I'm about to move and at my new address I'd like to start out more secured against my ISP and doxers/stalkers. Basically I think I should use a VPN/VPS for personal related traffic (email, shopping), another VPN/VPS for online communities, and then regular net access for random browsing (is all that overkill?). There's been articles in the past about VPN providers (feel free to recommend someone), but there's less about how to configure your network and computer to use them. I'd prefer to be able to use all three at once, but I've heard most people recommend configuring their routers to a single VPN to prevent leakage. But then one company could be logging all your traffic again or it would be easy to forget to switch to/from the VPNs. Is that necessary? Is there Linux-based software which completely restricts applications to certain networks or is that something I should manually setup through iptables and /etc network scripts? My primary OS is LMDE (Linux Mint Debian Edition) and my current router runs DD-WRT, though that might change with the new ISP.
In summary, what's a good strategy to keep the different parts of your online life segregated from each other other than simply using different user names?
Thanks for your insights.
(Score: 5, Informative) by LoRdTAW on Monday October 02 2017, @03:41PM (5 children)
How about using multiple Linux/BSD VM's? Configure each for a particular VPN/browser/application and bridge all of their adapters to the host adapter. If you need to destroy a VM you overwrite the virtual disk file with zeros or random. That or store the VM's on a removable disk that can be physically destroyed. Sharing files can be done using a single shared folder between the host and guest VM's. Perhaps even a live distro designed for privacy like Tails Linux can be used.
Seems like it would be easier to configure and VM's are more portable than network partitioning and other complex network configurations.
(Score: 2) by dast on Monday October 02 2017, @04:10PM (4 children)
This ^^^^^^
(Score: 3, Informative) by tomtomtom on Monday October 02 2017, @04:58PM (3 children)
Or Qubes [qubes-os.org] which tries to provide many of the benefits of doing something like this in a less painful way.
(Score: 2) by Gaaark on Monday October 02 2017, @05:30PM
I'm going to try Qubes out... as soon as i can afford a computer GOOD ENOUGH to run it. :(
Sigh. Everytime i look at desktops i want, the price goes up.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 0) by Anonymous Coward on Tuesday October 03 2017, @04:35AM
This is what I thought of as well. Just wanted to say that the weakest link is the human, fingers tend to work faster than your brain. Watch your step and automate is as much as possible to rule out as much of the human element as possible.
(Score: 2) by LoRdTAW on Tuesday October 03 2017, @01:46PM
Qubes looks very interesting. My only concern would be how useful is it for multimedia use but I'm sure that's not the issue here.