can we get an infosec thread going?
what steps do you take to ensure privacy online?
i've been a "nothing to hide" type for a while, but i'm starting to really hate the idea of widespread data collection, stored in your personal profile, for the sole purpose of selling it to companies so that they can get their advertisements to you.
Qubes+Whonix
Dummy accounts
Never cross contaminate accounts
It's all pretty simple stuff.
>>53240986
>privacy online
I kinda stopped caring. There is so much shit to be paranoid about and so many better things to do than wear a foil hat. I just have an adblocker, https everywhere, lastpass, and basic shit like WPA2 wifi (no WPS).
Got a 6P which is encrypted by default. That's pretty cool.
One thing I wish there was is an easy end-to-end encryption program that could plug into regular Android apps, probably using Xposed. I have it on my to-do list of things to make that never gets done.
>>53240986
>linux+luks
>vpn erryday
>FOSS browser
>self destructing cookies
>ublock with social filters
>don't contaminate your identities (see: everyone who's gotten doxxed/rekt by SJWs ever)
>>53240986
Here is a list of addons you should use:
(Cross-)Site Request: uMatrix (https://addons.mozilla.org/en-US/firefox/addon/umatrix/).
Anti-XSS: uMatrix (https://addons.mozilla.org/en-US/firefox/addon/umatrix/).
Trackers: uMatrix (https://addons.mozilla.org/en-US/firefox/addon/umatrix/).
Referer: uMatrix (https://addons.mozilla.org/en-US/firefox/addon/umatrix/).
User-Agent: uMatrix (https://addons.mozilla.org/en-US/firefox/addon/umatrix/).
Cookies: uMatrix (https://addons.mozilla.org/en-US/firefox/addon/umatrix/).
Security Settings: Privacy Settings (https://addons.mozilla.org/en-US/firefox/addon/privacy-settings/).
SSL (strict HTTPS): HTTPS by default (https://addons.mozilla.org/en-US/firefox/addon/https-by-default/).
URL Deobfuscator: Pure URL (https://addons.mozilla.org/en-US/firefox/addon/pure-url/).
Plugin And Mimetype Enumeration: Disable Plugin & Mimetype Enumeration (no longer available).
Passwords: KeePassX "autocomplete" (https://www.keepassx.org/)
Browsing History Cleaner: Bleachbit.
LSO Cookies: BetterPrivacy (https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/).
Use GNU Icecat as your browser and switch to Linux.
>>53241190
Good Lord!
Doesn't this POS OS come with any bundled applications at all?
>>53241417
Do you even understand any of it? I can't explain you one by one but all this is to cutoff some communication from the browser to the internet so to speak.
Or just switch to Linux, the security exponentially increases.
Who here is running a grsecurity kernel? Experiences?
What distro are you running on?
Do you patch your kernel manually, or does your distro offer precompiled packages?
>>53241891
Here's a good trick to minimize the amount of data contaminating data on your drive, including thumbnails from local files and browser caches:
Your home folder has a .cache folder that many programs dump data into indiscriminately. Do yourself a favor and add it to your fstab as a tmpfs with 40MB, then clear it out and reboot. Suddenly, potentially compromising metadata gets written to ram instead of disk.
>>53242043
thx anon
>>53241190
there's something that noscript blocks and umatrix can't?
>>53240986
>privacy
>online
it's one or the other senpai
Noob question but can you give some infos about free vpn add ons? I know they cant hide you completly.
Recently i've been using hoxx vpn. It's not bad. At least it's fast and i looked up my ip at ipleak and it was ok :)
>inb4 use tor
delete your facebook
>>53240986
Information security is far too complicated for most of /g/. Better make a phone thread, it's the most advanced technology modern /g/ can comprehend
If you are on windows disable netbios, sandbox any unknown programs, update your programs and nmap your shit
>>53241190
>LSO Cookies: BetterPrivacy (https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/).
is this needed if you don't have flash installed? I've heard them called "flash cookies"
>>53245128
BetterPrivacy is not needed if you don't have flash installed
>>53244372
>free
>vpn
if you aren't paying for it, you have zero privacy. They're tracking you and sniffing your traffic. You aren't the customer, you're the product being sold.
>>53240986
HOLD UP
You do not have something to hide, do you?
I know 4chan full of disgusting pedos but if you are not of them you do not need to worry about privacy, friend!
>>53245146
>They're tracking you and sniffing your traffic.
Use https. There's no reason to trust any paid VPN too.
>You aren't the customer, you're the product being sold.
Stop spreading this crappy argument.
>>53245146
>what is zenmate
>>53245208
you're dumb
>>53245873
oh no
>>53245886
no kiddo
>>53245798
>zenmate
>german
into the trash it goes
>>53245146
>>53245208
Yeah, even if you are paying for it, your data hits the VPN and then goes right out. The NSA taps lines between datacenters. I work in a DC and the FBI has a rack with a couple 10G fiber cross connects and like 5 or so Us of switch shit that they inexplicably pay tens of thousands of dollars for per month. Anything but end to end encryption is fucked.
>>53246221
I am from Russia. I have seen blueprints of communication relay and telecoms are required to install surveillance equipment into "nodes" (don't know proper terms). I think every sensible goverment tries to tap into communications.
>>53246274
>required to install surveillance equipment
lol it's already in their system. The networking companies use code from the NSA
http://arstechnica.com/security/2016/01/juniper-drops-nsa-developed-code-following-new-backdoor-revelations/
>"nodes" (don't know proper terms)
probably switches or routers
