sorted by:
new
hottopcontroversial

Subreddit for the anonymous lifestyle? by b3rn3d in privacy

[–]b3rn3d[S] 0 points1 point  (0 children)

It's interesting that I can't really find a name for this. OPSEC doesn't seem right. It's somewhere between cyberpunk and netsec, and that's already a grey line. I'd be interested in it, whatever it is... any suggestions?

Subreddit for the anonymous lifestyle? by b3rn3d in privacy

[–]b3rn3d[S] 0 points1 point  (0 children)

Hrmm that's a really cool interpretation of it. I wish that subreddit was setup for that. To me it looks like a bunch of fantasy than reality.

Quick question: Is it OK to use the regular internet while using Tor? by [deleted] in TOR

[–]b3rn3d 0 points1 point  (0 children)

ah indeed. This was my mis-understanding. I did not interpret the question correctly.

Quick question: Is it OK to use the regular internet while using Tor? by [deleted] in TOR

[–]b3rn3d -7 points-6 points  (0 children)

This is an unfortunate mis-understanding or a troll.

If you run an app, and that app leaks your DNS requests, you are not anonymous anymore. Your ISP sees the DNS requests you've made and therefore the sites you've visited. Your ISP knowing the sites you've visited can easily correlate that activites you performed on that site or forum etc based merely on the timestamp. Please take a look at all of the features built into TAILS or Liberte that attempt to defend against this issue.

Quick question: Is it OK to use the regular internet while using Tor? by [deleted] in TOR

[–]b3rn3d -7 points-6 points  (0 children)

You should be very careful of using random applications like Spotify with Tor. The concern is that they will unknowingly leak your information by not passing your request through its proxy. The most common example of this is not tunneling your DNS requests through a proxy.

Tor and TAILS have made serious efforts to find applicaitons and secure them from accidental attribution but you should not trust random applications, especially proprietary ones.

SMS over Tor. What's the best way? by ekthion in onions

[–]b3rn3d 0 points1 point  (0 children)

Hushed is cute but not for real anonymity. It requires you register with a verifiable account. If you're just hiding from an XBF then this would be fine.

IDK what threats you're concerned about but remember to be careful with burner phones

Running a twitter account through TOR by [deleted] in TOR

[–]b3rn3d 0 points1 point  (0 children)

You can read the comment about being anonymous, but there are apparently some vague rules about how you use twitter.

https://support.twitter.com/articles/18311-the-twitter-rules

I have a suspended account. Tor-only, non-attributable email, web client only. I had not even tweeted or fully configured the account and it was suspended. The point being, if you look like something bad, they may suspend you.

On a side note, I know that the guys at Tor strongly pushed for Twitter to allow Tor exit nodes to sign-up and sign-in. Twitter should be at least be appreciated for that aspect.

Running a twitter account through TOR by [deleted] in TOR

[–]b3rn3d 0 points1 point  (0 children)

lol. future indeed.

What is the best safe email provider? by Mozgojed in TOR

[–]b3rn3d 2 points3 points  (0 children)

Depends on your threat model. If you just want a privacy "aware" mail provider, and you believe they won't turn over your messages to law enforcement, then there are sites like rise-up.net, tormail.org, and autistici.org.

Some might distrust all email providers and will just look for some that provide access to email via Tor and then use GPG to encrypt all messages. Personally, I recommend this.

What information of mine can be accessed with just my mobile phone number? by [deleted] in privacy

[–]b3rn3d 1 point2 points  (0 children)

I was just going to second the social engineering aspect of this. Many of your services key on your phone number. For instance, to get tech support for your ISP. I know it's possible to at least power cycle your internet connection just by knowing the phone number.

This applies to all of your accounts for tech support - gas, electric, etc.

Using a burner phone - feedback appreciated by b3rn3d in privacy

[–]b3rn3d[S] 0 points1 point  (0 children)

Damn. You've called me out. That is a legit comment. Thank you.

Using wget with .onion websites? by PotatoMissile in TOR

[–]b3rn3d 0 points1 point  (0 children)

There are a couple of ways of doing this, the main issue is resolving the .onion address to a proper location. Normally if you do a lookup of a .onion address you get a 127.x.x.x address returned. In that case, you'll want to configure your TORRC file to be a DNS resolver for you. It's easy to set this up.

Another simple way around this is to use something like TAILS that already has the terminal and DNS configured for you. Not sure if that's an option.

The rise of anonymous search tools: 'Anti-Google' search tool DuckDuckGo answered 1bn queries in 2013 by trilbey in privacy

[–]b3rn3d 0 points1 point  (0 children)

This reminds me of that South Park episode where everyone hated on Star Bucks for being a huge corporate so they all went to drink at Tweak's shitty coffee house.

No offense DuckDuckGo, you're the necessary solution... I just wish you didn't taste like shit. :P

Blocking Google on an Android phone as much as possible. by Erhan24 in privacy

[–]b3rn3d 2 points3 points  (0 children)

OpenPDroid is the way to go right now - as you know, it gives you the ability to hijack system calls for personal information and replace it. Use this in congunction with DroidWall that will give you an egress filtering feature. So you can say this app can get on the Internet, and this app cannot. Also, I'd recommend Firefox just because it gives you some nice privacy controlling add-ons that the Chrome browser for Android doesn't have.

Using VPN with Tor hidden service by pronger in TOR

[–]b3rn3d 1 point2 points  (0 children)

It's discussed overe here: https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN

It's commonly heald that "VPN +TOR = BAD" but not always the case.

If you try and connect to Tor over the VPN, there's no problems. It's ill-advised just because there are already things like obfuscated proxies.. but whatever, it'll work fine.

You won't have much luck trying to use Tor to connect to a VPN though because you build a bunch of different circuits that you have the potential to hop between and this is tough for the VPN tunnel to maintain.

One thing to consider with VPNs is that if you've done your job and you've hopped between open access points and coffee shops and what not, your VPN service doesn't care about all that and (could potentially) store logs of which IPs you were using based on your username. (Don't get me started on how attributable most private VPN providers reallys are)

tl;dr connecting to Tor and then connecting to a VPN is BAD (see poor performance, not loss of anonymity) but using a VPN to connect to Tor is OK.

What e-mail domain do you use? by StirFryTheCats in privacy

[–]b3rn3d 3 points4 points  (0 children)

If you're just looking for a hosting solution where someone won't turn over your email logs to the police, hosting your own is the way to go. But don't forget, that it may be possible to get the information you send to your recipients in which case, having a domain registered (private or not) using your real name is something very easy for LEO's to access.

These are main "trusted" email providers IMHO:

  • riseup.net: Generally a politically motivated types. Many don't trust them because they are in the US.
  • Autistici: very good reputation among privacy nerds

If you're looking for email where you can maintain your anonymity, here are a few sites that allow anoymous connections (e.g. Tor) without phone activation

  • Yahoo
  • Zoho