• 0 Posts
  • 3 Comments
Joined 3 years ago
Cake day: June 30th, 2023
  • sloppy_diffuser@sh.itjust.workstoPrivacy@lemmy.mlA few question from a noobEnglish
    4·
    6 days ago

    Firefox Nightly + arkenfox userjs + uBlock Origin + Bitwarden as my daily driver.

    Been a couple years since I checked up on arkenfox still being good. I get flagged as a bot all the time and constantly get popups about WebGL (GPU fingerprinting) so I assume its working as intended for my threat model.

    Tails when I really care.

    Mullvad VPN as my regular VPN with ProtonVPN for torrents.

    GrapheneOS / NixOS as my OS.

    Proton Visionary for most cloud services except passwords and I don’t really use Proton Drive. I do use ProtonPass for unique emails to every provider.

    Kagi for searches / AI.

    Etesync for contacts because Proton didn’t sync with the OS last I checked.

    Backblaze B2 for cloud storage with my own encryption via rclone (Round Sync on GrapheneOS)

    Keypass for a few things like my XMR wallets and master passwords I don’t even trust in Bitwarden.

    https://jmp.chat/ for my mobile provider.

    Pihole with encrypted DNS to Quad9.

    https://onlykey.io/ for the second half of my sensitive passwords (Bitwarden, LUKS, Keypass, OS login). First half memorized.

    Its a lot. I burned myself out a couple years ago keeping up with optimizing privacy and this setup has served me well for 2 years without really changing anything. The cloud services are grey areas in terms of privacy but the few ads that leak through uBlock have zero relevance to anything about me.

  • sloppy_diffuser@sh.itjust.workstoPrivacy@lemmy.ml*Permanently Deleted*English
    0·
    1 year ago

    1. Not sure on this one.

    2. The auditor is to make sure you are installing an authentic version of graphene. That it is not a modified version that has been tampered with (e.g., backdoors).

    3. Automatically enables MAC randomization. This can help with being tracked on public networks. Fingerprinting techniques have gotten better though with deep packet inspection and even measuring radio characteristics. I’ve seen demos of two brand new and identical models of iPhones being distinctly picked out due to variances in the radios during manufacturing.

    Doesn’t help with advertisers tracking behavior based on IP. VPNs help with “blending-in” by putting multiple users behind the same IP. Provider matters here. Needs to be a VPN provider that won’t just sell your data or cave to law enforcement. Mullvad is my preference. Paid with crypto. RAM only logs. That said, use Tor or I2P for anything you don’t want subpoenaed.

    For additional tips:

    • Can’t remember if its on by default, but auto-reboot to put data at rest (encrypted and not in RAM). This is for a state-actor threat level, and less about advertisers.
    • I prefer pin codes to unlock my device and don’t use biometrics. Graphene has a feature to randomize the pin pad every time to protect against a recording of the pin be entered. Specifically where the numbers aren’t picked up on the video but the pattern your hand makes can be seen. Again, more of a state-actor threat level.