Simple Security Guide / Reminder

[DeepScrub]

If you are curious how to protect yourself online, I will give a brief overview.

At minimum you should have:

• A VPN with a no-logging policy (Mullvad (my choice), ProtonVPN)
  • You can mail cash in an envelope to Mullvad and they'll fund the account specified no questions asked.
  • Just because a VPN company says they don't log, doesn't mean they are being honest. Look for VPN companies that have been audited by 3rd parties.
  • Known bad list: NordVPN, ExpressVPN, Private Internet Access, SurfShark, or any other one you've seen advertised on GoyTube
• Use 2 Factor Authentication through an open source app. Try not to rely on bigger 2FA services, like Google Authenticator or Microsoft Authenticator.
  • Take extreme caution when deleting your 2FA app. Most of the time, the keys are not saved anywhere, and if you delete the app before exporting the keys, you will be locked out permanently.
  • IPhones: AuthPass
  • Androids: Ageis Authenticator (from fdroid)
• Don't use Chrome, or Edge as your web browser, try to use an alternative (though they all spy on you to some extent.)
  • Firefox (Preferably Hardened Firefox (an overly exhaustive guide))
  • "Ungoogled Chromium"
  • Normal Chromium itself is still a pretty good balance between privacy and usability.
  • Note: The more private the web browser, the less convenience you will have. Consider it a trade off, but don't make yourself miserable!
• Don't stick out, and don't bother with personal social media.
• Don't use Windows 11, but Windows 10 isn't much better. If possible use a desktop version of Linux. Don't sweat if this is too large of a change for you.
  • At the very least, try not to use a Microsoft account on Windows, only a local account.
• Keep your passwords long and unguessable. Anything over 8 characters with capitals, numbers, and even one symbol thrown in, is extremely hard to brute force / guess. Change them once a year or so.
  • BAD PASSWORD = "pizza12"
  • OKAY PASSWORD = "PerfectMagic78!"
  • PERFECT PASSWORD = "K!39f(1Zw!T2"
• Text messages are not acceptable for JoS communications. Don't pass sensitive information through them. Most "secure texting alternatives" aren't much better.
• Use Protonmail, or another encrypted email service for JoS communication.

That's all. If anyone has any other suggestions, feel free to contribute. This is meant for those who are unsure where to even start, and isn't meant for advance users.

[Blitzkreig [JG]]

I would heavily suggest that every SS takes this their online security seriously, despite if you are tech savvy or not.
Many of these things can be set up once and then left alone, for the most part, yet they will provide huge amounts of safety.

Yes, it would be nice to relax and not have to worry about basic communications, but this is the reality of living within a war environment. The enemy will seek to abuse laziness within this realm if you let them.

The goods news is that once you secure this area of your life, there are few remaining areas where the enemy can attack through. The enemy's plan to digitize everything falls apart if people refuse to attach themselves without first protecting their data and privacy.

[Henu the Great]

Frankly it provides little use to switch to using a different browser and a vpn when you use Windows operating system. Microsoft has placed extensive telemetry into their products. You would be relatively safe from your internet service provider, but that's about it. Two phased authentication provides good protection against phising attacks, but is mostly useless against man in the middle attack or someone intruding directly in the system.

[Blitzkreig [JG]]

Frankly it provides little use to switch to using a different browser and a vpn when you use Windows operating system. Microsoft has placed extensive telemetry into their products.

This can help get around the telemetry: https://wpd.app/

[Shiva666]

For Android, which web browser I will use ?

[Blitzkreig [JG]]

For Android, which web browser I will use ?

This website is great for finding good alternatives to all apps: https://www.privacytools.io/private-browser

For android, I think Firefox or Chromium are good. I am a little suspicious of Brave and DuckDuckgo

[Henu the Great]

Frankly it provides little use to switch to using a different browser and a vpn when you use Windows operating system. Microsoft has placed extensive telemetry into their products.

This can help get around the telemetry: https://wpd.app/

The problem with that approach is that you risk disabling core Windows functions when disabling certain services. MS Windows is built in a way that the control of the OS is outsourced into a central mainframe (communism). Unless severely limiting/disabling the OS is okay with the user there is no way around this.

[Blitzkreig [JG]]

The problem with that approach is that you risk disabling core Windows functions when disabling certain services. MS Windows is built in a way that the control of the OS is outsourced into a central mainframe (communism). Unless severely limiting/disabling the OS is okay with the user there is no way around this.

That's true. The problem is that the full solution involves using an older version of Windows or Linux, which most people aren't going to do. There is a balance of convenience and security here, especially for people who may not have a natural interest in these areas.

I have used the above app and disabled many services without issue, but it is not perfect as you mention.

[Henu the Great]

The problem with that approach is that you risk disabling core Windows functions when disabling certain services. MS Windows is built in a way that the control of the OS is outsourced into a central mainframe (communism). Unless severely limiting/disabling the OS is okay with the user there is no way around this.

That's true. The problem is that the full solution involves using an older version of Windows or Linux, which most people aren't going to do. There is a balance of convenience and security here, especially for people who may not have a natural interest in these areas.

I have used the above app and disabled many services without issue, but it is not perfect as you mention.

There is no older Windows that would be fine to use in any shape or form because all the miscellaneous security risks on top of the internal downfalls of not being in full control over the system.

Alternative is not so very complicated. Even basic installation of Ubuntu Linux, or it's derivates removes most of this risk. There are better alternatives of course, and those come with actual task of learning something new. The aforementioned Linux OS installation is as simple as Windows installation. It can be done as simply as only pressing next.

[Blitzkreig [JG]]

There is no older Windows that would be fine to use in any shape or form because all the miscellaneous security risks on top of the internal downfalls of not being in full control over the system.

Alternative is not so very complicated. Even basic installation of Ubuntu Linux, or it's derivates removes most of this risk. There are better alternatives of course, and those come with actual task of learning something new. The aforementioned Linux OS installation is as simple as Windows installation. It can be done as simply as only pressing next.

I think part of the reason why Microsoft proceeds with glaring privacy issues is that they know most people won't bother changing OS. Even if I myself did, I feel the majority of SS may be hesitant. Most people will probably never even download the WPD app either.

So, this is a big problem which requires an expert opinion on what exactly is rendered vulnerable and how we can fix this for most people.

[Henu the Great]

So, this is a big problem which requires an expert opinion on what exactly is rendered vulnerable and how we can fix this for most people.

The exact problem is that mainstream software programs are directly spied on by massive data centers via backdoors.

The problem is lessened by using software not directly tied to spying programs in which case what is left is to obfuscate network traffic.

To what extent one wants to obfuscate is in direct correlation with how severely governments are affected by the said actor(s). Unless we are talking about Assange's level of whistleblowing or journalism of a sensitive kind, then in most cases using simple methods is more than enough. Then there is the preference for privacy, in which case one must take extensive steps both on the local software level, and regarding network traffic. This is not something that concerns most people.

In any case, metadata is massively collected whether there is a direct backdoor or not. I wouldn't say that this is inherently bad, but the people currently in the reign of these systems are not entirely pro-humanity and as such can be used for nefarious purposes. Ideally, such systems would be used against evils of this world efficiently, but this is not the case for now.

[EnkiUK56]

So, this is a big problem which requires an expert opinion on what exactly is rendered vulnerable and how we can fix this for most people.

The exact problem is that mainstream software programs are directly spied on by massive data centers via backdoors.

The problem is lessened by using software not directly tied to spying programs in which case what is left is to obfuscate network traffic.

To what extent one wants to obfuscate is in direct correlation with how severely governments are affected by the said actor(s). Unless we are talking about Assange's level of whistleblowing or journalism of a sensitive kind, then in most cases using simple methods is more than enough. Then there is the preference for privacy, in which case one must take extensive steps both on the local software level, and regarding network traffic. This is not something that concerns most people.

In any case, metadata is massively collected whether there is a direct backdoor or not. I wouldn't say that this is inherently bad, but the people currently in the reign of these systems are not entirely pro-humanity and as such can be used for nefarious purposes. Ideally, such systems would be used against evils of this world efficiently, but this is not the case for now.

The israelis hacked whatsapp Henu prob already aware was a while ago mate. Pegasus or something.

[Masterj810610]

Is it ok if I use a secure browser for all that is relate to JoS and Brave for my daily work?

I was using NordVPN but I have switch to Proton

[DeepScrub]

Is it ok if I use a secure browser for all that is relate to JoS and Brave for my daily work?

I was using NordVPN but I have switch to Proton

What do you mean by secure browser? Tor? Or one of the browsers i listed? If so, then that is fine.

NordVPN is not great and has a dubious owner. Good on you for changing, it was the right thing to do.

[FlameGhost]

So would Telegram also be a bad choice? I've seen other's mention it.

Not using it for groups or anything, just texting to other trusted people about JOS stuff.

[serpentwalker666]

So would Telegram also be a bad choice? I've seen other's mention it.

Not using it for groups or anything, just texting to other trusted people about JOS stuff.

Telegram would be a bad choice. Truthfully, communicating anywhere besides the forums is a bad idea.

To reach people safely. You should create an anonymous account with a back up email with something like mailfence. And just link your profile to that for the email. Then use that to post links and things only to spread the truth around the internet anonymously as possible.

When sharing any information with even trusted people, You never know how people will react.

I'd advise against it based on my own experiences over the years. Be careful.