/g/ - Technology

What's your setup?


New Reply[×]
Name
Sage
Subject
Message
Files Max 5 files47.7MB total
Tegaki
Password
[New Reply]

[Index] [Catalog] [Banners] [Logs]
5831d3 No.17
25214-136727363.jpg
[Hide] (67.6KB, 650x340) Reverse
> Windows is irreducibly spyware with doors consciously built in. Especially the modern versions which basically run commercial keylogger software. No level of security workarounds can prevent it from Et phoning the mothership. You must use linux
>Options for linux include Heads, Tails, qubes + whonix (which is snooden's sugestion), kodachi (I don't trust this dev), kicksecure, all of which should ideally run off a flash drive preferably using RAM
>Intel and AMD chips both have microcomputers in them that can secretly alter the computer. Everything since about 2008 has been pozzed, so you need a chipset & computer built before then
>you must flash libreboot, coreboot, or another security conscious bootloader to prevent their criminal tricks
>you should install openwrt software onto your router
>run everything through a VM to protect the underlying software from penetration
>save your files to offline flash drives which are crypted
>crypt everything by the way

>only decent off the shelf configured browsers are librewolf and the onion. Brave is spyware.
>always enable https and disable history on your browser
>Try to disable js whenever possible despite this being a massive pain.
>You must either use a VPN that's legit (none truly are btw) and pay with crypto or run the onion to browse
>Only slightly non sketchy vpn is mullvad
>you must always run the onion in secure settings and request a bridge
>true tinfoil involves removing your speakers, having an internet killswitch, disabling your fan, never talking, not having a cell phone, having device faradays, neverending list of best practices...
>all methods can be defeated by a dedicated attacker, IE state level if you enrage them off enough.

...The internet as we know it is little better than Bentham's hellscape
Replies: >>73 >>100
5e252a No.18
You can be lax on the security side of things while still retaining your personal privacy. Just using arch with a vpn is probably good enough for most people, as long as you aren't breaking opsec.
Just for some perspective, the door of your home probably isn't designed to ward off state actors, either, and they probably aren't peeping through your curtains, since most people aren't worth the effort of targeting for individual surveillance.
The internet serves their purposes well enough. What's really ramping up is meatspace, with techniques for following vehicles by satellite, identifying pedestrians by their heartbeats and gait, mapping out private property with data collected from cell phones, and others.
>all methods can be defeated by a dedicated attacker
They haven't entirely figured out the airgapping problem.
Replies: >>19 >>77
f1e77e No.19
>>18
They would burgle your house. My point is all the transmission of data on the internet is getting kept up the stream before it even reaches your computer, and if a state level actor actually wants to grab you they can spend huge sums putting all the puzzle pieces together.

I'm familiar with stories of people who figured out about the significance of information security the hard way. Every single "activist" or protest group gets spied on and set up by cops and secret police. All the initial data points come from your mistakes thinking you have privacy on the internet. It's a scam that works because the average person is kept ignorant of how easily abused their information is
b6b94f No.73
>>17 (OP) 
>>Intel and AMD chips both have microcomputers in them that can secretly alter the computer. Everything since about 2008 has been pozzed, so you need a chipset & computer built before then

Not for AMD, all their FX processors and earlier didnt have the glowie PSP chip, although then youre still kind of stuck with proprietary microcode+bios. Also all AMD gpus after the Polaris architecture have PSP too
e5fd2f No.77
>>18
>You can be lax on the security side of things while still retaining your personal privacy
This.
For the average person, the only relevant steps to take are protecting their data from being harvested and sold like cattle. Security stuff, not all that important.

Although I think awareness for all of these things, relevant to the average person or not, is still important. 
We cannot let these glowies do whatever they want, and having every person aware of their overimposing reach and not happy with it is a step in the right direction.

Onto privacy, anyone else delete their jewgle account and not have one anymore? That is what I did.
Replies: >>81
2ca7eb No.81
>>77
After the things I've seen, I believe every single person at the level of connecting to dissident imageboards should be following op and digital sec protocols hard enough to stop state level persecution. It's all about the hanging sword of Damocles built into every level of technology they don't want you to see. Step out of line, be the lemming who looks up, and it all gets used against you. The only real counter-strategy is to get large numbers of everyday people so trained on these things that it is too expensive to run the old style of draggernet anymore and they can't do a night of the long knives on us. Because that is coming down the pipe inevitably with the data mapping tools being used. Don't wait until five years later and trouble to realize you gave them parts of your soul just by being lax
a58bcb No.100
>>17 (OP) 
Here's my spin on this post:

> Windows is irreducibly spyware with backdoors conciously built. You must use some form of Linux or BSD. 
> Options for Linux include QubesOS + Whonix, Tails, Kicksecure. If possible, these distros should run from memory. For QubesOS, this is not possible so ideally you run the Whonix Qube as a DisposableVM.
> Options for BSD include HardenedBSD or OpenBSD. They are focused on security and exploit mitigation.
> Intel and AMD chips both have microcomputers in them that can access data on the computer, even when off.
> Even though it is possible to neuter Intel ME, it's still on your system. 
> You must flash Libreboot, Coreboot, Heads or any other security focused bootloader/BIOS to prevent their criminal tricks.
> You should buy a non-chink router and install OpenWRT on it
> Compartmentalize as much as possible to prevent leaks
> Save your files securely using VeraCrypt or cryptsetup.
> Do NOT use bitlocker, as Microsoft can access the keys.
> ALWAYS use cascading ciphers. If one cipher is broken, it is very much unlikely the other one is also. The best combination is AES(Serpent(your data))
> Encrypt as much as possible, even if you already use FDE. If you do not use it, encrypt it.

> Only decent usable browsers are Librewolf and Tor Browser. Stay away from anything chromium based, unless you're absolutely sure.
> Always use HTTPS, but never rely on it. SSL MITM is extremely hard, but possible.
> Always disable JavaScript. If possible, also block CSS.
> Use a VPN, but don't use it as is. Combine it with Tor and other networks.
> Always pay with Monero or cash.
> Use snowflake as Tor bridge. Remember to host one to give back to the network!
> Remove your speakers, cameras and microphone. If not possible, blacklist the kernel modules from loading.
> Disable your fan to mitigate acoustic side channel attacks/traversal.
> Not possible due to overheating/performance issues, play music/white noise to inject more noise, so it's harder to receive information.
> Don't bother with a modern phone. They are spyware devices, no matter how much you flash them. Either use them for non-security critical purposes, or ditch them.
> Shut the fuck up! Loose lips sink ships. Never reveal information about your setup, as that can help any attacker. Information you give for free, is something they don't need to find themselves.

And the most important one;
> CREATE A THREAT MODEL.
> What are you protecting?
> How are you doing that?
> Who are your adversaries?
> What are their capabilities?

You can never be 100% secure, but you can make it damn hard for anybody to own
you. Stay safe anons.
Replies: >>101
f8caa1 No.101
>>100
Quality post.
Replies: >>102
a58bcb No.102
>>101
Cheers. I tend to ramble sometimes and my post seems a bit incoherent to me lol, but I appreciate it.

I want to expand the post and add references and proof to backup the claims, but I refrained from doing so because I thought this place had a much smaller text limit. Should I?
Replies: >>103
a32c1e No.103
>>102
Sure, why not. More detail is always good.
20b9b9 No.172
I went with Qubes on a 16-vcore Raptor Lake with 192GB RAM.  It's been quite cozy, even for inferencing!  :DDD
7fd6e7 No.173
image_search_1736748659431.gif
[Hide] (972.1KB, 220x265) Reverse
What are they gonna do?
Steal my meme stash?
ec8fb3 No.174
image_search_1736748659431.gif
[Hide] (972.1KB, 220x265) Reverse
Bitches love my meme stash
61e73a No.265
Any other cpus available, say the russian Elbrus cpus. They certainly have backdoors, but not US of A ones.
[New Reply]
[Index] [Catalog] [Banners] [Logs]
13 replies | 3 files | 13 UIDs
Connecting...
Show Post Actions

Actions:

Captcha:

- news - rules - faq - contact -
- telegram - simplex - irc -
jschan 1.7.3