You can read my opinions on this here in the thread I wrote, at the end "
Turn it up to 11: If you want to go ALL OUT and turn that privacy/anonymity dial up to 11, instead of following 3a, search DuckDuckGo for darknet privacy guides, they are much more extreme in some places than this. The main difference will be the recommendation not to use a VM anymore, but instead having a burner laptop with Tails installed isn't hard, and is the best level of privacy and anonymity you can attain so long as you do it right. Probably overkill for what we do, but some people want the peace of mind. Then worst case scenario you can just smash the hard drive and literally destroy any evidence."
If you read through the full thread there is even more info in there on passwords, passphrases, some really good OPSEC stuff on page 2 especially, and most importantly, here is some great info on VPNs: "
Free VPN?" and here is a subsection from the Privacy Guide: "
Use a good, PAID VPN that does not keep logs. The following are considered the best VPNs.
- ExpressVPN - there is a real-world case where one of their servers was seized by law enforcement and turned up ZERO information, which verifies that they really do not keep any logs. They also have a
third-party audit verifying that they do not keep logs. This is the number 1 choice for VPNs IMO.
- Perfect Privacy - there may be a real-world case here too. Perfect Privacy announced that Dutch authorities had seized two of their servers as part of an investigation and said nothing was turned up as they don't keep logs. They didn't say why the servers were seized though, so it's possible that they weren't looking for customer connection logs anyway...we aren't really sure.
- VyprVPN - third-party audited to verify no logs are kept at all
- NordVPN - has an audit verifying they don't keep logs, however this was an internal audit, so it is possible it's not true, though we have NO reason to believe that is the case.
- PureVPN was proven by an FBI case that THEY DO FUCKING KEEP LOGS. They are fucking LIARS and if you use PureVPN you should cancel your account immediately and switch to one of the other 3 above. Since then they have said they've updated their policy and no longer keep logs, but I wouldn't trust them ever again, not after someone go arrested (not saying they didn't deserve it, but the principals of the PureVPN as a company are obviously bullshit."
As I mention in that post, the DNM bible is absolutely correct. However, it is total overkill for buying some gear over tutanota. If you're browsing DNMs for very illegal things, then yeah you want to be the most careful.
However, if you are using TOR, NEVER use it from your house. Your DNM machine should never, ever be turned on in your home. I would literally wear a fucking disguise, go somewhere that you can hop on open wifi, best case is somewhere there is no cameras. Otherwise go somewhere super busy so you can't be distinguished. Just make sure you park somewhere else so your license plate can't be associated to you. Then I'm talking about wear a hat, sunglasses, fake beard, walk with a limp and change your posture, maybe get a little fat suit so that you look like a fat guy or something lol. Get a screen privacy protector so nobody can peep on you, and do your thing quick then get out. Preferably switch up locations, too. One nice feature NordVPN has is "Invisibility on LAN" which keeps your machine invisible, public networks can be dangerous places, best not be seen on the network or you may be portscanned and someone could compromise your machine.
So basically, only if you are taking EXTREME OPSEC measures should you not use a GOOD,
proven VPN with TOR. In my opinion. Some may disagree. Keyword there is PROVEN.
However, there are differing opinions on VPNs decreasing security. The biggest factor is trust in the VPN provider. This is why using a paid VPN is so important. Many VPNs have been caught keeping logs, particularly the free ones. This is where the risk is. If LE can track your TOR connection back to the IP of the VPN server, then that is the egress point of your connection. They could then serve a warrant to tell the VPN to hand over the user info. Now, if you pay with bitcoin or XMR from a wallet that is several hops away from your coinbase/whatever account, use a throwaway email, and ensure no identifying personal info can be connected to your account, then there should be no way to trace you unless they were actively monitoring connections, which I personally have not heard of happening. I only hear of serving warrants to hand over whatever data these companies have. That's it. If the data is worthless, then they either move on because you aren't a high value target or they keep trying. This is why I talk about layers of security in the other threads. Every layer makes it harder to get to you.
Hmm, I am not sure about "Always on" if you're using NordVPN. I would expect the setting names to be the same regardless of operating system...Can you send me a screenshot of the settings options? This is what mine looks like:
View attachment 168581
As y'all can see my hands are doing much better. Get prepared for some more extra-long posts from yours truly! You know I love to hear the clickity clack of my mechanical keyboard
restoreprivacy.com
defendingdigital.com
