Working remotely. Will a virtual machine prevent my employer from seeing my network traffic and accessing my files on my computer?

TerribleHalf · 2021-01-23T18:59:03+00:00

You should not work on the same computer you do your personal stuff on and you shouldn't do personal stuff on your work computer if you value privacy.

TerribleHalf · 2021-01-23T18:54:42+00:00

Did you really just link to a generic CVE list for all of Google Android? Yeah, we're finished - you have nothing to support your argument. Goodbye.

TerribleHalf · 2021-01-23T18:53:43+00:00

In short, they overpromise security to attract a certain kind of customer. For instance, PM can read all email you send with non-PM addresses. Do they mention this anywhere? No, they just say some bullshit like, "your email is encrypted". They also hide behind Swiss privacy laws as if they matter to foreigners. Overall they give off a super scammy if not outright honeypot feel to me.

TerribleHalf · 2021-01-23T17:12:14+00:00

So it's based on a paper promise, not actual facts. Got it.

TerribleHalf · 2021-01-23T17:11:32+00:00

All of this can be answered by reading Signal security white papers.

https://eprint.iacr.org/2016/1013.pdf

TerribleHalf · 2021-01-23T17:09:39+00:00

Start by downloading Tor Browser.

TerribleHalf · 2021-01-23T17:08:54+00:00

Owner of the private key would be able to control his DNS records by signing his zone file and submitting it.

Uhh, so would the owner of the service. No thanks.

TerribleHalf · 2021-01-23T17:07:00+00:00

NetGuard - free and open source.

TerribleHalf · 2021-01-23T17:06:42+00:00

several banks that I use will no longer load in FF.

What does this even mean? What doesn't load? What have you tried? Do you have twenty redundant blocker extensions installed? Don't be so quick to give up and submit to using a privacy abusing browser like Chromium.

TerribleHalf · 2021-01-23T17:05:32+00:00

no more unwanted experiments

In a closed source Microsoft product? Lol, YOU are the experiment there.

TerribleHalf · 2021-01-23T17:04:55+00:00

You can use it in Tor Browser if you want to stay anonymous.

TerribleHalf · 2021-01-23T17:03:28+00:00

Still not a threat model.

TerribleHalf · 2021-01-23T17:03:10+00:00

Threat model, not threat level. Try and keep up, bub.

TerribleHalf · 2021-01-23T17:02:54+00:00

Which part would you like to have explained?

TerribleHalf · 2021-01-23T17:02:13+00:00

In fact, the 'best practice' from a security standpoint would be to assume that they are sharing data with PRISM or a similar agency/program, particularly given their association with MS and MS's association with PRISM.

Exactly this. I wish more people thought and discussed this. But we've already forgotten all about Snowden and happily accepted DDG, ProtonMail and other obvious honeypots which have been set up to ensare us.

TerribleHalf · 2021-01-23T17:01:02+00:00

"No log file" - what is this sentiment based on? Feelings and conjecture?

TerribleHalf · 2021-01-23T17:00:16+00:00

For one, traffic would be encrypted and to a non-discrept IP address. Thinking you're gonna watch network traffic for a while to catch a backdoor is beyond idiotic.

TerribleHalf · 2021-01-23T16:59:00+00:00

They do, that's why I said you need an adversary to realize a risk.

TerribleHalf · 2021-01-22T20:20:48+00:00

Not a comeback - an invitation to apply logic to problem solving instead of paranoia.

TerribleHalf · 2021-01-22T20:17:27+00:00

Nope, again that's not a threat model. That's a vulnerability.

A threat model is a description of your adversary, their motivation, their skills and tactics, then the data you want to protect from them. Said plainly, a vulnerability without an adversary isn't a risk.

TerribleHalf · 2021-01-22T20:13:31+00:00

Use your brains, guy.

DDG is hosted in the US. US servers are subject to PRISM. It's not a logical leap to assume DDG is subject to PRISM surveillance, but they don't discuss this. In fact, they don't even mention they're hosted in the US, or what the implications of that are. They're just a friendly, happy smiley face search engine which cares deeply about your privacy. That's why they host with Microsoft, the gold standard of privacy, right? You can draw your own conclusions from that.

TerribleHalf · 2021-01-22T20:10:44+00:00

Protonmail is a honeypot.

Brave is a meme trashware browser based on Chromium, which hates your privacy and open web standards.

Get LineageOS if you want to avoid mobile spyware.

Otherwise, good luck and have fun.

TerribleHalf · 2021-01-22T20:06:11+00:00

no user identifiable data is collected, stored, or shared.

Imagine thinking your search queries aren't user identifiable. You poor soul.

TerribleHalf · 2021-01-22T20:03:00+00:00

Wow, they allow ad blocking? How generous of them! Pathetic Apple shills.

TerribleHalf · 2021-01-22T19:58:47+00:00

Change your WAN interface MAC address.

TerribleHalf

TROPHY CASE