Zig Forums - Tech General

I had decided after talking with some other anons, that this would be of great use. Why is it great? Because Zig Forumsacks need to know how to technologically defends and exercise their free speech, as well as protect themselves. This will be quite a long post, but very important. Every Zig Forums user needs to know how to defend themselves against the internet. Quick tip: If you're using an OS that you just don't feel like switching from, that's fine, changing Operating Systems can be a big thing to do. But, still, make sure you download absolutely no malware and make sure you run no programs, that you don't need.

1. VPNs
There's a lot of things to talk about when it comes to VPNs.
Namely, logging, 14 eyes, security it truly provides.
So let's start on logging. 99% of VPN services are going to be logging. There would be no real reason for them to not log their users. It makes their job easier and safer to provider a VPN service that logs the user data, so they don't have to pay for lawyers and so on.
Now, the 14 eyes. The 14 eyes are 14 different countries that spy on their citizens as well as spy on the other (eye)'s citizens. If you work in one of those countries, you need to tighten up OpSec. List of 14 eyes can be found at privacytools.io along with a few other things related to them. Now the last topic, what security does a VPN truly provide? Not much. Along with 99% of VPN providers logging, they also don't have any proof that the servers they use aren't backdoored / hacked by feds.

So what's the solution if VPN providers aren't useful? Buy a cheap VPS (under 10-15 dollars) at any VPS (virtual private server) outside of the 14 eyes. Then, you can setup openvpn (the software) using an automatic script which can be found at: github.com/Angristan/OpenVPN-install which is my chosen autoinstall script for openvpn. Here's a place to read a bit more indepth upon my VPN subject: gist.github.com/joepie91/5a9909939e6ce7d09e29

2. What's next? Operating systems.
Linux is not as secure as people make it out to be. Use FreeBSD!
FreeBSD has no systemd, the kernel is built upon security, and has a long track record of being secure. Systemd is funded by the NSA, the code has never been audited, and is built by a proprietary group (Redhat), and very likely contains backdoors and 0day exploits. The major Linux distros (Fedora, Arch, Debian, Ubuntu) all use systemd, which makes them exploitable and insecure. FreeBSD tops all of that, and is very well documented so you can learn your way around while being what's considered a noob. Also, don't use Windows for anything serious, you already know why. FreeBSD protects your privacy and freedoms to the extent you want and need, so use it. Upcoming, links and docs.

FreeBSD Handbook Guide (very very detailed): freebsd.org/doc/en_US.ISO8859-1/books/handbook/

Installing a Desktop Environment (interface with icons and all): freebsd.org/doc/en_US.ISO8859-1/books/handbook/x-config.html

Make sure to install a DE (Desktop Environment), and I'd go with xfce4 so install it once you get the OS set up with "pkg install xfce4" and go through the package process. The reason I choose xfce4 all the time is because it's the 'minimalist' DE and quite quick when compared to other bloated DE's.There are plenty of tutorials on installing a desktop environment, make sure to get one that suites you. You'll also learn here how a base unix/linux system functions when you have to set all of this up on your own. Very good learning experience.

Attached: 8c4.png (1042x663, 526.87K)

Other urls found in this thread:

github.com/pyllyukko/user.js/
github.com/pyllyukko/user.js/#installation
mailinabox.email/
github.com/mail-in-a-box/mailinabox/blob/master/security.md
sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
help.ubuntu.com/community/SSH/OpenSSH/Keys
support.rackspace.com/how-to/linux-server-security-best-practices/
github.com/telemetryapp/logwatchd
puschitz.com/SecuringLinux.shtml
computerworld.com/article/3144985/linux/linux-hardening-a-15-step-checklist-for-a-secure-linux-server
pcauthority.com.au/feature/10-ways-to-harden-the-security
blog.torproject.org/mission-impossible-hardening-android-security-and-privacy-on-your-android-phone-447215
youtube.com/watch?v=9XaYdCdwiWU
en.wikipedia.org/wiki/FreeBSD#Security
archive.fo/287GG
freebsd.org/internal/code-of-conduct.html
reddit.com/r/freebsd/comments/7xapx2/freebsds_new_geek_feminismbased_code_of_conduct/
voat.co/v/technology/160580
thatoneprivacysite.net/vpn-comparison-chart/
wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Disabling_the_Intel_Management_Engine
vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security
wiki.gentoo.org/wiki/Hardened_Gentoo
twitter.com/SFWRedditGifs

3. Browser hardening, this one is somewhat quick and easy to do.
What's the point of it? It will harden you against many exploits and will prevent a lot of tracking from happening.

To start, we will use mainstream firefox (any firefox will do I believe?), so go download it from the official website.
A quick search will be sufficient to find it.
Once you have firefox installed, close it and open up your previous browser.
In your previous browser, go to : github.com/pyllyukko/user.js/
And copy the user.js file's contents to a file on your desktop, and name that file "prefs.js"
Once you have transferred user.js' contents to prefs.js on your Desktop, read this…
github.com/pyllyukko/user.js/#installation
That will tell you where to put your new prefs.js file for your Firefox browser to be hardened.
After you have implemented this new file, open up Firefox and it should be loaded, provided you closed it before-hand so you could replace it's prefs.js file.
Now, you will need to install NoScript and HTTPs Everywhere. A quick google should turn up good results easily.
NoScript is needed to block JavaScript, HTTPs Everywhere will force websites that have ssl/tls certs available to let you use them so all of your connections are encrypted.

4. Making an email server, important to not be spied on via E-Mail.
Running your own Email / Chat servers.

Note: When questioning what operating system to host on, use FreeBSD

You'll be signing up for services, which usually require an email.
I highly suggest making your own email server. For that, you can use these…
Mail-In-A-Box: mailinabox.email/
That will help you set up a mail server without much knowledge, read all of the documentation on it.
Recommended security practices for mail server: github.com/mail-in-a-box/mailinabox/blob/master/security.md
How to NSA-proof your mail server: sealedabstract.com/code/nsa-proof-your-e-mail-in-2-hours/
Tip : Make sure to follow my server-hardening tutorial on your mail server.
It's crucially important that you do because of a few reasons.
Maybe your mail server software doesn't get hacked, but if you get your ssh service hacked or
something along the lines of it, then you're in no good condition.
Another tip : Use http basic authentication (easily found and set up in web servers like nginx and apache2, I recommend nginx compiled from source to be hardened.)
Use http basic authentication to hide the mail server's web interface, that way only you have access to the mail server.

5. Last topic, hardening a server (VPS)

Hardening a server white-paper.

1) SSH
2) User accounts
3) Firewall
4) Logs
5) Hardening directories
1 - SSH
In SSH you will want to use key authentication, not password.
Passwords can be cracked via bruteforce or dictionary attacks.
Documentation on key authentication: help.ubuntu.com/community/SSH/OpenSSH/Keys
As well, make sure to change the SSH service daemon port.
You do not want people scanning your port 22 SSH server.
Just as well, make sure to configure sshd_config and disable root login.
Also, install something like fail2ban for good measures.
2 - User Accounts
Simple enough.
Have random usernames, nothing related to you.
Have long passwords which are stored in a password manager for safe keeping.
Make sure users can only work in their home directory, make sure they do not have access to certain binaries.
Make sure to change passwords frequently.
Tips - support.rackspace.com/how-to/linux-server-security-best-practices/
3 - Firewall
Pretty straightforward.
You can either use UFW (uncomplicated firewall) or you can go with the latter choice, iptables.
I recommend iptables because it allows you to do anything you want, it's entirely flexible.
Plus, tons of documentation on it.
Make sure to only allow your IP or VPN IP to login using this tool, iptables.
4 - Logs
Install a log watch tool, there are plenty of them.
Use them to watch the logs, and block IPs that try to attack or scan you.
You will want to keep a watch on your logs and blokc attackers, and federal servers (you can find a list online to block.)
Logwatchd - github.com/telemetryapp/logwatchd
5 - Hardening Directories
You will want to edit your fstab file, and block /tmp from being executable, and only allow certain programs
to access /tmp/ and not all users able to access it. Make sure to really go through each system directory and you should be good to go on that.
puschitz.com/SecuringLinux.shtml
computerworld.com/article/3144985/linux/linux-hardening-a-15-step-checklist-for-a-secure-linux-server

Last thing before I go, where a Zig Forumsack should communicate and how to safely communicate.
Avoid anything owned by Google, Yahoo, major corps, you get the idea.
You will want something like Matrix.org with the riot.im client, which I personally use (Contact my riot username "@suicide:matrix.org")
Look for decentralized technology, use Tor to proxy through if possible, etc. Fairly quick, I believe most people know to avoid Discord, Skype, etc for sensitive topics.

bump because important

You're taking this the wrong way
Make sure they can't execute any binaries except the ones they need.

That's my point, make sure they don't get stuff they don't need, only the ones they are supposed to have, e.g compilers, bash, etc.

Bump because everyone needs to see this

Take it to Zig Forums faggot.

Kike, fuck off.
This is important, every Zig Forumsack should be able to defend his internet activity.

Any chance you could provide information to make mobile operating systems more secure as well? Such as different os options for the Android platform?

Put a bullet through it.
Currently there's two or three phones that can be free from the botnet, everything else shares information to improve your experience

pcauthority.com.au/feature/10-ways-to-harden-the-security

blog.torproject.org/mission-impossible-hardening-android-security-and-privacy-on-your-android-phone-447215

Such as?

Also checked, my b

Ty senpai

schizofag reporting in

none of this matters anyway if you have a nvidia based graphics card because they use proprietary language that allows rootkits to hide in the rom memory storage, essentially allowing an operating system to replace your visible operating system with an infected version, there is also this in (((intel chipsets))) thanks to ziokike faggots

even this reply required me to disable multiple addons and security features because this place is a shitlord honeypot full of faggots

Hello NSA

Get a burner every couple months from your local gas station.

Pay random person or child to walk in and buy it.

Very important video that you must watch, titled "#HITB2012KUL D1T3 - The Grugq - OPSEC: Because Jail is for wuftpd" and the URI is : youtube.com/watch?v=9XaYdCdwiWU

It's very very detailed, I highly recommend it.

99% of VPNs logging is a ridiculous claim. Sounds like you don't want people to use VPNs. Even if they're logging, it protects you from hacking by everyone except the NSA, and they probably only send the logs in response to a request. So, unless they're already investigating you (and they won't have any reason to without your internet logs), you're protected.

Creating your own VPS is silly when we already have Tor, which mixes your traffic with millions of other dissidents.

Your claims about Linux are also repetition of a meme, not factual statements. What specific vulnerabilities are there with which specific Linux distros? Because the security-focused distros like Tails are pretty tough nuts to crack, and even Ubuntu is going to make it significantly harder than windows or mac.

You forgot to mention Tor browser, which is a pretty hardened browser when used properly (noscript)

Even if they can't hack the sever, they'll intercept your messages. Encryption is far more important, and I would trust something like Proton mail with end-to-end encryption over a secured server with no encryption on the actual e-mails.

Kill yourself CIA nigger. Before someone else does.

Why would I trust anything out of Berkley?

(((Tor Poster)))

Fuck off, for one.

Secondly, in reference to

You're using a widely known service to protect your data, bad idea. Also, I included a site that shows you how to NSA-proof your email server.

Thirdly,


Tor Browser gets you quickly put on a list and monitored for downloading from either torproject.org or tor.eff.org so not a good idea, plus people actively hunt for exploits (NSA / FBI do) in Tor Browser.


Tails uses systemd, so does ubuntu, any system with systemd is a failure. Systemd's code has never been audited and is clearly funded by the NSA, so it's the practical same as using binaries.

Onto this..

I don't want people to use a VPN (((service))), I want people to make their own VPN on a VPS, from any country outside of the 14 eyes. In this case, diversity is good. Spread out and don't follow the idea that a company is going to go to court for you.

Looks like you're uneducated / ignorant as fuck.
Maybe do some research you fucking kike, quit being so obvious.

FreeBSD / OpenBSD / etc, use the BSD kernel which has always been built upon security.

Source:en.wikipedia.org/wiki/FreeBSD#Security

Glowing. Limited hangout NSA nigger wants to discredit effective opsec measures and shepherd people into ineffective ones.

Never heard of it, and don't really care.
And not everyone is an autist, shivering in their boots about somebody finding out who they are. I quit caring a long time ago.

You all act like you're members of revolutionary cells, with important information to pass along. The government probably doesn't know who you are, and doesn't see you a s a threat. They don't care about people that grumble on the internet, they care about people that intend to take action, and if you're someone like that, you wouldn't be using the internet for comms, at all.

Attached: IFuckedYourMom.jpg (500x569, 86.55K)

Retard.
You literally compared a VPS to Tor, how much dumber can you get?

Once again, fuck off, (((Tor Poster)))

If you're fine with being put on a list, go ahead and download Tor Browser, but a better idea would be to proxy firefox through Tor using bridges to connect so you're not put on a list.

Then fuck off with making absolutely pointless statements.


So you're retarded


So, FBI, slow day at the office?

...

install gentoo

Attached: 86660a4787c9ff4db8eac821636491e9ad28a48210ff7aa36829064d5b9aebf0.gif (200x150, 2.56M)

You can download TOR over email to prevent being put on a list, there is also DNS crypt you can use for visiting torproject.org

Read torproject.org and it will state that it is written / typed Tor and not TOR.

Just as well, you're somewhat right about DNSCrypt, but at the same time you could make your own DNS servers with DNSSEC enabled, or use someone else's

No logic there at all.
I'm saying don't get put on a list, and you call that attacking opsec.

Obvious kike is obvious.

Not trusting anything out of Berkley is not without foundation.
As for the government throwing a "dragnet" over all internet communications, the only reason they do that is so YOU think they do. They don't have the ability to monitor all the multi-millions of accounts in America, they have no idea what's being said. The entire idea is to log all your crap, so that if you ever become a problem for them in the future, they can insert damning shit into that log, shit which nobody will question, because…after all…EVERYONE knows they keep records on everyone, right?

They already have records of your postings and browsing, that's all they need. If you manage to stop any future data-logging, they'll just make more up, anyway.
And I guarantee they'll have records of you browsing CP sites, as well as bomb-making sites, etc.
How can you disprove their phony files?
You can't.

Attached: BoredAtTheScreen.jpg (800x570, 70.21K)

It's over, NSA. We caught you. Wait a few weeks, come up with some new ideas to corral us into some spying honeypot, and abandon "Muh Tor poster." It's never worked here, and it's the easiest way to recognize you faggots.

Also, kill yourself.

Source?


So what's the foundation? What source of evidence do you have? None presented so far.


Snowden and others have proved it's real, but okay FBI.

Me: Don't get on a list by downloading Tor Browser from the main sites and become an obvious target to feds

You: Kike! NSA! FBI! Go away you fed!

Nigger get lost

Except, denying them access to your browsing denies them the information to determine if you are the type of person they want to frame. They can't frame millions of Tor users.


You glowing nigger.

Also, something I forgot to mention about a VPN. If a VPN offers a lifetime access subscription (one time payment) then that VPN definitely sells your information. How can a VPN provider pay monthly payments on vpn servers if you only pay one time?

Not as quick as Zig Forums. For a self-proclaimed opsec expert, I'm surprised you've never heard of public internet.

Now, kindly kill yourself.

Yep, and there's a whole board for it. Escaping the botnet is a major theme of Zig Forums and many Zig Forumsacks post there. It doesn't belong in Zig Forums.

The Utah Data Center, also known as the Intelligence Community Comprehensive National Cybersecurity Initiative Data Center, is a data storage facility for the United States Intelligence Community that is designed to store data estimated to be on the order of exabytes or larger. Its purpose is to support the Comprehensive National Cybersecurity Initiative (CNCI), though its precise mission is classified. The National Security Agency (NSA) leads operations at the facility as the executive agent for the Director of National Intelligence. It is located at Camp Williams near Bluffdale, Utah, between Utah Lake and Great Salt Lake and was completed in May 2014 at a cost of $1.5 billion.
The data center is alleged to be able to process "all forms of communication, including the complete contents of private emails, cell phone calls, and Internet searches, as well as all types of personal data trails — parking receipts, travel itineraries, bookstore purchases, and other digital 'pocket litter'.

Attached: NSAUtahDataCenter.jpg (1000x536, 130.53K)

Would you quit shilling your bullshit arguments already?

1. Never claimed I was an 'opsec expert' you lying faggot

2. I'm not going to the library everytime I want to get online

That doesn't show how they will make more data up, sounds like you're just trying to implant fear among us.

No, this thread is about opsec and using technology to defend yourself and so on.

Your attitude continues to be inconsistent with your claims.

Thread archived archive.fo/287GG

What makes you think they cannot alter their own files, that are under your name?
What makes you think they are not putting pressure on ISP's to cooperate?
They can make you look like anything they want you to look like, if you ever become a real problem for them.
They don't even have to take any legal action…if you become a problem, they simply "leak" your data to the press, with all their concocted "damning evidence" and destroy your career or political ambitions, or whatever.
Then they apologize profusely and swear it will never happen again.
YOU are left protesting that none of it is true, and no one believes you, because it is well known that the NSA logs everything about everybody, don't you know…and claiming it's all fake is exactly what a guilty bastard WOULD do, right?

Attached: ThenNow.jpg (1915x966, 331.39K)

You should only trust Microsoft 10 running on latest Intel, good goys. And make sure to sign into your google account before posting here.

Attached: firefox.png (500x522, 40.8K)

Okay, subjective argument, it's all about how you interpret it, so argument rejected.

Or, someone that's innocent, but you know, you do you FBI.

You shouldn't trust anyone.
How old are you?

You're kidding right?

I'm talking about public perception, and you know I'm right.
Look at how easy it was to get half the population to believe the President was in cahoots with Russia, even though every action he's taken shows he's not.

A lot of money spent on a single person, millions to make the entire media collective attack a single person. Would go down in history if that happened. Besides, most republics have the idea that if liberals think something, you think the opposite. So, if we get soyboys on board with hating me/you/etc then ofc there is to be a large opposition of it.

Check'd

Just as well, that's entirely assuming they even falsify data like you said, and you never gave any proof at all for any of it being true

This is rich coming from the guy who thinks "you're a kike" and "muh Tor poster" is an argument.

Kill yourself.

Bump because useful thread

Bumpin

The FBI just took a chunk of fan-fiction written by a 4Channer seeking lulz and used it to get a FISA warrant from a judge, and all because they hated the guy who won the presidential election.
You seriously think they wouldn't falsify information, if it furthers the agenda of their owners?

Link me to the story, and no, it entirely depends on what the 'fan fiction' is about before I make a decision. Quit turning this into politics anyways, this thread isn't about whether or not you're a big enough faggot to convince me of the FBI falsifying data, it's about protecting yourself from dragnet surveillance.

...

Quit the derailment kike, this thread is separate, and concise to the point. It's to serve as a general and already made guide.

FreeBSD used to be a good OS, once upon a time (I'm talking back in the 90's/00's with the 4.x series). Today it is infected with liberal SJW horseshit and the project is going downhill fast. I would be completely surprised to see the project live another half decade, given the way the it is managed today, where the politics of victimhood and uselessness have taken hold.
Further, your claim that FreeBSD is built upon security is spurious. It is probably more secure than today's Linux, sure; but that's really not saying much, is it. The fact that FreeBSD today is more secure than Linux is more by historical accident than by purposeful design. Historically FreeBSD has attracted better quality developers, without question; the code is certainly cleaner, as is the architecture; but given the politics the project has succumbed to today, that is no longer a given moving forward.
Finally, the goal of the FreeBSD project has always been performance, not security. If you knew as much about the distribution as you claim, you'd clearly know that. If you want a secure BSD distribution, use OpenBSD instead (but be willing to sacrifice some performance to get it).

Avoid FreeBSD, their community has been invaded by SJWs and as a result it will go to complete shit pretty soon. Use OpenBSD instead, the developers judge contributions strictly on technical merit and will tell anyone who tries to force a Code Of Conduct upon them to fuck off.

"Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices."

Taken from front page of freebsd.org

Also..
Retard, once again I have not claimed a thing.


Please show me how they have fallen victim to SJWs?

Well they're not going to come out and say on their front page "our security is shit compared to OpenBSD", are they.

Anons, don't listen to this dickhead, he doesn't know what he's talking about. If you want to educate yourself on security issues, head over to Zig Forums, and be prepared to spend some time learning.

Certainly, you're saying things that are only assumptions.

I'm saying that you're giving poor advice, and anons would be better learning for themselves from Zig Forums.

Literally anything at all is safer than Windows, you didn't have to start the thread off by shilling for SJW-BSD.

If you can point out how their political ideas and the code the write is connected, I'll be sure to agree with you on OpenBSD being better. I'm going to switch to OpenBSD likely soon anyways, their (FreeBSD's) code of conduct is incredibly autistic.

Attached: GoldenShowerDossier.jpg (500x606, 63.85K)

Imagine trusting anything from 4cuck.
Also, FBI didn't falsify the data, some retarded kid did.

ty savv'd

freebsd.org/internal/code-of-conduct.html
reddit.com/r/freebsd/comments/7xapx2/freebsds_new_geek_feminismbased_code_of_conduct/
voat.co/v/technology/160580

You don't know what you're talking about.
Use Tor.
Nothing is.
Linux itself doesn't have systemd. I don't know if I'd call FreeBSD insecure, but I do know that it's missing some features that its competitors have: like address space layout randomization.

Okay, but why?


FreeBSD / OpenBSD are more secure than any distro with Linux


But who's using just the linux kernel and nothing else?

...

Stopped reading there.

The FBI knew it was false, and the first time they took it to the judge, the judge rejected it because they had nothing to corroborate it.
So the FBI leaked the "golden shower dissier" to Buzzfeed and Yahoo "news," then took the resultant "news" articles on it to the judge as the corroboration.

They actually created the corroboration the judge wanted, by leaking the original dossier they already knew was crap.
That sounds like falsifying information, to me.

Found some excerpts from the dossier, that were leaked…

Attached: Excerpts.jpg (1200x772, 131.05K)

we dont need Zig Forums tier threads here, prove it or fuck off. no normie gives a fuck about BSD either, so stop screeching. you could have said something sensible like try ubuntu for a month or look for a vpn provider with wireguard support because it's a lot better than openvpn.

LET'S DO INVERSE SECURITY
Since the majority of anons are not tech savvy or top secret spy mode, we will start with essentials. Then move up to more advanced/difficult. And of course each level is ADDING on to the previous lower level.
Whatever level you need is up to you.
However many items off each level you do are up to you (but you should do all of a level before going to next)
Wanna buy an 80% lower, etc? Maybe you need one of the higher levels on this list.

1. ENTRY lurking, torrenting, smart enough not to visit honeypots accidentally or post shit that gets you on a watchlist

DO NOT USE WANGBLOWS 7, 8, or 10 (or vista) IN FACT DON’T USE WINDOWS PERIOD!!!!
Use Linux Mint, or any other open source Operating System.

DO get a VPN
Surf sketchy shit only thru VPN

DO harden Firefox
Extensions/add-ons - Umatrix, Ublock, HTTPS everywhere learn how to use umatrix and ublock, theyre not hard, otherwise even non-harmful websites won’t work properly for you

DO have a LONG router password with wireless/ssh/anything-other-than-direct-Ethernet-from-within-your-home FUCKING DISABLED. Only you should be able to access you router OS/firmware.

DO learn about your BIOS/EFI/whatever you have. Lock that shit with a LONG password so no one can alter your BIOS but you. And Backup your BIOS for recovery purposes.

2. ‘’’BASIC’’’ surf chans, maybe visit honeypots, maybe talk a little shit

DO use your own cable modem (fuck that shit that Comcast tries to force people to use)

DO surf ALL thru VPN
Maybe look into VPNs outside 14 eyes, that don’t log (or at least claim so)
thatoneprivacysite.net/vpn-comparison-chart/

DO learn and use OpenVPN (preferably from their site) it does encrypted log-in & initial-connection with your VPN service (and its open source)

DO maybe go for a non-System-D distribution of Linux (or Unix)
Harder to learn, but Slackware is pretty easy once you figure out the starting-package-management (programs for install on your Linux OS are “for the most part” called packages. There are other even easier distros that DO NOT use System-D

3. ‘’’ADVANCED’’’ MAYBE PULL A LITTLE SHIT

DO use Open Source firmware on router – OpenWRT preferably

DO – GET RID of INTEL Management Engine
Use a different CPU architecture, research and get a 386/64 before VPro (2006?) , or just NEUTER Intel-ME
wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Disabling_the_Intel_Management_Engine

DO – Harden (browser, OS)
vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security
wiki.gentoo.org/wiki/Hardened_Gentoo

DO – ALL surfing thru VM (disable hyper threading on CPU)


4 INSANE HI ALPHABET
Use throw away hardware with no trace link to you
Have separate accounts-tech-etc (normie / secret) and never mix the 2
Only use multiple VPN / TOR thru public WiFi

Seems like good advice for someone who has never had an Alt thought until the day they do all this tech work. But come on guys…I have been hammering away with this shit for years…does anyone really think that 'my identity' is some sort of mystery to our rotten CIA or genocidal government? The only reason I am not dead yet is because I haven't made it high enough on the kill list. I like that you are spreading this info…maybe you could add some sort of link to it in the catalog on Zig Forums for noobs but for most people like me it is far to late to play nice now.

shut up faggot

Sounds like ad copy written by a CIANigger-tier writer tbh. Anyone in security worries constantly about everything. Making a normie-tier appeal to 'muh simplicity' on the official site is suspicious af.

System-D is suspicious as fuck, but even if they could prove through audit that its not backdoored, well it just sucks and shouldn't be used. Pottering is a B-tier coder posing as a guru.

WTF does poettering have to do with my point faggoyt?

have some real windows user advice: install windows 10 ltsb, it sends very basic diagnostics on the lowest telemetry level and probably won't send more in the future as it's aimed at enterprise and you're less likely to get breaking updates. it also doesn't restart to apply updates on active hours.

how is that even relevant to security concerns user?

He is the creator of System-D

FreeBSD is leftist scummery. If you have to, try OpenBSD. Actually made by professionals who have never worn furry/unicorn hats. Or some distro of Linux actually good for its security, like Qubes+Whonix if your pc can handle them. Distros targeted at pentesters, like the 133th@x meme distro are also pretty good if you know what you are doing.

>go to : github.com/pyllyukko/user.js/
It's as if you are trying to get ridiculed.

You know that ,unless it is your virtual machine (which beats the purpose), you have no guarantee it will not be shut down and given, even hardware-wise, to the authorities?


All and all, a pretty average guide to be honest. I'd say it's good enough for rookies, but your advice requires advanced tech knowledge. So it's basically bad for newbies due to complexity, and bad for advanced users due to wrong advice.

Attached: 1342461178263.jpg (251x249, 13.57K)

helpful

FILTERED

it means you don't get to pick out of 9001 broken/insecure configurations when there should only be one that works, it's also getting linux kernel support and is something like 5 kLOC.

I'm well aware of that. WTF does he have to do with my point that the CIA ad-copy is suspicious af?

This isn't info that needs promotion at a level written for a purple-hair poseur.
CIA Nigger pls.

The NSA goons use Slackware.

It’s probably a good idea to emulate the people that design security for the government.

If you get a VPS or pay for a VPN, your name is just as attached to your activities as it was before.
Depending on what you're doing that might be perfectly fine. If you're pirating movies and the like this will work, otherwise no.

Nothing is secure enough for someone that realistically expects that they will be gone after by three-letter agencies. If you have something really REALLY important that you want to be kept secured, don't do it with technology. Use no technology, to the best of your ability.
If you're just trying to resist passive surveillance, then use Tor.
It will be obvious you're using it, and your name will be put on a list as speculated above. You should expect that any method for resisting passive surveillance will put you on that same list.

Platitudes about operating system security are mostly about what people believe. It's very difficult to take a short list of facts about an operating system, and come to the conclusion that such-and-such system (consisting of millions of lines of code written by error-prone humans) is more secure than such-and-such other system.
The actual "security" of these systems is at best a grey area.

There are a number of Linux distributions that use other init systems like OpenRC: Devuan, Void, and Gentoo just to name a few.
Beyond that, if you know of any remote-execution vulnerabilities in systemd you should tell somebody.