/psg/ - Privacy & Security General

"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say."
--Edward Snowden

>Recommended operating systems
General purpose: Fedora, K/L/Xubuntu, Arch Linux, OpenBSD
Privacy focused: Whonix, Tails, Qubes OS

>Recommended mobile operating systems
Android based: GrapheneOS, CalyxOS, LineageOS/DivestOS
Linux based: PureOS, postmarketOS

>Recommended browsers
Chromium based: Bromite, ungoogled-chromium
Firefox based: Firefox (w/user.js), IceCat, LibreWolf, Mull, Tor Browser
ffprofile.com
pastebin.com/dc53qN57 (embed) (embed)

>Browser tests
deviceinfo.me
dnsleaktest.com
privacytests.org
librespeed.org
d3ward.github.io/toolz/adblock.html

>Advanced content blocking
github.com/gorhill/uBlock/wiki/Blocking-mode:-medium-mode

>Recommended search engines
Brave Search, DuckDuckGo, SearX, metager.{org,de}

>Privacy oriented DNS
nextdns.io
quad9.net
adguard.com/en/adguard-dns/overview.html

>Privacy oriented email
Disroot, ProtonMail, Tutanota, mailbox.org, StartMail
Cock.li (invite.only), RiseUp (invite only)

>Recommended instant messengers
Signal, Briar

>YouTube front end
redirect.invidious.io
newpipe.net
freetubeapp.io
github.com/TeamPiped/Piped

>Proprietary firmware replacement
coreboot.org
libreboot.org

>Resources
privacytools.io
ssd.eff.org
haveibeenpwned.com
stallman.org/facebook.html
madaidans-insecurities.github.io
sizeof.cat/links
ryf.fsf.org/products
techlore.tech
pastebin.com/ZDnPVf1S (embed) (embed)

>Advanced Linux resources
madaidans-insecurities.github.io/guides/linux-hardening.html
eldritchdata.neocities.org
vez.mrsk.me/linux-hardening.html

Attached: 1630832847927.png (806x344, 35.28K)

Other urls found in this thread:

joindeleteme.com/help/diy-free-opt-out-guide/
nitter.net/dwizzzleMSFT/status/1560083492133695488#m
optoutpod.com/episodes/s2e14-session/
bleepingcomputer.com/news/security/janet-jacksons-music-video-is-now-a-vulnerability-for-crashing-hard-disks/
twitter.com/AnonBabble

Where's the based bear?

Attached: 1652830548989.png (512x512, 453.39K)

>Everything is a honeypot, so you should adjust that accordingly with your OPSEC.
>Privacy and security is not a zero-sum game.
>It's never too late to take on decent privacy practices.
>Try and scrub your previous identities online:
joindeleteme.com/help/diy-free-opt-out-guide/

Attached: 1639438474760.jpg (1200x675, 522.93K)

I want to recover an extremely old email account and see that it's been listed on haveIbeenpwned. Where do I find these leaks so I can recover my account?

They're public. Search for leaked password hash tables. But they're hashed passwords so you'll need a program like hashcat and a decent rainbow table.
Also, you need to find one that has an associated email address attached to it.
Good luck.

You should never trust these random websites.
Just write down your email and password and I'll verify it for you, user.

>Any Forums
>protonmail
>tutanota
>duckduckgo
>quad9
>firefox
>brave
>privacy tools
>signal
>tor browser

Attached: 1521856956355.png (650x650, 43.05K)

bump

nitter.net/dwizzzleMSFT/status/1560083492133695488#m

big ass dll hijacking energy

How glowing is Session? Being based in Australia makes me nervous, and the fact that they're using their own TOR equivalent which is also questionable. There's also the matter of the oxen network being tied to a fucking cryptocurrency which increases even more liability.

Very. I listened to one of the interviews that their founder did on a podcast and the reason that he gave is that doing VoIP through Tor stresses the network. I mean, sure, but shouldn't you account for that in the first place when designing a chat application that goes through Tor?
$OXEN is also incredibly telling for me. If it is really necessary to create a DAO for Session then shouldn't that be tied to a proper, decentralized cryptocurrency. Not some self-made coins that the developers have a massive stake to?
For a truly private messaging experience, you can probably host your own XMPP server or use something like Briar.
The interview that I was referring to: optoutpod.com/episodes/s2e14-session/

Attached: gggg.jpg (848x658, 91.95K)

>Very. I listened to one of the interviews that their founder did on a podcast and the reason that he gave is that doing VoIP through Tor stresses the network. I mean, sure, but shouldn't you account for that in the first place when designing a chat application that goes through Tor?
I believe they're working through that atm. Currently the voicechat is just encrypted P2P using WebRTC so yeah it's gonna leak IP's no matter what.
>$OXEN is also incredibly telling for me. If it is really necessary to create a DAO for Session then shouldn't that be tied to a proper, decentralized cryptocurrency. Not some self-made coins that the developers have a massive stake to?
Agreed. Huge conflict of interest for a non-profit.
>The interview that I was referring to: optoutpod.com/episodes/s2e14-session/
Interesting. Seems like a good podcast. Thanks for the suggestion user.

?

Doesnt glow

It doesnt use Tor tho, it's onion routed over the oxen nodes. Soon it will be fully integrated with/use Lokinet for everything. The network structure is about as decentralized as you can get with using 1655 service nodes. Nothing wrong with hosting your own XMPP services, too

Attached: 1631469106816.webm (406x720, 2.87M)

>Try to create protonmail account
>Asks for email or sms verification
HUH?

Use temp-mail.org

yeah it's not allowed either

bleepingcomputer.com/news/security/janet-jacksons-music-video-is-now-a-vulnerability-for-crashing-hard-disks/

but remember it's TOTALLY not a honeypot
tor not being allowed either is a feature too! buy proton premium now, goyim

So which email service should I use that doesn't need verification, allows tor and is free (as in I'm not giving them my bank account)