Web Browser Privacy

[stadtaffe]

LibreWolf

LibreWolf is a FireFox based-browser and the gold standard of privacy-oriented desktop browsers. It disables quite a lot of functionality and heavily blocks spyware and potential spyware. The result is that some sites might not work (properly). That is more so the case with eCommerce sites and payment gateways. You are also likely to get more captchas using this browser, as it disables ways captcha services use to determine if you are a bot. It also completely disables your web cam and microphone.

I would recommend using this for your main browser for work and general browsing.

It's suspiciously absent in most browsers, not sure if the same can be done in Librewolf.
I can see that Yandex browser is available for Linux but the search engine is enough for me for the moment..

After setting Brave to use Yandex I was getting more and more bothered about feeding a satanic globohomo monster by not using it in Librewolf and anyway, it took all of 2 minutes to add it!

https://support.mozilla.org/en-US/k...fox#w_add-a-search-engine-from-the-search-bar

You just go to yandex.com let it load then right click the task bar and select the last option. That accesses some kind of "opensearch" thing on the Yandex page. Thereafter if you go to the settings in Librewolf Yandex appears as a choice for default search engine, just select it.

Wolves and foxes are both furry carnivores but wolves are more powerful..

 

[stadtaffe]

The constant captcha tests of Yandex are becoming intolerable and I am wondering whether to install the Yandex browser where it may just let me use Yandex in peace. Have any of you installed the Yandex browser on Linux? Not sure why Yandex is so militant with the captchas, maybe there are a lot of DDOS attacks on it or something..

 

[Joost]

A browser add-on I recommend is NoScript. There is a learning curve but you should block scripts that don’t come from the same domain as the website. The idea is to block as much JavaScript as possible without breaking the website. Makes browsing safer by avoiding exploits and tracking. Pages load faster, use less cpu (longer battery) and bypasses articles paywalls.

And obviously uBlock Origins with the right filters.


Another important option in Firefox is to clean your cookies after closing the browser. You whitelist the few websites you want to keep logged in.

 

[Valentine]

Mullvad Browser is my preferred default browser these days, it's basically the Tor Browser (so it comes with all the extra hardening) but without Tor connectivity.

 

[Joost]

Mullvad Browser is my preferred default browser these days, it's basically the Tor Browser (so it comes with all the extra hardening) but without Tor connectivity.

That’s a name I trust. Thanks to them I learned about bitcoin in early 2012, QubeOS and WireGuard.

They’re always finding ways to protect user’s privacy. Their servers run in RAM so it leaves no logs.

 

[Batman]

Guys I'm starting to wonder if internet privacy doesn't matter as much as we think. People say "data on the internet is forever" but this is just not true and it's an old adage based off assumptions on how the internet was developing 20 years ago. As of now, data on the internet is being lost, "digital decay" is actually terrifying. Link rot accounts for a lot of it, as well as a lot of data simply not getting archived properly. But most of it is simply disappearing. There are several theories about this, but I would guess the main one is because servers are expensive, and there's not much value in hoarding data for no reason. It might also be a deliberate thing by Google - for those who don't know, Google literally controls the internet. They could render 99% of websites inaccessible tomorrow if they wanted. Watch the JRE interview with Dr. Robert Epstein (lol) to learn about that. But he might be off base who knows. Either way, internet decay is a real thing.

With respect to your personal data, I know that not only do intelligence agencies in the Federal Government have databases, but so do advertising "brokers" who I suspect actually have far more data than the government does since they're a bunch of clowns. The question is, just how accurate is this "advertising profile" ? I mean, I rarely ever see targeted/relevant ads (if I see ads at all), and I am not really convinced they have an accurate profile of me. Then again I've been off social media for ages, only ever using a Facebook and a barebones IG that I never used, but I deleted all content from it and closed the account almost a decade ago. And in general, I've had good practices. As of late, this idea we need to jump through all these hoops to remain private makes me wonder if we're creating unnecessary stress for ourselves. Unless you're doing something illegal, in which case a subpoena might come into play, why does it otherwise matter? Just follow good practices, and don't sweat over it too much.

Another thing I wonder - these "databases" - just how effectively are they maintained? As I said, servers are expensive. And if you stop giving them new information, how do we know it will remain accurate? If you work in any field like IT or data analytics you know companies switch databases all the time, and migrating, updating, and maintaining systems with SQL/Oracle or whatever else is a painstacking process that leads to data loss. Then again I don't fully understand some of the newer tech in cloud management like data lakes, so maybe I'm off the mark. Personally, I think we're putting way too much faith, and therefore power, in these people in assuming they are some sort of technomancing wizards, when in reality they're just as incompetent as anyone else. This isn't an argument to be careless, and I still take precautions, but I'm starting to wonder about this.

Mullvad Browser is my preferred default browser these days, it's basically the Tor Browser (so it comes with all the extra hardening) but without Tor connectivity.

Mullvad Browser + Mullvad VPN (the best VPN for privacy) with neuteured Windows 10 (most windows services related to spyware, tracking, etc. can be disabled with a couple batch scripts: OneTool by Chris Titus and Privacy.Sexy) is the best method short of using Linux + VPN or Linux+TOR. Alternatively, you can just use Tails. But for people that do more typical work, Windows is kind of a must, and I'm really glad Mullvad browser is available now because using it with Mullvad VPN can make Windows a viable platform for privacy and it's 100x more practical than Linux/TOR/Tails.

A couple good channels to follow:

Mental Outlaw

Only cool people visit https://based.win/

www.youtube.com

Eric Murphy

Wasn't technology supposed to make the world a better place?

www.youtube.com

 

[Blade Runner]

Guys I'm starting to wonder if internet privacy doesn't matter as much as we think. People say "data on the internet is forever" but this is just not true and it's an old adage based off assumptions on how the internet was developing 20 years ago. As of now, data on the internet is being lost, "digital decay" is actually terrifying. Link rot accounts for a lot of it, as well as a lot of data simply not getting archived properly. But most of it is simply disappearing. There are several theories about this, but I would guess the main one is because servers are expensive, and there's not much value in hoarding data for no reason. It might also be a deliberate thing by Google - for those who don't know, Google literally controls the internet. They could render 99% of websites inaccessible tomorrow if they wanted. Watch the JRE interview with Dr. Robert Epstein (lol) to learn about that. But he might be off base who knows. Either way, internet decay is a real thing.

With respect to your personal data, I know that not only do intelligence agencies in the Federal Government have databases, but so do advertising "brokers" who I suspect actually have far more data than the government does since they're a bunch of clowns. The question is, just how accurate is this "advertising profile" ? I mean, I rarely ever see targeted/relevant ads (if I see ads at all), and I am not really convinced they have an accurate profile of me. Then again I've been off social media for ages, only ever using a Facebook and a barebones IG that I never used, but I deleted all content from it and closed the account almost a decade ago. And in general, I've had good practices. As of late, this idea we need to jump through all these hoops to remain private makes me wonder if we're creating unnecessary stress for ourselves. Unless you're doing something illegal, in which case a subpoena might come into play, why does it otherwise matter? Just follow good practices, and don't sweat over it too much.

Another thing I wonder - these "databases" - just how effectively are they maintained? As I said, servers are expensive. And if you stop giving them new information, how do we know it will remain accurate? If you work in any field like IT or data analytics you know companies switch databases all the time, and migrating, updating, and maintaining systems with SQL/Oracle or whatever else is a painstacking process that leads to data loss. Then again I don't fully understand some of the newer tech in cloud management like data lakes, so maybe I'm off the mark. Personally, I think we're putting way too much faith, and therefore power, in these people in assuming they are some sort of technomancing wizards, when in reality they're just as incompetent as anyone else. This isn't an argument to be careless, and I still take precautions, but I'm starting to wonder about this.




Mullvad Browser + Mullvad VPN (the best VPN for privacy) with neuteured Windows 10 (most windows services related to spyware, tracking, etc. can be disabled with a couple batch scripts: OneTool by Chris Titus and Privacy.Sexy) is the best method short of using Linux + VPN or Linux+TOR. Alternatively, you can just use Tails. But for people that do more typical work, Windows is kind of a must, and I'm really glad Mullvad browser is available now because using it with Mullvad VPN can make Windows a viable platform for privacy and it's 100x more practical than Linux/TOR/Tails.

A couple good channels to follow:

Mental Outlaw

Only cool people visit https://based.win/

www.youtube.com

Eric Murphy

Wasn't technology supposed to make the world a better place?

www.youtube.com

Great post. I'm uncertain like you are, and am skeptical of ALL things, including things I put into the category of the God-State complex, which suggests a lot of what you are getting at (people think they are this, they have that, they can do anything, etc).

 

[Joost]

I know governments have a lot of data about me. Problem is our data is all around. Companies send information about how much we make, withhold money for taxes, credit card companies, cellphone operators, Amazon/Walmart, health insurance, cars tracking where we go, passports, where we fly...

But with all that, I try to make their work as much difficult as possible, without making my life complicated as to decrease my quality of life.

 

[Batman]

I know governments have a lot of data about me. Problem is our data is all around. Companies send information about how much we make, withhold money for taxes, credit card companies, cellphone operators, Amazon/Walmart, health insurance, cars tracking where we go, passports, where we fly...

But with all that, I try to make their work as much difficult as possible, without making my life complicated as to decrease my quality of life.

But is it organized into a single "file" or is it a bunch of fragmented low quality data from a dozen different sources? I find it hard to believe it's the former especially since this data is way too valuable to collaborate on between competing industries. I seriously doubt the government has "files" like seen in movies with pictures and detailed, summarized, accessible information about you, unless you're a domestic terrorist or something. I would suspect data from big tech is most concerning but if you don't use social media, there's not much they can find out.

 

[Blade Runner]

But is it organized into a single "file" or is it a bunch of fragmented low quality data from a dozen different sources? I find it hard to believe it's the former especially since this data is way too valuable to collaborate on between competing industries. I seriously doubt the government has "files" like seen in movies with pictures and detailed, summarized, accessible information about you, unless you're a domestic terrorist or something. I would suspect data from big tech is most concerning but if you don't use social media, there's not much they can find out.

I think it's closer to what you are saying because most people fall into the almost hypnotized state that since data has been so free and somewhat aggregated, mostly for advertisement purposes by the way, "they" know everything about you. Like most things, it's really haphazard and a follow the money trail in general, IF you are a person of interest. I have a friend who has said for years that states would get their act together on some degree of data and hounding for X, Y, and Z. It's been over 5-6 years that he has been saying this, or quoting AI to suggest some central authority will be able to get you or at least threaten you because they find out some rule you broke or technicality that you might have brushed aside (and you "owe" them money). You know what has changed? Nothing. I bring it up every once in a while when I talk to him, just to prove the point. We still have human directed systems that need clear reasons to go after people AND determine if all that effort is worth it. There's not many things out there that very clearly fit this case and by the time all of these agencies or whatnot "really need the cash" by definition people will already be splitting up and telling them to shove it. Most centralized authorities already have their direct taxation scams and other grifts that they know are direct and can collect now.

It is an interesting thing to think about that on the other side of the slow breakup of things in the US or otherwise there will be decentralization that will render the old information relatively useless since no one will care or trust the old system. My feeling is that the bigger problem is getting to the other side OR the possibility that the system continues, traps people in it, and preserves some claim on the past (true or not). In that case I'll be very hopeful your ideas, or what you have read, about data decay are accurate.

 

[Batman]

I think it's closer to what you are saying because most people fall into the almost hypnotized state that since data has been so free and somewhat aggregated, mostly for advertisement purposes by the way, "they" know everything about you. Like most things, it's really haphazard and a follow the money trail in general, IF you are a person of interest. I have a friend who has said for years that states would get their act together on some degree of data and hounding for X, Y, and Z. It's been over 5-6 years that he has been saying this, or quoting AI to suggest some central authority will be able to get you or at least threaten you because they find out some rule you broke or technicality that you might have brushed aside (and you "owe" them money). You know what has changed? Nothing. I bring it up every once in a while when I talk to him, just to prove the point. We still have human directed systems that need clear reasons to go after people AND determine if all that effort is worth it. There's not many things out there that very clearly fit this case and by the time all of these agencies or whatnot "really need the cash" by definition people will already be splitting up and telling them to shove it. Most centralized authorities already have their direct taxation scams and other grifts that they know are direct and can collect now.

It is an interesting thing to think about that on the other side of the slow breakup of things in the US or otherwise there will be decentralization that will render the old information relatively useless since no one will care or trust the old system. My feeling is that the bigger problem is getting to the other side OR the possibility that the system continues, traps people in it, and preserves some claim on the past (true or not). In that case I'll be very hopeful your ideas, or what you have read, about data decay are accurate.

This is just an anecdote, but I lie on job, loan, and housing applications constantly and i've never been called out or found out. Maybe a few did find out, but they never said anything. If all these company can't even verify employment/education/income, why are we assuming anyone else has some esoteric, well-kept data about all of us? I just don't buy it. Could be big tech aren't actually as nefarious as we imagine and they really are just collecting data to, ya know, sell relevant ads, and at best they just know our shopping habits or interests. I hear claims that they know more about people than the person knows themselves, to the point they can "predict" marriages falling apart and other insane claims that amount to baseless fear mongering. As I get older I'm noticing that "fear mongering" is pervasive in journalism and the information economy in general, and so it's heightened my skepticism about everything. And as far as the government is concerned, I will maintain they're too incompetent, since they've proven this to be the case consistently in every regard.

There's also this notion that your data is somehow floating around on the "darknet" which is also laughable, it's definitely not. I'm almost tempted to pay for services that claim to be able to "eliminate" your personal data in the "data broking underground network", just to see if they even have anything.

 

[GoodShepherd]

John Mcaffe before he died was a wanted person and he strongly believed in serious VPN's, he also refused to own a smartphone or allow anyone with a smartphone near their home, he said everything we type or look at on our smartphones is recorded and the phones is also a tracking device, he also had a pump action as a back up incase the VPN didnt work Im assuming

John was also quite big on crypto currencies and said he could buy anything with it even houses and cars and how he could spend his money anywhere in the world, he is probably the reason why I got into bitcoin. He also spoke about a ghost phone.

Thanks for this info.

 

[Blade Runner]

John Mcaffe before he died was a wanted person and he strongly believed in serious VPN's, he also refused to own a smartphone or allow anyone with a smartphone near their home, he said everything we type or look at on our smartphones is recorded and the phones is also a tracking device, he also had a pump action as a back up incase the VPN didnt work Im assuming

John was also quite big on crypto currencies and said he could buy anything with it even houses and cars and how he could spend his money anywhere in the world, he is probably the reason why I got into bitcoin. He also spoke about a ghost phone.

Thanks for this info.

That guy was all over the place. I'll just leave it at that. I think one of the weirdest videos he had was when he was trying to call a young kid dumb for seeing BTC for what it was. That wasn't very long before John's demise.

 

[GoodShepherd]

That guy was all over the place. I'll just leave it at that. I think one of the weirdest videos he had was when he was trying to call a young kid dumb for seeing BTC for what it was. That wasn't very long before John's demise.

What do you expect, he used to drink 1 bottle of whiskey a day plus 2 packs of cigs and had done it consistantly for 20 years, I think he also smoked weed, he was married to a black prostitute and claims he has slept with over 10,000 woman and stopped counting after that number so yes we should take the guy with more than a pinch of salt.

I found it funny that he ripped bill gates off when he sold him mcaffe anti virus, he said something stupid like it was only worth half the price Gates bought it from him and laughed I also liked that he sent the IRS a letter every year saying his not paying his tax they know where he lives they must come and get him

I think I should start a thread about him in the public figures section the guy was quite funny

 

[Rax Moscow]

I'm a be frank here and just say that I don't believe that true anonymity is even possible on the internet anymore. Just about everything we use requires some kind of footprint.

VPNs can be subpoenaed and they most definitely won't protect you. (Not to mention that I think that VPNs are just honeypots). TOR was created by the feds and I'm sure they keep track of which device downloads the software.

There are free VPNs. If one goes to a public wifi spot, boots up a livelinux USB machine (ie Tails/Tor), connects, and uses a free vpn (ostensibly operated by free-software, linux types who freedly dedicate machines to do this, but I suppose it could also be nefarious), and doesn't do any sort of identifying browsing (ie going to a local website, logging in with your public credentials, etc.) you're pretty darn anonymous.

And I don't believe TOR has ever been proven to be compromised (outside of individual exploits that were patched).

That said, I've always considered the possibility that TOR itself is a honeypot.

I tend to trust what people like Edward Snowden say about security, though he has recommended Signal for years, and it requires a telephone number (for no reason whatsoever) to activate, which immediately makes it bogus, regardless of the encryption used. And I posted here about the leaks I saw using Signal. Snowden is simply too smart to push Signal without knowing it is compromised.

The fact that many machines no longer let you live boot to linux (all new Mac machines) to me is good evidence that this is a successful method of anonymizing.

But I agree that the days are soon coming when doing many things online anonymously simply won't be possible. Already you can't use twitter anymore without an account (I can read a specific tweet someone posts but you can't browse or search the site at all, or go through someone's current tweets --it will show you random tweets from years ago instead of what was recently posted unless you log in, and they ONLY allow their own app now, as Elon Musk broke third party compatibility.

I think it will always be possible to pop online and do limited actions anonymously, but interacting with more and more services will require verification, probably with your state ID, and there is always the possibility that free wifi just goes away completely (I could see fake terrorism doing this). Probably receiving data would still be free, but sending anything (ie posting like I am now) could require state verification. At that point there would likely be TOR only websites that operate like pirate stations, but we are talking about a fraction of a percentage of people who would use them.

 

[Rax Moscow]

This is worth a listen if you care about privacy. Based High-IQ Christian //ourguy// who used to work for Apple.


tldr; Android / Google is not to be trusted at all. For the time being at least, Apple has a culture of privacy.
I use both, but there is a reason I wouldn't have my primary phone with contacts and personal info on Android.
Of course no-smartphone is 100x better than this.

 

[Batman]

There are free VPNs. If one goes to a public wifi spot, boots up a livelinux USB machine (ie Tails/Tor), connects, and uses a free vpn (ostensibly operated by free-software, linux types who freedly dedicate machines to do this, but I suppose it could also be nefarious), and doesn't do any sort of identifying browsing (ie going to a local website, logging in with your public credentials, etc.) you're pretty darn anonymous.

And I don't believe TOR has ever been proven to be compromised (outside of individual exploits that were patched).

That said, I've always considered the possibility that TOR itself is a honeypot.

Free VPNs are even more likely to be honeypots. How else would they make their money? "If the something is free, you're the product". If you mean some indie Linux-based VPN on Github, sure, though I'd still question those. I seriously doubt TOR is a honeypot, and as far as I know, using Tails basically requires you to use Tor. If you don't trust Tor, the next bet is probably Mullvad browser or Librewolf.

The two VPN's I know of that not only don't store data, but refuse to comply with subpoenas, are Mullvad and ProtonVPN. Mullvad VPN even lets you pay with cash by mail even though they're in Sweden, or with Monero, and can't even make an account to boot, you just send payments to a generated account number, almost like a prepaid burner phone. They're straight ballers man.

I'm a be frank here and just say that I don't believe that true anonymity is even possible on the internet anymore. Just about everything we use requires some kind of footprint.

VPNs can be subpoenaed and they most definitely won't protect you. (Not to mention that I think that VPNs are just honeypots). TOR was created by the feds and I'm sure they keep track of which device downloads the software.

Trust me, I went down this rabbit hole a while ago. It's all a matter of how bad do the feds want to come after you. You will never truly be anonymous.

The real question is why do we need to be online that much to begin with? To consume media? That's wasteful and to use this forum can be reduced to 15 minutes on McDonald's wifi.

The majority of human history was lived without the internet, I don't think being anonymous on the web is the pressing issue, but being on the web too much is.

God bless you all on your journey!

It is absolutely possible to be anonymous. Yes, 99.99% of VPNs are honeypots, but not Mullvad/Proton VPN, and probably most indie developed VPNs on Github... but i'll happily pay for Mullvad knowing I can trust them and knowing it will work consistently. Beyond that, buying a used laptop with cash, wiping the HDD (and by wiping i mean really wiping, ie using DBAN or similar), then replacing the network/wifi card. I really doubt TOR was created by the feds, but, Mullvad browser, Librewolf, or even Hardened Firefox are suitable alternatives. And yes, you are correct, most of this is beyond overkill for the average person, and it begs the question why you feel the need to do it.

...However, if you were so inclined, you can take this a step further. I got these instructions from an individual and saved them a txt file in case I ever need to know how, and while I can't imagine ever needing to, it shows that a dedicated individual CAN stay anonymous if they are serious about it.

The first step is acquiring the technology without getting your identity involved at any stage of the process.

Buy a laptop online using fake information that was generated and only access via public networks. Ideally through a secondhand website like ebay not from a big box. Ship it to an Amazon locker using said fake information. Gift cards purchased either anonymously or through websites (gyft) that you can put all fake information would work. Show up at the locker on foot wearing a mask and gloves to get your item.

Any activity that you be doing should be on a public wifi network using Tails. For added measure, find a proxy list and plug it into one or multiple of them to reroute your traffic. This has the advantage of not being able to immediately identify who a particular address belongs to; but will put you on any cameras. So make sure you pick a very crowded location. You can scope out camera locations ahead of time and attempt to plan a route that avoids them.

Buying a refurb laptop with cash is good, you just need to remove any semblance of who you are from the equation. Don't go into bestbuy and buy a laptop with cash because even though they wouldn't be able to track the credit card used to pay, they'll still be able to pull the time it was purchased and the camera time from the receipt and the hardware of the laptop.

Replacing the wifi chip is probably a good idea, but if you mess up the above it won't matter cuz your tracks would already be the there. Wiping the hard drive is really just standard so duh, i would even just pop a brand new one in there (of course purchased using the same steps as the above to further complicate your tracks)

Once Tails makes an ARM version (idk if they do or even if its planned I haven't really looked) I would switch over to using that, then potentially do some complicated tunnels to make things annoying. Speeds are gonna be fubar but fug it its to hide.

Strictly from an oppsec interest standpoint, theres a ton of different ways you can get got then simply installing Tails and calling it a day. Unless you're doing real bad s*** (like in your example Snowden used it because he would have the full force come at him if he didnt) there really isn't any huge come down on you. Most real life hackers will use various relays to bounce their traffic; and even still those aren't for main vectors. In cases I've seen, compromised cloud infrastructure, OR just setting up cloud assets themselves using forged information is how they protect their anonymity.

 

[Blade Runner]

If you wanted to keep using Windows to some degree, is there a modified Windows OS version that is generally less tracked or has the lowest hanging fruit parts removed, or should one just go with Linux OS types (like Tails or others)?

 

[Thefinalepic]

If you wanted to keep using Windows to some degree, is there a modified Windows OS version that is generally less tracked or has the lowest hanging fruit parts removed, or should one just go with Linux OS types (like Tails or others)?

Just switch to linux. You won't be disappointed.

 

[Batman]

Just switch to linux. You won't be disappointed.

You will be if you need to use the superior proprietary Windows-based software (like editing, multi-monitor config, media, and anything with nice, clean GUIs), or if you want to play video games. Even cross platform software is usually a massive headache to setup on Linux since it's not standardized. OSS sucks, even LibreOffice is ass compared to Office. Linux is fine if all you do is code or browse the web, it is in fact in some cases perfectly suitable for casual use. Depends on your needs. You could always just dualboot, though.