Snowden, VPNs, and Tor

Text you type makes it easier to fingerprint you. Everyone types differently and talks about different things. If you talk(ed) about the same things on clearnet then you're pretty much revealed or at the very least narrowed down significantly. If you didn't, then the way you type is still useful metadata for cross-site analysis.
Files you upload make it easier to figure out who you are. For example, the snowden pic in OP has only been downloaded by a limited number of people, so only they can upload it.
The time you spend online on Tor always falls in the interval you're connected to your ISP(s). Your ISP knows when you connect to Tor and knows how long you're connected. The time you log into websites over Tor and the time you spend there narrows you down to less than 10 time zones. Combined with other metadata you can get uniquely identified.
Basically, don't register on anything and don't use centralized services if you can help it. Briar, Jami/Ring (over Tor), Tox (over Tor) and other serverless software is better than registering on a forum if you want to talk over Tor.

Everything you do online leaves metadata which can be used against you, even on Tor. It takes a lot of effort to connect it all, but if you fuck up by using Tor like a retard then you're very easy to track down.
invidio.us/watch?v=eQ2OZKitRwc

no, not CP, I don't do that. However, I have used Zig Forums for political speech and frankly given the way things are going, especially with this place and the moronic Tarant mosque fiasco, I'm worried about political persecution, that all this shit we're saying is stored somewhere and it's all ready on tap for whenever I or anyone makes a mistake and they'll bring in all this shit to create a profile to help prosecute you for saying the wrong things.
I use TOR and the VPN to visit Zig Forums and comment, and I use TOR with maximum safety settings always engaged.
I suppose by "meaningful resistance," I mean can the things I or anyone says on the internet while implementing TOR to its safest possible usage and a VPN like for example NordVPN be traced by to use in real life to our real identity without ever giving up through our own volition our identifying information in any way?
Basically, can we ever be totally anonymous while still exercising our rights through these services?

Good writeup. Plus the hardware backdoors make it harder to avoid.

not impossible, but using the methods mentioned will make it at least require some amount of effort for (((them))) to attribute things you do online to your real identity.

Lurk more.

Browser fingerprinting. Also, a large majority of VPNs are hosted by 14 eyes countries and their surveillance allies. You're just trusting your VPN (and their ISP) with your data instead of simply trusting your ISP.
IP is not a representation of a person. Browsing habits+browser fingerprint are. An IP just helps figuring out where you are without any effort. If you literally did nothing to change your browsing habits then you're literally paying for nothing and might as well wipe your ass with that money. Using a VPN to hide your IP is the equivalent of resetting your router to get a new dynamic IP. It doesn't do shit. Even worse, you're probably buying the VPN through a traceable method, so you're already exposing your identity.

so you mean visiting websites in general? Using the internet as such?
Then ultimately there is no way to avoid detection because inevitably you will fall into a certain browsing pattern on some level. You would have to constantly be visiting random websites for random intervals indefinitely to try and scramble any pattern, correct? This seems impractical or at least beyond human patience.

If you don't have the patience for privacy then you won't have privacy. At some point you absolutely need to lose convenience for privacy.
Doesn't work. Bot requests are easy to detect and filter. If you're thinking of manually visiting websites then no, it's not useful and just further spreads the attack surface.
If you do everything over your VPN what you did without it then you did absolutely nothing to improve your privacy. That's what you need to understand. Don't listen to VPN shills telling you that VPNs protect your privacy. They don't. VPN shills are just making money by shilling the VPNs even though 99% of users won't have any benefit from it. VPNs are as useful as putting a condom on your thumb. Just use Tor. It's more private and it's free.
Compartmentalization:
invidio.us/watch?v=lLessJ4R6w8

I get what you're saying but it seems that covering and encrypting your IP address must in some way have a benefit or at least throw a wrench in the works and give "them" more work to do to find you. For example. Zig Forums logs your ip address with each post you make, and so you can use a VPN to get around bans, etc, by using a fake IP address that many others are using. That's completely useless for someone who would only visit Zig Forums through a VPN?

I mean, all those morons who were commenting in the Tarant thread (I didn't go near it, I haven't posted on Zig Forums in forever and certainly never will again) and cheering him on, how are they not arrested? All those posts are tied to their real ip addresses and thus real location and thus real identity, assuming they weren't behind a VPN. If they were using a VPN, then those posts are tied to the fake ip address and so they're protected to that extent. At that point logistics and the law of averages kicks in in the favor of anons.
is this an over-simplification?
basically I used to use Zig Forums regularly years ago during Gamergate without a VPN and I'm worried that the fact that I even commented on that board is going to come back to haunt me thanks to that Australian dumbshit and the deranged leftoidism he's helped further unleash.

libraryqtlpitkix.onion/library/Computing/Keystroke Recognition Using WiFi Signals_ Kamran Ali_ Alex X Liu_ Wei Wang_ Muhammad Shahzad_ 2015.pdf

Keystroke Recognition Using WiFi Signals

ABSTRACT
Keystroke privacy is critical for ensuring the security of com-
puter systems and the privacy of human users as what being
typed could be passwords or privacy sensitive information.
In this paper, we show for the first time that WiFi signals
can also be exploited to recognize keystrokes. The intuition
is that while typing a certain key, the hands and fingers of a
user move in a unique formation and direction and thus gen-
erate a unique pattern in the time-series of Channel State
Information (CSI) values, which we call CSI-waveform for
that key. In this paper, we propose a WiFi signal based
keystroke recognition system called WiKey.

clearnet: sigmobile.org/mobicom/2015/papers/p90-aliA.pdf

90% of what you talked about is information an attacker doesn't have access to unless we're talking about the NSA, and even then they'd have to mine the shit out of information to get.

I think it may stump non-targeted surveillance if you pay anonymously. For instance the Endchan FAQ says that most CP spam doesn't come from Tor, but from VPNs. If it did nothing all those guys would get arrested real fast.

Depends on your threat model. If you're trying to spread jurisdiction then a VPN works fine.

A lot of this isn't a problem unless you're under active surveillance. I seriously doubt they have a bot that is combing through all the shit on the internet and logging who downloaded what pictures and peoples typing styles and interests. If they do collect that sort of data then its in a giant database and they'd have to be real interested in you to comb through it and make sense of it.

Can someone post this pic?
washingtonpost.com/news/post-nation/wp-content/uploads/sites/23/2014/08/snowdenhayden.png

I call it a limited hangout, and a distraction, he worked for the CIA and told nothing new.

businessinsider.com/ex-spies-say-snowden-is-working-with-russia-2014-5

Clearnet link:
sigmobile.org/mobicom/2015/papers/p90-aliA.pdf

(Sorry for not even reading the thread)

muh JS exploits

real accounts over Tor

Tarrant is a hero, normiecon. If there were 10,000 white men like him in every white country, the West might actually have a chance. If your politics are such that you feel the need to virtue signal about what a bad, bad man he was, you have nothing to worry about. Your "political speech" is no different than that of tens of thousands of Fox News watching boomers "owning the libs" on townhall.com and similar venues.

No matter how many times you say this, it will never be true.

ARPAnet, retard.
Which had public knowledge in 07'. Proof that you're a spooge drinking CIAnigger.

Why do you think VPNs are any use?
Why do you shit up the board with your stupid newfag thread instead of learning about the topics you're apparently interested in?

Snowden released plenty of information on VPNs but nothing of relevance because everyone already knows they're shit.

Blatant lie.
Even if this were the only case of JS being used for malicious purposes it's still a lie.

The FBI hacked Freedom Host which was the largest onion host ever, running a shitton of popular sites.

Everyone visiting Tor Mail was attacked.
Everyone visiting TORDIR was attacked.
TORDIR was the main .onion site Wikipedia sent new users to.

ARPAnet didn't exist in the '50s, retard.
Bull shit.

Everyone who says Snowden only leaked things that were public knowledge is either:
1. A fucking retard, or
2. A bioluminescent sub-Saharan working out of Langley who doesn't want people to think the Snowden leaks were something new that people should be upset about, but just old news.

As for you, I doubt the gov't would hire you for so much as mopping floors. You're just plain retarded.

Jus call it a glownigger or CIAnigger you turbosperg.

Zig Forums allows posting from Tor. You don't need a VPN.
Simply hiding your IP doesn't benefit you, companies no longer track people using IP addresses because you can't link an IP to a real person reliably. All phones and over 80% of home routers get a dynamic IP from their providers. People get tracked using the browser fingerprints and all normie sites log those. IP can help you get the country of origin, but it's the fingerprint alone that can uniquely link your online activity. See:
panopticlick.eff.org/
browserleaks.com/

You're forgetting that everyone is under a passive surveillance. Companies are datamining users with every bit of data they possibly can because it literally takes 0 effort to do so. All it takes is for NSA to buy/demand this data, then go through it or for a company to make an "AI" which will somewhat accurately automatically link real identities to collected data. There already is a program which somewhat accurately predicts your age, gender, race, financial status, education level and country depending on the sites you visit, posts you make and a few other things I can't remember now.
Well yes, the user did ask "how can they find you using targeted attacks".

The scenario is you're logging into random forums and communicating with people. An attacker has access to your username, time you're active and the way you type. If the attacker is the website host/moderator then they have access to more information.
Your life before you got interested into privacy is already "mined" even though it may not be sorted out. And didn't they say that everyone who searches for Tor online is already on a watchlist?

Because not everyone lives in a country where shitposting is illegal.

FBI doesn't care about edgy teenagers posting or downloading CP. They're much more interested in people producing it.

Not him, but I like bioluminescent sub-Saharan.

Attached: glow in the darks.jpg (1110x590, 114.05K)

Attached: DABS.png (800x744, 135.31K)

search.edwardsnowden.com/docs/FieldedCapabilityEnd-to-EndVPNSPIN9DesignReview2014-12-28_nsadocs_snowden_doc

in that doc about "Spin9" from Snowden, it clearly shows NSA has been bulk decrypting all VPN traffic since at least 2009. so no, you cannot trust VPN. NSA has automated the collection of VPN traffic, as well as the decryption of it. it's not even a process of "hey, looks like Bob is using a VPN, we better fill out a warrant, take it to a FISA judge to approve it, turn on the wiretap for 60 days, and see if we can steal Bob's password."

it's more like "hey, looks like Bob is using a VPN. look up Bob in XKEYSCORE with the whole world's VPN traffic which we already ingest, decrypt, search and index."

the more Snowden dox about NSA attacking VPNs that i read, the less and less i trust any crypto. crypto is fucking snakeoil. crypto is the illusion of security and anonymity. now before you question "well if NSA is cracking all crypto like VPN, then how come they never caught Snowden himself, and how come all of the pizzagate pedorings and darknet drug cartels exist?"

i have an answer for that. back in WW2, when the Allies were decrypting ENIGMA, they intercepted dozens of cables sent to German U-boats identifying the next targets to sink. the Allies sat back and let those U-Boats sinks dozens of Allied civilian ships, because if they intervened, it would have tipped off the Germans that the Allies were decrypting ENIGMA. that is how deep the rabbit hole of keeping the terrible secret of ULTRA went.

i would expect no less from NSA today than from the US Army Signals Corp and TICOM with ULTRA back in WW2.

search.edwardsnowden.com/docs/IntrototheVPNExploitationProcess2014-12-28_nsadocs_snowden_doc

search.edwardsnowden.com/search?utf8=✓&q=vpn

Agree on most your points but don't come to the same conclusion. They were only able to decrypt some of those VPNs because of implementation weaknesses, not due to a vulnerability in the cryptographic algorithm itself. So you can't say properly implemented crypto is snake oil.
I like the U boat analogy. In a way it reinforces that everyone who isn't a binLaden has nothing to worry about personally, if going after them would risk revealing a capability like that. In general it would be good to keep trying to reign in the spooks and make them respect their oaths of office, and reduce or redirect their funding to more productive ends.

invidio (youtube mirror) has an onion site too
kgg2m7yk5aybusll.onion
thats right, youtube on .onion
thank me

PS you can disable javascript and it still works
if you use safest settings you have to enable media in noscript

Did you seriously bump this fucking shill thread to shill your stupid youtube wrapper?
Yes it's a great service but gtfo.

is there a 0day in html5 video or wtf

no

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

HAPAS ARE SUPERIOR TO WHITES

Wow. Just wow.

Schizophrenia is one hell of a drug.

DAILY REMINDER THAT BRENTON TARRANT WAS A MASONIC JEWISH/ZIONIST PSYOPS

Why is there so much racism in this thread?

This isn't going to work. Try again.

I smell some satanic fuckery here.

I smell some satanic fuckery here.