• ChristIsKing.eu has moved to ChristIsKing.cc - see the announcement for more details. If you don't know your password PM a mod on Element or via a temporary account here to confirm your username and email.

OpSec Lounge (Security, Privacy, etc.)

Sort by date Sort by reaction score
In a rare W the EU voted against the original Chat Control proposal which would have forced backdoors into encrypted messengers, explicitly enshrining the importance of encryption and excluding client-side scanning https://tuta.com/blog/chat-control

Rax Moscow said:
Discord has a setting (default = on) where it records everything you do on your machine after you install it. Blew my mind when I saw that!
Anyway I never used it for any written content, just a live voice group for a video game I used to play. Discord released a bunch of recorded chat logs after Unite The Right--they are completely compromised.

<snip>
Click to expand...

You're probably talking about Rich Presence/Activity Privacy - note if you're using Wayland then it can only detect other X.org applications and not Wayland-based ones. So to maximise your security enable Wayland if it's not already default and prompt application developers to make their apps Wayland-compatible. You can check which of your currently running apps are using X11 by using `xlsclients`.
 
A public service reminder: The US consumer is absolutely zero protections against corporate data mining and spying. At least the European has some legal protections through the General Protection Data Regulation. I sometimes use EU VPNs and whenever accessing data mining sites, I get this wonderful REJECT ALL option, not available at all to Americans...

Remember this. They don't even want to give you that option, goy.

yt.png


The site works 100% for me by "rejecting all". And somehow, the sites still make money in the EU marketplace, despite not being able to fully track you to the degree they can in America. But we don't get that option.
 
Unsurprisingly, "airplane mode" not really switching off things properly :
apple.stackexchange.com

Why is my iPhone transmitting in airplane mode?

I switched my iPhone 8 into airplane mode, but it continued periodically transmitting on 1.8 GHz, as measured by an electrosmog meter. Why? Isn't airplane mode supposed to turn off the radio transm...
apple.stackexchange.com apple.stackexchange.com
Have any of you played with one of those RF / EMF meters which measures the strength of the fields?
 
I think this is a good website to add for people who are looking into de-Googling and are looking for more privacy-oriented applications and services: Prism Break. Though at the end of the day, I think the best course of action with regards to privacy and anonymity is by establishing your immediate threat model and using the tools to protect yourself from that instead of just throwing every privacy-oriented tool in the kitchen sink.

Image source: Cornell
 

Attachments

  • Screenshot 2024-01-20 at 12.58.30.png
    Screenshot 2024-01-20 at 12.58.30.png
    133.9 KB · Views: 41
Infowars1234 said:
Did the US Gov just seize control of the internet?
Click to expand...

Isn't this all baked into the cake once the tech/information age came into being? The only hope you'd have would be for a coup where the deep state is also somehow forced to relinquish control of all the information, data mining, storage facilities, etc.

I think it's more likely that the winter is coming (literally cold weather that wipes out civilization) and we're just closer to the end of things.
 
Blade Runner said:
That's 2017 ... so can you still select "Intel pro ME inoperable"?

I like Dell laptops over the years. They seem to last the longest, or I'm just a good caretaker ... or both.
Click to expand...
I have only once had a Dell laptop a long time ago and there was a graphics card problem which almost led to a class action but have had a Dell desktop (tower) for ages which has behaved well. Have been thinking that my tower is not big enough or modern enough. Just certain newer high speed NVMe SSDs that don't plug directly into the old motherboard without a PCIe card to receive them and do I even have a PCIe slot free in there... Some 'full nodes' of crypto blockchains will not sync themselves in a reasonable time frame without very high read-write speeds.

Yes the option is there now -
dell-intel-management-engine-disabled.jpg

Anyway, will probably not be changing my tower soon but if I do it will be a big one not a mini one, that was a stupid idea. If it's a desktop it needs to be like furniture.
 
Bird said:
How can I check or disable this on my computer?
Click to expand...
I don't know, if I knew I would have done it.

Have looked it up a few times and it looked too difficult, too much trouble but maybe it isn't?

Unless there is a way which is not too difficult I'll have to just live with that potential spying hardware until I eventually get a new machine.
 
Bird said:
Search for
HAP bit
for more information
Click to expand...
Good find.

I just read this, might really have to go vintage next time which I like doing anyhow:
The ME is completely removable on some computers built before 2008, and can be partially disabled or deactivated on some computers built before around 2013.
Click to expand...
Actually my desktop "mini" tower is possibly old enough but notebook, not quite.
source :
hackaday.com

Disable Intel’s Backdoor On Modern Hardware

While the Intel Management Engine (and, to a similar extent, the AMD Platform Security Processor) continues to plague modern computer processors with security risks, some small progress continues t…
hackaday.com hackaday.com

If any of you have succeeded with this do post about it in this thread.
 
Cynllo said:
I will look at this at some point. I was thinking if replacing YouTube and Twitter with Invidious/Piped and Nitter. But that will likely be problematic. I think the HTTP referrer can be removed from I frames, which would pass to Google, Twitter etc. your IP and that you accessed X content from ChristIsKing. If that can be removed I think it will be OK to leave the originals. Planning on writing several guides to various privacy facets, like browsers, social media, VPNs etc.

It should probably be users' responsiblity to take precautions.

Will also message all accounts using Gmail, Yahoo, Hotmail and other spyware to suggest they follow the steps in the email privacy guide.
Click to expand...
Being a CiK Newb still orienting re op/sec privacy etc on the site - link to Email privacy guide plz...
 
What a euphemism! Intel management engine. Well, they're not exactly going to call it Intel concealed TLA* surveillance subsystem...

Follow the steps here :
github.com

Get the status of Intel ME

Tool for partial deblobbing of Intel ME/TXE firmware images - corna/me_cleaner
github.com github.com
..so you can confirm whether big brother is potentially hiding inside and watching.

For privacy reasons I will not post my own output but here is a sample from somewhere else -
github.com

me_cleaner haswell · Issue #30 · corna/me_cleaner

Hi @corna , I have this toshiba l50-a-165 (vgst/vgstg motherboard - I5-4200u Haswell) and i have done me_cleaner on the bios dump and effectivelly removes all intel management engine interface but ...
github.com github.com
Can quote it -
user@host:~/coreboot/util/intelmetool$ sudo ./intelmetool -s
Bad news, you have a `QM67 Express Chipset Family LPC Controller` so you have ME hardware on board and you can't control or disable it, continuing...
Click to expand...
Maybe don't do that if you don't want to freak yourself out. Note to self to in future only buy hardware with that disabled.

*three letter agency
 
stadtaffe said:
I just read this, might really have to go vintage next time which I like doing anyhow
Click to expand...

In this case, I can recommend MX-Linux, which still offers 32-bit support and comes with a latest version of OpenVPN,OpenSSL and a fresh kernel. It also supports "rolling updates" to keep your operating system up to date. I installed it on my old notebook and it works fine.

But if you prefer new hardware, this company might be a good choice:

Our products are designed from the hardware on up to respect you and your digital life, they come with physical hardware kill switches for your camera and microphone, with all known hardware backdoors completely neutralized and disabled (Intel Management Engine), running a curated freedom-respecting operating system and software applications, for maximum protection. We put your security at the forefront, and our laptops and smartphones will never invade your privacy.

puri.sm

Why Purism? – Purism

Purism respects your digital life We believe people should have technology that fully respects their freedoms. Being a social purpose company means doing social good for society before maximizing profits, and that makes us quite a different company indeed. When you’re on social media, use a...
puri.sm puri.sm
 
Bird said:
But if you prefer new hardware, this company might be a good choice
Click to expand...
I'm very slow to do that. Thanks have seen that one, there is also Nitrokey from Berlin with various products -
www.nitrokey.com

Frontpage

Be prepared for the awesome secure Nitrokey! Subscribe to the upcoming crowdfunding campaign. #SecureYourDigitalLife https://nitrokey.com/
www.nitrokey.com www.nitrokey.com
I try not to go down the rabbit hole of trying to disable it on my current hardware, sounds like a large waste of time, but it is tempting.
 
Valentine said:
People using a VPN/Tor and not logged into YouTube, or a YouTube embed replacer (that swaps videos with Piped/etc embeds) are not at any risk.

People not using either are possibly sharing their IP address with YouTube that they're trying to watch this video.

Every embed and tons of JavaScript scripts are able to do this, it's not a risk inherent to YouTube embeds. In my opinion sharing Piped embeds are ideal instead of YouTube however I don't think the forum currently has support for it. I think the onus is mainly on users to use a VPN/Tor if they want to maintain privacy and it's fine to just use YouTube embeds. Note that Invidious doesn't proxy the video unlike Piped, so they still can leak your IP to YouTube.
Click to expand...
Which VPNs are good?
 
You must log in or register to reply here.
Back
Top