for the cybersecurity people out there, got a few questions
>is every vpn basically a huge honeypot or at the very least, your data is not safe from government agencies? >let's say they are indeed honeypots for government control and data mining, do they still offer advantages against cyber crime? like people hacking your shit etc? seems always like a major simplification to me, unless you somehow anonymously purchase the vpn service, throw away your computer, and all existing services that have logged your IP and data for YEARS. Do most people buy this shit, think they are now safe, and then bind their private identities with their massive amounts of past data which was "unprotected" etc? >also, i tried proton vpn, and unless you use the compromised vpn protocols, such as wireguard and secure core, and you actually use TCP and TOR protocols, it's just as slow as torbrowsers, in other words, unrealistic to use for day to day activities. Brings me to the question, what is the point of paying for something that is just as bad, slow, and useless as a free torbrowser? I read about wireguard and secure core etc and it's all shit, that's why it's fast... >would paying extra for gigabit internet make torbrowser speed somewhat workable? and if yes, isn't that obviously money better spent than on a VPN? (since it's the same thing)
is it even realistic to think you would in any way shape or form benefit from VPN or torbrowser, provided that you will probably bind personal data to the anonimized "vpn identities" from years of using stuff before vpn and not going to give up everything to start from scratch, also taking into account paper trail from the vpn purchase, it's probably more secure to use a free torbrowser as there will not be a papertrail. also many websites don't even work when you use a vpn, so you will regularly need to disable it, thereby binding your personal data and logging it anyway?
Phone app VPNs are just proxy servers for fag netflix, and that is exactly how they are advertised, specifically, everytime.
You should be doing your own sanitizing before you use a 3rd party anyhow.
Brayden Hernandez
basically, my question boils down to, assuming you are a law abiding citizen etc, who is somewhat computer literate and security aware...
are you better off with or without using shit like >encrypted email service >vpn / torbrowser >password managers
etc
it all seems fishy to me
Gabriel Perry
pretty much i think it's best to limit use of technology that produces data that can be mined and exploited. just use computer for work, training, look up some things as if in a library, and call it a day.
James Edwards
protonmail is a known fed honeypot
Anthony Martin
if it's all shit, i might just as well use hotmail right? i only use email to apply for jobs, shop online, send and receive invoices. it's not like that data hasn't been logged in multiple other places, so does it really matter?
Ryder Young
I'll make it simple for you with a simple cybersecurity concept: No system is secure from everything. That includes your identity on the internet. If someone wants to find it, given enough time and means, they will find it. The only difference is how much resource they have to allocate to do that, and if they are allowed to do it. Say, you don't use a VPN or proxy or anything. Then pretty much anyone can deduce who you are if they get that information. If you use a VPN, then only people who access the machine hosting your logs can know who you are. This can be very dedicated hackers, or this can be government agencies who have a warrant to do this kind of thing, if your crime is severe enough. That or your VPN leaks, then refer to case 1. On tor, people can find out who you are if they have access to the whole node system you used, which requires intensive work from government agencies. tldr you are never 100% safe, it's all about a ratio of how hard it actually is to source things to you.
Jayden Gray
>>encrypted email service Dont use email for private stuff and just dont use google at all and youre fine >>vpn / torbrowser Unnecessary, install ublock origin thats enough >>password managers A necessity , i dont know how people can keep in their mind 10 unique passwords without them being awfully similar thus defeating the purpose of a password. Dont use proprietary ones tho. Personally i use KeepassXC on PC and KeepassDX on phone and sync the password database with syncthing (really easy to do)
Levi Rivera
does the IRS easily get warrants to data mine your internet history? is it worth considering the country where the vpn or torbrowser provider is based? are there any vpn providers in for example indonesia, (assuming not honeypot) that would be harder to extract data from with us warrant?
Eli Reed
>A necessity , i use keeper security but now got paranoid that 3rd party has all my keys
also, i only store random password and then also add another password at the end that is not stored in password manager just to be sure, also i dont store 2FA in there
but is it not better just to use password manager inside a browser like chrome or firefox?
Bentley Sanchez
The answer is "it depends". The IRS for the most part operates with OSINT. I know this because in a court of law, it is much easier to get evidence accepted because you can prove everyone can get it, rather than go through a warrant, then having a lawyer argue for literal years why this evidence can be accepted in a court room. This is how most criminals get caught when their schemes involve crypto, specifically bitcoin, because a lot the information is stored publicly through ledgers as a specification of the system. This is why people tell you to have good opsec, because it counters the very easy solution for government agencies to use osint against you. >is it worth considering the country where the vpn or torbrowser provider is based Yes. Eyes jurisdictions matter quite a lot. This is what you should look after when you look for a VPN provider, for example, among other things like leakage.
James Murphy
>>is every vpn basically a huge honeypot or at the very least, your data is not safe from government agencies? yes. no one is willing to go to prison so that you may conduct illegal activities. even if you are not conducting illegal activities and just value your privacy, NO ONE IS WILLING TO GO TO PRISON FOR YOU. THEY ARENT EVEN WILLING TO SPEND MONEY TO FIGHT IT IN COURT. THEY WILL COMPLY. YOUR INFORMATION AND DATA WILL BE HANDED OVER.
Colton Gutierrez
>Yes. Eyes jurisdictions matter quite a lot. This is what you should look after when you look for a VPN provider, for example, among other things like leakage.
it's tricky since many of them highlight being based somewhere, but then you look further and see they have bases everywhere. like nordvpn..
when using torbrowser, who keeps the data? company that owns browser? like brave tor browser or mozilla tor browser? this is all data that belongs to google or something, so totaly fucked?
Robert Sanders
>but is it not better just to use password manager inside a browser like chrome or firefox? Really depends on your use case, and whether you want the passwords to sync to other devices. I personally self-host Bitwarden and have it work on my phone and PC, and Firefox.
Samuel Foster
Tor browser is configured in a way to use a sanitized version of firefox. So unless you allow some javascript to run on your browser, there is simply no way anyone could get information from you simply booting up tor and using tor. If you are very paranoid about this, the best way is to let yourself learn everything that goes into browsing on the internet. It can take some time but it's very worth it, and it will ease your mind. The media likes to scare people with buzzwords and things that don't happen in the real world. In the real world, things are much easier to understand, everything is separated, and the government isn't this entity that has as much power as you think it does.
Leo Sanchez
>If you are very paranoid about this, the best way is to let yourself learn everything that goes into browsing on the internet. It can take some time but it's very worth it, and it will ease your mind. i am actually currently learning javascript and reactjs from online courses and reference websites on it. i'm really not very good at it at all, takes sometimes 2 hours to make an assignment that is supposed to take a few minutes, but in the end succeeds anyway. after that what else to learn that is important for internet security stuff? java?
Ayden Fisher
I would simply recommend to start with basics about IP, HTTP protocol (GET and POST requests are very simple and they will teach you a lot), stuff like that. You don't need to know the actual implementation of things, just what thing does what.
I would also recommend, if you're learning things like javascript, to search how you can track users on a website you are hosting, for example. It gives you a pretty good idea of what is exactly available to you when you do it on someone else first. Then you will understand that when using noscript, you avoid that problem entirely. This is the point of learning things, and you'll find yourself much more at ease with everything.
Logan Flores
>way anyone could get information from you simply booting up tor and using tor.
no i only use laptop, i dont use mobile phone because the government traces the movement through cell tower network and sim cards. since there is a sim card in my car antenna that would give tremendous combination of data and metadata that just worries me also insane elektromagnetic fields even when in flight mode, which confirms that flight mode is not real
Benjamin Edwards
meds, now
Leo Howard
websites that sell counterfeit products, "hacked" permanent keys to subscription software services, braindump exam questions for industry leading certifications. all those things, i wonder, how can they stay in business, they must have an agreement with IRS and give them a cut of their dirtty money or maybe they are even honeypot operations run by government agencies as a cover and source of illegitimate income to finance mass surveilance programmes
Juan Rodriguez
What criminals in my country do is that, they'd rent cloud servers from companies in 3rd world countries, probably with stolen credit card or crypto. They also use botnets which are dirt cheap if you know where to look. "Good Luck, I'm Behind 7 Proxies" isn't just a meme. If you route your traffic through enough machines in various countries, it becomes very difficult and resource-intensive for the authority to investigate.
For me, I just have a handful of hacked machines to access questionable stuff.
Parker James
measurements don't lie, sample a range of android phones and measure their emf radiation while in normal mode and while in flight mode. you may be surprised. also what maybe some of you tech heroes may be able to explain.... how come with a huge 86" flat screen tv, even when you unplug the power cord, the eletric field rating is sky high within 2 metres of the tv, you probably say, it's some sort of residue current that would die down eventually. only it doesnt. and only when i switch of the general power of the room, the electric field of the screen immediately disappears. when i turn it on again (tv power cord still unplugged at this time) it shoots up to sky high again despite tv being off and disconnected. what does this mean. i think it means that smart devices are actually electrically powered through the air, and the power cable is just there to keep people oblivious of what is happening, and signals "pretend to be off, the humans are watching", but in reality they are never off, they are bolstering power which they suck out of the wall wiring through the air. this is also why android phones keep emitting ratiation even when they are in flight mode, powered off, and sim card removed.
