Full Guide to Online Privacy 2020 - (Browser, Email, OS, & Compartmentalization)
Вставка
- Опубліковано 31 тра 2024
- In this video I show you how to optimize your online privacy and security by securing your browser, operating system with linux, and android phone.
Subscribe to my UA-cam channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. ₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB - Наука та технологія
I feel like such a normie when watching your videos, but I like it.. TY for the enlightenment
So I'm not alone...
you are one
you will always be a normie until you watch this video in a temple os vm inside arch inside gentoo inside slackware inside LFS.
I feel the same way. I've always wanted to learn this stuff, but it gets overwhelming "Where do you even begin..."
Yep same
Mental Outlaw: Privacy guide...
Intel ME: Hold my Beer!
System76: Hold my Thelio
AMD: Check out my PSP!
gentoo kernel is the solution
This is why you use a librebooted thinkpad
Email is about as outdated as the internet. The thing is, like the internet, email is an open system that can and has been upgraded many times. There are some services that add many modern chat features to email while maintaining compatibility with sending to all other email servers. All we need to do is implement more upgrades in a standard open way.
@Navee SeaLion Do you not know what it means? Email is the most widely used messaging protocol with almost 5 billion (and growing) users. That's more than any other messaging system, and it has the advantage of being 100% open and decentralized for high sustainability.
@Navee SeaLion Modern email (with IMAP, DANE, DNSSEC, DMARC, DKIM, SPF, TLS 1.3, Autocrypt, etc.) doesn't have to transfer exposed metadata in plain text anymore. If you're on the same server within the same domain, you can secure message transfer even more. Yes, there are lots of different email protocols & extensions, so you have to be very specific about what you say. If you had said some parts of email are outdated, then that would be true, but like I said, it has been upgraded many times over the years and the old criticisms aren't necessarily valid anymore.
@Navee SeaLion @Adam Lein I genuinely enjoyed reading your little discussion here. Very informative ^^
@@adamz1977 With the introduction of DANE and DNSSEC over TLS email definitely has became more secure(while it still remains a fact that most public email providers only offer this in their premium suites). But, it only prevents you from a possible MITM downgrades, tampering and redirection attacks, other than that if your public mail provider were to get a subpoena they could/will reveal the all the contents, and the metadata is still there(i don't know who told you that DANE over TLS helps conceal the Metadata) that's why Emailing is considered deprecated for usages in "Privacy" and "Opsec" crucial operations. Which I believe is the scope of this video itself.
And if your answer to that is "To setup your own email server", then let's not forget that in order for it to truly be secure your recipient also needs to setup their own private email server, and in that case I can't see why they are unable to use a much secure messaging protocol/service like Matrix or XMPP. As setting up and managing an email server is truly quite a chore.
I'm disappointed that you didn't recommend people to root their phones and use a different OS than the one came with the manufacturer.
If you're gonna be paranoid use a secure OS that does stuff like allowing you to actually disable GPS completely.
or go full rogue and buy a linux phone
I have a spare phone and an old worthless tablet it would be pretty cool if I manage to successfully install a linux based os on my old phone.
Well I can't vote mine low I was until I found all that freaking Verizon permanently locked in the bootloader
there is literally only one OS that does that /e/
@@alouisschafer7212 technicly android is a linux distro/is based on linux kernel
Or you can degoogle the phone
Can you never show me HD Tim Cook again thanks
I really appreciate this channel I’m sorry you don’t have 10k views per video but there isn’t many people in the world understand most of this. They just think computers are magical machines. And the ones that do haven’t yet found your channel
Tell me how computer is not a magical machine, or you build your gpu/CPU yourself?
I like your funny programs, magic machine
@@Scaramouche122 I’ve gotta agree, you can’t understand it all. My mom tells the story of when my grandfather got his first PC... she went to visit and he had opened up the tower and took things apart and was totally bothered by it. He couldn’t figure out how it worked and couldn’t wrap his head around using something that he couldn’t understand. My mom said something like “I have no idea what’s under the hood of my car, I press one pedal and it goes, I press the other pedal and it stops. Don’t worry about how the computer works, just use it.”
Since then computers have become way easier to use while the things they do become more and more complex.
@@ebouwman034 so do i need 7 nm ryzen or 12 nm is still fine?
@@Scaramouche122 I’m no processor-ologist, but bigger is always better right? /s
you need to make a new privacy guide 2022 this year for companies like Clearview AI and the government of Canada and USA for stay protected against data brokers sending these informations to the government. My phone provider gave the government my locations data for years to 'protect against covid 19' including all other phone carriers in my country. So please, make a updated privacy guide for 2022, because it is very crucial nowadays especially since everything is online and i don't feel safe in my country.
True
Bitwarden is a FANTASTIC mention!
Well... That first recommendation didn't age well hahaha
Dont use startpage it was sold to an advertising company
Startpage is unfortunately still the best alternative to duckduckgo imo. DDG results can sometimes be absolute trash, especially when it comes to niche searches such as coding. So in those instances, Startpage can fill in those gaps.
HerebyOrdinary ehh DuckDuckGo is good enough for me
I feel like using only FSF approved software is kinda extreme in a lot of cases but hey if want a completely free system all power to you.
Great video and some really helpful little tips I've never thought of like setting up browser profiles.
Although it would probably take some reading up and time setting up a network firewall with freebsd's pfsense or openbsd's pf with dns encryption is a good move.
Thank you so much. I’ve been wanting to switch everything to more private before it’s too late.
I’d suggest adding SimpleLogin to the video as it’s a better way to protect your email address than using temp-mail. It’s also open source and available on Android.
For a search engine didnt startpage get sold to system1, a company that collects a lot of data?
Yup
Update: duckduckgo compromised and startpage too
Wasn't the Brave browser found to have been redirecting all URLS through advertisement referrals? I don't know if I would trust it for security tbh.
That’s fair. It wasn’t a security issue but definitely a user trust issue and that should really be enough to dissuade. But he said it’s the recommendation for normies. If we have too high a bar then they shouldn’t use Firefox either. And if we tell them to go use GNU IceCat they’re gonna hop back on chrome. But it’s still good to note and not let anyone forget that Brave is not the best measure. It’s just a very good one for normies.
The ultimate howtodiewithoutanyonenoticing guide
Perhaps do a video on installing GentooLTO overlay, and how that affects memory usage/performance.
firefox with lto use flag is 2x faster than firefox-bin
You should also make some accounts for your important email accounts to be like "admin accounts" that you don't ever login to. They would have privilege's like being only able to delete the accounts through the admin accounts, so in the case you are hacked you will be able to prevent them from deleting important email accounts.
12:40
That's tutanota for anyone who doesn't know how to spell it.
4:45 ... come on. if you compile all of your packages yourself you're not going to be sure of anything.
you will never find malicious code if they put any effort into hiding it
unless you spend years reading and testing all of the code
that's the beauty of open-source
you may not find malicious code, but someone else will
and it only takes a single person to find it for everyone to know
Freaking amazing content. I wish it had Portuguese subtitles so I could wake more people up here in Brazil.
I think google now allows you to auto translate the subtitles. Works for me at least :)
really wish there was a phone that didn't glow brighter than the chernobyl meltdown
>pigeons
>telepathy
Are you even trying?
Your best bet is a satphone, because all you have to do is block the antenna and it will be useless at tracking you.
This video is excellent
Could you PLEASE detail checksuming F droid before installing? Also, how to verify many code gurus have reviewed a given program. GitHub tells me nothing about how many users and code reviewers have vetted a given program.
Nice tips. Thanks
How do you counter the intel management engine
possibly me_cleaner or coreboot
@@johnnycochicken this was meant as a more rethorical question, since it is a full privacy guide and i hadn't yet seen his me video, i thought he forgot to mention it
*@Mental Outlaw*
14:47 What about LastPass password manager? (Should I change to KeepPassXC?) (I'm not a "normie") (LastPass have some quite nice tools built in).
if lastpass is synced with the cloud then yes. your passwords should be stored locally
I'd appreciate a list of the software. You only mention it without it written
just install all suckless software and never go online, then you're based
*okay*
**okay**
*_okay_*
_okay_
Nice! Got everything but the OS and phone situation in place. Have any good recs for temporary phone numbers? Sometimes sites require those as well.
Lol DuckDuckGo hasn’t aged well
Nice awareness vid!
One neatpick: phones do not send data TO the GPS satellites, they only receive radio signals to triangulate the position
@@trtrhr in short: game over, man. Game over!
Unironically.
Very true. This is also why we can't use our phones as makeshift satellite phones. If it was a two way connection, someone would have probably already released a service to do this.
Trustworthiness is paramount, and the Utopia P2P web proxy has established a solid reputation in this regard. Its open-source nature fosters transparency and community audits, instilling confidence that there are no hidden vulnerabilities or backdoors.
We need a 2021 version of this...
For new users watching this video, 3:09 is no longer the case.
wdym?
@@ItzGoldfish1 duckduckgo started filtering results based on what it deems as misinformation
@@Aaron-mg3zw Yeah, i just recently seen that. i stopped using it because i couldnt stand the lay out of it.
DuckDuckGo is hosted on AWS.
Starting from search engines to a whole OS for privacy recommendation, then asking we don't need privacy in hardware level, don't we?
Then my mind hits me by saying Yes ( 🤷♂️Eg: Intel's ME trap)
As far as I know using GPS is not in any way giving away your location, only if software on the phone then sends your GPS location.
A phone uses GPS like a radio is receiving radio waves, they just receive the signals of satelites. Most phones are not capable of sending anything back to a satelite.
you should make an updated video of this
need a 2021 updated video.
Isn't all this bypasses by IME? I heard like even if you encrypted everything that IME gets the keys.
SYSTEM76.
Firefox relay is a great option
Please do a updated 2024 version of this video!
Use bromite, wirh encrypted dns maybe libre
Use net guard
Change os
Use f droid apps instead of play store
What is tour opinión on the dissenter browser?
3:09 foreshadowing
3:08 this didnt age well
I use searx like a based anon
Step 1 : Throw out your PC and Internet access.
Step 2: Done.
the easiest route
@@someonehere4380 and phone
why are there so many posts about spouses and children being bad and getting caugh thanks to their emails what
What do you recommend for listening to music? Is there a service you can use or should I just download my Music?
Download full discographies that'll never listen too like a chad
Buying and owning an album is better than paying to listen to it without owning it.
Is keepassxc the same thing as keepassdx for android?
Can you do a video for hardening mobile phones android and ios?
You might want to make a video about setting up VirtualBox Guest additions on Gentoo
Seconded, there’s some kernel configuration options that need to be checked.
Is this still up-to-date in right now?
What about iridium instead of brave.
about phones, take a look at www.wiphone.io/ is a diy phone based in the microcontroller ESP32, is not a "smartphone" tho, but has a lot of potential, even to manipulate physical devices
To everyone in 2022 duck duck go has now admitted to censoring search results :/ I reccomend swiss cows or brave these days
How safe is TOR these days? Some people would say its a honeypot, and to be fair, it must be monitored to some degree.
Depends on who/what you're trying to secure against. Alot of Tor servers are undoubtedly backdoored or fully run by the alphabet boys, so if you get 3 servers run by them then that traffic will probably be compromised.
Why is the comment section full of bots and shills?
The description has links to crypto wallets, so they probably saw the word "crypto" and assumed it was a bitcoin video.
Make an 2023 edition!
I am a normie but I'm becoming really interested in the issue of privacy and data tracking. I would like to ask a question. Why would be using Windows with an offline account be bad for privacy?
Using windows in general is bad for privacy, avoid that
@Łukasz Wiśniewski yeah... thats why i dual boot. Hope to someday dont even need to do that
@Łukasz Wiśniewski Thats really cool man! :D
Windows can track pretty much everything. I use windows on my gaming PC but Arch on my laptop. Would definitely recommend Linux for almost everything. Personally my online life is definitely not secure but I don't really care. But I do love to play around with things and try new stuff so I might get started on some of these email & password services.
@@MasterMooper unfortunately I can’t completely because a few reasons actually, first of all I actually have school work on windows, second of all using the terminal for everything is not really my thing, sure may be for a server but not for a desktop
Its very unfortunate how inconvenient it is for consumers to have a secure and private phone. The world we live in :(
Could you make a video on how to secure oculus for the gamers out there? 😅
Just sell it to be honest. I sold mine when Facebook acquired them. I guess an alternative could be Valve’s VR headset, but then you need to worry about that and I don’t know if any open source VR exists.
are you going to update this for 2024?
A 2024 version please.
Is there a device to use that scrambles all info up while the nosey companies try getting in
Wouldn't writing your passwords down be better than using a manager
@@trtrhr Use punctuation and practice grammar.
@@trtrhr Bro just use like 1% of your brain LOL. It's not hard to remember multiple passwords that will literally take the output power of the sun to crack.
I use both browsers, firefox and brave. To be honest, i would use only firefox if it wasn't because i have trouble with some websites. In other words, there are some websites that wont fully work, or wont open certain windows on firefox. I don't know why is that, but if there is a way to fix it, i would be glad.
P.S. I configured both browsers to get as much privacy as possible.
Which websites? In the earlier days of the internet, many websites only worked well on some browsers, but nowadays there really shouldn't be any issues
Collab with The Hated One?
why not just make a usb stick with Tails OS and call it good? haha don't get me wrong alot of the tips here are good, like using duckduckgo, and a brave browser. but disabling java script? might as well disable the internet at that point, barely any site in the last 10 year would run. i guess if you like just surfing on 90's sites you be fine lol.
*what's about utopia browser?*
note: the technology of GPS does not share your location and the GPS satellites NEVER receive any data from you at any time.
👏🙂
What password manager do you recommend?
Im pretty sure he recommends keepassxc
a piece of paper dude
literary a piece of paper you can keep in your wallet
@@skeyturr paper is only safe as long as the hacker is not someone who knows you (like your angry ex or something)
Can i be private without a degoogled os? if i reset my phone i lose acces to my bank account
Nope.
12:35 this didn't age well
Nope
Protonmail or the other one?
@@OozoraShuba probably talking about how protonmail had to give a miniscule amount of data on someone because their government forced them to. It's not a fair critique bc the video states this will happen regardless of either service.
5:27 me, a Vue developer: 😯
What about Vivaldi? I've been using it for some time already, made a switch from Opera, and I can't complain :)
propietary
The Google Algorithms recommend me Videos were Google will be replaced. Its a question of time there will be censored
Love how I look this up and have vpn adds now
Classic Google
My stomach growls, an ad for probiotic gummies appears on UA-cam. Classic Google.
xD
When protonmail
you did not mention fairmail
Proton mail.
Ironic
Best mail app: K9Mail (from F-Droid)
I like FireEmail better
It was good when i used android eclair.
Imagine giving advice when you don't even know that GPS satellites don't communicate with your phone. GPS works by having satellites constantly emit a timing signal and your phone using trigonometry to calculate the position. At no time does a cellular phone emit a signal intended for GPS satellites. The way phones are tracked is when communicating with cellphone towers to tell them what cell they are on so you can receive calls. The only way to prevent this is to shutdown the phone.
duck duck go allows microsoft trackers?
the video is old. i guess ddg isnt very good nowadays which is a bummer. im using startpage atm but idk if its the best alternative
@@equation1321 There's also searx, and you can even host your own instance
@@Anonymous4045 ik but it’s been slightly whack for me so far. Always some engine that’s getting blocked
warning: anyone who is subscribed to Mental Outlaw is definitely on a government watch-list.
Is Firefox Lockwise reliable? They said that the data are encrypted, so they don't know what my passwords are, I'm relying it to sync my passwords on different devices.
i typically don't trust any type of "cloud storage" with my passwords, unless its a password database that I've encrypted myself.
@3:18 oof DDG hasnt aged well
12:34 that didn't age well
I meant proton mail, since later on Mental Outlaw made several critical videos about it.
lol didn't notice the edit, cheers!
@Insert_text_here thanks, i needed help with that
Any email provider on the face of the earth is not secure enough(as emails can't really be E2E encrypted, unless you use some sort of manual encryption like PGP yourself) and will need to respond to a legal subpoena, Protonmail is as secure as it gets. And even if you host your mail server, most likely you will be sending mails to a public mail provider(Google or MS) that your recipient uses, in which case they could acquire all the data from those public providers too.
And if your recipient also hosts his own mail server, I can't see why they can't use Matrix or XMPP either, as those are way more secure and much easier to setup and maintain, even if you host your own instance of Matrix.
whats up with all the fake review bots in the comments?
why would you recommend Android over Librem 5 phone for privacy?
How about PinePhone?
it not cheap, and android is more common.
There's a few reasons.
1. Because the cellular and GPS infrastructure are already compromised for all cellphones, which is the most important thing unless you only use your phone like an ipod.
2. You can unlock the bootloader of most android phones and then root them, de-google them, or use a custom rom that's already de-googled which effectively gives you control over your phones software like a Librem 5 would give you.
3. The specs of librem 5 phones are not very good (at least for now), they might be suitable for someone who purchases low end phones anyway, but if you're used to flagship devices then a Librem 5 is a big downgrade.
@@MentalOutlaw You could also just remove the cellular modem completely from the Librem 5 if the kill-switch isn't secure enough. I'm not sure about the GPS being modular too but GPS isn't actually an infrastructure known to send signals from phone anywhere rather than triangulating signals received from satellites. So after that the only problem I could think of being software (applications or firmware) which could put GPS data into packages and send them via Wifi. However Wifi can be disabled or even removed too...
I know they mention the kill switches for marketing very much but designing the whole device modular makes it way more secure for those purposes if you want to make sure for real.
Tobias Frisch why do you then even need a phone if you're going to remove pretty much everything that makes up a phone? Just leave it at home if you don't want to be tracked...
3:18 This is no longer the case.
What if a password manger is hacked?
It's offline
Well KeepassXC atleast
Even if you use an online one like Bitwarden, your password database is locally encrypted on your device and then sent to the server(it's open source so that's verifiable) and also doesn't keeps the key anywhere neither on your device nor on the server. So even if let's say that their servers get compromised the only thing they will be able to get is *encrypted* databases, which they will need to decrypt, which in turn is not possible without your key(master password). Unless it's something very short and simple that could be brute forced.
Or just use adblock
No point in collecting my data and using it to give me targeted ads if i don't see ads at all
Also i don't shop online
That's just not how it works...
ah yes you seem educated
can i use a dynatac lol
duckduckgo now manipulates search results.
Duckduckgo has an issue with search result manipulation from 3rd party sources.
wait but oneplus is chinese!
Firefox glows pretty hard these days desu. It's best to just use a firefox derivative these days.
or go for ungoogled chromium
its a chromium fork and well the name says it all
smh i cringed so much i went back to restoring efuses and disabling PQ