anonypla's comments

Thank you!

Thank you!

Also we recovered the original mastodon so it's https://mastodon.social/@anonymousplanet

Great to know about that non JS thing

The "Safest" mode gives me different fingerprints each time.

The "Standard" and "Safer" modes give the same fingerprint tho.

My take is: Privacy is when people know who you are but not what you are doing. Anonymity is when people know what you are doing but not who you are (some people will argue this is pseudonymity but I disagree with them in a practical context). Basically Batman is "anonymous" and Bruce Wayne is "private".

BTW https://anonymousplanet.org

I don't know why the OP's comment is "dead" but here it is:

" This project is a Void musl build with hardening configurations aimed at mitigating classes of exploitation that plague standard GNU/Linux systems.

We will soon include a kernel with PaX, grsecurity patchsets (plus additional patchsets), and gutted modules. Please read the feature list for more details on hardening measures. We have a publicly searchable matrix chat as well. Feel free to stop in and leave any critiques. "

Just one answer: https://keyoxide.org/

It's such a good maintained alternative to keybase

TrueCrypt was abandoned/discontinued and forked 7 years ago and replaced by Veracrypt ... Just sayin ...

Old but relevant https://defuse.ca/truecrypt-plausible-deniability-useless-by... .Be careful with plausible deniability depending on your threat model as it's only efficient against a soft "lawful" adversary. It's probably a terrible idea against an adversary willing to resort to "enhanced interrogation techniques" (not mentioning the usual 5$ xkcd).

Indeed :) Thank you! Already fixed it in the online version.

I'm not sure this level of "paranoia" is required to evade an abusive ex in most cases. But in any case, if a reader thinks it is, the guide can help for sure.

Yes, I think it's possible to correlate two identities just using stylometry. Or at least it would be sufficient to shorten the list of possibilities significantly. But I also think this is something that (at this stage) only a highly skilled/motivated adversary with considerable resources would do (such as a state agency). And I also guess this depends on your "original identity" being "talkative" online so that the correlation could find something to correlate to. I don't think my guide is paranoid enough to protect fro such adversaries as for instance Tor itself made it clear in their design paper that protection against a "global adversary" is not really intended. In my case, this seems "out of scope" for now and above the threat model of my guide.

Yeah I guess I should add some information about that. But I would probably argue that if you just damage the hardware enough (to make it look ruined) and just throw it in a random trash can then chances are low that someone will try to salvage/fix it. And I think it will just end in some dump/incinerator/recycling center somewhere without anyone ever trying to "track you". As for SSDs (or HDDs), I think I do provide enough information to make sure data is thoroughly deleted on them with very high confidence that no forensics will be able to retrieve anything from them.

Can't do that anymore I'm afraid ... Sorry

This has been on my to-do list for a while!

Disclaimer: I'm the maintainer/writer of the guide and I would appreciate any opinion, suggestion, criticism (even harsh criticism) from the HN community. Feel free to point out any inaccuracies or errors if you spot any. It would be more than welcome. Obviously, I don't want to spread misinformation or inaccuracies. I also know my guide was posted before by someone else but unfortunately not by me and I completely missed that post. It was significantly updated since then.

It would be useful to know if it's possible to use ffmpeg various options to re-compress, re-encode, transcode, and remove all metadata from a video to mitigate/remove some embedded steganographic watermarkings within the videos. If anyone has any idea :)

Writer of the guide here. I actually do tell you what to do in that case:

- Take the cost and go physically to such a country

- Use online services such as dtmf.io and pay with Monero (there are others but I didn't test them and some are "sketchy" to say the least)

But you could also just ask someone you trust in such a country to buy one for you (carefully) and mail it to you including a top-up voucher paid by cash.

Otherwise well just don't use services that require phone numbers for verification. No other way I'm afraid.

I don't think it's useless. You have to consider the difference between privacy and anonymity but also the situation of other Browsers (Firefox/Chrome/Edge/Safari...).

Brave is mainly about Privacy in which this is a good added measure compared to other Mainstream browsers. It's certainly a bigger issue when it comes to anonymity.

It's still much better than any other (non Tor Browser) private/incognito Window/Tab.

Brave is meant to be used as a daily Browser and as an alternative to Mainstream browsers. It's not meant IMHO to compete against Tor Browser for anonymity. Using Tor Browser for mundane non-sensitive activities seems a bit overkill to me.

There are quite a few ways to use Brave safely over Tor without using Tor Tabs and while keeping both Privacy/Anonymity (without DNS leaks).

This is a matter of threat modeling, performance and usability.

Brave has some benefits over Tor Browser in terms of usability/performance/fingerprinting resistance and acceptance by various online obstacles (such as Captchas).

For example:

Open Tor Browser and go to https://coveryourtracks.eff.org/ and check. You'll see it "fail" the fingerprinting test (nearly unique).

Open a Brave Tor Tab (or even a Private Tab) and go to https://coveryourtracks.eff.org/ and check. You'll see it pass the fingerprinting test (fully randomized).

Open a Private Tab with any other mainstream browser in their default settings and enjoy the results ...

So my take on it? Even for some sensitive activities, I do use Brave Browser within Whonix Workstation rather than Tor Browser (without Tor Tabs). This solves the issue while enjoying an overall better persistent browsing experience and less hurdles with the various services targeting and harassing Tor Browser just because they're using Tor Browser. But of course you could also use Firefox with various extensions in place of Brave. In this case and IMHO, this is a usability/performance choice.

While I do think this is a problem ... One should always remember this Brave Help Article https://support.brave.com/hc/en-us/articles/360018121491-Wha...

In which they, themselves, say (and always have been saying): " If your personal safety depends on remaining anonymous, we highly recommend using Tor Browser instead of Brave Tor windows. "

Also this is a known issue, see https://github.com/brave/brave-core/pull/7909