stay anonymous online. hide your tracks. here's how.

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

here in front of me is hunics UNIX is a Linux distribution specifically designed for privacy oriented individuals it comes pre-built with a whole bunch of privacy Based Services including IP address randomization a built-in tour browser login console lockdown live OS mode DNS protocol leak protection and much more now Unix is just one of many tools used to preserve your anonymity and privacy online and depending on your personal security threat model privacy could be really important to you implementing and maintaining privacy is tough in the world of big Tech and the I have nothing to hide argument and just general complacency to privacy but it's not impossible and in today's video I'm going to be overviewing a layered approach one can take to preserve their online privacy and even implementing just a few of these things can really help your online footprint not be well tracked now a while back I created a very similar video talking about how hackers hide their own online identities and there is a lot of overlay between this and what hackers do but our threat model is different right now we're just trying to preserve our own privacy and well if the FBI is listening in I promise I this isn't I just I'm just trying to educate I promise don't don't flag me a few items to know number one is that if you were to implement a privacy oriented threat model it doesn't necessarily mean you're going to be 100 private online one mishap one mistake and your identity could be revealed number two is that privacy and anonymity are not the same I like many others use them interchangeably but ultimately it comes down to definitions anonymity refers to concealing or hiding your identity maybe through creating a fake persona while privacy refers to the state of being able to control who and who does not have your information and what they can do with that and I use them kind of interchangeably within this video but ultimately they are different number three is the constant battle between privacy and security and convenience ultimately one has to balance convenience and privacy you can go to the tour node browser and wait five minutes if you want to but is that really convenient ah yes the tour browser just going to take five minutes to probably so for the average user like I said there are a few things that you can do to even just enhance your online footprint and make sure you can conceal your identity to a lot of the big providers so with that let's get started into layer one all right so Hardware refers to the physical device physical medium that you're using to get online and ultimately it's going to be some sort of computer and laptop now if you are somebody who is really trying to remain private you can acquire a laptop or a computer through a prepaid debit card or a privacy oriented cryptocurrency now you're also going to want to go ahead and buy a fireproof safe and every single time you are done with the session you need to log out and put that in your save now that provides almost no convenience but if you're really trying to remain 100 private and ensure Security in that way now one setting you are going to want to make sure it's turned on is full disk encryption or fde fde encrypt all of your data on the hardware level by using an encryption key ideally set the encryption key bit length to the highest setting Possible fde only prevents unauthorized access on the hardware level if so if somebody actually gets physical access to your device next is an ephemeral OS on a live USB ideally you would want to wipe the native operating system and install an operating system such as Unix or tails onto your device so Windows has been very well known to breach a lot of its privacy controls by default so ideally you would want to install a privacy oriented operating system now if you want to keep Windows or Mac OS make sure to turn off all of the default settings and you can use tools like win10 privacy to wipe a whole bunch of registry keys and everything else that has to do deal with privacy so if you're a regular individual I turned off all of my you know Windows privacy things by default and called it a day the network layer refers to the exchange of data and information between interconnected Computing devices now ultimately I'm going to break this down into the local area network and the wide area network are also known as the internet so on the local area network your laptop is interfacing with a router and there are a few settings that you want to make sure are randomized the first is the MAC address now a MAC address is a unique identifier attached to your Hardware device specifically your Wi-Fi adapter card and it provides some unique information you want to make sure you have a tool a script or even a live OS which will automatically rotate your Mac address for you and ultimately the MAC address doesn't get exchanged beyond the local router but if somebody were on a public Wi-Fi network such as at a coffee shop it just provides an extra layer of anonymity I guess or obfuscation in addition as a small bonus you probably want to randomize your host name so you don't want to be using John's laptop as an example just make it some random sequence of characters so on the router front if you are using an ISP issued router which most of us are doing you want to make sure that you are on a segmented Network away from all of your other children or guests you want to harden your router and this can be done by wiping the default firmware which may break the warranty on your ISP issued router and installing a tool such as PF sense which both functions as a router and also have some built-in firewall capabilities you want to block as much traffic as possible now ideally you want to be using a segmented separate device and I came across a really cool project called the tour box which is a tour router built on a Raspberry Pi four box can route all data transfers through the Tor Network and not just including your computer but also tablets and phones so really cool project all right so next is the internet front this is where things get very complicated there's a lot of different data points that one could use to track you so starting out with the domain name system DNS DNS queries are not encrypted by default so that means you probably want to use not your ISP issued resolver but some other cloud service maybe such as cloudflare's 1.1.1.1 or quad nines 9.9.9.9 whatever you use it's up to you but you definitely want to use your non-default DNS Provider by default Unix uses Tor as its DNS resolution service and Unix actually doesn't recommend that you use some sort of third-party provider such as cloudflare or quad 9 for a long period of time so they use the Tor Network you can use whatever you want next is IP address randomization and this is where it gets very complex because there are many different Services one can use to preserve their privacy or at least enhance their privacy and anonymity online there are three main services proxies vpns and Tor so proxies act as the intimate area between a device and a server and they send requests on behalf of a client and there are many different proxies out there I recommend looking into proxies chains as one particular solution if you're trying to hop your network traffic between different proxies next is vpn's virtual private networks now they create a connection or a tunnel between your device and a server and oftentimes there is an intimate mediary device that sits in between kind of similar to a proxy setup vpns can hide the real IP address of the user by connecting to a server first which then requests that particular server resource now there are many different VPN providers out there ultimately choose whichever one best suits you and one thing to keep in mind is vpns they say they don't log but you always have to have that trust no one mentality when it comes to privacy so uh choose whichever one go do your research and then finally is tor now Tor is a network service which provides optimal privacy and security for its users and it does this through the Tor node or relay Network when internet traffic traverses over the tour Network it's encrypted by default and is passed through a whole bunch of nodes to get to its final destination each node only knows the previous node and the next node Within in its chain so you can bounce your connection between say 15 different nodes and that adds a layer of obfuscation to your overall connection torque could be accessed through the Tor Browser or it can also be accessed natively within an OS such as Unix or tails you can layer these three services together so for example you could start by navigating on the Tor Browser and then connecting to your VPN client the hunix documentation space has a really Nifty overview section of what you can do and I'll leave a link in the description below next is the use of a virtual private server or VPS basically it's a desktop that lives out in the cloud and is hosted by a cloud provider there you can do whatever you want you can connect and if you're looking to browse anonymously or maybe just set up a temporary environment a VPS can be used finally disable JavaScript and cookies they're notoriously bad for breaching users privacy there are different browser plugins you can use but you should just at least disable third-party cookies and as much JavaScript as possible not to make your internet connection look like uh well the 90s all right layer 3 is communication and transactions ultimately this refers to the exchange of information between two parties for any type of messaging application such as instant messaging email providers really anything you want to make sure that end-to-end encryption is enabled by default and is offered now into an encryption only allows the sender and recipient to see the message because they only possess the encryption key on their devices for instant messaging applications I recommend looking into signal telegram wire threema ultimately Telegram and Signal are probably going to be your best bet because of their widespread support and popularity and when it comes to your email provider there are plenty out there I reckon men looking into protonmail which is a well-known privacy first email solution provider protonmail uses end-to-end encryption by default and it does this through the use of the open pgb cryptographic system it's also open source it's very user friendly and it's completely free if you want to check out more about protonmail there's a link in the description below for your online searches you want to make sure not to use the defaults because who likes Microsoft Edge you want to make sure you have some sort of tool it preserves and is built around privacy so for browsers I recommend looking into Firefox Brave and a new movad browser which also provides a VPN solution for search engines I recommend taking a look into DuckDuckGo there's start page it's also this really cool project I just found out which is called CRX it's a meta search engine which Aggregates like 70 plus search engines together and you can self-host this search engine or use available instances online line again link descriptions below for all of these tools for file level storage use veracrypt to apply a file level encryption veracrip uses Drive volumes to create an encrypted container in its password protected so you can put all of your files sensitive information into a vericrip container and then have that encrypted by default and password protected I mean I literally just said that the final layer is opsec or operational security optic refers to revealing vital or sensitive information through one's technical controls their online identity and footprint and even one's physical habits and opset can be used to reveal an adversary's identity because well humans are valuable they're predictable and opsec is used notoriously to reveal one's identities if you're trying to implement optimal opsec you shouldn't do what I'm doing here which is posting your face on some random Youtube platform video we want to ensure is that you're posting as minimal as information as possible now in my opinion proper opset comes down to building and then maintaining a system that's consistent and so there's a few techniques you can use to help with building better opsec first is the use of a sock puppet it's a random username or Persona that you create online that has nothing to do with you so whether that's an online form an Instagram post you want to make sure no information is revealed and yeah they're called sock puppets what the heck are those next is the use of one's writing style so for example if I always spell the word okay as okay that can provide some information for the majority of us opsec really comes down to location sharing and social media use so try to limit all social media use or or posting Instagram reels Snapchat stories with your location because that provides an entry or data point for users to look at what you're doing anyone has access to social media they can scrape this information and so try to limit or just completely stop social media use if you're trying to have better opsec not that you're going to have authorities coming after you uh you shouldn't if you're just trying to implement privacy right that's all you're trying to do okay well anyway hopefully you've learned something new in this layered approach um even if you use some of these Technologies some pre-built tools that can really help drastically with your online footprint and preserve your privacy especially from these big tech companies uh but what are your thoughts do you can you have privacy in the 21st century is there a such thing as online privacy leave a comment in the description below and FBI I promise I'm just here for education purposes only yeah well until the next video have a good day

Info

Channel: Grant Collins

Views: 27,138

Rating: undefined out of 5

Keywords:

Id: GIqDTBtGVe4

Channel Id: undefined

Length: 15min 27sec (927 seconds)

Published: Fri Sep 01 2023