• The Entrepreneur Forum | Startups | Entrepreneurship | Starting a Business | Motivation | Success
  1. Trading Life for a Weekend?
    Build a Business, Build a Life.
    Unleash the Dream.

    Become an UNSCRIPTED™Entrepreneur.

    UNSCRIPTED™ Entrepreneurship is an entrepreneurial business strategy that unleashes dreams, frees time, and explodes your incomes—but more importantly, it changes your life forever. Make no mistake; this isn’t something you “try”— this is something you live.

    FREE Download (Unscripted) FREE Download (Millionaire Fastlane)  Register
    Registering for the forum removes this block!

Off-Topic What's your privacy setup?

Discussion in 'Off Topic: Sports, Funnies, Pop-Culture' started by Fred Chevry, Sep 13, 2017.

FORUM SEARCH


Need answers about entrepreneurship? Search FIRST! More than likely your entrepreneurial topic has already been discussed.
Powered by Google Site Search.
  1. Fred Chevry
    Offline

    Fred Chevry Bronze Contributor Read Millionaire Fastlane I've Read UNSCRIPTED Speedway Pass

    Messages:
    198
    Likes Received:
    487
    Joined:
    Sep 27, 2015
    Gender:
    Male
    Location:
    Miami, USA
    Rep Bank:
    $840
    I'm usually not the paranoid/conspiracy guy, but it recently started freaking me out to realize how much I was being spied on. From FB messenger scanning my conversations to offer me products, to websites installing keystroke spyware on my mobile and the realization that apple owns our fingerprints, voice print and soon face scan...

    Currently in the process of cleaning up my stuff and doing a lot of "ungoogling";

    • Using a external hard drive instead of gDrive (until I find something I trust)
    • Factory reset my phone frequently (I'm actually in the process of leaving my smartphone at home and carrying around a basic phone, but this is not for security, it's a lifestyle choice)
    • Not using Chrome, google and gmail anymore
    • couple other things in progress.
    What you guys do the escape the increasing surveillance from the Matrix?
     
  2. Dunkafelics
    Offline

    Dunkafelics Bronze Contributor Read Millionaire Fastlane I've Read UNSCRIPTED FASTLANE INSIDER Speedway Pass

    Messages:
    82
    Likes Received:
    102
    Joined:
    Jun 12, 2015
    Gender:
    Male
    Location:
    Canada
    Rep Bank:
    $603
    Interesting post and something I am looking to see what others do as well.

    To be honest I am not too worried about the government or big corporations spying on what I am doing. I've never really thought it was the biggest issue unless you are doing something wrong (ie. criminal activity, terrorism, etc.)

    I will say that I am more worried about those that partake in hacking, identity theft, etc. What do you guys do to combat these types of behaviours?
     
  3. urianasi
    Offline

    urianasi Contributor Read Millionaire Fastlane I've Read UNSCRIPTED

    Messages:
    12
    Likes Received:
    26
    Joined:
    Aug 17, 2017
    Gender:
    Male
    Location:
    US
    Rep Bank:
    $443
    I've worked in the infosec field for some time. I really like it. After reading many books on privacy and data, technical books on computer science, white papers on the subject, and worked in some projects I gotta say that you are right: it is a big issue. And something to freak about.

    Let me start by saying that you can't rely only on tools if you want privacy. Tools will give you a degree of privacy, if used correctly, but it is well understood in the field that security is a process and not a few tools here and there. In software, flaws are inevitable, vulnerabilities exist in all programs and new ones are discovered all the time. All. The. Time.

    The solution to this problem is to reduce the risk of exposure regardless of the product. Everything we use is built by others, how do we know they are trustworthy? We have to trust someone, right? Trust is a very big word. We don't realise how important it is.

    Now, I don't want to over extend my post. We could fill a book on all the moral, ethical, psychological dilemmas on security. It is important to understand, though, that security is a process, not just the use of a tool.

    Here are a few practices and tools that I use in a daily basis:
    • I pay for a VPN monthly. I can recommend you iVPN and Mullvad. I use OpenVPN client.
    • I don't have any social network. In those services, you're the product.
    • I store my pictures, docs, videos, and more in a Dropox account, but in an encrypted container. I encrypt my data in a container first, and then upload that file. In that way, I have a backup of my data, but it is encrypted with strong algorithms.
    • I use a password manager that generates passwords automatically for each new account. I don't even now my password from this forum. I use pwsafe, designed by Bruce Schneier, a famous Cryptologist and Author.
    • I browse in Firefox with some configurations and some addons: Privacy Badger, uBlock Origin, HTTPS Everywhere, NoScript, Profile Spoofing. I use it for online purchases, or other sensitive stuff. I use Google chrome for ocassional browsing.
    • I use Windows for ocassional browsing and playing games. I use GNU/Linux for everything else that requires other levels of protection, such as online purchases. I fully encrypt my Linux disks.
    • For communications I use Whatsapp. I know, I know. I would prefer to use Signal, but my family is far away and they are not tech savvy. Whatsapp implemented end-to-end encryption with the creator of Signal, so I decided to trust them.
    • This should be obvious, but I don't send any sensitive and private information through normal channels of communications.
    • I do use Gmail, but I also use Tutanota and Protonmail. Email is broken, though. The majority of the protocols on the internet like HTTP, TCP, SMTP were not designed with security in mind. Email it's fundamentally broken. If you want to communicate with other people securely, don't use email, use Signal.
    • I own an iOS smartphone. They are a problem from a security stand point, and I know it. I use it as much as a dumbphone as I can. I have the 16GB model, and I always have more than 5gb free. Like you said @Fred Chevry, a dumbphone won't improve security. 2G networks are encrypted but with a very weak algorithm, so they are fundamentally broken. I chose it because I consider iOS more secure than Android.
    That's all I can think of right now. I might take other measures, but these are the most important ones. This is not bullefproof, there are some trade offs in my design, but it still considerably better than not using anything.

    Some recommendations for the most protection you can have?
    • Use a VPN at all times. Don't trust your ISP provider.
    • Use Signal, if possible, for instant messaging and calls. Or, Pidgin + OTR.
    • Don't use the same laptop for browsing, playing games and make purchases online. Play in a console (DO NOT DOWNLOAD PIRATED GAMES), do ocassional browsing in a computer, and online banking and purchases in another computer used ONLY for that.
    • Encrypt your files before uploading them to the cloud.
    • Use TOR Browser, if possible, for private browsing.
    • Use PGP for emails. This is not bulletproof, but it's the best thing you can do with the broken SMTP protocol.
    • Encrypt your disks, and use GNU/Linux (Debian + LUKS). Use Tails or QubesOS in case you really want to be protected.
    • Use a password manager encrypted with a strong passphrase. Use pwSafe.
    • Use two factor auth in all web apps. If they don't have it, demand it (I recently wrote my bank about this... 2017 and no 2 factor auth, can you believe it?)
    • Don't just delete your files, shred them using Bleachbit.
    And remember two things:
    1. Encryption is your friend, use it. Use it for communication, for disks, for everything.
    2. Have common sense. This is probably one of the most important things too... If you see an ad offering a free iphone, please don't click on it. Do not open any files from unknown sources. Don't rely on antivirus only (in fact, I don't even have one).
    That's all I can think of, and that's probably almost everything I do to protect myself online.

    Hope it helps!
     
    Last edited: Sep 14, 2017
    Tammy Cox, lowtek, daru and 7 others like this.
  4. Fred Chevry
    Offline

    Fred Chevry Bronze Contributor Read Millionaire Fastlane I've Read UNSCRIPTED Speedway Pass

    Messages:
    198
    Likes Received:
    487
    Joined:
    Sep 27, 2015
    Gender:
    Male
    Location:
    Miami, USA
    Rep Bank:
    $840
    Epic reply. Most of your recommendations can be applied with little effort, will start working on it right now. Thanks a lot.

    @Dunkafelics It's perfectly understandable not to be worried about such issues if you are a law abiding citizen, but just like driving a car without insurance; it could go very well until it goes wrong.

    The age of communication is still in it's early stages, but evolving incredibly fast. What is not a concern today could become one tomorrow and at that point it will be too late to act and protect yourself. What kind of threats could we be facing?
    • Crypto currency wallets theft
    • Online Banking...
    • Various Scam/Fraud
    • Increased insidious targeting from marketers
    • Could a hypothetical tyrannical government of the future profile you using private data?
    • Employers hiring private firms to look deeper in your life than they are supposed to?
    • The love of your life hiring cyber investigators to find out everything on you before your first date?
    • List goes on...
    You could be very grateful TOMORROW for being preventive TODAY my friend!
     
  5. Fred Chevry
    Offline

    Fred Chevry Bronze Contributor Read Millionaire Fastlane I've Read UNSCRIPTED Speedway Pass

    Messages:
    198
    Likes Received:
    487
    Joined:
    Sep 27, 2015
    Gender:
    Male
    Location:
    Miami, USA
    Rep Bank:
    $840
    @urianasi Do you have something to recommend for anti virus software?

    Edit: I applied most of the strategies you recommended. It took about an hour (bit bleach ran for about 4 hours lol). Google ads now displays ads in languages I can't read because of Tor:rofl: and I'm fine with that.
     
    Last edited: Sep 15, 2017
  6. urianasi
    Offline

    urianasi Contributor Read Millionaire Fastlane I've Read UNSCRIPTED

    Messages:
    12
    Likes Received:
    26
    Joined:
    Aug 17, 2017
    Gender:
    Male
    Location:
    US
    Rep Bank:
    $443
    I don't use any antivirus. Why? Because they are not necessary... If you apply common sense. I mean, why will you need an antivirus if you don't allow scripts in webpages, you don't torrent, don't download any suspicious file, you don't allow macros in Word documents... They decrease system performance and usually give a false sense of security.

    What do I use? A machine with a correctly configured firewall and I install updates daily.

    You see... The majority of the people I've met that are experts in the field of security don't use an antivirus, because they apply common sense and they keep their software up to date. I'm not even kidding. Professionals use more adblocker than an antivirus.

    And the last thing is that antivirus detection rate is very low. The problem with AV is that they usually compare new threats with existent ones, or they search for similar patterns. And although sometimes succeed, the majority of the time they don't. If the threat is new, you're basically screwed, with or without AV until you apply the patch.

    Antivirus Software is the best example of a program that is treated as the ultimate solution for the problem of security. You think you are safe, "that's it, I'm already protected"... Wrong. Security is a process, not a tool.

    However, sometimes you need to share your primary machine with family. If you do, or if you want an extra layer of protection, I would recommend Kaspersky, because experts agree that it's the one that is harder to bypass (spoiler alert: they bypass it anyway, although it took a little longer).

    About your edit. That's great, you've applied some principles quickly. And you're using Tor, fantastic! (deep web? lol)... Just remember: it's a process, not a tool.

    Cheers!
     
    Tammy Cox and Kingmaker like this.
  7. Fred Chevry
    Offline

    Fred Chevry Bronze Contributor Read Millionaire Fastlane I've Read UNSCRIPTED Speedway Pass

    Messages:
    198
    Likes Received:
    487
    Joined:
    Sep 27, 2015
    Gender:
    Male
    Location:
    Miami, USA
    Rep Bank:
    $840
    That was my guess for anti-virus. I was just wondering what to do for an initial clean or in case I fear infection. By the way my encrypted external hard drive is my new favorite thing!

    Tor is great, but it definitely takes time to get used to. Leaving the google empire is not the most user friendly thing, but I'm cool with that.

    Could you expand on the deep web...
     
    Tammy Cox likes this.
  8. urianasi
    Offline

    urianasi Contributor Read Millionaire Fastlane I've Read UNSCRIPTED

    Messages:
    12
    Likes Received:
    26
    Joined:
    Aug 17, 2017
    Gender:
    Male
    Location:
    US
    Rep Bank:
    $443
    Well, the thing with Tor is that I only use for real private stuff. I mean, things that I don't want other people to know.

    This happens rarely, but sometimes the bug bites me and I use tor, and access the famous deep web.

    Tor is much slower because of the proxies, you're not connecting directly to the server you're requesting. So it is not my everyday briwser. But still, is good to have it, specially to avoid tracking or acces .onion sites.

    The famous deep web is just that: sites that have a .onion file (like HTML) that are hosted in servers connected to the Tor network. It is famous because there are many things there considered ilegal or prohibited. Not everything, of course, but there are some rare sites like bitcoin escrow services, or the possibility to purchase false documents, rare porn and stuff like that. But like I said, there are also great sites related to privacy, papers, books, free education, interesting forums where you can have good discussions about computer security, etc.

    And yes, leaving google is almost impossible. I use it at work A LOT. You can't really escape, but make sure remember that their model is advertising, and If you don't want it you can block tracking, ads, use Firefox with some extensions deleting cookies and you'll be fine.

    Good luck!
     
    Fred Chevry likes this.
  9. eliquid
    Online

    eliquid Gold Contributor Read Millionaire Fastlane I've Read UNSCRIPTED FASTLANE INSIDER Speedway Pass

    Messages:
    656
    Likes Received:
    2,176
    Joined:
    May 29, 2013
    Gender:
    Male
    Location:
    Louisville - Kentucky
    Rep Bank:
    $17,435
    I've done a lot that @urianasi has mentioned.

    One thing I've done that I've done for a long time is the use of different "machines" for different tasks which was also mentioned earlier.

    Example:
    1. I have a Macbook Pro that I only use for writing ( this is more for productivity, but also security too )
    2. I have a desktop that ONLY gets used when I need to log into very secure sites, like my online banking or purchasing stuff online/paypal, etc
    3. I use another desktop for browsing the web or playing games, etc.

    I've moved to using Firefox more and more now on most machines with all the privacy settings and plugins as well as Tor.

    I use Dropbox, but I also use BitSync ( it has a new name now, not sure I remember the new name ) and I was going to do the crypt container, but I opted for a custom script I wrote that simply 7-zips the file 3 times. 7-zip has 256 AES encryption and will modify the file names too... basically I 7-zip the file, then 7-zip that file, and 7-zip that file. Each level has its own unique password. It's a script so I just drop a file into a special folder and then all I need to do is enter in the passwords I want to use.

    In this manner no one at DropBox can read my files, but anyone that gets access to my Dropbox will have to crack each level of zip with its own unique password too.

    I've also started to use Protonmail and 2 Factor Auth.

    I can tell you, it can be very very cumbersome to use 2 Factor Auth. I have it tied to my cell phone ( Samsung S 4 ) which is also encrypted and having to find my cell phone, have it powered, and enter in my password to unlock it 2x ( boot and login screen ) is a bit much for me trying to handle using 2fa as a first timer just to get to the Google Authenticator app to use Amazon and other things. But that's the tradeoff for security I guess.

    I've done a lot more, and I am still learning daily though.
     
    Fred Chevry, Tammy Cox and lowtek like this.
  10. loop101
    Offline

    loop101 Silver Contributor Read Millionaire Fastlane I've Read UNSCRIPTED Speedway Pass

    Messages:
    441
    Likes Received:
    517
    Joined:
    Mar 3, 2013
    Rep Bank:
    $316