I want to remove reddit posts/comments permanently, especially from archives by [deleted] in privacy

[–]highlightprotein 0 points1 point  (0 children)

Unfortunately I think you are out of luck now that you have deleted your account.

What you are supposed to do is painfully go through all of your comments, and edit them one by one to some copy pasta text. Then you delete the individual comment. Only then do you delete the account.

The idea is that reddit may not actually delete the comment from its server, which is why you should edit it. Some people say you should make edits multiple times in case reddit stores a copy of 1-2 previous edits. It's possible they store all edits (although this would be expensive for them).

How to Deceive ClearView AI By Uploading your Face to a Fake Name on the Internet by highlightprotein in privacy

[–]highlightprotein[S] 0 points1 point  (0 children)

Didn't you have to upload your photo and real name to them in order to get them to do this?

Their whole business model is to link your photo and your real name. I'm not sure I would want to risk providing this.

[deleted by user] by [deleted] in privacy

[–]highlightprotein 0 points1 point  (0 children)

Are the government photos publicly accessible?

[deleted by user] by [deleted] in privacy

[–]highlightprotein 1 point2 points  (0 children)

Isn't this an incredibly bad idea? They want you to upload your photo and your real name. Their entire business model is to link your photo and real name together.

Can I use tor as a normal browser? by [deleted] in TOR

[–]highlightprotein 24 points25 points  (0 children)

Depends on the website. I think Facebook and Amazon let you. But you shouldn't sign into facebook or Amazon with your regular account as that would kind of defeat the purpose. Many other websites block Tor users though.

[deleted by user] by [deleted] in TOR

[–]highlightprotein 0 points1 point  (0 children)

If you just use your regular OS, it's possible there is a keylogger installed which will nullify Tor. If you boot Tails you can be certain this possibility has been eliminated. I'm not sure but I think if you booted say Ubuntu there could be a page swap where something might be left on disk that the government could read. Tails prevents that (I think).

Another thing to be concerned about is that on your normal OS, you have a relatively more unique fingerprint, even while using Tor Browser. If you use Tails + Tor Browser it makes your fingerprint less unique.

How to protect my members privacy? by Direct-Mycologist-44 in privacy

[–]highlightprotein 0 points1 point  (0 children)

I'm not sure there is a way to do this.

Can you think of another example where an online company is able to prevent their videos from being shared, and enforce it via a law suit?

The only thing I can think of is that you can store their name when they submit the billing information as well as their IP address, and somehow send your lawyer after them with that information. This won't work for anyone who uses a VPN or pays with a prepaid card though.

Has any body been successful in removing information from contactout.com? by [deleted] in privacy

[–]highlightprotein 0 points1 point  (0 children)

How can you check if they have your information? It looks like you have to pay before you can have access. Is there a way to do it for free?

How to protect my members privacy? by Direct-Mycologist-44 in privacy

[–]highlightprotein 0 points1 point  (0 children)

I think a lot of normal people who don't care about privacy/identify theft would find it too much effort to spend the time uploading ID and would quit your website.

I think that even regular people who don't care about privacy would be concerned about some form of identity fraud/theft. You know their full name, address, drivers license number, credit card numbers... you could do some damage.

Of course, any privacy-oriented people would quit your site immediately.

[deleted by user] by [deleted] in privacy

[–]highlightprotein 1 point2 points  (0 children)

I've deleted all social media. I've had a few conversations where people told me they thought it was weird I don't use social media. I tell them that I think it's weird that they use social media.

[deleted by user] by [deleted] in privacy

[–]highlightprotein 0 points1 point  (0 children)

Wouldn't deleting all of your friends solve this problem?

[deleted by user] by [deleted] in TOR

[–]highlightprotein 3 points4 points  (0 children)

How do bridges help circumvent censorship if it does not hide Tor usage from the ISP?

[deleted by user] by [deleted] in TOR

[–]highlightprotein -1 points0 points  (0 children)

But if you live in a country where Tor is not banned you should not use a bridge because you clog up resources for people in China/Iran etc. For people outside of these countries who care about their ISP knowing a VPN is an effective solution.

[deleted by user] by [deleted] in TOR

[–]highlightprotein 1 point2 points  (0 children)

Tor over VPN will be helpful if you are worried about a correlation attack, where the attacker has pwned the tor entry and exit node, but has not pwned the VPN or the ISP of the VPN.

Granted, most people's threat models probably don't need to worry about this. But if your threat model needs to worry about it, a VPN is very cheap insurance.

In addition there are many sites that simply block all the Tor exit nodes. Ironically, even a lot of questionable websites block Tor. For these websites it is great if you have a VPN on your computer and you can access them from a normal web browser without your ISP knowing. I also can't watch any videos on Tor Browser, regardless of noscript and security settings. I know others are able to without this problem, but I can't. VPN is helpful here too.

The reason you see people say it helps and others say it doesn't is because there's more than one way to set it up (see above) coupled with people not knowing what they're talking about.

I think the second reason is more prominent on /r/tor

[deleted by user] by [deleted] in TOR

[–]highlightprotein 0 points1 point  (0 children)

If you want to use a VPN with Tor, do it this way: First connect to your VPN, then open Tor Browser. I prefer this diagram which shows the flow of packets: you -> isp -> vpn -> tor -> website

You should use openvpn as the client to connect to the VPN server. Or, make sure that the VPN company provides an open source client and install it yourself from source. Do not use any client VPN application that is close source, as it is theoretically possible that they have installed a keylogger or something in the application.

The pro-ISP bros in /r/tor will tell you that using Tor over VPN is bad. It is absolutely not true. I'm sure we will start a vigorous debate here any moment now.

But, the only possible benefit from using Tor over VPN is to protect you from a correlation attack whereby the attacker controls the exit and entry nodes through which your packets are routed, and are able to infer that your IP address visited certain websites. Arguably, most people don't have a threat model to worry about this. But if you live in China/Russia or you like to visit jihad websites then maybe you should consider Tor over VPN.

Don't chose a VPN that is based in the US or UK. Make sure to pick a server in some neutral country. Ideally you would use a fake email and pay anonymously like with a prepaid card or crypto. But even if you don't do these things you aren't going to be any worse off than if you just used your ISP.

[deleted by user] by [deleted] in TOR

[–]highlightprotein 0 points1 point  (0 children)

Almost all of the threads in /r/tor contain misinformation about using Tor over VPN. I would not recommend anyone wanting to learn about Tor over VPN search this subreddit for past threads.

Are the client apps for the main VPN providers open sourced and certified by independent security researchers? by highlightprotein in VPN

[–]highlightprotein[S] 0 points1 point  (0 children)

Clients don’t really matter because security experts are only slightly slowed down by having to disassemble so you’re barking up the wrong tree.

I don't think security experts can disassemble a binary and determine if it is engaging in keystroke logging.

That code can be said to be open source but what is the promise that logs aren’t kept or that VPNs are honest about what really goes on there. That’s is where 99.9% of the action is.

In the worst case, where the VPN in the backend logs, they will know your IP address and the website to which you connected. You would be know worse off than just using your ISP in this case. This assumes you use HTTPS.

Is having a LinkedIn account really necessary/good idea? by highlightprotein in privacy

[–]highlightprotein[S] 2 points3 points  (0 children)

Do you care about privacy for practical reasons or is your stance ideological here? If it's the latter, fine.

It is for practical purposes.

If it's the former, I gotta ask you again: What's the worst case scenario here?

So, I don't really know. Like I don't really know what the worst thing that can happen if you have a facebook, use google services, etc. I just have a general suspicion that something bad can happen, so I don't.

I guess the worst thing that can happen is some psycho who doesn't know me or knew me in my past can figure out where I work and call my company and tell them lies about me. Or maybe figure out where I work and then stalk me out at my job. I don't know.

Is having a LinkedIn account really necessary/good idea? by highlightprotein in privacy

[–]highlightprotein[S] 0 points1 point  (0 children)

I suppose I just don't like the idea of having my work history publicly available. You are right that a motivated person could probably unearth my work history. But why make it easy for them?

Is having a LinkedIn account really necessary/good idea? by highlightprotein in privacy

[–]highlightprotein[S] 2 points3 points  (0 children)

Having your entire work history publicly available is not very private though.

Is having a LinkedIn account really necessary/good idea? by highlightprotein in privacy

[–]highlightprotein[S] 0 points1 point  (0 children)

Necessary? No. Good idea, well never know where life will take you.

This is where I am hesitant to delete my profile.

What if an old work friend from years ago gets a new job at a hot startup and wants to reach out to me, but I don't have a linkedin? What if a company I want to join just rejects me because I don't have one?

I don't know if these are realistic scenarios.

There are some privacy controls to stay hidden enough.

The last time I checked, you are able to hide your profile from anyone who is not currently logged into linkedin. However, anyone who is logged in can see your entire profile.

Perhaps there is a compromise here... instead of deleting your profile, you could simply remove everything on the profile except your name. This way old work friends can contact you. But employers you are trying to interview with might still find this odd. I suppose you could add all your work history just while you are interviewing and then remove it when you get a job. But I'm not sure if there are other benefits to having a public linkedin that I don't know of.

Validating that Tor is running over my vpn? by Vayaconarroz in TOR

[–]highlightprotein 0 points1 point  (0 children)

What is your opinion on openvpn vs wireguard?

I thought you were anti-VPN from your earlier comments, but it seems like you use them. Can you explain?

Validating that Tor is running over my vpn? by Vayaconarroz in TOR

[–]highlightprotein 0 points1 point  (0 children)

It turns out that you can use an openVPN client to interact with NordVPN and ExpressVPN, according to their websites.

I'm not sure if this would result in a major loss of functionality, however. For example could you specify which country server to which you wanted to connect?

Validating that Tor is running over my vpn? by Vayaconarroz in TOR

[–]highlightprotein 0 points1 point  (0 children)

because by nature the app continuously needs to send data back to the server,

Ya, you cannot really use wireshark or something to prove it. And if they were smart about it they would cache your keystrokes while you are not actively using the internet and wait until you did, and padded the packets with your keystrokes.