Operations security: Difference between revisions

From Leftypedia
Jump to navigation Jump to search
(Intro, DNS, Linux Mint link)
 
(12 intermediate revisions by 6 users not shown)
Line 1: Line 1:
{{Stub}}
'''Operations security''' ('''OPSEC''') is the process which identifies critical information in order to determine if friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. Considerations for this must include a wide range of kinds of threats, both civilian and governmental ones. Though some believe mass surveillance by the state is necessary for national security, in reality it doesn't help that goal.<ref>[https://www.businessinsider.com/nsa-phone-snooping-illegal-court-finds-2020-9 The NSA phone-spying program exposed by Edward Snowden didn't stop a single terrorist attack, federal judge finds]. Business Insider.</ref> What such surveillance has been known to be used for, however, is tracking dissidents and gaining information about them. Even anti-war and anti-segregation activists have been put under surveillance, often illegally, as was in the case of Muhammad Ali, Whitney Young, and Martin Luther King Jr. Activists today are far more surveilled — with tools such as IMSI catchers, drones, facial recognition software, and the pulling of location data from big tech and phone companies — without a warrant and almost never because the target is believed to be a threat to peace. It is further claimed that privacy doesn't exist, but this is not necessarily true and can be addressed through a combination of factors like good practices, media access controls, and the use of particular software and settings.
'''Operations security''' ('''OPSEC''') is the process which identifies critical information in order to determine if friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. Considerations for this must include a wide range of kinds of threats, both civilian and governmental ones. Though some believe mass surveillance by the state is necessary for national security, in reality it doesn't help that goal.<ref>[https://www.businessinsider.com/nsa-phone-snooping-illegal-court-finds-2020-9 The NSA phone-spying program exposed by Edward Snowden didn't stop a single terrorist attack, federal judge finds]. Business Insider.</ref> What such surveillance has been known to be used for, however, is tracking dissidents and gaining information about them. Even anti-war and anti-segregation activists have been put under surveillance, often illegally, as was in the case of Muhammad Ali, Whitney Young, and Martin Luther King Jr. Activists today are far more surveilled — with tools such as IMSI catchers, drones, facial recognition software, and the pulling of location data from big tech and phone companies — without a warrant and almost never because the target is believed to be a threat to peace. It is further claimed that privacy doesn't exist, but this is not necessarily true and can be addressed through a combination of factors like good practices, media access controls, and the use of particular software and settings.


For the most up-to-date information, consult other resources such as [https://www.privacytools.io/ privacytools.io].
For the most up-to-date information, consult other resources such as [https://www.privacytools.io/ privacytools.io], [https://privsec.dev/ PrivSec.dev], or [https://spyware.neocities.org/ Spyware Watchdog].


==Computers==
==Computers==
===Operating system===
===Operating system===
Both Microsoft Windows and macOS are backdoored by intelligence agencies and phone home, and so are inherently insecure options for privacy and security. Use Linux instead. There is no single "Linux" operating system, and so truly Linux refers to just the essential kernel software, thus you'll be downloading what's called a "distro", or distribution. Distros are basically ready-made operating systems that take the Linux kernel and add software onto it that makes it usable like Windows or macOS. Most distros, especially the more popular ones, are actually really easy to install; step-by-step like many well-known operating systems. You can start off with something like [https://linuxmint.com/ Linux Mint], which specializes in giving a particularly easy-to-use experience through the software and multimedia support that it comes with. The vast majority of software that is available on Windows and macOS can also be readily installed on Linux as well, with [https://www.winehq.org Wine] being available to provide support for most other things otherwise.
Both Microsoft Windows and macOS are backdoored by intelligence agencies and phone home, and so are inherently insecure options for privacy and security. Use Linux instead. There is no single "Linux" operating system, and so truly Linux refers to just the essential kernel software, thus you will be downloading what's called a "distro," or distribution. Distros are basically ready-made operating systems that take the Linux kernel and add software onto it that makes it usable like Windows or macOS. Most distros, especially the more popular ones, are actually really easy to install; step-by-step like many well-known operating systems. You can start off with something like [https://linuxmint.com/ Linux Mint], which specializes in giving a particularly easy-to-use experience through the software and multimedia support that it comes with. The vast majority of software that is available on Windows and macOS can also be readily installed on Linux as well, with [https://www.winehq.org Wine] being available to provide support for most other things otherwise.  


If you need extra privacy for a particular reason, use the [https://tails.boum.org Tails] operating system, which is a version of Linux optimized for anonymity.
If you need extra privacy for a particular reason, use the [https://tails.boum.org Tails] operating system, which is a version of Linux optimized for anonymity.  


===Web===
===Web===
====Browsers====
====Browsers====
Google Chrome has spyware built into it, as does Chromium. Firefox is a more secure option that also happens to be very customizable and fast (especially since the Firefox Quantum update).
Web browsers such as Google Chrome, Microsoft Edge, and Safari have spyware built into them, as does Chromium. Firefox is a relatively secure option, however, it still contains spyware by default and therefore requires manual hardening in order to make it usable as a secure web browser.<ref>[https://spyware.neocities.org/articles/firefox Firefox]. Spyware Watchdog</ref> A guide to hardening Firefox may be found [https://spyware.neocities.org/guides/firefox here]. Consider using a privacy-focused fork of Chromium or Firefox, such as [https://github.com/ungoogled-software/ungoogled-chromium ungoogled-chromium], [https://www.gnu.org/software/gnuzilla/ GNU IceCat], or [https://librewolf.net/ LibreWolf].


=====Tor=====
=====Tor Browser=====
Use Tor if you really need privacy. It does, however, tend to be rather slow, and many services block it in some manner. Make sure to continue following other best practices because even while using Tor you may still, for example, become exposed through JavaScript or just not being careful with what information you give out.
Use Tor Browser if you really need privacy. It does, however, tend to be rather slow, and many services block it in some manner. Make sure to continue following other suggested practices because even while using Tor you may still, for example, become exposed through JavaScript or just not being careful with what information you give out, for this reason and others it is considered best practice to use tor browser as opposed to proxying your regular browser through tor, whilst you can chose to use tor with the browser of your choice it is again not recommended and should decide to do so it should be done with careful manual hardening and anonymising along with consideration and planning.


Use [https://tails.boum.org/doc/first_steps/welcome_screen/bridge_mode/index.en.html Tor bridges] (also known as Tor bridge relays) with Tor. These are alternative entry points to the Tor network that are not all listed publicly. Using a bridge makes it harder, but not impossible, for your Internet Service Provider to know that you are using Tor, which would be disadvantageous for a few reasons. Your traffic can be singled out and identified if you are known to use this service, so it's a method of tracking first of all. Using Tor may also be illegal, or just otherwise bring closer scrutiny towards yourself otherwise. [https://tb-manual.torproject.org/bridges Official manual on Tor bridges]
Use [https://tails.boum.org/doc/first_steps/welcome_screen/bridge_mode/index.en.html Tor bridges] (also known as Tor bridge relays) with Tor. These are alternative entry points to the Tor network that are not all listed publicly. Using a bridge makes it harder, but not impossible, for your Internet Service Provider to know that you are using Tor, which would be disadvantageous for a few reasons. Your traffic can be singled out and identified if you are known to use this service, so it's a method of tracking first of all. Using Tor may also be illegal, or just otherwise bring closer scrutiny towards yourself otherwise. [https://tb-manual.torproject.org/bridges Official manual on Tor bridges]
Line 22: Line 20:
====Web extensions====
====Web extensions====
*uMatrix: blocks out things like scripts and cookies unless you specifically specify which ones you want enabled and on what level of a domain you want it enabled on (for instance, you can enable a certain script either only on the subdomain ''www.example.com'', or only everything on the domain ''example.com'', or everything contained by the top-level domain ''.com''.
*uMatrix: blocks out things like scripts and cookies unless you specifically specify which ones you want enabled and on what level of a domain you want it enabled on (for instance, you can enable a certain script either only on the subdomain ''www.example.com'', or only everything on the domain ''example.com'', or everything contained by the top-level domain ''.com''.
*HTTPS Everywhere: Makes your browser use HTTPS instead of HTTP wherever possible. Of course, this won't work if a website hasn't configured HTTPS and only works on HTTP, so be wary about going to HTTP pages. Most of the time though, especially in the case of more important websites, there will be an HTTPS version of a page.
*uBlock Origin: filters content, largely advertisements that can track your activity across the Internet. It's less resource-intensive than other content filters, like Adblock Plus. Adblock Plus itself furthermore has reportedly been paid off by Google and other companies to whitelist their ads.<ref>[https://www.businessinsider.com/google-saved-an-estimated-887-million-by-paying-adblock-plus-to-show-its-ads-2013-8 Google Saved An Estimated $887 Million By Paying Adblock Plus To Show Its Ads]. Business Insider.</ref>
*uBlock Origin: filters content, largely advertisements that can track your activity across the Internet. It's less resource-intensive than other content filters, like Adblock Plus.
*Cookie AutoDelete: deletes unused cookies upon tab close, however may be configured in plenty of other ways. Has support for whitelists and greylists.
*Cookie AutoDelete: deletes unused cookies upon tab close, however may be configured in plenty of other ways. Has support for whitelists and greylists.
*User-Agent Switcher: randomizes your user agent, which tells websites what kind of operating system and browser you use.
*User-Agent Switcher: randomizes your user agent, which tells websites what kind of operating system and browser you use.
Line 29: Line 26:
*Invidition: automatically redirects requests to YouTube and Twitter towards [https://github.com/iv-org/invidious Invidious] and Nitter, respectively. Both of these are alternative front-ends that basically just give you the content without the spyware. In the case of Invidious, this extension also lets you do some other things like switch between different instance of the Invidious service or setting the default resolution. On the Invidious instances themselves you can also set many more settings, such as whether dark mode is enabled or the default speed.
*Invidition: automatically redirects requests to YouTube and Twitter towards [https://github.com/iv-org/invidious Invidious] and Nitter, respectively. Both of these are alternative front-ends that basically just give you the content without the spyware. In the case of Invidious, this extension also lets you do some other things like switch between different instance of the Invidious service or setting the default resolution. On the Invidious instances themselves you can also set many more settings, such as whether dark mode is enabled or the default speed.


HTTPS-Everywhere: It is obsoleted by modern browsers such as Firefox or Tor-Browser.
The more people using these extensions, the more they can blend in and not have a unique signature. Thus it is important to share them.
The more people using these extensions, the more they can blend in and not have a unique signature. Thus it is important to share them.


====Best practices====
====Best practices====
=====Search engine=====
Use Startpage or some other privacy-oriented search engine. Google, Bing, and Yahoo all aggressively farm your data and you should try to never use these.
=====Email=====
Protonmail and Tutanota are decent email providers — Riseup.net on the other hand has been known to give up records of its users, so stay clear of that one.
=====Cookies=====
=====Cookies=====
Change browser cookie preferences to reject all third-party cookies or at least to only accept third-party cookies from visited pages.
Change browser cookie preferences to reject all third-party cookies or at least to only accept third-party cookies from visited pages.
Line 53: Line 45:
*IPVanish
*IPVanish
*RiseupVPN
*RiseupVPN
Try to avoid VPNs as much as possible. It's not a matter of "are they trustworthy", but a matter of "you shouldn't trust anybody in first place". Use Tor to prevent eavesdropping on your network traffic. You don't need a VPN to browse Tor, it reduces your anonymity in most cases. <ref>https://support.torproject.org/faq/faq-5/</ref>


=====DNS=====
=====DNS=====
Set your DNS server settings to use the resolvers of [https://www.quad9.net Quad9], whose primary address is 9.9.9.9 (2620:fe::fe for IPv6). Alternatively, there is [https://1.1.1.1 1.1.1.1], which is a service run by Cloudflare. Even if you use a VPN, your computer will still give away what domains you're connecting to since that part of the message isn't encrypted, as DNS servers have to be able to read in cleartext what domain to connect you to.
Set your DNS server settings to use the resolvers of [https://www.quad9.net Quad9], whose primary address is 9.9.9.9 (2620:fe::fe for IPv6). Even if you use a VPN, your computer will still give away what domains you're connecting to since that part of the message isn't encrypted, as DNS servers have to be able to read in cleartext what domain to connect you to.
 
You can use Tor as DNS server with Tails <ref>https://tails.net/</ref>, Whonix <ref>https://whonix.org</ref> or Tor-Browser <ref>https://torproject.org/</ref>. Advanced users may set the DNS manually to Tor with the `DNSPort` in the settings of your tor daemon (/etc/torrc <ref>https://support.torproject.org/#tbb_tbb-editing-torrc</ref> on Linux and *BSD). It enables traffic correlation in some cases, but is still more anonymous than using Quad9 or Cloudflare.


===Fully encrypt your storage device===
===Fully encrypt your storage device===
Use an encryption password that is, at a minimum, 20 characters long and consists of random letters, numbers, and symbols. Alternatively, use a passphrase/sentence. Do not use anything from song lyrics or pop culture when using a passphrase. Use at least six words (consisting of at least five letters each) in the phrase, which should be nonsense and not found anywhere on the internet or in pop culture. These are much easier to memorize and therefore can be much, much longer, which is good. Your encryption password should be as long as is possible and therefore as hard to crack as possible, but you still need to remember it. True full-disk encryption requires either Coreboot/Libreboot with a payload like SeaBIOS or GRUB as the first-stage bootloader or putting the bootloader on some kind of removable medium. Normal UEFI/BIOS is unable to read encrypted EFI partitions/MBR and thus you cannot do full-disk encryption with it. An unencrypted bootloader partition is a point of vulnerability.  
Use an encryption password that is, at a minimum, 20 characters long and consists of random letters, numbers, and symbols. Alternatively, use a passphrase/sentence. Do not use anything from song lyrics or pop culture when using a passphrase. Use at least six words (consisting of at least five letters each) in the phrase, which should be nonsense and not found anywhere on the internet or in pop culture. These are much easier to memorize and therefore can be much, much longer, which is good. Your encryption password should be as long as is possible and therefore as hard to crack as possible, but you still need to remember it. True full-disk encryption requires either Coreboot/Libreboot with a payload like SeaBIOS or GRUB as the first-stage bootloader or putting the bootloader on some kind of removable medium. Normal UEFI/BIOS is unable to read encrypted EFI partitions/MBR and thus you cannot do full-disk encryption with it. An unencrypted bootloader partition is a point of vulnerability.
 
Encryption will be moot if the device is already running, as any adversary can simply live image it, so turn it off when not using it — including when going to sleep, taking a shower, or answering a knock on the door. If this process feels too time-consuming for you, get a faster storage device so your computer will boot up and shut down faster, as well as configuring RAID for faster disk speed.
 
===Communication software/services===
====Instant-messaging====
* [https://xmpp.org XMPP]: XMPP is an open chatting protocol. Everyone is free to implement a server or client, making a wide variety of clients and servers possible. There is nothing official beside the protocol specification. To use it, choose one of the many clients. For desktop there is [https://www.pidgin.im/install/ Pidgin] and [https://psi-im.org/download/ Psi+]and for Android [https://https://conversations.im/ Conversations]. XMPP servers include but are not limited to [https://creep.im creep.im],[https://yax.im yax.im], [https://disroot.org disroot.org] and [https://xmpp.is xmpp.is]. Don't forget to enable encryption over OMEMO or OTR before chatting. XMPP can be used over I2P and Tor as well.
 
* [https://getsession Session]Session is an Open-source, decentralized messenger based on Signal. It does not require E-Mail or phone number. Session is based on the Lokinet network, an onion-routing protocol similar to Tor. Instead of tags, names or phone numbers, Session uses long strings to identify users. The identity can be scraped off entirely from the phone and the network in the settings menu. It's available on Windows, Linux, macOS, Android and IOS.
 
* Tox: It used to be a good protocol for encrypted communication, but it seemed to be abandonware by now.
 
* Telegram: It claims government data requests must reach a very high threshold before it complies, and reportedly, it has complied with some, but not all requests from German authorities. Telegram has also made a compromise with Russian authorities to be officially unblocked there, involving measures to combat certain content but with insistence from Telegram's founder that there are no changes regarding safety and privacy.<ref>[https://www.androidpolice.com/telegram-germany-user-data-surrendered/ Telegram reportedly surrendered user data to authorities despite insisting '0 bytes' had ever been shared]. Android Police.</ref>
 
=====Search engine=====
Do not trust any centralized search engine. The obvious ones are Google, Bing, Yahoo, Yandex, but also Duckduckgo and Startpage.
 
Duckduckgo: It's run by a man who used to offer personal data as a service (NamesDatabase), which doesn't say much about Duckduckgo, but is shady. DDG is hosted on Amazon Web Services, which have a 600 Million dollar contract with the CIA <ref>https://truthout.org/articles/amazon-cia-600-million-deal-facing-scrutiny-what-s-the-cia-doing-on-amazon-s-cloud</ref>. They used to set cookies, but claimed they didn't. On the hidden service it loads the icons from the clearnet domain. They know you are scrolling down when you do, as they use lazy loading.
 
It's questionable whether Startpage and Qwant are just as shady as Duckduckgo, but you never rely on a single centralized service in the first place. Use an instance of [https://searx.space/ searx-ng], [https://4g.opnxng.com/instances 4get] or [https://github.com/Extravi/araa-search araa]. They are Open-source, decentralized and work over Tor.
=====Email=====
Riseup and Protonmail are known to give out user data to law enforcement agencies. Avoid using E-Mail as much as possible. If you need it, use [https://disroot.org disroot.org] or [https://danwin1210.de danwin1210.de], as they haven't proven to be honeypots. Always use OpenPGP/GPG for encrypting your E-Mails.


===Phones===
===Phones===
Line 66: Line 82:
To reduce the amount of data sent to Google (and thus available to authorities/hackers), you should use an operating system that does not have Google Play Services bundled. This means you will be using the phone without any of Google's apps or services. Thus apps that were downloaded from the Google Play Store may not work since they may rely on Google Play Services. Only install apps from trusted sources (such as a developer's GitHub repository or [https://f-droid.org/ F-droid]).
To reduce the amount of data sent to Google (and thus available to authorities/hackers), you should use an operating system that does not have Google Play Services bundled. This means you will be using the phone without any of Google's apps or services. Thus apps that were downloaded from the Google Play Store may not work since they may rely on Google Play Services. Only install apps from trusted sources (such as a developer's GitHub repository or [https://f-droid.org/ F-droid]).


Alternative OSes to consider:
Depending on the model of your mobile phone, you may be able to install a mobile Linux distribution on it. Do note that mobile Linux is still very much experimental, and your device may lose functionality by installing mobile Linux. OSes in this category to consider:
* [https://lineageos.org/ LineageOS] - Independent and popular open source OS based on AOSP (Android Open Source Project). Does not have any Google Play Services by default. There are versions for many devices (some of which may be out of date or unofficial ports). List of devices supported by the latest version is available  [https://wiki.lineageos.org/devices/ here]. Second hand phones such as [https://wiki.lineageos.org/devices/klte/install Samsung Galaxy S5] have a straight forward installation process.
* [https://lineageos.org/ LineageOS] - Independent and popular open source OS based on AOSP (Android Open Source Project). Does not have any Google Play Services by default. There are versions for many devices (some of which may be out of date or unofficial ports). List of devices supported by the latest version is available  [https://wiki.lineageos.org/devices/ here]. Second hand phones such as [https://wiki.lineageos.org/devices/klte/install Samsung Galaxy S5] have a straight forward installation process.
* [https://grapheneos.org/ GrapheneOS] - Independent open source project based on AOSP (Android Open Source Project) with significant amounts of hardening and privacy improvements. Does not have any Google Play Services, but plans to make builds of MicroG available in the future. This OS only supports the latest Google Pixel devices for ease of development and full hardware-backed security. WebUSB installer available, making it easy to install the OS on all supported devices (even from other phones).
* [https://grapheneos.org/ GrapheneOS] - Independent open source project based on AOSP (Android Open Source Project) with significant amounts of hardening and privacy improvements. Does not have any Google Play Services, but plans to make builds of MicroG available in the future. This OS only supports the latest Google Pixel devices for ease of development and full hardware-backed security. WebUSB installer available, making it easy to install the OS on all supported devices (even from other phones).


===Extra security===
===Extra security===
If it's necessary, you can do all your browsing within a virtual machine, using the aforementioned tools and practices, and reset it every single time. This is basically the equivalent of using a new computer every time you use the Internet, destroying the previous ones, so most unique identifiers tagged on that machine are useless — unless of course it relates to IP addresses or content that could still be used to identify you. A Live USB (or CD, or DVD) can also be used, which saves nothing to the disk when the computer is shut down.
If it is necessary, you can do all your browsing within a virtual machine, using the aforementioned tools and practices, and reset it every single time. This is similar to using a new computer every time you use the Internet, destroying the previous ones, so most unique identifiers tagged on that machine are useless — unless of course it relates to IP addresses or content that could still be used to identify you. A Live USB (or CD, or DVD) can also be used, which saves nothing to the disk when the computer is shut down.


==Additional resources==
==Additional resources==
Line 87: Line 103:


==References==
==References==
[[category:praxis]]
<references />

Latest revision as of 02:37, 14 November 2023

Operations security (OPSEC) is the process which identifies critical information in order to determine if friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. Considerations for this must include a wide range of kinds of threats, both civilian and governmental ones. Though some believe mass surveillance by the state is necessary for national security, in reality it doesn't help that goal.[1] What such surveillance has been known to be used for, however, is tracking dissidents and gaining information about them. Even anti-war and anti-segregation activists have been put under surveillance, often illegally, as was in the case of Muhammad Ali, Whitney Young, and Martin Luther King Jr. Activists today are far more surveilled — with tools such as IMSI catchers, drones, facial recognition software, and the pulling of location data from big tech and phone companies — without a warrant and almost never because the target is believed to be a threat to peace. It is further claimed that privacy doesn't exist, but this is not necessarily true and can be addressed through a combination of factors like good practices, media access controls, and the use of particular software and settings.

For the most up-to-date information, consult other resources such as privacytools.io, PrivSec.dev, or Spyware Watchdog.

Computers

Operating system

Both Microsoft Windows and macOS are backdoored by intelligence agencies and phone home, and so are inherently insecure options for privacy and security. Use Linux instead. There is no single "Linux" operating system, and so truly Linux refers to just the essential kernel software, thus you will be downloading what's called a "distro," or distribution. Distros are basically ready-made operating systems that take the Linux kernel and add software onto it that makes it usable like Windows or macOS. Most distros, especially the more popular ones, are actually really easy to install; step-by-step like many well-known operating systems. You can start off with something like Linux Mint, which specializes in giving a particularly easy-to-use experience through the software and multimedia support that it comes with. The vast majority of software that is available on Windows and macOS can also be readily installed on Linux as well, with Wine being available to provide support for most other things otherwise.

If you need extra privacy for a particular reason, use the Tails operating system, which is a version of Linux optimized for anonymity.

Web

Browsers

Web browsers such as Google Chrome, Microsoft Edge, and Safari have spyware built into them, as does Chromium. Firefox is a relatively secure option, however, it still contains spyware by default and therefore requires manual hardening in order to make it usable as a secure web browser.[2] A guide to hardening Firefox may be found here. Consider using a privacy-focused fork of Chromium or Firefox, such as ungoogled-chromium, GNU IceCat, or LibreWolf.

Tor Browser

Use Tor Browser if you really need privacy. It does, however, tend to be rather slow, and many services block it in some manner. Make sure to continue following other suggested practices because even while using Tor you may still, for example, become exposed through JavaScript or just not being careful with what information you give out, for this reason and others it is considered best practice to use tor browser as opposed to proxying your regular browser through tor, whilst you can chose to use tor with the browser of your choice it is again not recommended and should decide to do so it should be done with careful manual hardening and anonymising along with consideration and planning.

Use Tor bridges (also known as Tor bridge relays) with Tor. These are alternative entry points to the Tor network that are not all listed publicly. Using a bridge makes it harder, but not impossible, for your Internet Service Provider to know that you are using Tor, which would be disadvantageous for a few reasons. Your traffic can be singled out and identified if you are known to use this service, so it's a method of tracking first of all. Using Tor may also be illegal, or just otherwise bring closer scrutiny towards yourself otherwise. Official manual on Tor bridges

Web extensions

  • uMatrix: blocks out things like scripts and cookies unless you specifically specify which ones you want enabled and on what level of a domain you want it enabled on (for instance, you can enable a certain script either only on the subdomain www.example.com, or only everything on the domain example.com, or everything contained by the top-level domain .com.
  • uBlock Origin: filters content, largely advertisements that can track your activity across the Internet. It's less resource-intensive than other content filters, like Adblock Plus. Adblock Plus itself furthermore has reportedly been paid off by Google and other companies to whitelist their ads.[3]
  • Cookie AutoDelete: deletes unused cookies upon tab close, however may be configured in plenty of other ways. Has support for whitelists and greylists.
  • User-Agent Switcher: randomizes your user agent, which tells websites what kind of operating system and browser you use.
  • Privacy Settings: allows you to change settings found in about:config (on Firefox at least). You may want to keep this add-on as opposed to just changing those settings once because some websites may break because of these changes, and you may have to toggle some settings periodically, which this tool allows you to quickly do.
  • Invidition: automatically redirects requests to YouTube and Twitter towards Invidious and Nitter, respectively. Both of these are alternative front-ends that basically just give you the content without the spyware. In the case of Invidious, this extension also lets you do some other things like switch between different instance of the Invidious service or setting the default resolution. On the Invidious instances themselves you can also set many more settings, such as whether dark mode is enabled or the default speed.

HTTPS-Everywhere: It is obsoleted by modern browsers such as Firefox or Tor-Browser. The more people using these extensions, the more they can blend in and not have a unique signature. Thus it is important to share them.

Best practices

Cookies

Change browser cookie preferences to reject all third-party cookies or at least to only accept third-party cookies from visited pages.

Adobe Flash

Try not to use Flash, which is insecure but is on its way out. Most browsers disable Flash content by default, and thus it can only be played if you click on it and press "Allow" in the dialog box.

JavaScript

JavaScript has many vulnerable libraries, and a large chunk of websites use these — as of 2017, 87% of the top 75,000 websites as ordered by Alexa Internet.[4] Besides unintentional vulnerability, JavaScript can also be used to track users through a variety of methods. It also enables the use of evercookies, which are difficult to delete since a couple different places have to be cleared at once or else the evercookie will respawn to all of them, as long as one source keeps it. JavaScript can be disabled by default through an extension like uMatrix, through which any code that needs to be enabled can be done so manually.

VPN

thatoneprivacysite.net has a chart comparing a lot of different VPNs so you can choose a decent one. The following VPNs have a history of logging and cooperating with US/UK law enforcement, so do not use them:

  • HideMyAss
  • PureVPN
  • IPVanish
  • RiseupVPN

Try to avoid VPNs as much as possible. It's not a matter of "are they trustworthy", but a matter of "you shouldn't trust anybody in first place". Use Tor to prevent eavesdropping on your network traffic. You don't need a VPN to browse Tor, it reduces your anonymity in most cases. [5]

DNS

Set your DNS server settings to use the resolvers of Quad9, whose primary address is 9.9.9.9 (2620:fe::fe for IPv6). Even if you use a VPN, your computer will still give away what domains you're connecting to since that part of the message isn't encrypted, as DNS servers have to be able to read in cleartext what domain to connect you to.

You can use Tor as DNS server with Tails [6], Whonix [7] or Tor-Browser [8]. Advanced users may set the DNS manually to Tor with the `DNSPort` in the settings of your tor daemon (/etc/torrc [9] on Linux and *BSD). It enables traffic correlation in some cases, but is still more anonymous than using Quad9 or Cloudflare.

Fully encrypt your storage device

Use an encryption password that is, at a minimum, 20 characters long and consists of random letters, numbers, and symbols. Alternatively, use a passphrase/sentence. Do not use anything from song lyrics or pop culture when using a passphrase. Use at least six words (consisting of at least five letters each) in the phrase, which should be nonsense and not found anywhere on the internet or in pop culture. These are much easier to memorize and therefore can be much, much longer, which is good. Your encryption password should be as long as is possible and therefore as hard to crack as possible, but you still need to remember it. True full-disk encryption requires either Coreboot/Libreboot with a payload like SeaBIOS or GRUB as the first-stage bootloader or putting the bootloader on some kind of removable medium. Normal UEFI/BIOS is unable to read encrypted EFI partitions/MBR and thus you cannot do full-disk encryption with it. An unencrypted bootloader partition is a point of vulnerability.

Encryption will be moot if the device is already running, as any adversary can simply live image it, so turn it off when not using it — including when going to sleep, taking a shower, or answering a knock on the door. If this process feels too time-consuming for you, get a faster storage device so your computer will boot up and shut down faster, as well as configuring RAID for faster disk speed.

Communication software/services

Instant-messaging

  • XMPP: XMPP is an open chatting protocol. Everyone is free to implement a server or client, making a wide variety of clients and servers possible. There is nothing official beside the protocol specification. To use it, choose one of the many clients. For desktop there is Pidgin and Psi+and for Android Conversations. XMPP servers include but are not limited to creep.im,yax.im, disroot.org and xmpp.is. Don't forget to enable encryption over OMEMO or OTR before chatting. XMPP can be used over I2P and Tor as well.
  • SessionSession is an Open-source, decentralized messenger based on Signal. It does not require E-Mail or phone number. Session is based on the Lokinet network, an onion-routing protocol similar to Tor. Instead of tags, names or phone numbers, Session uses long strings to identify users. The identity can be scraped off entirely from the phone and the network in the settings menu. It's available on Windows, Linux, macOS, Android and IOS.
  • Tox: It used to be a good protocol for encrypted communication, but it seemed to be abandonware by now.
  • Telegram: It claims government data requests must reach a very high threshold before it complies, and reportedly, it has complied with some, but not all requests from German authorities. Telegram has also made a compromise with Russian authorities to be officially unblocked there, involving measures to combat certain content but with insistence from Telegram's founder that there are no changes regarding safety and privacy.[10]
Search engine

Do not trust any centralized search engine. The obvious ones are Google, Bing, Yahoo, Yandex, but also Duckduckgo and Startpage.

Duckduckgo: It's run by a man who used to offer personal data as a service (NamesDatabase), which doesn't say much about Duckduckgo, but is shady. DDG is hosted on Amazon Web Services, which have a 600 Million dollar contract with the CIA [11]. They used to set cookies, but claimed they didn't. On the hidden service it loads the icons from the clearnet domain. They know you are scrolling down when you do, as they use lazy loading.

It's questionable whether Startpage and Qwant are just as shady as Duckduckgo, but you never rely on a single centralized service in the first place. Use an instance of searx-ng, 4get or araa. They are Open-source, decentralized and work over Tor.

Email

Riseup and Protonmail are known to give out user data to law enforcement agencies. Avoid using E-Mail as much as possible. If you need it, use disroot.org or danwin1210.de, as they haven't proven to be honeypots. Always use OpenPGP/GPG for encrypting your E-Mails.

Phones

Phones continuously send out signals to cell towers to identify their location, thus giving away your location if you have it at you. If this is a concern, take out its battery or put it in a Faraday cage. Furthermore, the microphone and camera can be remotely activated without you knowing it, so consider getting a cover slider for cameras and a microphone blocker for microphones — this applies to any other electronics with such. Default operating systems like Android or iOS are also best replaced with an alternative OS, although devices with iOS often do not allow their OS to be replaced.

Android

To reduce the amount of data sent to Google (and thus available to authorities/hackers), you should use an operating system that does not have Google Play Services bundled. This means you will be using the phone without any of Google's apps or services. Thus apps that were downloaded from the Google Play Store may not work since they may rely on Google Play Services. Only install apps from trusted sources (such as a developer's GitHub repository or F-droid).

Depending on the model of your mobile phone, you may be able to install a mobile Linux distribution on it. Do note that mobile Linux is still very much experimental, and your device may lose functionality by installing mobile Linux. OSes in this category to consider:

  • LineageOS - Independent and popular open source OS based on AOSP (Android Open Source Project). Does not have any Google Play Services by default. There are versions for many devices (some of which may be out of date or unofficial ports). List of devices supported by the latest version is available here. Second hand phones such as Samsung Galaxy S5 have a straight forward installation process.
  • GrapheneOS - Independent open source project based on AOSP (Android Open Source Project) with significant amounts of hardening and privacy improvements. Does not have any Google Play Services, but plans to make builds of MicroG available in the future. This OS only supports the latest Google Pixel devices for ease of development and full hardware-backed security. WebUSB installer available, making it easy to install the OS on all supported devices (even from other phones).

Extra security

If it is necessary, you can do all your browsing within a virtual machine, using the aforementioned tools and practices, and reset it every single time. This is similar to using a new computer every time you use the Internet, destroying the previous ones, so most unique identifiers tagged on that machine are useless — unless of course it relates to IP addresses or content that could still be used to identify you. A Live USB (or CD, or DVD) can also be used, which saves nothing to the disk when the computer is shut down.

Additional resources

Some websites for determining your browser fingerprint, or basically how much you stand out among other users:

Various privacy tools:

See also

References