So I have been working on my #opsec for the last couple of days, here some interesting techniques I learned
- It's very hard to leak your IP address when using #Whonix, Android can still leak your IP address even when the kill switch is enabled
- #CryFS is the best encryption algorithm in terms of privacy, however it's not audited and doesn't like large files, I tried to encrypt a 20Gb file, and I couldn't decrypt it 🥲
- #TailsOS can access other #USB sticks while in use, this is very useful if you keep a wallet in Tails and maybe your password database in another encrypted USB stick, still TailsOS has also good encryption, so it's hard to extract stuff from it.
- it's true, Tor Browser did mess up an important spoofing feature that made Linux users look like Windows users, this is very bad news for us Linux users because we're few and we will stand out, the only solution is to use a Windows VM at this point, but VM or not, Windows does client side scanning and keystrokes capturing.. It's a compromised system, AVOID at all costs... That also applies to Apple products (ALL OF THEM)
- confuse the ad networks by searching for random stuff, and get a privacy screen for your phone
- last but not least: URLcheck is small FOSS app that I think all people should be using, a lot of phishing attacks happen because people accidentally click on links, this app replaces your default browser so it let's take a closer look at the link, it can sometimes label that link (malware, adult content.. etc)
GitHub
GitHub - TrianguloY/URLCheck: Android app by TrianguloY: URLCheck
Android app by TrianguloY: URLCheck. Contribute to TrianguloY/URLCheck development by creating an account on GitHub.
