my idea is to use a VM, make a snapshot of it, without firefox
install Firefox with some addons (ublock…)
after some months delete it
and start again from the beginning snapshot
Just my opinion but I don’t see how that will help with privacy in any meaningful way.
2 Likes
maybe I should say more security
and when I mess up with something is easier to start from scratch
Yeah on specific patterns, but it doesn’t matter in the large view.
Separating into browsers at least drops some of the signal going back. As mentioned earlier, the best one can do for privacy is adjust behavior.
Any site embedding Google fonts is going to send a signal to Google.
Read up on browsing fingerprints. It’s very tough to get through these without absolute drastic measures. It’s not really known what information is being collected from our internet use.
Thats sorta the idea is to create different patterns of behavior and if you do it well those wont be as easily traceable to you as an individual
well, it seemed a bit more vague when I researched info on it. But in the end it’s a personal decision whether to use it or not
but for me personally, I think this way: at least it must still be better than using google. Although maybe I’m wrong and there wouldn’t be too much of a difference and my personal data would eventually be sold anyway. Or maybe the consequences of using Startpage are different. I don’t know.
well… when it comes to Searx, I have personally been avoiding it after I learned that Searx public instances can be taken over and log user activity, as Searx have explained themselves here, kind of similarly to the whole thing with malicious Tor exit nodes that gather personal data.
“If someone uses a public instance, he/she has to trust the administrator of that instance. This means that the user of the public instance does not know whether his/her requests are logged, aggregated and sent or sold to a third party.”
in case with Tor nodes, there have been lists of nodes to avoid, but tbh, many of the newer ones might remain undiscovered for a while, I imagine. One expert even said that it’s pretty realistic that some Tor nodes could be owned by intel agencies.
I don’t know whether all of that applies to Searx instances, but… I know that they don’t have an official public instance. So… all that probably just makes running user’s own instance the only way to be sure
I do imagine that behaviour changes must be coupled with good ways to avoid identity detection though… because even if someone doesn’t recognize my behaviour, but recognizes any of my data and is able to tell that it’s coming from the same source, they will probably still know that it’s me, and now also have updated knowledge about me trying to alter my behaviour
Tails + VPN.
It’s gotta be a free one though, that doesn’t require an account, espcially a paid account, if there is such a thing.
If you just use different browsers for thing sand expect to fool anyone thats just silly 
It has to be coupled with creating new and distinct identities, not accessing data that can be tied to you, along with ways to detach your access from your home IP that may be already tied to you. There is much more to it and its a huge endeavor that before attempting it someone would need to threat model and see if this sort of effort even makes sense for their goals or its just being crazy.
oof, this one is a real mine field 
I have heard from a privacy advocate (and probably expert as well) that many VPNs, especially free ones, are used for data collection and selling (even such data as passwords and other credentials), some are owned by ad companies
no idea if a trustworthy reliable ones even exist, would need a proper research
sadly, VPNs are another giant industry that apparently just has a lot of things to it that you would expect a giant industry to have
Major bonus if you’re trying to do something nefarious - hit up a place without security cameras that has access to computers or the internet.
Maybe from a laptop at a starbucks or anywhere with “free wifi” that you can use without actually going inside and hiding in a car or a library type deal that has computers. You will want to make sure you don’t use your car though, and be far enough away where it’s not “your area” but not so far that your car stands out in any wya. Or a USB distro on a laptop connected to wifi via tethering on a burner phone.
[trigger warning: info that might cause feelings of paranoia, surveillance anxiety, etc.]
sounds good, but… what about street cameras (which I would almost inevitably encounter on my way) with facial recognition that can identify someone even if they’re wearing sunglasses :“d
also what about something called wifi mapping / wifi tracking / wifi triangulation (I’m not sure what the official terminology is), it’s a thing where people can be located with accuracy of just a few feet
I am almost fully sure that similar thing exists for non-wifi internet, our phone hardware and SIM cards constantly share information with the cell towers
and even if we disconnect from internet altogether and get rid of phones and any software or hardware or other “-ware” that may or may not be used for tracking… there is still satellite vision that we need to be aware of, and know how it functions and whether there are any ways to avoid it. Probably other things that I don’t know of… sonars exist, though obviously I don’t expect those to be used for anything besides actually serious threats
(now this really feels like paranoia hours :”) I’m sorry)
privacy is really such a thing where “feeling like you know enough to be safe” is almost always dangerous, you have to assume that there are threats and vulnerabilities that you are yet unaware of, unless you are a very very professional expert (even then I wouldn’t give it a full 100% of confidence)
this is why privacy fatigue exists, and threat modelling exists, I guess
going fully invisible and non-trackable is probably impossible or too difficult anyway, but there are still a lot of things we could achieve, and especially to have at least some basic privacy
All the more reason nuclear Armageddon is a welcome change. The world will be better off when nature can go back to the way it was before.
1 Like
For security you could also look into LXC instead of VMs if you don’t have favourable hardware. Firejail or apparmor are worth looking into as well, though it’s easy to mess up with those. It really depends on what you want to protect really.
Look at these two posts that I made, they might be relevant to you:
What do you think Ad company owning search engine will do? 
True, but it goes exactly the same for traditional search engines, like it was with Startpage for example.
You always have to put trust in any public instance of anything, that being said it’s very easy to watch this for SearX, since it’s free & open source + if you don’t trust anyone just run your own instance.
well… I don’t see Startpage as a “completely untrustworthy” (or “completely trustworthy”) search engine, for me it’s more of the “unclear” category because they have made claims that despite what happened, they continue to be operated from the Netherlands (with EU privacy laws) and that they can unilaterally reject any technical change that would negatively affect user privacy. I don’t have reasons to say that “this is 100% truth” or that “this is 100% a lie”. Even if I fully trust them on this, there are still some things that make me feel suspicious. So yeah, for me it’s unclear
wait… huh?.. o:
I thought Startpage was completely a meta search engine (taking results from true search engines, namely google in this case). Most private search engines are the same.
does this whole public instance thing apply to meta search engines too? I thought it only applies to true search engines
How can it be unclear logically?
You literally would give your trust to Fox (AdCompany) to guard the hen (your data)
I’m sure they’ll get along just fine, looking very friendly.
What are you talking about?
I mean any company be it Startpage, DDG or Goolag can change it’s ownership and/or practices publicly or in the shadows to something extremely malicious, just like any public instance of SearX can. You have to watch for it therefore. Only trustless system is fully free and open-source that you run on your own…Unless you don’t trust yourself either
1 Like
thanks, I’ve never heard of LXC, interesting
there are so many options, neverending 
also podman instead of docker
since I have now enough RAM I suppose that I will go for a qemu VM
it does not mean that they are not respecting the user privacy 
Sure, salesman saying his product is best in town!
1 Like