OpSec Lounge (Security, Privacy, etc.)

open source

Robin
Gold Member
For browsers I like Firefox plus the following extensions:

Privacy Badger
UBlock Origin
HTTPS Everywhere
Cookie Autodelete
History Autodelete

I've played with the settings as well and that helps. Removing Javascript can be beneficial but it does a ton of damage to your browsing. I really wish sites would stay away from Javascript, it's pretty terrible for privacy. I'm thankful for the bare bones no-JS sites out there.

Adding 1 more extension.

Nano Defender - Stop seeing those annoying "Looks like you have adblocker? Please turn it off" notifications. You can use it together with uBlock Origin, a few extra steps required.
 

Joseph-Schumpeter

Pigeon
Orthodox Inquirer
Opsec is something very near and dear to my heart. I've been thinking about it often for a few years. Without dox'ing myself here, my technical understanding of how the internet works is pretty good.. (I've had the @Roosh "dumb phone" for a couple years now (non-touch screen Nokia 3310)).

Two things I'd like to plug here:
I haven't used Windows or Mac OS in more than 2 years, and I very much recommend switching to Linux. If you're interested in going down this road, you can get a really nice T420 or T420s or X220 Thinkpad on Ebay for around $100 USD, which will run a minimal Linux setup REALLY well.
 
Mobile OS:
I bought a used Google Pixel 3 for $200 and installed GrapheneOS. Open Source and recommended by Edward Snowden. I find iOS to be more polished but It's a matter of getting used to.
Wow. Thanks for that! I was using 'ubuntu touch' for awhile but without apps it got old quick.
 

budoslavic

Eagle
Orthodox
Gold Member
I'm installing from a Mac. It was a PITA initially until I discovered where the problem was. The solution was to drag the files to Terminal to give the correct location (example below).

Let me know if you need more detailed explanation.

What about support? Does GrapheneOS update its security, patches, etc.?
 

joost

Kingfisher
How difficult is this to install? How long did it take?
First time took me few hours because I couldn't find where the mistake was. Now that I know, I would be able to do it in 15min.


Two things I'd like to plug here:
  • TAILS https://tails.boum.org/install/ - this is the best thing you can run for opsec. It won't allow any connections to the internet that don't go through Tor. But since most of us can't run this as our main desktop OS.
Check Wireguard (better than OpenVPN) and QubesOS. That OS is better than TAILS apparently and Edward Snowden's default OS. Everything is sandboxed. Unfortunately you need a compatible computer to enjoy all the protection it offers. Check it out.


What about support? Does GrapheneOS update its security, patches, etc.?

Yes. An update came yesterday btw. It updates automatically.
Check FAQ for security information:
 

Replicant_Gyr

Sparrow
Orthodox
I've been recently using Faraday pouches when I carry my phone on my person.

Advantages:
-The phone's ability to send/receive data does drop to nothing with a good quality setup.
-Protects you from your phone's emission RF (if that is something you are concerned about, especially if you always carry your phone close to your person, this is a whole debate in and of itself)
-Cheap, readily available on most sites. (Pay attention to reviews, quality, and knock offs.)
-Great conversation starter and people can tell you're on another level of security. (If not maybe the "tin foil hat" type...)
-Great for undisturbed sleep and peace of mind.

Disadvantages:
-When in the pouch, the phone will not receive nor send communications. Phone will function similar to Airplane mode when in the pouch, but even more restrictive, since there won't be any signals being transmitted or received (i.e. GPS)
-It will be hard for people to get a hold of you in emergencies or if you run a business etc where you rely on your phone often.
-The phone may try to work extra hard to "find a signal" and may decrease battery life in doing so. (Recommend airplane mode prior to placing in bag)
-The pouch will wear out (velcro) and require washing with time.
-Not all of them are guaranteed to work 100% due to construction, materials, signal strength etc.
 
Last edited:

redbeard

Hummingbird
Gold Member
I've been recently using Faraday pouches when I carry my phone on my person.

Advantages:
-The phone's ability to send/receive data does drop to nothing with a good quality setup.
-Protects you from your phone's emission RF (if that is something you are concerned about, especially if you always carry your phone close to your person, this is a whole debate in and of itself)
-Cheap, readily available on most sites. (Pay attention to reviews, quality, and knock offs.)
-Great conversation starter and people can tell you're on another level of security. (If not maybe the "tin foil hat" type...)
-Great for undisturbed sleep and peace of mind.

Disadvantages:
-When in the pouch, the phone will not receive nor send communications. Phone will function similar to Airplane mode when in the pouch, but even more restrictive, since there won't be any signals being transmitted or received (i.e. GPS)
-It will be hard for people to get a hold of you in emergencies or if you run a business etc where you rely on your phone often.
-The phone may try to work extra hard to "find a signal" and may decrease battery life in doing so. (Recommend airplane mode prior to placing in bag)
-The pouch will wear out (velcro) and require washing with time.
-Not all of them are guaranteed to work 100% due to construction, materials, signal strength etc.

Care to recommend a quality bag?
 

Coja Petrus Uscan

Crow
Orthodox Inquirer
Gold Member
I don't use my phone much - mainly just when travelling for GPS etc. But with the tech mafia making their move, I am stepping further back from their reservation. Will be installing LIneage or Graphene later in the week.

I've been switching out mafia apps. Some of theses are old switches. Some recommendations:

Google Translate - I have replaced this with Yandex Translate. I use that professionally. It doesn't have as many language pairs as Google, but has all I am likely to need.
Chrome - Replaced with Brave, good adblocker, I use the rewards each month to tip dissidents like Roosh; seems to have a very good team
Banking - I use Crypto.com, which has a debit card that I now use as my primary card, lots of great services, low/no fee. Will be trialing Monolith, self-custodian ETH wallet connected to a card soon.
Booking.com - Travala.com, still probably staying with Booking.com by proxy, but you can get up to about 25% off with a combination of Crypto.com and Travala; part of Binance. I want to support it to open thing up
Brokerage - Interactive Brokers seem to be globohomo free
VPN - SurfShark seems to be globohomo free; also use Mysterium decentralised VPN

I currently use the Google AdSense app, but I am ditching AdSense next week. I also used to use Google Analytics (which is now considerably obsolete due to tracking blocking), which I replaced with Matomo, which can run log file analytics. So now I know what my real traffic is. Considerably higher than what Analytics said, even after bots are removed.

Any other recommendations for apps? I am looking for a Google Maps and Google Authenticator replacement - something that uses the same code as Google Authenticator, but not their app.
 
Last edited:

Coja Petrus Uscan

Crow
Orthodox Inquirer
Gold Member
I'm looking at doing this for my next laptop...


The drive is encrypted and nothing can be accessed without the security key.

I had my home folder encrypted for years, on a couple of installs.

It had quite serious problems with moving files around. I have an SSD, but moving files around could be really slow and sometimes Caja would freeze for minutes.

I looked it up and there are many mentions of this problem with people with encrypted home folders.

So I chose not to encrypt with my most recent install and I no longer have the above problem.

I would look into if it's possible to not have that issue, because, for me, it was not worth that drawback.

A few details here: https://askubuntu.com/questions/23489/what-is-the-performance-overhead-of-encrypted-home
 

TheFinalEpic

Pelican
Gold Member
Some good suggestions in here. If you're not encrypting your OS, at minimum make sure your BIOS is password protected. But you should be doing full LUKS disk encryption if possible. For most linux distros that aren't compiled from source or manual installs, this is as simple as clicking a checkbox and entering your chosen password.
 

foolhardie

Pigeon
Do any of you guys have a privacy-friendly phone you'd recommend?
Take a look at getting a Google Pixel 3a. I know this is Google, but, you can remove all the google software, operating system inside that phone, and install some open-source, privacy-focused mobile operating system, like GrapheneOS. Here is a video on topic:
 

redbeard

Hummingbird
Gold Member
I'm installing from a Mac. It was a PITA initially until I discovered where the problem was. The solution was to drag the files to Terminal to give the correct location (example below).


Let me know if you need more detailed explanation.
I finally got around to doing this. It was super simple. This video literally holds your hand you through every single step:
No excuses.
 
Top