/psg/ - Privacy & Security General

"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say."
--Edward Snowden

>Recommended operating systems
General purpose: Fedora, K/L/Xubuntu, Arch Linux
Privacy focused: Whonix, Tails, Qubes OS

>Recommended mobile operating systems
Android based: GrapheneOS, CalyxOS, LineageOS/DivestOS
Linux based: PureOS, postmarketOS

>Recommended browsers
Chromium based: Brave, Bromite, ungoogled-chromium
Firefox based: Firefox (w/user.js), IceCat, LibreWolf, Mull, Tor Browser
ffprofile.com
pastebin.com/dc53qN57

>Browser tests
deviceinfo.me
ipleak.net
privacytests.org
librespeed.org
d3ward.github.io/toolz/adblock.html

>Advanced content blocking
github.com/gorhill/uBlock/wiki/Blocking-mode:-medium-mode

>Recommended search engines
Brave Search, DuckDuckGo, SearX, Startpage

>Privacy oriented DNS
nextdns.io
quad9.net
adguard.com/en/adguard-dns/overview.html

>Privacy oriented email
Disroot, ProtonMail, Tutanota, mailbox.org, StartMail
Cock.li, RiseUp (invite only)

>Recommended instant messengers
Signal, Briar

>YouTube front end
redirect.invidious.io
newpipe.net
freetubeapp.io
github.com/TeamPiped/Piped

>Proprietary firmware replacement
coreboot.org
libreboot.org

>Resources
privacytools.io
ssd.eff.org
haveibeenpwned.com
stallman.org/facebook.html
madaidans-insecurities.github.io
sizeof.cat/links
ryf.fsf.org/products
techlore.tech
pastebin.com/ZDnPVf1S

>Advanced Linux resources
madaidans-insecurities.github.io/guides/linux-hardening.html
eldritchdata.neocities.org
vez.mrsk.me/linux-hardening.html

Attached: 1657914739327.jpg (640x478, 91.73K)

Other urls found in this thread:

m.youtube.com/watch?v=4t4kBkMsDbQ
ghacks.net/2022/07/25/google-chrome-is-blocking-all-downloads-from-portable-apps/
bleepingcomputer.com/news/security/us-doubles-reward-for-tips-on-north-korean-backed-hackers/
twitter.com/NSFWRedditImage

i want to pentest one of my two linux machines with a linux machine, to verify how secure they are
how do?

Attached: Gabriel_At_Computer_3.png (1802x1020, 1.63M)

Start with nmap
m.youtube.com/watch?v=4t4kBkMsDbQ

ghacks.net/2022/07/25/google-chrome-is-blocking-all-downloads-from-portable-apps/

Is HaikuOS secure, or is OpenBSD the answer?

Neither, use Fedora.

how much does it cost to run your own email server? or should i not bother and use tutanota/proton instead?

Just use ProtonMail or Disroot

bleepingcomputer.com/news/security/us-doubles-reward-for-tips-on-north-korean-backed-hackers/

how is disroot different from protonmail?

No 2FA and all your emails are stored in plaintext

Disroot is a non-profit run by community activists, ProtonMail is a corporation.

>Any Forums
>protonmail
>tutanota
>duckduckgo
>quad9
>firefox
>brave
>privacy tools
>signal
>tor browser

Attached: 1521856956355.png (650x650, 43.05K)

The servers are encrypted, the emails themselves receive no additional encryption (ie encryption at rest), but if it's sensitive you should be using PGP to begin with and not simply trusting that your provider is doing it. Tutanota for example was forced to build a backdoor into their platform so I wouldn't be surprised if Proton has one as well. They already turn over metadata which is enough to identify you.

found a digdeeper fan in the wild

so i should use disroot with pgp instead?

Here is a good review of most E-Mail services.
desu, the best service is self-hosting

>Here
where?
>self-hosting
how much does that cost?

Raspi + home internet
10 for a VPS
or whatever else

The tools are all open source

based honeybear

Learn to pen test, sadly you can never verify security, as a 0day can always exist, it's about risk mitigation, you might also want to develop a threat model, are you trying to be secure from le edgy kali 13y old hacker, or a professional pentester, or a LEA/5eyes

Attached: 1653790530986.png (2000x554, 234.11K)

what about when i don't have internet? due to power loss