OpSec Lounge (Security, Privacy, etc.)

In a rare W the EU voted against the original Chat Control proposal which would have forced backdoors into encrypted messengers, explicitly enshrining the importance of encryption and excluding client-side scanning https://tuta.com/blog/chat-control

Rax Moscow said:
Discord has a setting (default = on) where it records everything you do on your machine after you install it. Blew my mind when I saw that!
Anyway I never used it for any written content, just a live voice group for a video game I used to play. Discord released a bunch of recorded chat logs after Unite The Right--they are completely compromised.

<snip>
Click to expand...

You're probably talking about Rich Presence/Activity Privacy - note if you're using Wayland then it can only detect other X.org applications and not Wayland-based ones. So to maximise your security enable Wayland if it's not already default and prompt application developers to make their apps Wayland-compatible. You can check which of your currently running apps are using X11 by using `xlsclients`.
 
A public service reminder: The US consumer is absolutely zero protections against corporate data mining and spying. At least the European has some legal protections through the General Protection Data Regulation. I sometimes use EU VPNs and whenever accessing data mining sites, I get this wonderful REJECT ALL option, not available at all to Americans...

Remember this. They don't even want to give you that option, goy.

yt.webp

The site works 100% for me by "rejecting all". And somehow, the sites still make money in the EU marketplace, despite not being able to fully track you to the degree they can in America. But we don't get that option.
 
I think this is a good website to add for people who are looking into de-Googling and are looking for more privacy-oriented applications and services: Prism Break. Though at the end of the day, I think the best course of action with regards to privacy and anonymity is by establishing your immediate threat model and using the tools to protect yourself from that instead of just throwing every privacy-oriented tool in the kitchen sink.

Image source: Cornell
 

Attachments

  • Screenshot 2024-01-20 at 12.58.30.webp
    Screenshot 2024-01-20 at 12.58.30.webp
    72.9 KB · Views: 49
Infowars1234 said:
Did the US Gov just seize control of the internet?
Click to expand...

Isn't this all baked into the cake once the tech/information age came into being? The only hope you'd have would be for a coup where the deep state is also somehow forced to relinquish control of all the information, data mining, storage facilities, etc.

I think it's more likely that the winter is coming (literally cold weather that wipes out civilization) and we're just closer to the end of things.
 
Blade Runner said:
That's 2017 ... so can you still select "Intel pro ME inoperable"?

I like Dell laptops over the years. They seem to last the longest, or I'm just a good caretaker ... or both.
Click to expand...
I have only once had a Dell laptop a long time ago and there was a graphics card problem which almost led to a class action but have had a Dell desktop (tower) for ages which has behaved well. Have been thinking that my tower is not big enough or modern enough. Just certain newer high speed NVMe SSDs that don't plug directly into the old motherboard without a PCIe card to receive them and do I even have a PCIe slot free in there... Some 'full nodes' of crypto blockchains will not sync themselves in a reasonable time frame without very high read-write speeds.

Yes the option is there now -
dell-intel-management-engine-disabled.webp
Anyway, will probably not be changing my tower soon but if I do it will be a big one not a mini one, that was a stupid idea. If it's a desktop it needs to be like furniture.
 
Bird said:
How can I check or disable this on my computer?
Click to expand...
I don't know, if I knew I would have done it.

Have looked it up a few times and it looked too difficult, too much trouble but maybe it isn't?

Unless there is a way which is not too difficult I'll have to just live with that potential spying hardware until I eventually get a new machine.
 
Bird said:
Search for
HAP bit
for more information
Click to expand...
Good find.

I just read this, might really have to go vintage next time which I like doing anyhow:
The ME is completely removable on some computers built before 2008, and can be partially disabled or deactivated on some computers built before around 2013.
Click to expand...
Actually my desktop "mini" tower is possibly old enough but notebook, not quite.
source :

If any of you have succeeded with this do post about it in this thread.
 
Cynllo said:
I will look at this at some point. I was thinking if replacing YouTube and Twitter with Invidious/Piped and Nitter. But that will likely be problematic. I think the HTTP referrer can be removed from I frames, which would pass to Google, Twitter etc. your IP and that you accessed X content from ChristIsKing. If that can be removed I think it will be OK to leave the originals. Planning on writing several guides to various privacy facets, like browsers, social media, VPNs etc.

It should probably be users' responsiblity to take precautions.

Will also message all accounts using Gmail, Yahoo, Hotmail and other spyware to suggest they follow the steps in the email privacy guide.
Click to expand...
Being a CiK Newb still orienting re op/sec privacy etc on the site - link to Email privacy guide plz...
 
What a euphemism! Intel management engine. Well, they're not exactly going to call it Intel concealed TLA* surveillance subsystem...

Follow the steps here :
..so you can confirm whether big brother is potentially hiding inside and watching.

For privacy reasons I will not post my own output but here is a sample from somewhere else -
Can quote it -
user@host:~/coreboot/util/intelmetool$ sudo ./intelmetool -s
Bad news, you have a `QM67 Express Chipset Family LPC Controller` so you have ME hardware on board and you can't control or disable it, continuing...
Click to expand...
Maybe don't do that if you don't want to freak yourself out. Note to self to in future only buy hardware with that disabled.

*three letter agency
 
stadtaffe said:
I just read this, might really have to go vintage next time which I like doing anyhow
Click to expand...

In this case, I can recommend MX-Linux, which still offers 32-bit support and comes with a latest version of OpenVPN,OpenSSL and a fresh kernel. It also supports "rolling updates" to keep your operating system up to date. I installed it on my old notebook and it works fine.

But if you prefer new hardware, this company might be a good choice:

Our products are designed from the hardware on up to respect you and your digital life, they come with physical hardware kill switches for your camera and microphone, with all known hardware backdoors completely neutralized and disabled (Intel Management Engine), running a curated freedom-respecting operating system and software applications, for maximum protection. We put your security at the forefront, and our laptops and smartphones will never invade your privacy.

 
Valentine said:
People using a VPN/Tor and not logged into YouTube, or a YouTube embed replacer (that swaps videos with Piped/etc embeds) are not at any risk.

People not using either are possibly sharing their IP address with YouTube that they're trying to watch this video.

Every embed and tons of JavaScript scripts are able to do this, it's not a risk inherent to YouTube embeds. In my opinion sharing Piped embeds are ideal instead of YouTube however I don't think the forum currently has support for it. I think the onus is mainly on users to use a VPN/Tor if they want to maintain privacy and it's fine to just use YouTube embeds. Note that Invidious doesn't proxy the video unlike Piped, so they still can leak your IP to YouTube.
Click to expand...
Which VPNs are good?
 
You must log in or register to reply here.
Back
Top