Monumental Security Reviews
Content
Introduction
1. [Browsers]
Google Chrome
Brave
Ungoogled Chromium
Mozilla Firefox
GNU IceCat
LibreWolf
Tor Browser
Pale Moon
WebBrowser
Joke Browsers
2. [Add-ons]
The Most Useful Add-on - uMatrix
3. [Linux Distros]
Linux Security
4. [Anon Networks]
I2P
Lokinet
5. [Emails]
Gmail
ProtonMail
MailFence
Postman (I2P)
RiseupMail
6. [Data Encryption]
VeraCrypt [Files]
KeePassXC [Passwords]
GPG Symmetric File Encryption
Closing Words
Summary
In everyday life, it is important that you use the internet in ways that are crucial to your safety. There are a number of browsers, perhaps the best known of which are here. I will analyse some of the most popular ones so that many people can understand them better.
I won't go into too much detail here, just by way of introduction - most of the 'famous' browsers do almost nothing to ensure security. "Security by design", "Privacy Focused" - advertising slogan. Nothing more, they are just given a role to enhance appearances.
Worth putting this post in your bookmarks if you don't have much time to read. I have checked some information from other sites to make sure it is correct and really conveys the truth.
I hope this information will provide you with enough knowledge and understanding for your future activities on the internet. Well, let's get started.
Browsers
Google Chrome - Level of Spyware - MONUMENTALLY HIGH
Probably the most famous browser worldwide. Well, when you connect to the browser, it sends all sorts of data about you to various Google addresses, purely for "statistical" and other "security" reasons, and of course, just because. This includes your system type, your IP address, your browser settings, your passwords, your data etc about you.
In short, anything that contains information about you.
Since Google doesn't have an "about:config" like competitor Firefox, you can't customize these functions. Since Google's search engine is the default, it sends the same amount of data to the same number of addresses, including your content.
If you have the "Show search suggestions" feature enabled, it will automatically send you a prompt with your details, your search and what you want to search for. This is by no means good, in fact it's worse. Let's also take an example of "security" settings.
You can set up "secure" DNS providers. Nothing could be further from that, because what's there is anything but secure. Starting with the evil Cloudflare, which acts as Mitm, that's where the data goes first.
I'll give you an example - on any page, next to the certificate, you see "Cloudflare", the following happens. Your request to the site is first sent to Cloudflare, along with all your data, and then Cloudflare stores that data and then decides whether or not to pass it on.
So initially all your data ends up with Cloudlflare and then with the site. Two arithmetic operations in just seconds.
Tor is blocked. Since you can hardly know anything about the people using Tor [this includes location, IP address and traffic], Cloudlfare doesn't like this, as it can barely get any information. Any site that uses Cloudflare is doing the worst possible thing to both itself and its visitors.
In short, Google Chrome should be the last browser you think of. Not to mention Microsoft Edge, which is probably even worse than Chrome.
Brave Browser - Level of Spyware - High
By default it includes an ad/sniffing/script blocker, but that alone isn't worth much. Script blocking does not protect against tracking, only against certain negative scripts and XHR. Of course Script Blocking has several advantages, but by itself it is just a Script Blocker that you can block in your browser settings.
Brave sends data to several places, including itself, and does what it wants with that data. Since it is a Jewgle based browser, it depends on it. It has many google components, so google knows you well.
By default it connects more Brave addresses, static addresses that suck your data sufficiently. Not to mention Brave's abuse of privacy rights, which is nothing new with them.
The data they collect - your name, address, phone number and other "minor information" - obscures the collection and storage of your IP address. But in the background, this information includes your operating system, IP, location, etc.
Also just a crappy browser with false promises that should be avoided. But then what can be done? Use a fork such as [i.e. the only decent one] Ungoogled Chromium.
Brave Search doesn't seem to be bad - good search results, doesn't collect IP addresses, doesn't require scripting, although if I remember correctly it's closed source so these are not certain. Basically this browser is like Google Chrome with a few additions.
This browser isn't a big gimmick, its default "security" features don't work as powerfully as they claim. Like if you buy a Google, put in an Ad Blocker and set ScriptBlock in the settings. This is not talent.
Tor's functionality might be suitable for someone who just wants to remain anonymous, but on a smaller scale. Because Brave sends you a number of requests before you do anything, using the Tor functionality does not affect their ability to collect data about you.
They know everything except your web traffic, which is probably the only thing they don't know about you. For Tor, use the Tor Browser itself, or a browser configured for Tor, such as IceCat. The key is to avoid the Brave browser by far.
Ungoogled Chromium - Level of Spyware - No Spyware
Sends no unsolicited requests anywhere, gets rid of Google completely. It's a "de-googled" browser, without any google bindings, and gets rid of them for you. Available for jewdos, Linux, but there is also an AppImage which I think is more worth using.
It also doesn't add extensions exactly through the Chrome Webstore, but with a secure alternative. Probably the best Google fork ever. It has removed all the Google bindings and the developer is a very smart person and takes care of a lot of things.
However, as far as I know, this browser has one developer and they are trying to develop it with the community [I haven't confirmed this, but that's how I remember it], which is a big disadvantage against Google's monumental development team, and it's not clear how long they can keep up.
There are of course other Google forks, but this is by far the cleanest of them all.
Mozilla Firefox - Level of Spyware - MONUMENTALLY HIGH
Also a poser, touting "Security". Well, Firefox has some useful features, but it is far from secure. To be so, telemetry must be disabled completely, all connections with Mozilla must be severed.
Even when you open the browser itself, it makes unsolicited requests to a number of addresses, and this does not change while you are browsing. Its default search engine is Google, which it prompts every time you hit a key, thus connecting to it and removing a big layer of security.
Turning off all telemetry in Firefox is justified and, not incidentally, it uses Google Safe Browsing, which again connects to the evil Google.
Of course, this requires a lot of "about:config" fiddling and skill, because it's easy to mess up. The Kundalini-Tool helps the Firefox situation, but that's only because many people don't even care what browser they use, they just "have to have something".
The plugin support is great, uses Webxt, as does Google, and GTK3 library. The source code is open, so security risks could easily be fixed with outside help. Firefox's developer base is large, but security is still lacking.
If you want some security in it, use the "Secure-Browser" feature of Kundalini-Tool. This does not exclude some of the telemetry and requests that are still in progress, or even what is happening in the background, but it is more than nothing.
GNU IceCat - Level of Spyware - No Spyware
It uses an earlier version of Firefox. It happens to be a browser based on Firefox. Also does not send unsolicited requests anywhere, takes care of your security. It also has "about:config" preconfigured [missing one or two things], but it's a good browser by default.
Completely open source, getting rid of Firefox as much as possible. It comes with several pre-installed plugins [if you download from their site, but if you download from e.g. slackbuilds, this is not true there], but it lacks uMatrix here too.
It doesn't send unsolicited requests anywhere, which makes this browser No Spyware. On this list, IceCat and Ungoogled Chromium are the ones that are spyware-free by default.
LibreWolf - Level of Spyware - Low
Also a Firefox-based browser, getting rid of Firefox in most cases [IN MOST CASES]. Still handles Firefox-bound requests. You can add extensions through Mozilla's site, which will make requests to it, thus hindering its security.
The development team is not very big, much smaller than Firefox. In fact, it is dependent on Firefox to some extent, and as soon as Firefox dies [because you can see the smoke of that already], it will take all Firefox-based browsers with it.
Google wants to take over the whole Internet, and as soon as that happens, the Surface Web will die [It is died, btw]. Unfortunately, there is currently no browser that is completely secure by default [Maybe WebBrowser, which is a Pale Moon-based browser, or Pale Moon with minor modifications].
Both LibreWolf, IceCat, and Tor Browser are under the influence of the evil Mozilla, and all are tied to it to some degree.
LibreWolf is a Firefox browser with some "about:config" modifications, which Kundalini-Tool also provides, so we're pretty much in the same place. Although it doesn't send as many unsolicited requests as Firefox itself, it is dependent on it, and it's not known how long its team can keep up with Mozilla.
In any case, it is a much safer choice than Firefox itself.
Tor Browser - Level of Spyware - Low
Well, it is probably considered the "most secure" browser ever. Well, the reality is far from it. Tor Browser is nothing more than a Firefox-based browser that runs over the Tor network. You can do this yourself if you configure Firefox Ports properly.
It still makes a certain amount of requests to Mozilla, its default search engine is DuckDuckGo [it has jewgle in it - joke], but DuckDuckGo is not known for its security. DuckDuckGo also contains spyware, although it is a better choice than the Google search engine. It stores your data and who knows what it uses it for.
It uses Telemetry and sends requests to Mozilla, of course it does this anonymously, but this can get worse with later updates [and of course "Auto Update"]. Look in "about:config" for "app.update.auto" and set it to "False".
Automatic updates are enabled by default, which only makes things more difficult. You have no way of knowing what goes into these updates. Also, in the security settings, "Safest" just blocks JS, media and a bit more at some level, with the default NoScript addition on the side.
Now, NoScript could be useful, in addition to blocking several things with it - script, frame, ping, fetch, etc - but those are just individual things that uMatrix does better.
Tor does not recommend adding browser extensions [this has been strongly denied by other browser developer], but feel free to add extensions. Adding extensions is done through Mozilla, even if you are using Tor, and this means requests to Mozilla. It's worth adding Adnauseam and uMatrix extensions for better security.
Tor Browser does not provide security. You may even encounter malicious software or sites. Tor gives you anonymity, but it does it very well. In fact, a properly configured IceCat or PaleMoon with Tor implementation is worth more than the Tor Browser itself.
Or if you're very paranoid about cyber security [Which as an SS can be a normal phenomenon, at a healthy level of course], run the entire Linux Distro over the Tor network. You can do this by configuring Tor files and using Iptables.
The Kundalini-Tool's "Torify" feature provides system-wide Tor enforcement. Although I write this post before the Kundalini-Tool update, when Tor enforcement was still browser-based, I don't know if the update was available at the time of publishing this post or not. Who knows.
In any case, I don't want to destroy your idea of Tor. The Tor browser is still more optional than most browsers in terms of anonymity, but if you want to be safe while using the Tor browser in addition to anonymity, use extensions like uMatrix.
Pale Moon - Level of Spyware - Low
Probably the only browser on the list that I would say would be the most optional choice. Perhaps because Pale Moon has fallen into the trap of contradicting the statement "Your Browser, Your Way".
It used to, but the backlash has started. The NoScript and Adnauseam plugins have been disabled because they "cause page breaks". Are you serious? If you set up Pale Moon's "Block Content" plugin, it breaks pages the same way and provides security, just on a larger scale.
The problem is what gives you security on the web and the good is what spies on you, right? Extensions like Adnauseam or NoScript strive to provide security, yet they are blocked. Where did the point of the above statement go?
Adnauseam is a good blocking extension, but it was blocked by jewgle, and Pale Moon. You can re-enable them in Pale Moon, but that requires "about:config" knowledge, and for a beginner it's not easy. In Firefox you can find it in the plugins, but it requires a Mozilla bind.
Pale Moon offers add-ons on its own site, not Mozilla add-ons. There are fewer add-ons, but they are more useful and important. Only those that are monumentally needed are included. In any case, adding add-ons in Pale Moon is different than in Firefox, for example.
Although the most important extension, uMatrix, is available for Pale Moon. Unfortunately, Pale Moon is starting to sell itself, it is starting to prioritize its partners as its own users, and has become something of a "weaker" Firefox clone. Apart from that, it still stands up to some of its claims and cannot be said to be unsafe.
Someone called PM a "sinking ship", and in this he may be right.
The Tor network is blocked. I cannot view the Pale Moon site through Tor because it is blocked by Moonchild. It is also backed by the evil, phishing giant Cloudflare, and they are all and all systematically sinking this lovely little browser.
Here are some "about:config" options that if you change, the Spyware level will be reduced to zero:
extensions.blocklist.enabled - False
services.sync.prefs.sync.security.OCSP.enabled - False
security.OCSP.GET.enabled - False
security.OCSP.require - False
security.OCSP.enabled - 0
geo.enabled - False
After the changes, Pale Moon looks like this - Pale Moon - Spyware Level - No Spyware [Secure]
I recommend this browser for any use. Every secure browsers have minor issues, as does PM, but it's still the cleanest of the browsers currently available for everyday use and for your safety. Pale Moon is good for everything if you take a minute or two to set it up first.
Available for jewdos, Mac, Linux, FreeBSD [Beta]. Remember to add the uMatrix extension to all your browsers if you want to stay safe.
In fact, if you configure Pale Moon properly and enforce Tor, or better yet, if you run your entire Linux system over the Tor network, you will be much more secure and anonymous than if you use a Tor browser.
WebBrowser - Level of Spyware - No Spyware
Well, perhaps this is the browser, along with Pale Moon, that I can confidently recommend for the modern internet. It doesn't send unsolicited requests anywhere, and is itself built on Pale Moon. Definitely worth a try, you can check out the Project below.
https://git.nuegia.net/webbrowser.git/
Opera, Internet Explorer, Safari, Opera Gaming, Microsoft Edge - Level of Spyware - MONUMENTALLY HIGH
Avoid them, they fall into the pity and joke category.
The Most Useful Add-on - uMatrix
This is an all-in-one add-on that allows you to block almost everything on any page, or even globally at once.
uMatrix automatically blocks malware, trackers, third party domains, protects against fingerprinting, blocks ads and much more. You can block pages, JavaScript, cookies, CSS, frames, media, images, XHRs [HTTP requests made by scripts - XmlHttpRequests], and much more to keep you safe.
Of course the benefits of using uMatrix cannot be condensed into a small post, it all depends on understanding.
If you use uMatrix, your security will increase monumentally. The downside is that it takes time to learn how to use it, but it is worth it for your security. It is available for almost all browsers. Some browsers [IceCat for example] require a bit of tinkering to add, but it's not complicated.
The "Advanced" option in uBlock Origin is pretty good, but not nearly as useful as uMatrix. With uMatrix, you can literally block everything, plus it protects you from many things in the background.
For a properly configured browser, you only need 3 add-ons - uMatrix, Adnauseam and NoScript. uMatrix blocks what you don't need in the background and on certain pages and protects your activity, uBlock blocks a number of things and NoScript ensures that suspicious scripts are blocked.
But if you set up uMatrix to globally block Scripts and only allow them on pages where you want them [for example, JoS], you can leave NoScript turned off. You can add Disconnect or Disable WebRTC instead, although you don't need the latter if you've changed the values manually in "about:config".
For Firefox-based browsers, you need to change "media.peerconnection.enabled" in "about:config" to "false". On Chrome-based browsers, you need to use an extension such as WebRTC Leak Shield. Pale Moon disable WebRTC by default.
I would never go online without uMatrix, and I wouldn't use any browser without it. Decentraleyes may conflict with uMatrix. Adnauseam may also conflict with other ADBlockers.
About Linux Security - Life Without Systemd
I explain it in more detail in the Kundalini-Tool "README666" file, but here is a smaller list and some useful instructions you can do to ensure your security.
There are many Linux Distro, and most of them follow the Linux Philosophy principle - "Your system, your way, your business". Jewdos is the monumental opposite.
Well, if you are serious about your security [which as a SS is HIGHLY RECOMMENDED], then choose a Linux Distro that is free of Systemd, such as Slackware, or for Debian fans, Devuan, or an Arch Fork, like Artix. Although, you can squeeze out some security on systems that contain Systemd.
Some of the famous Linux distros that have fallen into the Systemd trap - Ubuntu, Linux Mint, Kali Linux [the Kali's site is behind fucking Cloudflare - pathetic], Parrot OS, etc. Systemd is a hindrance to your security, but you can do something about it. For example, keep all your files and folders in VeraCrypt, and all your passwords in KeePass.
To access the internet, use multiple VPNs [WireGuard or OpenVPN, combined with Iptables], or even Tor, and properly configured browsers. Using Google on Windows systems is like physically walking alone with all your data out in the open on a several-mile stretch of road to your destination. So the Jews know more about you than you know about yourself.
Systemd has its flaws, not that I give it a positive, one or two of its features are tolerable. Slackware Linux is the best in terms of security, but it has several drawbacks - you have to install many programs from source and build them manually from Terminal.
You need to know and understand Linux architecture and architecture, otherwise you will get lost during installation. For Slackware, you can manually configure several encryption settings from Terminal during installation [e.g. encrypted /home, encrypted /root, encrypted /swap, encrypted partitions, overwrite partition with metadata to increase security] using Cryptsetup.
But this requires a higher level of knowledge, not to mention time. Slackware is more complicated than an Arch in my opinion, but it's also more secure. If you don't have time to learn Slackware, or other serious Distro, you can choose from the list below.
Linux Mint [More graphical interface] - Offers more encryption options and is beginner friendly. You can access many packages and programs from the Software Center, and Kundalini-Tool works perfectly on it.
Parrot OS [Mate]- Although this is a system for IT professionals, there is a "Home" edition that is secure and offers many pre-installed useful programs and packages. [Tor, Onionshare, AnonSurf]
Devuan [XFCE]- Debian-based, without Systemd. If you know Debian, you should have no problem with it.
Kali Linux [XFCE] - While not for beginners, you can test the security of your machine, network and devices.
PureOS [Gnome]- A security-oriented, Linux Distro with Gnome.
EndeavourOS [Multiple graphical interfaces] - Arch Linux based, uses Arch repositories with minimal pre-installed programs and graphical interface. Preferably the choice of Arch fans.
Slackware [Or Slackware-based Distro] [KDE or XFCE]- Systemd-free, secure Linux Distro. It follows the "One Application" philosophy. Nothing runs in the background, only the things needed for the system. My personal choice.
Whonix [VirtualBox] - Worth running under a secure Linux Distro with VPNs pre-configured for monumental security.
Tails [USB] - Excellent for laptop users, or those who just want to browse the Dark/Deep Web. However, not entirely suitable for everyday use.
Prestium [Linux Distro Through I2P] - Runs entirely under I2P, and is a great choice for I2P enthusiasts like me.
VPNs
There are a lot of VPNs available, and most of them are terrible. The "Gaming VPNs" don't deserve a mention. The likes of NordVPN should be avoided by far. The Mullvad VPN has pretty good security and doesn't require any personal data, but it's paid, just like IVPN.
ProtonVPN also has some good features, but for more security you may want to download an OpenVPN configuration file and place it in the "/etc/openvpn" folder. The other option [which I prefer] is to use it via WireGuard.
From the ProtonVPN site:
"Data we collect and why we collect it. Personal data (related to your account): Account creation: To create an account, in order to use our Service, we do not ask your name or surname. All you need to do is select your username, then provide the email address and choose your password. You can also register with your existing Proton account."
They don't ask for your personal details because you're using ProtonMail to access it, and they've already done it there, assuming you've had luck using VPN or Tor, and they don't ask for your email address or CAPTCHA, which isn't much more efficient but a notch better.
If you start it through WireGuard, you can check the DNS associated with it. The command "resolvconf -l" will list it and you will see the address. If you use WireGuard all the time, you might want to add a script to start it automatically at system level.
if [[ -x /etc/wireguard/wg0.conf ]]; then
#Start WireGuard
sudo wg-quick up wg0
fi
The "resolv.conf" file should also be made read-only, so that the value does not change on every boot. You can do this with "chattr +i /etc/resolv.conf" [This is for Slackware users], or if that doesn't work, with "chattr +i $(realpath /etc/resolv.conf)".
This will prevent DNS address changes.
Another free VPN is RiseupVPN, which uses secure, highly encrypted networks. You can use it with "Bridge", Tor, block Ipv6, use it with "Snowflake", even UDP. Do not use UDP because UDP is not as secure as TCP.
Their email provider is also by far the safest and most secure, plus it's free - but unfortunately it requires an invitation. Another decent email provider nowadays is Postman [I2P]. The likes of MailFence, ProtonMail - not known for total security, a lot of their talk is just hype.
The point of UDP is to get packets to their destination as quickly as possible, and in the process there is no guarantee that all packets will arrive. TCP is the opposite - it is more secure because it organises the packets and ensures that they all arrive.
RiseupVPN is available for most Linux distros [If you are using Slackware, you will probably need to look for a RiseupVPN OpenVPN generator script to run over OpenVPN], as is ProtonVPN. For Slackware users, ProtonVPN is available at 'https://slackbuilds.org' and can be configured from the source.
If you configure the entire Linux system for Tor [As Torify does with Kundalini-Tool. Again, I have no idea if the Kundalini-Tool update is available at the time of publishing this post], you don't need a VPN, although you can run WireGuard for security.
If you're a big Tor fanatic, you can use Torify in Kundalini-Tool around the clock, set all your browsers to Tor, and use ".onion" alternatives. If you are an I2P fan, use the same method but configured for I2P.
Anon Networks
I2P Network
The I2P Network [somewhat similar to Tor] is an encrypted, peer-to-peer anonymized network designed for internal use, unlike Tor. I2P uses the Jetty web server, and through it you can chat, surf and do everything else anonymously.
I2P differs from Tor in that, unlike Tor, it is not designed for external use, but for internal use. Within I2P you can create pages and forums in the same way, all anonymously and encrypted. Available for jewdos, Linux systems.
In my opinion it is better than Tor in terms of security and encryption. Outsourcing can be done with "Outproxy", but I2P works more inward than outward. I2P works with different ports, each serving a different purpose.
HTTP - 4444, HTTPS - 4445, for example. It favours internal use and everyone connects to everyone, that's how this network works. Tor is easy to spot as it has a unique fingerprint, but I2P has a different way of doing it and unlike Tor it is good against DDOS attacks.
Although Outproxy can be used for surfing the surface web, I2P is more used for Darknet, Eepsite [I2P Sites], or anonymous surfing. I2P doesn't have as many sites as Tor, but there are plenty of them, so there's something for everyone.
Torrent also works on I2P, in an anonymous version. This site [http://tracker2.postman.i2p/] has a monumental torrent galaxy and you can find almost anything. It is one of the safest ways to torrent at the moment.
I2P has many advantages, basically an encrypted and anonymous internet within the internet.
Lokinet
A pretty cool network, although not nearly as famous as its peers.
https://lokinet.org/
Search Engines
Google Search - Spying Level - MONUMENTALLY HIGH
This search engine exists because Chrome, Microsoft Edge - collects information about you. It does nothing useful, it automatically connects to many Google addresses, it collects monumental statistics, it does many queries.
This search engine should be avoided at all costs. Its only advantage is that it indexes most pages, and you can find many pages with it, almost all of them on the Surface Web. But you pay for it with your data, which is concentrated in the hands of the Jews.
It disables Tor as much as it can, and uses reCAPTCHA to make tracking even more feasible, as does ProtonMail. Google services should be avoided far, far away, especially as SS.
Mojeek - Spying Level - None
Quite a good little search engine, does not collect IP addresses, only CSS need [Tested this in uMatrix]. It has its own index and provides security. The only downside is that the search results are not very rich, but it is by far the cleanest search engine available.
MetaGer - Spying Level - None
Same as above. It has an Onion domain, so can be used in conjunction with Tor. But its search results are much better than Mojeek's.
Tor - http://metagerv65pwclop2rsfzg4jwowpavpwd6grhhlvdgsswvo6ii4akgyd.onion/en-US
I2P - http://4zdcetlcp3tdg5h23gd3aeyzbvodepid7a6mb3w4qvxkdnm2by6q.b32.i2p/
Ecosia - Spying Level - Medium
I used this search engine a lot in the past. It is not considered secure, it stores IP addresses and other data, and it plants trees, which is quite nice. However, I would never use it again as it's behind the evil Cloudflare, so its essence is gone.
It's a shame, and it was a good search engine.
Brave Search - Spying Level - Medium
Well, given Brave's data collection, it's not out of the question that it does the same thing. It's backed by Amazon, which is not a Cloudflare, but these are things to watch out for. CSS alone is enough to use, but I can't trust this search engine. Avoid it, use MetaGer instead.
If you want to browse JoS, the safe Mojeek is also suitable. But if you want everything else, then switch to MetaGer instead.
DuckDuckGo - Spying Level - Medium/High
A notch better than Google, but no more, but if you're torn between the two, go with DDG, or at least use it on Tor or I2P.
Tor - https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/
I2P - http://gqt2klvr6r2hpdfxzt4bn2awwehsnc7l5w22fj3enbauxkhnzcoq.b32.i2p
Emails
Gmail - Spying Level - MONUMENTALLY HIGH
Well, not worth mentioning. It's really designed to get Jews to collect data on you, just like Chrome, Jewcrosoft Edge and others. The only advantage is that it supports mail clients, but nothing else.
I won't even go into the "Privacy Policy", we all know that Gmail is Jewish owned. Avoid it by far.
ProtonMail - Spying Level - High
Well, this is probably considered the most famous "secure" Email provider, but that's not quite the case. ProtonMail [Like Mailfence] has a minor form of encryption that researchers say is quite flawed, not to mention that it doesn't encrypt everything. Doesn't works without JS. [Sadly]
The names, addresses, senders and subjects of messages are all visible, and Proton can unencrypt encrypted data at any time. The PGP keys are generated in advance when the account is registered, and are probably full of unsolicited requests.
From the Proton site:
"IP logging: By default, we do not keep permanent IP logs in relation with your Account. However, IP logs may be kept temporarily to combat abuse and fraud, and your IP address may be retained permanently if you are engaged in activities that breach our terms and conditions (e.g. spamming, DDoS attacks against our infrastructure, brute force attacks).
The legal basis of this processing is our legitimate interest to protect our service against nefarious activities."
Of course, that's how everyone delivers - IP address storage and tracking, offered in a nice package. You don't know how long these are stored, because you can't trust Proton.
Another:
"If you enable authentication logging for your Account, the record of your login IP addresses is kept for as long as the feature is enabled. This feature is off by default, and all the records are deleted upon deactivation of the feature. The legal basis of this processing is consent, and you are free to opt in or opt out of that processing at any time in the security panel of your Account."
Seriously, who wants to allow information to be stored about them? Okay, I don't mean the people who irresponsibly accept all the cookies and tracking "protections" [which is also a marketing term, in the background the opposite is happening] on every site.
Seriously, think about what you do on the internet. You accept terms and conditions, cookies that are tied to you. If the phishing happens, it's not the company's fault, it's your fault because you didn't read the terms. Think about it, you can easily get in trouble.
They also have .onion domains that were so, so anonymous that if you weren't paying attention, the Tor domain would redirect you to their Clearnet address. How anonymous is that?
Let's look at the facts - "No personal data required", and later "We use SMS for this feature". Even if you just don't use a VPN or Tor, you may not need to provide personal details. If you use VPN or Tor, you'll suddenly have to enter some details.
Not to mention that Proton heavily discloses "sensitive" accounts to the authorities. If you confirm to them that a Proton user is exchanging "sensitive" messages, they can extradite you immediately. In the background they track your activity, collect your data.
IP addresses are collected by default, and stored for a limited time for "security" reasons [just like phone numbers]. It doesn't work without JavaScript, I somehow messed it up in uMatrix, it's full of crap and bullshit that is unnecessary for an "encrypted/secure" email.
Proton had a case in the past where they leaked data about users. Well use it at your own risk and don't trust it, but if you can, avoid this email as much as possible, just like MailFence. Alternatively it's good, a notch better than Gmail.
If you have a paid option, use Posteo, and avoid Proton by far. I know many people in SS use this for easier access [as I do], just wanted to share. If you're going to use it anyway, do it over VPN or Tor.
ProtonMail is available on Tor - https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion/
MailFence - Spying Level - High
From the MailFence website:
"We collect IP addresses, message-ID's, sender and recipient addresses, subjects, browser versions, countries and timestamps. When registering, you will be asked to enter an external email address. We send your activation code to this address and use it to communicate with you in case you are unable to access your account.
Incoming and outgoing messages are automatically analysed by our anti-spam, anti-virus and anti-abuse checking routines. When you pay by credit card we store some of its details. Team members have signed a confidentiality agreement to protect collected data."
Off to a good start, IP addresses are collected, stored, and additional data/metadata is collected about you. If you pay for this shit, they collect data on that too. When you register, you have to enter another Email address to which they send the code. Are you serious?
Another one:
"Yes. Our cookies are "authentication cookies" and not "tracking cookies": we don't track you after your session on our servers. You can find more information about the types of cookies here."
You don't know what cookies are, just as I don't understand why you need JS at all. You could easily run into a tracking JS without even knowing it. You are not notified that they are tracking your activity. Use uMatrix everywhere.
The "secure" MailFence will ask you for your real email account in advance and send you the code to proceed. I don't know about Mailing Client support, but you can guess.
Just read this:
"Should you close your account, all data will be permanently deleted 30 days after the legal expiration date (i.e. the Belgian law imposes 365 days after account closing). This means that your data will be PERMANENTLY deleted, as opposed to the practice of some major cloud companies which are unable to delete data.
We do not delete your account before the legal expiration date because users often ask to reopen their account after having closed it themselves."
Avoid it for the most part, just like Proton.
Postman (I2P) Spying Level - None
An encrypted and anonymous email service available via I2P, which allows you to send messages to both external addresses [Surface Web client, e.g. Proton, or any other] and internal, i.e. ".i2p" addresses. It is currently the cleanest choice.
There is no need to provide personal information when registering, and the registration itself is simple. The email looks a bit different, with different settings. The only Email that supports I2P and is accessible through it. At least that I know of.
Here you can create Postman account [Note: I2P needs] - http://hq.postman.i2p/?page_id=16
RiseupMail - Spying Level - None or Mild
Probably the most selective choice of services currently available, and free to boot. However, it does require an invitation, which unfortunately I don't have [If you're reading this and you have one, think of me :D]. The "privacy policy" is relatively tolerable, and fair.
No IP address storage, no sensitive data collected about you [location, operating system, browser, screen resolution, etc.], and strong encryption. You can create multiple "Aliases" within your Email account, which is very useful.
Your data is stored in turn, but with strong encryption, and can only be decrypted by the Riseup team, but they don't do this because Riseup is a human rights organisation who REALLY have your safety as their number one priority. Good question, then why do they store certain data?
Well, in order to access your account, the data has to be stored somewhere. It's not personal data, it's other data. Riseup does not collect personal data about you, or only very minimal data. It is really nothing like what Proton or MailFence does.
From the Riseup site:
"All of your data is stored in an encrypted format, and only Riseup has the keys to decrypt the data. Additionally, as of March 2017, the storage for all new accounts is personally encrypted. Riseup is unable to read any of the stored content for these accounts. Any user with an account created prior to March 2017 may opt-in to personally encrypted storage."
If you delete your account, it won't slide for days or weeks, it will be deleted, instantly. Unlike Proton, who is only willing to delete your account after a period of time, and until then you can imagine what they do with your messages and activity there.
I can actually recommend this Email with confidence, but unfortunately you need an invitation to join. If not, use Postman.
Encryption
KeePassXC
A password store for all your encryption and security needs. You can use Keyfiles with it, just like VeraCrypt, and it's a pretty well built secure password store. It is available for many Linux Distros and is worth using for secure password storage.
VeraCrypt
A program for high-level encryption of files and folders. It is available almost everywhere and is not difficult to set up. You can choose from several encryption options [up to three for one storage] and set several security levels.
First create a "Standard" container, then a "Hidden" container. In the Standard you keep the not so "sensitive" files, and in the "Hidden" you keep the important stuff, like SS writes. Generate the passwords in KeePass and save them there.
For both, generate a password of at least 30 characters, including all punctuation. Save them in KeePass. For greater security, generate 'key files' [at least four] and then you can even set a PIN for them.
This has several advantages - firstly, your folders/files cannot be accessed on your Linux system without you, so an attacker cannot recover or copy the contents of your data, as they cannot be accessed without you.
Secondly, only the people you want to have access to your data. Because you store everything in a highly encrypted storage [two of them], this is the safest way to store data in today's world.
So, if you lose your password, you can no longer access your data. It's worth storing them in a text file other than KeePass, encrypted with "gpg". One looks like "gpg -c ". Here you enter a password [prompted twice] and you're done.
The program will automatically create a file called ".gpg" and delete the other unencrypted file. You can open the ".gpg" file by typing "gpg -d ". Then enter your password and Terminal will print the contents of the file.
GPG File Encryption
You can use gpg to encrypt files locally. Once this is done, the file containing the data can now be accessed with your password. Let's assume that the file containing the super-secret data is called "safe-file". We want to encrypt the data in the "safe-file" file.
Type the following into Terminal: "gpg -c safe-file" [Replace "safe-file" with the name of your own file]. The program will prompt you for the password, then type it twice. Be sure to write down this password so you don't forget it. Then type "gpg -d safe-file" to remove the Symmetric encryption.
Here it will ask you for the password you entered, and once you have entered it, you will be able to see the contents of the file. This is an easy way to store files locally.
Summary
Briefly about Email - Use Posteo if you want to pay for something, or use Postman if you want something free. Use RiseupMail if you have an invitation [if you do, think of me :)].
Briefly about Browsers - Use LibreWolf for common browsing, or Ungoogled Chromium. For the Forums, use Tor, or Pale Moon, or IceCat, with Tor enforcement of course.
Briefly about VPNs - Use ProtonVPN under WireGuard or OpenVPN, but preferably use RiseupVPN, or both at the same time. Or if you pay for them, use Mullvad VPN. It's worth running multiple VPNs at the same time, at least two. ProtonVPN is not really secure, use at your own risk. Use it if you really need a VPN, but better if you are using Riseup, Kundalini-Router or Mullvad.
Briefly about Search engines - Use Mojeek, or if you want good search results, use MetaGer, or worst case DuckDuckGo on I2P or Tor. [Not ethical to recommend this, but a notch better than Google Search Engine]
Briefly about Add-ons - don't go online without uMatrix, Adnauseam and Disable WebRTC.
Briefly about Hidden Networks - Use I2P or Tor, but if you want my opinion I would go with I2P.
Briefly about Linux Distributions - If you are a real security fanatic, use Linux distributions without Systemd. If you don't, use Whonix or a security-oriented Distro. The choice is huge. Don't think of Linux Distros with Systemd as "all data is compromised or something", no, just a Systemd-free Distro will provide more security.
Briefly about GPG - Use GPG Encryption for files where you store some of passwords. It is not the best option if you encrypt a monumental large file, for this, use VeraCrypt.
Briefly about KeePass and VeraCrypt - Use these if you need a monumental security for your files/passwords.
Closing words
I hope this post has given you a little understanding of the "Projects" currently available that claim to be secure. I have not analysed everything at length, I have tried to be concise in what I wanted to convey.
I have tried to do a lot to encourage many of us to use security alternatives and take care of our online security. Online security is as important as physical security. In fact, we need to be much more careful online about what and where we search.
You don't physically go to people who are helping you with sensitive or even 'harmful' content, so they don't know about it. But you can leave a mark on the internet if you are not careful. It is time for SS to move on and step out of the jewish matrix.
I will not stop. If I can help at least one fellow SS member with these posts, I will have plenty to show for it. I love all my SS Brothers and Sisters equally, I wish you all the Satanic happiness and the Quintessential Side of Gods.
Be careful on the Surface Web as it is under monumental jewish influence. Where you see Cloudflare, be doubtful and keep your data safe. The Surface Web will soon be under full jewish control and if we don't change this, it will happen. Realize this as soon as possible.
The Surface Web has failed.
Click To See This Post On Ancient-Forums
Return To Homepage