User Controls

Navigation

Niggas in Space > Technophiliacs & Technophiles > How do you maintain your privacy/safety on the internet? AKA The NETSEC thread.

How do you maintain your privacy/safety on the internet? AKA The NETSEC thread.

  1. 2015-07-23 at 11:24 PM UTC
    #1
    Sophie Pedophile Tech Support
    I have a paid VPN whom i trust, based in germany which has strict data privacy laws. On top of that i use firefox and have a couple of security addons, like ZenMate, it's a web VPN which i can run ontop of my normal VPN it's handy for when i need to switch IP's with the click of a button. Of course i also use the addon HTTPS everywhere, NoScript and advanced add blocker. I should probably get something to block sites from extracting HTML5 canvas data as well. I use User Agent Switcher too.

    What's more i don't keep cookies beyond sessions and have the addon World IP, it has a lot of feautures but what i like it most for is that it displays my apparent (VPN, Proxy, or real) IP in the top right corner of my browser so that i always know which IP i'm on and that i am protected, i use a program called DNSCrypt as well it turns regular DNS traffic into encrypted DNS traffic that is secure from eavesdropping and man-in-the-middle attacks.

    For super serious business i use TOR of course and reroute all my TCP traffic through the TOR network. I have proxifier so that i can proxychain to hide the fact i am using TOR and add another layer of security.

    I have a number of offensive security addons as well but we can have another thread for that.

    So tell me about your setup?
  2. 2015-07-26 at 7:26 PM UTC
    #2
    Lanny Bird of Courage
    Pretty much just tor or tor+VPN in VM (the likelihood of the VM helping is so miniscule but ever since the magneto thing I guess it doesn't hurt), but day to day I don't do much on that front. The browser security model is pretty solid, javascript really doesn't represent a very meaningful security risk anymore. I have HTTPS everywhere but with the non-aggressive approach (where it will still put a HTTP request through if SSL isn't available).
  3. 2015-07-26 at 9:20 PM UTC
    #3
    Sophie Pedophile Tech Support
    Pretty much just tor or tor+VPN in VM (the likelihood of the VM helping is so miniscule but ever since the magneto thing I guess it doesn't hurt), but day to day I don't do much on that front. The browser security model is pretty solid, javascript really doesn't represent a very meaningful security risk anymore. I have HTTPS everywhere but with the non-aggressive approach (where it will still put a HTTP request through if SSL isn't available).

    The new NoScript also blocks XSS which is a nuisance for me but probably pretty handy for a defensive minded person also yeah i think a VM may help. If you encrypt the virtual drive file with veracrypt or truecrypt it helps with anti-forensics too. Also some virtualisation software is more secure than others.

    Super sec would obviously be boot from flash drive with TAILS since it leaves no trace on your physical machine, with the option to save files that need saving to a encrypted external HD.
  4. 2015-07-28 at 5:33 AM UTC
    #4
    Sophie Pedophile Tech Support
    While we're on the topic of javascript, appearently the new and improved version of ettercap unironically called bettercap can inject js files into every HTTP response of the network via the built in HTTP server.

    http://pastebin.com/ecfqPNmV

    Serve file with command:

    sudo bettercap --httpd --http-path=/path/to/your/js/file/ --proxy --proxy-module=inject.rb
  5. 2015-07-28 at 12:46 PM UTC
    #5
    aldra JIDF Controlled Opposition
    not using your name or any real information in signups, blogs, social networking etc. is enough to stop most kidiots, but the sheer amount of information you have to provide if you have a decent job and any utilities, bills etc. means unless you completely obfuscate your connection details all the time, uncle leo will probably be able to eventually find you. I guess it's just a matter of making the effort unworthwhile (dunno if that's even a word). I honestly don't put all that much effort in anymore - it's become a lot more tiresome in the last 5-10 years due to spyware ('advertising initiatives') and data collectors being built into fucking everything popular, along with the proliferation of applications and services whose primary purpose is invisible to the user.
  6. 2015-07-28 at 6:24 PM UTC
    #6
    Sophie Pedophile Tech Support
    not using your name or any real information in signups, blogs, social networking etc. is enough to stop most kidiots, but the sheer amount of information you have to provide if you have a decent job and any utilities, bills etc. means unless you completely obfuscate your connection details all the time, uncle leo will probably be able to eventually find you. I guess it's just a matter of making the effort unworthwhile (dunno if that's even a word). I honestly don't put all that much effort in anymore - it's become a lot more tiresome in the last 5-10 years due to spyware ('advertising initiatives') and data collectors being built into fucking everything popular, along with the proliferation of applications and services whose primary purpose is invisible to the user.

    I suppose you're right but i like to take every measure i can to make it as hard as possible for anyone with malicious intent to do me harm in one way or another.
  7. 2015-11-04 at 3:41 PM UTC
    #7
    Hewfil1 Houston
    I run Comodo Dragon, but I'm thinking of getting IceDragon for the sake of the add-ons like what you had considering they're Gecko based, and Dragon is Chromium based.
  8. 2015-11-04 at 10:25 PM UTC
    #8
    SBTlauien African Astronaut
    Cash > Prepaid Smart Phone and Service Packs > Register with fake info > Root Phone > Tether Phone > TOR Only then can I let the communist Muslim in me shine.
Jump to Top