in there anyway.
     
    Last edited: Nov 12, 2016
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    Thanks. Just added this to FF and CF.

    I was recently recommended No Resource URI Leak, which you could look at. It may not be needed with your setup though.
     
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,881
    Location:
    Slovenia, EU
    @TomeiNingen
    Nice setup. How comes you don't use a VPN or multiple VPNs to hide your IP from sites you're visiting and to hide your traffic from your ISP?
     
  25. TomeiNingen

    TomeiNingen Registered Member

    Joined:
    Nov 8, 2016
    Posts:
    50
    Location:
    Fort Meade, Maryland
    To be perfectly candid, I just don't have a ton of familiarity with them. I'm very wary of associating any financial information with whichever online identity I'm using and I haven't heard of a free, reliable, and trustworthy VPN service yet. Any you know of that you might recommend?


    Nice, thanks! I was looking for something just like this.
     
    Last edited: Nov 8, 2016
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.