lurkerlady [she/her]

  • 0 Posts
  • 4 Comments
Joined 3 years ago
cake
Cake day: March 28th, 2022

help-circle

  • lurkerlady [she/her]@hexbear.nettomemes@hexbear.net___
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    3 months ago

    So like, unless youre really digging into wireshark or something over a long time, you really dont know what connections are encrypted or unencrypted coming from your OS. Thats more what I’m referring to. Certain OSes like whonix have safeguards for this, and linux in general is much better about this. Its hypothetically possible a malicious actor could hijack an operation that isnt encrypted coming from your OS to bork you.

    And yeah tor browser on its own without JS and high tracking prevention is the way to go if you dont want a big hassle dealing with your OS. I was more referring to TORing all of your computer traffic, which should only be done with specific OSes. Mullvad browser with vpn is fine for the vast majority of people and it doesnt reduce speed a lot like TOR does.


  • lurkerlady [she/her]@hexbear.nettomemes@hexbear.net___
    link
    fedilink
    English
    arrow-up
    24
    ·
    edit-2
    3 months ago

    Tor can be very dangerous if you don’t compartmentalize it enough and use the wrong software with it. Its pretty well documented that if you request a normal http page (not https) malicious tor nodes are constantly checking for it so they can attempt to serve you bad shit to steal info. You never really know when your computer on say, a windows machine, will make a bad request. So it becomes imperative to use operating systems and technologies that limit that issue. (Re: use tor only on the tor browser, or use qubes+whonix to compartmentalize potential bad requests).

    The most secure ‘every day’ thing someone can do is use almost any linux distro, mullvad browser (or a normal hardened firefox), and a trusted vpn (proton, mullvad, ivpn, out of these three mullvad is probably the best).

    the most secure thing possible (re dont do this its ridiculous for 99.9% of people) is probably a sneaky self-made wireguard vpn entry node + tor + qubes/whonix. and by sneaky wireguard vpn i mean doing stuff and things in order to not pay for an ISP with your vpn server. that means you have pivpn or something setup on a hidden raspberry pi on a network you probably dont have permission to run vpns on.