Be me

what the fuck? How does it know? Should I even try to cover my footprint anymore or am I jerking myself off while only wasting my time?

Attached: 1517296822562.png (635x457, 257.53K)

Other urls found in this thread:

stallman.org/google.html
coreboot.org/Build_HOWTO
libreboot.org/docs/install
mirror.math.princeton.edu/pub/libreboot/
pcmag.com/article2/0,2817,2403388,00.asp
cnet.com/best-vpn-services-directory/
pcworld.com/article/3198369/privacy/best-vpn-services-apps-reviews-buying-advice.html
openvpn.net/index.php/open-source/documentation/howto.html
torguard.net/knowledgebase.php?action=displayarticle&id=53
ipleak.net/
cyberciti.biz/hardware/howto-linux-hard-disk-encryption-with-luks-cryptsetup-command/
techrepublic.com/article/how-to-use-a-ramdisk-on-linux/
howtoforge.com/storing-files-directories-in-memory-with-tmpfs
howtoforge.com/tutorial/configure-clamav-to-scan-and-notify-virus-and-malware/
howtoforge.com/tutorial/how-to-scan-linux-for-malware-and-rootkits/
howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
booleanworld.com/depth-guide-iptables-linux-firewall/
digitalocean.com/community/tutorials/how-to-set-up-a-basic-iptables-firewall-on-centos-6
digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubuntu-14-04
digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-14-04
help.ubuntu.com/lts/serverguide/apparmor.html
wiki.archlinux.org/index.php/AppArmor
debian-handbook.info/browse/stable/sect.apparmor.html
wiki.centos.org/HowTos/SELinux
digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-1-basic-concepts
digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-2-files-and-processes
digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-3-users
cyberciti.biz/faq/linux-disable-modprobe-loading-of-usb-storage-driver/
github.com/speed47/spectre-meltdown-checker
cyberciti.biz/faq/patch-spectre-vulnerability-cve-2017-5753-cve-2017-5715-linux/
howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/
github.com/gordonrs/thc-secure-delete
github.com/cgsecurity/testdisk
torproject.org/
openpgp.org/software/
openwall.com/Owl/
tails.boum.org/
centos.org/
centos.org/docs/5/html/Deployment_Guide-en-US/rhlcommon-chapter-0001.html
developers.google.com/maps/documentation/geolocation/intro
support.cloudflare.com/hc/en-us/articles/203306930-Does-CloudFlare-block-Tor-
darkwebnews.com/anonymity/tor-malicious-cloudflare/)
support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
twitter.com/AnonBabble

google is probably storing location cookies or your account's location is known. If you are serious about leaving no trace install firefox with noscript, ublock or umatrix, block cookies and get a user agent spoofer and set it to the user agent tor browser uses

also stop using fucking google.

learn to configure your shit

fuck off retard. installing a bunch of meme adblockers doesn't reduce your fingerprint

i bet you don't even know what noscript does. it's intended to mitigate CSRF,XSS,clickjacking etc, style vulns. and at that it's still a horrible idea and just bloat. you can literally disable JS in firecox by going to about:blank and setting javascript.enabled to 0

a bit of information for op
stallman.org/google.html
same
yeah just run google's ads goy you won't be tracked.
fag
noscript blocks javascript and lets you manage permissions based on websites you trust

You deserve everything that comes to you.

Attached: f062b3c35e7fa191a4b5c68709e3683bb1360f60c647e75250aa041a0d10e5fc.jpg (500x321, 24.09K)

That's retarded

/g/ay thread, neck yourself

when this many people sage in your thread you know it's a good time to stop posting.
4chan.org/g/ is where you belong

Know a libre user agent switcher for Chromium based browsers?

I meant about:config

ask on reddit, they should know :^)

And make it impossible to use a good portion of the net while you're at it.
You need to decide which js to run on a case-by-case basis unless you're willing to go without online shopping or online banking, and that's assuming your government doesn't require you to make your tax report on their spaghetti-code site like mine does.

This. Degoogle you nog.

thats 3. and
ishyggygtdgdsgyght
you can just make 3 firecox profiles:
1 for bank cancer
1 for rest of web
1 for when you really want to go on some cancer site
firefox --ProfileManager
then
firefox -P bank
firefox -P nojs
firefox -P js
using the same instance of firecox for bank as the rest of your browsing is pretty cringy

Name is something about fire and foxes.

Install gentoo

He didn't suggest that. And the suggestion made actually does improve privacy.

Ur adorable.

Download Tor Browser.

literally no one cares what faggot music you listen to op. they do care about those vials of 3-MeO-PCP you ordered from the deepweb though

Only if you ordered a lot of it.

3-MeO-PCP is legal in most countries.

           ,!\          !    \         i  \         l      \,,..__          ,i′  ,\___,,--―l       \::゙'冖ーi、、        i     :;\::::::::::..l              `'‐、、       /__,..;:r---―-、,..__.     ,;'il:;}          .;:::`L__   ,.:f''""゙゙゙´          、 ̄ヽ,//           ...::::::l;;;:;;::::  _/       ......  、   \//、            ::::::::リ;;:::::::::....//       ......:;::::::::::::. ヽ、\ ゙ヽ  ヘ    ●      ....:::::::::i';;;;::::::::::::;;/    ::::::::::::;;;;;ノ ̄\:: 〉 〉゙'、 `ヽ_ノ       ......:::::::.;;;:ノ:;;;:::::::::::::/    ..::::、__;;ノ;;;`ヽ_/: / /⌒)メ、_ノ/         .....:::::;;;/;;;:::::;;:::::::::     ..:::イ;;.ヽ::;;;;;;;;;(__ノ /'"..:::::::::::::/  ...............:::::::::::;;;,;ノ;;::::::::::::::::     :::::::l;;;;;;;;;\;;;;;;;,.(__ノ;.;:.\:::::::::/::::::::::::::::::::::::::::;;;;;/;:::::::::::::::::    ::::::::,!::;;;;;;;;;;:.`゙'-、、  ::: \_/::::::::::;;;___,.;-―''"::::::::::::::::::::::::   ..::::::::::,!;;;;;:;;;;;:::;;;;;:::;;;;;;`゙ ̄'''冖''―--―'";;;;;;;;;:::::::::::::::::::::::::

Flash player bypass proxy settings.

and still not a single mention about location services

I'm assuming you're on a phone that that phone is connected through cell service and not wifi-only. If that's the case, the towers that you connect to are leaking a less precise location of yours.

What is this, 2007? Your ISP snooped on your unencrypted traffic and sold it to Google immediately.

You are probably still leaking your ipv6. Just go and disable it for your network, unless your router is retarded and requires it.

Be happy yours supplies a website instead of a Winblows-only binary app.

Trying to make a checklist for security hardening.
The guides might not all be the best, but is there anything I've missed? Some of it is straight up miscellaneous shit.

BIOS------------------------------------------------------------------------------------------------------

Coreboot
coreboot.org/Build_HOWTO

Libreboot Hardware Support and Set Up
libreboot.org/docs/install

Pre Compiled Libreboot ROMS
mirror.math.princeton.edu/pub/libreboot/

VPN--------------------------------------------------------------------------------------------------------

VPN Reviews
pcmag.com/article2/0,2817,2403388,00.asp
cnet.com/best-vpn-services-directory/
pcworld.com/article/3198369/privacy/best-vpn-services-apps-reviews-buying-advice.html

OpenVPN Set Up
openvpn.net/index.php/open-source/documentation/howto.html
torguard.net/knowledgebase.php?action=displayarticle&id=53

WebRTC Detection
ipleak.net/

Filesystem Encryption--------------------------------------------------------------------------------------

cyberciti.biz/hardware/howto-linux-hard-disk-encryption-with-luks-cryptsetup-command/

RAM Disk---------------------------------------------------------------------------------------------------

techrepublic.com/article/how-to-use-a-ramdisk-on-linux/
howtoforge.com/storing-files-directories-in-memory-with-tmpfs

Malware Detection------------------------------------------------------------------------------------------

howtoforge.com/tutorial/configure-clamav-to-scan-and-notify-virus-and-malware/
howtoforge.com/tutorial/how-to-scan-linux-for-malware-and-rootkits/

Firewall---------------------------------------------------------------------------------------------------

IP Tables
howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/
booleanworld.com/depth-guide-iptables-linux-firewall/
digitalocean.com/community/tutorials/how-to-set-up-a-basic-iptables-firewall-on-centos-6
digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-iptables-on-ubuntu-14-04

UFW
digitalocean.com/community/tutorials/how-to-set-up-a-firewall-with-ufw-on-ubuntu-14-04

Security Modules-------------------------------------------------------------------------------------------

AppArmor
help.ubuntu.com/lts/serverguide/apparmor.html
wiki.archlinux.org/index.php/AppArmor
debian-handbook.info/browse/stable/sect.apparmor.html

SELinux
wiki.centos.org/HowTos/SELinux
digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-1-basic-concepts
digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-2-files-and-processes
digitalocean.com/community/tutorials/an-introduction-to-selinux-on-centos-7-part-3-users

Miscellaneous---------------------------------------------------------------------------------------------

Disable USB Storage
cyberciti.biz/faq/linux-disable-modprobe-loading-of-usb-storage-driver/
sudo echo -e "blacklist uas\nblacklist usb_storage" > /etc/modprobe.d/blacklist_usbdrive.conf

Spectre / Meltdown Check
github.com/speed47/spectre-meltdown-checker
cyberciti.biz/faq/patch-spectre-vulnerability-cve-2017-5753-cve-2017-5715-linux/

Generate Random Passwords
howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/

Secure Delete and Test Recovery
github.com/gordonrs/thc-secure-delete
github.com/cgsecurity/testdisk

Anonymity Network
torproject.org/

Email Encryption
openpgp.org/software/

Security-Enhanced Linux Distribution for Servers
openwall.com/Owl/

Live OS
tails.boum.org/

CentOS
centos.org/
centos.org/docs/5/html/Deployment_Guide-en-US/rhlcommon-chapter-0001.html

...

...

T. oblivion kite shield

uhm excuse me sweetie what is this?

Attached: dataminers.png (651x648, 37.31K)

What is the utility of RAM Disk in privacy situations ?>>897365

I like more Mullvad is so fucking good

It's more of a "if shit hits the fan" situation.

Yeah in my opinion it's a waste of time. If you give a fuck use adnauseam.io or ublock.

I suggest directly tampering the DNS servers in your router although DNS combination (dns1 dns2) can be fingerprinted so don't use a fallback (only fill up dns1 or fill the same values).

it has to be done in the router otherwise non-failsafe events or botnet wlan cards will and can leak out requests which will bypass your ring3-level computer dns settings

Clear cookies and local storage, disable WebRTC. Use SOCKS5 and you must proxy DNS as well which is a common detection mechanism. Now check ipleak.net or similar.

What is browser fingerprinting

and stuff like google safe browsing = every dns request you do is sent straight to google with your browser installation id ..

you're much better blending in with the crowd

Easy answer.
Your browser knows your wireless BSSID and google street view not only toke pictures of your house, but also scan wireless networks and store their BSSID.
You can actually do a reverse BSSID using google to know, with a decent precision, where the fuck you are. Also, google not only watch your BSSID but also your neighbors, just reconfigure your AP will not do shit because you are sending your neighbors location which allowed them to pin point you.

Attached: 1511457771748.jpg (586x1013, 34.47K)

If you guys think i am a lier, here is the google API to use geolocation.
developers.google.com/maps/documentation/geolocation/intro

It has no business knowing it. The web browser has nothing to do with connecting to or disconnecting from a specific BSSID. If it collects such information that simply means it snoops around your system and collects data it has no business collecting.

...

...

come on now

TURN OFF THAT PESKY ADBLOCK

Using jewgoogle while logged into youtube and on a VPN? Facebook? Twitter? EVER? pure pwnage son.

Attached: 0_952ea_b49c94d8_XL.jpg (800x600, 173.94K)

Everyone's saying don't use google, but how is google getting your location if you're using a vpn? I thought that was the whole point of the vpn

(heiled)
Is javascript enabled?

Browser Fingerprinting (cookies, user-agent, JS, screen resolution, etc.)
panopticlick.eff.org

This
Also check for DNS leaks and make sure you've got dropout protection.

webrtc botnet leakage

this would not happen if you used Tor Browser

you gotta try harder, shlomo

How does 8ch track users? I don't keep cookies and scripts are blocked but my posts still get marked. Does it tie posts with ip?

...

use hammers, shotguns, lava

YOU NEED TO GO DEEPER

Use your imagination. One thing I do with RAM disk is run Firefox from it. I set firefox user's home directory to /tmp/whatever, and have a wrapper script that wipes and re-creates that directory, then runs firefox. So it never gets any kind of permanent storage. Every session is 100% from scratch.

the user agent Tor Browser uses (last time i checked) is:
Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0

which browser gives gives out your BSSID? i don't want these nigger features within 10 miles of me

letting websites query what screen resolution you use
lol kys

Some people want to pass packets over a network faster than you can walk them there.

found the web shotter

You're embarrassing yourself m8

...

brb brah. Yo boss gimme 2.5 days off so I can spend it installing Gentoo. WTF is Gentoo? Only the bestest OS ever.

heads is the same as tails but without systemdick, a de-blobbed kernel hardened with grsecurity, and awesome WM.

firejail --private firefucks
less work but not as fast as RAM

Cookies, browser fingerprints, and you're probably using a shit proxy

X-Forwarded-For

that doesn't happen anymore as of the last year or so since cuckflare whitelisted tor browser

That's not true. They just provided an OPTION to whitelist Tor. But THE SAME OPTION also allows sites with cloudflare to completely block Tor users.

opt-in or opt-out?

all cuckflare sites now allow tor browser users to view them without needing to fill a captcha. by default. an option to block tor users isn't even relevant as people do this just as often without cuckflare. the main problem with cuckflare is that when your IP is blocked you need to change headers to match tor browser, which is retarded and is against web standards (which are already very low to begin with)

support.cloudflare.com/hc/en-us/articles/203306930-Does-CloudFlare-block-Tor-

"The IP addresses of Tor exit nodes may earn a bad reputation, elevating their Cloudflare threat score. Our basic protection level issues CAPTCHA-based challenges to visitors whose IP address has a high threat score"

So Tor traffic is blocked BY DEFAULT if it was determined to be "malicious". Of which 94% is (source: darkwebnews.com/anonymity/tor-malicious-cloudflare/)

And not only that, but "Since late February 2016, Cloudflare treats Tor exit nodes as a "country" of their own. There's no geography associated with these IPs, but this approach lets Cloudflare customers override the default Cloudflare threat score to define the experience for their Tor visitors."

and

"The options for Tor are:

Whitelist (trust)
CAPTCHA (visible challenge which the visitor must interact with to pass)
JavaScript Challenge (visible challenge with less friction, testing the browser)
Block (blacklist -- available only to Cloudflare Enterprise customers)"

So 94% of Tor traffic will be served a captcha AUTOMATICALLY, and even if it was not determined to be "malicious", a Cloudflare customer can still choose to Captcha or block ALL OF IT.

IP address is just one piece of the puzzle.

A lot of sites use canvas fingerprinting and other methods to track people these days. It's why the Tor browser does a lot more than just change your IP address.

Yeah that's old news. Right now when a tor node is blocked, you can get around it by using Tor Browser. or making a request that looks like this (example from tor browser):GET / HTTP/1.1Host: niggers.comUser-Agent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflateConnection: keep-aliveUpgrade-Insecure-Requests: 1
Yeah but that's largely a small issue. Only a few autists explicitly go into their configuration to block tor. They've been doing this since the early 2000's without cuckflare. Like I said, the main problem with cuckflare is that it blocks tor by default (but you can get around it as of this year).

There's still ways to bypass even that. Years ago I heard they were working on identifying people through the way they write their forum posts. I guess it's probably advanced now.

Really? I've never heard of that and even searching now I find nothing. Where can I read about it?

I get the idea they started doing this a millenium ago.
No idea, I figured it out myself after about 6 years of filling out cuckflare captchas. Basically just using that User-Agent will bypass the captcha in most cases.

Haha. Such a hacker you are (no really, I'm impressed).

decent list

websites can request your real IP if that's a tranparent proxy (iirc).

VPNs are high integrity data mines these days.

There are some new features since I last looked there. Nice.

Attached: Screenshot_2018-06-24.png (1024x743, 96.98K)

There are many ways. Essentially it is botnet.
Your browser will have a lot of info stored on you already. Make a separate user for your 1337 browsing, or use a virtual machine (with NAT connection, not bridged NAT!), and ensure your firewall doesn't leak when the proxy disconnects by 'accident' (this means adding firewall rules that blocks ANY internet connection (outbound traffic particularly) UNLESS connected to the proxy. Look up "VPN leaks and how to avoid them" for more on this. So you switch it off to connect, then switch those firewall rules on once connected to the proxy. If the connection to your proxy hangs up for any reason you don't continue Internetting through your normal connection while leaking your normal IP and location as you do so.

Browsers also phone home. Some you can turn off, but there no way to be 100% certain.
support.mozilla.org/en-US/kb/how-stop-firefox-making-automatic-connections
Plus use non jewgle service replacements like startpage.com

wew


You're a fucking retard. Literally all geolocations services use WiFi names to better approximate your location. The data about WiFi networks and cellular towers is downloaded from their server (obviously) but the calculations are done locally on your machine.
That API is for smartphones. There are other services from Apple, Mozilla and other providers. See UnifiedNlp for more information.


No browser knows this nor do they send that information (well, at least not free software ones.)

lel.
Step 1: Maximize browser window.
Step 2: There is no step 2. You've already finished.

Well done, you've just told the website what screen resolution you use.
HTTP request has UserAgent info = OS and hardware to a fair degree of certainty.
+ maximized window can be used to calculate screen size and resolution.

a) Don't use Google
b) Use a SOCKS proxy and tunnel your DNS through it if you're using a Mozilla based browser (ex. Icecat, Firefox, Pale Moon, etc).

If you use a firefox based browser press CTRL and + or CTRL and - to change reported resolution. There goes that fingerprinting method.
Then use a useragent switcher and disbale special functions that still report said information like webRTC and firefox's canvas.

Yes user, those are the bypasses, but the fact that any bypass is needed is the issue. I was confirming the fact that the screen resolution is snooped that denied happens.

AHAHAHAHAHA
If it has an ad, it's bound to be bad.

Anonimity!! If you want to go dark, drop all wrired/wireless devices. That's the only sane way. I've been swimming in this "connected world" long enough to learn about detox. Leave for trees and rocks and real life - Meaningful things, the rest is all rotten.

You want to go low on your electronic imprint, deactivate all of your actual profiles: Gmail, Facebook, Twitter, ... They won't be deleted but at least inactive. All to the garbage bin. Create an new email address without your real info (protonmail & gmx are good choices). Never conduct any family or real identity related business on it - keep IRL for IRL. Never connect to it from the vacinity of your home (if you still decide to keep your home internet wire alive - I would suggest a new ISP or even moving from your actual home to another). Use hardware that YOU and only YOU can configure and that doesn't do too much. A router should route, not make coffee from a shiny Web2.0 HTML5 NeuralNetworked interface. Of course, No WiFi, No Bluetooth, Chromecast, Connected doorlocks, ... Wires only, if necessary. Deactivate IPv6. If you want to set up a WiFi spot: 1) make it hidden, 2) put on a "passphrase", 3) set up a mac address filter or an ACL of some sort.
Use VERY long passwords and use an offline pocket password manager locked with at least a +7 digit pin that you keep close.

Use a VPN for whatever you want to do on the net. Pick a VPN provider and roll around their servers everyday; choose the strongest crypto configuration available.

If you run any other OS but a serious Linux based system (forget Ubuntu, Mint, ...), it's time to switch.
I would recommend ArchLinux + X11 + i3 = Minimalism. There's no truly hermetic system, it's all about how tight you are regarding OpSec. What is life in this connected 21st century world but constant OpSec? You can also use live distros booting from USB - reflash the drive every now and then.

If you have a laptop, use WiFi dongles (5 - roll them around randomly) and keep your laptop's WiFi card off - remove the drivers (same for devices you won't use, ie. webcam). If you can buy the dongles in cash, that would be great. BTW, if you can buy all the hardware in cash without having to provide any ID, you're doing it right. Try to choose least common hardware, stuff few poeple care or know how to break into or track. If you can & know how, make your own :) [ie. I'm running my own routers using my own chip design on an FPGA with my own implem. of all protocols and stacks + my own IDS and filters + crypto]

Another trick is to always use a VM rather than the native OS, which in this case serves only to run the VM Manager. You can change the hardware configuration of the VM as you wish and after some time delete it and use a backed up copy to go back to 0.

Configure your browser for no history, no cookies, no ads, no scripts, ... no flash player, ...
Or, use lynx in command line mode for HTML only. You can use Tor browser if you wish.
If you run a smart device, keep your identity away from it - no personal email, ... Use Orbot & Orfox if you go for an Android device. Configure VPN and always turn WiFi/BT/4G/... off if you're not online eyes on screen. Turn all auto-whatever off. Make sure you can take off the battery of the smart device before you buy it. Devices with in-built batteries are a huge scam, fruit for thought.

Keep your real life activity away from your cyber activity. Use encryption whenever you see fit (always), make it hard for anybody to use anyhting you leave out there against you or even link it to you. Your activity has to look mundane and make no sense for it to be lost in the infinity of the cyberverse.

Y

How do you make separate profiles like you are suggesting in Firefox? Can I do it on Pale Moon as well, I assume so.

What does this mean?

dnscrypt

Privacytools.io

Pretty informative resource

I wasn't talking about screen resolutions, I was talking about that retard saying that the browser somehow sends to Google your BSSID.

Websites cannot know your screen resolution per sé, all they get is the drawable surface inside your browser. Changing the bottom bar's height, adding a bookmarks bar, adding a bigger window bar or changing your zoom changes the resolution reported to websites. If you really care about this, just look for the most common screen resolution and adjust your window for it.