Not sure if I should put this here or in Holla Forums: How do I achieve peak tinfol hat?

I've been browsing and torrenting on the web with nothing but a non-modded FireFox, a PIA VPN, and a Windows 7 OS. Every time I log on, I feel like I'm playing a game of NEET's roulette. I'm tired of it.

That being said, I'm ignorant of the upgrades I'll need to get the full level of security I want.

I realize I need to invest in Linux, Tor, and VMWare. But beyond knowing those three buzzwords, I'm lost.

What version of Linux do I use? What browser do I use with Tor? What mods do I use for the browser? What browsing habits should I adopt (see also: avoid using Google because they'll keep an eye on what you're searching for). Is PIA an adequate VPN? What should I use to purge my hard drives before I begin this process?

I also want to expand this level of security to my phone and tablet (a Galaxy S5 and a Galaxy Note 10.7 2014 ED).

Is there a comprehensive guide floating around here that's basically "Mega Security For Dummies" that will walk me through a process of bulking up my cyber armor and tell me what I need to learn to maintain it?

Other urls found in this thread:

Seriously bro, do not go down that road. If you're not enemy-of-the-state tier, there's no reason anyway. For those sorts of actions you might as well get a new (old) laptop, a baseball cap, cut camera wires and whatever.

If you're just a regular Holla Forumsack with torrenting habit you don't need much more than you already have (if at all).

If you're going with linux start with Linux Mint or Ubuntu derivatives (but not Ubuntu itself). There's very little reason to go with anything more advanced if technology is not your job or autistic NEET hobby.

Addons for firefox in general Holla Forums wisdom are as follows:
-ublock origin for adds
-noscript or umatrix for script blocking (I recommend noscript for simplicity)
-random agent spoofer or blender to mask your browser (blender is a no-configuration addon so it's more fit for plebs)
-smart referrer so website can't tell the external source you came from
-self destructing cookies which is self-explanatory

Get there and then you can think about more advanced stuff. Also, there's >>>/poltech/ which is more pleb-tier and fitting for these questions than Holla Forums.

For maximum tinfoil you'll want open hardware. You could have the best, most secure software in the world, but a hardware backdoor would still fuck you over. Best solution for that would be one of those Libreboot Thinkpads. I think it's the X60 that can be made fully open.
After that check the laptop's motherboard against reference pics. You never know if some agency has added a little surprise soldered to the board. Hard drives can have compromised firmware too, so you'll need to find a drive that you can guarantee hasn't been flashed or fucked with.
For your OS OpenBSD would probably be the best, but I haven't used it so I can't help much there. It's made on laptops, so it has decent support. It's got BSD jails, which let you isolate programs. OpenBSD in particular has a hardon for security compared to other BSDs.
This is probably overkill for your needs, but it's the sort of thing you'd do if you wanted a 100% secure system. Any Linux distro, a BIOS password and a little tech literacy should stop everything that isn't an angry NSA team or some advanced alien race.
Also remember that sometimes the easiest solution is the best. If you don't want the world to know something don't write it down.

I used to go maximum tinfoil, quit my job, cut all ties with friends and family, and went inna woods.

Don't do it, it's shit. Took me two years to admit it.

The government can get whatever it wants out of you if it really wanted to anyway

Start here:
VMWare sell proprietary virtualization software that subjugates user freedom.
Phones are insecure but here is a place to start

I experienced hyper-vigilance for the first time last week. It wasn't pleasant. Couldn't sleep right, every noise and passerby was putting me on edge, and I was hearing distant sounds I didn't normally hear or pay attention before.

I was gaslit. Big time. Not sure if it was CTR or someone else, but I was spooked. And I still haven't quite gotten over it. From my perspective, I'm already in too deep. I appreciate your concern though.

My goal is to make it a hobby. For better or worse.

I will start with what you guys have posted. Thank you.

Debian stable or Fedora.

Tor Browser Bundle.

Don't add anything to Tor Browser Bundle until you know what you're doing.

Don't log into anything tied to your real identity through Tor or your VPN. Put the security slider on TBB up to high.

Yes. But keep in mind that it's hard to avoid "using Google" because their analytics and advertising js are all over the web. That's why you use TBB and put the security slider up to high.

It's ok.

# dd if=/dev/urandom of=/dev/sda bs=4M

You can send a USR1 signal to the dd process to check on its progress.

consider using this guide.

You basically have to reinstall a custom rom, and stop using Gapp related software for this to work.

You also have to mod the hardware according to that writeup.


like so

Do not fucking use mint or unbuntu these distribution a full of non-free/libre software if you want to shoot yourself in the foot there is no better way.

If you want to go with simple use Gnu Trisquel
Trisquel has a very strict policy to not include any non-free/libre software.

Basically it's ubuntu but without all the blobs and non free/libre software.

good but go in the options and explore them

noscript isn't has simple has umatrix but noscript blocks more things per default.
Explore them both.

Explore both options

random agent spoofer already handles that in many ways

a must

For smartphones the best way is to not use them.
But if you still want to use them then install replicant on a compatible phone.

There's a reason everybody here has a boner for RISC-V vaporware -- modern hardware is all compromised. It doesn't fucking matter what Linux distro you have installed when your Intel CPU has dedicated hardware backdoors and radios.

Thank you everyone for all the research material. This is gonna take me a while, but I'll push forward.

(((They))) can use my CPU to remotely backdoor into my machine!?

What the fuck!?

I wasn't joking when I used the word "radios" because that's literally what's in there.

I have an i7. Is there an instructional video on toasting that shit?

No. The only way is to disconnect it from the rest of the computer.

You can still buy AMD FX-8350, FX-8320, FX-6300 CPUs which supposedly aren't hardware-backdoored.

Solid advice. Make sure your browser setting don't reveal your identity.

Linux Mint is a security disaster. At least use a distro that takes security seriously, like Debian.

Don't use VMWare, it's proprietary garbage. If you need to run virtual machines use QEMU/KVM, with either gnome boxes or virt-manager for a GUI.

One can also buy/build a phone jammer to block the radios, right?

Sure, if your idea of security is placing an illegal radio beacon on your computer.

HAMcucks will also track you down and report you to the police. The entire amateur radio community is full of faggots that do it for free as a hobby. Faraday cage is a better idea, but not foolproof because they can just use your normal internet connection whenever they want anyways.

So, like I said,

I have an x201 with an i5.
When I first got it had some kind of anti theft settings in the bios. After a couple of warning I disabled it, the cpu heat up and I am sure I smelled burnt silicon. Are you sure that there is no way to permanently fry the radio through bios?

I'm trying to do research on this right now.

Fuck infuriating. There's so damn many!


Well the thing with distros is that you must try them yourself to see what's up. The good news is that with many of them is just as simple as loading them into an USB and you can get a taste of what are they like (if the distro includes a Live CD version, of course).

Debian is another all libre choice.

Don't use any electronic device at all.

But seriously, before you start researching solutions, understand first the problem. Solutions will come. What are you worried about?

Use encryption, do not let your "data" computer connect to the internet, use a separate machine for browsing to avoid malware stealing your shit.

Block trackers, user Tor and/or VPN.

Don't use cell phone (good luck, lel).

Don't use social networking, don't sign up for shit with personal account.

Use GPG and don't communicate with anyone who doesn't (hah), run your own server.

You also need to have a think about how much security is worth to you. All security introduces inconvenience. How much are you willing to put up with? has a short description of all major distros.
Their distro ranking is from who visits the page, they didn't go door to door asking people which distro they use. So it's biased towards distros with more users who check distrowatch.

I know that feel, bro.

Technological solutions aside, if you want your peace of mind back, don't compromise your security for the sake of convenience.

Embrace your paranoia proactively: Adhere to best security practices like it's your religion and forgo questionable conveniences. No convenience is worth your peace of mind, and fuck what anybody says, there's nothing wrong with being paranoid. The paranoid ones have repeatedly been the ones laughing when the shit hit the fan. "We told you so."

Reminder that the Russian government doesn't seem to think it's so unreasonable to use typewriters to maintain their privacy.

I'm using Atari ST 68040 machine with encrypted disk and large secondary key stored on paper tape. IF someone fuck with me, I burn the tape and I can't get it, nor anyone else.