• Current Events, Politics
    & Science

    Welcome Guest
    Please read before posting:
    Forum Guidelines Bluelight Rules
  • CEPS Moderators: cduggles | Deru | mal3volent
  • Bluelight HOT THREADS
  • Let's Welcome Our NEW MEMBERS!

Tech Wilson’s guide to digital privacy and security

Wilson Wilson

Moderator: BDD, OD
Staff member
Joined
Aug 6, 2014
Messages
3,797
Location
LDN, UK
I offered to write this and @PrincessDiz was interested and I’m sure others will be too, so here it is.

I will focus this guide mainly on things anyone can do if they follow simple instructions regardless of technical skill. I will make brief mention of projects techies might be interested in, but I won’t focus on talking about them in detail as nerds can do their own reading from the project websites and I want to make this as accessible as possible.

The goal of this is to help anyone with any type of setup improve their privacy and security in some type of way. Those who are properly dedicated can even set up a super secure locked down smartphone without much skill required, but money may need to be spent for compatible hardware. A sufficiently powerful laptop or desktop can also run an ultra secure OS. I will focus primarily on things that should work on any modern device, then discuss the more specialised stuff further down for those who are interested.

Privacy vs. security

First thing’s first. I want to explain the difference between privacy and security. These are often used interchangeably but they’re in reality very different.

Security means a system is safe from external threats. If I set up a computer in such a way that hacking into it is very difficult, it is a secure system. But a secure system is not necessarily private. For example: Windows 10 has many good anti-exploit features, built in antivirus and firewall, and automatic security updates. However it also has a built in keylogger, it sends info on what software you use, what websites you visit, who you talk to, what your voice sounds like (if you use Cortana), and even your location back to Microsoft by default. It is also closed source, making it impossible to independently verify what the code is doing. This makes it very bad for privacy even though it has decent security.

Privacy means that no one is snooping on what you’re doing. A private system is not necessarily a secure one. For example, custom Android ROMs such as Lineage OS (Cyanogen) do not contain Google Play Services by default and therefore nothing in the OS is tracking you. However, in order to install it, you must unlock your bootloader, inherently making your device less secure. Most phones on custom ROMs are also rooted, which is again inherently insecure as it bypasses the Android permission system. So you can have a setup that’s good for privacy, but makes compromises in security.

Ideally what you want is both. But as the above examples demonstrate, this is more difficult than you might assume.

There are ways to improve your privacy if you insist on using Windows, but you will have a hard time gaining full privacy on Windows 10 by design. Downgrading to older versions of Windows is very bad for security as they’re no longer patched (and most new computers don’t have Windows 7 drivers anymore). So if you want a private and secure OS you need to really look at alternatives in the Linux world.

I’ll get onto that later. What I’ll start with first is how to improve security and privacy in small ways no matter what your setup is.

Home network security and privacy enhancements

Your DNS server


A DNS server is the service that turns websites into IP addresses. For example if you enter “pornhub.com” into your browser, the DNS server will be sent that URL and return the IP address. The IP address is what your computer actually uses to find the website. This happens in the background so you don’t see it. By default you probably use your ISP’s DNS server. ISP DNS is often not the best and doesn’t take advantage of latest technology (think of it like ISP email accounts) and in some cases, especially in more oppressive countries, ISPs even use their DNS for censorship.

The easiest changes to make are to your home network. By simply going into your router settings you can change the DNS server for pretty much all devices on your WiFi. For the most low effort approach possible, you can use an existing service such as AdGuard DNS.

This will do two things: take the responsibility of handling DNS queries away from your ISP, and block requests to ad and tracking servers. This makes it a decent privacy and security enhancement as ad networks track your online activity and most in the wild exploits abuse ads. This will also provide ad blocking for all devices on your network!

The process is very simple. The exact location of menus will depend on your router, but any router should allow you to manually enter DNS servers. If in doubt just look up the name of your router + how to change DNS.

If your router allows for DNS-over-TLS, which may be called “secure DNS” or something similar in the menus, you should enable that and enter “dns.adguard.com” as your DNS server. This performs the same function as entering the IP addresses manually except it means your DNS requests are encrypted for some extra security (it makes MITM attacks more difficult which is good for security, but doesn’t necessarily provide privacy as TLS leaks the target domain name).

If the option for DNS-over-TLS isn’t there, and you just have the classic DNS menu where you’re asked to enter two IP addresses, then put in 176.103.130.130 and 176.103.130.131 then save your changes.

Now any device on the network set to use the DHCP allocated DNS servers will automatically update to those. Most devices are set like this by default so you shouldn’t have to change anything else. Those devices will get your DNS from your router automatically.

Some devices have hardcoded DNS servers for example the Google Chromecast always uses Google’s DNS servers (8.8.8.8 and 8.8.4.4). Not much to be done there. But this won’t be the case for your phone, tablet, laptop etc.

If you have an Android phone, I recommend using the “private DNS” option to set AdGuard DNS on that as well. The benefit of this, aside from using DNS-over-TLS, is the DNS server entered there will work on WiFi and mobile data. So even if you’re on the mobile network, the DNS server will be the one you enter, not your network one. This means you get encrypted DNS and ad blocking.

Yes this is a method of ad blocking without having to install any apps! It will block all ads in all apps across your whole Android phone without rooting or even installing anything.

Just go to settings > network settings > private DNS > select “custom” > enter “dns.adguard.com” > save.

Done!

Unfortunately it’s not possible to set the DNS server for your mobile network on an iPhone without using a VPN. I’ll get to VPNs later.

DNS the nerdy way

If you feel like getting your hands dirty you can do what I’ve done and set up your own local recursive DNS server using a Raspberry Pi. To do this you simply install Unbound and Pi Hole on a lightweight Linux server - a regular Pi 3 running the command line version of Raspbian does the job perfectly - give a fixed local IP, then set that IP as your DNS server. This means all DNS queries from within your LAN go through your own local DNS server, not a remote server, and you can customise the block lists - for example if you hate Facebook you can block all Facebook domains from working in your LAN.

If you are comfortable with Linux and the terminal it will be very easy and shouldn’t take more than an hour max to get set up as you like it. There is a full tutorial here:


Please note this covers your LAN only. If you want something that works remotely, outside the local network, use the AdGuard DNS. If you want a DIY solution you could also set up your own VPN using a cheap VPS and run Pi Hole on that. But since you are trusting a third party server either way, I recommend the simple AdGuard option unless you really want customisation or simply enjoy having a project. Keep in mind that any public cloud provider is pretty much certain to be backdoored by the usual suspects (see: PRISM).

Do NOT open a DNS server you create yourself directly to the internet as open resolvers set up on random networks are used for DNS amplification attacks, a form of DDoSing.

Other router settings

There are other router settings that are worth changing to provide extra network security. Often these are “convenience” features but many are outdated as new standards no longer require them, so disabling them should not affect anything negatively. If it does, you can always change settings back.

Can’t really give exact instructions here as it once again differs by router model, but again Google (or DuckDuckGo) is your friend.

Disable UPnP.

Disable port forwarding unless you absolutely need it and know what you’re doing.

Ensure the firewall is on and set to block all incoming connections.

Run a test to ensure all ports are closed:


The router itself

Some ISP routers keep certain ports open as a backdoor for customer support to remote in. Like any backdoor, this can also be used by black hats (the people you think of as "hackers") looking to exploit your network. All ports should be closed. If the test above finds open ports even though your firewall is set to block all incoming connections, I am guessing it’s an ISP router, and you should get rid of it.

ISP routers may also remove settings such as those allowing you to toggle UPnP or change your DNS. Sometimes this can be fixed by flashing new firmware, but this carries a risk of bricking the device and it’s easier to just buy another router.

It is also rare for ISPs to provide frequent and timely updates to routers, and running outdated software on a router is high risk as the router is at the edge of your network and protects the devices within your LAN. If your router is exploitable, every device in your network is vulnerable. If your router hasn’t been updated for a long time (you should be able to check the firmware build date in the settings) you should replace it. Router malware is a growing real world problem.

Finally, ISP routers are often just plain old shit. That’s why they can give them away for “free” when you sign up. They’re unreliable and often a proper router will provide a much better experience.

Personally I use an Asus router running the Merlin custom firmware, these have treated me well over the years. You can also get routers with preinstalled custom firmware that blocks ads or provides VPN access. For example AdGuard and Private Internet Access both sell routers integrated with their respective services. But for most people stock firmware is likely fine and certainly much less hassle as long as it doesn’t come from an ISP.

You may need to keep your ISP router to use as a simple modem. In most cases you should be able to change a setting to put the ISP router into modem mode. Then all it does is provide internet access to your own router, and the router is what manages and secures your actual network. You can also buy a router with a built in modem or buy a standalone modem. Just make sure it’s compatible with your connection (e.g. for fibre optic broadband you need either a VDSL or VDSL2 modem depending on your service). Your ISP might give you a preconfigured standalone modem if you ask but most want you using their shitty routers so have little incentive to do this. You can however often find ISP modems on eBay cheaply. My setup is an ISP modem plugged into an Asus router.

Improving privacy on a Windows system

Use Brave Browser instead of Chrome, Edge, Firefox, etc.

Set DuckDuckGo as your default search engine.

Disable Cortana.

Under settings > privacy > diagnostics and feedback, set it to “basic” instead of “full.” This cannot be disabled properly unless you use Windows 10 Enterprise so it’s just limiting the info being beamed out.

Go through the privacy settings and disable anything you’re uncomfortable with.

If you don’t use the webcam, put tape over it. No, seriously.

Be careful what antivirus software you trust. Big names have been caught collecting user data and selling it to advertisers, with the only mention of this hidden in the small print. Poor antivirus software can also make it easier to hack your computer. My personal recommendation would be MalwareBytes, but the built in Windows Defender is really good enough in most cases. Avoid Kaspersky as it’s been linked to breaches. Avoid AVG and Avast as they’re known to collect data. Avoid McAfee because it’s just bad.


An enlightening quote:

The N.S.A. bans its analysts from using Kaspersky antivirus at the agency, in large part because the agency has exploited antivirus software for its own foreign hacking operations and knows the same technique is used by its adversaries.

“Antivirus is the ultimate back door,” explained Blake Darché, a former N.S.A. operator
and co-founder of Area 1 Security, as quoted by The New York Times. “It provides consistent, reliable and remote access that can be used for any purpose, from launching a destructive attack to conducting espionage on thousands or even millions of users.”

About zero day exploits

I’m going to talk about something called “zero days” getting into security. A zero day exploit is simply an exploit, in the latest version of some software, that is known only to the hacker(s) who found it and vitally is not known to the software vendor responsible for patching it.

So if you were a hacker who found an exploit in the latest version of iOS that no one including Apple else knew about, that exploit is a zero day. It’s called a zero day after how many days have passed since a patch was released.

A zero day exploit is high value as it allows any device running the target software to be attacked even if it’s fully updated. Just how high value? Read on and find out.

Smartphone security

As far as security goes, the best thing you can do is keep your OS up to date. If you have an old phone that no longer gets OS updates, replace it. If you have an Android phone you can go to settings > about phone > software information to check the security patch level. If this says something like Jan 2018, your device is hella exploitable and you really need a new one.

You could install a custom ROM which would display a higher patch level, but a custom ROM cannot really do anything for a device no longer supported by the OEM since the firmware won’t be getting updates anymore. Patching OS level exploits without the required firmware patches gives you pretty much nothing but a false sense of security. And most custom ROMs reduce your security anyway - the moment you unlock your bootloader your security is decreased, the moment you root your phone your security is pretty much out the window.

If you have an iPhone, you’re in luck on this front as Apple will provide security patches for 5 years to all iPhones. And if your phone is over 5 years old you probably want a new one anyway.

Assuming you have the latest version of iOS or Android, and you continue to get updates, you have solid security. The current market value for a zero day exploit chain allowing remote code execution, privilege escalation, and persistence is $2,000,000 for an iPhone and $2,500,000 for Android 10.

No, really.


So yes, if you happen to be any good at this hacking malarky, and you don’t have much of a moral compass, you could make a cool two mil from a single exploit chain. Specific clients are not disclosed by exploit brokers but selling zero days to the “grey market” usually means they will find themselves in the hands of nation state attackers. This could be the US, UK, the UAE, Saudi Arabia, China, Russia, North Korea… whoever is the highest bidder. Reuters did a great article on the UAE’s recent hacking operations, but note that pretty much every country does the same thing and the NSA’s are definitely 10x worse (see: Equation Group).

The reason these exploits are worth so much and used almost exclusively by nation state attackers is because they’re very difficult to find and in high demand. When a high value zero day is found, it is likely to be used only in targeted attacks, else it will become “burned” very quickly - meaning the attacks will be noticed if performed openly on random devices and the software vendor will patch the exploit, making it worthless except on outdated software.

A device running outdated software does not require a zero day for a successful attack. There are always public exploits known for old software, and using those to attack unpatched devices is very easy.

This should really hammer in just how important updates are. Software updates can make the difference between a device that can only be hacked by a nation state attacker with a few mil to burn, and a device that can be hacked by any bored nerd with Kali running on their laptop.

If you happen to own a Samsung, then Knox also provides additional security on top of what is already provided by Android, but this is not a substitute for security patches. Luckily Samsung is one of the better OEMs for providing patches.

Privacy on the other hand is a lot more complex.

Why iPhones and Androids are both shit for privacy

Both Android and iOS have some solid security (assuming you still get patches) but have big problems with privacy. Yes even Apple.

The reason Android is “free” is the same reason anything Google makes is “free” - you pay with your data. Google services track every app you install and how often you use it, they track your location, they collect your contacts and scan the contents of your emails (if you use Gmail), and if you enable Google Assistant they learn literally everything about you. Ever had a pop up on your phone related to a shop you walked past, or telling you there’s traffic on your normal route to work? This is how they do that, by collecting everything. Google will have a log of your location at all times if you’ve opted in to full Assistant functionality.

Many popular Android phones, e.g. Samsungs, come preinstalled with Facebook system apps too. This effectively means Facebook has root access to your device. I’ll tell you how to remove those without rooting in a minute by simply using the adb shell.

“But Apple doesn’t make money from collecting data!” I hear you say. Perhaps not, but they do enable iCloud backups by default, meaning unless you manually go into your phone settings and turn it all off, iPhones (and iPads) upload everything on your device to “the cloud.” This is done in such a way that Apple can read the data and they provide it to authorities when asked, including in oppressive regimes such as China. They did plan to introduce encrypted iCloud backups that would have been impossible for Apple to read, but they cancelled this plan because the FBI told them to stop it. iCloud data is stored on Google and AWS servers (NSA has these pwned) and they use GCBD servers in China (hello CCP). You may also be interested to know that despite their claims to the contrary, Apple has the ability to read iMessages of any user. Additionally, there are hidden data collection mechanisms within iOS and increasingly in macOS - this article goes into loads of detail about these.

Like Windows, iOS is closed source, so you have to blindly trust Apple when they say they protect your privacy. Likewise with Google, although the base Android OS is open source, an increasing number of functions now require proprietary Google software, and any off-the-shelf Android device will contain Google services that track everything ya do.

How to improve your smartphone privacy

There are some things you can do to minimise the data leakage. Ad blockers are once again a good suggestion. Follow the DNS instructions for Android. For iOS, there are many free ad blockers available in the App Store. These only work in Safari but they’re very good. There are simple ones like BlockBear and more customisable ones like AdGuard. You can choose what is best for you.

Disable location services when you are not using it. Be very careful which apps you give location access to. When you do grant location access to an app, when possible allow it only when the app is open, not in the background. These tips apply to both Android and iOS.

Disable any cloud backup services such as iCloud backups.

Only install apps you use. If you don’t use apps anymore, uninstall them. This is good general system maintenance but it also makes sure nothing is tracking you even though you aren’t using it, and it reduces your attack surface for potential exploits.

Consider installing Brave as your browser. It has ad blocking, tracker blocking, and HTTPS Everywhere built in. It’s able to block specific page elements which DNS level ad blocks cannot.

Set DuckDuckGo as your default search engine. On an iPhone you can do this in Safari settings. On Android you can install the DuckDuckGo app. If you use a third party browser such as Brave, you will have an option in the settings to change your default search engine there.

Android: removing Facebook system apps

If your phone came with Facebook preinstalled it will have likely also come with other system level apps that do things like update Facebook outside of the Play Store (for what reason, I don’t know) and could do in theory whatever they want because system apps have a lot of extra privileges in Android. When Facebook is preinstalled as a system app it has root access to your device, effectively giving it the freedom to own your system.

Luckily removing it is easy and does not require root. You just need to install adb on your computer first. The instructions for this differ depending on your OS.

Installing adb on Windows

Get the Android platform-tools from Google.


Now extract the zip somewhere you’ll remember and follow this guide:


On Windows 10 this process is actually pretty simple, but if you’re feeling lazy you can just run from the path. For example if it’s in your downloads folder then in cmd you would run something like:

C:\Users\Wilson\Downloads\platform-tools\adb.exe

If this gives you version info and a list of commands it works and you can just use this lazy method.

Installing adb on Mac OS

Get the Mac platform-tools from the Google link above.

Extract them somewhere you’ll remember and follow this guide:


If that looks a bit daunting to you (it is a bit of a complex process just to make a command work) you can instead just run from the path platform-tools is in. For example if it’s on your Downloads folder you can run something like:

~/Downloads/platform-tools/adb

Which should bring up some version info and a list of commands. If so, it works and you can just use this instead of adding to the system path.

Installing adb on Linux

A good old “sudo apt install platform-tools” in the terminal should do the trick. I say should because most distros have outdated platform-tools binaries in their repos, but as we’re running such simple commands this shouldn’t matter.

If you do get any problems, uninstall the distro’s build (“sudo apt remove platform-tools”) and download the latest Linux binaries direct from Google above. As with Mac OS you can add these to your system path or just run them from the directory. The process is much the same as both are UNIX systems. A Linux specific guide is here if you want to add to your path.

The easy bit: running the commands on your phone

You’ve done the difficult bit now, the rest is easy.

First bring up a terminal on your computer and have it ready. On Windows open the start menu and type “cmd” then hit the Command Prompt app. On Mac or Linux, open Terminal. Make sure adb runs as described above.

On your phone go to settings > about > software information and tap on the build number 7 times. It should confirm “You are now a developer!” On Samsung phones you can go back to the main settings menu and developer options is now right at the bottom. The exact location of the menu may differ by device but it’ll be in settings. If you can’t find it just search “developer options + your device make”.

Once in the developer options scroll to USB debugging and turn it on.

Plug your phone into your computer. The phone should ask if you trust the computer for USB debugging. Hit allow.

Now type in these commands:

adb shell
pm uninstall --user 0 com.facebook.services
pm uninstall --user 0 com.facebook.katana
pm uninstall --user 0 com.facebook.system
pm uninstall --user 0 com.facebook.appmanager


To make sure you got everything, you can also enter:

pm list packages | grep facebook

If anything else comes up, you can remove it the same way. For example if a package called com.facebook.skynet comes up, you can enter: pm uninstall --user 0 com.facebook.skynet

Note that if you didn’t add platform-tools to your system path, you will need to run the adb command by manually entering (or copy/pasting) the path to the executable. For example in Windows:

C:\Users\Wilson\Downloads\platform-tools\adb.exe shell

Once you’re actually in the shell you can just run the rest of the commands as usual, because the shell runs within adb which is now running in the terminal, so you don’t need to tell the computer where it is again.

Once this is all done, simply type exit and unplug your phone. Now on your phone, disable USB debugging in developer options. You can turn off developer options itself if you wish.

The apps should be gone now. Reboot your phone to be certain.

How to talk to people securely

Regular phone calls and SMS are insecure. Period. They use 90’s encryption that hasn’t been improved upon since. Anyone can crack it with cheap antenna equipment. Police are known to use “stingray” devices to passively hoover up text and call data and track the location of phones. This is done by imitating a phone mast. It’s very easy because, again, this is 90’s tech with shit security. Additionally, your network likely keeps a log of all your calls and texts for at least a year.

Not much can be done about the above as GSM is inherently insecure and the MITM attack performed by the stingray can be replicated by anyone with a bit of simple transmission equipment. The only thing to do is treat the network as potentially hostile and ensure you are not relying on GSM for encryption. Your communications should be encrypted before they leave your device. Which brings me nicely onto…

Install Signal. Tell all your friends to install Signal. It’s the most secure messenger in existence. It allows for E2E encrypted text, voice, and video chats. Texts can be set to automatically delete themselves on both devices after a timer has been set. The NSA really really don’t like it when people use Signal because they cannot crack the encryption. Edward Snowden uses it.

Do not trust WhatsApp. Its long history of severe exploits aside, it’s closed source and owned by Facebook. The cloud backups also undermine the encryption. I wrote a thread detailing why WhatsApp cannot be trusted here:


It should go without saying that Facebook Messenger shouldn’t be trusted either.

iMessage’s design allows Apple to read your messages whenever they want (see link above under “why iPhones and Androids are both shit for privacy”). The fundamental issue with iMessage is that Apple controls the keys used to encrypt your messages and can change them whenever they want without you noticing. This also allows them to add a secret participant to the conversation, unknown to you, who could be anyone e.g. FBI agent. It’s also closed source. It’s better than using something owned by Facebook but well that’s not saying much is it?

Telegram has a lot of flashy bells and whistles but by default all chats are stored in the cloud so you are just trusting Telegram to secure them and not share them. It’s unlikely they’re selling your data, but security breaches happen all the time. Signal on the other hand is designed so the servers literally cannot even read your messages, let alone store them, as they don’t have the keys. Telegram does have E2E “secret chats” but the cryptography is questionable and the secret chat function doesn’t allow for group chats.

Signal is the one. Use it. Make everyone you talk to use it. Your privacy will be increased significantly.

A note on VPNs

A VPN will hide your browsing activity from anyone logging your internet use, including your ISP and lower level parts of the government, but you have to trust the VPN service you use. It is very easy for someone running a VPN server to log all traffic from all users. Most will advertise a zero log policy, so you simply have to trust them to keep to their word. Some have been caught lying about this.

The country a VPN runs from is also important. You should avoid ones run from a member of the Five Eyes. This includes the related agreements expanding to the Six Eyes, Nine Eyes, and Fourteen Eyes. These countries perform mass surveillance and share intelligence with each other. Members of the Five Eyes can use XKeyscore, the NSA’s PRISM search tool.

You might think this type of concern is being too paranoid, but consider that countries such as the US, UK, Germany, Australia, Russia, and many more have laws in place that allow law enforcement to compel companies to backdoor their services, and this will also come with a gag order. In the US these are known as national security letters (NSLs) and are handed out by the FBI. Australia’s law takes it a step further and allows the government to compel individuals to backdoor the company they work for. So the country your VPN is based in is very important.

Pretty much every big US company has been served with an NSL so use of these by the FBI appears commonplace. A warrant or other oversight from a judge is not necessary to grant one. Remember unless an NSL has later been declassified, a company cannot tell you if they’ve been served with one.


Big companies often have the resources to fight such things, but VPN providers are small businesses without the resources of Apple or Microsoft. Such companies have to choose between accepting the NSL or shutting down the whole business. The Lavabit case is a good example of how this whole Kalfkaesque process works.


In that Lavabit case, the NSL would have given the FBI access to the emails of every single user had it been followed through. It's hard to speculate on other cases, but keep in mind this shows NSLs are not limited to selective surveillance.

ProtonVPN is good. It’s run by trustworthy people (CERN scientists) from a trustworthy country (Switzerland) which is not a member of any intelligence sharing arrangement and has pretty strong privacy protections in law.

You can set up your own OpenVPN server on a VPS if you have some basic Linux skills, but the question comes back to how much can you trust your web host with your data? Pretty much all big web hosts can be assumed to have backdoors. It’s hard to say with smaller fish, but small web hosts are small businesses so again, even if they have idealistic leaders, they’re unlikely to be able to fight the FBI if they do come knocking.

How to make the most secure smartphone possible

This is a bit more hands-on but it’s something that only requires following a simple tutorial and typing a few commands into a terminal. You will however need to buy a Pixel 3 or 3a. If those two prerequisites are not an issue, read on.

The US Secret Service provides modified Android-based smartphones with a specially created locked down OS. The president uses such a phone for state business. This is probably not private, since we can guess the state security services keep logs of what the president does on his phone, but it’s likely very secure.

This isn’t an option for us (and even if it was, would you trust an OS made by the US government?) but we do have a locked down Android fork for the masses.

GrapheneOS is an open source project dedicated to creating a hardened version of Android. It is focused on privacy and security, with a particular emphasis on enhanced security and exploit mitigation. It has a hardened kernel, hardened memory allocation, hardened browser engine, extra SELinux policies, more sandboxing, a modified permissions system, and a lot more.

Basically they’ve added a lot of extra security to the OS as well as taking the existing security measures and improving them. There is also no Google services and no other trackers inside the OS. It doesn’t watch you, it has no built in cloud services, and it protects you heavily from intrusions. It’s excellent for both privacy and security.

The primary goal is exploit mitigation, which means that even if a known exploit or a zero day exists to attack Android, it should be much more difficult to use such an exploit on GrapheneOS compared to normal Android. This means even nation state attackers who buy and stockpile zero days would have a harder time hacking into your phone. The NSA probably won’t target your phone, but you can rest assured that if even they’d have a hard time getting in, so would an average hacker.

It is probably the most secure mobile OS the public can get. Edward Snowden has said that: “If I were configuring a smartphone today, I'd use Daniel Micay's GrapheneOS as the base operating system.” A very strong endorsement for a project focused solely on privacy and security.

The usual concerns about custom ROMs do not apply here as, unlike an average custom ROM, GrapheneOS uses the same install process as official Android builds and doesn’t require a custom recovery or an unlocked bootloader after the initial installation is complete. In fact they tell you to lock it again once you install the OS and the install process includes installing their key to ensure the phone only installs future updates that are cryptographically signed. There is also protection against attempted downgrades and OS integrity verification - in other words the bootloader checks no one has tampered with the OS whenever you turn the phone on.

How to install it

Since it has strict requirements for the hardware it supports, requiring that it have various security features, GrapheneOS currently supports only the Pixel 3 (XL) and Pixel 3a (XL). It does also sort of support the Pixel 2 but only as a legacy device and support will be dropped soon as it lacks important hardware security features. So you should use a Pixel 3 or 3a. The cheapest option is the 3a which costs around $300 brand new. eBay prices are even less. Get a factory unlocked one, not a carrier one.

Backup anything from the phone you want to keep then follow their instructions.


You can adapt the adb instructions above to the fastboot ones required for this. Both are included in platform-tools.

How to set it up

When you first boot it up you’ll probably realise it’s very sparse. It only comes with a basic set of mostly barebones AOSP apps. The project says this is so they can keep their focus on the core security of the OS and let users install the apps they want. Which is fair enough, but it does seem like F-Droid should be on there by default.

So you can install F-Droid from here. After doing this, it’s a good idea to go into the browser app settings and disable the permission to install unknown apps, which you had to enable previously to get F-Droid. You will have to also grant this permission to F-Droid itself, but it needs it, so you can keep it on.

It is best practice to install apps from F-Droid whenever possible as they’re open source and don’t contain ads and trackers that most apps are full of. But you probably will want apps from the Play Store too. So in F-Droid search for Aurora Store and install that. Select anonymous login when it asks. Now you can install apps from the Play Store without actually having the Play Store, using a Google account, or having any Google services running. Check back to both F-Droid and Aurora for updates and make sure you keep all your apps up to date.

One especially useful user facing feature in GrapheneOS is the “network” permission. If you turn this off for any given app, it will be unable to access the internet. So if you have a free game that keeps throwing ads at you and bugs you for your location, you can deny it network access and it won’t have an internet connection. Any app that doesn’t actually need internet access should have this permission disabled.

If you run this OS and communicate via Signal, you have what is probably the most private and secure smartphone setup on the consumer market.

How to improve your laptop’s privacy and security

Replacing Windows with a user friendly Linux distro such as Ubuntu or Elementary is the easiest way to secure your laptop and make it more private. I’ve installed those two Linux distros on computers of people I know are not technical and they had no trouble adapting - in fact they have fewer problems with their computers than they did with Windows.

Moving away from Windows is the biggest step you can take towards increasing privacy on your computer. Linux is the only viable alternative and it is far superior for privacy. Security is also very solid assuming you’re sensible about what you install and you keep everything up to date.

There are two ways you can go here. The first is to install a regular user friendly distro like Ubuntu or Elementary. These are easy to use, lightweight, and reasonably secure. They will work on almost any computer.

The second is to install a specialist secure distro such as Qubes. This uses fancy witchcraft (aka the Xen hypervisor) to separate your system into different VMs. Because it’s based on VMs it can even integrate with Windows, so you can use Windows software inside Qubes without WINE, as well as Linux software across multiple Linux distros.

It will lock you down tighter than Fort Knox, but it is less user friendly and requires some knowledge to use it to its full potential. It also has stricter hardware requirements, since running multiple VMs requires a powerful computer. Some security features also require specific hardware support.

As with GrapheneOS, Qubes is endorsed by Edward Snowden: “If you're serious about security, QubesOS is the best OS available today. It's what I use, and free. Nobody does VM isolation better. It's not bulletproof -- nothing is -- but it's as close as you can get right now.”

If you are already familiar with Linux and have a powerful enough machine I direct you to check out Qubes.

However since I’m targeting this at normies I will focus on the mainstream Linux distros. They provide plenty of privacy and security enhancements over Windows making it worthwhile doing for the average user.

Ubuntu is the most popular, while others are usually based on Ubuntu. Ubuntu is a fine choice if you want a basic user friendly Linux system. When installing, I recommend using the light install option rather than the full one. This is simply because less software you don’t need means a smaller attack surface.


Elementary is also very lightweight while also having a real nice interface. Perfect for the average user. Based on Ubuntu but with its own set of packages. This also means any software made for Ubuntu will run perfectly on Elementary. Even my gran can happily use this OS.


Note that despite how the page is set up, you don’t have to pay for it. Just enter 0 into the custom box.

Mint is easy to use and looks a lot like Windows, but it comes with a lot of packages you probably don’t need, including poorly secured stuff like Flash, and as of right now has no “light” install option. You could manually remove unwanted packages, but the whole point is to make this easy and accessible. So I recommend one of the other two.

The actual installation process is easy. You can create a bootable USB by downloading the ISO and burning it using a Windows tool called Rufus. Back up anything you want to keep from your computer, boot from the USB stick, and you will be booted into a live session. You can try out the OS to make sure it works properly on your computer before installing. When you’re ready just choose install and follow instructions. Make sure you turn encryption on when prompted.

The ease of enabling full disk encryption on Linux is itself a vital security and privacy upgrade. To encrypt your disk on Windows you either need to pay for Windows 10 Pro and set up BitLocker which is closed source and backdoored, or use third party software such as VeraCrypt which is an excellent open source project, but requires a third party bootloader and is not officially supported by Microsoft, meaning it isn’t guaranteed to work and future OS updates could break it. And it still won’t help with the other privacy issues of Windows.

If you want to keep your current Windows setup as well as your Linux install, you can partition the drive during installation for a dual boot system. This means when your computer turns on it asks if you want to use Linux or Windows. Your drive will be split between the two OSs. You will need to decide how to split the drive - for example do you want to make it 50/50 or give one OS more space? Changing this later can be tricky so consider it beforehand.

If you do partition your drive, still back everything up just in case something goes wrong. It usually doesn’t, but if it does you’ll kick yourself for not having a backup.

Once Linux is installed, usually Firefox is the default browser. It’s best to install Chromium or a Chromium based browser such as Brave instead. Chromium is a more secure engine than Firefox (way better sandboxing), has more compatibility with various websites, and projects like Brave build extra privacy protection on top. Avoid Google Chrome as it contains proprietary Google code.

To install Chromium: sudo apt install chromium-browser

Once you open it you can (and should) install uBlock Origin as well.

Set up automatic updates in your distro and reboot it now and then so kernel upgrades can take effect. Enable the firewall and set it to block all incoming connections. Strictly speaking, an out of the box Linux install should be very “quiet” and not open ports unnecessarily anyway, but it’s good to have extra layers of security.

You can also increase sandboxing by opening a terminal and entering “sudo apt install apparmor-profiles apparmor-profiles-extra”. Ubuntu based distros come with AppArmor installed already, those two packages just expand the amount of services and apps that it protects. As with anything else it’s no silver bullet but it provides an extra layer of security.

WINE can often run Windows software inside Linux but it’s not perfect. You can also use VirtualBox to just run Windows in a virtual machine. This will run all Windows software fine, but it requires a Windows license (you can get one for $5-10 on Amazon or eBay) and the performance of a VM depends on how powerful your computer is. If you have a recent laptop with an i5, at least 8GB RAM, and an SSD, you will probably have no trouble at all. But an older or low spec machine will struggle to run a VM and in those cases it’s best to use the dual boot option.

How to make the most secure laptop possible

If you really wanna go hard, install Qubes. I won’t write a full guide to that here since their site has good documentation and if you understand the benefit of running it you probably don’t need a tutorial.

Using it to its full potential requires changes in how you use your computer, for example by putting sensitive software and files in their own VMs, so it won’t just magically do everything in the background. Keep this in mind.

And as it is running multiple VMs you do need decently high end hardware. It won’t run on your shitty Pentium.

Some final notes

The practises you choose to follow will depend on your threat model. I’ve mentioned the NSA a few times but it’s important to be aware that trying to outsmart the NSA is unlikely to be successful. You can generally assume they’re tapping your connection at some point down the line.

But what you can do is decrease exposure to the dragnet, so for instance if you use Signal on a locked down OS that isn’t sending out tracking data, there’s no personal info being leaked out of your phone for the NSA to grab in the first place. They could grab your Signal messages, but they’ll just look like a bunch of garbled nonsense as breaking the encryption would require more time than the universe has existed for.

If running your computer for as long as the universe has existed lets you check A keys (A is absurdly huge), and a magical computer that can check A keys per second (this is running a desktop computer for 14 billion years every second) running for as long as the universe has existed would have checked B keys in that time, then if you happen to have a super-duper magical computer that checks B keys per second (keep in mind that this is as fast as a desktop running every second for 14 billion years, per second) and has been running since the Big Bang, you would only be around 68% done with your brute-force.

To put it another way: The Sun will die out in a paltry 5*109 years. In that time, the ratio of the progress you've made to the total amount of work you have to do is within a couple orders of magnitude of the ratio of the mass of one hydrogen atom to the mass of the supermassive black hole at the center of the galaxy. However, Wikipedia lists the heat death of the universe as occurring at earliest in 10*100 years, so you will crack it by then.

Basically the best way to keep your shit private is to limit the amount of info being sent out in the first place. And to ensure any info that is sent out is end-to-end encrypted with modern encryption standards.

Other elements of a threat model are important to work out what you’re trying to defend against and what tools are needed. If you want to protect yourself against hackers, a locked down, up to date OS is the best way to do it. If you just want to limit the amount of tracking across the internet, AdGuard and Brave Browser will do a good job and are far more simple to set up.

It should also go without saying that absolutely nothing is 100% secure. What you can do however is make your systems as secure as possible, so any attackers are likely to get bored and move onto easier targets. And you can definitely avoid the use of software and services that invade your privacy and are known to use poor security practises (e.g. WhatsApp, Zoom).

This topic can also get a lot more complex if you have more technical skill. For example I haven’t talked about creating your own custom build of Linux or Android, which is pretty easy to do these days once you complete the initial setup. You don’t need to be some mega-genius to roll a custom OS build these days, just a standard issue nerd.

For those who are curious, look at RattlesnakeOS for a good toolchain that will automate custom AOSP Android builds. The default chain is designed to run on AWS though, so if you want the security of a local build environment, you can look at one of the forked projects set up to do RattlesnakeOS builds locally. You will need powerful hardware to do this though - and when I say powerful hardware I mean ideally an actual server machine, but if not, at least a recent i7 with 32GB RAM and a very fast SSD. If you have an average laptop you’ll have a very frustrating time trying to build AOSP and it will take days at best. This is why the main project uses AWS. You get cheap compute power, but risk a compromise in security.

For a custom OS on your computer you can set up Arch Linux however you want, with only the packages you need, but I don’t recommend this to anyone who isn’t already familiar with Linux unless they want to become familiar with Linux and like a challenge. In fact if you want to dive head first into Linux on hard mode, fire up a VM or a spare computer and install Arch, you will learn a lot about how Linux works. This does not require powerful hardware at all, you could do it on a 10 year old machine if you wanted.


These custom solutions are not hardened like Graphene or Qubes but the benefit here comes from having full control over your system, only having the packages you choose, and ultimately a small attack surface. You can also install a hardened Linux kernel for Arch as well as various sandboxing software, so you can configure an Arch install to be hardened if you’re willing to do that work.

Hope this was informative!
 

BK38

Bluelighter
Joined
Apr 2, 2009
Messages
2,796
Location
Where the light trips fantastic
I offered to write this and @PrincessDiz was interested and I’m sure others will be too, so here it is.

I will focus this guide mainly on things anyone can do if they follow simple instructions regardless of technical skill. I will make brief mention of projects techies might be interested in, but I won’t focus on talking about them in detail as nerds can do their own reading from the project websites and I want to make this as accessible as possible.

The goal of this is to help anyone with any type of setup improve their privacy and security in some type of way. Those who are properly dedicated can even set up a super secure locked down smartphone without much skill required, but money may need to be spent for compatible hardware. A sufficiently powerful laptop or desktop can also run an ultra secure OS. I will focus primarily on things that should work on any modern device, then discuss the more specialised stuff further down for those who are interested.

Privacy vs. security

First thing’s first. I want to explain the difference between privacy and security. These are often used interchangeably but they’re in reality very different.

Security means a system is safe from external threats. If I set up a computer in such a way that hacking into it is very difficult, it is a secure system. But a secure system is not necessarily private. For example: Windows 10 has many good anti-exploit features, built in antivirus and firewall, and automatic security updates. However it also has a built in keylogger, it sends info on what software you use, what websites you visit, who you talk to, what your voice sounds like (if you use Cortana), and even your location back to Microsoft by default. It is also closed source, making it impossible to independently verify what the code is doing. This makes it very bad for privacy even though it has decent security.

Privacy means that no one is snooping on what you’re doing. A private system is not necessarily a secure one. For example, custom Android ROMs such as Lineage OS (Cyanogen) do not contain Google Play Services by default and therefore nothing in the OS is tracking you. However, in order to install it, you must unlock your bootloader, inherently making your device less secure. Most phones on custom ROMs are also rooted, which is again inherently insecure as it bypasses the Android permission system. So you can have a setup that’s good for privacy, but makes compromises in security.

Ideally what you want is both. But as the above examples demonstrate, this is more difficult than you might assume.

There are ways to improve your privacy if you insist on using Windows, but you will have a hard time gaining full privacy on Windows 10 by design. Downgrading to older versions of Windows is very bad for security as they’re no longer patched (and most new computers don’t have Windows 7 drivers anymore). So if you want a private and secure OS you need to really look at alternatives in the Linux world.

I’ll get onto that later. What I’ll start with first is how to improve security and privacy in small ways no matter what your setup is.

Home network security and privacy enhancements

Your DNS server


A DNS server is the service that turns websites into IP addresses. For example if you enter “pornhub.com” into your browser, the DNS server will be sent that URL and return the IP address. The IP address is what your computer actually uses to find the website. This happens in the background so you don’t see it. By default you probably use your ISP’s DNS server. ISP DNS is often not the best and doesn’t take advantage of latest technology (think of it like ISP email accounts) and in some cases, especially in more oppressive countries, ISPs even use their DNS for censorship.

The easiest changes to make are to your home network. By simply going into your router settings you can change the DNS server for pretty much all devices on your WiFi. For the most low effort approach possible, you can use an existing service such as AdGuard DNS.

This will do two things: take the responsibility of handling DNS queries away from your ISP, and block requests to ad and tracking servers. This makes it a decent privacy and security enhancement as ad networks track your online activity and most in the wild exploits abuse ads. This will also provide ad blocking for all devices on your network!

The process is very simple. The exact location of menus will depend on your router, but any router should allow you to manually enter DNS servers. If in doubt just look up the name of your router + how to change DNS.

If your router allows for DNS-over-TLS, which may be called “secure DNS” or something similar in the menus, you should enable that and enter “dns.adguard.com” as your DNS server. This performs the same function as entering the IP addresses manually except it means your DNS requests are encrypted for some extra security (it makes MITM attacks more difficult which is good for security, but doesn’t necessarily provide privacy as TLS leaks the target domain name).

If the option for DNS-over-TLS isn’t there, and you just have the classic DNS menu where you’re asked to enter two IP addresses, then put in 176.103.130.130 and 176.103.130.131 then save your changes.

Now any device on the network set to use the DHCP allocated DNS servers will automatically update to those. Most devices are set like this by default so you shouldn’t have to change anything else. Those devices will get your DNS from your router automatically.

Some devices have hardcoded DNS servers for example the Google Chromecast always uses Google’s DNS servers (8.8.8.8 and 8.8.4.4). Not much to be done there. But this won’t be the case for your phone, tablet, laptop etc.

If you have an Android phone, I recommend using the “private DNS” option to set AdGuard DNS on that as well. The benefit of this, aside from using DNS-over-TLS, is the DNS server entered there will work on WiFi and mobile data. So even if you’re on the mobile network, the DNS server will be the one you enter, not your network one. This means you get encrypted DNS and ad blocking.

Yes this is a method of ad blocking without having to install any apps! It will block all ads in all apps across your whole Android phone without rooting or even installing anything.

Just go to settings > network settings > private DNS > select “custom” > enter “dns.adguard.com” > save.

Done!

Unfortunately it’s not possible to set the DNS server for your mobile network on an iPhone without using a VPN. I’ll get to VPNs later.

DNS the nerdy way

If you feel like getting your hands dirty you can do what I’ve done and set up your own local recursive DNS server using a Raspberry Pi. To do this you simply install Unbound and Pi Hole on a lightweight Linux server - a regular Pi 3 running the command line version of Raspbian does the job perfectly - give a fixed local IP, then set that IP as your DNS server. This means all DNS queries from within your LAN go through your own local DNS server, not a remote server, and you can customise the block lists - for example if you hate Facebook you can block all Facebook domains from working in your LAN.

If you are comfortable with Linux and the terminal it will be very easy and shouldn’t take more than an hour max to get set up as you like it. There is a full tutorial here:


Please note this covers your LAN only. If you want something that works remotely, outside the local network, use the AdGuard DNS. If you want a DIY solution you could also set up your own VPN using a cheap VPS and run Pi Hole on that. But since you are trusting a third party server either way, I recommend the simple AdGuard option unless you really want customisation or simply enjoy having a project. Keep in mind that any public cloud provider is pretty much certain to be backdoored by the usual suspects (see: PRISM).

Do NOT open a DNS server you create yourself directly to the internet as open resolvers set up on random networks are used for DNS amplification attacks, a form of DDoSing.

Other router settings

There are other router settings that are worth changing to provide extra network security. Often these are “convenience” features but many are outdated as new standards no longer require them, so disabling them should not affect anything negatively. If it does, you can always change settings back.

Can’t really give exact instructions here as it once again differs by router model, but again Google (or DuckDuckGo) is your friend.

Disable UPnP.

Disable port forwarding unless you absolutely need it and know what you’re doing.

Ensure the firewall is on and set to block all incoming connections.

Run a test to ensure all ports are closed:


The router itself

Some ISP routers keep certain ports open as a backdoor for customer support to remote in. Like any backdoor, this can also be used by black hats (the people you think of as "hackers") looking to exploit your network. All ports should be closed. If the test above finds open ports even though your firewall is set to block all incoming connections, I am guessing it’s an ISP router, and you should get rid of it.

ISP routers may also remove settings such as those allowing you to toggle UPnP or change your DNS. Sometimes this can be fixed by flashing new firmware, but this carries a risk of bricking the device and it’s easier to just buy another router.

It is also rare for ISPs to provide frequent and timely updates to routers, and running outdated software on a router is high risk as the router is at the edge of your network and protects the devices within your LAN. If your router is exploitable, every device in your network is vulnerable. If your router hasn’t been updated for a long time (you should be able to check the firmware build date in the settings) you should replace it. Router malware is a growing real world problem.

Finally, ISP routers are often just plain old shit. That’s why they can give them away for “free” when you sign up. They’re unreliable and often a proper router will provide a much better experience.

Personally I use an Asus router running the Merlin custom firmware, these have treated me well over the years. You can also get routers with preinstalled custom firmware that blocks ads or provides VPN access. For example AdGuard and Private Internet Access both sell routers integrated with their respective services. But for most people stock firmware is likely fine and certainly much less hassle as long as it doesn’t come from an ISP.

You may need to keep your ISP router to use as a simple modem. In most cases you should be able to change a setting to put the ISP router into modem mode. Then all it does is provide internet access to your own router, and the router is what manages and secures your actual network. You can also buy a router with a built in modem or buy a standalone modem. Just make sure it’s compatible with your connection (e.g. for fibre optic broadband you need either a VDSL or VDSL2 modem depending on your service). Your ISP might give you a preconfigured standalone modem if you ask but most want you using their shitty routers so have little incentive to do this. You can however often find ISP modems on eBay cheaply. My setup is an ISP modem plugged into an Asus router.

Improving privacy on a Windows system

Use Brave Browser instead of Chrome, Edge, Firefox, etc.

Set DuckDuckGo as your default search engine.

Disable Cortana.

Under settings > privacy > diagnostics and feedback, set it to “basic” instead of “full.” This cannot be disabled properly unless you use Windows 10 Enterprise so it’s just limiting the info being beamed out.

Go through the privacy settings and disable anything you’re uncomfortable with.

If you don’t use the webcam, put tape over it. No, seriously.

Be careful what antivirus software you trust. Big names have been caught collecting user data and selling it to advertisers, with the only mention of this hidden in the small print. Poor antivirus software can also make it easier to hack your computer. My personal recommendation would be MalwareBytes, but the built in Windows Defender is really good enough in most cases. Avoid Kaspersky as it’s been linked to breaches. Avoid AVG and Avast as they’re known to collect data. Avoid McAfee because it’s just bad.


An enlightening quote:




About zero day exploits

I’m going to talk about something called “zero days” getting into security. A zero day exploit is simply an exploit, in the latest version of some software, that is known only to the hacker(s) who found it and vitally is not known to the software vendor responsible for patching it.

So if you were a hacker who found an exploit in the latest version of iOS that no one including Apple else knew about, that exploit is a zero day. It’s called a zero day after how many days have passed since a patch was released.

A zero day exploit is high value as it allows any device running the target software to be attacked even if it’s fully updated. Just how high value? Read on and find out.

Smartphone security

As far as security goes, the best thing you can do is keep your OS up to date. If you have an old phone that no longer gets OS updates, replace it. If you have an Android phone you can go to settings > about phone > software information to check the security patch level. If this says something like Jan 2018, your device is hella exploitable and you really need a new one.

You could install a custom ROM which would display a higher patch level, but a custom ROM cannot really do anything for a device no longer supported by the OEM since the firmware won’t be getting updates anymore. Patching OS level exploits without the required firmware patches gives you pretty much nothing but a false sense of security. And most custom ROMs reduce your security anyway - the moment you unlock your bootloader your security is decreased, the moment you root your phone your security is pretty much out the window.

If you have an iPhone, you’re in luck on this front as Apple will provide security patches for 5 years to all iPhones. And if your phone is over 5 years old you probably want a new one anyway.

Assuming you have the latest version of iOS or Android, and you continue to get updates, you have solid security. The current market value for a zero day exploit chain allowing remote code execution, privilege escalation, and persistence is $2,000,000 for an iPhone and $2,500,000 for Android 10.

No, really.


So yes, if you happen to be any good at this hacking malarky, and you don’t have much of a moral compass, you could make a cool two mil from a single exploit chain. Specific clients are not disclosed by exploit brokers but selling zero days to the “grey market” usually means they will find themselves in the hands of nation state attackers. This could be the US, UK, the UAE, Saudi Arabia, China, Russia, North Korea… whoever is the highest bidder. Reuters did a great article on the UAE’s recent hacking operations, but note that pretty much every country does the same thing and the NSA’s are definitely 10x worse (see: Equation Group).

The reason these exploits are worth so much and used almost exclusively by nation state attackers is because they’re very difficult to find and in high demand. When a high value zero day is found, it is likely to be used only in targeted attacks, else it will become “burned” very quickly - meaning the attacks will be noticed if performed openly on random devices and the software vendor will patch the exploit, making it worthless except on outdated software.

A device running outdated software does not require a zero day for a successful attack. There are always public exploits known for old software, and using those to attack unpatched devices is very easy.

This should really hammer in just how important updates are. Software updates can make the difference between a device that can only be hacked by a nation state attacker with a few mil to burn, and a device that can be hacked by any bored nerd with Kali running on their laptop.

If you happen to own a Samsung, then Knox also provides additional security on top of what is already provided by Android, but this is not a substitute for security patches. Luckily Samsung is one of the better OEMs for providing patches.

Privacy on the other hand is a lot more complex.

Why iPhones and Androids are both shit for privacy

Both Android and iOS have some solid security (assuming you still get patches) but have big problems with privacy. Yes even Apple.

The reason Android is “free” is the same reason anything Google makes is “free” - you pay with your data. Google services track every app you install and how often you use it, they track your location, they collect your contacts and scan the contents of your emails (if you use Gmail), and if you enable Google Assistant they learn literally everything about you. Ever had a pop up on your phone related to a shop you walked past, or telling you there’s traffic on your normal route to work? This is how they do that, by collecting everything. Google will have a log of your location at all times if you’ve opted in to full Assistant functionality.

Many popular Android phones, e.g. Samsungs, come preinstalled with Facebook system apps too. This effectively means Facebook has root access to your device. I’ll tell you how to remove those without rooting in a minute by simply using the adb shell.

“But Apple doesn’t make money from collecting data!” I hear you say. Perhaps not, but they do enable iCloud backups by default, meaning unless you manually go into your phone settings and turn it all off, iPhones (and iPads) upload everything on your device to “the cloud.” This is done in such a way that Apple can read the data and they provide it to authorities when asked, including in oppressive regimes such as China. They did plan to introduce encrypted iCloud backups that would have been impossible for Apple to read, but they cancelled this plan because the FBI told them to stop it. iCloud data is stored on Google and AWS servers (NSA has these pwned) and they use GCBD servers in China (hello CCP). You may also be interested to know that despite their claims to the contrary, Apple has the ability to read iMessages of any user. Additionally, there are hidden data collection mechanisms within iOS and increasingly in macOS - this article goes into loads of detail about these.

Like Windows, iOS is closed source, so you have to blindly trust Apple when they say they protect your privacy. Likewise with Google, although the base Android OS is open source, an increasing number of functions now require proprietary Google software, and any off-the-shelf Android device will contain Google services that track everything ya do.

How to improve your smartphone privacy

There are some things you can do to minimise the data leakage. Ad blockers are once again a good suggestion. Follow the DNS instructions for Android. For iOS, there are many free ad blockers available in the App Store. These only work in Safari but they’re very good. There are simple ones like BlockBear and more customisable ones like AdGuard. You can choose what is best for you.

Disable location services when you are not using it. Be very careful which apps you give location access to. When you do grant location access to an app, when possible allow it only when the app is open, not in the background. These tips apply to both Android and iOS.

Disable any cloud backup services such as iCloud backups.

Only install apps you use. If you don’t use apps anymore, uninstall them. This is good general system maintenance but it also makes sure nothing is tracking you even though you aren’t using it, and it reduces your attack surface for potential exploits.

Consider installing Brave as your browser. It has ad blocking, tracker blocking, and HTTPS Everywhere built in. It’s able to block specific page elements which DNS level ad blocks cannot.

Set DuckDuckGo as your default search engine. On an iPhone you can do this in Safari settings. On Android you can install the DuckDuckGo app. If you use a third party browser such as Brave, you will have an option in the settings to change your default search engine there.

Android: removing Facebook system apps

If your phone came with Facebook preinstalled it will have likely also come with other system level apps that do things like update Facebook outside of the Play Store (for what reason, I don’t know) and could do in theory whatever they want because system apps have a lot of extra privileges in Android. When Facebook is preinstalled as a system app it has root access to your device, effectively giving it the freedom to own your system.

Luckily removing it is easy and does not require root. You just need to install adb on your computer first. The instructions for this differ depending on your OS.

Installing adb on Windows

Get the Android platform-tools from Google.


Now extract the zip somewhere you’ll remember and follow this guide:


On Windows 10 this process is actually pretty simple, but if you’re feeling lazy you can just run from the path. For example if it’s in your downloads folder then in cmd you would run something like:

C:\Users\Wilson\Downloads\platform-tools\adb.exe

If this gives you version info and a list of commands it works and you can just use this lazy method.

Installing adb on Mac OS

Get the Mac platform-tools from the Google link above.

Extract them somewhere you’ll remember and follow this guide:


If that looks a bit daunting to you (it is a bit of a complex process just to make a command work) you can instead just run from the path platform-tools is in. For example if it’s on your Downloads folder you can run something like:

~/Downloads/platform-tools/adb

Which should bring up some version info and a list of commands. If so, it works and you can just use this instead of adding to the system path.

Installing adb on Linux

A good old “sudo apt install platform-tools” in the terminal should do the trick. I say should because most distros have outdated platform-tools binaries in their repos, but as we’re running such simple commands this shouldn’t matter.

If you do get any problems, uninstall the distro’s build (“sudo apt remove platform-tools”) and download the latest Linux binaries direct from Google above. As with Mac OS you can add these to your system path or just run them from the directory. The process is much the same as both are UNIX systems. A Linux specific guide is here if you want to add to your path.

The easy bit: running the commands on your phone

You’ve done the difficult bit now, the rest is easy.

First bring up a terminal on your computer and have it ready. On Windows open the start menu and type “cmd” then hit the Command Prompt app. On Mac or Linux, open Terminal. Make sure adb runs as described above.

On your phone go to settings > about > software information and tap on the build number 7 times. It should confirm “You are now a developer!” On Samsung phones you can go back to the main settings menu and developer options is now right at the bottom. The exact location of the menu may differ by device but it’ll be in settings. If you can’t find it just search “developer options + your device make”.

Once in the developer options scroll to USB debugging and turn it on.

Plug your phone into your computer. The phone should ask if you trust the computer for USB debugging. Hit allow.

Now type in these commands:

adb shell
pm uninstall --user 0 com.facebook.services
pm uninstall --user 0 com.facebook.katana
pm uninstall --user 0 com.facebook.system
pm uninstall --user 0 com.facebook.appmanager


To make sure you got everything, you can also enter:

pm list packages | grep facebook

If anything else comes up, you can remove it the same way. For example if a package called com.facebook.skynet comes up, you can enter: pm uninstall --user 0 com.facebook.skynet

Note that if you didn’t add platform-tools to your system path, you will need to run the adb command by manually entering (or copy/pasting) the path to the executable. For example in Windows:

C:\Users\Wilson\Downloads\platform-tools\adb.exe shell

Once you’re actually in the shell you can just run the rest of the commands as usual, because the shell runs within adb which is now running in the terminal, so you don’t need to tell the computer where it is again.

Once this is all done, simply type exit and unplug your phone. Now on your phone, disable USB debugging in developer options. You can turn off developer options itself if you wish.

The apps should be gone now. Reboot your phone to be certain.

How to talk to people securely

Regular phone calls and SMS are insecure. Period. They use 90’s encryption that hasn’t been improved upon since. Anyone can crack it with cheap antenna equipment. Police are known to use “stingray” devices to passively hoover up text and call data and track the location of phones. This is done by imitating a phone mast. It’s very easy because, again, this is 90’s tech with shit security. Additionally, your network likely keeps a log of all your calls and texts for at least a year.

Not much can be done about the above as GSM is inherently insecure and the MITM attack performed by the stingray can be replicated by anyone with a bit of simple transmission equipment. The only thing to do is treat the network as potentially hostile and ensure you are not relying on GSM for encryption. Your communications should be encrypted before they leave your device. Which brings me nicely onto…

Install Signal. Tell all your friends to install Signal. It’s the most secure messenger in existence. It allows for E2E encrypted text, voice, and video chats. Texts can be set to automatically delete themselves on both devices after a timer has been set. The NSA really really don’t like it when people use Signal because they cannot crack the encryption. Edward Snowden uses it.

Do not trust WhatsApp. Its long history of severe exploits aside, it’s closed source and owned by Facebook. The cloud backups also undermine the encryption. I wrote a thread detailing why WhatsApp cannot be trusted here:


It should go without saying that Facebook Messenger shouldn’t be trusted either.

iMessage’s design allows Apple to read your messages whenever they want (see link above under “why iPhones and Androids are both shit for privacy”). The fundamental issue with iMessage is that Apple controls the keys used to encrypt your messages and can change them whenever they want without you noticing. This also allows them to add a secret participant to the conversation, unknown to you, who could be anyone e.g. FBI agent. It’s also closed source. It’s better than using something owned by Facebook but well that’s not saying much is it?

Telegram has a lot of flashy bells and whistles but by default all chats are stored in the cloud so you are just trusting Telegram to secure them and not share them. It’s unlikely they’re selling your data, but security breaches happen all the time. Signal on the other hand is designed so the servers literally cannot even read your messages, let alone store them, as they don’t have the keys. Telegram does have E2E “secret chats” but the cryptography is questionable and the secret chat function doesn’t allow for group chats.

Signal is the one. Use it. Make everyone you talk to use it. Your privacy will be increased significantly.

A note on VPNs

A VPN will hide your browsing activity from anyone logging your internet use, including your ISP and lower level parts of the government, but you have to trust the VPN service you use. It is very easy for someone running a VPN server to log all traffic from all users. Most will advertise a zero log policy, so you simply have to trust them to keep to their word. Some have been caught lying about this.

The country a VPN runs from is also important. You should avoid ones run from a member of the Five Eyes. This includes the related agreements expanding to the Six Eyes, Nine Eyes, and Fourteen Eyes. These countries perform mass surveillance and share intelligence with each other. Members of the Five Eyes can use XKeyscore, the NSA’s PRISM search tool.

You might think this type of concern is being too paranoid, but consider that countries such as the US, UK, Germany, Australia, Russia, and many more have laws in place that allow law enforcement to compel companies to backdoor their services, and this will also come with a gag order. In the US these are known as national security letters (NSLs) and are handed out by the FBI. Australia’s law takes it a step further and allows the government to compel individuals to backdoor the company they work for. So the country your VPN is based in is very important.

Pretty much every big US company has been served with an NSL so use of these by the FBI appears commonplace. A warrant or other oversight from a judge is not necessary to grant one. Remember unless an NSL has later been declassified, a company cannot tell you if they’ve been served with one.


Big companies often have the resources to fight such things, but VPN providers are small businesses without the resources of Apple or Microsoft. Such companies have to choose between accepting the NSL or shutting down the whole business. The Lavabit case is a good example of how this whole Kalfkaesque process works.


In that Lavabit case, the NSL would have given the FBI access to the emails of every single user had it been followed through. It's hard to speculate on other cases, but keep in mind this shows NSLs are not limited to selective surveillance.

ProtonVPN is good. It’s run by trustworthy people (CERN scientists) from a trustworthy country (Switzerland) which is not a member of any intelligence sharing arrangement and has pretty strong privacy protections in law.

You can set up your own OpenVPN server on a VPS if you have some basic Linux skills, but the question comes back to how much can you trust your web host with your data? Pretty much all big web hosts can be assumed to have backdoors. It’s hard to say with smaller fish, but small web hosts are small businesses so again, even if they have idealistic leaders, they’re unlikely to be able to fight the FBI if they do come knocking.

How to make the most secure smartphone possible

This is a bit more hands-on but it’s something that only requires following a simple tutorial and typing a few commands into a terminal. You will however need to buy a Pixel 3 or 3a. If those two prerequisites are not an issue, read on.

The US Secret Service provides modified Android-based smartphones with a specially created locked down OS. The president uses such a phone for state business. This is probably not private, since we can guess the state security services keep logs of what the president does on his phone, but it’s likely very secure.

This isn’t an option for us (and even if it was, would you trust an OS made by the US government?) but we do have a locked down Android fork for the masses.

GrapheneOS is an open source project dedicated to creating a hardened version of Android. It is focused on privacy and security, with a particular emphasis on enhanced security and exploit mitigation. It has a hardened kernel, hardened memory allocation, hardened browser engine, extra SELinux policies, more sandboxing, a modified permissions system, and a lot more.

Basically they’ve added a lot of extra security to the OS as well as taking the existing security measures and improving them. There is also no Google services and no other trackers inside the OS. It doesn’t watch you, it has no built in cloud services, and it protects you heavily from intrusions. It’s excellent for both privacy and security.

The primary goal is exploit mitigation, which means that even if a known exploit or a zero day exists to attack Android, it should be much more difficult to use such an exploit on GrapheneOS compared to normal Android. This means even nation state attackers who buy and stockpile zero days would have a harder time hacking into your phone. The NSA probably won’t target your phone, but you can rest assured that if even they’d have a hard time getting in, so would an average hacker.

It is probably the most secure mobile OS the public can get. Edward Snowden has said that: “If I were configuring a smartphone today, I'd use Daniel Micay's GrapheneOS as the base operating system.” A very strong endorsement for a project focused solely on privacy and security.

The usual concerns about custom ROMs do not apply here as, unlike an average custom ROM, GrapheneOS uses the same install process as official Android builds and doesn’t require a custom recovery or an unlocked bootloader after the initial installation is complete. In fact they tell you to lock it again once you install the OS and the install process includes installing their key to ensure the phone only installs future updates that are cryptographically signed. There is also protection against attempted downgrades and OS integrity verification - in other words the bootloader checks no one has tampered with the OS whenever you turn the phone on.

How to install it

Since it has strict requirements for the hardware it supports, requiring that it have various security features, GrapheneOS currently supports only the Pixel 3 (XL) and Pixel 3a (XL). It does also sort of support the Pixel 2 but only as a legacy device and support will be dropped soon as it lacks important hardware security features. So you should use a Pixel 3 or 3a. The cheapest option is the 3a which costs around $300 brand new. eBay prices are even less. Get a factory unlocked one, not a carrier one.

Backup anything from the phone you want to keep then follow their instructions.


You can adapt the adb instructions above to the fastboot ones required for this. Both are included in platform-tools.

How to set it up

When you first boot it up you’ll probably realise it’s very sparse. It only comes with a basic set of mostly barebones AOSP apps. The project says this is so they can keep their focus on the core security of the OS and let users install the apps they want. Which is fair enough, but it does seem like F-Droid should be on there by default.

So you can install F-Droid from here. After doing this, it’s a good idea to go into the browser app settings and disable the permission to install unknown apps, which you had to enable previously to get F-Droid. You will have to also grant this permission to F-Droid itself, but it needs it, so you can keep it on.

It is best practice to install apps from F-Droid whenever possible as they’re open source and don’t contain ads and trackers that most apps are full of. But you probably will want apps from the Play Store too. So in F-Droid search for Aurora Store and install that. Select anonymous login when it asks. Now you can install apps from the Play Store without actually having the Play Store, using a Google account, or having any Google services running. Check back to both F-Droid and Aurora for updates and make sure you keep all your apps up to date.

One especially useful user facing feature in GrapheneOS is the “network” permission. If you turn this off for any given app, it will be unable to access the internet. So if you have a free game that keeps throwing ads at you and bugs you for your location, you can deny it network access and it won’t have an internet connection. Any app that doesn’t actually need internet access should have this permission disabled.

If you run this OS and communicate via Signal, you have what is probably the most private and secure smartphone setup on the consumer market.

How to improve your laptop’s privacy and security

Replacing Windows with a user friendly Linux distro such as Ubuntu or Elementary is the easiest way to secure your laptop and make it more private. I’ve installed those two Linux distros on computers of people I know are not technical and they had no trouble adapting - in fact they have fewer problems with their computers than they did with Windows.

Moving away from Windows is the biggest step you can take towards increasing privacy on your computer. Linux is the only viable alternative and it is far superior for privacy. Security is also very solid assuming you’re sensible about what you install and you keep everything up to date.

There are two ways you can go here. The first is to install a regular user friendly distro like Ubuntu or Elementary. These are easy to use, lightweight, and reasonably secure. They will work on almost any computer.

The second is to install a specialist secure distro such as Qubes. This uses fancy witchcraft (aka the Xen hypervisor) to separate your system into different VMs. Because it’s based on VMs it can even integrate with Windows, so you can use Windows software inside Qubes without WINE, as well as Linux software across multiple Linux distros.

It will lock you down tighter than Fort Knox, but it is less user friendly and requires some knowledge to use it to its full potential. It also has stricter hardware requirements, since running multiple VMs requires a powerful computer. Some security features also require specific hardware support.

As with GrapheneOS, Qubes is endorsed by Edward Snowden: “If you're serious about security, QubesOS is the best OS available today. It's what I use, and free. Nobody does VM isolation better. It's not bulletproof -- nothing is -- but it's as close as you can get right now.”

If you are already familiar with Linux and have a powerful enough machine I direct you to check out Qubes.

However since I’m targeting this at normies I will focus on the mainstream Linux distros. They provide plenty of privacy and security enhancements over Windows making it worthwhile doing for the average user.

Ubuntu is the most popular, while others are usually based on Ubuntu. Ubuntu is a fine choice if you want a basic user friendly Linux system. When installing, I recommend using the light install option rather than the full one. This is simply because less software you don’t need means a smaller attack surface.


Elementary is also very lightweight while also having a real nice interface. Perfect for the average user. Based on Ubuntu but with its own set of packages. This also means any software made for Ubuntu will run perfectly on Elementary. Even my gran can happily use this OS.


Note that despite how the page is set up, you don’t have to pay for it. Just enter 0 into the custom box.

Mint is easy to use and looks a lot like Windows, but it comes with a lot of packages you probably don’t need, including poorly secured stuff like Flash, and as of right now has no “light” install option. You could manually remove unwanted packages, but the whole point is to make this easy and accessible. So I recommend one of the other two.

The actual installation process is easy. You can create a bootable USB by downloading the ISO and burning it using a Windows tool called Rufus. Back up anything you want to keep from your computer, boot from the USB stick, and you will be booted into a live session. You can try out the OS to make sure it works properly on your computer before installing. When you’re ready just choose install and follow instructions. Make sure you turn encryption on when prompted.

The ease of enabling full disk encryption on Linux is itself a vital security and privacy upgrade. To encrypt your disk on Windows you either need to pay for Windows 10 Pro and set up BitLocker which is closed source and backdoored, or use third party software such as VeraCrypt which is an excellent open source project, but requires a third party bootloader and is not officially supported by Microsoft, meaning it isn’t guaranteed to work and future OS updates could break it. And it still won’t help with the other privacy issues of Windows.

If you want to keep your current Windows setup as well as your Linux install, you can partition the drive during installation for a dual boot system. This means when your computer turns on it asks if you want to use Linux or Windows. Your drive will be split between the two OSs. You will need to decide how to split the drive - for example do you want to make it 50/50 or give one OS more space? Changing this later can be tricky so consider it beforehand.

If you do partition your drive, still back everything up just in case something goes wrong. It usually doesn’t, but if it does you’ll kick yourself for not having a backup.

Once Linux is installed, usually Firefox is the default browser. It’s best to install Chromium or a Chromium based browser such as Brave instead. Chromium is a more secure engine than Firefox (way better sandboxing), has more compatibility with various websites, and projects like Brave build extra privacy protection on top. Avoid Google Chrome as it contains proprietary Google code.

To install Chromium: sudo apt install chromium-browser

Once you open it you can (and should) install uBlock Origin as well.

Set up automatic updates in your distro and reboot it now and then so kernel upgrades can take effect. Enable the firewall and set it to block all incoming connections. Strictly speaking, an out of the box Linux install should be very “quiet” and not open ports unnecessarily anyway, but it’s good to have extra layers of security.

You can also increase sandboxing by opening a terminal and entering “sudo apt install apparmor-profiles apparmor-profiles-extra”. Ubuntu based distros come with AppArmor installed already, those two packages just expand the amount of services and apps that it protects. As with anything else it’s no silver bullet but it provides an extra layer of security.

WINE can often run Windows software inside Linux but it’s not perfect. You can also use VirtualBox to just run Windows in a virtual machine. This will run all Windows software fine, but it requires a Windows license (you can get one for $5-10 on Amazon or eBay) and the performance of a VM depends on how powerful your computer is. If you have a recent laptop with an i5, at least 8GB RAM, and an SSD, you will probably have no trouble at all. But an older or low spec machine will struggle to run a VM and in those cases it’s best to use the dual boot option.

How to make the most secure laptop possible

If you really wanna go hard, install Qubes. I won’t write a full guide to that here since their site has good documentation and if you understand the benefit of running it you probably don’t need a tutorial.

Using it to its full potential requires changes in how you use your computer, for example by putting sensitive software and files in their own VMs, so it won’t just magically do everything in the background. Keep this in mind.

And as it is running multiple VMs you do need decently high end hardware. It won’t run on your shitty Pentium.

Some final notes

The practises you choose to follow will depend on your threat model. I’ve mentioned the NSA a few times but it’s important to be aware that trying to outsmart the NSA is unlikely to be successful. You can generally assume they’re tapping your connection at some point down the line.

But what you can do is decrease exposure to the dragnet, so for instance if you use Signal on a locked down OS that isn’t sending out tracking data, there’s no personal info being leaked out of your phone for the NSA to grab in the first place. They could grab your Signal messages, but they’ll just look like a bunch of garbled nonsense as breaking the encryption would require more time than the universe has existed for.




Basically the best way to keep your shit private is to limit the amount of info being sent out in the first place. And to ensure any info that is sent out is end-to-end encrypted with modern encryption standards.

Other elements of a threat model are important to work out what you’re trying to defend against and what tools are needed. If you want to protect yourself against hackers, a locked down, up to date OS is the best way to do it. If you just want to limit the amount of tracking across the internet, AdGuard and Brave Browser will do a good job and are far more simple to set up.

It should also go without saying that absolutely nothing is 100% secure. What you can do however is make your systems as secure as possible, so any attackers are likely to get bored and move onto easier targets. And you can definitely avoid the use of software and services that invade your privacy and are known to use poor security practises (e.g. WhatsApp, Zoom).

This topic can also get a lot more complex if you have more technical skill. For example I haven’t talked about creating your own custom build of Linux or Android, which is pretty easy to do these days once you complete the initial setup. You don’t need to be some mega-genius to roll a custom OS build these days, just a standard issue nerd.

For those who are curious, look at RattlesnakeOS for a good toolchain that will automate custom AOSP Android builds. The default chain is designed to run on AWS though, so if you want the security of a local build environment, you can look at one of the forked projects set up to do RattlesnakeOS builds locally. You will need powerful hardware to do this though - and when I say powerful hardware I mean ideally an actual server machine, but if not, at least a recent i7 with 32GB RAM and a very fast SSD. If you have an average laptop you’ll have a very frustrating time trying to build AOSP and it will take days at best. This is why the main project uses AWS. You get cheap compute power, but risk a compromise in security.

For a custom OS on your computer you can set up Arch Linux however you want, with only the packages you need, but I don’t recommend this to anyone who isn’t already familiar with Linux unless they want to become familiar with Linux and like a challenge. In fact if you want to dive head first into Linux on hard mode, fire up a VM or a spare computer and install Arch, you will learn a lot about how Linux works. This does not require powerful hardware at all, you could do it on a 10 year old machine if you wanted.


These custom solutions are not hardened like Graphene or Qubes but the benefit here comes from having full control over your system, only having the packages you choose, and ultimately a small attack surface. You can also install a hardened Linux kernel for Arch as well as various sandboxing software, so you can configure an Arch install to be hardened if you’re willing to do that work.

Hope this was informative!
Man, you've put a lot of work into this. I appreciate it. Was just working on an article on decentralized vs. centralized architectures and the implications re privacy/security not 10 mins ago. Sending gratitude your way. Will give this a proper read through though.
 

PrincessDiz

Banríon na Fothrach
Joined
Mar 31, 2020
Messages
1,095
Location
Ireland
Absolutely incredible work! Honestly you put so much into this, I was well into the auld hacking and being a script kiddie back in the 90s but I couldn’t tell you shit about what’s happening today. Linux was my thing back then. Since mobiles came along I just stopped bothering too much.

Thank you so much! I’m sure everyone will be able to put most of what you've written into practice. You’ve written it out in a really understandable way. So again thanks and you’re awesome!!!!
 

SunriseChampion

Bluelighter
Joined
Jun 7, 2018
Messages
1,114
Location
Toronto
Best post on BL. @Wilson Wilson ! Big. Up. Yo. Chest.

This stuff is massively important to me and I appreciate any and all resources. Thanks for taking the time and putting in the effort, I truly appreciate it. :D
 

SunriseChampion

Bluelighter
Joined
Jun 7, 2018
Messages
1,114
Location
Toronto
Just off the top, I'd like to point out that Windows 7 is still receiving security updates. Microsoft originally planned to stop supporting Windows 7 back in January and prompted users to buy Windows 10. They were set to only support enterprise clients for another year or so, I think it was.
However, I continued receiving security updates after their supposed end-of-support date. At first they were only critical security updates, but about a month later, Microsoft announced that they will continue publishing security updates for Windows 7 indefinitely as I understand it.

I'm assuming not many people jumped on their trying to sell Windows 10...probably because of the privacy concerns mentioned in the first section of the post above.

Also, the telemetry on Windows 10 can be disabled. Though, fuck it, I don't like the UI and should switch to Linux soon anyway.
 

SunriseChampion

Bluelighter
Joined
Jun 7, 2018
Messages
1,114
Location
Toronto
Also, I may be confusing it with something else, but isn't DuckDuckGo owned by Google?

I use Qwant, which is from France.

One of the major privacy themes I keep reading about is to try and avoid software/services run by/owned by/based in/operating in the US as they can be more easily compelled to hand over user data than in some other jurisdictions, like Switzerland, for example.
 

Wilson Wilson

Moderator: BDD, OD
Staff member
Joined
Aug 6, 2014
Messages
3,797
Location
LDN, UK
First of all thank you to everyone for the kind words! I was not expecting such a reception! If there's anything you want me to expand upon, please do ask. There's a lot more depth I skipped simply because it was already so long and I covered what is actually a broad range of computing topics here.

Man, you've put a lot of work into this. I appreciate it. Was just working on an article on decentralized vs. centralized architectures and the implications re privacy/security not 10 mins ago. Sending gratitude your way. Will give this a proper read through though.
Decentralisation is the future if you ask me! I think all these fancy cloud companies will begin to fade into irrelevance once decentralised networks become mature. Things like Tor are simply a bridge to this eventuality, like hybrid cars to fully electric. Tor for instance still has weaknesses because, even though traffic is bounced between nodes, it continues to rely on the same client/server model we've been using since the 90's. Servers will always be the bottleneck in privacy oriented systems as they're a point of central authority.

The federated internet is interesting too, still relies on cloud servers but is set up so anyone with basic skills can set one up for themselves and have it connect to the rest. Diaspora or Mastodon for example. Cool projects, I like them. I don't think they'll be the future - I think they're bridges to the future similar to Tor - but I like them.

I reckon something along the lines of DApps will be closer to the eventual future of the internet.

Blimey @Wilson Wilson you're a star! That must have taken you absolutely ages and a sweet ton of aspie hyperfocus. Huge props to you mate ❤ ❤❤

I added this to the buttons up top, but not many really notice them, so I'm also gonna add this to the featured threads slider if you don't object?
I am more than happy with that, thank you!

Took me just under a week, a lot of aspieness, and a bit of amphetamine :)

Just off the top, I'd like to point out that Windows 7 is still receiving security updates. Microsoft originally planned to stop supporting Windows 7 back in January and prompted users to buy Windows 10. They were set to only support enterprise clients for another year or so, I think it was.
However, I continued receiving security updates after their supposed end-of-support date. At first they were only critical security updates, but about a month later, Microsoft announced that they will continue publishing security updates for Windows 7 indefinitely as I understand it.

I'm assuming not many people jumped on their trying to sell Windows 10...probably because of the privacy concerns mentioned in the first section of the post above.

Also, the telemetry on Windows 10 can be disabled. Though, fuck it, I don't like the UI and should switch to Linux soon anyway.
According to Microsoft, consumer Windows 7 no longer gets any updates as of this January and the extended support for enterprise will end in 2023. What version of Windows 7 do you have? Is your computer second hand from ex-company stock? Have you been getting updates since January?

I don't think W7 support will be extended past the planned EOL because many (most?) big companies have already upgraded to W10 Enterprise. They don't mind the privacy concerns because MS allow you to fully disable telemetry in the enterprise version. Its only the consumer versions where you're stuck with it. And W10 offers benefits over W7 for enterprise such as the rolling release model which makes managing large numbers of machines much easier for sysadmins.

You cannot fully disable telemetry in non-enterprise W10 unless you remove system files, but even then they will come back on the next auto update so it's pointless.

You can try to install W10 Enterprise (LTSC in particular is popular with power users) on your personal machine or you can make a custom ISO and remove the telemetry components directly from the install media - then they won't come back in updates. But none of that is something I'd recommend to an average user.

Also, I may be confusing it with something else, but isn't DuckDuckGo owned by Google?

I use Qwant, which is from France.

One of the major privacy themes I keep reading about is to try and avoid software/services run by/owned by/based in/operating in the US as they can be more easily compelled to hand over user data than in some other jurisdictions, like Switzerland, for example.
This is the second time I've heard DDG is connected to Google. Where are people getting this from? It's not true.

Yes it is good to avoid companies based in the US (or any Five Eyes country) if you want privacy. But just as important is make sure the company is run by trustworthy people. It is very easy for a three letter agency to set up a front organisation in Switzerland as a honeypot. The CIA (in corporation with the BND, the German intelligence agency) has done this before.


And in more general terms, the CIA routinely uses front organisations for various operations so that people working for them, as well as the public, remain unaware of CIA involvement.

Setting up a VPN company for instance is extremely easy. The CIA could do it at the click of a finger. For this reason I don't place full trust in VPNs because you're trusting someone else's servers. But again this depends on your threat model. If you only care about avoiding online tracking from advertisers and your ISP, a VPN will help with that goal. And it's often said if your treat model includes the NSA you already lost. But the question then comes how much to do you trust a VPN provider to handle your data correctly and securely? Personally I think ProtonVPN is more likely to be trustworthy than others, but that's based on my own impressions of the company. It could turn out that Proton is another Crypto AG. Seems unlikely since it's run by CERN scientists. But the point is you are choosing people you trust. That's paramount here. You are trusting people - not countries or technology, but humans.

As for Qwant, it may be a good search engine I'm not sure, but France is in the Nine Eyes (extension of the Five Eyes) and therefore shares intelligence with the US. So I would not consider it to be a better country for privacy.

Switzerland is on the map for these things largely because they are an independent nation that's not a member of many international bodies including those relating to intelligence sharing.
 
Last edited:

SunriseChampion

Bluelighter
Joined
Jun 7, 2018
Messages
1,114
Location
Toronto
I'm using Windows 7 Home Premium. Laptop bought new.

As I said, originally, Microsoft planned on ending support for Win 7 back in January. Within a month of that, they quietly announced that they would be continuing security updates for the OS, I guess for at least as long as support for Enterprise is going on for.
I still receive at least one security update per week, usually more.

They just couldn't convert people, I guess. Nobody wanted their extra spyware in 10, I guess. I sure as hell didn't and I also didn't want to pay for another OS when my current one is just fine. Well.....fine enough, I guess.

I didn't know about the pitfalls around disabling Win 10 telemetry. I have a mate who is a head IT bloke at the local HQ of multinational food products company. He's the one who told me about this and would walk me through it, but I still don't like the Win 10 UI, though I understand there are themes to mimic older version of Windows, so I guess I could make it work.

As for DuckDuckGo, you're right, as I said, I was mixing its ownership by Google with something else. Thanks for clearing that up!
 

Wilson Wilson

Moderator: BDD, OD
Staff member
Joined
Aug 6, 2014
Messages
3,797
Location
LDN, UK
I'm using Windows 7 Home Premium. Laptop bought new.

As I said, originally, Microsoft planned on ending support for Win 7 back in January. Within a month of that, they quietly announced that they would be continuing security updates for the OS, I guess for at least as long as support for Enterprise is going on for.
I still receive at least one security update per week, usually more.

They just couldn't convert people, I guess. Nobody wanted their extra spyware in 10, I guess. I sure as hell didn't and I also didn't want to pay for another OS when my current one is just fine. Well.....fine enough, I guess.

I didn't know about the pitfalls around disabling Win 10 telemetry. I have a mate who is a head IT bloke at the local HQ of multinational food products company. He's the one who told me about this and would walk me through it, but I still don't like the Win 10 UI, though I understand there are themes to mimic older version of Windows, so I guess I could make it work.

As for DuckDuckGo, you're right, as I said, I was mixing its ownership by Google with something else. Thanks for clearing that up!
Did your IT friend install the ESU bypass from MDL? That would give you updates until 2023, basically cracking the activation for the enterprise extended support. That's the only thing that would make sense to me.

Cannot find anything about EOL being extended to 2023 for all W7 users. Got a link for that?

W10 is indeed terrible for privacy unless you install an Enterprise version or a heavily modified ISO. When you eventually upgrade, I personally would run Linux with a Windows VM for any Windows specific software. This wouldn't work if you are a heavy gamer on most computers (certainly not one that came with W7) due to the reduction in performance from virtualisation, in which case I recommend a good old dual boot. Use Windows for games and other software that requires it, then boot into Linux for everything else. Switching OS's like this isn't that much hassle with an SSD, should take about a minute.

A note on security: this isn't common enough to be a top concern for the average user, but it is possible for malware to infect another OS on a second drive partition. You can generally protect against this by enabling full disk encryption unless it's firmware-level malware (possible, although thankfully rare in the wild). If you run a VM and keep your VM client up to date, it is much more difficult for malware to escape into your host OS, this would require a sandbox escape exploit in your VM software and those are very valuable assuming they are zero days. The end result is running Windows in a VM protects an underlying Linux install more than running a dual boot system.
 

Shady's Fox

Bluelighter
Joined
Jul 12, 2017
Messages
5,916
Location
Palm trees & sea, just walkin along the beach.
But why would the power user need such complicated things? I mean, most people use Antivirus, right so no one can hack your computer and then drivers for your device. Most browsers are Chromium based so the best out there, in terms of speed & perfomance it's Vivaldi, which I am using too. It's allows a lot of personalization. It's based on Opera 11. So if you don't have a company, I don't see any reason for any kind of you know.
 

SunriseChampion

Bluelighter
Joined
Jun 7, 2018
Messages
1,114
Location
Toronto
Did your IT friend install the ESU bypass from MDL? That would give you updates until 2023, basically cracking the activation for the enterprise extended support. That's the only thing that would make sense to me.
No. I was looking into this when I first read about it but there was some reason why I didn't try going through with it that I don't remember.

Cannot find anything about EOL being extended to 2023 for all W7 users. Got a link for that?
I only read an article that was sent to me by my IT friend.....don't even remember what site it was from. This was back in February. I honestly don't remember, but I can sure as hell show you my update log.

W10 is indeed terrible for privacy unless you install an Enterprise version or a heavily modified ISO. When you eventually upgrade, I personally would run Linux with a Windows VM for any Windows specific software.
That's what I plan on doing, but I'm deffo riding out Win 7 for as long as they keep security updates coming.


I'm going to try and find the source from which my mate got the info about Microsoft extending support for Win 7. I've just messaged him, asking about it.
 

SunriseChampion

Bluelighter
Joined
Jun 7, 2018
Messages
1,114
Location
Toronto
Ok, so I continue to be useless in many ways. 🙃

There was no announcement by Microsoft in regards to continuing support for Win 7 Home afte the EOL date. The article I was talking about....I had it sent to me again last night, and it only talks about Enterprise support continuing, with a cost. I must have mixed it up with something else I read...like the DuckDuckGo bit.

So I don't know what's going on then, because I've received 40 security updates since the EOL date.
 

PtahTek

Moderator: NMI
Staff member
Joined
Mar 18, 2018
Messages
3,398
Location
Onda Cona
Damnitman.
Great work will take a month to read through but thank you for this I think it is vital information, especially these days with everyone on devices that take their lives away.
You did this, bro. Do not know how you did it so damn fast but the outcome is a priceless gem. ;)
1
 

CfZrx

Bluelighter
Joined
Nov 23, 2014
Messages
2,410
Location
East St. Paul
I offered to write this and @PrincessDiz was interested and I’m sure others will be too, so here it is.

I will focus this guide mainly on things anyone can do if they follow simple instructions regardless of technical skill. I will make brief mention of projects techies might be interested in, but I won’t focus on talking about them in detail as nerds can do their own reading from the project websites and I want to make this as accessible as possible.

The goal of this is to help anyone with any type of setup improve their privacy and security in some type of way. Those who are properly dedicated can even set up a super secure locked down smartphone without much skill required, but money may need to be spent for compatible hardware. A sufficiently powerful laptop or desktop can also run an ultra secure OS. I will focus primarily on things that should work on any modern device, then discuss the more specialised stuff further down for those who are interested.

Privacy vs. security

First thing’s first. I want to explain the difference between privacy and security. These are often used interchangeably but they’re in reality very different.

Security means a system is safe from external threats. If I set up a computer in such a way that hacking into it is very difficult, it is a secure system. But a secure system is not necessarily private. For example: Windows 10 has many good anti-exploit features, built in antivirus and firewall, and automatic security updates. However it also has a built in keylogger, it sends info on what software you use, what websites you visit, who you talk to, what your voice sounds like (if you use Cortana), and even your location back to Microsoft by default. It is also closed source, making it impossible to independently verify what the code is doing. This makes it very bad for privacy even though it has decent security.

Privacy means that no one is snooping on what you’re doing. A private system is not necessarily a secure one. For example, custom Android ROMs such as Lineage OS (Cyanogen) do not contain Google Play Services by default and therefore nothing in the OS is tracking you. However, in order to install it, you must unlock your bootloader, inherently making your device less secure. Most phones on custom ROMs are also rooted, which is again inherently insecure as it bypasses the Android permission system. So you can have a setup that’s good for privacy, but makes compromises in security.

Ideally what you want is both. But as the above examples demonstrate, this is more difficult than you might assume.

There are ways to improve your privacy if you insist on using Windows, but you will have a hard time gaining full privacy on Windows 10 by design. Downgrading to older versions of Windows is very bad for security as they’re no longer patched (and most new computers don’t have Windows 7 drivers anymore). So if you want a private and secure OS you need to really look at alternatives in the Linux world.

I’ll get onto that later. What I’ll start with first is how to improve security and privacy in small ways no matter what your setup is.

Home network security and privacy enhancements

Your DNS server


A DNS server is the service that turns websites into IP addresses. For example if you enter “pornhub.com” into your browser, the DNS server will be sent that URL and return the IP address. The IP address is what your computer actually uses to find the website. This happens in the background so you don’t see it. By default you probably use your ISP’s DNS server. ISP DNS is often not the best and doesn’t take advantage of latest technology (think of it like ISP email accounts) and in some cases, especially in more oppressive countries, ISPs even use their DNS for censorship.

The easiest changes to make are to your home network. By simply going into your router settings you can change the DNS server for pretty much all devices on your WiFi. For the most low effort approach possible, you can use an existing service such as AdGuard DNS.

This will do two things: take the responsibility of handling DNS queries away from your ISP, and block requests to ad and tracking servers. This makes it a decent privacy and security enhancement as ad networks track your online activity and most in the wild exploits abuse ads. This will also provide ad blocking for all devices on your network!

The process is very simple. The exact location of menus will depend on your router, but any router should allow you to manually enter DNS servers. If in doubt just look up the name of your router + how to change DNS.

If your router allows for DNS-over-TLS, which may be called “secure DNS” or something similar in the menus, you should enable that and enter “dns.adguard.com” as your DNS server. This performs the same function as entering the IP addresses manually except it means your DNS requests are encrypted for some extra security (it makes MITM attacks more difficult which is good for security, but doesn’t necessarily provide privacy as TLS leaks the target domain name).

If the option for DNS-over-TLS isn’t there, and you just have the classic DNS menu where you’re asked to enter two IP addresses, then put in 176.103.130.130 and 176.103.130.131 then save your changes.

Now any device on the network set to use the DHCP allocated DNS servers will automatically update to those. Most devices are set like this by default so you shouldn’t have to change anything else. Those devices will get your DNS from your router automatically.

Some devices have hardcoded DNS servers for example the Google Chromecast always uses Google’s DNS servers (8.8.8.8 and 8.8.4.4). Not much to be done there. But this won’t be the case for your phone, tablet, laptop etc.

If you have an Android phone, I recommend using the “private DNS” option to set AdGuard DNS on that as well. The benefit of this, aside from using DNS-over-TLS, is the DNS server entered there will work on WiFi and mobile data. So even if you’re on the mobile network, the DNS server will be the one you enter, not your network one. This means you get encrypted DNS and ad blocking.

Yes this is a method of ad blocking without having to install any apps! It will block all ads in all apps across your whole Android phone without rooting or even installing anything.

Just go to settings > network settings > private DNS > select “custom” > enter “dns.adguard.com” > save.

Done!

Unfortunately it’s not possible to set the DNS server for your mobile network on an iPhone without using a VPN. I’ll get to VPNs later.

DNS the nerdy way

If you feel like getting your hands dirty you can do what I’ve done and set up your own local recursive DNS server using a Raspberry Pi. To do this you simply install Unbound and Pi Hole on a lightweight Linux server - a regular Pi 3 running the command line version of Raspbian does the job perfectly - give a fixed local IP, then set that IP as your DNS server. This means all DNS queries from within your LAN go through your own local DNS server, not a remote server, and you can customise the block lists - for example if you hate Facebook you can block all Facebook domains from working in your LAN.

If you are comfortable with Linux and the terminal it will be very easy and shouldn’t take more than an hour max to get set up as you like it. There is a full tutorial here:


Please note this covers your LAN only. If you want something that works remotely, outside the local network, use the AdGuard DNS. If you want a DIY solution you could also set up your own VPN using a cheap VPS and run Pi Hole on that. But since you are trusting a third party server either way, I recommend the simple AdGuard option unless you really want customisation or simply enjoy having a project. Keep in mind that any public cloud provider is pretty much certain to be backdoored by the usual suspects (see: PRISM).

Do NOT open a DNS server you create yourself directly to the internet as open resolvers set up on random networks are used for DNS amplification attacks, a form of DDoSing.

Other router settings

There are other router settings that are worth changing to provide extra network security. Often these are “convenience” features but many are outdated as new standards no longer require them, so disabling them should not affect anything negatively. If it does, you can always change settings back.

Can’t really give exact instructions here as it once again differs by router model, but again Google (or DuckDuckGo) is your friend.

Disable UPnP.

Disable port forwarding unless you absolutely need it and know what you’re doing.

Ensure the firewall is on and set to block all incoming connections.

Run a test to ensure all ports are closed:


The router itself

Some ISP routers keep certain ports open as a backdoor for customer support to remote in. Like any backdoor, this can also be used by black hats (the people you think of as "hackers") looking to exploit your network. All ports should be closed. If the test above finds open ports even though your firewall is set to block all incoming connections, I am guessing it’s an ISP router, and you should get rid of it.

ISP routers may also remove settings such as those allowing you to toggle UPnP or change your DNS. Sometimes this can be fixed by flashing new firmware, but this carries a risk of bricking the device and it’s easier to just buy another router.

It is also rare for ISPs to provide frequent and timely updates to routers, and running outdated software on a router is high risk as the router is at the edge of your network and protects the devices within your LAN. If your router is exploitable, every device in your network is vulnerable. If your router hasn’t been updated for a long time (you should be able to check the firmware build date in the settings) you should replace it. Router malware is a growing real world problem.

Finally, ISP routers are often just plain old shit. That’s why they can give them away for “free” when you sign up. They’re unreliable and often a proper router will provide a much better experience.

Personally I use an Asus router running the Merlin custom firmware, these have treated me well over the years. You can also get routers with preinstalled custom firmware that blocks ads or provides VPN access. For example AdGuard and Private Internet Access both sell routers integrated with their respective services. But for most people stock firmware is likely fine and certainly much less hassle as long as it doesn’t come from an ISP.

You may need to keep your ISP router to use as a simple modem. In most cases you should be able to change a setting to put the ISP router into modem mode. Then all it does is provide internet access to your own router, and the router is what manages and secures your actual network. You can also buy a router with a built in modem or buy a standalone modem. Just make sure it’s compatible with your connection (e.g. for fibre optic broadband you need either a VDSL or VDSL2 modem depending on your service). Your ISP might give you a preconfigured standalone modem if you ask but most want you using their shitty routers so have little incentive to do this. You can however often find ISP modems on eBay cheaply. My setup is an ISP modem plugged into an Asus router.

Improving privacy on a Windows system

Use Brave Browser instead of Chrome, Edge, Firefox, etc.

Set DuckDuckGo as your default search engine.

Disable Cortana.

Under settings > privacy > diagnostics and feedback, set it to “basic” instead of “full.” This cannot be disabled properly unless you use Windows 10 Enterprise so it’s just limiting the info being beamed out.

Go through the privacy settings and disable anything you’re uncomfortable with.

If you don’t use the webcam, put tape over it. No, seriously.

Be careful what antivirus software you trust. Big names have been caught collecting user data and selling it to advertisers, with the only mention of this hidden in the small print. Poor antivirus software can also make it easier to hack your computer. My personal recommendation would be MalwareBytes, but the built in Windows Defender is really good enough in most cases. Avoid Kaspersky as it’s been linked to breaches. Avoid AVG and Avast as they’re known to collect data. Avoid McAfee because it’s just bad.


An enlightening quote:




About zero day exploits

I’m going to talk about something called “zero days” getting into security. A zero day exploit is simply an exploit, in the latest version of some software, that is known only to the hacker(s) who found it and vitally is not known to the software vendor responsible for patching it.

So if you were a hacker who found an exploit in the latest version of iOS that no one including Apple else knew about, that exploit is a zero day. It’s called a zero day after how many days have passed since a patch was released.

A zero day exploit is high value as it allows any device running the target software to be attacked even if it’s fully updated. Just how high value? Read on and find out.

Smartphone security

As far as security goes, the best thing you can do is keep your OS up to date. If you have an old phone that no longer gets OS updates, replace it. If you have an Android phone you can go to settings > about phone > software information to check the security patch level. If this says something like Jan 2018, your device is hella exploitable and you really need a new one.

You could install a custom ROM which would display a higher patch level, but a custom ROM cannot really do anything for a device no longer supported by the OEM since the firmware won’t be getting updates anymore. Patching OS level exploits without the required firmware patches gives you pretty much nothing but a false sense of security. And most custom ROMs reduce your security anyway - the moment you unlock your bootloader your security is decreased, the moment you root your phone your security is pretty much out the window.

If you have an iPhone, you’re in luck on this front as Apple will provide security patches for 5 years to all iPhones. And if your phone is over 5 years old you probably want a new one anyway.

Assuming you have the latest version of iOS or Android, and you continue to get updates, you have solid security. The current market value for a zero day exploit chain allowing remote code execution, privilege escalation, and persistence is $2,000,000 for an iPhone and $2,500,000 for Android 10.

No, really.


So yes, if you happen to be any good at this hacking malarky, and you don’t have much of a moral compass, you could make a cool two mil from a single exploit chain. Specific clients are not disclosed by exploit brokers but selling zero days to the “grey market” usually means they will find themselves in the hands of nation state attackers. This could be the US, UK, the UAE, Saudi Arabia, China, Russia, North Korea… whoever is the highest bidder. Reuters did a great article on the UAE’s recent hacking operations, but note that pretty much every country does the same thing and the NSA’s are definitely 10x worse (see: Equation Group).

The reason these exploits are worth so much and used almost exclusively by nation state attackers is because they’re very difficult to find and in high demand. When a high value zero day is found, it is likely to be used only in targeted attacks, else it will become “burned” very quickly - meaning the attacks will be noticed if performed openly on random devices and the software vendor will patch the exploit, making it worthless except on outdated software.

A device running outdated software does not require a zero day for a successful attack. There are always public exploits known for old software, and using those to attack unpatched devices is very easy.

This should really hammer in just how important updates are. Software updates can make the difference between a device that can only be hacked by a nation state attacker with a few mil to burn, and a device that can be hacked by any bored nerd with Kali running on their laptop.

If you happen to own a Samsung, then Knox also provides additional security on top of what is already provided by Android, but this is not a substitute for security patches. Luckily Samsung is one of the better OEMs for providing patches.

Privacy on the other hand is a lot more complex.

Why iPhones and Androids are both shit for privacy

Both Android and iOS have some solid security (assuming you still get patches) but have big problems with privacy. Yes even Apple.

The reason Android is “free” is the same reason anything Google makes is “free” - you pay with your data. Google services track every app you install and how often you use it, they track your location, they collect your contacts and scan the contents of your emails (if you use Gmail), and if you enable Google Assistant they learn literally everything about you. Ever had a pop up on your phone related to a shop you walked past, or telling you there’s traffic on your normal route to work? This is how they do that, by collecting everything. Google will have a log of your location at all times if you’ve opted in to full Assistant functionality.

Many popular Android phones, e.g. Samsungs, come preinstalled with Facebook system apps too. This effectively means Facebook has root access to your device. I’ll tell you how to remove those without rooting in a minute by simply using the adb shell.

“But Apple doesn’t make money from collecting data!” I hear you say. Perhaps not, but they do enable iCloud backups by default, meaning unless you manually go into your phone settings and turn it all off, iPhones (and iPads) upload everything on your device to “the cloud.” This is done in such a way that Apple can read the data and they provide it to authorities when asked, including in oppressive regimes such as China. They did plan to introduce encrypted iCloud backups that would have been impossible for Apple to read, but they cancelled this plan because the FBI told them to stop it. iCloud data is stored on Google and AWS servers (NSA has these pwned) and they use GCBD servers in China (hello CCP). You may also be interested to know that despite their claims to the contrary, Apple has the ability to read iMessages of any user. Additionally, there are hidden data collection mechanisms within iOS and increasingly in macOS - this article goes into loads of detail about these.

Like Windows, iOS is closed source, so you have to blindly trust Apple when they say they protect your privacy. Likewise with Google, although the base Android OS is open source, an increasing number of functions now require proprietary Google software, and any off-the-shelf Android device will contain Google services that track everything ya do.

How to improve your smartphone privacy

There are some things you can do to minimise the data leakage. Ad blockers are once again a good suggestion. Follow the DNS instructions for Android. For iOS, there are many free ad blockers available in the App Store. These only work in Safari but they’re very good. There are simple ones like BlockBear and more customisable ones like AdGuard. You can choose what is best for you.

Disable location services when you are not using it. Be very careful which apps you give location access to. When you do grant location access to an app, when possible allow it only when the app is open, not in the background. These tips apply to both Android and iOS.

Disable any cloud backup services such as iCloud backups.

Only install apps you use. If you don’t use apps anymore, uninstall them. This is good general system maintenance but it also makes sure nothing is tracking you even though you aren’t using it, and it reduces your attack surface for potential exploits.

Consider installing Brave as your browser. It has ad blocking, tracker blocking, and HTTPS Everywhere built in. It’s able to block specific page elements which DNS level ad blocks cannot.

Set DuckDuckGo as your default search engine. On an iPhone you can do this in Safari settings. On Android you can install the DuckDuckGo app. If you use a third party browser such as Brave, you will have an option in the settings to change your default search engine there.

Android: removing Facebook system apps

If your phone came with Facebook preinstalled it will have likely also come with other system level apps that do things like update Facebook outside of the Play Store (for what reason, I don’t know) and could do in theory whatever they want because system apps have a lot of extra privileges in Android. When Facebook is preinstalled as a system app it has root access to your device, effectively giving it the freedom to own your system.

Luckily removing it is easy and does not require root. You just need to install adb on your computer first. The instructions for this differ depending on your OS.

Installing adb on Windows

Get the Android platform-tools from Google.


Now extract the zip somewhere you’ll remember and follow this guide:


On Windows 10 this process is actually pretty simple, but if you’re feeling lazy you can just run from the path. For example if it’s in your downloads folder then in cmd you would run something like:

C:\Users\Wilson\Downloads\platform-tools\adb.exe

If this gives you version info and a list of commands it works and you can just use this lazy method.

Installing adb on Mac OS

Get the Mac platform-tools from the Google link above.

Extract them somewhere you’ll remember and follow this guide:


If that looks a bit daunting to you (it is a bit of a complex process just to make a command work) you can instead just run from the path platform-tools is in. For example if it’s on your Downloads folder you can run something like:

~/Downloads/platform-tools/adb

Which should bring up some version info and a list of commands. If so, it works and you can just use this instead of adding to the system path.

Installing adb on Linux

A good old “sudo apt install platform-tools” in the terminal should do the trick. I say should because most distros have outdated platform-tools binaries in their repos, but as we’re running such simple commands this shouldn’t matter.

If you do get any problems, uninstall the distro’s build (“sudo apt remove platform-tools”) and download the latest Linux binaries direct from Google above. As with Mac OS you can add these to your system path or just run them from the directory. The process is much the same as both are UNIX systems. A Linux specific guide is here if you want to add to your path.

The easy bit: running the commands on your phone

You’ve done the difficult bit now, the rest is easy.

First bring up a terminal on your computer and have it ready. On Windows open the start menu and type “cmd” then hit the Command Prompt app. On Mac or Linux, open Terminal. Make sure adb runs as described above.

On your phone go to settings > about > software information and tap on the build number 7 times. It should confirm “You are now a developer!” On Samsung phones you can go back to the main settings menu and developer options is now right at the bottom. The exact location of the menu may differ by device but it’ll be in settings. If you can’t find it just search “developer options + your device make”.

Once in the developer options scroll to USB debugging and turn it on.

Plug your phone into your computer. The phone should ask if you trust the computer for USB debugging. Hit allow.

Now type in these commands:

adb shell
pm uninstall --user 0 com.facebook.services
pm uninstall --user 0 com.facebook.katana
pm uninstall --user 0 com.facebook.system
pm uninstall --user 0 com.facebook.appmanager


To make sure you got everything, you can also enter:

pm list packages | grep facebook

If anything else comes up, you can remove it the same way. For example if a package called com.facebook.skynet comes up, you can enter: pm uninstall --user 0 com.facebook.skynet

Note that if you didn’t add platform-tools to your system path, you will need to run the adb command by manually entering (or copy/pasting) the path to the executable. For example in Windows:

C:\Users\Wilson\Downloads\platform-tools\adb.exe shell

Once you’re actually in the shell you can just run the rest of the commands as usual, because the shell runs within adb which is now running in the terminal, so you don’t need to tell the computer where it is again.

Once this is all done, simply type exit and unplug your phone. Now on your phone, disable USB debugging in developer options. You can turn off developer options itself if you wish.

The apps should be gone now. Reboot your phone to be certain.

How to talk to people securely

Regular phone calls and SMS are insecure. Period. They use 90’s encryption that hasn’t been improved upon since. Anyone can crack it with cheap antenna equipment. Police are known to use “stingray” devices to passively hoover up text and call data and track the location of phones. This is done by imitating a phone mast. It’s very easy because, again, this is 90’s tech with shit security. Additionally, your network likely keeps a log of all your calls and texts for at least a year.

Not much can be done about the above as GSM is inherently insecure and the MITM attack performed by the stingray can be replicated by anyone with a bit of simple transmission equipment. The only thing to do is treat the network as potentially hostile and ensure you are not relying on GSM for encryption. Your communications should be encrypted before they leave your device. Which brings me nicely onto…

Install Signal. Tell all your friends to install Signal. It’s the most secure messenger in existence. It allows for E2E encrypted text, voice, and video chats. Texts can be set to automatically delete themselves on both devices after a timer has been set. The NSA really really don’t like it when people use Signal because they cannot crack the encryption. Edward Snowden uses it.

Do not trust WhatsApp. Its long history of severe exploits aside, it’s closed source and owned by Facebook. The cloud backups also undermine the encryption. I wrote a thread detailing why WhatsApp cannot be trusted here:


It should go without saying that Facebook Messenger shouldn’t be trusted either.

iMessage’s design allows Apple to read your messages whenever they want (see link above under “why iPhones and Androids are both shit for privacy”). The fundamental issue with iMessage is that Apple controls the keys used to encrypt your messages and can change them whenever they want without you noticing. This also allows them to add a secret participant to the conversation, unknown to you, who could be anyone e.g. FBI agent. It’s also closed source. It’s better than using something owned by Facebook but well that’s not saying much is it?

Telegram has a lot of flashy bells and whistles but by default all chats are stored in the cloud so you are just trusting Telegram to secure them and not share them. It’s unlikely they’re selling your data, but security breaches happen all the time. Signal on the other hand is designed so the servers literally cannot even read your messages, let alone store them, as they don’t have the keys. Telegram does have E2E “secret chats” but the cryptography is questionable and the secret chat function doesn’t allow for group chats.

Signal is the one. Use it. Make everyone you talk to use it. Your privacy will be increased significantly.

A note on VPNs

A VPN will hide your browsing activity from anyone logging your internet use, including your ISP and lower level parts of the government, but you have to trust the VPN service you use. It is very easy for someone running a VPN server to log all traffic from all users. Most will advertise a zero log policy, so you simply have to trust them to keep to their word. Some have been caught lying about this.

The country a VPN runs from is also important. You should avoid ones run from a member of the Five Eyes. This includes the related agreements expanding to the Six Eyes, Nine Eyes, and Fourteen Eyes. These countries perform mass surveillance and share intelligence with each other. Members of the Five Eyes can use XKeyscore, the NSA’s PRISM search tool.

You might think this type of concern is being too paranoid, but consider that countries such as the US, UK, Germany, Australia, Russia, and many more have laws in place that allow law enforcement to compel companies to backdoor their services, and this will also come with a gag order. In the US these are known as national security letters (NSLs) and are handed out by the FBI. Australia’s law takes it a step further and allows the government to compel individuals to backdoor the company they work for. So the country your VPN is based in is very important.

Pretty much every big US company has been served with an NSL so use of these by the FBI appears commonplace. A warrant or other oversight from a judge is not necessary to grant one. Remember unless an NSL has later been declassified, a company cannot tell you if they’ve been served with one.


Big companies often have the resources to fight such things, but VPN providers are small businesses without the resources of Apple or Microsoft. Such companies have to choose between accepting the NSL or shutting down the whole business. The Lavabit case is a good example of how this whole Kalfkaesque process works.


In that Lavabit case, the NSL would have given the FBI access to the emails of every single user had it been followed through. It's hard to speculate on other cases, but keep in mind this shows NSLs are not limited to selective surveillance.

ProtonVPN is good. It’s run by trustworthy people (CERN scientists) from a trustworthy country (Switzerland) which is not a member of any intelligence sharing arrangement and has pretty strong privacy protections in law.

You can set up your own OpenVPN server on a VPS if you have some basic Linux skills, but the question comes back to how much can you trust your web host with your data? Pretty much all big web hosts can be assumed to have backdoors. It’s hard to say with smaller fish, but small web hosts are small businesses so again, even if they have idealistic leaders, they’re unlikely to be able to fight the FBI if they do come knocking.

How to make the most secure smartphone possible

This is a bit more hands-on but it’s something that only requires following a simple tutorial and typing a few commands into a terminal. You will however need to buy a Pixel 3 or 3a. If those two prerequisites are not an issue, read on.

The US Secret Service provides modified Android-based smartphones with a specially created locked down OS. The president uses such a phone for state business. This is probably not private, since we can guess the state security services keep logs of what the president does on his phone, but it’s likely very secure.

This isn’t an option for us (and even if it was, would you trust an OS made by the US government?) but we do have a locked down Android fork for the masses.

GrapheneOS is an open source project dedicated to creating a hardened version of Android. It is focused on privacy and security, with a particular emphasis on enhanced security and exploit mitigation. It has a hardened kernel, hardened memory allocation, hardened browser engine, extra SELinux policies, more sandboxing, a modified permissions system, and a lot more.

Basically they’ve added a lot of extra security to the OS as well as taking the existing security measures and improving them. There is also no Google services and no other trackers inside the OS. It doesn’t watch you, it has no built in cloud services, and it protects you heavily from intrusions. It’s excellent for both privacy and security.

The primary goal is exploit mitigation, which means that even if a known exploit or a zero day exists to attack Android, it should be much more difficult to use such an exploit on GrapheneOS compared to normal Android. This means even nation state attackers who buy and stockpile zero days would have a harder time hacking into your phone. The NSA probably won’t target your phone, but you can rest assured that if even they’d have a hard time getting in, so would an average hacker.

It is probably the most secure mobile OS the public can get. Edward Snowden has said that: “If I were configuring a smartphone today, I'd use Daniel Micay's GrapheneOS as the base operating system.” A very strong endorsement for a project focused solely on privacy and security.

The usual concerns about custom ROMs do not apply here as, unlike an average custom ROM, GrapheneOS uses the same install process as official Android builds and doesn’t require a custom recovery or an unlocked bootloader after the initial installation is complete. In fact they tell you to lock it again once you install the OS and the install process includes installing their key to ensure the phone only installs future updates that are cryptographically signed. There is also protection against attempted downgrades and OS integrity verification - in other words the bootloader checks no one has tampered with the OS whenever you turn the phone on.

How to install it

Since it has strict requirements for the hardware it supports, requiring that it have various security features, GrapheneOS currently supports only the Pixel 3 (XL) and Pixel 3a (XL). It does also sort of support the Pixel 2 but only as a legacy device and support will be dropped soon as it lacks important hardware security features. So you should use a Pixel 3 or 3a. The cheapest option is the 3a which costs around $300 brand new. eBay prices are even less. Get a factory unlocked one, not a carrier one.

Backup anything from the phone you want to keep then follow their instructions.


You can adapt the adb instructions above to the fastboot ones required for this. Both are included in platform-tools.

How to set it up

When you first boot it up you’ll probably realise it’s very sparse. It only comes with a basic set of mostly barebones AOSP apps. The project says this is so they can keep their focus on the core security of the OS and let users install the apps they want. Which is fair enough, but it does seem like F-Droid should be on there by default.

So you can install F-Droid from here. After doing this, it’s a good idea to go into the browser app settings and disable the permission to install unknown apps, which you had to enable previously to get F-Droid. You will have to also grant this permission to F-Droid itself, but it needs it, so you can keep it on.

It is best practice to install apps from F-Droid whenever possible as they’re open source and don’t contain ads and trackers that most apps are full of. But you probably will want apps from the Play Store too. So in F-Droid search for Aurora Store and install that. Select anonymous login when it asks. Now you can install apps from the Play Store without actually having the Play Store, using a Google account, or having any Google services running. Check back to both F-Droid and Aurora for updates and make sure you keep all your apps up to date.

One especially useful user facing feature in GrapheneOS is the “network” permission. If you turn this off for any given app, it will be unable to access the internet. So if you have a free game that keeps throwing ads at you and bugs you for your location, you can deny it network access and it won’t have an internet connection. Any app that doesn’t actually need internet access should have this permission disabled.

If you run this OS and communicate via Signal, you have what is probably the most private and secure smartphone setup on the consumer market.

How to improve your laptop’s privacy and security

Replacing Windows with a user friendly Linux distro such as Ubuntu or Elementary is the easiest way to secure your laptop and make it more private. I’ve installed those two Linux distros on computers of people I know are not technical and they had no trouble adapting - in fact they have fewer problems with their computers than they did with Windows.

Moving away from Windows is the biggest step you can take towards increasing privacy on your computer. Linux is the only viable alternative and it is far superior for privacy. Security is also very solid assuming you’re sensible about what you install and you keep everything up to date.

There are two ways you can go here. The first is to install a regular user friendly distro like Ubuntu or Elementary. These are easy to use, lightweight, and reasonably secure. They will work on almost any computer.

The second is to install a specialist secure distro such as Qubes. This uses fancy witchcraft (aka the Xen hypervisor) to separate your system into different VMs. Because it’s based on VMs it can even integrate with Windows, so you can use Windows software inside Qubes without WINE, as well as Linux software across multiple Linux distros.

It will lock you down tighter than Fort Knox, but it is less user friendly and requires some knowledge to use it to its full potential. It also has stricter hardware requirements, since running multiple VMs requires a powerful computer. Some security features also require specific hardware support.

As with GrapheneOS, Qubes is endorsed by Edward Snowden: “If you're serious about security, QubesOS is the best OS available today. It's what I use, and free. Nobody does VM isolation better. It's not bulletproof -- nothing is -- but it's as close as you can get right now.”

If you are already familiar with Linux and have a powerful enough machine I direct you to check out Qubes.

However since I’m targeting this at normies I will focus on the mainstream Linux distros. They provide plenty of privacy and security enhancements over Windows making it worthwhile doing for the average user.

Ubuntu is the most popular, while others are usually based on Ubuntu. Ubuntu is a fine choice if you want a basic user friendly Linux system. When installing, I recommend using the light install option rather than the full one. This is simply because less software you don’t need means a smaller attack surface.


Elementary is also very lightweight while also having a real nice interface. Perfect for the average user. Based on Ubuntu but with its own set of packages. This also means any software made for Ubuntu will run perfectly on Elementary. Even my gran can happily use this OS.


Note that despite how the page is set up, you don’t have to pay for it. Just enter 0 into the custom box.

Mint is easy to use and looks a lot like Windows, but it comes with a lot of packages you probably don’t need, including poorly secured stuff like Flash, and as of right now has no “light” install option. You could manually remove unwanted packages, but the whole point is to make this easy and accessible. So I recommend one of the other two.

The actual installation process is easy. You can create a bootable USB by downloading the ISO and burning it using a Windows tool called Rufus. Back up anything you want to keep from your computer, boot from the USB stick, and you will be booted into a live session. You can try out the OS to make sure it works properly on your computer before installing. When you’re ready just choose install and follow instructions. Make sure you turn encryption on when prompted.

The ease of enabling full disk encryption on Linux is itself a vital security and privacy upgrade. To encrypt your disk on Windows you either need to pay for Windows 10 Pro and set up BitLocker which is closed source and backdoored, or use third party software such as VeraCrypt which is an excellent open source project, but requires a third party bootloader and is not officially supported by Microsoft, meaning it isn’t guaranteed to work and future OS updates could break it. And it still won’t help with the other privacy issues of Windows.

If you want to keep your current Windows setup as well as your Linux install, you can partition the drive during installation for a dual boot system. This means when your computer turns on it asks if you want to use Linux or Windows. Your drive will be split between the two OSs. You will need to decide how to split the drive - for example do you want to make it 50/50 or give one OS more space? Changing this later can be tricky so consider it beforehand.

If you do partition your drive, still back everything up just in case something goes wrong. It usually doesn’t, but if it does you’ll kick yourself for not having a backup.

Once Linux is installed, usually Firefox is the default browser. It’s best to install Chromium or a Chromium based browser such as Brave instead. Chromium is a more secure engine than Firefox (way better sandboxing), has more compatibility with various websites, and projects like Brave build extra privacy protection on top. Avoid Google Chrome as it contains proprietary Google code.

To install Chromium: sudo apt install chromium-browser

Once you open it you can (and should) install uBlock Origin as well.

Set up automatic updates in your distro and reboot it now and then so kernel upgrades can take effect. Enable the firewall and set it to block all incoming connections. Strictly speaking, an out of the box Linux install should be very “quiet” and not open ports unnecessarily anyway, but it’s good to have extra layers of security.

You can also increase sandboxing by opening a terminal and entering “sudo apt install apparmor-profiles apparmor-profiles-extra”. Ubuntu based distros come with AppArmor installed already, those two packages just expand the amount of services and apps that it protects. As with anything else it’s no silver bullet but it provides an extra layer of security.

WINE can often run Windows software inside Linux but it’s not perfect. You can also use VirtualBox to just run Windows in a virtual machine. This will run all Windows software fine, but it requires a Windows license (you can get one for $5-10 on Amazon or eBay) and the performance of a VM depends on how powerful your computer is. If you have a recent laptop with an i5, at least 8GB RAM, and an SSD, you will probably have no trouble at all. But an older or low spec machine will struggle to run a VM and in those cases it’s best to use the dual boot option.

How to make the most secure laptop possible

If you really wanna go hard, install Qubes. I won’t write a full guide to that here since their site has good documentation and if you understand the benefit of running it you probably don’t need a tutorial.

Using it to its full potential requires changes in how you use your computer, for example by putting sensitive software and files in their own VMs, so it won’t just magically do everything in the background. Keep this in mind.

And as it is running multiple VMs you do need decently high end hardware. It won’t run on your shitty Pentium.

Some final notes

The practises you choose to follow will depend on your threat model. I’ve mentioned the NSA a few times but it’s important to be aware that trying to outsmart the NSA is unlikely to be successful. You can generally assume they’re tapping your connection at some point down the line.

But what you can do is decrease exposure to the dragnet, so for instance if you use Signal on a locked down OS that isn’t sending out tracking data, there’s no personal info being leaked out of your phone for the NSA to grab in the first place. They could grab your Signal messages, but they’ll just look like a bunch of garbled nonsense as breaking the encryption would require more time than the universe has existed for.




Basically the best way to keep your shit private is to limit the amount of info being sent out in the first place. And to ensure any info that is sent out is end-to-end encrypted with modern encryption standards.

Other elements of a threat model are important to work out what you’re trying to defend against and what tools are needed. If you want to protect yourself against hackers, a locked down, up to date OS is the best way to do it. If you just want to limit the amount of tracking across the internet, AdGuard and Brave Browser will do a good job and are far more simple to set up.

It should also go without saying that absolutely nothing is 100% secure. What you can do however is make your systems as secure as possible, so any attackers are likely to get bored and move onto easier targets. And you can definitely avoid the use of software and services that invade your privacy and are known to use poor security practises (e.g. WhatsApp, Zoom).

This topic can also get a lot more complex if you have more technical skill. For example I haven’t talked about creating your own custom build of Linux or Android, which is pretty easy to do these days once you complete the initial setup. You don’t need to be some mega-genius to roll a custom OS build these days, just a standard issue nerd.

For those who are curious, look at RattlesnakeOS for a good toolchain that will automate custom AOSP Android builds. The default chain is designed to run on AWS though, so if you want the security of a local build environment, you can look at one of the forked projects set up to do RattlesnakeOS builds locally. You will need powerful hardware to do this though - and when I say powerful hardware I mean ideally an actual server machine, but if not, at least a recent i7 with 32GB RAM and a very fast SSD. If you have an average laptop you’ll have a very frustrating time trying to build AOSP and it will take days at best. This is why the main project uses AWS. You get cheap compute power, but risk a compromise in security.

For a custom OS on your computer you can set up Arch Linux however you want, with only the packages you need, but I don’t recommend this to anyone who isn’t already familiar with Linux unless they want to become familiar with Linux and like a challenge. In fact if you want to dive head first into Linux on hard mode, fire up a VM or a spare computer and install Arch, you will learn a lot about how Linux works. This does not require powerful hardware at all, you could do it on a 10 year old machine if you wanted.


These custom solutions are not hardened like Graphene or Qubes but the benefit here comes from having full control over your system, only having the packages you choose, and ultimately a small attack surface. You can also install a hardened Linux kernel for Arch as well as various sandboxing software, so you can configure an Arch install to be hardened if you’re willing to do that work.

Hope this was informative!
Damn WW! AdBlocker is the bombdiggity!
 
Top