30 miles covers a lot of potential users.

What about wired connections? I guess I fail to remember, a lot of people use their phones as a mobile compute platform, which I very rarely do, and certainly not a Reddit app.

Something odd happened on Reddit today…

I don’t find that extraordinarily odd at all really. This has been Reddit’s modus operandi for quite a while now. Anything that might pull the curtains back to peep at what/who’s running the show is sternly frowned upon. Usually, they will just shadow ban you which I personally find cowardly. I’d rather you tell me straight out to piss off.

On the topic of browser fingerprinting. I have a more than fair understanding of how it works, however, I am an expert at nothing. What has always struck me as odd is that browser fingerprints change over time, so how do you use a browser fingerprint to source the origin user? Without changing anything, my fingerprint ‘score’ changes daily. Some things that change or affect browser fingerprinting are:

• User-Agent (browser, OS, version)
• Screen resolution & color depth
• Installed fonts
• Plugins & extensions
• Canvas & WebGL rendering
• Timezone & language settings
• HTTP headers (Accept, Do-Not-Track, etc.)
• WebRTC, audio context, hardware info
• Cookies, local storage, caching behavior

About 80% to 90% of all browser fingerprints are unique at any given time. Only 30% to 50% of browser fingerprints change within 1 to 3 months. Users who regularly update, wipe their browser data, or install extensions have the most changes, whereas users who hardly ever update anything, never wipe browser data, or install extensions have the most consistent browser fingerprints that can last months to years. So, in my thinking, a browser fingerprint alone would do little to pinpoint a specific user, if they are regularly maintaining their security envelope. I guess in the case of forensics, a browser fingerprint could be used as a part of complementary evidence.

If they were using a VPN, it could be that their DNS was leaking. However, Reddit usually rejects accounts made with a VPN engaged.

Checking fingerprinting is something I do regularly because I’m very curious. The best I’ve been able to achieve is partial or nearly unique. I also do daily DNS leak tests, which may sound all paranoid, but even with a VPN, and a stand alone pfsense firewall/unbound, and various other obfuscation techniques, VPN IPs change and the IP you had yesterday for a certain locale, might not be the same as today, so it’s worth me taking a minute to check. Not that I have anything to hide. /s

I recommend a daily cleansing with Bleachbit, or Privazer. Schedule task or a cron to run it before shut down.

If someone has expert knowledge of browser fingerprinting, I stand by to be schooled.

I find that people who say ‘I’ve nothing to hide’ haven’t really thought it through. Mainly because, in most of the general public’s mind, there is a disconnect between their daily lives and their online lives. Instead of being condescending to them, run through a couple of obvious scenarios with them:

• You have keys and locks they go to. Maybe they go to your car, front or back door, or tool shed. Why? Keys and locks prevent unauthorized access. They do not portend guilt in any way.
• You have window blinds and even black out curtains covering them. Why? What would be your reaction to a law that made window blinds and curtains illegal because the authorities having jurisdiction can’t see what you are doing in your house?
• Would you be ok if a live feed of your bathroom or bedroom be broadcast to the internet for all to see? Why not?

Usually, running through daily things people do and contrasting them with privacy, security, and anonymity, I can get them to realize that yes, they too enjoy, nay, demand privacy, security, and anonymity in their daily lives, and that their online presence should not be any different.

The average Joe citizen really has no idea what goes on behind all those pretty pictures on their screen, and they could almost be forgiven for that. I’ve had a computer in front of me since the mid 70s and I openly admit, computers and networking are complex beasts. Even I have not plumbed the depths. Someone here made a comment once that if their knowledge was a 25’ tape measure, they might know an inch, and I think that is applicable.

We, as the stewards of the secret knowledge, should not brow beat those who may be unenlightened. They are not sheep, they are not normies, they are not idiots. They just have no clue, so it behooves us to educate and assist those who do not understand, without making them feel like they’re stupid. The more educated the populace, the further our privacy, security, and anonymity mission is spread.

The phrase also derives from a mid 1800 child’s physics book that had review questions at the end of each chapter to check if you understood the information. One of the questions was ‘Can a man pull himself up by his bootstraps?’, which is of course impossible because he is being acted upon by forces greater than himself…namely gravity.

Indeed, the more you know.

Yep. Settings > I am an advanced user (All the way at the bottom of the page). On the Filter Lists tab, I checked everything except ‘Regions, languages’ This lets you ‘dial in’ what you want on your network and what you don’t. After a while of looking at the CNDs, and all the data points in Ublock for a particular site, you start to get a feel for what to block and what not to block.

There are color shades in UBlock that represent different types of blocks and allows. See here: https://github.com/gorhill/uBlock/wiki/Dynamic-filtering:-quick-guide. As you select what to block, you will find that other sites use the same CDNs, etc, so once you have allowed or denied certain ‘services’ you don’t have to do it for all sites.

Awesome! Etymology is a fascination of mine, where language derives itself from and how words and phrases have changed and even been bastardized to mean something else. One of my favorites being ‘Pull yourself up by your bootstraps’.

c. 1400, chokkeful “crammed full;” the first element is possibly from choke “cheek” (see cheek (n.)). Or it may be from Old French choquier “collide, crash, hit” (13c., Modern French choquer), which is probably from Germanic (compare Middle Dutch schokken, and see shock (n.1)).

<----- etymology freak

I posed this in another ‘obfuscation’ thread, but in the case of steganography, wouldn’t AI have the ability to ‘see’ that the a file, say a image’ has odd bits in it that shouldn’t be in an image? Even further, would it be able to ascertain that you have two levels of messages hidden inside the image? It sounds similar to what you can do with VeraCrypt Cryptomater in that you have two ‘levels’ of encrypted data. One to reveal to the authorities and one that’s for the intended target of the data packet.

I do not use Mullvad, however, I have had the same issue with sites, not rt(.com) in particular, but others. All I do is switch locales and usually the problem clears up. I haven’t figured out exactly why. A lot of VPN IPs have a tendency to be abused and so a certain website may have blacklisted your IP number of the VPN locale you were/are using. Could be some scenario such as this.

Well, that certainly is a different take than I’m used to. I sometimes fail to realize that most of the population live in fairly tight quarters, especially in housing developments, etc. Their coverage would entail an acre maybe a little more or a little less and even a doorbell cam has a pretty wide field of vision. So I could understand that concern. Where as, I have some acreage to mother hen. Barns, equipment, etc. and I have zero tolerance for a person who would walk onto my property and steal from me. I’ll help a brother out as best I can, but if you steal from me that’s going to get you in some troubled water.

Anyways, thanks for the explanation. Always down to be educated. Thanks for the link as well. I’ll hit it in a bit.

Huh. I guess I have gotten used to living in farming country. Not too many people out here walking, but that concern seems valid.

• Eufy
• Arlo Pro
• Blink Outdoor
• Amcrest Ultra

I am assuming you are covering something like residential property.

These come to mind. I think all of those have offline and online storage, so storage capacity would be dictated by what you choose. All four of those manufacturers have doorbell cams as well. All four have motion detection.

I would advise against using surveillance cameras, because they violate others’ privacy.

That’s a curious take. I’m keen to know your angle. If you are within range of my surveillance cameras, you’re on my property and are not afforded any privacy. I don’t care what happens out in the street, so I have none that cover the street. However, when it bleeds over onto my square, then I do care.

I’ll have to admit, back in the day Google’s Picassa was the shit.

You are welcome. Anytime. I’m not the sharpest knife in the drawer but I do like to help.

I may have taken the OP a bit too literal when he said ‘completely’. me skuzi

Well, it all came to a head when two popular Android platforms decided to use r/degoogle to hash out their superiority. I decided, after that, no more. But I have helped get subs off the ground. One was r/GrowBuddy which was actually an enjoyable experience. There didn’t seem to be that many irritating edgelords smoking cannabis.

Oh no no no. LOL I’ve had my fill of moderating forums, chans and the like. Reddit put the final nails in that coffin when I assisted in moderating the de-google, de-amazon, and a handful of other similar subs. The older I get, the less patience I have with overly exuberant users.

You seem to be much more knowledgeable on the topic,

Well, the first thing you need to know about me is that I am an expert at nothing. I’ve just been screwing up enough computers since the mid 70s to learn a couple things. LOL

Some thoughts and opinions:

Firefox: As mentioned earlier, Firefox stores it’s logins in a file called logins.json, which is encrypted. It stores the encryption keys in a separate file called key4.db. They are encrypted with 3DES in CBC mode for the passwords themselves. When you save a password, Firefox encrypts it before writing it to disk. If you don’t create a master password in Firefox, the browser uses a basic form of encryption based on your operating system credentials or a default key. This allows Firefox to automatically decrypt your passwords for autofill purposes without requiring any extra authentication, as long as you’re logged into your device. The master password is key, because with the master password Firefox adds a stronger cipher in the form of PBKDF2-SHA256. Without the master password, anyone using your browser can fill in log information.

Bitwarden: Bitwarden is a dedicated, separate, password manager that stores your vault data in the cloud on Microsoft Azure in the US or EU regions iirc. Bitwarden has zero-knowledge of your passwords or encrypted data. You start with a master password, much like you would with Firefox. That master password is never sent to Bitwarden. Here’s where my eyes start to glaze over. LOL It undergoes key stretching using PBKDF2-SHA-256 with 600,000 iterations. This derives a 256-bit master key, which is then expanded via HKDF to a 512-bit stretched master key. A separate 512-bit symmetric key generated by CSPRNG, is encrypted with this stretched key and stored on the servers as your ‘protected symmetric key’. Your passwords are individually encrypted using AES-256-CBC with HMAC-SHA256 for integrity, each with its own unique cipher key that’s further protected by your symmetric key. When you log in, the master password re-derives the keys client-side to decrypt the protected symmetric key fetched from the server, and decryption happens only in memory and is never written to disk. I’m not going to even pretend to thoroughly understand the process. That’s going to take someone way more intelligent than I. LOL

Firefox password system is browser based. Firefox does not mandate a master password like Bitwarden, or at least in the past has not. Firefox stored passwords, as mentioned earlier, are susceptible to Firefox based exploits. Those exploits are not relegated to just Windows platforms, and can happen on Linux and Mac just by visiting a laced up website. Bitwarden is device agnostic and invokes more encrypted protections than it’s Firefox counterpart.

To boil the ox down to the bullion cube, Bitwarden, in my humble opinion, gives you more layers of protection than your standard Firefox browser. I like layers. They do add complexity to the situation, but at times, complex layers is just what is required. At the end of the day, it gets down to what you feel comfortable with based on your threat model. Both options offer encryption and security features. Both options are reasonably secure, with Bitwarden being, in my mind, far more secure because it offers more robust layers of complexity. Bitwarden has a fabulous track record of security, and tho there have been previous breaches, none to my knowledge ever revealed any user data.

It has been quite a while since I have used LastPass briefly, so I cannot speak with intelligence about it’s operation. I do know that Bitwarden is super easy (for me) to use and in the browser, works like any other password storage option. You can set it to automatically fill in passwords and user names which is a feature I think appeals to those who use Firefox or other browser based password storage systems. However, as I stated, at the end of the day, it all gets down to what aligns with your threat model, and how comfortable you feel using the options you have chosen. For me, Bitwarden offers more layers of protection, and I am a green ogre who likes layers.

I am basically relaying conventional wisdom I have gleaned over the years of ‘best practice’. I also forget that a lot of people in the privacy sphere run Linux solely, where as I run Windows, Linux, and Mac. I hold no high ground in privacy, security, or anonymity. You are certainly within spec to run your network as your requirements deem necessary. I’m just a lot more comfortable not using a browser to store my passwords. If you’ve got it all down to a note, then rock on my brother and don’t let them give you shit about your ponytail either.