How to browse the internet without being spied on.

[misteraven]

One of these days I need to dig through nerd matrix and see about making an Oontz altcoin.

[Mercer]

@misteravenI could make one right now, it’s very easy. You basically write a smart contract and publish it to the Ethereum blockchain. You can use Etherscan to find different ERC-20  contracts to copy paste and tweak. Most people were using Golem’s as a solid starter because it was very well put together. Nowadays people are using the newer ERC-225 standard, because of a few minor tweaks it uses less gas to transact with, and it’s harder to send to a bad address.

 

You should really look into 12ozProphet accepting BAT payments as tribute. It’s basically free money for you. Just by installing and using the brave browsers wallet, people get free BAT to give out to sites, I could set up a tutorial on how to pick the site that receives your BAT payments and boom, small passive revenue stream from 12ozProphet users opens up that’s basically free for both you and them.

[fat ralphy]

Thanks @Mercer- I just followed some of the advice in OP.

 

You da man.

[Crackwhatever]

Use tails OS if you're doing anything unsavory. Bonus points if its on a USB drive and not used at home (think mcdonalds wifi). Duckduckgo instead of google. Put your phone in the microwave if you're that paranoid (or build your own farady cage). Encrypte anything for messaging. Learn pgp. ENCRYPT EVERYTHING. Kill bluetooth on your phone and comp. Buy gold bullion and bury it.

[misteraven]

18 hours ago, Crackwhatever said:

Use tails OS if you're doing anything unsavory. Bonus points if its on a USB drive and not used at home (think mcdonalds wifi). Duckduckgo instead of google. Put your phone in the microwave if you're that paranoid (or build your own farady cage). Encrypte anything for messaging. Learn pgp. ENCRYPT EVERYTHING. Kill bluetooth on your phone and comp. Buy gold bullion and bury it.

Thanks for suggesting that...

 

Was trying to remember it earlier. If you know something about it, be great if you could chime in since my guess sis your more tech oriented / qualified than the average person on here.

 

For now, saw this write up that might help explain it to the security conscious and interested amongst you: https://www.techrepublic.com/article/getting-started-with-tails-the-encrypted-leave-no-trace-operating-system/

 

TailsOS: https://tails.boum.org/

[Crackwhatever]

Tails is a serious ass OS for those who don't want to be seen at all. It's a standalone linux system that you can clone so you can have copies hidden if necessary. It REQUIRES you to use tor / torbrowser to maintain anonymity without the average user having to screw around with settings and such. There's a BTC program, pgp keyring, encrypted messenger(s) amongst other tools. These are just the ones you'd likely use on a normal session on there, but there's tons more. Duckduckgo doesn't save search records like google yet gets similar results so its the automatic choice on tails. Also kill java (option on the browser) so scripts can't be run in the background. Also this os is configured at the start to not save ANYTHING so you have to configure your persistent volume in order to save anything, be it pgp info, text documents, etc. Considering the power of this OS, its rather easy to set up and can save your ass in so many ways it isn't funny. Always keep a copy on a stray USB stick or two.

 

My two cents on this, buy a laptop you don't care about and are willing to throw in a river if you have to, never install tails to the internal HDD and always always always always update it asap. Make complex, long passwords because if someone targets you knowing you use tails, a short one won't cut it and always kill java. Even in using tails, it won't keep you invisible past your words so remind yourself that if you're going so far as to use a disappearing OS, watch your vernacular as well since thats even more of a giveaway than what you may be looking at.

[Mercer]

Good advice@CrackwhateverI might have to set up a USB and play around with that.

 

My own main concern for privacy is based on seeing how easy it is to psychologically profile someone, and in turn use that info to either predict, or influence their behavior. While the technology to deploy this in large scale is still in it's infancy, years down the road this could be a major concern. I've watched this technology starting to make use of the internet, and have seen clear signs of people being PSYOP'd for political purposes recently.

 

The U.S. Army's Psychological Operations Unit has been busted multiple times pre-internet era placing operatives in media organizations like CNN & NPR, I can't imagine what they're doing with google and Facebook these days. There's also clear evidence of Russians using these methods to polarize U.S. citizens, and campaigns built around the use of Cambridge Analitica.

 

Having such strong political convictions myself, along with a voracious appetite for political literature, I'm not concerned I'll be influenced politically. I'm so far from mainstream it would be more effort than it's worth to figure out how to influence the small percentage of people that hold beliefs similar to mine. What I could definitely see myself doing is making a dumb expensive purchase, or bad investment in the future, and not realizing why I wanted to until it was too late. Once this technology starts trickling out into the private sector I think it will become more commonplace for people to be influenced into purchases and other financial decisions that go against their own best interests.

 

Like I said earlier, we're all putting this data out there. Giving it away for free to companies that are admittedly gathering it to turn a profit. Even if Facebook, or Google never use it for nefarious purposes, who's to say they can't be hacked some day, or that they won't be coerced into sharing this information with the government. If you ask me the odds of that NOT happening are almost zero.

 

We have no claim to ownership over this data, and zero rights to, or say on how this data is used. The more you can keep out of these data gathering vaults the better IMO. So yea, fuck chrome, use duck duck go, and tor if needed, and do everything you can to stay in charge of your own thoughts moving forward.

Edited July 24, 2018 by Mercer

[Crackwhatever]

@Mercerwhen i moved out to the middle of nowhere I pondered this quite a bit. Regardless of your hardware, software, etc. What gives you away at the end of the day is yourself. The only way you can make yourself less obvious is to limit public interactions online so less of your text based mannerisms are able to be judged. Machines can only interpret what we give them.

 

But politically.... I just don't care. At this point on purpose, no less. Why would you want to? There's so many forces at work here, all the protests and firey posts will just get you automatically flagged by god knows who for god knows what. It seems weird but I believe a healthy mix of apathy and paranoia in your online persona goes a long way in keeping you safe. Eventually I'll be a normal guy, but its hard to be a normal guy with a family when you're flagged for (what I consider, no offense to you and your beliefs) dumb shit that i have as much control as the wind over.

[Mercer]

@Crackwhatever Understood, but at the same time it's impossible for me to not give a fuck about the "greater good" and focus entirely on me and mines. I know speech recognition is how they got to Ross Ulbricht regardless of how they claimed to have found him through legal methods. I do take measures to avoid being flagged, like not going into detail on things that could be interpreted as subversive, or randomly liking a mainstream political meme here or there opposite of what I think to throw off algorithms.

 

In my case, I'm hopeless. I face this same issue in other areas of my life and pay the consequences regularly. I can't just not give a fuck, or just go with the flow, or aways follow the path of least resistance by my nature. It sucks, but for me life isn't worth living without having, and realizing convictions. I just keep them to myself in social situations as much as humanly possible, including spouting them in detail online, and avoid going into tricky areas online without protecting my real identity.

Edited July 24, 2018 by Mercer

[misteraven]

This topic has taken an interesting turn... @Crackwhateverreally appreciate you popping up and dropping such awesome info. (Wish I could double prop you). And @Merceryou already know that I've been super pumped with the gems you've been dropping. Anyhow...

 

Your latest comments bring this link to mind: https://www.nytimes.com/interactive/2014/upshot/dialect-quiz-map.html

 

I took this test myself and not only did it get my State correct and my city correct, but actually managed to pin point the general area where I'm from to within about 30 miles. It accomplished this with a simple test that asked zero questions that would raise a red flag for me. And I'm fairly paranoid, so that's saying something.

 

This is literally a dumb little quiz that is part of an every day content piece that I have no doubt barely scratches the surface of what is possible. They did this with a couple dozen question that felt totally random and in no way hinted at where I'm from in the literal sense or that anyone among us would see as intrusive or self incriminating. It literally uses an algorithm that finds nuance is language pattern and systematically narrows it down accordingly until it either finds you or waits on additional input. Scary stuff when you see how this dumb quiz was amazingly accurate with such little input. I have zero doubt that this single post you're reading from me has more inputs than their stupid quiz required. (Let alone using a bot to scrape all my posts to process into a profile).

 

Likewise, though I've never allowed any of that face mapping app shit myself, they can get pretty far from a photo and I also have no doubt that soon enough they'll use that tech for drivers licenses and passports, etc and soon after have them in public places for our *security*.

 

And @MercerI feel where you're coming from in regards to not being able to not give a fuck. But do realize that you're often playing into the game. Smartest thing you can do is put your energies and investments into what you can actually control. Set yourself up, insure you can survive long term without relying on any one or any thing else.

[Mercer]

So back to the mission at hand. Most people seem to be focused on what browser you're currently using, I still recommend brave browser and opening an occasional TOR tab in that browser for anything you want to keep even more private.

 

 

Stopping new data from being gathered/stored is a good start, but what about the data google already has stored, is there any way to eliminate it? Yes, well at least they're saying there is at this point and you can thank regulatory overreach of the EU for this. How much data google actually allows you to delete is unknown, there's a good chance some of the data will be backed up someplace on their servers. 

 

 

Deleting your search history is probably one of the most important things you can do, especially if you've set your default search engine to Duck Duck Go. That search engine is actually on par with google's in many aspects. In fact, it's so good I originally started using it as a default planning on actually visiting google.com for the searches it sucked at, but till this day have been completeley satisfied searching for animated gifs, web results, etc. using duck duck go.

 

With that said, here's how you delete your search history from google:

 

Go here: https://myactivity.google.com/myactivity perform a search for all types of activity, with the parameters of before today's date, and after January 1st 2014. Once you get the results, choose the three verticle dots and then choose delete all history. Boom, Done.

 

I can't take screenshots of this since all of my history is deleted according to google, but here's what the page should look like when you're done.

 

 

 

Once you're done with that, it wouldn't hurt to check the other services google offers in the account page: https://myaccount.google.com/dashboard and see what else they've got. Old text's and voicemail from an old google talk phone account? A ton of stored emails archived in Gmail? Either download that shit and store it someplace else or not, then delete it all. Pour over all of your account services, calendar data, contacts, etc. and anything you don't deem useful there's no reason for google to keep that record stored forever.

[misteraven]

Thanks man!

 

[Mercer]

 

 

Even more bullshit from google, Metamask is basically an essential tool for so many people working with blockchain (myself included). Both Facebook and Google have purposely attempted to stall cryptocurrency adoption in several different ways, and this is yet another example of a solid, useful product being artificially derailed by them without explanation. Unsure if it's them supporting the government/status quo, or their own ambitions in this space but either way it's not based on providing their users the best possible experience.

 

[fat ralphy]

So - using Brave and it would not automatically embed youtube link in the Nonesense thread.

 

Opened Firefox and it did it no problem, @Merceris this something i need to change in Brave settings?

[misteraven]

I'd assume it would still embed. You're requesting a page in which that is the content. It's no targeting you somehow, but just showing you what you loaded.

[Mercer]

@fat ralphy and anyone else using Brave here's the thing, and it can be annoying until you understand whats happening. Brave blocks Javascript, so you're going to think some websites are broken occasionally since most sites rely on Javascript for some basic functionality (like recognizing the url you posted should be swapped to embed code). 

 

Fear not, 12oz works great in Brave, and it also happens to be a site I trust more than any other since I we the owner. 12ozProphet won't work well until you got to the top menu and choose Shields > Site Shield Settings > Then choose turns shields down for 12ozProphet.

 

 

 

This is going to happen periodically as you visit new/old websites in Brave, in each instance you can choose to lower your shields so the site works, or just not use the website if you don't trust it, or it's advertisers.

 

Bonus tip, lowering shields will still block advertisements in most cases.

[GnomeToys]

On 7/24/2018 at 1:47 PM, Crackwhatever said:

My two cents on this, buy a laptop you don't care about and are willing to throw in a river if you have to, never install tails to the internal HDD and always always always always update it asap. Make complex, long passwords because if someone targets you knowing you use tails, a short one won't cut it and always kill java. Even in using tails, it won't keep you invisible past your words so remind yourself that if you're going so far as to use a disappearing OS, watch your vernacular as well since thats even more of a giveaway than what you may be looking at.

For that matter if you're taking things that far,  update the shit out of the BIOS or make sure there is a version that patches the more glaring security holes of the last couple of years.  (You should do this anyway) It's best to assume that something like an IME exploit or one of the more recent speculative execution exploits exist on the machine and patch them.  The IME / AMT ones are particularly nasty because they can abuse a low-power ARC4 processor embedded in the chipset of the network controller itself and change system settings when the computer isn't even turned on, and some of the traffic they use will go past consumer routers if they haven't been patched or weren't programmed well to begin with.  I believe the remote IME issues can be mostly mitigated on older machines just by setting a password for the management interface, which tends to default to a blank. 

 

Laptops may also have "interesting" hardware in them ostensibly designed for anti-theft purposes and which may or may not decide to phone home if the laptop is opened or shorted, or flagged as stolen via a service. Usually this requires actual setup to activate a SIM via the company who made the anti-theft,  as well as installation of some software to switch it on in the first place, but I don't like how undocumented it is considering these are designed to begin recording / spewing photos back to the system manufacturer in the event of theft...  if they're capable of that, they're capable of doing it for no reason.  This tends not to exist outside of used / sometimes new university laptops and such, although some office models may have it.  The one I found when I decided to tear apart a laptop that had failed through years of abuse was relatively low-tech but interesting. 

 

 

Edited July 28, 2018 by GnomeToys

[GnomeToys]

I know this thread is mainly about browsing privacy / anti-tracking in general, and everything @Mercerand others have posted is good advice for that. 

 

Another thing to take that concept a bit farther is to tape over or kill the front facing camera on your phone...  newer gen phones (2015+) with Marvell SoCs / Hexagon DSPs are including trained neural nets, as are other brands, and although the marketing is off the wall for machine learning right now the entire purpose of these chips in a mobile is to run face / object detection & computer vision more quickly.  In exchange for questionable benefits in terms of phone features, you've got something that can spit out your current (guessed) emotional reaction to an advertisement when you look at an ad...  via a combination of emotion / gesture identification and pupil direction.  Nothing new here, just the ability to do it 10x a second.   So when I'm searching for hot granny necro dvda fisting the dedicated neural network chips might notice that I displayed slightly increased excitement when an ad for hot granny necro dvda hoof-fuck pops up, and now I'm getting more horse porn when I was just looking for ordinary granny porn.  Pretty much the same things the textual adaptation stuff in google's search does, but now with involuntary (or was it?) reactions.  Other biometric recording on the phone is going to be doing this too;  motion sensors, audio, etc.   Privacy laws such as they are attempt to stop shit that records audio and sends it over the internet randomly, but I don't know that there is any such thing on the device itself, especially when it's transforming the data into part of the effective blackbox that is a neural network.  Getting rid of the front facing camera just eliminates one of the primary tools for this, and takes the least effort.  ?

 

[misteraven]

Fuck man...

 

That's a lot to digest. No doubt people in general wont give a fuck, many because they can never wrap their heads around the tech, let alone its implications and many because they're too caught up in the bullshit distractions that much of life today seems to revolve around. I sort of lost faith is all of it when the whole Snowden thing got glossed over. Media worked over time to make the story more about whether he was a traitor or not than actually looking at the data he dumped. Nobody seemed to freak when the government actually threatened to arrest anyone that downloaded the data, as if you needed a bigger red flag that what was going on was super fucked up. In the end, nobody gave a shit and just went back to whatever latest scandal broke on the newswire and whatever dumb shit was distracting people on social media.

[Mercer]

I actually get that problem a few times a day, I said granny fisting you fucking NSA morons, sure I’ll enjoy the occasional granny horse combo but when I need granny fisting I don’t have a lot of time to dick around, and need that fisting visual like right away.

[misteraven]

Some interesting links that are relevant.

 

Facebook’s facial recognition will one day find you, even while facing away

https://arstechnica.com/information-technology/2015/06/facebooks-facial-recognition-will-one-day-find-you-even-while-facing-away/

 

Think it's cool Facebook can auto-tag you in pics? So does the government

https://www.theguardian.com/commentisfree/2015/jun/27/facebook-tag-pics-government

 

 

[GnomeToys]

I have a tendency to get into deep technical crap pretty quickly, partly because there isn't much of a good way to describe a lot of this shit, and partly because I've seen how easy it could be done even if a company wasn't complicit in it to begin with.  If you want to read some fun examples from experience, here they are, otherwise there are some links to various stories that filtered into the news more recently:

 

The second part I realized after a few years of compiler / security software development.  At some point I'd figured out that the only time anyone was reviewing any of my code in detail was when they wanted to learn more about how to do something with the compiler.  They generally quit working on bug-fixes at that level because if they waited for me to stumble in to work I'd have a fix in 10 minutes after they'd been trying to work out the error message for 4 hours.  From the standpoint of security software in general, this was worrying to me.  There were 3 major foreign banks building their phone apps with our provided compiler at that point, and since nobody was paying attention to what I was doing, I could have put practically anything in their finished software before it was actually released to the public at that phase...   then my thought was along the lines of "if I would be able to do this, and I'm just some random guy, how hard would it be for someone organized and actually trying to do so?".  This company wasn't exactly lax, either, it's just how things go in that industry, and gets worse when the company doesn't work in that area.   It tells you quite a bit about how some of the spyware probably managed to get into things in the first place, assuming the manufacturer doing it didn't just agree because it matched their own interests. 

 

Keep in mind the whole area of computer security openly encourages the kind of thinking that would get someone fired in nearly any other area (i.e. like a total psychopath).  Case in point:  Once, while incredibly intoxicated and typing like a retarded chipmunk, I wrote a couple of paragraphs in reply to something about self-driving cars on linkedin (which I've never been able to treat very seriously).  It went something like "Well, what I predict happening with computer control systems / self-driving systems in cars is something like...  you're driving down the road, and suddenly your cars pulls over and stops.  A voice comes over the console and says, 'Hello xxx, your car is now under remote control from the friendly folks at FuckOff Malware Inc.  You have something to write with?  Good.  Take down this number.  Repeat it back.  Good.   Now, we're going to go back to cruising down the road.  We'll be going faster than before and the steering might be a bit wobbly but I'm drunk right now.  What you're going to be doing is going to x.com and sending $30,000 in BTC to that number I gave you...  Oh, I see your bank account only has $24,497.83 in it, so just send that, I'm feeling nice today.   Failure to do this in 10 minutes will result in this vehicle accelerating to 100mph and crashing into a fucking telephone pole.  Thanks for your time, we hope you enjoyed shopping FuckOff Malware Inc.' *click*"

 

I know someone is thinking "you didn't really post that" or "that's not a good thing to be posting on linkedin" or "get the fuck away from me you lunatic", and you're right on the last two points anyway.   Within a week of posting that, I'd been contacted for interviews by one company doing engine control firmware for vehicles in general, one self-driving car company looking for a senior engineer, and another looking for a director of security for the new security department they were creating (presumably after reading that post and wondering how bad the lunatics that weren't posting on linkedin must be)...  Now picture the results if you said that to a psychiatrist.  ?

 

So taking all of the above to the  extreme, think about the mentality of someone doing this sort of thing somewhere like the NSA, where they not only have to think along that kind of lines for a living but also be good enough at lying about it that they can manage a background investigation that pulls everything from the past 10 years and convince whatever agency is interrogating them about it while they're hooked to a polygraph that they're well adjusted. 

 

Anyway, on the machine learning shit...  most of the current trend towards it has to do with management and the majority of programmers failing to understand what it actually can do and assuming it's another magic bullet.  The actual uses tend towards the "shit no consumer should want" category I mentioned in the first post.  The tech has lots of cool non-creepy uses, but none of those involve a cellphone.  What I see in that technology is the sheer amount of deniability it has.  Dissecting a trained neural net and determining exactly why it did something with some set of inputs isn't really feasible.  The networks themselves are huge and would take a massive amount of time to analyze in a meaningful way even if the internal representations of data they used made sense to humans, which it doesn't. Training, say, an image recognition network, requires huge amounts of GPU time and a human babysitting the thing and telling it when it fucked up, which kind of automatically influences the results. 

 

As an example, Amazon is marketing their face recog tech to law enforcement for use matching a face to mugshot databases, and a few news stories have covered this because it seems to have an abnormally high false positive rate on pretty much everyone, but especially black people.  So, how do you fix this?  Whose fault was it?    The person doing the training might be racist, or they might just not have had much real life exposure to anyone but white people and are leaning towards matches.   The tech might be failing because it's trying to use caucasian skin tones to identify features after a certain level of training where it saw light-skinned faces more often because of a biased input data set.  It might have to do with photographers being generally worse at pictures of darker skin tones.  It might just be a reflection of the abnormally high arrest rates among the same population...  Hell, the thing could have become proto-sentient and is trying to spark a race war (the machine learning specialist pops in with 'Nah, we don't have true AI yet' then nervously chuckles because he's not entirely sure.   The point is all of those things are abstracts and without some line of actual software to point at and say, "Ah-ha, someone made a  calculation error in Face::isBlackMan() and it returns false and ::isMatch() uses ::detectWhitey() instead.  We'll fix that in a jiffy", there's nothing anyone can fix.  Everyone will go back to reading their "outrageous shit trump posted on his twitter" feed 10 minutes from now in any case, so no worries.  ?

 

http://fortune.com/2018/05/09/amazon-alexa-lennar/

Amazon Alexa Will Come Built-In to All New Homes From Lennar

Oh thank god, I was wondering when the fucking spyware would come pre-installed on the house itself.  I hope they bundle motherfucking facebook messenger so you can ask alexa to search google for hardcore granny fisting porn to send your friends.

 

https://www.xda-developers.com/qualcomm-snapdragon-845-hexagon-685-dsp/

Qualcomm Hexagon 685 DSP is a Boon for Machine Learning

Just some PR for new phone chips with ML acceleration from late last year

 

https://arstechnica.com/tech-policy/2018/07/amazon-cops-should-set-confidence-level-on-facial-recognition-to-99/

Amazon: Cops should set confidence level on facial recognition to 99%

Because I trust the cops to read the manual for a neural network.   And understand what that headline means.

 

https://www.cbsnews.com/news/hackers-break-into-voting-machines-defcon-las-vegas/

Hackers break into voting machines within 2 hours at Defcon

Breaking News:  Y2K bug causes panic among computer users!  George W. Bush inaugurated. 

 

https://arstechnica.com/gadgets/2018/07/new-spectre-attack-enables-secrets-to-be-leaked-over-a-network/

New Spectre attack enables secrets to be leaked over a network

New 'internet' allows secrets to be leaked over a network.

[misteraven]

Fuck man.

 

Wondering how much deeper into the mountain I can move.

[GnomeToys]

12oz dwarf mountain fortress project? 

[Mercer]

I read that whole thing and had to dip to TOR for a minute after the granny fisting was mentioned, now my arm is exhausted. 

 

 

On a serious note, I wonder what's cutting edge with intelligence agencies like the former KGB, or NSA. Keep in mind the entire internet was originally the intranet for the US military first. Just some of the stuff I've seen private companies (that are bound by laws) are capable of is disturbing. Imagine a what a rouge organization like the NSA (that has no laws it follows) is doing.

Edited July 31, 2018 by Mercer

[Mercer]

I wanted to do one of these for how to use macs + iPhones  and wondering if anyone in here uses any of the following.

 

1. Dropbox as opposed to iCloud, also if used, do you use the camera uploads feature?

2. Password manager?

3. Hazel, or manually writing your own applescript for automation?

4. A firewall to monitor all connected activity?

5. a VPN service?

[GnomeToys]

Hazel seems cool.  Looks like there's a a GPL'd one with similar features for Windows.

Edit:  http://www.dropitproject.com/

Edited July 31, 2018 by GnomeToys

[GnomeToys]

1 hour ago, Mercer said:

I read that whole thing and had to dip to TOR for a minute after the granny fisting was mentioned, now my arm is exhausted. 

 

 

On a serious note, I wonder what's cutting edge with intelligence agencies like the former KGB, or NSA. Keep in mind the entire internet was originally the intranet for the US military first. Just some of the stuff I've seen private companies (that are bound by laws) are capable of is disturbing. Imagine a what a rouge organization like the NSA (that has no laws it follows) is doing.

I'd search one of the agency websites for GrannyFisting.mp4.exe but I'm afraid they'd try to hire me. 

 

Bob only knows what the more confusing agencies are doing...   The KGB is probably hunting down the last few people without a picture of Putin in their house and planting nanotech in diverted chinese computer parts for shipment to the US and the NSA is planting nanotechnology in the pictures of Stalin at the factory to record everyone's conversations about the KGB. 

[Dirty_habiT]

1 hour ago, Mercer said:

I wanted to do one of these for how to use macs + iPhones  and wondering if anyone in here uses any of the following.

 

1. Dropbox as opposed to iCloud, also if used, do you use the camera uploads feature?

2. Password manager?

3. Hazel, or manually writing your own applescript for automation?

4. A firewall to monitor all connected activity?

5. a VPN service?

1. I use iCloud, so I'm not of any use there.... but doesn't MS own DropBox?  I wish there were a roll your own cloud backup feature for modern phones.

2. I use LastPass and intend to at some point pay for access through them so I can use my YubiKey to login with it.  I think the free version works rather well, I have mine set up with 2FA on my phone's google auth app.

3. never messed w/ that.

4. What you're talking about is going to cost some money if you're monitoring any type of decent throughput.  You're talking Packets Per Second analysis that takes CPU cycles to do.  The expensive network equipment can do this but.... it's very pricey.  A computer running linux can use WireShark, ngrep, or tcpdump.  I'm sure there are more, but those are the ones I'm familiar with.

5. I use privateinternetaccess.com for my VPN service.  They have good phone apps that are easy to use and you can be connected on multiple devices at once.  I think they don't keep logs of traffic either.  Further for DNS on my local network (assigned via DHCP) I am using 1.1.1.1 and 9.9.9.9 for my resolvers.  These are "private/security" focused resolvers put up by people deciding that privacy was a good thing.  The other option is to run OpenVPN from a linux box in a place of your choosing, bare metal off shore or in the cloud.... whatever.

 

Also, great post GnomeToys.

 

 

[GnomeToys]

SonicWalls might be the cheapest routers in that high end category and have a wireshark type interface built into the management gui.  They're still close to $500 and overkill for home use and in terms of setup.  Their manual was close to 2000 pages long.  ?

 

Also thanks.  Another fun semi-recent article -- Washington DC is apparently covered with random StingRay cell signal monitors that no agency here actually installed and everybody seems to be confused about what to do about it.

https://www.wired.com/story/dcs-stingray-dhs-surveillance/