On Saturday 24 April 2021 07:33:12 pm William Morder via tde-users wrote: > When I tried out Whonix before (about 2 or 3 years ago?), I used Qubes. It > seemed too much trouble for what I want; Aye! Qubes is a way of life, and (while not having used it myself) does seem like it’d need a good 20 hours of up front time to get it to work. > and besides, it seemed like I > couldn't use it for ordinary stuff like email, banking, buying stuff > online ... where you generally need a direct connection. > I don't know if > you get round that by changing your apparent location, etc., but that is an > issue for me. I do sometimes have to connect to the outside world for > business. > For doing stuff as ‘you’ (banking/email/whatnot) you’d install a VM (AppVM 1 w/ Devuan etc. in that pic) that has direct network access. https://www.whonix.org/wiki/Qubes > And now, my biggest objection is that Whonix is Debian, thus systemd, and > that violates a core tenet of my religion. A non-systemd version of Whonix, > and I would definitely give it a try. Yeah, I don't see that. It'd basically whack fingerprint anonymity. > I seem to recall yourself recommending a Raspberry Pi (or some such?) as a > device to route all my traffic Probably (if I did I’ve dropped the idea since). I’ve been noodling on how to separate my business self from my personal self on the internet for ~20 years(clients are completely arbitrary over what will trigger their bigotries). A Pi or dedicated router to tor your whole network would work, but it’d be basically the same as using Whonix for everything (and a lot more work). > ; I believe the question in that earlier > thread was how to send email over a proxy connection? something like that? Not sure? I send my email through a SSH tunnel direct into my mail server using raw IP addresses. Makes it pretty hard for anyone to man in the middle me, plus you’re petty sure your mail isn’t read by your ISP. > I suspect that my ISP may somehow be blocking the use of privoxy - by > blocking port 8118, perhaps? I’d guess that’s not accurate? I skimmed Privoxy’s FAQ, and it just looks like it’s a local service on your own machine filtering/intercepting your own box’s traffic and then forwarding the traffic on to your regular ISP modem/router. Port 8118 is used on your box only, so this sounds more like a Privoxy config issue (maybe you’ve got a wrong value somewhere? hostname? toggle?). https://www.privoxy.org/user-manual/config.html > The reason I don't quite trust my ISP is that they have recently created a > Tor exit node for themselves. Even if I trusted that they were kindly > trying to protect their users, it seems inherently insecure to use a Tor > exit node that is run by my ISP, so I have blocked their Tor server. And > now I cannot get privoxy to start up, no matter how I've gone about it. Okay, your ISP setting up a tor exit node (should!) have zero to do with any of their customer’s connections (to tor or otherwise). The tor software on your computer picks a random entry node (first hop). I do agree though with blocking the first hop connecting to your own ISP’s tor node, and blocking its use as an exit node probably makes good sense too, so yeah, just block its use completely... It’s been a long time since I dug through tor’s config options, but there was a way to block the first hop from using a country (e.g. if you’re in the USA, block all ECHELON countries from being the first hop). At the point you’re at, I’d try getting Privoxy to work without adding any of the tor layers and turning off all of its [actions?] (I’m guessing at that, whatever ‘stuff’ it’s filtering so to speak). > No paranoia here! Just good wholesome fun. Clean living and clean thoughts: > there's the key! It’s all fun and games until those guys in black suits and mirrored sunglasses knock on your door. ;) Seriously though, like you I’ve got zip all to hide, it’s just the level of ‘big brother’ watching everything is revolting, so doing ‘my part’ to mitigate some of it seems reasonable. Case in point. A month or so back, me and the misses saw a chain store we hadn’t been in, in 20 odd years, so for nostalgia we wandered in, browsed around and left without buying anything. Approximately six days later she started getting ads for that store on her Facebook page. My best guess (since she uses gmail, uhg!) is the big G tracked her phone going into the store, shared/sold the data to FB, and ‘targeted’ ads for her... So f-ing creepy... laters, Michael ____________________________________________________ tde-users mailing list -- users@xxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxx Web mail archive available at https://mail.trinitydesktop.org/mailman3/hyperkitty/list/users@xxxxxxxxxxxxxxxxxx