Holla Forums Safety and Online Privacy Tips

To clarify, Tails is a secure and light OS meant for browsing online. All memory is wiped securely after shutdown and (if you follow directions) your browsing is handled securely and privately as well.

will research, I havent heard of Tails. You say its an entire OS?

good point, will include

hmm. Im reading about tails now, and I did consider adding stuff about OS security, but im not sure people would change their OS just to browse.

But considering its a light OS just meant for browsing, and with your suggestion that it you simply virtualize it, Ill read up on tails and likely include it

Tails is a live system that is super secure and routes everything through TOR.

ahh. very good to know.
Does it use tor browser? or the tor client with a normal web browser?

Are you actually in the FBI? And thanks for the tips.

It uses Tor browser.

Obviously not you dumb fuck

When you're done and make a new thread, consider it stickied

hehehe see here:

ill make the changes now and post the updated version for any further critiques before i make the new thread.

Ghostery tracks you, use Disconnect

I used ghostery as a user-friendly example but does offer opt-out in tracking. Is disconnect user friendly? I have no experience with it, but will change if you claim its user friendly

sounds like what FBI would say

Greetings, Holla Forums. It was recently requested that someone make a thread to be stickied on the subject of best practices in relation to cointelpro on leftypol

Disclaimer
security is not immunity. Security must be done in layers and will never be 100% effective, so one needs to do a risk-assessment when taking any actions they may consider grey-area and be certain they're willing to accept those risks.

Abstract
As you may have heard, the FBI has been given the greenlight for the largescale investigation terrorist activites over the internet. Operation Net Talon devotes large number of man-hours to the discovery of potential terrorists via the online chatting of otherwise unsuspected individuals. Plese see here for for information:
>theintercept.com/2017/01/31/undercover-fbi-agents-swarm-the-internet-seeking-contact-with-terrorists/
As you may have guessed, Holla Forums is a prime suspect for this operation due to both its radical-leftist user base and 8ch's unsavory perception (proof: google search engine censorship).
8ch will not sell user data to FBI. Proof of this is implied by the fact that 8ch freely allows Tor access and usage. Any sort of agreement to sell user information to FBI would require the website to exclude Tor users from interacting, as those IP's do the FBI no good.
While many of you are not terrorists, this will not stop them from attempting to fish 8ch for user information to add to their databases. If you do not mind being singled out for further investigation, then stop reading now.
Otherwise, this is for you.

Part 1: Best Practices
Simply being aware of a few simple facts may prove very prudent.
-> Avoid any sharing of any information which may be used to identify you. This sounds obvious, but threads have been created lately (pictured) which "Call for action" and ask users to visit serivces such as Google Docs, where the user is asked to provide a burner email address and location, in order to "meet up in real life". The burner email address is intentional misdirection. Using the patriot act and the simple presumption that you may be a terrorist they can force the email provider to surrender IP information. By comparing this with the locale which the user provides, they are able to determine the user's 'seriousness' and thus arange a meetup in real life with a federal agent.

-> Avoid participating affirmatively in threads which call on users to "fuck shit up" (Pictured) or otherwise cause damage or harm. DO NOT SAY YOU WILL PARTICIPATE IN VIOLENCE ON THE INTERNET. We will fuck your shit up. Do you really want to be the person shown on TV breaking a bank's window, thinking you are causing change? In reality, this window is paid for by the bank's insurance and it is an excuse for us to tighten or grip. What we are really afraid of is online activism. Memes won an election. Users who use the internet and the combined powers of memes and the dialectic are what really worry us. Porky wants you to commit senseless acts of vandalism and insurrection so they can lock you up and build their support. What they dont want is for you to be spreading a message of fundamental change using logic and reasoning to the entire world via the internet. This would disrupt their power base far more than bricks and molotovs.

-> Try not to visit external links to unrecognized hosts. While this is less damning than some of our other traps, it is an easy way to fish for IP's. For example archive.org is a well known website which keeps snapshots of other websites. One would consider this link trustworthy. But one may, for example, cite a news article at archive.xyz. Users who visit this webpage would now have their IP address logged with knowledge that they came from Holla Forums. Any reputable news source should be available either via the originating source of the document, or another reputable archiving service.

Part II: Browser Tips
-> Ditch Chrome and Internet Explorer. The five eyes love the metadata which Google Chrome logs on its users. I prefer to use Firefox with add-on script blockers such as ghostery (simple to use, but be sure to op-out of tracking), Disconnect, or uMatrix (powerful and fine-tunable, but can be complex to use properly at times).

->Ensure that your browser is configured equivalent to the following: Only accept 1st party cookies, Never ask nor save form data, Never remember browsing and download history, and clear entire history upon browser closing. Porky hates it when its unable to track you and your browsing history using locally cached data.

-> Ensure that your browser: Warns before installing add-ons, block dangerous/deceptive downloads, and USE A MASTER PASSWORD.

-> Advanced Firefox settings may be accessed by entering "about:config" in your URL bar. ensure the following settings: "media.autoplay.enabled - false", "plugin.state.flash - 1" (default is 2. 1 means "ask before executing flash"), "browser.cache.disk.enable - false", "browser.cache.offline.enable - false", "browser.formfill.enable - false"

Part III: Traffic Anonymization
Not everyone knows that tor is a routing protocoll. It is only the Tor Browser to idiots who want to use a shitty browser. Porky hates it when people install Tor Standalone (linux) or Tor Expert Bundle (windows) and configure a Socks v4 Proxy on their local machine to tunnel ALL network traffic thru tor, without using the shitty tor browser.
->visit torproject.org/download/download.html (get standalone for linux, or expert bundle for windows). After installation, enter a terminal shell and run the command "tor". This will begin a Socks v4 Tor proxy which can be reached at 127.0.0.1 on port 9050. To use on firefox go to Preferences > Advanced > Network > Connection Settings > Manual proxy configuration > Socks Host = 127.0.0.1, Port=9050, SOCKS v4.

Part IV: Downloading Files
In theory, one could insert malware into any file. In theory.
In practice, MOST files/media which you find on 8ch are in formats which are so common that malware is virtually non-existant. Any sort of image, mp4, webm, etc… you can generally consider to be safe.
PDF's are a matter for debate.
While it is not unheard of having malware hidden within a PDF, one must keep in mind that the malwares ability to succesfully execute is largely based upon the program which interprates it. Adobe is the most popular PDF reader, and thus may be the most prone to attempts at malware. The only suggestion I have, is if you are skeptical about a file, simply search for its name on Google and find where it came from. A PDF hosted by Google Scholar is less likely to contain malware compared to a pdf hosted by RomanianPenisGrowthMiraclesOnly599.ru

Part V: Operating System Security
In order to avoid the inevitable discussion of "Which Linux disto" or "Apple" , or "windows" I will keep this section very straightforwrd.
-> If you wish to leave nothing to chance, and wish to forego the hassle of installing and learning a new operating system, the best option for the proletariat is to install a Virtual Machine hypervisor such as VirtualBox and operate a privacy-oriented, live-boot Linux distribution. Ideally, browsing using this set-up will leave no persistant information on your machine after you exit the virtual. Tails is one such oprating system and may be download as a torrent here:
>tails.boum.org/torrents/files/tails-i386-2.10.torrent
And tails main webpage may be found here:
>tails.boum.org/

Theyre clean. good idea tho, i checked the metadata to make sure.

just to be picky, I would remove the link to the current tails torrent and force the user to visit the page to get the latest, so that in a year's time we don't have people using an outdated, potentially insecure, Tails.

I meant these as additional rules for everyone here, not specifically to your uploads haha. No worries though

Disconnect works out of the box

I think trying too hard to protect yourself just draws more attention to you. I just use IP blocking for security, which likely doesn't do much but it's amusing seeing what countries and government agencies regularly try to connect to my computer.

It doesnt track you unless you allow it to in the settings.

ok, i think its ready. any final changes?

Greetings, Holla Forums. It was recently requested that someone make a thread to be stickied on the subject of best practices in relation to cointelpro on leftypol

Disclaimer
security is not immunity. Security must be done in layers and will never be 100% effective, so one needs to do a risk-assessment when taking any actions they may consider grey-area and be certain they're willing to accept those risks.

Abstract
As you may have heard, the FBI has been given the greenlight for the largescale investigation terrorist activites over the internet. Operation Net Talon devotes large number of man-hours to the discovery of potential terrorists via the online chatting of otherwise unsuspected individuals. Plese see here for for information:
>theintercept.com/2017/01/31/undercover-fbi-agents-swarm-the-internet-seeking-contact-with-terrorists/
As you may have guessed, Holla Forums is a prime suspect for this operation due to both its radical-leftist user base and 8ch's unsavory perception (proof: google search engine censorship).
8ch will not sell user data to FBI. Proof of this is implied by the fact that 8ch freely allows Tor access and usage. Any sort of agreement to sell user information to FBI would require the website to exclude Tor users from interacting, as those IP's do the FBI no good.
While many of you are not terrorists, this will not stop them from attempting to fish 8ch for user information to add to their databases. If you do not mind being singled out for further investigation, then stop reading now.
Otherwise, this is for you.

Part 1: Best Practices
Simply being aware of a few simple facts may prove very prudent.
-> Avoid any sharing of any information which may be used to identify you. This sounds obvious, but threads have been created lately (pictured) which "Call for action" and ask users to visit serivces such as Google Docs, where the user is asked to provide a burner email address and location, in order to "meet up in real life". The burner email address is intentional misdirection. Using the patriot act and the simple presumption that you may be a terrorist they can force the email provider to surrender IP information. By comparing this with the locale which the user provides, they are able to determine the user's 'seriousness' and thus arange a meetup in real life with a federal agent.

-> Avoid participating affirmatively in threads which call on users to "fuck shit up" (Pictured) or otherwise cause damage or harm. DO NOT SAY YOU WILL PARTICIPATE IN VIOLENCE ON THE INTERNET. We will fuck your shit up. Do you really want to be the person shown on TV breaking a bank's window, thinking you are causing change? In reality, this window is paid for by the bank's insurance and it is an excuse for Porky to tighten its grip. What porky is really afraid of is online activism. Memes won an election. Users who use the internet and the combined powers of memes and the dialectic are what really worries Porky. Porky wants you to commit senseless acts of vandalism and insurrection so they can lock you up and build their support base. What they dont want is for you to be spreading a message of fundamental change spreading a message of logic and sound reasoning to the entire world via the internet. This would disrupt their power base far more than bricks and molotovs.

-> Try not to visit external links to unrecognized hosts. While this is less damning than some of their other traps, it is an easy way to fish for IP's. For example archive.org is a well known website which keeps snapshots of other websites. One would consider this link trustworthy. But one may, for example, cite a news article at archive.xyz. Users who visit this webpage would now have their IP address logged with knowledge that they came from Holla Forums. Any reputable news source or article should be available either via the originating source of the document, available via search engine, or found on a reputable archiving service.

->Original images, specifically those which are digital photographs should be stripped of metadata before posting. Do a google search on this subject. The ammount of metadata which can be found in a digital photgraph is astounding, such as GPS coordinates of the image. More information may be found here:
>hackneys.com/travel/docs/metadataoverview.pdf

Part II: Browser Tips
-> Ditch Chrome and Internet Explorer. The five eyes love the metadata which Google Chrome logs on its users. I prefer to use Firefox with add-on script blockers such as ghostery (simple to use, but be sure to op-out of tracking), Disconnect, or uMatrix (powerful and fine-tunable, but can be complex to use properly at times).

->Ensure that your browser is configured equivalent to the following: Only accept 1st party cookies, Never ask nor save form data, Never remember browsing and download history, and clear entire history upon browser closing. Porky hates it when its unable to track you and your browsing history using locally cached data.

-> Ensure that your browser: Warns before installing add-ons, block dangerous/deceptive downloads, and USE A MASTER PASSWORD.

-> Advanced Firefox settings may be accessed by entering "about:config" in your URL bar. ensure the following settings: "media.autoplay.enabled - false", "plugin.state.flash - 1" (default is 2. 1 means "ask before executing flash"), "browser.cache.disk.enable - false", "browser.cache.offline.enable - false", "browser.formfill.enable - false"

Part III: Traffic Anonymization
Not everyone knows that tor is a routing protocoll. It is only the Tor Browser to idiots who want to use a shitty browser. Porky hates it when people install Tor Standalone (linux) or Tor Expert Bundle (windows) and configure a Socks v4 Proxy on their local machine to tunnel ALL network traffic thru tor, without using the shitty tor browser.
->visit torproject.org/download/download.html (get standalone for linux, or expert bundle for windows). After installation, enter a terminal shell and run the command "tor". This will begin a Socks v4 Tor proxy which can be reached at 127.0.0.1 on port 9050. To use on firefox go to Preferences > Advanced > Network > Connection Settings > Manual proxy configuration > Socks Host = 127.0.0.1, Port=9050, SOCKS v4.

Part IV: Downloading Files
In theory, one could insert malware into any file. In theory.
In practice, MOST files/media which you find on 8ch are in formats which are so common that malware is virtually non-existant. Any sort of image, mp4, webm, etc… you can generally consider to be safe.
PDF's are a matter for debate.
While it is not unheard of having malware hidden within a PDF, one must keep in mind that the malwares ability to succesfully execute is largely based upon the program which interprates it. Adobe is the most popular PDF reader, and thus may be the most prone to attempts at malware. The only suggestion I have, is if you are skeptical about a file, simply search for its name on Google and find where it came from. A PDF hosted by Google Scholar is less likely to contain malware compared to a pdf hosted by RomanianPenisGrowthMiraclesOnly599.ru

Part V: Operating System Security
In order to avoid the inevitable discussion of "Which Linux disto" or "Apple" , or "windows" I will keep this section very straightforwrd.
-> If you wish to leave nothing to chance, and wish to forego the hassle of installing and learning a new operating system, the best option for the proletariat is to install a Virtual Machine hypervisor such as VirtualBox and operate a privacy-oriented, live-boot Linux distribution. Ideally, browsing using this set-up will leave no persistant information on your machine after you exit the virtual. Tails is one such oprating system and may be downloaded with installation instructions here:
tails.boum.org/install/index.en.html

Also, i was planning on posting the webm at the top of the sticky thread alongside the two 8ch FBI thread images for comedic value. any objections to this?

Go for it! My only concern was with the body of the text just to ensure that there's no confusion as to what's satire and what's a real tip and such! :)

Ok sweet. Ill go ahead and make the thread then

thread created

stickied

Thank you. If I cant be a board volunteer,

ill help out leftypol other ways.

Pretty sure only the BO can promote someone to volunteer, but regardless, thanks for your contribution.

Thread is here:

ya its no big deal. Ill admit im a little paranoid. I like to help out the fellow prole with a healthy, sensible dose of my paranoia whenever I can

besides, theres more than one way to volunteer.

Reminder that Tor should still be considered compromised…

If you do decide to use Tor, keep this in mind:
Use no plugins like flash, java, silverlight etc, they run applications which should be considered black boxes with security vulns.
Disable js as far as possible. Especially DO NOT allow js canvas applications on anything you do not want to be tracked by - they can be used to fingerprint your identity through subtleties in text-rendering.

I recommend running uMatrix, even outside of Tor, to have granular control of what your browser will and will not allow. NoScript ontop of that adds some security features.
It's also worth having a user-agent randomiser active to further reduce fingerprinting.

If you want your entire system to be even more secure (while maintaining somewhat better day-to-day usability), look into QubesOS. It allows you to easily run VMs to separate applications into sandboxes with controlled access - e.g. - separating disk access, usb, networking and so on. Think of it as really advanced permissions control and a failsafe vs malware (if one vm gets infected it wont spread to the whole system and you can easily nuke and rebuild the vm, malware/explots which can bypass vms have been extremely rare).

And last of all something to note:
As soon as you become a specific target worth dedicating resources to - there's probably nothing you can do. The worldwide intelligence community has technology which is more advanced than the rest of us have access to.

Removed the sticky. I think some of the mindset in OP would basically paralyze the left, and some of the advice is actually not very safe. However, I'm not saying the thread is bad.

Any suggested changes? or just dont want it?

FBI is going to be hitting boards like this hard after the berkely riots

uMatrix has a user agent switcher built in. Problem is if you set it too frequent you can trigger security on some sites and get locked out I think.