Do you use online security apps/programs?

[Zoo50]

There are a number of ways to stay safe online. For example, there are things called "secure operating systems" (such as Tails and Whonix) -- Tails is an amnesiac operating system that can't "remember" sessions, while Whonix is an operating system that uses two virtual machines (a gateway and workstation) that connect to Tor and are run from VirtualBox (there are other configurations as well) -- Whonix can be run on a regular operating system like Windows.

Some people also use a VPN and/or Tor Browser from within a regular operating system, such as Windows / Microsoft. Both VPNs and Tor hide one's IP Address. What I'm wondering is -- are there other secure operating systems out there (that haven't been mentioned)? Are there other ways to stay safe online? How many people use any of these methods to stay safe online? Also, are there any flaws in the mentioned security methods? (For example, with VPNs one has to trust that the VPN provider doesn't keep logs and/or record one's activity).

 

[caikgoch]

Actually, the most important single security issue is your operating system. First, more people are outed by friends and family "borrowing" their devices than hunted and found. Second, your device is where they go to get the evidence to convict you. So what do you do? You look for SELinux.

There are many distros and every manner of customization available. The best part? None of them cost a penny. Just download it and try it. Right away you are virtually immune to malware. And all those expensive apps that certain software publishers insist you can't live without are also free for this OS. No it's not a drop in replacement for Windblows, there will be a learning curve to climb. But guess what, tech support is also free.

When you install it, you will be given some options. Go with a fully encrypted system. The only part exposed is the boot loader and it's generic. Otherwise just agree with the automatic options. If it doesn't suit you, you've wasted an hour to learn some useful things. BTW, if you so choose, it can happily coexist with Windblows as a dual boot option. It can also access Windblows files with little effort.

I should mention that this is what the super paranoid government types use and recommend for themselves.

 

[Zoo50]

Actually, the most important single security issue is your operating system. First, more people are outed by friends and family "borrowing" their devices than hunted and found. Second, your device is where they go to get the evidence to convict you. So what do you do? You look for SELinux.

Do you have any knowledge of Tails or Whonix? (I know, for example, that Whonix is a Linux-based system). I believe Whonix is not amnesiac, while Tails is. Both of these operating systems attempt to make the user anonymous.

 

[caikgoch]

Do you have any knowledge of Tails or Whonix? (I know, for example, that Whonix is a Linux-based system). I believe Whonix is not amnesiac, while Tails is. Both of these operating systems attempt to make the user anonymous.

Both are Linux distros and mentioned in the list that I linked to but neither is useful as a day to day OS. They sacrifice way too much speed and convenience in favor of extreme paranoia security. You would have to keep everything other than browsing outside of the OS and suddenly your security is gone.

For 98% of the security and 2000% of the usability, I'm using a Red Hat variant with a simple VPN. And I don't have to worry about any app or temp file leaking data at an inopportune moment.

 

[Zoo50]

Both are Linux distros and mentioned in the list that I linked to but neither is useful as a day to day OS. They sacrifice way too much speed and convenience in favor of extreme paranoia security. You would have to keep everything other than browsing outside of the OS and suddenly your security is gone.

For 98% of the security and 2000% of the usability, I'm using a Red Hat variant with a simple VPN. And I don't have to worry about any app or temp file leaking data at an inopportune moment.

I have heard that Whonix is very slow. That's probably the reason why most people don't use it -- it's just not convinent to use (despite the security benefits).

 

[Honkler the Clown]

I simply use VeraCrypt for my SSD. The entire system is encrypted and therefore it's not possible to get to any data. I don't use Tor (too inconvenient) and since zooville.org uses HTTPS, there's no evidence there.

 

[Zoo50]

Still don't know why VPNs are so popular (compared to other options). They provide some protection, but they can keep logs -- and even if they say they don't keep logs, they could be lying. Plus, VPN providers may know one's real IP address and all of the sites one has visited, depending on the configuration. With VPNs, one has to have a lot of trust in the provider one uses.

Combining a VPN with something else (such as Tor Browser) could provide more protection.

 

[caikgoch]

Still don't know why VPNs are so popular (compared to other options). They provide some protection, but they can keep logs -- and even if they say they don't keep logs, they could be lying. Plus, VPN providers may know one's real IP address and all of the sites one has visited, depending on the configuration. With VPNs, one has to have a lot of trust in the provider one uses.

Combining a VPN with something else (such as Tor Browser) could provide more protection.

It's really simple. You select a VPN based in another country. No LE is going to go to spend the time and money needed to push a warrant internationally unless you commit a more serious crime than dog fucking. The VPN renders the ISP logs that they can get to useless.

 

[Wasbitchpolly]

Nord vpn gives you the option to select a country
And put a password on your device

 

[Zoo50]

Nord vpn gives you the option to select a country
And put a password on your device

Is Nord VPN trustworthy?

 

[rainfallheavens]

Is Nord VPN trustworthy?

after what just happened the other day i would not think so, yes everyone gets hacked at some point but they were unaware with what they got hacked with even existed

 

[Zoo50]

after what just happened the other day i would not think so, yes everyone gets hacked at some point but they were unaware with what they got hacked with even existed

That's the problem with VPNs -- VPNs are "centralized" (whereas Tor is "decentralized").

 

[byftpup]

Ok, so is Tor safe?? I'm currently using that .. confusing as it is.. but I'm stuck on windows as I''m not real good with the Linux stuff.. (I like it to start with but then I end up screaming cause I can't get something to work and then there is hours of frustration.. blah blah blah...)

Also how secure is a Mac? or are there programs for Mac. I am very close to having to get a new computer as I've replaced the components in this computer to the enth degree and now the mother board is having... blond moments!!!

 

[caikgoch]

Also how secure is a Mac? or are there programs for Mac. I am very close to having to get a new computer as I've replaced the components in this computer to the enth degree and now the mother board is having... blond moments!!!

Apple is a Unix Operating System, just like Linux except for the price. The smart thing to do is to make backups then play around with Linux on the old computer. Or you could buy an old computer and install Linux until you find a spin that you like then install it as a dual boot on your new computer. That leaves you with a backup CPU. Newegg sells recycled CPUs for less than $100.

 

[Espedus]

What for?, lol

 

[Zoo50]

Ok, so is Tor safe?? I'm currently using that .. confusing as it is.. but I'm stuck on windows as I''m not real good with the Linux stuff.. (I like it to start with but then I end up screaming cause I can't get something to work and then there is hours of frustration.. blah blah blah...)

Also how secure is a Mac? or are there programs for Mac. I am very close to having to get a new computer as I've replaced the components in this computer to the enth degree and now the mother board is having... blond moments!!!

You could try using Whonix. Whonix is a Tor-based program that runs within one's Windows or Mac computer. Basically, when using Whonix, one is using two operating systems -- the "main" one (Windows, Mac, etc.) and the Whonix virtual machine operating system (which runs within the "main" computer). There are two virtual machines: gateway and workstation. Install the "VirtualBox" program, download the Whonix files, and import them into VirtualBox. Whonix is then run from VirtualBox (and then, finally, one uses a Linux-based Tor Browser within the Whonix workstation). In Whonix, all connections are sent through Tor, so one's IP Address can't accidentally leak.

 

[Hazel1999]

Im currently using a VPN when accessing this website however its about to expire, will i need to renew it to continue visiting or will i be safe to come here for the time being ?

 

[wormtail]

i am currently useing a vpn and tor combined on a normal opperating system how safe am i? I keep all videos in an encrypted folder. How likely am i to get busted.

 

[Zoo50]

i am currently useing a vpn and tor combined on a normal opperating system how safe am i? I keep all videos in an encrypted folder. How likely am i to get busted.

On a normal operating system, make sure you have Tor Browser set to the "safest" setting (all scripts turned off). Scripts don't matter as much when using Tor Browser within the Whonix virtual operating system (because the scripts can't "escape" from the VM).

 

[caikgoch]

i am currently useing a vpn and tor combined on a normal opperating system how safe am i? I keep all videos in an encrypted folder. How likely am i to get busted.

You are not likely to get busted but if you are ever investigated, you are toast. The VPN and TOR both protect you from your ISP and other online snoops. Keeping your porn in an encrypted folder protects you from your little brother and damned little else. Whenever you view any of that porn, your players make "last played" and similar lists. When you download anything, your browser makes temp files. All of these "leftovers" are still there for anyone tech savvy to find. In fact, certain microshaft and fruit products are designed to report your playlist to the mothership.

 

[Zoo50]

You are not likely to get busted but if you are ever investigated, you are toast. The VPN and TOR both protect you from your ISP and other online snoops. Keeping your porn in an encrypted folder protects you from your little brother and damned little else. Whenever you view any of that porn, your players make "last played" and similar lists. When you download anything, your browser makes temp files. All of these "leftovers" are still there for anyone tech savvy to find. In fact, certain microshaft and fruit products are designed to report your playlist to the mothership.

Does Tor Browser (without a VPN) hide Internet traffic from ISP? Also, if one is running Tor Browser on a regular operating system (like Windows or Mac) with scripts turned off (and no VPN), how secure is that compared to running Tor Browser within a program like Whonix?

 

[caikgoch]

Does Tor Browser (without a VPN) hide Internet traffic from ISP? Also, if one is running Tor Browser on a regular operating system (like Windows or Mac) with scripts turned off (and no VPN), how secure is that compared to running Tor Browser within a program like Whonix?

A VPN is a secure point to point (your device to selected server) routing designed to disguise your location. TOR is a secure multi point semi randomized routing intended to conceal your location. Both protect you from threats between you and your target. See https://en.wikipedia.org/wiki/Man-in-the-middle_attack This is how widespread surveillance is done.

Data leakage is a completely separate subject that happens within your device or the device of someone you trusted. Free / cheap phones are the worlds worst source. They are data collection services that exist to profile you for profit. Ask any fruit user about a visit to the former iTunes store. Your device reports all the media on it to the home office and all unapproved media vanish. Or you could take your laptop in for repair confident that the encrypted drive in your desk drawer is protecting your porn stash. Except that your player keeps a list of all available media including everything on that drive. If the tech spots one title like "Debbie Does Her Doggy", you could find yourself on the receiving end of a warrant. And they are paid to tip cops off.

 

[wormtail]

A VPN is a secure point to point (your device to selected server) routing designed to disguise your location. TOR is a secure multi point semi randomized routing intended to conceal your location. Both protect you from threats between you and your target. See https://en.wikipedia.org/wiki/Man-in-the-middle_attack This is how widespread surveillance is done.

Data leakage is a completely separate subject that happens within your device or the device of someone you trusted. Free / cheap phones are the worlds worst source. They are data collection services that exist to profile you for profit. Ask any fruit user about a visit to the former iTunes store. Your device reports all the media on it to the home office and all unapproved media vanish. Or you could take your laptop in for repair confident that the encrypted drive in your desk drawer is protecting your porn stash. Except that your player keeps a list of all available media including everything on that drive. If the tech spots one title like "Debbie Does Her Doggy", you could find yourself on the receiving end of a warrant. And they are paid to tip cops off.

how can you clear your player history?

 

[caikgoch]

how can you clear your player history?

There are programs like CCleaner but you have to use them faithfully and give up some functionalities. They will not protect you from any built in reporting functions of your OS, only a non-intrusive OS will do that.

 

[DLMEM202]

Encrypted hard drives
Folders password ptoected with different passwords
TOR
Double blind VPN

For starters

 

[bobvilla]

i am curious as to what is the best way for someone who is not computer savy. So download a separate linux based OS to run inside windows, and then also get a VPN from Europe basically?

 

[Zoo50]

i am curious as to what is the best way for someone who is not computer savy. So download a separate linux based OS to run inside windows, and then also get a VPN from Europe basically?

Whonix is a Linux-based secure OS that can run within Windows (or Mac). Whonix uses Tor in all cases. There are other Linux-based OS systems, but they may not run on Tor the way Whonix does. Interestingly, the makers of Whonix say that adding a VPN to Whonix / Tor actually weakens one's anonymity. (Reason for this: it creates a "fixed" node (the VPN) rather than different nodes).

 

[Zoo50]

As others have said recently, Tor is probably better than a VPN.

 

[caikgoch]

One of the advantages of modern Linux distros is LVM (Logical Volume Management). It turns all of your physical devices into a transparent service. It makes life easy because you can stack drives on top of drives as long as you have enough power supply to carry them and all a user will see is "my filesystem". And it has a built in ability to encrypt. You have to leave a bootloader outside of the encryption but everything else can be under as strong a pass phrase as you can imagine and other than needing the pass to boot, you'll never know it.

It can be hacked after you boot it but that's what the SE in SELinux is for. I'm sure that if one of the alphabet agencies want to devote enough resources to nailing you, they could find a way but I just don't believe that they are going to waste a top national security effort chasing dog fuckers.

 

[Zoo50]

Next, the site your visiting can be infected with malware. That malware can break out of your browser and phone home reporting your real IP address. Hackers or governments use these. Whonix is the best for this or SELinux helps.

If someone is using Tor Browser on a regular operating system (no Whonix or Tails), and they have Tor Browser set to the "safest" setting (i.e. all scripts disabled in their browser), can one's real IP address leak?