Privacy/Security services and software
- Vous devez vous identifier ou créer un compte pour écrire des commentaires
Hey there.
As I have said before, I use Tor in most (all) my internet connections, to protect my privacy and stay anonymous online.
However, I have been getting some slow circuits and when I have the need to download large files, the download takes forever. These days any GNU/Linux distro takes a couple GBs, so it gets difficult to manage...
Are there other services/software that one could use to stay private? I am not confident on finding anything nearly as good as Tor, but I would be happy with something that is fast and works OK in terms of speed...
I have been wanting to give BitMask another try but was curious about other porrible solutions.
Are there any DNS tricks one could use?
Thanks!
> However, I have been getting some slow circuits and when I have the need to
> download large files, the download takes forever.
I would not download large files through Tor. Not only will it be very slow, it it will waste donated bandwidth slowing down the Tor network for others. The same goes for streaming videos. When I need to download a large file and don't have a particular need for it to be anonymous, I just use wget. If you need to torrent anonymously you could look into I2P.
Is there a good information source you could point to on how I2P for torrenting works?
I haven't gotten around to figuring I2P out because I haven't needed it, but this might be a good place to start: https://thetinhat.com/tutorials/darknets/i2p.html
Distros were an example. I have a need to download various different files and don't want to be revealed what I download. Not because it's "illegal" but because it's private.
I have tested the BitMask application, with the RiseUp VPN, but it was giving me DNS leaks when I tested in Abrowser. Any ideas how to solve it?
I am a translator!
>but it was giving me DNS leaks when I tested in Abrowser.
Sure about that? How did you test that? One of the main reasons they forked openvpn to build bitmask was indeed to take care of DNS leaks and a few other issues.
>Any ideas how to solve it
Yes. Disable webrtc.
media.peerconnection.enabled = false
media.peerconnection.turn.disable = true
media.peerconnection.use_document_iceservers = false
media.peerconnection.video.enabled = false
media.peerconnection.identity.timeout = 1
Yeah, I noticed that much, webrtc was propably the culprit. But it only happened once and now I am using a couple ufw rules to prevent that kind of thing to happen again. Thanks!
Some cool websites I have used to test for leaks with Tor and other solutions:
www.whoer.net
www.doileak.com
www.check.torproject.org
www.checkmytorrentip.upcoil.com
www.ip6.nl
These are good enough to know if there are some leaks in your system or not... Of course some applications might screw your privacy / anonymity in other ways...
> Just because you can hide your IP address and browser parameters
> doesn't mean you can't be tracked through Tor.
Indeed. Using Tor irresponsibly is worse than not using Tor at all. This is a good list of common pitfalls that really should be displayed when users start Tor Browser for the first time. https://www.whonix.org/wiki/DoNot
I am a translator!
>This behavior leads to weak anonymity because once the website is visited the Tor circuit is "dirty".
Just close the browser and reopen it or click on 'new identity', which is the same
>Do not Disclose Identifying Data Online
A point of huge importance is missing: your writing style. You would be surprised how much it can give away in some cases.
> Just close the browser and reopen it or click on 'new identity',
> which is the same
Alternatively, Ctrl+Shift+L creates a new identity just for the current tab.
> A point of huge importance is missing: your writing style. You
> would be surprised how much it can give away in some cases.
Indeed. Especially if you have JavaScript enabled, as just the timing of your keystrokes is unique enough to identify you.
> A point of huge importance is missing: your writing style. You
> would be surprised how much it can give away in some cases.
>Indeed. Especially if you have JavaScript enabled, as just
>the timing of your keystrokes is unique enough to identify you.
How do you know about these things? How can one learn more?
https://www.secureauth.com/products/secureauth-idp/behavioral-biometrics
The site can be viewed and navigated with JavaScript disabled. If you don't already have JS disabled or NoScript installed in your browser, I insist that you do so before visiting this site. Assuming they eat their own dog food, you can expect that their JavaScript will use their behavioral biometric techniques on you.
I am a translator!
>Especially if you have JavaScript enabled, as just the timing of your keystrokes is unique enough to identify you.
Yes. Not only that. Javascript can and will probably uniquely identify your hardware, which in the case of it being non-common will almost uniquely identify you, yourself.
I am a member!
On Sun, 2018-01-14 at 21:44 +0100, name at domain wrote:
> Distros were an example. I have a need to download various different files
> and don't want to be revealed what I download. Not because it's "illegal" but
> because it's private.
Suuuuure :p
The internet is for porn, Tor is for _______.
Tor is for what?
Medical Records you don't want your insurance company to know about?
A new invention you are working on and don't want a big time company to steal from you?
Protecting your source when you are a journalist brave enough to talk to people in life or death situations?
Just couldn't understand your problem with Tor...
I am a translator!
>Medical Records you don't want your insurance company to know about?
A new invention you are working on and don't want a big time company to steal from you?
Protecting your source when you are a journalist brave enough to talk to people in life or death situations?
Why do you need to get so theoretical and vague? How about:
"I strongly believe in privacy. I believe what I browse, read, watch, listen to is **only my business** and no ISP, no State, no corporation should have the legal right to sniff my crap with their degenerate noses."
I am a member!
Stop getting so many systems all the time.
If you're distro-hopping, stop it.
If you're really serious about switching to a distro, show you're
serious by donating $50 to a distro every time you switch to it.
Red Hat sells regular, no-tech-support versions of its distro for $50
each, and this has benefits: It pays the Red Hat developers who keep
GNOME and other important parts of the GNU+Linux software stack afloat.
Without Red Hat funding, GNOME would be utter garbage today. The file
manager didn't even work. If the GNOME team hadn' convinced Red Hat to
keep funding development when GNOME was in its infancy, it might have
never gotten off the ground. (Although another company ended up making
Nautilus. Red Hat didn't make that.)
I am a member!
And in addendum to that, use the torrent links for ISO images instead of direct downloads where possible. It's a lot less costly!
I am a member!
The GNU Free Software Distribution Guidelines is a modified copy of the
Fedora community guidelines. Red Hat's rules for Fedora are in almost
complete agreement with the FSF's requirements.
Unlike Debian, non-free repos are in no way owned or hosted by the
Fedora Project.
Unlike Debian, licensing was taken more seriously by Red Hat, and only
by their requirements for Fedora did people get the ball rolling on
freeing some code in TeX and X11. (Debian looked the other way until
Red Hat stepped in, because having graphics are kinda important.)
The sole disagreement between the FSF/GNU FSDG and Fedora is:
proprietary firmware for Wi-Fi.
Install icecat and linux-libre's RPM, and you're good to go!
Fedora is a beautiful OS, and it comes with a polish that only a large
community + a big free software company can provide.
I <3 commercial free software! *Runs HPLIP*
Well, I will try to get back to the topic:
it depends on the level of privacy you desire. A VPN (I use NordVPN) is normally enough for me.
Maybe it's an option to use VPN + Tor for smaller files and browsing, while sticking with normal VPN for downloading large files?
Hey quantumgravity,
Thanks for putting the conversation back on track ;)
Well, that ended up being my option using VPN + Tor, using only VPN for some stuff. Some people above mentioned I should "use bittorrent links to download ISO" but they forget that I was looking for a PRIVATE way of downloading it. Using bittorrent without any additional protection is like screaming out the window "I AM DOWNLOADING THIS AND THAT!"
And before you mention legal vs illegal downloads... I have seen people being harassed because of LEGAL donwloads. Makes no sense, but it did happen.
SuperTramp actually helped me getting things running in the VPN department. Thanks man!
I don't feel very OK with paying for a VPN... You not only disclose your IP to them and give them a chance of recording your traffic, you ALSO identify yourself in the payment process. You will never have the chance to say "I was not the one using the VPN on my IP" because they have your credit card (or whatever) information. In that regard I would prefer a free VPN, because at least either you are screwed from the get go (as in they will sell all your info to pay for the service) or they actually have nothing to use against you. These days there are some free VPN that MIGHT (a big MIGHT) be worthy a little trust.
A great solution would be to use 2 VPN in sequence... like configuring a tunnel, connecting to one and using that IP to connect to the other which would then connect to the internet (a little like Tor circuit). But from what I know that is impossible... right? Unless one has a local proxy working in an app or something, which certainly some people will know more about than me.
That's why I have been wondering if it would be a stupid idea to use:
1, A free VPN encrypting all connections;
2. A free proxy in a torrent client (with encryption too);
Something like
My PC -> VPN -> Proxy -> internet
It's very similar to what we do with Tor
My Pc -> GuardRelay -> MiddleRelay -> ExitRelay -> Internet
Now, of course Tor is a unique case, however the idea still holds.
That's high level spionage... I am going more for protect against ISP and copyright trolls and basic script kiddies... You know the most basic stuff. Tor is not effective agaainst a global adversary either. I am talking about basic security.
I am a translator!
>I wouldn't be surprised if some free VPNs are created/funded by those who you are trying to hide from
Honeypot VPNs is nothing new. It has happened, it will happen. Do a brief search on the argument if interested.
But how about commercial VPNs? Do you think that when sgt. Eye comes knocking a business which sole motive is business is going to pull the plug in order to protect your 5 monthly dollars?
I am a translator!
>I don't feel very OK with paying for a VPN
What about TunnelBear VPN? It offers 500MB of free data every month.
I am a translator!
I will assume the question is directed to me, Aristophanes.
Well, their website is full of cute bears. Other than that I wouldn't really know.
Do your own research and never rely on random opinions when investigating an important subject, that's all I can say, I guess.
- Vous devez vous identifier ou créer un compte pour écrire des commentaires