VPN & Firefox (+ other Gecko browsers)* rev. 0.3.8

[chan] Crypto-Anarchist Federation
Oct 13 17:07

+----------------------------------------------------------------------------------+ | Your privacy - VPN & Firefox (+ other Gecko browsers)* rev. 0.3.8 | +----------------------------------------------------------------------------------+ ========== VPN section ========== + You can try free OpenVPN configs or Softether: - http://www.vpngate.net/en/ - (disadvantage - logging policy: 2 weeks [default]) - https://www.vpnbook.com/ (few free OpenVPN configs only) when you decided to use: - Softether - you need good server with strong encryption (standard is really bad: RC4 MD5) https://en.wikipedia.org/wiki/RC4#Security https://en.wikipedia.org/wiki/MD5#Security - Softether - I recommend to use DNSCrypt to avoid DNS leaks (check your DNS leaks - links are below) - OpenVPN - you can edit configs (.ovpn) with notepad to change encryption (line 88 - standard is not so good: AES-128-CBC - try AES-256-CBC instead) - OpenVPN - you can edit configs (.ovpn) with notepad to add option "block-outside-dns" (for example in line 104) to avoid DNS leaks - OpenVPN - if you add option "block-outside-dns" you don't need (Simple) DNSCrypt (my testing suggest that when you using OpenVPN without "block-outside-dns" option together with Simple DNSCrypt you are affected by DNS leaks) (Simple DNSCrypt not working for me, anyway this needs further testing...) - OpenVPN - you can edit configs (.ovpn) with notepad to add option "--remote-cert-tls server" (for example in line 21) to avoid "Man-in-the-Middle" attack https://openvpn.net/index.php/open-source/documentation/howto.html#secnotes [OpenVPN 2.1 and above] + OpenVPN manuals: - https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage - https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage - https://openvpn.net/index.php/open-source/documentation/howto.html - https://openvpn.net/index.php/open-source/documentation/security-overview.html + Softether: - http://www.softether.org/1-features/3._Security_and_Reliability ========== Browser section ========== + Secure your privacy in Firefox: - by using addons like in IceCat [https://directory.fsf.org/wiki/IceCat] I mean: Adblock Plus (ABP), Disable WebRTC, Fat-Free Fox, No Resource URI Leak, NoScript, Privacy Badger, uBlock Origin (uBO), uMatrix etc. Additionally you can add: CanvasBlocker, Disconnect, Https Everywhere, Privacy Settings, Random Agent Spoofer. Take a look @ these sites: - https://web.archive.org/web/20170404173124/http://b.agilob.net/better-security-privacy-and-anonymity-in-firefox - http://configfox.sourceforge.net/ - https://www.bestvpn.com/make-firefox-secure-using-aboutconfig/ - https://www.bestvpn.com/privacy-news/control-firefox-privacy-settings-with-an-add-on/ - https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security - https://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/ - http://www.ghacks.net/2015/07/01/control-privacy-settings-in-firefox-easily/ + If you would like to use Google Chrome anyway you can replace it with Chromium or Iron: - https://en.wikipedia.org/wiki/Chromium_(web_browser) - https://en.wikipedia.org/wiki/SRWare_Iron + Use Tor or Tor Browser (based on Firefox): - "We will never be able to de-anonymize all Tor users all the time. • With manual analysis we can de-anonymize a very small fraction of Tor users" - https://edwardsnowden.com/docs/doc/tor-stinks-presentation.pdf‎ - https://commons.wikimedia.org/wiki/File:Tor_Stinks.pdf - https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Tor_Browser - https://www.torproject.org/docs/tor-manual.html.en - https://www.torproject.org/docs/faq.html.en + Try Privoxy: - https://en.wikipedia.org/wiki/Privoxy + Change your UserAgent frequently (get UA addon for your browser). Example of UA sites: - Random Agent Spoofer addon for firefox: https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/ List of UA sites: - http://www.browser-info.net/useragents - http://mybrowseraddon.com/custom-useragent-string.html - https://developers.whatismybrowser.com/useragents/explore/ - https://udger.com/resources/ua-list - https://techblog.willshouse.com/2012/01/03/most-common-user-agents/ - http://www.useragentstring.com/pages/useragentstring.php + Fingerprint (fingerprinting algorithms): - https://en.wikipedia.org/wiki/Fingerprint_(computing) - https://en.wikipedia.org/wiki/Canvas_fingerprinting - https://en.wikipedia.org/wiki/Device_fingerprint - https://browserleaks.com/canvas + Check your browser privacy: - https://browserleaks.com/ - http://browserspy.dk/ - https://panopticlick.eff.org/ + Other sites worth mentioning: - riseup.net/en/better-web-browsing - privacytools.io - https://en.wikipedia.org/wiki/Category:Internet_privacy - https://en.wikipedia.org/wiki/Category:Crypto-anarchism ========== OS section ========== + Use Tails Linux: - https://en.wikipedia.org/wiki/Tails_(operating_system) - https://www.wired.com/2014/04/tails/ + Secure you DNS with DNSCrypt: - For Linux follow this: http://www.webupd8.org/2014/08/encrypt-dns-traffic-in-ubuntu-with.html - For Windows - you need: "dnscrypt-winclient" or "Simple DNSCrypt". URLs: - https://simplednscrypt.org/ - https://github.com/jedisct1/dnscrypt-proxy/wiki - https://github.com/Noxwizard/dnscrypt-winclient (Simple DNSCrypt not working for me (I'm still using "block-outside-dns" option in OpenVPN config file). (Anyway this needs further testing...) + Check your DNS leaks: - https://ipleak.net/ - https://www.dnsleaktest.com/ - https://whoer.net/ __________________________________________________________ * Other Gecko browsers - this means it may also work with: Airfox, Beonex Communicator, Camino, Comodo IceDragon, Conkeror, Classilla, Firefox for Android, Flock, Galeon, Ghostzilla, HP Secure Web Browser, IceCat (GNU IceWeasel), K-Meleon, Kazehakase, Kirix Strata, Lotus Symphony, Lunascape, MicroB, Minimo, Netscape 6, Nightingale, Oxygen, Pale Moon, Portable FireFox, SeaMonkey, Swiftfox, Swiftweasel, Sylera (for mobile), TenFourFox, Timberwolf (AmigaOS 4), Tor Browser, Waterfox, xB Browser https://en.wikipedia.org/wiki/Gecko_(software) Any suggestions are welcomed. Source: https://beamstat.com/chan/privacy https://beamstat.com/chan/Crypto-Anarchist%20Federation (Bitmessage channel)

[chan] privacy
BM-2cUJvFYHhXpBHyd96KHfjxsgTYi44BajdE

Subject Last Count
d®úg pÛ§HëR$ ÃRë §çÛm Feb 18 19:29 1
ЮÛG þÛ$hÊR$ ÃRë §Çúm Feb 18 19:29 1
Globewashing Feb 18 07:42 1
Mitigating exploited software with firejail Feb 18 01:44 1
Tor / Proxychains is leaking my hostname Feb 17 23:06 5
Critical vulnerability in v0.6.2 Feb 17 14:50 2
Download it. Feb 17 07:58 2
$ cd PyBitmessage ; git log | grep Author | sort -u | blacklist Feb 16 02:20 1
lock down a computer with tor Feb 13 10:38 3
privacy software / services list Feb 11 12:32 6
About the political war against data security, good read Feb 10 14:55 4
hacker service? Feb 10 03:40 1
Using banknotes as ID tokens - sources for citation Feb 9 15:12 2
bump Feb 8 07:24 1
WARNING! denial of service message Feb 8 01:55 2
Susimail on i2p Feb 7 22:54 2
Not important human is back Feb 7 12:08 4
Anonymous VCS Feb 6 10:40 5
[chan] 411 BM-2cW53MzWqtod8TA6vybdUeqd2LhTuXCX3L Feb 5 11:47 1
Did the NSA ‘create’ Satoshi Nakamoto? Feb 3 07:55 2
second hand cpu? Feb 2 12:00 1
Help needed with identying crypto paper Feb 1 12:26 1
Almost Everyone Involved in Developing Tor was (or is) Funded by the US Government Jan 31 11:05 11
Public announcement Jan 30 14:53 1
OMEGA user survey Jan 30 12:57 4
Can't use Tor over Bitmessage Jan 30 11:41 7
Fwd: Re: OMEGA user survey Jan 30 09:31 1
satoshi nakamoto central intelligence in japanese Jan 27 09:32 1
Advertisement: MeinCoin Crypto Research Jan 24 17:36 13