Hi guy

  • 0 Posts
  • 133 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle
  • My humble opinion

    Example

    Locked in google services. DNS so google sees the sites you visit, tracks what you click, where you go, who you talk to, what you like, what services you use, where you spend your money, etc.

    Freedom - no log encrypted DNS, no tracking, no surveillance and profiles stored that are gladly shared with whatever other company or gov dept that wants it. No blobs or beacons. The ability to see what is happening, to choose what to allow or disallow, to be able to edit, modify, clone, fork, etc based on your needs and wants. Not the Almighty profit margin.

    Freedom to choose poison or antidote.

    Another eg.

    Nothing to hide may be true for now.

    But what you believe need not be hidden, may, by some future government (or dictator), be deemed a crime, or worthy of retribution.

    Allowing an unaccountable, unverifiable, monolith or shady actor is asking for problems.

    The less data you share (or is unknowingly siphoned off) the less data you have to worry about being leaked /breached.

    If someone you don’t know knocks on your door, do you let them in and make themselves at home?




  • I use tor as a VPN (the tor org has finally realized and accepted people use it like this and welcome it now) via the tor network layer. I’ll run a few instances and run my stuff through them. (Easier to set up a conjure or webtunnel bridge and exit node to a specific country than rely on the randomness of tor browser where some countries have restrictions or are restricted from accessing certain sites.)

    If I need that extra sense of anonymity, I’ll use the tor browser.





  • You’ll be happy to know I just force killed :

    Android system
    Google services framework
    Network
    System UI
    System WiFi Resources
    Wi-Fi
    Settings
    System connectivity resources
    Secure UI service

    The results are the same

    VPN kill switch prevents network access.

    *later, when I’m connected to a PC, I’ll try killing/restarting userspace, shell, and user to see if I can get the kill switch to fail. (If I try those now it may kill shizuku which relies on shell - not sure.)

    I’ll also see if I can’t force lmk to kill all the memory.

    In cmd settings list secure these may be some part of what keeps the system from allowing a connection.

    always_on_vpn_lockdown=1 always_on_vpn_lockdown_whitelist=


  • I just tested mull, Firefox, Firefox nightly, tor, and Vivaldi.

    tor was the only one that produced results under 10 for every test. Except touch (70) screen (61k randomized anyway), and user agent (128 Firefox)

    None of the tests produced an accurate result for screen -each one said my screen size had a different resolution.

    Fingerprinting resistance randomizes or fakes certain api responses, as does a plugin like canvas blocker. So, those would definitely be higher numbers. But, they are always unique. Meaning they change. So it’s difficult to track.

    If you try the same test and you’re unique EVERY TIME. That’s actually good.

    But, there are things that can still be tracked if they stand out too much, and are static. (You can still be unique with static results in combination with randomization)

    Like having a user agent “this is my phone”.

    Too much customization / extensions makes you a giant orb of glowing user data.




  • Hmmm

    Planting malware would violate the CFAA, 18 U.S.C. § 1030(a)(5)(A) (intentionally damaging through knowing transmission, imprisonment up to 10 years), as well as state computer crime laws.

    The CFAA provides both criminal and civil penalties, and specifically prohibits: (1) unauthorised access (or exceeding authorised access) to a computer and obtaining national security information (imprisonment up to 10 years); (2) unauthorised access (or exceeding authorised access) to a computer used in interstate or foreign commerce and obtaining information (imprisonment up to one year); (3) unauthorised access to a non-public computer used by the United States government (imprisonment up to one year); (4) knowingly accessing a protected computer without authorisation with the intent to defraud (imprisonment up to five years); (5) damaging a computer intentionally or recklessly (imprisonment up to five years)

    https://iclg.com/practice-areas/cybersecurity-laws-and-regulations/usa

    Good thing laws don’t apply to the people who make the laws.


  • I am not. And I’ve never had this discussion.

    Always on vs the additional option of blocking internet until the VPN connects.

    The second option is more system level?

    Using shizuku (rish) in termux I checked the active links with VPN on and then force stopped / killed the VPN in terminal and checked again. The VPN tunnel disappeared but the dummy kill switch tunnels remained. I could not access any network connection.

    *The routing table also maintains the dummy kill switch