Privacy Phones and computers

Started by james03, January 21, 2021, 09:49:09 PM

Previous topic - Next topic

james03

You can buy everything installed at puri.sm.  They sell phones, small desktops, and a laptop that run PureOS.  Their computers have disabled the Intel backdoor called ME.

There is another linux phone called the pine phone.  Very stripped down.  You get a working phone and a few apps.

For desktop, look at www.shoplinuxonline.com and purchase Tails.  If you are new to Linux, purchase Mint first and install.  Use it for awhile, then go to Tails.

If you need apps, go to this guys youtube channel: https://www.youtube.com/c/BraxMe/videos and you can get an Android phone that has had Google removed.  Note you must follow his directions to load apps to stay off of google.  You won't get Facebook because that is impossible to fix.  You should be on MeWe anyway.
Here's his channel.  Good stuff.
https://www.youtube.com/c/BraxMe/videos
Store: https://brax.me/home/rob (Secure android phone, follow his directions)



Browsers:
Brave:  Well supported.  Good first step.  Since it spies less on you, actually quicker.   Should load on Windows and Apple.
Dissenter: Based on Brave.  Even more private.  Very snappy response.  I love it.  I know it works on Windows.
Vivaldi:  Newer.  Not as well supported.  Worth a try.  It does send information to home so they can track usage.  Doesn't identify you, but captures IP.
IceCat:  Linux, open source.  Have not tried.
Iridium: gets good marks for privacy.
"But he that doth not believe, is already judged: because he believeth not in the name of the only begotten Son of God (Jn 3:18)."

"All sorrow leads to the foot of the Cross.  Weep for your sins."

"Although He should kill me, I will trust in Him"

diaduit


clau clau

#2
Quote from: diaduit on January 22, 2021, 03:43:16 AM
any trusted source for emails?

Proton mail is very good.  Easy to set up.

https://protonmail.com/
Father time has an undefeated record.

But when he's dumb and no more here,
Nineteen hundred years or near,
Clau-Clau-Claudius shall speak clear.
(https://completeandunabridged.blogspot.com/2009/06/i-claudius.html)

Heinrich

Schaff Recht mir Gott und führe meine Sache gegen ein unheiliges Volk . . .   .                          
Lex Orandi, lex credendi, lex vivendi.
"Die Welt sucht nach Ehre, Ansehen, Reichtum, Vergnügen; die Heiligen aber suchen Demütigung, Verachtung, Armut, Abtötung und Buße." --Ausschnitt von der Geschichte des Lebens St. Bennos.

james03

No, I don't do social media.  In fact I've started ghosting more.  This time next year I'll likely be gone with no trace.  I've seen this in Venezuela.  I have no excuse.

Just downloaded the code to build a crypto wallet.  I'm going to create a little stash.
"But he that doth not believe, is already judged: because he believeth not in the name of the only begotten Son of God (Jn 3:18)."

"All sorrow leads to the foot of the Cross.  Weep for your sins."

"Although He should kill me, I will trust in Him"

diaduit

Quote from: james03 on January 22, 2021, 01:16:41 PM
No, I don't do social media.  In fact I've started ghosting more.  This time next year I'll likely be gone with no trace.  I've seen this in Venezuela.  I have no excuse.

Just downloaded the code to build a crypto wallet.  I'm going to create a little stash.

Could be  a little side earner James if you set one up for different clients ....ahem cough :)

What do you mean Venezuela?

james03

QuoteCould be  a little side earner James if you set one up for different clients ....ahem cough

I can't do that across the internet.  It involves a public key (your "mailbox" address to receive money) and a private key that locks up your money.  Sending a private key across the internet is really, really bad.

Luckily there is an easy way to get set up.
https://electrum.org/#download  (Bitcoin)
https://electrum-ltc.org/ (Litecoin)  I went with Litecoin.

Once you have it installed, create a wallet.  You want a stand alone wallet.  Go with defaults.

The wallet will have a public key or public address.  This is the key everyone can see.  What makes women sad is the wallet will be empty.  So you then have to buy your litecoin or bitcoin.  I'm still researching the different exchanges.  The important thing is you want to be able to transfer the crypto you buy into your personal wallet, which is where your public key comes in.  Maybe I'll go over my experience in a separate post after I successfully buy some crypto.

In the meantime, create your wallet.  It doesn't do anything until you transfer the crypto in. 

As always, if this wipes out your computer, let us know so we can use a different product.

"But he that doth not believe, is already judged: because he believeth not in the name of the only begotten Son of God (Jn 3:18)."

"All sorrow leads to the foot of the Cross.  Weep for your sins."

"Although He should kill me, I will trust in Him"

Lynne

Quote from: clau clau on January 22, 2021, 04:55:44 AM
Quote from: diaduit on January 22, 2021, 03:43:16 AM
any trusted source for emails?

Proton mail is very good.  Easy to set up.

https://protonmail.com/

I'm trying out protonmail (based in Switzerland) and www.tutanota.com (based in Germany). In order to get good features of either service, you need to spend $. Tutanota also has a calendar feature.

Because these service encrypt your mailbox, if you lose your password and need to reset it, you won't be able to retrieve/read your previous emails. That makes me a little nervous.
In conclusion, I can leave you with no better advice than that given after every sermon by Msgr Vincent Giammarino, who was pastor of St Michael's Church in Atlantic City in the 1950s:

    "My dear good people: Do what you have to do, When you're supposed to do it, The best way you can do it,   For the Love of God. Amen"

Kaesekopf

Quote from: james03 on January 23, 2021, 11:33:18 AM
QuoteCould be  a little side earner James if you set one up for different clients ....ahem cough

I can't do that across the internet.  It involves a public key (your "mailbox" address to receive money) and a private key that locks up your money.  Sending a private key across the internet is really, really bad.

Luckily there is an easy way to get set up.
https://electrum.org/#download  (Bitcoin)
https://electrum-ltc.org/ (Litecoin)  I went with Litecoin.

Once you have it installed, create a wallet.  You want a stand alone wallet.  Go with defaults.

The wallet will have a public key or public address.  This is the key everyone can see.  What makes women sad is the wallet will be empty.  So you then have to buy your litecoin or bitcoin.  I'm still researching the different exchanges.  The important thing is you want to be able to transfer the crypto you buy into your personal wallet, which is where your public key comes in.  Maybe I'll go over my experience in a separate post after I successfully buy some crypto.

In the meantime, create your wallet.  It doesn't do anything until you transfer the crypto in. 

As always, if this wipes out your computer, let us know so we can use a different product.

I use Electrum for my private/offline wallet.  So far, computer hasn't exploded.

To purchase BTC, at least, in the USA, I've used Cash App.  Low fees, easy to do.  For values under a couple hundred, this seems to be the way to go.  :shrug:
Wie dein Sonntag, so dein Sterbetag.

I am not altogether on anybody's side, because nobody is altogether on my side.  ~Treebeard, LOTR

Jesus son of David, have mercy on me.

Lucy_Helene

Quote from: Lynne on January 23, 2021, 12:23:02 PM
I'm trying out protonmail (based in Switzerland) and www.tutanota.com (based in Germany). In order to get good features of either service, you need to spend $. Tutanota also has a calendar feature.

Because these service encrypt your mailbox, if you lose your password and need to reset it, you won't be able to retrieve/read your previous emails. That makes me a little nervous.

That fear can be alleviated by using a password manager. If you need a simple cloud-based password manager, I'd recommend the open-sourced Bitwarden, while for the more tech-savvy who want a little more security, I'd recommend KeePassXC, which is offline. A password manager can generate complex passwords up to 128 characters, and you don't have to remember any of them; all you have to do is remember the one password (or preferably, passphrase) you use to unlock your password manager. If you go with an offline one, be sure to backup the file as well.

Added privacy and security need not come with a loss in convenience. I use Bitwarden as a browser extension, so when I start up my browser, I type in the one password, and I can easily autofill all my (40+ character) passwords on each site by putting the URL in the corresponding password entry.

As for email, there are also other services which respect privacy but do not entail the loss of emails in the case of a forgotten password. For example, I use Mailfence for things that don't need to be strictly end-to-end encrypted. That being said, you can implement end-to-end encryption yourself in Mailfence or any provider, as long as you're willing to manually import and exchange PGP keys, which is overboard for most people. It's important to create a reasonable threat model: what information do you need to protect and from whom, what steps will you take, and how much effort will you put into this endeavor?

Heinrich

Quote from: Lucy_Helene on January 28, 2021, 06:37:36 PM
Quote from: Lynne on January 23, 2021, 12:23:02 PM
I'm trying out protonmail (based in Switzerland) and www.tutanota.com (based in Germany). In order to get good features of either service, you need to spend $. Tutanota also has a calendar feature.

Because these service encrypt your mailbox, if you lose your password and need to reset it, you won't be able to retrieve/read your previous emails. That makes me a little nervous.

That fear can be alleviated by using a password manager. If you need a simple cloud-based password manager, I'd recommend the open-sourced Bitwarden, while for the more tech-savvy who want a little more security, I'd recommend KeePassXC, which is offline. A password manager can generate complex passwords up to 128 characters, and you don't have to remember any of them; all you have to do is remember the one password (or preferably, passphrase) you use to unlock your password manager. If you go with an offline one, be sure to backup the file as well.

Added privacy and security need not come with a loss in convenience. I use Bitwarden as a browser extension, so when I start up my browser, I type in the one password, and I can easily autofill all my (40+ character) passwords on each site by putting the URL in the corresponding password entry.

As for email, there are also other services which respect privacy but do not entail the loss of emails in the case of a forgotten password. For example, I use Mailfence for things that don't need to be strictly end-to-end encrypted. That being said, you can implement end-to-end encryption yourself in Mailfence or any provider, as long as you're willing to manually import and exchange PGP keys, which is overboard for most people. It's important to create a reasonable threat model: what information do you need to protect and from whom, what steps will you take, and how much effort will you put into this endeavor?

With all this, which is quite an impressive spread you've elucidated, the NSA/Mossad/CIA/Team Biden could still get to you if they really wanted to.
Schaff Recht mir Gott und führe meine Sache gegen ein unheiliges Volk . . .   .                          
Lex Orandi, lex credendi, lex vivendi.
"Die Welt sucht nach Ehre, Ansehen, Reichtum, Vergnügen; die Heiligen aber suchen Demütigung, Verachtung, Armut, Abtötung und Buße." --Ausschnitt von der Geschichte des Lebens St. Bennos.

Lucy_Helene

Quote from: Heinrich on January 28, 2021, 08:23:59 PM
With all this, which is quite an impressive spread you've elucidated, the NSA/Mossad/CIA/Team Biden could still get to you if they really wanted to.

True, but I don't think I'm worth enough to them to justify the effort of hacking my stuff. For me, this started off as simply wanting to keep some sensitive communications private, which then extended into wanting to take a stab, however small, at Big Tech. This is why everyone should evaluate their threat model, since not every individual needs Snowden-level privacy. When the enemies of the Church really come to send us to the gulags, then the rest is in God's hands.

ralfy

Also, try https://privacytools.io/

For Microsoft users with no Enterprise ed. and who need to log in various sites, want to play lots of games, etc., one may consider the O&O Shutup and similar tweakers for privacy and the ff. for browsers:

Firefox hardened by modifying about:config entries:

https://privacytools.io/browsers/#about_config

or Icecat compiled for Windows, with the ff. addons:

https://privacytools.io/browsers/#addons

uBlock Origin wide spectrum blocker in default mode

Multi-Account Containers (personal and business accounts in separate containers and set to load automatically only in those assigned containers, and non-personal accounts used for anything else)

Cookie Auto Delete (only cookies for any login accounts whitelisted per container)

Anything else outside containers, with non-personal accounts for any logins needed for functionality (like viewing videos)

Iridium browser (with uBlock Origin and Cookie Auto Delete if desired) for any personal or business Google accounts


Lucy_Helene

Quote from: ralfy on January 29, 2021, 12:04:25 AM
Multi-Account Containers (personal and business accounts in separate containers and set to load automatically only in those assigned containers, and non-personal accounts used for anything else)

Cookie Auto Delete (only cookies for any login accounts whitelisted per container)

You can try using Temporary Containers, which also allow you to set some "permanent" containers similar to the functionality of Multi-Account Containers. This way, if you want to open something and need a quick new container, you can create one just by clicking in the top right-hand corner. Once you delete the container, all the cookies isolated in that container are deleted, which eliminates the need for another add-on like Cookie Auto Delete. I say that because while privacy extensions are beneficial, there can be a trade-off if you use too many, as each one can potentially be compromised at some point, increasing your attack surface.

james03

Attack surface?  Just admit you are an IT geek.
"But he that doth not believe, is already judged: because he believeth not in the name of the only begotten Son of God (Jn 3:18)."

"All sorrow leads to the foot of the Cross.  Weep for your sins."

"Although He should kill me, I will trust in Him"