Privacy via Virtual Computers

AJFan2020 · Nov 8, 2020

nwm said:
True - but again, yes will work - BUT does NOT give TRUE privacy.
It will keep some junk off a main hard drive, and confine it to a virtual one, but does NOTHING to actually prevent anyone from being able to "see" anything.

That would also be true if you are booting from a bootable CD or DVD and someone is already on your network and running a program like Wireshark (especially if the traffic is not encrypted).

nwm · Nov 8, 2020

AJFan2020 said:
That would also be true if you are booting from a bootable CD or DVD and someone is already on your network and running a program like Wireshark (especially if the traffic is not encrypted).

That's the point - while useful for sure - this is NOT true privacy.

aberrantlyme · Nov 14, 2020

I think more than privacy, it introduced segmentation for me. I keep separate devices, so I have something visual to help me segment the two parts of my life. I am able to search and post here, and have a visual queue that I am not exposing something inadvertently to other accounts and profiles that I have.

it is true, what is said above that a virtual machine is not going to offer privacy, but it will sandbox some of what is going on. No matter what approach you take, extreme caution should be taken.

Mistakes get made, when emotions get high. Take a moment, breathe, and make sure that you do not make silly mistakes.

AJFan2020 · Nov 14, 2020

A

aberrantlyme said:
I think more than privacy, it introduced segmentation for me. I keep separate devices, so I have something visual to help me segment the two parts of my life. I am able to search and post here, and have a visual queue that I am not exposing something inadvertently to other accounts and profiles that I have.

it is true, what is said above that a virtual machine is not going to offer privacy, but it will sandbox some of what is going on. No matter what approach you take, extreme caution should be taken.

Mistakes get made, when emotions get high. Take a moment, breathe, and make sure that you do not make silly mistakes.

Also, be sure to keep your antivirus and virtual machine software up to date (in addition to your guest and host operating systems). A security issue in any of those places could result in getting hacked and a loss of privacy.

Deleted member 51496 · Nov 28, 2020

I am what could be considered a "hacker" (white hat - meaning only hacking with good intentions in order to secure systems and networks) and I recommend using a secure operating system like Linux or BSD as they are open-source and well documented and maintained by developers worldwide. For those unfamiliar to Linux, i'd suggest starting out with an easy distribution like Linux Mint on a pretty standard-spec PC. The most secure operating systems are those like TAILS, OpenBSD, and real-time operating systems used for mission-critical applications...but those can be difficult to use for inexperienced users.
PGP encryption of files is quite secure. Use a password you can easily remember with significant entropy for maximum security.

lilmisskitty · Dec 8, 2021

You can also reprogram browsers like Firefox to never keep history and get usb portable versions of Firefox that run from a flash drive

Maromi · Sep 6, 2022

Adguard is also a pretty good option, it blocks all the twitter and facebook crap and has a stealth mode. there's free DNS servers but the app does most of the work and a lifetime subscription is $75 for 3 computers

WendyLittle · Sep 25, 2022

Use a good vpn, Firefox, don't use google, use duckduckgo or something similar (DDG sold out recently!) run cookie auto delete as an addon, along with disconnect, FB container, WebRTC, HTTPS Everywhere, I use adblocker ultimate, works damn well, and clean your system with 'Bleach Bit' on a regular basis.
Run the vpn before the router if you know what to do, or just research how to do it, it's not that hard to be honest!
Happy trails, or lack of trails as it were! ;-)
xxx

CanadianBurst · Sep 26, 2022

I think the forest is being missed for the trees here. Running all your stuff in a VM is great for security in that if it gets compromised with malware, you don't have to scrub it of malware, you can just revert to an older image. But that's about it. If you lose the computer or someone hops on it after you forget to lock it, the same stuff will happen as if you weren't using a VM. Things like encrypting files don't matter whether it's virtualized or not, and any worries of eavesdropping are going to do with your connection, not the specific computer/guest connecting to a particular asset.

I think the goal of the OP is to prevent a casual user from accessing your files in a way that doesn't arouse suspicion. Having a load of encrypted junk sitting around raises eyebrows, but VMWare and an image just make you look like you're studying for some IT cert or something. (There's a similar piece of ITSec fuddlore that hiding your WiFi SSID makes it LESS secure, since anyone interested in attacking random shit will see it and be more invited to attempt an attack under the assumption that there's more there worth protecting than on an open network or one with a default SSID.)

I don't like this kind of "Do [thing] to BE SECURE!" woo because it usually ignores the specific adversary, their capabilities, and their intentions and results in nonsense solutions that don't really do anything and often invites more of the same kind of answers to questions no one can agree were ever asked, with an ever-shifting context that doesn't help anyone nail down what's even being asked or why an answer was needed.

At the end of the day, if your security concern is "connect to ADISC without someone finding out I'm a diaper boy" the answer is to just get your own device, remember to switch tabs and lock it, and don't browse it in public.

babyraggydolls · Dec 10, 2022

I have encryption on my phone I use it for everything with a strong password but it’s a pain to keep typing it in every time I lock the screen

Sheogorat · Dec 30, 2022

babyraggydolls said:
I have encryption on my phone I use it for everything with a strong password but it’s a pain to keep typing it in every time I lock the screen

Safety is inversely proportional to convenience. ¯\_(ツ)_/¯

It's either use an encrypted phone, or don't hide ABDL from others at all.

anned · May 12, 2023

i use a linux mint USB with VM on my linux mint computer because i want some people to be able to see what they think is on my computer.
i can let scammers on what they think is my computer and let them think i am worth millions when they get into my bank records on my fake bank.

StrawberryPan · Jul 11, 2023

Running this browser in a VM currently. Over VPN. granted, the alphabets can still correlate your traffic with packet inspection etc, but its still better than handing everything over to the ISP freely. The point is to make it as hard as possible for these data-mining freaks to get your data.

recommended addons: noscript, ublock and cookie autodelete. run web browser in a dedicated VM with dedicated VPN. Recommended to not trust tor, its too trivial to correlate traffic since most jurisdictions let just about anyone purchase internet traffic history.

Preciouslitlboy said:
I know what you mean im into the IT field but still i would not ise tails at home it doesnt make sense and btw im pretty safe i have a vpn that is running 24/7 behind my router and its also protected against DPI (deep packet inspection) so good luck to my internet provider ... its not going to work haha, and my vpn provider is so strict and bold that it doesnt matter if the fbi goes after them to ask questions the fbi will leave with nothing but frustration because the provider doesnt keep any logs... and also they are located in a very strict jurisdiction... so im pretty safe mate no problems here

FWIW there is no possible way to protect against DPI or similar correlation attacks..

StrawberryPan · Jul 12, 2023

WendyLittle said:
Use a good vpn, Firefox, don't use google, use duckduckgo or something similar (DDG sold out recently!) run cookie auto delete as an addon, along with disconnect, FB container, WebRTC, HTTPS Everywhere, I use adblocker ultimate, works damn well, and clean your system with 'Bleach Bit' on a regular basis.
Run the vpn before the router if you know what to do, or just research how to do it, it's not that hard to be honest!
Happy trails, or lack of trails as it were! ;-)
xxx

You need to be careful with your browser fingerprint, every addon you use adds to your fingerprint and they use said fingerprint as the main way to track people on the web nowadays.
Suggestions: use ublock not some paid adblocker, and use default filter lists if possible dont add any as that adds to your browser fingerprint. The fewer addons the better, so long as you accomplish the goal.

dont use facelog whatsoever. I have their servers blocked in my hosts file lol

Dont use windows. If you need windows, for, say, gaming, get a second computer for that and use a linux machine for all communications and whatnot.

For firefox, go into about:config and toggle privacy.resistfingerprinting to true. This causes FF to open in default window size among other things, since one of the main ways they fingerprint browsers is through resolution, especially if you keep browser fullscreened its trivial to correlate your traffic since monitors and screens have tons of different resolutions most being fairly unique, so its best to keep your browser windowed and have resist fingerprinting, also it generates a fake canvas which is another major way they track you online.. etc.

Anyways my point is kinda that theres a fine line between having a ton of addons and privacy stuff, from blending in with 'the crowd'. the ultimate goal is to blend in with 'the crowd' while also maintaining privacy. security through obscurity and whatnot. using just a few popular addons like noscript, ublock, cookie autodelete, along with privacy.resistfingerprinting, along with healthy online habits, is about the best you can do.

StrawberryPan · Oct 24, 2023

StrawberryPan said:
You need to be careful with your browser fingerprint, every addon you use adds to your fingerprint and they use said fingerprint as the main way to track people on the web nowadays.
Suggestions: use ublock not some paid adblocker, and use default filter lists if possible dont add any as that adds to your browser fingerprint. The fewer addons the better, so long as you accomplish the goal.

dont use facelog whatsoever. I have their servers blocked in my hosts file lol

Dont use windows. If you need windows, for, say, gaming, get a second computer for that and use a linux machine for all communications and whatnot.

For firefox, go into about:config and toggle privacy.resistfingerprinting to true. This causes FF to open in default window size among other things, since one of the main ways they fingerprint browsers is through resolution, especially if you keep browser fullscreened its trivial to correlate your traffic since monitors and screens have tons of different resolutions most being fairly unique, so its best to keep your browser windowed and have resist fingerprinting, also it generates a fake canvas which is another major way they track you online.. etc.

Anyways my point is kinda that theres a fine line between having a ton of addons and privacy stuff, from blending in with 'the crowd'. the ultimate goal is to blend in with 'the crowd' while also maintaining privacy. security through obscurity and whatnot. using just a few popular addons like noscript, ublock, cookie autodelete, along with privacy.resistfingerprinting, along with healthy online habits, is about the best you can do.

Of course, none of this makes a bit of difference unless you are using a VPN. Internet is so damn scary, its such a shame what "they" have turned it into..

BabyDaddySam · Oct 28, 2023

If anyone wants to have a separate portable linux environment there is YUMI now using Ventoy which makes the creation of bootable USB drives a lot easier. Plus it now has secure boot compatibility

StrawberryPan · Oct 29, 2023

BabyDaddySam said:
If anyone wants to have a separate portable linux environment there is YUMI now using Ventoy which makes the creation of bootable USB drives a lot easier. Plus it now has secure boot compatibility

Ventoy is pretty cool. Gonna consolidate my usb sticks with it soon. Yes the only true private computing you can get is through a live system with vpn and arguably tor. But I don't like tor. Not by itself at least. In any case I'm not quite that paranoid yet though. Not yet at least, ha ha xP But if I were to go full paranoid I'd probably dedicate a full usb to to my live system just for good practice..

BrownOwl · Mar 30, 2024

I want to raise a concern that the original post is hella outdated, by now. Particularly VMWare is no longer free, and the hardware requirements are very 2000s.. You now need at least 2GB of ram dedicated to the VM to run Ubuntu, and 4gb is recommended, more if you want a chrome based browser, because Chrome is a piggy pig.

There have been valid concerns raised in this thread, about security. So I will state with my IT Professional of 20 years hat on. That using a VM in the way suggested by OP. Is only secure against snooping family, roommates, Home Health Aides with boundary issues, etc, basically anyone who may gain physical access to your PC. And this security holds if and, only if you use it correctly. Meaning **turn on boot time full disk encryption in the VM, and use a strong password**

Virtual Machines provide no anonymity, or privacy guarantee on there own. If your threat model is such that you require these types of things. Look into something like TailsOS or similar.

There is no magic bullet in Information Security, the measures that any given person needs to take. Depend on the kinds of threats she faces. Please consult a competent professional, or *that one friend* we all have. For advice on any specific circumstances, or problems

babyraggydolls · Mar 31, 2024

BrownOwl said:
I want to raise a concern that the original post is hella outdated, by now. Particularly VMWare is no longer free, and the hardware requirements are very 2000s.. You now need at least 2GB of ram dedicated to the VM to run Ubuntu, and 4gb is recommended, more if you want a chrome based browser, because Chrome is a piggy pig.

There have been valid concerns raised in this thread, about security. So I will state with my IT Professional of 20 years hat on. That using a VM in the way suggested by OP. Is only secure against snooping family, roommates, Home Health Aides with boundary issues, etc, basically anyone who may gain physical access to your PC. And this security holds if and, only if you use it correctly. Meaning **turn on boot time full disk encryption in the VM, and use a strong password**

Virtual Machines provide no anonymity, or privacy guarantee on there own. If your threat model is such that you require these types of things. Look into something like TailsOS or similar.

There is no magic bullet in Information Security, the measures that any given person needs to take. Depend on the kinds of threats she faces. Please consult a competent professional, or *that one friend* we all have. For advice on any specific circumstances, or problems

Yeah but if you use windows and enable the sandbox it’s basically the same as a virtual pc, it gives you a virtual pc/ desktop in a new window

Privacy via Virtual Computers

AJFan2020

nwm

aberrantlyme

Married, ABDL, Nerd

AJFan2020

Deleted member 51496

Guest

lilmisskitty

Maromi

WendyLittle

CanadianBurst

babyraggydolls

Sheogorat

Master of writing pointless posts

anned

StrawberryPan

Miko

StrawberryPan

Miko

StrawberryPan

Miko

BabyDaddySam

StrawberryPan

Miko

BrownOwl

babyraggydolls