Chrome hardening
Hello
Is there an equivalent to Edge Security Baselines for Chrome? I want to harden it and make it more secure but I don't know how.
Edge is good, but right click context menu is driving me nuts. It literally covers half the page with useless stuff and there is no ability to customize it.
Also, please don't recommend Firefox because my required apps don't support it.
https://redd.it/sruxnp
@PrivacyGuides
Hello
Is there an equivalent to Edge Security Baselines for Chrome? I want to harden it and make it more secure but I don't know how.
Edge is good, but right click context menu is driving me nuts. It literally covers half the page with useless stuff and there is no ability to customize it.
Also, please don't recommend Firefox because my required apps don't support it.
https://redd.it/sruxnp
@PrivacyGuides
reddit
Chrome hardening
Hello Is there an equivalent to Edge Security Baselines for Chrome? I want to harden it and make it more secure but I don't know how. Edge is...
Bitfinex hack
Any ideea how to bitfinex hackers got caught from a privacy point of view?
reading the original document of the justice department it seems that one of the mistakes was the file uploaded to the cloud (probably gmail). however, the document says that some files were encrypted, including the one containing the public keys. The document mentions that they(justice) managed to decrypt it (does not specify how). quote:
“Lichtenstein Email 2 was held at a U.S.-based provider that offered email as well as cloud storage services, among other products. In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. Upon reviewing the contents of the account, agents confirmed that the account was used by LICHTENSTEIN. However, a significant portion of the files were encrypted. On or about January 31, 2022, law enforcement was able to decrypt several key files contained within the account.”
My question is how do you think they decrypt? i am thinking at few options:
1. They never, but lie and simply received the password from hackers to cooperate.
2. Brute force.
3. Another way which me(us) we are not aware.
Official document for reading:
official doc justice released
https://redd.it/srymbt
@PrivacyGuides
Any ideea how to bitfinex hackers got caught from a privacy point of view?
reading the original document of the justice department it seems that one of the mistakes was the file uploaded to the cloud (probably gmail). however, the document says that some files were encrypted, including the one containing the public keys. The document mentions that they(justice) managed to decrypt it (does not specify how). quote:
“Lichtenstein Email 2 was held at a U.S.-based provider that offered email as well as cloud storage services, among other products. In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. Upon reviewing the contents of the account, agents confirmed that the account was used by LICHTENSTEIN. However, a significant portion of the files were encrypted. On or about January 31, 2022, law enforcement was able to decrypt several key files contained within the account.”
My question is how do you think they decrypt? i am thinking at few options:
1. They never, but lie and simply received the password from hackers to cooperate.
2. Brute force.
3. Another way which me(us) we are not aware.
Official document for reading:
official doc justice released
https://redd.it/srymbt
@PrivacyGuides
Bitfinex hack
Any ideea how to bitfinex hackers got caught from a privacy point of view?
reading the original document of the justice department it seems that one of the mistakes was the file uploaded to the cloud (probably gmail). however, the document says that some files were encrypted, including the one containing the public keys. The document mentions that they(justice) managed to decrypt it (does not specify how). quote:
“Lichtenstein Email 2 was held at a U.S.-based provider that offered email as well as cloud storage services, among other products. In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. Upon reviewing the contents of the account, agents confirmed that the account was used by LICHTENSTEIN. However, a significant portion of the files were encrypted. On or about January 31, 2022, law enforcement was able to decrypt several key files contained within the account.”
My question is how do you think they decrypt? i am thinking at few options:
1. They never, but lie and simply received the password from hackers to cooperate.
2. Brute force.
3. Another way which me(us) we are not aware.
Official document for reading:
official doc justice released
https://redd.it/srymbt
@PrivacyGuides
Any ideea how to bitfinex hackers got caught from a privacy point of view?
reading the original document of the justice department it seems that one of the mistakes was the file uploaded to the cloud (probably gmail). however, the document says that some files were encrypted, including the one containing the public keys. The document mentions that they(justice) managed to decrypt it (does not specify how). quote:
“Lichtenstein Email 2 was held at a U.S.-based provider that offered email as well as cloud storage services, among other products. In 2021, agents obtained a copy of the contents of the cloud storage account pursuant to a search warrant. Upon reviewing the contents of the account, agents confirmed that the account was used by LICHTENSTEIN. However, a significant portion of the files were encrypted. On or about January 31, 2022, law enforcement was able to decrypt several key files contained within the account.”
My question is how do you think they decrypt? i am thinking at few options:
1. They never, but lie and simply received the password from hackers to cooperate.
2. Brute force.
3. Another way which me(us) we are not aware.
Official document for reading:
official doc justice released
https://redd.it/srymbt
@PrivacyGuides
Is it harder for a 13 year old or someone younger then 16 years old to use most of the services recommended by PrivacyGuides
I have noticed that some of the services recommended by PrivacyGuides require you to be at least 16 years old and some require you to be at least 18 years old like CTemplar
I noticed the 16 years old requirement with Tutanota and Disroot
Examples
✅ ProtonMail - Requires the user to be at least 13 years old
❌ Tutanota - Requires the user to be at least 16 years old
❌ Disroot - Requires the user to be at least 16 years old to use Email or any of their services that require login
❌ CTemplar - Requires the user to be at least 18 years old
https://redd.it/ss132d
@PrivacyGuides
I have noticed that some of the services recommended by PrivacyGuides require you to be at least 16 years old and some require you to be at least 18 years old like CTemplar
I noticed the 16 years old requirement with Tutanota and Disroot
Examples
✅ ProtonMail - Requires the user to be at least 13 years old
❌ Tutanota - Requires the user to be at least 16 years old
❌ Disroot - Requires the user to be at least 16 years old to use Email or any of their services that require login
❌ CTemplar - Requires the user to be at least 18 years old
https://redd.it/ss132d
@PrivacyGuides
reddit
Is it harder for a 13 year old or someone younger then 16 years...
I have noticed that some of the services recommended by PrivacyGuides require you to be at least 16 years old and some require you to be at least...
How Do you Deal with a Compromised Email Alias?
Say I create an alias through one of the many relay services for company X. A while later I then begin receiving spam at that unique address. Company X is one I want to continue to use the services of, but they seem to have compromised or sold my address.
At this point how do you personally handle the situation?
1) kill the alias, generate a new one and replace it w/ Co. X.
2) kill the alias, close the account at Co. X.
3) other (what?)
https://redd.it/ss28ty
@PrivacyGuides
Say I create an alias through one of the many relay services for company X. A while later I then begin receiving spam at that unique address. Company X is one I want to continue to use the services of, but they seem to have compromised or sold my address.
At this point how do you personally handle the situation?
1) kill the alias, generate a new one and replace it w/ Co. X.
2) kill the alias, close the account at Co. X.
3) other (what?)
https://redd.it/ss28ty
@PrivacyGuides
reddit
How Do you Deal with a Compromised Email Alias?
Say I create an alias through one of the many relay services for company X. A while later I then begin receiving spam at that unique address....
Trying to stay signed out of the Google search results
I have a question and was hoping someone could give me some advice here. I run Firefox (somewhat hardened) with DDG as my primary search engline. Additionally, I have a Violentmonkey userscript that allows me to search Google if needed (It's a "Try Google" buttton at the end of DDG settings). I really don't like to use Google search unless it's absolutely necessary, but being that I'm always signed into YouTube I'm automattically signed into the Google search results as well. So, my question. Is there anyway to stay signed into Youtube and somehow stay signed out of the Google search results?
https://redd.it/ss2z36
@PrivacyGuides
I have a question and was hoping someone could give me some advice here. I run Firefox (somewhat hardened) with DDG as my primary search engline. Additionally, I have a Violentmonkey userscript that allows me to search Google if needed (It's a "Try Google" buttton at the end of DDG settings). I really don't like to use Google search unless it's absolutely necessary, but being that I'm always signed into YouTube I'm automattically signed into the Google search results as well. So, my question. Is there anyway to stay signed into Youtube and somehow stay signed out of the Google search results?
https://redd.it/ss2z36
@PrivacyGuides
reddit
Trying to stay signed out of the Google search results
I have a question and was hoping someone could give me some advice here. I run Firefox (somewhat hardened) with DDG as my primary search engline....
If we heavily encrypt all the files with something like veracrypt or cryptomator before uploading them to a cloud storage , does it really matter what cloud storage we are using ( Dropbox , Gdrive , One drive) ?
I'm assuming uploading them to any popular cloud storage service should be okay since the files are encrypted..
https://redd.it/ss5bft
@PrivacyGuides
I'm assuming uploading them to any popular cloud storage service should be okay since the files are encrypted..
https://redd.it/ss5bft
@PrivacyGuides
reddit
If we heavily encrypt all the files with something like veracrypt...
I'm assuming uploading them to any popular cloud storage service should be okay since the files are encrypted..
Cloud provider recommendations
I have been using nextcloud (with a provider) and filen.io for a while now; the main problem I have with nextcloud is the service provider; their service always goes down for a few days means I don’t have access to my data. If I make changes or upload a new file, it won’t be updated on other devices. I have tried to set up my nextcloud server, but I couldn’t; it’s too complicated for me. Filen, on the other handle, the files upload speed is ridiculously slow, and I’ve seen people recommend not to use Filen.io.
Any suggestions would be much-appreciated thanks.
https://redd.it/ss5far
@PrivacyGuides
I have been using nextcloud (with a provider) and filen.io for a while now; the main problem I have with nextcloud is the service provider; their service always goes down for a few days means I don’t have access to my data. If I make changes or upload a new file, it won’t be updated on other devices. I have tried to set up my nextcloud server, but I couldn’t; it’s too complicated for me. Filen, on the other handle, the files upload speed is ridiculously slow, and I’ve seen people recommend not to use Filen.io.
Any suggestions would be much-appreciated thanks.
https://redd.it/ss5far
@PrivacyGuides
reddit
Cloud provider recommendations
I have been using nextcloud (with a provider) and filen.io for a while now; the main problem I have with nextcloud is the service provider; their...
Webmail or email client?
Hi guys,
Are email clients such as Thunderbird more private than webmail? I slowly moving from outlook to Protomail, however, I still use Outlook webmail.
Thx
https://redd.it/ss78b4
@PrivacyGuides
Hi guys,
Are email clients such as Thunderbird more private than webmail? I slowly moving from outlook to Protomail, however, I still use Outlook webmail.
Thx
https://redd.it/ss78b4
@PrivacyGuides
reddit
Webmail or email client?
Hi guys, Are email clients such as Thunderbird more private than webmail? I slowly moving from outlook to Protomail, however, I still use Outlook...
Webmail or email client?
Hi guys,
Are email clients such as Thunderbird more private than webmail? I slowly moving from outlook to Protomail, however, I still use Outlook webmail.
Thx
https://redd.it/ss78b4
@PrivacyGuides
Hi guys,
Are email clients such as Thunderbird more private than webmail? I slowly moving from outlook to Protomail, however, I still use Outlook webmail.
Thx
https://redd.it/ss78b4
@PrivacyGuides
reddit
Webmail or email client?
Hi guys, Are email clients such as Thunderbird more private than webmail? I slowly moving from outlook to Protomail, however, I still use Outlook...
Encryption Against Mass Surveillance You are being watched.
Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides services, tools and knowledge to protect your privacy against global mass surveillance.
https://redd.it/ss9641
@PrivacyGuides
Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides services, tools and knowledge to protect your privacy against global mass surveillance.
https://redd.it/ss9641
@PrivacyGuides
reddit
Encryption Against Mass Surveillance You are being watched.
Private and state-sponsored organizations are monitoring and recording your online activities. privacytools.io provides services, tools and...
Snapdrop?
I just discovered Snapdrop, and seems to be an open source alternative to Airdrop. Are there any privacy/security risks that I should be aware of? From what it looks, it seems that they do not use Bluetooth which worries me that they keep a copy of anything you would share using that service, am I wrong? Is it the right tool that everyone at the privacy community uses, or there is a better one? Thank you in advance!
https://redd.it/ss9vyr
@PrivacyGuides
I just discovered Snapdrop, and seems to be an open source alternative to Airdrop. Are there any privacy/security risks that I should be aware of? From what it looks, it seems that they do not use Bluetooth which worries me that they keep a copy of anything you would share using that service, am I wrong? Is it the right tool that everyone at the privacy community uses, or there is a better one? Thank you in advance!
https://redd.it/ss9vyr
@PrivacyGuides
reddit
Snapdrop?
I just discovered Snapdrop, and seems to be an open source alternative to Airdrop. Are there any privacy/security risks that I should be aware of?...
Attack is the Best Defense
Protection is like having tons of covers,which might help but exhaust, if you stop running away, and turn yourself against the enemy, the more tentacle you kill, the more freedom you get
Why make yourself so tired? Make Yourself Happy
Edit: since when did the situation get soooooo fucked up
https://redd.it/ssaprv
@PrivacyGuides
Protection is like having tons of covers,which might help but exhaust, if you stop running away, and turn yourself against the enemy, the more tentacle you kill, the more freedom you get
Why make yourself so tired? Make Yourself Happy
Edit: since when did the situation get soooooo fucked up
https://redd.it/ssaprv
@PrivacyGuides
reddit
Attack is the Best Defense
Protection is like having tons of covers,which might help but exhaust, if you stop running away, and turn yourself against the enemy, the more...
Second Israeli company exploited Apple flaw to hack into iPhones
https://archive.ph/4wX0A
https://redd.it/skbjsn
@PrivacyGuides
https://archive.ph/4wX0A
https://redd.it/skbjsn
@PrivacyGuides
archive.ph
Second Israeli company exploited Apple flaw to hack into iPhones - re…
archived 4 Feb 2022 01:09:24 UTC
Comparing dVPNs and centralized VPNs for privacy protection
https://www.ivpn.net/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection/
https://redd.it/ssb0cv
@PrivacyGuides
https://www.ivpn.net/privacy-guides/comparing-dvpns-centralized-vpns-privacy-protection/
https://redd.it/ssb0cv
@PrivacyGuides
IVPN
Comparing dVPNs and centralized VPNs for privacy protection
This introductory guide compares two type of VPN services: a legacy model built by centralized businesses, and distributed VPNs that have come to the market recently with a goal of disrupting it. As we have covered in earlier blog posts and guides the most…
Government launches “No Place To Hide” propaganda campaign to ban online privacy
Link: https://www.noplacetohide.org.uk
https://redd.it/ssg57k
@PrivacyGuides
Link: https://www.noplacetohide.org.uk
https://redd.it/ssg57k
@PrivacyGuides
reddit
Government launches “No Place To Hide” propaganda campaign to ban...
Link: [https://www.noplacetohide.org.uk](https://www.noplacetohide.org.uk/)
Does Thunderbird offer pricacy or security benefits over outlook as an email Client?
Question says it all really, I don't have much knowledge on how email clients work. Thanks for your help!
https://redd.it/ssh3iq
@PrivacyGuides
Question says it all really, I don't have much knowledge on how email clients work. Thanks for your help!
https://redd.it/ssh3iq
@PrivacyGuides
reddit
Does Thunderbird offer pricacy or security benefits over outlook...
Question says it all really, I don't have much knowledge on how email clients work. Thanks for your help!
About the company behind Canary Mail
Hello.
I have been following the community for some time, but this is my first post here. I am incredibly grateful for all the guidance and help I've found here, so I wanted to contribute some thoughts and get you valuable opinions. I read the rules, but if something is not right, I'm sorry in advance. I know Canary is proprietary software, but since it is the only recommended iOS email client in the site, I think the discussion is needed.
I posted this in the Canary Mail community looking for some clarification about the company behind the app.
https://www.reddit.com/r/CanaryMail/comments/snt5g8/whats\_going\_on\_with\_the\_company\_itself/
But at the time there has been no clarification, official or otherwise.
To me this is a bummer, because I also use Android and while I know there are better alternatives privacy-wise, Canary along with Spark are the best for features and usability, in my opinion.
So, what do you think about all this?
https://redd.it/ssgq78
@PrivacyGuides
Hello.
I have been following the community for some time, but this is my first post here. I am incredibly grateful for all the guidance and help I've found here, so I wanted to contribute some thoughts and get you valuable opinions. I read the rules, but if something is not right, I'm sorry in advance. I know Canary is proprietary software, but since it is the only recommended iOS email client in the site, I think the discussion is needed.
I posted this in the Canary Mail community looking for some clarification about the company behind the app.
https://www.reddit.com/r/CanaryMail/comments/snt5g8/whats\_going\_on\_with\_the\_company\_itself/
But at the time there has been no clarification, official or otherwise.
To me this is a bummer, because I also use Android and while I know there are better alternatives privacy-wise, Canary along with Spark are the best for features and usability, in my opinion.
So, what do you think about all this?
https://redd.it/ssgq78
@PrivacyGuides
reddit
What's going on with the company itself?
Hello, and first, I want to say that I like the app and consider it one of the best mail clients for android, despite some flaws and details to...
is there any Tor-friendly social networks that are actually good?
Except for reddit (in case reddit is tor-friendly), is there any social network that allow tor?
https://redd.it/sshalz
@PrivacyGuides
Except for reddit (in case reddit is tor-friendly), is there any social network that allow tor?
https://redd.it/sshalz
@PrivacyGuides
reddit
is there any Tor-friendly social networks that are actually good?
Except for reddit (in case reddit is tor-friendly), is there any social network that allow tor?
Is RequestControl addon enough for skipping redirects?
Hi just wondering if RequestControl's builtin filters are enough for skipping redirects or if I need to use SkipRedirect addon as well? I'm not sure what' SkipRedirect redirects.
I found both of these addons in areknfox's recommendations https://github.com/arkenfox/user.js/wiki/4.1-Extensions
I prefer to use RequestControl so that I can add my own custom redirection in the same addon, instead of having to use an additional addon (Redirector) for that. However I'm worried that it won't do what SkipRedirect does sufficiently. Can anyone illuminate me? I am not highly tech savvy so I don't understand how it all works.
​
Also a bonus question: is skipping redirection that big a deal? If I clear cookies at the end of my session does it really all matter? Why is it recommended when we're told to use as few extensions as possible?
https://redd.it/ssftpx
@PrivacyGuides
Hi just wondering if RequestControl's builtin filters are enough for skipping redirects or if I need to use SkipRedirect addon as well? I'm not sure what' SkipRedirect redirects.
I found both of these addons in areknfox's recommendations https://github.com/arkenfox/user.js/wiki/4.1-Extensions
I prefer to use RequestControl so that I can add my own custom redirection in the same addon, instead of having to use an additional addon (Redirector) for that. However I'm worried that it won't do what SkipRedirect does sufficiently. Can anyone illuminate me? I am not highly tech savvy so I don't understand how it all works.
​
Also a bonus question: is skipping redirection that big a deal? If I clear cookies at the end of my session does it really all matter? Why is it recommended when we're told to use as few extensions as possible?
https://redd.it/ssftpx
@PrivacyGuides
GitHub
4.1 Extensions
Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening - arkenfox/user.js
Would someone please share a good practice for using free protonmail with a free or paid alias service? Ive been using pm but have never used an alias and am a bit confused how many aliases should i need and which provider?
I also plan to upgrade to paid proton but am doing so when the next sale comes :)
https://redd.it/ssobrt
@PrivacyGuides
I also plan to upgrade to paid proton but am doing so when the next sale comes :)
https://redd.it/ssobrt
@PrivacyGuides
reddit
Would someone please share a good practice for using free...
I also plan to upgrade to paid proton but am doing so when the next sale comes :)