[deleted]

I agree that chrome is creepy for privacy but it is faster than Safari on a mac. Obviously you should NEVER login to Chrome with your Google account.

[deleted]

I used them both five minutes ago - Chrome still faster at using the web. fuck your benchmarks i've got two eyes.

Safari is much slower for me.

Addressing the image:

• 1 - The RLZ identifier contains only non-identifying stuff anyway. Can be disabled. If you're paranoid, just download SRWare Iron or Chromium.

• 3 - The clientID can be disabled.

• 4 - So?

• 5 - You can disable that.

• 6 - You can remove the software updater.

• 7 - You can disable that.

• 8 - Non-identifying.

And the second picture is the same; Google paranoia. Most of the objections listed are optional and can be disabled anyway. The "connects to websites in the background before you are finished typing them" is a feature of Google search - the solution? Don't use Google search if you don't want to experience its features.

Chrome sends the name of downloaded files sure, but I want a citation for the "stores your IP" part.

Not only that, but a lot of this stuff is in every browser.

[deleted]

Well for example,

http://www.mozilla.org/en-US/firefox/phishing-protection/

Every site you visit is transmitted to Mozilla to check against lists they've created.

http://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/

Everything you type in the search box, letter-by-letter is sent out to your search provider.

http://forums.mozillazine.org/viewtopic.php?f=23&t=1226785&sid=2ebd03d68df2b9de5ea5dfde152fdc6f

Geolocation turned on by default in the past, changed now.

I don't use iDevices so I'm not very familiar with Safari.

[deleted]

You're right about that first page. I don't know what I read the first time.

You can block the comms with Google in Chrome as well, so it's equally as relevant.

In newer FF you get a notice, that wasn't originally the case.

[deleted]

Can you be sure your ISP isn't selling everything you do to someone?

At some point you have to draw a line and accept that getting access to the internet means someone's tracking you and knows who you are.

[deleted]

DNS calls never travel over SSL, so they can at a minimum view the hostnames you are watching. And if you believe for example that the NSA is warrantlessly spying on you, is it a stretch to believe your ISP might not be honoring its contract?

Also, with a sophisticated man in the middle attack, you would never know if your SSL is being intercepted and monitored. It's technically possible but hasn't been demonstrated on a wide scale yet. But that also doesn't mean someone isn't doing it and just hasn't demonstrated it.

[deleted]

Actually, if you use certificate pinning, the MITM attack will fail. Certs of all of the important sites that I use are pinned on my computer and I'd get a warning if anyone attempted MITM attack.

This is interesting. So how do you trust a new cert from a site once the one you have is expired? How do you know the new one you're getting is trusted?

[deleted]

How do you know?

The code that generates RLZ is open source, and has been for a while.

As for your "can be disabled" comments... heh... right. Like Google can be trusted with that.

But they're all things which are disabled client-side... You could just sandbox Chrome and check data sent, and look at its consistency with disabled/enabled features. Or just look at when Chrome talks to Google's servers.

I can't even find a source for Chrome sending the name of downloaded files.

9000sins rules.

Put this (Tails, brought to you by the team that created Tor) using the USB tool provided on the website put it onto a Thum-drive; plug that Thumb-drive into any public machine in a library, school, at work, ect; boot the computer from USB, read the faq about making sure everything you do in this version of Linux is encrypted; and be non-existent on the internets. You will 100% be anonymous, and the computer will not even be able to tell you booted it up as all the info stores and deletes itself on the USB Thumb-drive. Ninja-internet to the max with this shit.

Nice!

There's also liberte linux. Do you have any comments as to the differences or suitablility of one over the other?

Using 127.0.0.1 in the hosts file (local loopback) has the downside that the browser tries to establish a connection every time, and might actually find something if you're running a webserver or some other software operating on port 80 (e.g. TeamViewer). Use 0.0.0.0, it's invalid and the browser won't attempt to do anything once the domain is resolved. It's probably just a minor difference, though.

More importantly, regarding TOR and proxies in general: Don't be stupid when using proxies. Sure, the website you're connecting to won't know your real IP address, but they'll still get everything else, including tracking cookies. Be sure to disable cookies and plugins (Flash, Java, ...) while doing this, or you may compromise any anonymity you gain. The TOR browser bundle will do this for you. Some general purpose proxies will also add HTTP headers identifying your real IP address.

Also very important: Do not transmit any private information through proxies unencrypted. The proxy server knows you, and it knows what you transmit and receive (for TOR, the nodes will only know one of those things). When you visit websites without HTTPS, or use other unencrypted services (e.g. standard SMTP/e-mail), the exit node can gather your login credentials and the messages you send. You might actually increase your risk this way. Finding the person behind an IP address requires legal powers, logging into your e-mail account and finding a receipt with your name on it doesn't. If you don't trust your ISP and upstream internet providers, do not trust some anonymous guy who sets up a proxy/exit node.

Excellent and informative post. Upvoted. I encourage people to take precautions to protect themselves. That having been said...

It's also worth noting that all of these items and procedures can be used as evidence against you, ala "suspicious behavior" (why's he being so secretive? etc.). It's a lose-lose situation.

Protect yourself. Wear a condom. Etc. It's wise. But just know what the government will say about people who want to protect their privacy "if you're not doing anything wrong, then you have nothing to hide [from us]".

It's also worth noting that all of these items and procedures can be used as evidence against you, ala "suspicious behavior" (why's he being so secretive? etc.). It's a lose-lose situation

Can this be used against you in court?

Regardless, depending on what you peep it may be safer to risk it than to browse in the buff.

If you can get rid of the sdcard you booted from, no such questions will be asked: http://www.reddit.com/r/conspiracy/comments/ylacm/internet_privacy_for_dummies_dont_want_to_be/c5wrhcj

Can this be used against you in court?

blank stare

"In closing, I would also like to remind the jury that the defendant had engaged in highly suspicious behaviors to cover up all of this suspicious activity, using such programs as ..."

It all depends on the judge, my friend. One man gets to make those decisions about relevancy and whether or not to allow it.

Why the downvotes? That is exactly how it will play out in a US court room.

When there was some semblance of the rule of law it was clearer to discern these things. Now though...

Guess this is part of the nature of greater novelty, it requires more expansive awareness.

It's also worth noting that all of these items and procedures can be used as evidence against you, ala "suspicious behavior" (why's he being so secretive? etc.). It's a lose-lose situation.

Got a case precedent on that one? Because I'm calling bullshit.

Hello conspiratard. <-- that's me calling fuck off.

comments like that are why /r/conspiratard exist.

What other stuff do you believe and parrot without evidence?

You haven't been keeping up with all of my personal references. You should build a better profile of my background and employment history.

comments like that are why /r/conspiratard exist.

Yes, we know. Not a single one of you has any sort of life, so you spend all day polishing your trollery. Now bring your bury brigade so no one sees this comment. You have to get it to -6 quick, or a noob might see it and start learning too fast.

You should build a better profile of my background and employment history.

It must be scary and sad to be afraid of everyone all the time. I pity you.

Cute. :)

When you trolls come up with something better than "characterize for the purpose of mockery", let me know.

If I was afraid, I certainly wouldn't be here begging for attention from the government. Now, would I?

I suppose you think it's completely reasonable to assume you're the target of some sort of in-depth longterm investigation then?

Fuck off.

You know so very much. You are so very smart. Yet, you cannot solve this.

I have no idea what your point is.

I rest my case.

I think you're the only one that knows what it is to begin with. So congrats?

Th case precedent information you requested is in an AMA I did and x-posted here pertaining to my five year pro se legal battle. (you'll have to look for that yourself).

That is, I've actually been in a court room, multiple times, defending myself... against a corrupt District Attorney... and won.

What do you have that compares to that?

Can you provide specific examples of suspicious actions like securing your computer being used as evidence and succeeding?

Can you troll troll troll your ass right on out of here? Thanks.

Sincerely,

Pretty much everyone.

Pretty much everyone.

You're the only one responding here.

Edit: Why bother responding if you're not willing to have a real conversation, by the way?

Because you are a troll, trolling a dead thread. You must think I'm as stupid as you are, to ask such stupid questions.

K

Do you have a recommendation for a private/anonymous IM program?

OTR works with most well known clients and protocols. Both partners need to use it, of course.

How about search engines and such? I keep hearing DuckDuckGo is the safest bet, and it seems pretty reasonable and legitimate when using.

[deleted]

See: https://startpage.com/eng/?

And don't forget to tell people all that stuff won't help you a bit once you log on to facebook.

[deleted]

i was going to mention ixquick too. at mycroft you can get customized preconfigured search engines like duckduckgo and ixquick with ssl no filtering and 100 results. firefox search engines at mycroft ixquick ssl no filtering 100 results

If you follow the rest of the advice and block cookies, there's no real issue with using Google. Unless you're opposed to contributing to their general, non-individual statistics.

Thanks mate.

And Facebook. "Building a dossier on yourself"

Dump Facebook.

I recommend first of all that no one should use internet explorer. Ever.

This is valid even from not wanting viruses standpoint.

Also, using Chrome is basically NOT having any privacy - it is google after all.

I use Firefox myself.

For a fun activity, goto

Options ==> Options ==> Privacy tab ==> Click on Show cookies

Freak out.

http://www.guardian.co.uk/technology/2012/apr/13/tracking-the-trackers-cookies-web-monitors

http://www.guardian.co.uk/technology/2012/apr/23/cookies-and-web-tracking-intro

Make sure to delete all cookies AFTER you close a browser.

For best results, make the browser ASK you every time it wants to load a cookie tracker - but it can get annoying, clicking 8-20 times per web page...

One more thing: there are many cookies that you will ONLY be able to opt out of (very difficult to get rid of them, as they load every time you log onto the net - apologies, I forgot a specific one I just took out yesterday).

After you delete all the cookies...

If you see a cookie loading every time you log onto the web, google it and opt out - those are tracking cookies which are not on any web page but load every time you start surfing.

Thank you very much!

I don't use Facebook...but for others out there addicted to social media can anyone offer any "safer and more secure"social media networking programs alternatives?

I have an old laptop with no hard drive. I also have a collection of linux distros each with a number of browsers on sdcards with write-protect on. You boot from the sdcard (A dvd drive will do, too, but it's slower), nobody is going to plant spyware on your system.

I run a Mac, and will never use a Google product again.

Google has proven repeatedly that they have no respect for users privacy. In fact, they just got fined for hacking Safari around the privacy setting, to allow them to track Safari users.

When you install a google product, they take it upon themselves to install their "keystone agent" that launches on startup and runs ALL THE TIME in the background wether you are using a google product or not. If you install a google product, and then sniff your network traffic you will see this agent constantly communication with Google. Then, even if you uninstall the original google product, the keystone agent is left behind - constantly sending data to google. You have to go online and search for instructions on how to remove it.

This is completely unacceptable. Furthermore, instead of installing it by convention, where the user can see it in their startup items list, they hide it and install it as part of the system startup - so it runs for ALL users. Again, completely unacceptable.

It does basically the same thing on linux - havent used windows in years so dont know if it does there too, but probably.

When a for-profit company gives you something for free.. google chrome, google earth, google docs, gmail etc etc etc... It aint free at all, because YOU'RE the product, and they're selling YOU down the line to someone else.

Stay the fuck away from Google anything if you value your privacy. Go open-source non-profit. Firefox etc..

If you like the Chrome browser, try Chromium instead havent tried it, but I've heard good things.

Very nice guide.

Not only helpful but also clear and concise.

Good info for all levels of internet security.

Also - good looks to everyone else helping out in this article!

And seriously, if anyone absolutely needs to do something very hush-hush dangerously stupid, do not use your home network. Find a wifi in a public building/location. Don't use other people's unsecured networks even if you can, it's totally uncool to get them possibly falsely red-flagged for something you did.

We now live in the era of the ubiquitous surveillance by security camera everywhere. Before, using a public wifi was a nobrainer. But now, you have to carefully consider the tradeoffs between TOR and 3rd party public wifi.

I would recommend using public wifi only in heavily crowded areas where many people use it. Cameras can't yet pinpoint specific wifi users.

[deleted]

Huh??? Your MAC never leaves the subnet. Nothing in the browser has access to the MAC, except 3rd party plugins. And you can leave a stastical "fingerprint" without a MAC or IP address anyway:

https://panopticlick.eff.org/

[deleted]

Bullshit. MACs do not leave the lan. Neither do wifi SSIDs. Why? because they are completely useless on the internet at large.

Now, if you have a virus/torjan/malicious plugin that is running on your computer, it can report the MAC back to some server. But then you're fucked anyway.

And now that I think about, if you're using ipv6, some addressing schemes by default put the MAC in the lower 48 bits. But that is easily changed by the user, and ipv6 is still very uncommon. If you don't know with ipv6 is, you're not using it.

He seems to misunderstand the function of a physical address, but his Starbucks comment kinda makes sense. They might log MAC addresses, and theoretically changing yours frequently could improve your anonymity in case you use the same public wifi regularly.

Here are some more tips:

1) Virtual machines are your friends. So is linux.

Setup a generic virtual machine and surf from there. This provides total isolation from the host filesystem and any identifying information contained therein.

If you're really paranoid, then use Linux, as Windows assigns a unique ID to every installation (part of the anti-piracy / Genuine Advantage stuff). Not sure if Macs have the same issue.

If you're going to use TOR, use it in a virtual machine stored on a truecrypt volume.

2) advanced firefox settings:

Many people don't realize that Firefox by default will send the URL of a "suspicious" site to google for checking. Sure it's hashed to hell and back for your protection, but it's still a potential information leak. The service is called "Google safebrowsing" and here's how to disable it:

• 'visit' the url about:config
• in the filter, type in "safe"
• doubleclick the following lines to change their value to false:
  • browser.safebrowsing.enabled
  • browser.safebrowsing.malware.enabled

If you're using things like noscript and adblock plus, then GoogleSafeBrowsing is of limited value.

Another service that can leak is the Online Certificate Status Protocol. This service checks the ssl certificate of each secure site you visit to see if it has been revoked. Now I don't recommend disabling this in general; only if you are worried about someone sniffing your traffic in transit and are EXTREMELY paranoid. Turning this off means your browser won't know if a ssl security certificate has been revoked (usually done when a site is compromised). But it does leak information to a centralized authority, so I'll include it there

• Tools->Options->Advanced->Encryption->Validation
• uncheck the "Use Online Certificate Status Protocol ..." line

Again, only do this if the risk of being slightly tracked by central authorities significantly outweighs the risk of visiting a compromised site. In other words, don't do this.

3) firefox proxy settings

If you are using a type of proxy called "socks", then you must enable the following setting. Otherwise, DNS queries do not go through the proxy but instead through your ISP, giving your ISP a list of all the sites you visit.

• 'visit' the url about:config
• in the filter, type in "socks"
• doubleclick "network.proxy.socks_remote_dns" to set to true

Note that this setting only works for socks5 (socks version 5) proxy.

4) other important firefox plugins:

https://addons.mozilla.org/en-US/firefox/addon/foundstone-html5-local-storage

This gives you visibility into the new Local Storage component that allows website to store data in your browser. The BetterPrivacy plugin will erase this automatically, this plugin jsut lets you see what's there.

Smart Referer: https://addons.mozilla.org/en-US/firefox/addon/smart-referer

When you visit a webpage, the browser will in some cases send the server the url of the page you're coming from. For example, if you click one of the links in this comment, Mozilla's web server will receive the url to this reddit post. This plugin restricts that so that only the same server (technically same domain) will receive a referer.

This stops one of the really sneaky ways google tracks you. Many site (including reddit) make use of googleapis.com to serve some common javascript libraries, saving bandwidth. Google doesn't offer this for free out of the goodness of their heart, they do it for the referer info they get which helps with usage stats and user tracking.

What about: services.sync.prefs.sync.browser.safebrowsing.enabled and services.sync.prefs.sync.browser.safebrowsing.malware.enabled both of which come up as well.

It looks like those are from Firefox's syncing functions, which I don't use. Set them to false too, as they are most likely copies of the settings I already mentioned. But keep in mind that if you are using sync, that this will propagate to other copies of firefox. Make sure you have noscript/adblock/better privacy/etc. running everywhere.

In terms of anti-virus, which ones would you guys recommend?

5: Dont use facebook.

Hosts file has been the most effective for me. Then the tracking is cross-browser and cross-application.

this is stupid, your IP can be traced - I worked for Canadian Security Intelligence Service (CISIS) as a black hat

it's easier than it sounds and deleting cookies is naive and an inept solution and using Mozilla is just funny since it is run buy AOL and I know for certain they record everything, same goes for Google. and using IP mapping makes it easier to find your IP adress.

you want privacy on the internet - stay off the internet.

[deleted]

[deleted]

[deleted]

[deleted]

Extensions may not be open source in the legal sense, but you can certainly view the source code to most of them, since they are for the most part written in javascript. And xpi files (the actual extension) can be unpacked with 7zip.

check your sources - it is, a simple google search proves my claim.

[deleted]

and people call me a shill.

read this http://en.wikipedia.org/wiki/History_of_Mozilla_Application_Suite

and this http://support.mozilla.org/en-US/questions/772680

but that doesn't matter, I'm not a racist piece of shit.

[deleted]

http://i.imgur.com/rrzwh.png

[deleted]

being an apologist for racists makes you a racist by proxy. and you have been using holocaust denial sites as sources...so do I even have to try.

Another thing to have in your arsenal is a long-range directional wifi antenna. These resemble a Pringles can, and allow you to use wifi signals far away from your house or car. When I'm truth-seeking on the Internet, I never use a home connection or anything that can be traced back to a name or IP address. Only coffee shops and other networks around the neighborhood.

Nice post Firefox and TOR shill . . .

[deleted]

Sounds exactly like what a shill would say.

Troll elsewhere.

Can you provide specific examples of suspicious actions like securing your computer being used as evidence and succeeding?

being an apologist for racists makes you a racist by proxy. and you have been using holocaust denial sites as sources...so do I even have to try.