Jump to content
Not connected, Your IP: 54.198.139.112
ravenheart

anonymity and machine identification

Recommended Posts

was curious about how others setup their browsers,  for instance some of these dns leak sites can get machine info, i.e screen size, hardware platform, etc.  For instance if I go to say, jondonym and have it scan me, I can make it green across the board except for 2 items, http session, ( which I've heard is a symptom of vpn usage?)  and the other is the authentication - unique i.d, I believe I've heard/read that that one is damn near impossible to get around but not sure, tho I know they are selling something so tests could profile you to see if yer using their product and give false results.

 

What addons does the assembled braintrust use here?  what about say , using 2 diff addons that sorta perform the same thing, like ghostery and privacy badger, is there a possible issue with them fighting for control?

Share this post


Link to post

I agree with zhang888 that if we are going to use a browser without tor and only with vpn then we should use tor browser without tor (disabling "tor launcher" addon and changing network settings)

Share this post


Link to post

I agree with zhang888 that if we are going to use a browser without tor and only with vpn then we should use tor browser without tor (disabling "tor launcher" addon and changing network settings)

 

pr1v,   hmmm I'd never even considered that option thnx,    I always like to tinker around so now off to go find a tutorial on how to change the network settings in tor browser heh. 

Share this post


Link to post

Disable in addons: tor launcher.

 

Network settings:

 

- Use system proxy settings

- Uncheck remote dns.

Share this post


Link to post

Disable in addons: tor launcher. Network settings: - Use system proxy settings - Uncheck remote dns.

 

pr1v thanks a lot for that, however it's a no workie,  is unable to access any network connection,  gonna have to investigate further heh, but thanks for the head start.....

Share this post


Link to post

Yes, sorry. As zhang888 said: no proxy. My mistake (although it works for me with "system proxy settings", it's not for everyone).

Share this post


Link to post

What addons does the assembled braintrust use here?  what about say , using 2 diff addons that sorta perform the same thing, like ghostery and privacy badger, is there a possible issue with them fighting for control?

 

How far you go depends on how paranoid you are.

 

Most of the browser fingerprinting that goes on relies on JavaScript. Install NoScript and be happy. I recommend removing all of the non-about: links in its whitelist and also turning off iframes, frames, WebGL in its settings. Only whitelist the bare-minimum of sites that you trust. Definitely never anything that might cause leaks and draw attention (Pirate Bay, for example).

 

I also recommend UBlock origin, UMatrix. In UBlock, turn on as many filters as you are comfortable with. All the Disconnect ones, the Anti-Adblock ones and the complete set of social blockers. That blocks most of the third-party trackers completely in their tracks. UMatrix will also do the same job, but I found that some trackers that hide under the same domain as you're visiting (tracking.yahoo.com as an example) so you have to be a bit more selective about whitelisting domains.. UBlock takes care of them for you.

 

In UMatrix, go to a trusted site then open its filters. Select the domain at the top and pull down the '*' entry. Turn off everything and save. Turn on first party CSS and Images. Save again.

 

Now you only load CSS and images from the domain you're visiting. You can whitelist third-party content on domains as you go. It didn't take me long to have the regular list of sites I use sorted out. You might want to whitelist some sites for JavaScript. AirVPN is one.

 

Firefox has a Privacy Settings addon. It adjusts away a lot of privacy and security-related settings.

 

If you like turning on cookies to log into sites then self-destructing cookies can clean out some cruft after a timeout. Be warned this will log you out of a lot of sites if you just leave their window open in the background.

 

HTTPS Everywhere is good to force HTTPS on sites that support it. It uses a policy list to know what sites to force HTTPS on.

 

FlagFox puts an interesting little flag in the URL bar to show where the server you are looking at might be. It is the only one that works on a local database without making requests for every site you visit.

 

If you're paranoid, turn off pdf.js - none of the above addons stop it.

 

If you're even more paranoid, look into something like firejail on Linux or sandboxie on Windows. MacOS has sandboxing too, but I've not bothered to invest in it. I have setup for firejail that uses the --overlay-tmpfs option to make my Firefox instance completely throwaway. Every write goes into RAM. Mixing it with --private completely hides the rest of your system from the browser. You can go a lot further with it.

 

Add an extra layer with a VM. Go all the way to Whonix or Qubes if you want a fully isolated environment that will do its best to prevent information leaks.

 

Or you can use the Tor Browser Bundle and disable the TOR launcher if you want. Be warned there are some zero-days in Firefox that the FBI has been using to target TOR users. They won't disclose them so nobody knows where to begin looking. We can't tell if they are specific to the TBB or in the vanilla Firefox. We don't know if they've been fixed in the latest versions or not. Best guess is they are JavaScript based and still present in the latest firefox version. If the FBI is using zero-days to infect systems it's not too far to stretch to say they got them on the black market for a price and that other criminals also purchased them and are exploiting them.

Share this post


Link to post

Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

 

Actually, several of those addons are difficult to use for most users here. Including NoScript and Request Policy. You might want to post a thread explaining their usage.


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

Debugging is at least twice as hard as writing the program in the first place.

So if you write your code as clever as you can possibly make it, then by definition you are not smart enough to debug it.

Share this post


Link to post

My two pennies on the discussion..

Knowing what you want to achieve is important I think.

For instance a vpn on host with guest OS browsing, never logging in using site accounts, not making searches that are personal to me... lets call it a "porn setup".  It's not what I use it for (I believe me, but millions wouldn't). It is not anonymous as personal details are available to be found, but only if entered. Say I've had a few beers and want to find songs on youtube to suit my desperate needs I can use this setup and I will get song suggestions based on what I have played. that is all it is. There is no link to me in anyway.

On the other hand if your are planning on buying nuclear warheads from Ru, full tor browser might be a good idea.

However if you just want to look at porn others would frown upon tor browser non tor routed might work for you. After all, tor browser is just firefox with certain addons and settings.

A guest OS on VM over VPN can be very convenient if you want to do more than just browse and at the same time remain anonymous (user dependent)

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...