Privacy General

>disabled any data collection I could on the google side
>deleted Facebook a year ago
>have a godaddy hosted mail server
>switched to firefox on my secure machine
>physically removed microphone from secure machine
>started a snort server on my network
>encrypted every machine I own with LUKS
>got lastpass
>got a u2f key

>666
Ross ulbricht himself?
He got caught because they snatched his encrypted laptop while it was on and had root terminals open desu

>disabled any data collection I could on the google side
>have a godaddy hosted mail server
>started a snort server on my network
>got lastpass
I can't tell if this is b8.

duckduckgo
no google
no social network
vpn
lineage os
that it

The point being why was he in a position to be targeted physically? He was identified

I don't see how it's possible to be privacy-aware anymore in the age of smartphones.

How can you use a smartphone and also be privacy-aware?

And how can you live in the current day without a smartphone?

There are plenty of people who get by with standard cell phones. You could always just get a small tablet that can only use wi-fi.

>he thinks the data is deleted because he pressed a button and viewed a message assuring him it was deleted and impossible to recover

Attached: 1529101565475.jpg (238x212, 11K)

>Never had any social media accounts
>Always registered under different names on sites/forums
>always disable find by mail despite using separate emails for online registrations
>use Chrome linked with my gmail
>use uBO & HTTPS Everywhere
Guess you could say I'm a conscious retard

Attached: 1538079836354.jpg (657x527, 42K)

>HTTPS Everywhere
>using any kind of https addon in 2017+1

No social media. My own email. Use local non-American hosting. Firefox that doesn't save shit.

That's pretty much it.

Why do you keep this anti-https posting up? stop pretending that you're covered without it, if you don't use it most sites will not default to https.

you can always use that Lava or Magma email provider. They dont let governments in ;)

its called Lavabit, ive just found it. :)

OP is posting from Washington State, USA, and he sucks at privacy.

Redpill me on why this is better than protonmail

Sort of serious about it. I made 'improvements' but I could only go so far. I use ProtonMail but it's not as good as they say (alias linking, proprietary backend). I still use Google because I just cant bear using DDG.

Ladar has previous of telling the government to go fuck itself, rather than hand over data.

I was using Lavabit back when it was called Nerdshack. One day I couldn't access my email. Went to the website to see what was up and there on the front page was the message that rather than hand over data (because of Snowden) he'd chosen to close the service. They also asked him for encryption keys. Which he proceeded to print out in 4 point on 11 pages.

From the case...

>"The attachment was created by scanning the document provided by Mr. Levison; the original document was described by the Dallas FBI agents as slightly clearer than the scanned copy but nevertheless illegible." Clearly, the feds were pretty frustrated at what lay ahead of them. "Moreoever, each of the five encryption keys contains 512 individual characters—or a total of 2560 characters," the motion reads. "To make use of these keys, the FBI would have to manually input all 2560 characters, and one incorrect keystroke in this laborious process would render the FBI collection system incapable of collecting decrypted data."

Ladar closed the service and simultaneously handed over the TLS keys. Which is incredible. However... any future mail sent to his site would still be decryptable, and the FBI would be able to impersonate his server.

>If so what are the measures you are taking?
I use Xubuntu and pray that's enough and that there' not a backdoor in it
I don't care that much about what the government might be able to see me do. But rather my safety from hackers.
I got hacked by two people and it was a horrible experience. They attempted to blackmail me and also put my personal info in publicly readable places. It was horrible. And even now with a fresh Linux install on a new computer I'm still paranoid about hackers
What do i do?

He closed the service. The keys were illegible. You can find the scanned documents online since they were unsealed.

How would any future mail be decrytable if he's got new servers, new keys and an entirely new means of dealing with email protocols?

The keys might have been difficult to read, but not illegible, otherwise he would be in prison. He only escaped prison because he technically did what they asked.
Future mail would be decryptable if other people are still sending mail to that original domain/server and using the same public key. Not sure whether the protocol has any kind of certificate pinning, so maybe it would be safe.
Ladar's DIME sounds good on paper for ensuring E2E but I don't think it's compatible with anything else or relies on your buddy encrypting his mail (which kind of makes it pointless).

>The keys might have been difficult to read, but not illegible, otherwise he would be in prison. He only escaped prison because he technically did what they asked.
They were illegible. I've seen the copies. You can't read shit.

>Future mail would be decryptable if other people are still sending mail to that original domain/server and using the same public key. Not sure whether the protocol has any kind of certificate pinning, so maybe it would be safe.
The original servers have been down for years. If you still haven't cottoned on to the fact you're not connecting to said servers, or getting fucking emali, you're all kinds of retarded. You're also assuming he has used the same fucking keys for the new setup as the old one.... that's also fucking retarded.

>Ladar's DIME sounds good on paper for ensuring E2E but I don't think it's compatible with anything else or relies on your buddy encrypting his mail (which kind of makes it pointless).
It's no more pointless than any other encrypted service you have to get your friends to use to keep your communications private. DMAP and DMTP have been submitted to the IETF. Upon certification, we'll see more roll out.

It's possible that the FBI would route the domain towards their own server where they can decrypt the traffic with the TLS private key, though you said it was illegible so I guess this wouldn't be possible. If they did somehow get it, wouldn't they be able to decrypt all past captured traffic? I believe only TLS 1.3 has Perfect Forward Secrecy.
Anything that relies on your buddy doesn't work. There will always be shitty servers that wait until the last moment to upgrade software or protocols. The only real way to fix this is to dump email entirely and encourage people who really need privacy to use Signal or an alternative.

>PIA
Scam

>>deleted Facebook a year ago
You can't delete a facebook account, only deactivate it

>do a lot of the stuff other anons posted
>do my best to stay up to date on security issues and mitigate accordingly
> OpenWrt on router, custom ROMs, ungoogled everything, etc.
-----------
>Go to various doctors offices
>ALL USING Windows 10
>have to give up all kinds of personal info including CC info to pay copays, and drivers license and photo ID to prove my identity
>watch as my digital self is sucked into the micro$oft vortex
>go home to back-doored computer

Why are we putting ourselves though this charade again?

Attached: 454820e4-fda1-4bba-9972-65986d68b166..jpg (300x360, 35K)

>>And how can you live in the current day without a smartphone?
the same way you did before smartphones. Going somewhere? Look it up before you leave and have something vaguely resembling a sense of direction instead of asking google for turn-by-turn directions. Arrange where you're going to meet people ahead of time instead of just texting when you're already there. Pay for shit with cash, or a card if you have to. (seriously, why do mobile payments even exist?) All of the social-media crap you can either quit or do at home instead of on the go. Same with email, all of that can wait until you get back home or to your workplace. I don't know anyone who really uses voice calls anymore, but if you do, they probably remember landlines and the days of calling someone and just... not being able to talk to them right then, since they weren't home.

Seriously, you do not need to be constantly reachable by everyone (or anyone, really). Once you accept that proposition then most of the things that you "need" a smartphone for become unimportant.

>I believe only TLS 1.3 has Perfect Forward Secrecy
Whether you have forward secrecy in TLS depends on the negotiated ciphersuite in TLS 1.2, many of them have it (and some servers and clients are configured to only advertise support for ones that do) but not all. All TLS 1.3 ciphersuites have forward secrecy. I believe that no SSL 3.0 ciphersuites were had forward secrecy, and that a few TLS 1.0 ones did, but that their use was fairly uncommon during the time TLS 1.0 was current.

This caused some consternation during the TLS 1.3 development process, since some large companies (notably, banks) based lots of compliance shit on being able to decrypt their own TLS traffic, by virtue of knowing their own private keys. They wanted non-forward-secret ciphersuites to be added so that they could continue to do that. The TLS people basically told them as politely as possible to go fuck themselves. It helped their ability to do that that these sleepy behemoths only woke up and realized that PFS was becoming mandatory after pretty much all the major technical decisions with 1.3 had already been settled, so they could say "too late, if you wanted your concerns heard, where were you six years ago?"

Only use gano+loonix on laptop/desktop, custom ROM on phone and have a private VPN on OpenBSD.
Also, does anyone know if the cock.li VPS' are any good? I like the fact they're crypto only.

what porn were they blackmailing you with?

this made me feel really sad.
Apparently the only way to get off the grid is to physically get off the grid. Be nationless and live a pre-20th century life.

Attached: 1524068772931.jpg (430x430, 19K)

if you post on Jow Forums, you're being tracked by google and hiroshit. privacy is a meme. keep your personal information off the internet and possibly use a vpn. diminishing returns if you go further than that.

Because it still sends a message. You can't let perfect be the enemy of good user. If your data is gonna leak, then make sure it's not your fault, it's some mandatory government/healthcare computer's fault.

>2018
>stealing healthcare records more valuable than stealing credit card info
>can't function in society without entrusting others to handle your data

I wanna fucking die.

Know this is an old video by a spook but your post and the current spectacle of the feds fucking over Reality Winner
youtu.be/dNZrq2iK87k

it gets better!
>be old 'n sheeeet
>get prostate exam
>Sony AssCam up the old dirt road
>*snap*
>high quality DICOM images of your colon tagged with all your info sent to back end PACS server running Windows 10

mfw M$ is so far up the world's ass and it has the picture to prove it

Attached: 12d0930e-7d6b-409d-a93a-13efd950d553..png (420x420, 335K)

So are there people serious about their online privacy?
Yes!
>If so what are the measures you are taking?
I avoid at all costs browsing sites that don't support HTTPS.
I don't use any Google services and don't have Facebook.
I browse the Internet with JS disabled, and only enable it if I can't read the page without it.
I try my best to limit browsing history exposition to third-parties through uMatrix.
My smartphone runs LineageOS, no Gapps. Unfortunately, I have to compromise and have WhatsApp installed due to its ubiquity.

Overall I'm pretty satisfied. After reading and studying for some time, you learn how stuff works. The NSA doesn't spy on all the world because they need it, but because it's so easy if you can look at the backbones and have insiders in the industry. The overall costs ends being a few cents per person at worst, so they don't care.

Attached: Bowsette 68.png (650x700, 31K)

How does it feel like knowing that all your efforts are futile and that you will never be truly invisible on the web? How does it feel like knowing that data about you will still be collected even if you were not the direct source to such data?

What keeps you going user?

No it isn't

This is all outdated boomer tech, you're gonna need a lot more fire power if you want real results.

braap

*sniff*

If your local govts really care they will get you no matter what nowadays. You can, however, do a lot against automated surveillance from ad companies etc.

You can "delete" it but they keep your information for a while. Not that they give a fuck but some countries have laws that require them to have an option to delete your data.

>protonmail
honeypot

Privacy isnt binary. It can be a slow transition, especially if youve been using google products for years.

Currently use:
>ddg
>pia (didnt know they were shit at the time)
>switching to protonmail
>have unilimited gdrive but encrypt everything
>plan on getting phone that support lineage

Its a struggle, especially when it comes to having a job that requires you to use microshit products.

>all that effort
>still uses chrome

Uhhhhmm sweetie, why do you need privacy, if you're not a criminal and have nothing to hide?

How do people handle privacy in the workplace? My job entirely microsoft.

I dont login to any personal accounts at work except for bitwarden. If i need too, i login to office 365 from home to access my outlook, onenote, etc. Not exactly private but dont have much choice.

Compartmentalization of life at the job and your personal life is key.

Is my system good then? Originally i was mixing my work notes with my personal notes. Now i use onenote for work, and standard notes for personal shit.

>Q: WE HEAR YOU’RE NOT THAT KEEN ON TECHNOLOGY...
>A: I don’t have an internet connection, or a mobile phone, or a TV signal. I can play [digital] music on the television, or on the computer I suppose, but I don’t. I am pretty much cut off from the 21st century. It’s like culturally I’m trying to establish a kind of sensory deprivation tank for myself, whereby I am receiving no modern signals whatsoever, because I’ve heard that after a while in a sensory deprivation tank you start to hallucinate and have all sorts of strange experiences, so I’m waiting for that to happen.

>Q: HOW DO YOU MANAGE WITHOUT THE INTERNET?
>A: It seems to work. I am pretty much cut off from the majority of the 21st century, but not much escapes me. You hear about everything, because you’re talking to people, you’re absorbing a lot of this information as if by osmosis, just through the pores of your skin. I have said that by embracing the internet in the way that it has done, which was kind of inevitable, society has embarked on a massive experiment without having any idea of the various ways in which those technologies will impact upon us socially, politically and psychologically. So I so think if there’s this huge experiment going on, it’s best that I remain outside the petri dish, as a kind of control, so that we’ll be able to see how badly the rest of you have mutated, by comparing you with me as a kind of baseline.

Attached: moorecompaqpres.jpg (403x292, 29K)

I'd personally have a dedicated system or VM for work at home but that is me.

God I wish that were me

I like that idea. I dont really work from home though and if I do i just bring my laptop home.

Ok so here's my case:
I live in a place where there is only one public sector ISP monopolizing internet access for the govt.

By laws, they must keep a track record of the last 6 months of my internet activity.
By laws, I could be arrested and the police would have the rights to physically confiscate my hardware and search it for any period of time they deem fit. First by forcing me to unlock it for them, then if that doesn't work, torturing me and brute-forcing into the device.
By laws, I could be convicted and sent to jail or taken on a forced disappearance for "insulting" aka criticizing a dead public figure or the current president or the establishment.
Life sucks in terms of rights or freedoms so badly that when we regain a right, many consider it a privilege
The country itself is closed off on borders so it's hard to ship stuff to it and it's even harder to leave.

If you were in my place, user.. How do you protect yourself and take back your right of speech.. safely?

Attached: mitochondrea.jpg (364x464, 66K)

Tails would me your most useful tool. On a dedicated machine with no hard disk and changing the mac address each time. That and moving.

Oh and be careful with linguistic forensics.

What you say is true but didn't GDPR fix this issue? I mean, they HAVE TO delete EU user's data if they request it or after a certain amount of time.

linux is tracked now to ensure users are using the OS in a safe manner to protect them via the kernal processes currently being integrated to fight hate speech online.

but there are no other browsers to use.

get a different dns server. the default servers by your internet provider keep logs just like google's dns server.
look for ones that are near you and don't keep any logs (not even anonymized logs), and also use dnscrypt.
it's best to configure the dns server in your router directly.

>keep your personal information off the internet
How? I'm not putting my personal information on the internet, others are.