VPN, privacy & Firefox (+ other Gecko browsers)* rev. 0.3.14

+----------------------------------------------------------------------------------+
 |     VPN, privacy & Firefox (+ other Gecko browsers)* rev. 0.3.14     |
+----------------------------------------------------------------------------------+


========== VPN section ==========

+ You can try free OpenVPN configs or Softether:

+ OpenVPN:
 - OpenVPN - you can edit configs (.ovpn) with notepad to change encryption (line 88 - standard is not so good: AES-128-CBC - try AES-256-CBC instead)
 - OpenVPN - you can edit configs (.ovpn) with notepad to add option "block-outside-dns" (for example in line 104) to avoid DNS leaks
 - OpenVPN - if you add option "block-outside-dns" you can avoid "DNS leaks" & you don't need (Simple) DNSCrypt
   (my testing suggest that when you using OpenVPN without "block-outside-dns" option together with Simple DNSCrypt you are affected by DNS leaks)
   (Simple DNSCrypt not working for me, anyway this needs further testing...)
 - OpenVPN - you can edit configs (.ovpn) with notepad to add option "--remote-cert-tls server" (for example in line 21) to avoid "Man-in-the-Middle" attack
   https://openvpn.net/index.php/open-source/documentation/howto.html#secnotes [OpenVPN 2.1 and above]
 - https://www.vpnbook.com/ (few free OpenVPN configs)
 - http://www.vpngate.net/en/ (a lot of free OpenVPN configs)

+ OpenVPN manuals:
 - https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
 - https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
 - https://openvpn.net/index.php/open-source/documentation/howto.html
 - https://openvpn.net/index.php/open-source/documentation/security-overview.html

+ Softether:
 - http://www.vpngate.net/en/
 - I recommend to try DNSCrypt to avoid DNS leaks (check your DNS leaks - links are below)
 - Changed the default algorithm for SSL from RC4-MD5 to AES128-SHA
 - http://www.softether.org/5-download/history
 - http://www.softether.org/1-features/3._Security_and_Reliability
 - https://torrentfreak.com/free-access-to-dozens-of-anonymous-vpns-via-new-university-project-130324/

+ Softether disadvantages:
 - logging policy: 2 weeks [default]
 - when you will be disconnected then your IP will be exposed (there is no 'kill switch' feature)
 - DNS leaks...

+ Security of popular algorithms:
 - https://en.wikipedia.org/wiki/RC4#Security
 - https://en.wikipedia.org/wiki/MD5#Security


========== Browser section ==========

+ Secure your privacy in Firefox:
 - by using addons like in IceCat [https://directory.fsf.org/wiki/IceCat] I mean:
   Adblock Plus (ABP), Disable WebRTC, Fat-Free Fox, No Resource URI Leak, NoScript, Privacy Badger, uBlock Origin (uBO), uMatrix etc.
   Additionally you can add: CanvasBlocker, Disconnect, FoxyProxy, Https Everywhere, Privacy Settings, Random Agent Spoofer.
   Take a look @ these sites:
 - https://web.archive.org/web/20170404173124/http://b.agilob.net/better-security-privacy-and-anonymity-in-firefox
 - http://configfox.sourceforge.net/
 - https://www.bestvpn.com/make-firefox-secure-using-aboutconfig/
 - https://www.bestvpn.com/privacy-news/control-firefox-privacy-settings-with-an-add-on/
 - https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security
 - https://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/
 - http://www.ghacks.net/2015/07/01/control-privacy-settings-in-firefox-easily/

+ If you would like to use Google Chrome anyway you can replace it with Chromium or Iron:
 - https://en.wikipedia.org/wiki/Chromium_(web_browser)
 - https://en.wikipedia.org/wiki/SRWare_Iron

+ Use Tor or Tor Browser (based on Firefox):
 - "We will never be able to de-anonymize all Tor users all the time. • With manual analysis we can de-anonymize a very small fraction of Tor users"
 - https://edwardsnowden.com/docs/doc/tor-stinks-presentation.pdf‎
 - https://commons.wikimedia.org/wiki/File:Tor_Stinks.pdf
 - https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Tor_Browser
 - https://www.torproject.org/docs/tor-manual.html.en
 - https://www.torproject.org/docs/faq.html.en
 - https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters

+ SSH/SOCKS/proxy:
 - Privoxy - https://en.wikipedia.org/wiki/Privoxy
 - https://lifehacker.com/5763170/how-to-secure-and-encrypt-your-web-browsing-on-public-networks-with-hamachi-and-privoxy
 - https://lifehacker.com/237227/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy
 - https://outflux.net/blog/archives/2006/12/07/paranoid-browsing-with-squid/
 - https://embraceubuntu.com/2006/12/08/ssh-tunnel-socks-proxy-forwarding-secure-browsing/
 - https://pl.terminal28.com/instalacja-i-konfiguracja-squid3-tor-privoxy-anonimowosc-w-sieci [translate with your favourite translator]
 - https://www.reaper-x.com/2011/10/17/how-to-install-squid-proxy-on-windows/
 - https://www.unixmen.com/install-configure-squid-proxy-ubuntu-debian/
 - https://www.cyberciti.biz/faq/debian-ubuntu-linux-install-onionrouter-software/
 - Pirate Tor Browser - http://www.softpedia.com/get/Internet/Browsers/PirateBrowser.shtml or http://www.majorgeeks.com/files/details/piratebrowser.html

+ Change your UserAgent frequently (get UA addon for your browser). Example of UA sites:
 - Random Agent Spoofer addon for firefox: https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/
   List of UA sites:
 - http://www.browser-info.net/useragents
 - http://mybrowseraddon.com/custom-useragent-string.html
 - https://developers.whatismybrowser.com/useragents/explore/
 - https://udger.com/resources/ua-list
 - https://techblog.willshouse.com/2012/01/03/most-common-user-agents/
 - http://www.useragentstring.com/pages/useragentstring.php

+ Fingerprint (fingerprinting algorithms):
 - https://en.wikipedia.org/wiki/Fingerprint_(computing)
 - https://en.wikipedia.org/wiki/Canvas_fingerprinting
 - https://en.wikipedia.org/wiki/Device_fingerprint
 - https://browserleaks.com/canvas

+ Check your browser privacy/security:
 - https://browserleaks.com/
 - http://browserspy.dk/
 - https://panopticlick.eff.org/
 - https://www.howsmyssl.com/

+ Other sites worth mentioning:
 - riseup.net/en/better-web-browsing
 - privacytools.io
 - https://en.wikipedia.org/wiki/Category:Internet_privacy
 - https://en.wikipedia.org/wiki/Category:Crypto-anarchism


========== OS section ==========

+ Check Tails Linux:
 - https://en.wikipedia.org/wiki/Tails_(operating_system)
 - https://www.wired.com/2014/04/tails/

+ Check Whonix Linux:
 - https://en.wikipedia.org/wiki/Whonix
 - https://www.whonix.org/

+ Secure you DNS with DNSCrypt:
 - For Linux follow this: http://www.webupd8.org/2014/08/encrypt-dns-traffic-in-ubuntu-with.html
 - For Windows - you need: "dnscrypt-winclient" or "Simple DNSCrypt".
  URLs:
 - https://simplednscrypt.org/
 - https://github.com/jedisct1/dnscrypt-proxy/wiki
 - https://github.com/Noxwizard/dnscrypt-winclient
   (Simple DNSCrypt not working for me (I'm still using "block-outside-dns" option in OpenVPN config file).
   (Anyway this needs further testing...)

+ Check your DNS leaks:
 - https://ipleak.net/
 - https://www.dnsleaktest.com/
 - https://whoer.net/


========== P2P section ==========

+ Use peerblock
 - https://en.wikipedia.org/wiki/PeerBlock
+ Use ipfilter.dat
 - for example: ed2k://|file|ipfilter_v0153.dat|19871409|93474AE3F1D3A0A7C4EEC7E52A146721|/


__________________________________________________________
* Other Gecko browsers - this means it may also work with:
Airfox, Beonex Communicator, Camino, Comodo IceDragon, Conkeror, Classilla, Firefox for Android, Flock, Galeon, Ghostzilla, HP Secure Web Browser, IceCat (GNU IceWeasel), K-Meleon, Kazehakase, Kirix Strata, Lotus Symphony, Lunascape, MicroB, Minimo, Netscape 6, Nightingale, Oxygen, Pale Moon, Portable FireFox, SeaMonkey, Swiftfox, Swiftweasel, Sylera (for mobile), TenFourFox, Timberwolf (AmigaOS 4), Tor Browser, Waterfox, xB Browser

https://en.wikipedia.org/wiki/Gecko_(software)

Any suggestions are welcomed.

Source:
https://beamstat.com/chan/privacy
https://beamstat.com/chan/Crypto-Anarchist%20Federation
(Bitmessage channel)