On Saturday 24 April 2021 07:33:12 pm William Morder via tde-users wrote:
When I tried out Whonix before (about 2 or 3 years
ago?), I used Qubes. It
seemed too much trouble for what I want;
Aye! Qubes is a way of life, and (while not having used it myself) does seem
like it’d need a good 20 hours of up front time to get it to work.
and besides, it seemed like I
couldn't use it for ordinary stuff like email, banking, buying stuff
online ... where you generally need a direct connection.
I don't know if
you get round that by changing your apparent location, etc., but that is an
issue for me. I do sometimes have to connect to the outside world for
business.
For doing stuff as ‘you’ (banking/email/whatnot) you’d install a VM (AppVM 1
w/ Devuan etc. in that pic) that has direct network access.
https://www.whonix.org/wiki/Qubes
And now, my biggest objection is that Whonix is
Debian, thus systemd, and
that violates a core tenet of my religion. A non-systemd version of Whonix,
and I would definitely give it a try.
Yeah, I don't see that. It'd basically whack fingerprint anonymity.
I seem to recall yourself recommending a Raspberry Pi
(or some such?) as a
device to route all my traffic
Probably (if I did I’ve dropped the idea since). I’ve been noodling on how to
separate my business self from my personal self on the internet for ~20
years(clients are completely arbitrary over what will trigger their
bigotries). A Pi or dedicated router to tor your whole network would work,
but it’d be basically the same as using Whonix for everything (and a lot more
work).
; I believe the question in that earlier
thread was how to send email over a proxy connection? something like that?
Not sure? I send my email through a SSH tunnel direct into my mail server
using raw IP addresses. Makes it pretty hard for anyone to man in the middle
me, plus you’re petty sure your mail isn’t read by your ISP.
I suspect that my ISP may somehow be blocking the use
of privoxy - by
blocking port 8118, perhaps?
I’d guess that’s not accurate? I skimmed Privoxy’s FAQ, and it just looks
like it’s a local service on your own machine filtering/intercepting your own
box’s traffic and then forwarding the traffic on to your regular ISP
modem/router. Port 8118 is used on your box only, so this sounds more like a
Privoxy config issue (maybe you’ve got a wrong value somewhere? hostname?
toggle?).
https://www.privoxy.org/user-manual/config.html
The reason I don't quite trust my ISP is that they
have recently created a
Tor exit node for themselves. Even if I trusted that they were kindly
trying to protect their users, it seems inherently insecure to use a Tor
exit node that is run by my ISP, so I have blocked their Tor server. And
now I cannot get privoxy to start up, no matter how I've gone about it.
Okay, your ISP setting up a tor exit node (should!) have zero to do with any
of their customer’s connections (to tor or otherwise). The tor software on
your computer picks a random entry node (first hop). I do agree though with
blocking the first hop connecting to your own ISP’s tor node, and blocking
its use as an exit node probably makes good sense too, so yeah, just block
its use completely... It’s been a long time since I dug through tor’s config
options, but there was a way to block the first hop from using a country
(e.g. if you’re in the USA, block all ECHELON countries from being the first
hop).
At the point you’re at, I’d try getting Privoxy to work without adding any of
the tor layers and turning off all of its [actions?] (I’m guessing at that,
whatever ‘stuff’ it’s filtering so to speak).
No paranoia here! Just good wholesome fun. Clean
living and clean thoughts:
there's the key!
It’s all fun and games until those guys in black suits and mirrored sunglasses
knock on your door. ;) Seriously though, like you I’ve got zip all to hide,
it’s just the level of ‘big brother’ watching everything is revolting, so
doing ‘my part’ to mitigate some of it seems reasonable.
Case in point.
A month or so back, me and the misses saw a chain store we hadn’t been in, in
20 odd years, so for nostalgia we wandered in, browsed around and left
without buying anything. Approximately six days later she started getting
ads for that store on her Facebook page. My best guess (since she uses
gmail, uhg!) is the big G tracked her phone going into the store, shared/sold
the data to FB, and ‘targeted’ ads for her... So f-ing creepy...
laters,
Michael