anonypla's comments

Just that at least the first statement is technically incorrect. And that the second is a bit misleading IMHO.

Edit: And adding that some of the data in question is in Apple's control (the IMEI for instance that could also be randomized/changed).

" If John had used Apple Maps to check the traffic, his location data would have been linked to a random identifier, which is regularly reset and not linked to John. As a result, no one but John would end up with knowledge of his location. " Well, no-one except your cell provider of course which knows precisely where you are anyway and will use and sell this data anyway.

" If John had bought the ice cream using Apple Card, his bank would not use his transaction information for marketing purposes. Had he used Apple Pay, Apple would have used on-device intelligence so that John could view his transaction history on his iPhone without Apple obtaining information about where he shopped, what he purchased, or how much he spent. " Without Apple knowing maybe but not without Mastercard/VISA knowing everything anyway?

Link to paper: https://www.nature.com/articles/s41598-020-79310-1

Thank you!

Thank you!

Thanks, it doesn't claim to override GitHub ToS and I will adapt the guide if anything in there is against their ToS. So far nothing was reported to me as being against their ToS and I think it's fine as it is. This guide does not endorse/support anything unlawful in Germany. If that guide is used by anyone outside of Germany, they should check their local laws before. As for the code of conduct, the current "no code of conduct" approach is only meant to say that I have nothing to add besides the GitHub ToS which anyone has to agree to before signing up anyway. The guide also specifically states it's not meant for use for any unethical/unlawful activities of any kind and some sections of the guide have been limited.

Thanks :) If you spot anything wrong with my Whonix section. Feel free to submit an issue on GitHub. Mostly I'm referring to the Whonix documentation itself with some added personal experiences so it should be up to datte.

As for the code of conduct, this project does not aim to receive any support or receive any funding from any big player.

This project also aims to be remain as neutral as possible politically besides privacy and anonymity. Its only stance is that it's meant for adult people with good intentions and that those people should check the local legal aspects themselves unless they're in Germany where everything should be fine (multiple citations included in the guide in regard to that).

The Hitchhiker’s Guide to Online Anonymity

https://github.com/AnonymousPlanet/thgtoa

(Please don't be too harsh as it's still a draft but any opinion, criticism or help would be welcome)

Personally I think QubeOS is probably the best option in terms of Privacy and Security at this stage. If your hardware can handle it (16GB RAM would be best).

I would seriously consider QubeOS over PureOS if privacy and security are your concerns.

It works pretty well and I've been using it for a while now on not so recent hardware without much issues.

Their compartmentalization and seamless virtualization is just amazing and I don't think any other distro offers this with so much convenience.

One should also note that, even if you use ODoH, eSNI and even Tor (or any VPN service), your ISP could still reliably fingerprint your web access activity at the source using deep learning with over 96% accuracy as shown in this study (https://distrinet.cs.kuleuven.be/software/tor-wf-dl/).

So while ODoH is a good thing (and also recommended in this study which has shown the weaknesses of DoH/DoT https://www.esat.kuleuven.be/cosic/publications/article-3153...) and is very similar to DNS over Tor with a DNS hidden service resolver (which Cloudflare also provides). It won't prevent a skilled and motivated adversary from determining your activity and possibly apply censorship.

I would guess that a solution to mitigate these would be to use an hybrid solution of VPN over Tor (or Tor over VPN) while also using DNS over Tor or ODoH and eSNI.