SoylentNews is people
SoylentNews
I'm about to move and at my new address I'd like to start out more secured against my ISP and doxers/stalkers. Basically I think I should use a VPN/VPS for personal related traffic (email, shopping), another VPN/VPS for online communities, and then regular net access for random browsing (is all that overkill?). There's been articles in the past about VPN providers (feel free to recommend someone), but there's less about how to configure your network and computer to use them. I'd prefer to be able to use all three at once, but I've heard most people recommend configuring their routers to a single VPN to prevent leakage. But then one company could be logging all your traffic again or it would be easy to forget to switch to/from the VPNs. Is that necessary? Is there Linux-based software which completely restricts applications to certain networks or is that something I should manually setup through iptables and /etc network scripts? My primary OS is LMDE (Linux Mint Debian Edition) and my current router runs DD-WRT, though that might change with the new ISP.
In summary, what's a good strategy to keep the different parts of your online life segregated from each other other than simply using different user names?
Thanks for your insights.
(Score: 2) by lgsoynews on Monday October 02 2017, @03:02PM (3 children)
The BIG problem in your scenario is that it's so hard to validate which VPN providers are serious (technically) and reliable (not selling your data on the side). Even worse, a serious one may very well be bought tomorrow by another company with the usual casualties: privacy & trust are the first to go!
Another solution: using TOR, is painful (sooooo sloooooooooowwww!), so much so that's it's almost impossible to use for many services. And it is blocked by many websites. Some TOR hidden emails are blocked and never reach their target, as I discovered to my cost!
Personally, I separate my many identities (family, friends, various other types of activities: games, programming, etc.) by using different accounts, including several emails, plus using different browsers & profiles.
For instance, I was forced to create a Facebook account to stay in touch with a few people, but that account is opened in a separate Firefox profile, to minimize the data exposed. Currently, I use 4 main Firefox profiles (not counting the tests for FF nightly, etc.). Not perfect, but better than nothing. It's interesting to see how Mozilla makes the profiles selector difficult to use/start, most people don't even know about it! I'll soon look into the new Firefox Multi-Account Containers, they seem interesting.
In summary: my main strategy relies on separate browsers' profiles. To minimize leaks between the separate user names. But it does not help with the IP tracking obviously.
As for using 3 different VPNs? I think it's overkill. Just finding a good one is hard enough.
(Score: 0) by Anonymous Coward on Monday October 02 2017, @03:25PM
Unfortunately, Facebook, Google, Amazon etc. do profiling by IP address. I have found that ads served to my IP change a lot when someone with their own computer uses my network to go to some website I don't normally go to, or buy something.
So while it may not be as much of a concern for people "doxing" you, the companies all know.
(Score: 5, Informative) by jmorris on Monday October 02 2017, @03:27PM (1 child)
Yup, you nailed the bigger problem. Use all the VPNs you want, your browser will betray all of them. And you aren't even safe doing what you are, since the browser fingerprinting problem will still be able to bite you.
So you make three VPNS, how do you know what traffic needs to go to which one? Ignore the problem of how to force traffic to the right one for the moment, that is just throing enough Linux Fu at the problem. Every site you visit has Google analytics and a Facebook, Twitter and Amazon bug. So which VPN gets that? Every answer is wrong btw. Block them? That is so 2015 dude, amazing how many sites just die if you do that now.
I too have been thinking of going ghost, the world is getting far more dangerous for political dissent lately. But I haven't done it yet because if I do a half assed job I'm only drawing MORE attention and being paranoid enough for the $current_year would be labor intensive and expensive. Also, when I finally go I'd have to change my writing style AND abandon my past haunts like this place for a period of time, because the machine is getting too damned smart. That is the problem, ONE mistake, ONE failure to realize what the modern surveillance state can do and it is all a waste of time and effort.
So for now I get the low hanging privacy fruit. I stop as many scripts and webbugs as practical without too much breaking and spending more time fiddling with the knobs as I do browsing. That disrupts the corporate world from building as extensive a profile but I know it does nothing against my ISP or government.
(Score: 1, Interesting) by Anonymous Coward on Monday October 02 2017, @03:54PM
Are you familiar with Decentraleyes [decentraleyes.org]? Nothing is a silver bullet but it is another important layer.