Anonymity

I'm knew to all this shit, what are the best methods on ensuring your anonymity while you browse the internet and where is the best place to start?

Other urls found in this thread:

passwordstore.org/
github.com/Eloston/ungoogled-chromium
chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia
directory.fsf.org/wiki/Main_Page
prism-break.org/en/
twitter.com/NSFWRedditGif

VPN > tor > open internet
or
guyfawks mask > cafe wifi > open internet

Anonymity from what?

from that hacker named 4chan

Jews.

This

Get yourself a paid no logging VPN for basic browsing, and for things that require even more anonymity use tor.

You're not going to remain anonymous if the government wants you.

the fuck else should we shill? i2p? Or are you a

This is the kind of retard shitposting on 8ch these days.

RIP

typical non argument response.

there's no such thing.

shhhh

Just use ZeroNet, dude. It's what all the cool hackers are using to avoid government surveillance and remain anonymous.

But the government generally doesn't want you specifically. All the information it has about most people is obtained through passive mass surveillance, which is much easier to avoid. You won't be targeted specifically unless information gathered about you via mass surveillance raises red flags in some government system. The more you avoid mass surveillance, the less information about you that makes it into those systems, the less likely it is that anything you do will raise red flags, and the less likely it is that you'll be targeted specifically.

ftfy

① Install Chromium.

Firefox has long since been subverted by SJWs, and their brainwashed zombie army monitors this board to shout down even the faintest idea that you have a choice to not obey them. You can tell them apart from sentient posters because they resemble Westboro Baptist Church or Scientology cultists. Or the output of /usr/bin/yes.

② Go to the settings window and set cookies to session-only by default. If you use some sites frequently enough to want permacookies you can whitelist those explicitly later.

③ Turn off all its safebrowsing and preloading bullshit. That's in the advanced section at the bottom - uncheck all checkboxes except "Do Not Track".

④ Turn off password/form autofill. Use an external password manager such as the one from passwordstore.org/

⑤ Change the default search engine to one you trust and delete the rest, turn off search suggestions.

⑥ Install uMatrix and set it to default deny everything but first-party requests. Make sure its hosts lists are up to date. Turn on strict https and referrer spoofing for all sites. Install HTTPS Everywhere too.

Wut.

I have successfully masked my identity behind Google Chrome Incognito Mode. The NSA cannot stop me now!

תקרא את הספר obfuscation techniques ותנצל את זה
תריץ את החרא שלך בVM
הרבה סקריפטים

תתחבר לרשת של אחרים

תזכור שאם אתה היחיד שמתמש בכלי אנונימיות זה מבודד אותך מבחינת מעקב יותר מדליפת מידע על הCP שאתה מוריד

...

Being run by SJWs is not a security issues in and of itself. If you have any evidence of actual security issues that they have introduced instead of just Holla Forums fearmongering please post it. Otherwise the browser that was caught last year downloading proprietary blobs that send your information to Google is objectively the worse choice.

No.

see github.com/Eloston/ungoogled-chromium
Chromium is a bonnet even with your knob turning.

Forgot one:
⑦ Install WebRTC Network Limiter: chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia

Why should people believe you that Firefox has problems then?

...

...

Good example of a `yes` man right here. No substance, responds only to keywords, could be killed and replaced by a bash one-liner and nobody would tell the difference.

All we're missing now is the simpleton screeching "botnet", though maybe they've been purposely deviating from their usual script.

You picked the worst example in the thread when there's like 3 other posts that have yet to be countered.

Yes there is
Or you can also set up a VPS

Acknowledging that other attempts to shut down the topic even exist is exactly what they want.

...

Moving the goalposts isn't a simple challenge, merely a reaction from a challenged simpleton

...

sure and the VPS provider wont log either

Anyone who actually uses TOR. or TAILS, shouldn't be trusted. The downloads are monitored, and It's relatively easy to track people through TOR nodes now. Even i2p is trash.

If you want true anonymity, then you need to create a full, fake identity. One that talks and writes different than you, one that has a different address than you, and you even need to go as far as creating a fake social media account and continuously update it as though your fake identity is a real person.

Even that will not offer TRUE anonymity. The only way to achieve that, is to become completely disconnected from everything electronic. Get into various government servers n' shit and delete yourself from the system. Make it as though you were never born. Never contact your family or friends again. Live on a deserted island.

THIS IS VERY WRONG
VPN to TOR connection is a horrible idea. It leaves logs of the connection from your machine to the VPN and doesn't provide you any security from a malicious exit node which they all are. What you should do instead is use tor, buy a VPN using bitcoins and only connect to that VPN through tor. It protects all traffic until the vpn and the VPN provider is unable to log your IP address.

Remember, that there's safety in simplicity. The more shit you run, the more likely you are to lose oversight and somehow compromise yourself.

not an argument

I knew chans are filled with underage and/or uneducated idiots, but holy shit this thread is pathetic.

Seconded

This is the kind of retard metaposting on 8ch these days.

RIP

...

What does it matter if they're plain text passwords or not? Unless the post number or some other information that changes is included in the hash, he'd still be able to correlate hashed passwords.

when (not if) the site's data gets stolen via a hole in this laughably broken code anyone else will be able to do the same

But unless your post number or some other information are included in the hash, there would be no difference. They could still correlate all the posts that have the same hashed password.

it's developed by fucking google how many of you retards are redditors looking to pretend they're smart?

...

Depends on who you want to be anonymous to. The following is a good defense against the likes of Google; if you're really up against a government (i.e. you're not just avoiding mass surveillance), this isn't nearly enough, though it will help.
Block all cookies and install uMatrix, configure it to deny everything by default. From there, build whitelists and try to keep them as small as possible. It is absolutely crucial that you block first-party Javascript because most deanonymization techniques use it. Obviously, you should disable plugins like Flash too, if you still have them installed for some reason. You can also use NoScript together with uMatrix and set the former to allow all scripts; JS will still be blocked by uMatrix but you get the other goodies from NoScript. Most of NoScript's non-JS stuff can be done by manual configuration as well, but if you don't mind yet another big extension, it's easier this way.
RefControl is another neat tool if you set it to block 3rd party refs by default. This way, a site can't see from where you are coming if you click a link.
You may want to go for a VPN or Tor after that but keep in mind that a Tor exit node is essentially a man in the middle: If your connection is not secured, it can read everything and, more importantly, inject whatever its operator likes. There have been cases where exit nodes automatically injected malware into Windongs executables, so be careful. A VPN probably won't have this problem since they'd go out of business very soon, but technically the same is possible.
Finally, consider reducing your browser's fingerprint a little. uMatrix has a user agent string spoofer, but personally, I prefer no string at all. When I make a request, I send almost no headers. This might be overkill as I haven't heard of any big site actually using these techniques yet, but it's really easy to do.

One last word about whitelists: The first few hours will be painful, especially for cross-site requests, because many sites use CDNs nowadays. This is something you can't really get around, but after that things are fine.

nice try, cops

Don't use tor or a mask.

76/sp/ get motherfuckers

No source, KYS fagggot

Just use uzbl or surf. If you need you could implement some umatrix-like thing.
They are bloatless, too, to boot. Reviewing the source code is doable for those.
Those shills for the false dichotomy of ff vs. chrome are run by the nose.
Tor and other "privacy-focused" browsers or networks are either NSA or metadata-leaking, or forked from NSA and metadata-leaking software itself.
Also, those tend to differentiate you more, as exit nodes are controlled.

And?
Do you not cast a reflection in a mirror?

For the program itself maybe, but not the megabytes of webkit dependencies they pull in. This is a cheap sleight of hand.

Actually, you should do both.

Pay for two VPNs.

First, connect to the first VPN. Then from there, get on Tor. Then log onto your second VPN. Then more Tor.

Finally, use a proxy from proxysource.org. My dad owns it, so I can promise it's legit.

directory.fsf.org/wiki/Main_Page
prism-break.org/en/