The chrome doesn't shine.

[ROFCB Commander 664]

Part of watching the statistics for our Civilian Defense Force website involves seeing what browser people are using to access it. Each visitor leaves that particular "fingerprint" on their interaction. Since many of our visitors come from MyMilitia.com (a fact that is also shown), I have the inside scoop that many of you--far too many--are using Google Chrome as your web browser.

 

Folks, we're a movement that depends on security. "Chrome" and "security" are two words that simply do not belong together in the same sentence.

 

I'm not going to go into the reasons why this browser is better or worse than that one. What I will say is that in terms of security, they don't get much worse than Chrome, and Chrome is so loaded with bloat that it's slow and "ugly" anyway. There really isn't a good reason I can think of to be using it. If you insist on using something built on the Chromium framework (which is what Chrome is built on), Duck Duck Go is now producing a browser that is much better about protecting your information and, because they depend on both Chromium and the Google Search capabilities overall, it could easily be called "Chrome Light".

 

A much better option (and there are a dozen better options out there) would be Firefox, especially paired with either their new VPN service, or their VPN-like extension. The browser is better to begin with, built with privacy and security in mind. It's lighter, too. And when you add one of those two extra services you're even more protected. The VPN is a paid service, but costs less than $5/month, and the browser extension, which is essentially VPN lite, is free. The extension doesn't do a lot; it secures your browser-based traffic and nothing else, and even that has some limitations, but for free it's fine to add it. It doesn't slow your browsing down measurably (neither does the VPN), and both the VPN and the extension are run off of the Mullvad VPN network. Of all the VPNs out there, Mullvad is the one I prefer (even though they're in Sweden, one of the 14-eyes countries).

 

I do NOTHING online without a VPN. Why? Well because, again, my website tells me what your ISP is. Without the protection of a VPN, I could--if I was a malicious actor who sympathizes with, say, ANTIFA--identify down to the service provider who/where you are. That may not seem like much, but again these people are EXPERT at causing problems for people online. Do you really want to make it any easier for them? A VPN is cheap insurance, and it's good anyway; it's nobody's bloody business what I look up, what sites I visit, etc. Not ANTIFA, not my ISP, not the government, not anyone. If I'm into midget amputees wearing scuba gear, that's my business! 🤣

 

Other browsers that are security-oriented and surely better than Chrome include Brave and Epic. Opera has it's own VPN built in (though it has restrictions, and you should read their terms of service carefully). The only one I would recommend less than Chrome is Microsoft Edge, and even it has done a great deal to improve security, while Chrome continues to go downhill.

 

In short, the Chrome simply doesn't shine. No sense in trying to polish it, either--chrome was blase a long time ago. Get something sleeker, that doesn't sell you out every time you fire up the laptop.

 

Security is everything. Start by securing what you browse the internet with.

[Cb85 136]

I use duck duck go with surf shark. Chang my vpn location every time I go on the web. 

 

do you think that's safe? Just wondering 

[ROFCB Commander 664]

Just now, Cb85 said:

I use duck duck go with surf shark. Chang my vpn location every time I go on the web. 

 

do you think that's safe? Just wondering 

Surf Shark is another inexpensive VPN service that gets high marks for security. I haven't personally looked into them much, but they're considered a top ten VPN provider, and I've seen them in the top 5 on some review sites. I have used Duck Duck Go, and there are things about them that I like (not the least of which that they don't track your activity) but I wouldn't consider them the MOST security-conscious browser. Still, much better than Chrome, and the setup you describe should be fine for holding the enemies we're concerned about at bay.

 

This issue becomes more important if you go onto the websites and other areas that the ANTIFA-types dominate. You leave "fingerprints" with every visit, so if it's a website that you'd rather not identify yourself on, better to minimize or disguise those fingerprints. That's the purpose of a better browser, and an added VPN service.

 

It sounds like you're fine in that regard.

[Cb85 136]

12 minutes ago, ROFCB Commander said:

Surf Shark is another inexpensive VPN service that gets high marks for security. I haven't personally looked into them much, but they're considered a top ten VPN provider, and I've seen them in the top 5 on some review sites. I have used Duck Duck Go, and there are things about them that I like (not the least of which that they don't track your activity) but I wouldn't consider them the MOST security-conscious browser. Still, much better than Chrome, and the setup you describe should be fine for holding the enemies we're concerned about at bay.

 

This issue becomes more important if you go onto the websites and other areas that the ANTIFA-types dominate. You leave "fingerprints" with every visit, so if it's a website that you'd rather not identify yourself on, better to minimize or disguise those fingerprints. That's the purpose of a better browser, and an added VPN service.

 

It sounds like you're fine in that regard.

Ok thanks for your input.

 

i don't frequent antifa or far left groups. If I did in the future I'd use tails on our lap top and tor + vpn

but on mobile and just browsing around it's DuckDuckGo and surfshark we like it cuz for 1.77$ a month we can use it on all our phones and labtop. No limits on how many devices 

Edited August 9 by Cb85
Typo

[ROFCB Commander 664]

It's a good setup. You could get away with that on the ANTIFA websites, too. They're good, but they're not THAT good. Still, the absolute best security for anything as far as I'm concerned is TAILS coupled with a good VPN. It's not like the ultimate in security; if they wanted to, the NSA could still break it. But short of the NSA or a REALLY pissed off FBI, you're probably maxed with TAILS/VPN.

[Vincenzo 52]

I got brave and dont have ads everywhere.

[ROFCB Commander 664]

13 minutes ago, Vincenzo said:

I got brave and dont have ads everywhere.

Brave has been getting a lot of good press lately. Some of the security people I trust the most are even touting Brave. It's one of the newer players, so I have been hesitant to switch, but I used it on one of my phones and it seemed fine.

 

As far as VPNs are concerned, I'm pretty fond of Mullvad. They're a no-logging service, but even if they logged, they have a unique way of entering the info into their service to determine who has paid and who hasn't; they print out a numbered account via random number generator, right off their website, You pay to that account number (no info collected, and you can even pay by cash dropped into an envelope). That random account number is what is put into their system. Nobody could track you even if they did log, and they don't. You have to watch out for supposed "no log" VPNs, because in most cases that's a lie. As far as I'm concerned, a VPN that logs is worthless. The best of the true no-log services are Nord, ExpressVPN, Mullvad, and possibly Proton. I've heard good things about Surf Shark too, though I haven't done a deep dive with them.

[MarcS 229]

I use Brave as well, and Proton's free VPN. But I also have Firefox, Chrome, and Vivaldi installed and sometimes use them for specific purposes.  

[WinterPatriot 131]

Some random thoughts re security:

(1) The other side includes some very technically-proficient people. They believe everyone on our side of the fence are Nazis, so they have no scruples about what they will do.

 

(2) Most of the employees of Google, Microsoft, Amazon, Facebook, Twitter, etc are 'woke', and some of them would probably be very happy to reveal the personal details of anyone

they were told was a 'Nazi',  to a Leftist doxxing team.

 

(3) Watch out for 'Honeypots': these are websites aimed at appealing to our side, but whose real purpose is to collect as much information about the people who sign up to them as

possible. Thus it's probably best to use a different screen name and password for every site you log on to. (There are dozens of soupposed 'conservative' websites whose obvious purpose

is to attract advertisers, and they are utterly unscrupulous about what kind of advertising they will accept: so on certain of them, you will find advertisements for cures for cancer, etc. which

are just quack medicine aimed at the desperate and gullible. Most of these websites are just news aggregators, with someone to put sensationalist headlines on ordinary news. These people

are just sharks out to extract money, but there is no reason a serious Lefty group couldn't do the same.)

 

A sophisticated 'honeypot' site will also have posters who sound like patriots -- including supposedly female posters -- who will strike up a personal conversation via PMs, and try to extract

identifying details from you.  Blackmail is not ruled out, either.

 

(4) The best security is mass public support -- which can range from enthusiastic committment, to friendly neutrality.

[MarcS 229]

According to this site, Proton's free VPN is confirmed no-log, They simply limit bandwidth for the free VPNs. This lists supposedly verified no-log VPNs. At the least, it's a good place to start. https://proprivacy.com/vpn/comparison/best-no-logs-vpns 

 

Here's a good write up on secure browsers, Note that Firefox does require some extensions and some tweaking to be secure. https://restoreprivacy.com/secure-browser/

 

If you are technically oriented, this is a good overview of what you need to do with Firefox to harden it. https://restoreprivacy.com/firefox-privacy/

[MarcS 229]

As always, it's buyer beware (even if you aren't actually buying anything). No-log VPNs aren't always no-log. And anything connected to China, or using services connected to China are *always* highly suspect. In fact just don't, no matter how many people and publications assure you it's okay. All companies in China are required BY LAW to share all info and data with the CCP. And yes China means Hong Kong, at least for now. And personally I would not rely on the security of any service located in Taiwan. Yes it seems safe now, but the island could be infiltrated or outright taken over in 24 hours and it takes a lot less time than that to steal data. https://www.pcmag.com/news/7-vpn-services-found-recording-user-logs-despite-no-log-pledge

[MarcS 229]

Hardening a browser can slow it down and even break functions or sites. So it's best to keep one max hardened browser or browser setup specifically for visiting potentially risky or risk-unknown sites. That way you can use a less hardened browser for most of your day to day web visits, and not have problems with sites or features. Consider any site you do not have a history with as a risk-unknown site and use your max hardened browser to visit that site until you are reassured that the site is safe. This will compromise security somewhat. But the frustrations connected with daily use of a max hardened browser generally result in folks giving up and just rolling the dice with an unsecured browser, which is much riskier in the long run. If you want to follow a link, always view the link before you open it. That does not mean look at the text they give you as a link (especially in emails and most especially in emails that appear to be spam and/or from folks you do not know). Look at the actual URL. Get in the habit of not simply clicking on links but instead right clicking and selecting save link, then paste (not paste and open, just paste) in a new tab in your browser. Look at the link and make sure it matches where the link indicated it was going to send you.  If not, just delete that tab and do not open the URL. Treat the URL, the link, and the source of the link as an outright attack. If it does match where the link seemed to be sending you but you do not have a history with the site, open your max hardened browser and paste the link there. Make sure your VPN is connected, and then you're as safe as you can be in risking opening it. This protocol will let you enjoy the web as safely and with as few problems or delays as possible. Use you minimally hardened browser for sites like this one, and enjoy speeds and unbroken sites and features. And save the issues with slow downs, and broken sites and features, that a max hardened browser will create, for more risky sites.

Edited August 9 by MarcS

[ROFCB Commander 664]

2 hours ago, MarcS said:

Hardening a browser can slow it down and even break functions or sites. So it's best to keep one max hardened browser or browser setup specifically for visiting potentially risky or risk-unknown sites. That way you can use a less hardened browser for most of your day to day web visits, and not have problems with sites or features. Consider any site you do not have a history with as a risk-unknown site and use your max hardened browser to visit that site until you are reassured that the site is safe. This will compromise security somewhat. But the frustrations connected with daily use of a max hardened browser generally result in folks giving up and just rolling the dice with an unsecured browser, which is much riskier in the long run. If you want to follow a link, always view the link before you open it. That does not mean look at the text they give you as a link (especially in emails and most especially in emails that appear to be spam and/or from folks you do not know). Look at the actual URL. Get in the habit of not simply clicking on links but instead right clicking and selecting save link, then paste (not paste and open, just paste) in a new tab in your browser. Look at the link and make sure it matches where the link indicated it was going to send you.  If not, just delete that tab and do not open the URL. Treat the URL, the link, and the source of the link as an outright attack. If it does match where the link seemed to be sending you but you do not have a history with the site, open your max hardened browser and paste the link there. Make sure your VPN is connected, and then you're as safe as you can be in risking opening it. This protocol will let you enjoy the web as safely and with as few problems or delays as possible. Use you minimally hardened browser for sites like this one, and enjoy speeds and unbroken sites and features. And save the issues with slow downs, and broken sites and features, that a max hardened browser will create, for more risky sites.

This is all great advice. One more thing--and this shouldn't have to be said these days, but surprisingly it still does--simply DON'T CLICK LINKS IN EMAIL unless you've specifically requested the email in question (signing up for a website that confirms your email address, for instance). The worst of the "new" schemes is called "ransomware". It's a snippet of code that goes into your system and encrypts all of your important files, and then holds them for "ransom" until you pay to receive the encryption key. It's payload is delivered by links in emails. Here's the worst part--the malware scanners and such can find it and eradicate it, but not until it's done the encryption and THERE IS NO GETTING THAT STUFF BACK. Once it's encrypted, it's gone.

 

Ransomware has affected tech giants, savvy computer folks, and grandma alike. If they can be fooled, so can you. JUST DON'T CLICK ON EMAIL LINKS. It's really bad juju.

[WinterPatriot 131]

My guess, as a rank amateur in this area, is that at this point, our real enemies are not government intelligence agencies, even hostile governments, although they shouldn't be assumed to be neutral or benign.

 

Rather, it's AntiFa or similar hard Left techies, who've learned how to milk Facebook and Twitter accounts for personal information, at a minimum ... and maybe how to do more. 

 

And in particular, I would beware of 'social engineering' attacks, via fake (or real) females pretending to be patriots. The normal male brain switches off everything except pursuit mode when it thinks vulnerable female prey is within reach.

 

And note that there are lots of pretty young women in AntiFa, who would probably enjoy cozening 'reactionaries' in this way.  So beware. They'll be after your real name and address and any other identifying or useful personal information, like where you work, that they can get. If you're married, they'll try to ruin your marriage, by getting you to write (or say, via a video link) adulterous things.

 

This is one of the new modes of warfare.  When you go online, put on your psychological Level III body armor.

 

[bleak 37]

I use FF with a vpn and this little deal called uMatrix plugin. It lets you see and Control what's running behind the scenes... cookies, scripts, css...

 

A site I didn't trust but it was ok after all...

 

Edit: see and Control behind the scenes.

 

Edited August 11 by bleak

[bleak 37]

What does anyone think of Tor/Onion?

[Cb85 136]

5 minutes ago, bleak said:

What does anyone think of Tor/Onion?

I've heard good things bout it...

but then it was created by the government. So not sure

[bleak 37]

14 minutes ago, Cb85 said:

I've heard good things bout it...

but then it was created by the government. So not sure

Same here. I thought maybe someone here might know something from a miliary experience.

[Cb85 136]

I use surf shark. 1.77$ per month with code uncensored.

no limit on how many devices. Option of multi hop just like tor