HackerTrans
TopNewTrendsCommentsPastAskShowJobs

anonypla

no profile record

Submissions

Cache-Based Targeted Deanonymization Attacks

leakuidatorplusteam.github.io
1 points·by anonypla·4 anni fa·0 comments

The Hitchhiker’s Guide to Online Anonymity Revival

9 points·by anonypla·4 anni fa·8 comments

Researchers protect SSDs against ransomware attacks, revert it without antivirus

securitynewspaper.com
3 points·by anonypla·5 anni fa·0 comments

Privacytools.io Becomes Privacyguides.org

privacyguides.org
3 points·by anonypla·5 anni fa·0 comments

Ciphertrace Announces Enhanced Monero Tracing Capabilities for Governments

news.bitcoin.com
1 points·by anonypla·5 anni fa·0 comments

The Hitchhiker’s Guide to Online Anonymity (Updated to v0.9.8)

anonymousplanet.org
80 points·by anonypla·5 anni fa·17 comments

Attackers Can Now Remotely Deactivate WhatsApp on Your Phone

forbes.com
2 points·by anonypla·5 anni fa·0 comments

Signal Repository, Pull Request #124, Corrects Docs

github.com
3 points·by anonypla·5 anni fa·0 comments

The Gentleperson's Guide to Forum Spies (2012)

cryptome.org
5 points·by anonypla·5 anni fa·0 comments

Tinder users will soon be able to access a background check database

engadget.com
2 points·by anonypla·5 anni fa·0 comments

Arm'd and Dangerous: malicious code, now native on Apple Silicon

objective-see.com
4 points·by anonypla·5 anni fa·0 comments

Show HN: The Hitchhiker’s Guide to Online Anonymity (Updated to v0.7.2)

anonymousplanet.github.io
10 points·by anonypla·5 anni fa·1 comments

Facial recognition reveals political party in troubling new research

techcrunch.com
2 points·by anonypla·6 anni fa·1 comments

Security on Mobile Devices:State of the Art,Open Problems,Proposed Solutions [pdf]

securephones.io
4 points·by anonypla·6 anni fa·1 comments

Ask HN: The Hitchhiker’s Guide to Online Anonymity

12 points·by anonypla·6 anni fa·0 comments

comments

anonypla
·4 anni fa·discuss
Thank you!
anonypla
·4 anni fa·discuss
Thank you!

Also we recovered the original mastodon so it's https://mastodon.social/@anonymousplanet
anonypla
·4 anni fa·discuss
Great to know about that non JS thing
anonypla
·5 anni fa·discuss
The "Safest" mode gives me different fingerprints each time.

The "Standard" and "Safer" modes give the same fingerprint tho.
anonypla
·5 anni fa·discuss
My take is: Privacy is when people know who you are but not what you are doing. Anonymity is when people know what you are doing but not who you are (some people will argue this is pseudonymity but I disagree with them in a practical context). Basically Batman is "anonymous" and Bruce Wayne is "private".
anonypla
·5 anni fa·discuss
BTW https://anonymousplanet.org
anonypla
·5 anni fa·discuss
I don't know why the OP's comment is "dead" but here it is:

" This project is a Void musl build with hardening configurations aimed at mitigating classes of exploitation that plague standard GNU/Linux systems.

We will soon include a kernel with PaX, grsecurity patchsets (plus additional patchsets), and gutted modules. Please read the feature list for more details on hardening measures. We have a publicly searchable matrix chat as well. Feel free to stop in and leave any critiques. "
anonypla
·5 anni fa·discuss
Just one answer: https://keyoxide.org/

It's such a good maintained alternative to keybase
anonypla
·5 anni fa·discuss
TrueCrypt was abandoned/discontinued and forked 7 years ago and replaced by Veracrypt ... Just sayin ...
anonypla
·5 anni fa·discuss
Old but relevant https://defuse.ca/truecrypt-plausible-deniability-useless-by... .Be careful with plausible deniability depending on your threat model as it's only efficient against a soft "lawful" adversary. It's probably a terrible idea against an adversary willing to resort to "enhanced interrogation techniques" (not mentioning the usual 5$ xkcd).
anonypla
·5 anni fa·discuss
Indeed :) Thank you! Already fixed it in the online version.

I'm not sure this level of "paranoia" is required to evade an abusive ex in most cases. But in any case, if a reader thinks it is, the guide can help for sure.
anonypla
·5 anni fa·discuss
Yes, I think it's possible to correlate two identities just using stylometry. Or at least it would be sufficient to shorten the list of possibilities significantly. But I also think this is something that (at this stage) only a highly skilled/motivated adversary with considerable resources would do (such as a state agency). And I also guess this depends on your "original identity" being "talkative" online so that the correlation could find something to correlate to. I don't think my guide is paranoid enough to protect fro such adversaries as for instance Tor itself made it clear in their design paper that protection against a "global adversary" is not really intended. In my case, this seems "out of scope" for now and above the threat model of my guide.
anonypla
·5 anni fa·discuss
Yeah I guess I should add some information about that. But I would probably argue that if you just damage the hardware enough (to make it look ruined) and just throw it in a random trash can then chances are low that someone will try to salvage/fix it. And I think it will just end in some dump/incinerator/recycling center somewhere without anyone ever trying to "track you". As for SSDs (or HDDs), I think I do provide enough information to make sure data is thoroughly deleted on them with very high confidence that no forensics will be able to retrieve anything from them.
anonypla
·5 anni fa·discuss
Can't do that anymore I'm afraid ... Sorry
anonypla
·5 anni fa·discuss
This has been on my to-do list for a while!
anonypla
·5 anni fa·discuss
Disclaimer: I'm the maintainer/writer of the guide and I would appreciate any opinion, suggestion, criticism (even harsh criticism) from the HN community. Feel free to point out any inaccuracies or errors if you spot any. It would be more than welcome. Obviously, I don't want to spread misinformation or inaccuracies. I also know my guide was posted before by someone else but unfortunately not by me and I completely missed that post. It was significantly updated since then.
anonypla
·5 anni fa·discuss
It would be useful to know if it's possible to use ffmpeg various options to re-compress, re-encode, transcode, and remove all metadata from a video to mitigate/remove some embedded steganographic watermarkings within the videos. If anyone has any idea :)
anonypla
·5 anni fa·discuss
Writer of the guide here. I actually do tell you what to do in that case:

- Take the cost and go physically to such a country

- Use online services such as dtmf.io and pay with Monero (there are others but I didn't test them and some are "sketchy" to say the least)

But you could also just ask someone you trust in such a country to buy one for you (carefully) and mail it to you including a top-up voucher paid by cash.

Otherwise well just don't use services that require phone numbers for verification. No other way I'm afraid.
anonypla
·5 anni fa·discuss
I don't think it's useless. You have to consider the difference between privacy and anonymity but also the situation of other Browsers (Firefox/Chrome/Edge/Safari...).

Brave is mainly about Privacy in which this is a good added measure compared to other Mainstream browsers. It's certainly a bigger issue when it comes to anonymity.

It's still much better than any other (non Tor Browser) private/incognito Window/Tab.

Brave is meant to be used as a daily Browser and as an alternative to Mainstream browsers. It's not meant IMHO to compete against Tor Browser for anonymity. Using Tor Browser for mundane non-sensitive activities seems a bit overkill to me.

There are quite a few ways to use Brave safely over Tor without using Tor Tabs and while keeping both Privacy/Anonymity (without DNS leaks).

This is a matter of threat modeling, performance and usability.

Brave has some benefits over Tor Browser in terms of usability/performance/fingerprinting resistance and acceptance by various online obstacles (such as Captchas).

For example:

Open Tor Browser and go to https://coveryourtracks.eff.org/ and check. You'll see it "fail" the fingerprinting test (nearly unique).

Open a Brave Tor Tab (or even a Private Tab) and go to https://coveryourtracks.eff.org/ and check. You'll see it pass the fingerprinting test (fully randomized).

Open a Private Tab with any other mainstream browser in their default settings and enjoy the results ...

So my take on it? Even for some sensitive activities, I do use Brave Browser within Whonix Workstation rather than Tor Browser (without Tor Tabs). This solves the issue while enjoying an overall better persistent browsing experience and less hurdles with the various services targeting and harassing Tor Browser just because they're using Tor Browser. But of course you could also use Firefox with various extensions in place of Brave. In this case and IMHO, this is a usability/performance choice.
anonypla
·5 anni fa·discuss
While I do think this is a problem ... One should always remember this Brave Help Article https://support.brave.com/hc/en-us/articles/360018121491-Wha...

In which they, themselves, say (and always have been saying): " If your personal safety depends on remaining anonymous, we highly recommend using Tor Browser instead of Brave Tor windows. "

Also this is a known issue, see https://github.com/brave/brave-core/pull/7909