[–] [deleted] 3 points 26 points (+29|-3) ago 

[Deleted]

[–] [deleted] 0 points 10 points (+10|-0) ago 

[Deleted]

0
2

[–] SoloPoloVision 0 points 2 points (+2|-0) ago 

a VPN won't stop a malware attack though

1
0

[–] totes_magotes 1 points 0 points (+1|-1) ago 

Motherfuckers won't get shit out of me either.

0
26

[–] lbruiser 0 points 26 points (+26|-0) ago 

0
5

[–] germinator 0 points 5 points (+5|-0) ago 

The link to https://www.privacytools.io/ is a great resource. There is a lot of very good information on that site. This link should be at the top of the comments. Everyone should read the information on this site.

0
1

[–] lbruiser 0 points 1 points (+1|-0) ago 

Should be in the side bar at least.

0
15

[–] ShowMeYourKitties 0 points 15 points (+15|-0) ago  (edited ago)

Ooh gurl, this my jam.

First and foremost: SIMPLY USING TOOLS WILL NOT PROTECT YOU IF YOU USE THEM INCORRECTLY.

VPN: A VPN is a good first choice, go with a company that has a zero log retention policy. However, you can still be de-anonymized by correlation.

What I mean by this is If you're using a vpn/tunnel to shitpost on voat, don't log into twitter/facebook with the vpn if you don't want your usernames/accounts correlated to each other. This is only really a viable tactic for law enforcement and actors with judicial powers of subpeona over the companies with your data.

FULL DISK ENCRYPTION: This is an option that is available for most operating systems (mobile or otherwise). Its easiest to do with a linux setup using LUKS and lvm, but there are options available for windows (not sure about mac)

If someone steals your hardware (phone, laptop), they'll have access to anything where you saved your password, anything with a cookie set and a live session.

Honorable mention: If you can't encrypt your disk fully, you can use tools like VeraCrypt to create encrypted containers

IF A SITE YOU'RE VISITING HAS A CERTIFICATE ERROR, BEWARE

This goes doubly so if you're in a public place, using their wifi. Through an attack called Man In The Middle, someone on the same network as you could poison the networks ARP table and trick any or all devices on the network to believe that the malicious user is the router, and thus having all their traffic go through the malicious user.

When your traffic goes through their machine, they can use tools like ettercap, iptables, sslstrip, SET, and BeEF to clone your favorite sites, redirect your dns requests, downgrade your browsers http encryption and generally fuck your shit up, fam.

DONT PLUG THAT USB THAT YOU FOUND INTO YOUR LAPTOP, YOU FUCKING TWIT

Ever walked around a parking lot of a convention, and seen USB sticks on the ground?

Its a common tactic to spread malware. They usually have firmware exploits and will infect your machine the moment they're plugged in.

DONT USE THE SAME FUCKING PASSWORD FUCKING EVERYWHERE, YOU FUCKING MORON

This one should be obvious, you don't want all of your accounts to be compromised because one of them was compromised.

USE NOSCRIPT
Remember that BeEF thing earlier? Uses a lot of javascript to do its `thang. Noscript will only allow the sites you choose to use scripts.

0
1

[–] Tzitzimitl 0 points 1 points (+1|-0) ago 

is ublock and noscript redundant?

0
1

[–] ShowMeYourKitties 0 points 1 points (+1|-0) ago 

Nope, one blocks known advertisers from serving content to your browser (ublock)

The other disallows all javascript unless you whitelist a site and allow it to run scripts.

0
1

[–] BB-3 0 points 1 points (+1|-0) ago 

Not at all.

0
0

[–] Kal 0 points 0 points (+0|-0) ago  (edited ago)

Why would you really need to encrypt your hard drive? I mean, really. Does your average Joe that just likes the idea of privacy really need to go to such extremes? Is there really anything on most people's computer's worth encrypting? You guys aren't Snowden or Assange.

Never mind, I am encrypting my drive now. My illegit copy of Batman Returns is safe as fuck now.

0
2

[–] ShowMeYourKitties 0 points 2 points (+2|-0) ago 

I do it on my laptop for work, because if the laptop got stolen my employer wouldn't be too happy about some thief having their intellectual property.

I do it on my personal machines because I dont want my personal data in the hands of a thief if it were stolen, also for funsies, and simply because I can.

0
0

[–] Wahaha 0 points 0 points (+0|-0) ago 

Is full disk encryption playing nice with SSDs?

0
0

[–] ShowMeYourKitties 0 points 0 points (+0|-0) ago  (edited ago)

I've never had any issues.

I use LVM to have my os spread across two drives (500gb SSD for /boot and sys directories, 2TB rpm drive for home) and then encrypt one of those volumes.

0
0

[–] Voopin__Voopin 0 points 0 points (+0|-0) ago 

fuckin' right, betty. we sing and dance in a circle, no boys allowed!

thank you very much for this; very informative :)

0
7

[–] Voatifier 0 points 7 points (+7|-0) ago 

I use with windows millennium edition on a 386sx processor through a pair of 28,8 modems shotgunned through net zero. IE 6.0 ftw.

Good luck, alphabet soup types.

0
1

[–] Atarian 0 points 1 points (+1|-0) ago 

I use CAB 3.0 browser on TOS 4.04 on my Motorola 68030 processor driven Atari Falcon.

MFW bullet proof.

0
4

[–] pcdude 0 points 4 points (+4|-0) ago  (edited ago)

Also, consider using ProtonMail, bleachbit and cover/disconnect cameras and mics not in use.

1
3

[–] lord_nougat 1 points 3 points (+4|-1) ago 

And be sure to wipe down your computer with, like a cloth or something.

0
4

[–] tame 0 points 4 points (+4|-0) ago 

Might be worth mentioning not only ABP / uBlock, but also PrivacyBadger. It's published by the EFF and checks all cookies to see whether they're tracking beacons.

0
3

[–] xbryn 0 points 3 points (+3|-0) ago 

Self-destructing cookies is also good.

[–] [deleted] 0 points 0 points (+0|-0) ago 

[Deleted]

0
0

[–] tame 0 points 0 points (+0|-0) ago 

It usually kicks up a few trackers, now to be fair it's arguable whether there's anything useful to learn from "IP address X loaded this page" but I dunno, it comes up with a big red "blocked" number that seems pretty truthy.

1
4

[–] Mick 1 points 4 points (+5|-1) ago 

For my 2 cents, people should use Duck Duck Go as their search engine - or if using Google, use it in incognito mode.

0
9

[–] xbryn 0 points 9 points (+9|-0) ago 

Startpage and searx.me are also good search engines.

0
1

[–] Mick 0 points 1 points (+1|-0) ago 

Thanks, I will try them out.

0
3

[–] Narikonus 0 points 3 points (+3|-0) ago 

I thought DDG wasn't a good choice because of their pairing up with Google. I use startpage myself.

0
4

[–] k00dyk00ps 0 points 4 points (+4|-0) ago 

Didn't they use servers owned by Yahoo, who shares their servers with the NSA?

https://duckduckgo-owned-server.yahoo.net

https://www.engadget.com/2016/10/04/yahoo-mail-nsa-fbi/

0
1

[–] Mick 0 points 1 points (+1|-0) ago 

DDG markets itself as 'the search engine that doesn't track you.' I hope that hasn't changed?

0
0

[–] xbryn 0 points 0 points (+0|-0) ago 

Source on the Google pairing? Some quick searching shows they partnered with wolfram-alpha and yandex, but nothing about google.

[–] [deleted] 0 points 2 points (+2|-0) ago 

[Deleted]

0
0

[–] Mick 0 points 0 points (+0|-0) ago 

for chrome or derivitave, add "-incognito" to windows shortcut, or "--incognito" to linux .desktop/launcher file to default to incognito mode

Great tip, thanks :)

0
3

[–] SoloPoloVision 0 points 3 points (+3|-0) ago 

Tails OS, live booting Linux CD with TOR built-in.

load more comments ▼ (17 remaining)