Share your privacy measures

Discussion in 'privacy technology' started by Kees1958, Feb 4, 2012.

Thread Status:
Not open for further replies.
  1. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Browser: Chromium - Under the hood - Content Settings
    1. Allow local data to be set for the current session only
    2. Block third party cookies and site data
    3. Clear cookies and other site and plug-in data when I close my browser

    Plug-ins: Ghostery

    Search engine and search page: Starting page.com

    DNS-server: Norton DNS
     
    Last edited: Feb 4, 2012
  2. SafetyFirst

    SafetyFirst Registered Member

    Joined:
    Jan 26, 2007
    Posts:
    462
    Browser:

    - Opera (for browsing naked) sandboxed
    - Tor Browser Bundle run from USB stick sandboxed - automatic secure deletion of the sandbox (Eraser 3 passes)

    TBB add ons: Ghostery, Request Policy, NoScript, HTTPS Everywhere, Better Privacy

    Search engine and homepage: Ixquick.com

    DNS server: my ISP's DNS - suggestions?
     
  3. x942

    x942 Guest

    Browser: Chromium Dev. build - Always incognito, click to play, no cookies, no javascript.

    OS: Linux Mint - LUKS Encryption + anti-forensics scripts that fill the filesystem with garbage (encrypted files with random content inside encrypted files). This makes forensics a nightmare because you would have to brute force each password to figure out if there was anything in the file but since the contents are random you could never be certain there isn't something there :D

    Other: TAILS Live CD w/ Fake Mac Addy + public hotspot for when I am paranoid :/
     
  4. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Uhhmm that are quite dramatic counter measurements

    I don't care companies know my clicking behaviour, I just don't want advertisements as a return. Same/simular option as I have in the real world.

    In Holland there are several customer loyalty systems with 'cards' which collect your buying behaviour and summarize the 'points' one has collected with it. So I am not against data mining and suppliers optimizing their supply chain (and stock) with this info. I think they cross the line when they offer me stuff I have not asked for.

    That is why I use a search service (based on Google ??) which does not provide my IP and try suppress tracking cookies
     
    Last edited: Feb 5, 2012
  5. x942

    x942 Guest

    Yeah true. But I had some sensitive data stored in an encrypted vault (truecrypt) and I was worried that it may get copied by someone. (It was for work and contained sensitive information).

    I have left the garbage data there because at least if someone does manage to dump data they will have a lot of work to do. I usually use the script to fill TrueCrypt hidden volumes. That way if I ever give up the password to the outer volume it's all garbage but looks like I was trying to hide something there
     
  6. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Normally:
    Firefox disabled unnecessary history (download and form)
    Adblock Plus EasyPrivacy
    NoScript
    PrivacyChoice TrackerBlock
    Google (encrypted) and sometimes ixquick search plugins
    PeerBlock
    Sandboxie auto-delete
    CCleaner regularly
    Comodo outbound control

    For really private matters:
    Tor Browser Bundle
    TrueCrypt triple-encryption

    How does Norton DNS help with privacy overall? It may make you less identifiable, but give another company your DNS records.
     
  7. x942

    x942 Guest

    Very nice :thumb:

    TrueCrypt Cascades FTW
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Interesting idea. Are these continually created and destroyed or are they static? If static, wouldn't they be able to limit the search by file dates?
     
  9. noblelord

    noblelord Registered Member

    Joined:
    Aug 19, 2009
    Posts:
    162
    Location:
    UK
    If it's all that sensitive, wouldn't it be best not to post about it online so much? :p
     
  10. Serapis

    Serapis Registered Member

    Joined:
    Nov 15, 2009
    Posts:
    241
    Interesting. What scripts are you using? Custom made or from somewhere else?
     
  11. x942

    x942 Guest

    LOL true but it's not like it's on a system that's online. The data is offline use only and stored at my company behind locked doors on an encrypted hard drive in a safe.

    ( Yes I know paranoid but if you knew what was on it ( nothing bad, but very sensitive) you would be too)
     
  12. x942

    x942 Guest

    From IntX80 of dualcore and Hak5 they are over here:

    https://github.com/int0x80/anti-forensics/blob/bb2ced1813df8180388b08ded4bb35fadc672fea/durrhurr

    There are more there but I only use that one and the steghide one. The rest seem like asking for trouble (wiping unknown flash drives and filling them with random data seems like an easy way to a destruction of evidence charge).
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    On my typical Chrome Canary I only block 3rd party cookies and AdblockPlus also has Do Not Track built in. I also use KBSSL enforcer.

    On my "Secure" profile I use ScriptNo to block tracking as well with frames and widgets all blocked..
     
  14. LockBox

    LockBox Registered Member

    Joined:
    Nov 20, 2004
    Posts:
    2,275
    Location:
    Here, There and Everywhere
    1. VPN

    2. Block 3rd Party Cookies

    3. Delete ALL cookies on close of browser session

    4. Full Drive System Encryption

    And I do it only on principle. Privacy = Freedom. Freedom = Privacy. You can't separate the two. You give up one - the other's right behind.
     
  15. Mats

    Mats Registered Member

    Joined:
    Jun 4, 2009
    Posts:
    18
    Kees, are you able to search from the address bar with Starting Page?

    I added Starting Page to my list of search engines in Chrome and then made it my Default search engine.

    I'm using this URL- https://www.startingpage.com/do/search%s

    But when I search from the address bar it doesn't give the desired search results, it just goes to the startingpage.com home page.
     
  16. shuverisan

    shuverisan Registered Member

    Joined:
    Dec 23, 2011
    Posts:
    185

    You can, Mats. Same for DuckDuckGo, Ixquick and pretty much anything else. This is what you're looking for.
    Code:
    https://startingpage.com/do/metasearch.pl?query=%s
    https://duckduckgo.com/?q=%s
    https://ixquick.com/do/metasearch.pl?query=%s
     
  17. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
  18. Creer

    Creer Registered Member

    Joined:
    Jun 29, 2008
    Posts:
    1,345
    Pretty the same config here,
    one difference is I use Chrome not Chromium.
    I also have enabled this options (in chrome://flags Tab):
    - Disable hyperlink auditing (Disable sending hyperlink auditing pings.)
    - Block all third-party cookies (When the option to block third-party cookies from being set is enabled, also block third-party cookies from being read.)
     
  19. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    All my internet browsing is done inside a type 2 hypervisor.

    Browser in the local VM is firefox 10 with noscript/request policy installed.

    The VM reverts to a clean state at shutdown so all tracking cookies for flash/silverlight etc get wiped every time. No need to worry about forever cookies.:cool:
     
  20. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    His presentation at the 'Louise' is on YouTube, it was good. Those bash scripts were awesome. And hey, you won't be destroying evidence...just the collection mechanism, LOL :D

    PD
     
  21. x942

    x942 Guest

    Doing this now! +1 for the idea. I'm running Debian inside a VM on a Linux Mint Host. Both encrypted with LUKS.
     
  22. Mats

    Mats Registered Member

    Joined:
    Jun 4, 2009
    Posts:
    18
  23. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    I use Sandboxie to sandbox my web browsers with the Eraser configuration.

    I have started running my browsers (Firefox and chrome) from inside of a truecrypt container. I started doing this because data is still left on the hard drive even after the sandbox is wiped with Eraser.

    I use Returnil.

    I recently added Microsoft fixit to clear the pagefile when I shut down my computer. I have no idea if this is sufficient. But I added it because Returnil doesn't virtualize the pagefile.

    I use a multihop VPN much of the time. But I do have some email accounts that I have had forever that I do not always use a VPN with. They are just used for family and friends and that sort of thing. But I use separate email accounts for blogging and message boards. I never use these email accounts outside of the context of the blogs or message boards. And I always delete the sandbox before logging into another account.

    I use some tyruecrypt containers sometimes and I have an external hard drive that is encrypted completely. I recently did this to store backups of everything that I own. Most of what I have is not stored in treucrypt containers. But I am probably going to start storing everything that I own on an encrypted hard drive. So I will have 2 copies of all of my music and videos and ebooks etc... in case something happens. Actually I may add a third one just to be safe.

    I don't know how to use a VM yet but I am going to give that a try pretty soon. But I doubt that I will use it a lot because I like to download a lot and I guess that's something that you can't do with a VM.
     
  24. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    So this is like HTTPS Everywhere? I use to use HTTPS Everywhere in Firefox but I quit using it because I do a lot of searches with the cached feature to highlight terms. But with HTTPS Everywhere I don't get the highlighted terms in Google. Does KBSSL enforcer also prevent this feature?
     
  25. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    What kind of virtual machine do you use? Is it automatically set to revert to a clean state or do you have to do something extra with it?
     
Loading...
Thread Status:
Not open for further replies.