/tech/ - Technology

is there a way to tunnel my traffic on linux somehow so it's harder for people to know what i do or where im from

>best private mail host?
Never trust your data on another persons computer, even if you know them, which you don't in the case of all public mail hosts that I know of. You should obviously avoid the most shit bottom-of-the-barrel ones like Gmail and Outlook. I simply use multiple Protonmail accounts, each one dedicated to a single thing. I use e-mail so infrequently and for such trivial things that Protonmail is good enough. There are better ways to communicate with people if that's your goal.
>best private browser?
A complicated question! Are text-based browsers the most private? It would seem so, but modern websites are extremely malicious and powerful and can extract fine details about what browser you're using, the most obvious of which is your User Agent, so using esoteric browsers may end up having an opposite effect. I personally use Firefox but eventually I'd like to start using Ungoogled Chromium. Google is actually serious about their security (separate from privacy!) unlike Mozilla and actually knows how to design browsers. Pale Moon is an outdated joke. Brave is a crypto scam pretending to be a browser. uMatrix and uBlock Origin are  great extensions to have but ideally you'd be writing firewall rules instead to block trackers and advertisements.
>how do you stay private online?
By focusing on my doxability. Its very easy to fuck yourself. Lots of people use the same usernames on various sites and I've doxed many, many people this way. Tools like Sherlock make it too easy. Using multiple e-mail addresses, multiple usernames, multiple passwords, and steering clear of websites like Facebook, Instagram, Google, Reddit, Etc. does so much for your privacy its not even funny. I rarely use Tor because its overkill, slow, and websites like to block it. VPNs are much more versatile and are enough protection for 90% of cases, especially piracy.
>how do you airgap your phone?
By not having one. When I do need a phone a simple flip-phone is more than enough. The battery can be ripped out in less than ten seconds. If you need an actual computer on the go just carry a laptop with you.
>Best VPN
Mullvad, but take care to remember the very first sentence of my post.

>>9162
 Yes sir, look into wiregaurd. Simple, fast, and secure.

>>9166
What is Sherlock? I am interested.

8c9ff9fa1f2064b70e970dedaed84ffa66915a566b6212e2c1c512bd7d418236.png
[Hide] (1.5MB, 2560x5460)

>>9178
https://github.com/sherlock-project/sherlock

Its used to look up a username on hundreds of sites automatically.

https://mullvad.net/en/browser
https://blog.torproject.org/releasing-mullvad-browser/
This is interesting, basically Tor Browser without Tor, weird that it's shilling a VPN but it is developed + signed by the Tor team. Had a quick look and the main differences are branding and the inclusion of uBlock Origin plus some Mullvad VPN checker thing.

>>9308
Torproject is dead amen

>>9308
https://github.com/mullvad/mullvad-browser/issues/1#issuecomment-1495247827
The arkenfox lead has shared some thoughts.

Here's what I know to use for privacy:

>Jails & Containers
++ Fairly simple to set up
++ Less resource intensive than VMs (especially if you're on a poorfag setup)
-- You're still on the host OS

>VMs
++ Contains a whole OS on the machine
++ By default is completely isolated from the system
-- Resource intensive unless you got a rich man's PC
-- Completely pointless if someone breaks into the host OS anyway

What are some other software that can be used for privacy and security?

>>9161 (OP) 
I had thought of a way to "shut up the hacker/google/mac/fbi/cia agent in your phone" when you're obligated to be stuck on a botnet phone:
>Make a box that is hollow and designed to be filled with sand in it's walls.
>Store an electronic white noise generator in it
>Make sure the lid is capable to be sand-filled too.
>Turn on noise generator.
>Store your botnet phone in the time-out-box when needed.

The idea is simple: in industrial soundproofing, it's the weighty, dense materials that actually prevent sound leakage. White noise is also used as a noise-mask in conferences to keep recording devices from snooping in. Combining these both would essentially shut out both passive and active spying, with the sand muffling environmental noise, while the white noise completely drowns out anything that would be barely audible.

Even better than white noise, is something like MyNoise.net's Audio Jammer. Which is distorted white noise that is meant to sound similar to human speech, and is an absolute nightmare for audio engineers to clean up.

170.jpg
[Hide] (102.4KB, 1024x683)

You can get real fancy, but without trickery you will have a hard time pulling off anykind of privacy/opsec. Its all humans who made this, so if someone will watch just let them see what they expect to see. Nothing more.

>>9647
Download terabytes of furporn to ruse the glowniggers. Trust me, it'll be funny.

1695427200225709.jpg
[Hide] (460.5KB, 1200x675)

what components and peripherals would you guys recommend when building a PC around privacy? 
It seems tbat every CPU ever made has a back door though.

>>11716
Depends on your definition of privacy.
Privacy is a matter of trust. Open source software is more trustworthy because you can audit it, that doesn't mean there is no backdoor.
Trust is not necessary if you can verify the object. Usually it takes too much time or is impossible to do. For example, verifying chips is nearly impossible without destroying them. This mean you are stuck with trust at least on hardware.
On hardware level, the best you can do is open source FPGA, but they are too damn slow.
The next level is CPU without spectre. All modern CPUs are vulnerable to spectre and their friends, even with mitigation there are lots of 0days on ((( their ))) hands in this category. This excludes all CPU with out of order execution or branch prediction. For example, Allwinner A20 with cortex A7 fits the bill. These CPUs are very slow, but are still good enough for text-based work.
If that speed is too slow, you need to ignore spectre and go for CPU without built-in ((( security ))) such as Intel ME, AMD PSP or ARM Trustzone. For example Allwinner A10, A20, and Librebooted T400 with erased Intel ME.
If that is still too slow, you need to look for blobless or open sourced-blobs hardware. Many parts of your computer have processors, they can load firmware and run them. The best you can do is blobless or open-sourced blobs. For example, ath9k(_htc) wifi adapters have open sourced firmware and vivante gpus have full open source software (you can find them in i.mx6 processors).
If finding those exotic hardware is too expensive or too hard, or they don't satisfy your needs, you can at least look for hardware with open source drivers. For example, new AMD GPUs have open source drivers.
That's all for hardware.
Regardless of hardware, you can ruin your privacy easily and immediately by using bad software.
If getting a good hardware configuration is too hard, at least use an OS you compiled from source. This is the only way to make sure the binaries you are using come from the source inb4 trusting trust. For example install Gentoo. For reference I once built and run Gentoo on Allwinner A20.
If that's is too hard or takes too much time, at least run an open source OS without shady software such as systemd and/or less SJW influence. For example Artix or even better OpenBSD.
Even if you run a full suite of compiled software on A20, you can still ruin your privacy in a flash by connecting to botnet. For ultimate privacy, use only public wifi or hacked wifi and browse only overlay networks, eg onions and eepsites.
If you must access the clearnet, do the above but over TOR.
If getting out of basement sounds dangerous it is, there are tons of CCTV and normalfags using Apple spying devices all over the place, at least browse only onion and eepsites, or clearnet over TOR.
If you decide you can trust your isp for some reason, at least don't use any closed source services. i.e. they don't post server source source. And of course don't use botnet services such as jewgle and fagbook, or even god forbid chinktok.
And if you serious need to do that for some very unfortunate reasons, use a separate device, put it on a different lan during use, wipe it completely every each use and air gap it between use. Never post any real information of yourself online. If you must, compartmentalize your access. Of course, the best is to just not use any of those services.

>>11716
>It seems tbat every CPU ever made has a back door
CPUs without backdoors are too slow to run your pokemans and fortnights.

>>11717
>TOR
Back to the peanut gallery.
https://support.torproject.org/about/#about_why-is-it-called-tor

glow.jpg
[Hide] (3.1KB, 152x250)

If the inode structure size sb->s_inode_size is larger than 128 bytes and the i_inode_extra field is large enough to encompass the respective i_[cma]time_extra field, the ctime, atime, and mtime inode fields are widened to 64 bits. Within this “extra” 32-bit field, the lower two bits are used to extend the 32-bit seconds field to be 34 bit wide; the upper 30 bits are used to provide nanosecond timestamp accuracy. Therefore, timestamps should not overflow until May 2446. dtime was not widened. There is also a fifth timestamp to record inode creation time (crtime); this field is 64-bits wide and decoded in the same manner as 64-bit [cma]time. Neither crtime nor dtime are accessible through the regular stat() interface, though debugfs will report them.

Flashback_1.png
[Hide] (13.9KB, 320x256)

>>11733
Doesn't the GameBoy just have a Z80? You can run some Pokemons on there. And with a 68000 you can do a whole lot more!
In any case, I wouldn't trust anything past 68030 and 80386.

>>11934
>Doesn't the GameBoy just have a Z80?
The CPU in GameBoy is a modified version of Z80
https://gbdev.io/pandocs/CPU_Comparison_with_Z80.html

move_along.jpg
[Hide] (68.1KB, 1024x745)

>>11922
>Neither crtime nor dtime are accessible through the regular stat() interface

leak.png
[Hide] (140.4KB, 857x1203)

http://eweiibe6tdjsdprb4px6rqrzzcsi22m4koia44kc5pcjr7nec2rlxyad.onion/tpo/applications/tor-browser/-/issues/8706 

9 years to fix close this simple bug without fixing.

>>12296
>9 years to fix close this simple bug without fixing.
If it's so simple then write your own patch.

I'm going to put some time into whonix/kicksecure, they seem to have an iso creation tool available on the git since the last few days. Why do so many of these security projects have just one developer? I does not seem legit. Direct me.

>best mail host
tormail
>best private browser
Tor
>how do you stay private online?
use different usernames, don't sign in to big tech platforms, turn off javascript, only use https, VPN/TOR etc.
>how to airgap your phone? 
You can't. If you need an extreme version of privacy, use a tracphone. For a more realistic phone with privacy and a camera, use a grapheneos phone or librem phone
>best VPN
mullvad vpn, IVPN, VPNarea, calyx vpn

>>12400
whonix has become kiked. Use Tails instead.

>>13167
why? what happened with whonix?

blackhole.png
[Hide] (145.7KB, 519x735)

>>12296
Dingleberry is excited to see one leak get fixed, while another 1000's remain, because every modern browser with millions of lines of code is a fucking monstrosity that will never be remotely secure or private.
And it just keeps getting worse and more bloated every year. We're long past the event horizon. No fucking way anyone with two brain cells is running these botnet browsers.

>>13236
You need to get better at sensing who's opinions are worth listening to.

>>13237
>No fucking way anyone with two brain cells is running these botnet browsers.
Tails and Whonix already give you all the tools you need to use these browsers securely. If you haven't figured that out then it says more about your intelligence than anybody else's.

>>12296
>a file that has nothing to do with firefox contains files that firefox recently downloaded
What is your actual threat model here? You are downloading super illegal files and then an attacker breaks into your house, looks at your unencrypted harddrive and sees filenames of stuff you downloaded? At which point they already have access to files themselves in ~/Downloads/. Or to put it another way, whatever you are doing to protect the files you downloaded will also protect recently-used.xbel. So you're just chimping out over nothing.

If your browsing history is so secret then use a live system like Tails which can't save anything to persistent storage.

horse.jpg
[Hide] (23.3KB, 418x418)

>>13238
> tools
Oh gee, even more lines of code. You just just don't fucking get it, do you.

pic.png
[Hide] (808.8KB, 1600x1295)

>Russia has banned zzzchan
>Fixing the onion
bless you based mods. captcha doesnt work right now so i cant make new threads to make it more visible, but this thread is comfy
>spin up a gorrilion extra $1 domains if they really want to play ball
this is just unfathomably based, but you should spin up those hot new HTTPT webtunnel transports instead if you really wanna play anal ball with her