Author Topic: short anonymity/privacy guide  (Read 1532 times)

0 Members and 1 Guest are viewing this topic.

Offline n3v3r

  • /dev/null
  • *
  • Posts: 5
  • Cookies: 0
    • View Profile
short anonymity/privacy guide
« on: January 27, 2016, 04:40:57 am »
First section: Operating system. Windows is proprietary, expensive, and vulnerable to most malware, and if you’re still using it as your primary OS, ESPECIALLY WINDOWS 10 USERS, you haven’t the slightest chance of obtaining any degree of privacy or anonymity, as Microsoft is logging and storing nearly every activity your computer carries out; needless to say, they will not hesitate to notify authorities at the first sign of shady goings-on. Mac is alright, its still proprietary and even more expensive than Microsoft, but they have a decent record of keeping user data safe (they in no uncertain terms told the NSA to fuck off when the shady governmental dragnet complained about their implementation of end to end encryption for iPhones) and file encryption is built into recent versions of Mac OSX. As a rule of thumb, I avoid proprietary programs and operating systems, as their security can not be independently verified by a neutral third party. Personally, I use Linux as my primary operating system. Which distro you should choose depends on what you want to do with your Linux system; everyday computing users would be fine with a base Ubuntu or Debian Gnome install. As an aspiring pentester and security analyst, I run Kali Linux (http://www.kali.org). It handles day-to-day affairs with relative ease, and excels for security purposes of all varieties – protecting your data, or stealing others’ (if you so choose). TAILS (http://tails.boum.org) is fantastic if you’re ultra paranoid (or need to do some extra shady shit) –  it is a live operating system, which means every time you boot it up is like a fresh install, and leaves no trace on your actual hardware. No data is saved across boot instances unless you configure persistence (encrypted, of course), it’s loaded with tools to help you protect yourself and your sensitive data, and it routes ALL internet traffic through the Tor network.

Next: your browser. This comes down to personal preference, but I use Iceweasel (the Debian derivative of Firefox). Open source, fast, functional, and highly configurable, Firefox leads to the best user experience without sacrificing privacy and anonymity. One of Firefox’s advantages is its large wealth of add-ons, many of which are immensely helpful in preserving your anonymity and privacy. You can find some suggestions for Firefox add-ons below.

NoScript (https://noscript.net): I assume you’re already using this nearly ubiquitous security enhancing add-on, but I’ll put it on here anyway.

HTTPS Everywhere (https://www.eff.org/https-everywhere): Redirects insecure web traffic to a secure connection if possible.

Ghostery (www.ghostery.com): Allows you to view and block web trackers on pages you visit.

Random Agent Spoofer (https://github.com/dillbyrne/random-agent-spoofer): Leads websites you visit to believe you are using a user agent which you really aren’t; for example, I could be using Firefox on Ubuntu and the page I am visiting would think I’m using Chromium on Mac. This helps muddy the waters for traffic analysis.

Self Destructing Cookies (https://addons.mozilla.org/en-US/firefox/addon/self-destructing-cookies/?src=api): While it is possible to completely disable cookies in your browser, many websites can’t function without them. This add-on gets rid of cookies after a set interval, allowing you to freely browse the web but also maintain a reasonable level of security.

SSleuth (https://github.com/sibiantony/ssleuth/): Uses set criteria to rank the security of an SSL connection on a scale of 1 to 10. See how safe you are on your favorite sites.

FoxyProxy (getfoxyproxy.org): Proxies are a tried and true method for obfuscating online activities; you can find lists of open proxies with a simple Google search. The real advantage (and the main reason I use FoxyProxy) is being able to route traffic through Tor or i2p with a simple click, no special browser required.

UBlock Origin (https://github.com/gorhill/uBlock): doesn’t have anything to do with security, but ads are fucking annoying and UBlock doesn’t accept payment to whitelist ads like AdBlock. (fuck AdBlock forever for that)

 

Next: Email. First off, fuck Gmail, fuck Yahoo, fuck Outlook, fuck any commercial email service really. They’re more than likely logging your metadata (or worse) and selling it to the highest bidder. If you’re concerned in the slightest with privacy and anonymity, a more secure email service is necessary. The A/I collective (http://www.autistici.org/en/index.html) has been around since 2002.  They’ve endured a few court battles with law enforcement officials, and they know their shit when it comes to security. They don’t log anything, so even if law enforcement were to win in court (they won’t) there would be nothing to see anyway. You have to request an account, and some effort is required, but if you’re reasonable you should have no problems. They typically respond within a week to your request, so be patient. Also, donate if you can, their network maintenance costs are staggering. Another service worth mentioning is ProtonMail (https://protonmail.com/), I use it as my secondary secure account. In addition, do not register these accounts under your real name. Find yourself a pseudonym or use a fake name. For the extra paranoid among us, there are also anonymous remailer services, which, when used in conjunction with secure email providers, lead to almost complete anonymity, at a price: you can’t receive replies to emails sent with them. I use MixMaster (http://mixmaster.sourceforge.net/) if I find I need to; more often than not the use of MixMaster is not required. Now, on to the topic of email encryption. PGP is the gold standard when it comes to keeping email conversations private. While it is possible to integrate PGP encryption with various desktop email clients, I prefer to use gpg4usb (http://www.gpg4usb.org/). It allows for easy key creation and import, and provides one of the most pleasant and simple ways to encrypt, decrypt, and sign messages or documents (PGP encryption is REALLY EASY to fuck up for those with less technological literacy; get confident using it before you go around sending extra sketchy shit, and even then, err on the side of caution.)

Tor and other anonymizing networks have been garnering lots of media attention as of late; they are demonized as safe havens for drugs, child porn, stolen credit cards, and assorted other nefarious activities. However, these isolated corners of the internet are not the main purpose behind Tor, i2p, freenet, etc. These services exist simply to keep you from being identified as you when you visit a webpage. If you’re using Linux, routing traffic through Tor is easy; install Tor on your system using your distro’s package manager, start the Tor service, then create a new proxy in FoxyProxy or a similar add-on, setting the SOCKS host to listen on 127.0.0.1, port 9050. When you route traffic through Tor in this manner, you can switch between anonymous and regular browsing with ease; you can even configure your proxy add-on to automatically route certain URLs through Tor by default, if you need to remain anonymous while using certain services. If you’re using Windows (sigh) then you can head on over to https://www.torproject.org/ and download the handy Tor browser, which starts the Tor service on your system automatically and is configured to push all traffic through the Tor network. If you need to share files anonymously, check out Onionshare (https://github.com/micahflee/onionshare); I won’t go into details, but do your homework (just google it) and you’ll find Onionshare to be quite awesome.

Lastly, choosing a VPN service that works with your needs. Personally, I use Cryptofree, but a paid service is best if possible; free services have been known to collect data on hackers, file-sharers, etc. and share it with our best pal the Department of Justice. I’ve heard nothing but good things about Private Internet Access, as well as Mullvad or NordVPN. Bottom line is, forking over a couple bucks a month to stay secure is nothing worth stressing about; think of it as an investment in your online safety.

For those who want to create encrypted volumes for secure storage of sensitive data, VeraCrypt (https://veracrypt.codeplex.com/) is my go-to. It’s free, open source, easy to use, and reasonably secure.



 

and thus concludes the guide. hope it was helpful.
-- "dude....there's table in that weed"

Offline Trap_lord

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -20
    • View Profile
Re: short anonymity/privacy guide
« Reply #1 on: February 18, 2016, 03:42:43 pm »
Pretty good guide, I use windows 10 but I have the tor browser and several vms. I also fully encrypted my hard disk (fuck you NSA) and am setting up a proxy.

Nice tutorial tho,
Cheers :)
This is your life and it's ending one minute at a time - Fight Club(1999)

Offline deltonos

  • Serf
  • *
  • Posts: 36
  • Cookies: -2
    • View Profile
Re: short anonymity/privacy guide
« Reply #2 on: February 18, 2016, 04:12:29 pm »
I also fully encrypted my hard disk (fuck you NSA) and am setting up a proxy.

Nice tutorial tho,
Cheers :)

So, Windows partition mounted, system alive calling back "home" <--using TOR and you still belive you´re safe? LOL and more LOL ... sorry dude, under Windows10 NSA and MS are fucking you by your "back street door" :P
If you want total privacy:
Dont use windows&OSX . End of quote.

Offline th3l4st

  • Serf
  • *
  • Posts: 21
  • Cookies: -2
    • View Profile
Re: short anonymity/privacy guide
« Reply #3 on: February 18, 2016, 09:26:10 pm »
Pretty good guide, I use windows 10 but I have the tor browser and several vms. I also fully encrypted my hard disk (fuck you NSA) and am setting up a proxy.

Nice tutorial tho,
Cheers :)

deltonos is right mate, don't even think you are even close to security by using Windows. Don't use proprietary software at all!! Stick to Linux, set up a good machine with good measures but reject MS products as hell!
« Last Edit: February 18, 2016, 09:26:37 pm by th3l4st »
"Privacy is like bacon, it makes everything better." Zoz, DEFCON 22

"Timeo danaos et dona ferentes" Laocoön, Aeneid

youngcub

  • Guest
Re: short anonymity/privacy guide
« Reply #4 on: February 19, 2016, 01:21:26 am »
Any thoughts on Strategem linux spinoffs.. How about virtual box on windows 10 running ubuntu... With the Ubuntu Amazon collaboration, is using ubuntu still a good idea. Just some questions that  poped up as I was reading through... Looking forward to your thoughts on these. Thanks!

Offline rogue.hackz

  • Peasant
  • *
  • Posts: 55
  • Cookies: 4
    • View Profile
Re: short anonymity/privacy guide
« Reply #5 on: February 19, 2016, 07:37:40 am »
Quote
Any thoughts on Strategem linux spinoffs.. How about virtual box on windows 10 running ubuntu... With the Ubuntu Amazon collaboration, is using ubuntu still a good idea. Just some questions that  poped up as I was reading through... Looking forward to your thoughts on these. Thanks!

Hate to say it but Ubuntu these days is just a piece of garbage. Especially with search result tracking and call home features similar to Windows7, ya sure you can turn off certain features but if I'm paranoid / concerned about my security / privacy I'd start off from a clean slate and build my way to the top (Arch Linux) rather than take something that I have no clue about.

Sure Ubuntu has really good support out of the box, but personally I hate Unity. Bloated piece of annoying shit.

If you're starting off on Linux there are better alternatives to Ubuntu like Linux Lite, Mint, etc.

« Last Edit: February 19, 2016, 08:06:58 am by rogue.hackz »
"The only true wisdom is in knowing that you know nothing" -Socrates

youngcub

  • Guest
Re: short anonymity/privacy guide
« Reply #6 on: February 19, 2016, 10:39:52 am »
Finally! Yes, Ubuntu is totally bloated and getting bulky by the second, second that pal! Surely covering with a Joeburg African phrase and talks on world peace is a good marketing plus. Well backtrack packages were definitely a good tools to start with but Kali Pen testing caught my interest. Com'on fellas with HoneyPot's deceptive OVA and linux decepticons for motifs are there much choices. Hmm... Arch linux write code, debug,  test, customize. O' Lord what have I wrought!

Offline Trap_lord

  • /dev/null
  • *
  • Posts: 19
  • Cookies: -20
    • View Profile
Re: short anonymity/privacy guide
« Reply #7 on: February 19, 2016, 05:41:57 pm »
Ya i know windows is completely fucked and that's why I plan on switching to linux as my main OS. I was thinking maybe kali but it isn't very practical for day to day use. Plus most applications I use are designed for windows.
This is your life and it's ending one minute at a time - Fight Club(1999)

Offline th3l4st

  • Serf
  • *
  • Posts: 21
  • Cookies: -2
    • View Profile
Re: short anonymity/privacy guide
« Reply #8 on: February 19, 2016, 07:12:20 pm »
Hate to say it but Ubuntu these days is just a piece of garbage. Especially with search result tracking and call home features similar to Windows7, ya sure you can turn off certain features but if I'm paranoid / concerned about my security / privacy I'd start off from a clean slate and build my way to the top (Arch Linux) rather than take something that I have no clue about.

Sure Ubuntu has really good support out of the box, but personally I hate Unity. Bloated piece of annoying shit.

If you're starting off on Linux there are better alternatives to Ubuntu like Linux Lite, Mint, etc.

What about plain, pure Debian? It should be more secure than Ubuntu (no call home features or controlled searches on the home) and after all it is Ubuntu's father!
« Last Edit: February 19, 2016, 07:13:07 pm by th3l4st »
"Privacy is like bacon, it makes everything better." Zoz, DEFCON 22

"Timeo danaos et dona ferentes" Laocoön, Aeneid

Offline deltonos

  • Serf
  • *
  • Posts: 36
  • Cookies: -2
    • View Profile
Re: short anonymity/privacy guide
« Reply #9 on: February 19, 2016, 07:39:20 pm »
What about plain, pure Debian? It should be more secure than Ubuntu (no call home features or controlled searches on the home) and after all it is Ubuntu's father!

The real problem is at the end we want to search everything at google :P

Offline dimi

  • Serf
  • *
  • Posts: 37
  • Cookies: 2
    • View Profile
Re: short anonymity/privacy guide
« Reply #10 on: February 19, 2016, 08:46:18 pm »
The real problem is at the end we want to search everything at google[emoji14]
Duckduckgo then?

Offline th3l4st

  • Serf
  • *
  • Posts: 21
  • Cookies: -2
    • View Profile
Re: short anonymity/privacy guide
« Reply #11 on: February 19, 2016, 09:05:31 pm »
The real problem is at the end we want to search everything at google :P

As of now I stick with Startpage which somehow proxifies your google searches by getting what you want to search, routing it through their servers and asking google for you without revealing (at least it's what they say) your identity...

Duckduckgo then?

Beware of DuckDuckGo, there's something wrong with it. Aside from the fact that last time I used it (2 months ago) their search results where not that good, there's been some concerns about them not saying all the truth about their privacy policies. I've seen many people complain about it so I decided to drop it out and move to Startpage.
« Last Edit: February 19, 2016, 09:09:12 pm by th3l4st »
"Privacy is like bacon, it makes everything better." Zoz, DEFCON 22

"Timeo danaos et dona ferentes" Laocoön, Aeneid