That is what most people do wrong, they forget this crucial step, and then they think its incognito mode that is faulty, when its just them not using it right.
The US government hides behind the Patriot Act to justify monitoring the American people and to justify wiretapping our phones. Everything you do is recorded by your ISP which is relayed back to the government there is no true definition of "browsing the internet safely" unless you do a lot to cover your tracks or maybe do something like in this video *MAYBE* but frankly, looking this up is just going to make your ISP and the government pretty suspicious
@Harshit Joshi it’s trade off at what point is the security or the animosity not worth it? Because of 9/11 the patriot act was deemed worthy for our safety. But to what extent can we allow this.
One thing that people seem to be glossing over when talking about VPN services: The only thing standing between your encrypted VPN data and your adversaries is the VPN services terms of service, the laws where they are based, and the physical/digital security practices held by the company. In other words, VPN is not exactly what people are selling it to be. VPN pretty much just obfuscates the data from ISPs and public/unprotected/compromised wifi network attackers. This is more or less just shifting where your browsing data lives. Any good VPN service will cost money. If you do go the route of VPN services, make sure they are trusted and pick one based in a country with well respected privacy laws. Also if you have a "free" service they are likely selling your data to the highest bidder.
100% when it comes to things like VPN people need to read the terms and conditions, and privacy policies. And also do research on them to see if they ever had to give user data out.
The best test is to wait until a court goes after a VPN trying to get information out of them, so long as that court is in that VPN's home country. Then we find out how robust that VPN actually is.
@ " "Mullvad and AirVPN are the only decent ones that actually respect privacy" these two companies are a honeypot for NSA..." notice how you gave no proof either?
@@impoppy9145 There's literally millions of people using tor for completely legitimate reasons such as bypassing censorship, protecting their privacy, hiding their activities from oppressive governments and so on. FBI, NSA, CIA couldn't give two shits about a random person using Tor. The vast majority of Tor users don't even know about much less use hidden services they simply use Tor as a proxy to access the regular web.
Tor is VPN by itself... if you know how to rewrite a text document you should be able to change the last node that connects you to internet and therefore have free vpn
@benclark06 browsers and some sites can access the size of browser windows. And if it matches the size of your screen then you can somewhat narrow down types of computers and weaknesses. Least what Tor says....
you can test this yourself: there are websites that tell your browser window size. Install TOR, then change the browser size. you'll see the website can tell. so maximizing destroys your TOR privacy! It usually starts at multiple of 100 pixels width and height.
@@leonito_ The point is that in some cases this can be. Obviously this is not a concern for the average person, but here is an extreme case: lets say I have a rather low traffic website and lets also say you have a rather exotic 8k monitor. Then I could make an educated guess that all connections from someone with this resolution are by the same person (even if IPs are all over the place). I could then take this info combined with access times and things you clicked on to create a profile. If you are truly worried about a powerful organisation or individual finding you , this could be an issue. Of course advertisers could also use this info. For our example of a super high res monitor this would let me to the assumption that you have a lot of spare cash and i would target accordingly.
1:33 ”Looking up content that might generate embarrassing ads in your browser the next time someone sits down at your computer.” I was not expecting the example he showed...That was much more wholesome than I suspected.
the problem is: tails plus vpn and Tor is extremely cumbersome and slow. You can also forget using most modern websites because you cannot enable javascript or any kind of scripting (scripts can leak you real IP adress even through tor). All this stuff is just not useful for any kind of normal use of the internet.
@@maximilianmustermann5763 Tor Isn't slow. That's a misconception. Most common plugins has been disabled in Tor browser to prevent them from leaking anything. And the tails dev's and the Tor Project are against the use of VPN + Tor.
Linux. Firefox. DuckDuckGo. VPN. Reject cookies. Ad blockers. Tracker blockers. Facebook container etc. Compartmentalization (different browsers and accounts for different things).
I love all your videos Linus, but I don't think VPN is a good idea. It's just unsafe to trust and give a centralized server access to all my data and information. I'd prefer some decentralized alternatives instead cuz the era of web 3.0 is coming soon. No one should own my data except myself.
please dont install adblockers or any type of sourcecode (of the website) changing addons when you want to be anonymous. To be safe: dont istall addons in tor browser at all. code written for this purpose can detect your addons and track you down through your session. the more or rare addons you have, the easier it is to de-anonymise you. (PS: sorry for my english)
Why would a browser give out any of this information to begin with? If you hire an assistant and he signs *your* name on every bit of paperwork you look at isn't that pretty stupid? He's making your life harder, not safer, so why pay him? He's just handing out information about you that no one should have.
Installing add-ons and changing window size in Tor Browser is not a good idea. The browser even shows a warning when someone tries to do it. For more private browsing there is a "Security Level" option, which when set to "Safest" disables all JavaScript, remote fonts and media (audio/video).
@@kuhluhOG you absolutely MUST disable javascript in tor browser or the whole thing is worth nothing. Javascript can just ask your browser for your real IP address and it will send it. This is why using tor browser in the most secure mode is useless for most of the internet because a lot of sites just won't work correctly. But using it in any less secure mode with scripting, you might as well just use a normal browser.
@Alfie That wasn't through tor, that was because LE was able to prove that they were doing illegal activities, then tie them to tor which wasn't neccesary since they already know they were doing illegal things
@Alfie were they arrested? Because if Tor isn't illegal in a country then they can't arrest them because they used it. Tor is a proxy that anonymizes the network NOT the user. It's not Tor's fault that the user admits to using it for illegal things. That being said there are ways Tor can be deanonymized PARTIALLY, though these require A LOT of money and are not feasible in the long term
There are also isolated web based browser solutions. I work on one called Kasm that gives you a containerized browser that destroys itself after use and is available through any browser.
"everybody is out to get your browsing data" tinfoil hat time: What if commercial VPN services are also out there to get your browsing data? what if they're just honeypots?
As someone who's certainly been down that "Rabbit hole and a half", this video is actually pretty decent compared to a lot of videos I've seen in this category from those who don't specialize in it, especially for a sponsor spot. They managed to explain in a _decently_ technically-accurate manner why you can still be tracked using a VPN (though they didn't quite express just how great the extent of that is), thus debunking the most common lie spread relentlessly by these companies. They even mentioned Tor (which by the way, TH-camrs are sometimes explicitly told not to do, or to disparage in sponsor-spots) Good on Linus Tech Tips for that, but still... "We consider a VPN an essential part of staying safe online." Wrong. It's redundant at worst, and such minimal addition it's a waste of money at best. VPNs are not useful for casual browsing, except in certain circumstances, like travelling, in which case, you should use a free one, and will actually be *DETRIMENTAL* if you're prepared to get serious about privacy (something LTT _almost_ mentioned but then brushed off), which by the way, is effectively a full-time job. No such thing as a free lunch, if you want anything more than a thin illusion of increased privacy, it's going to cause some serious inconvenience. *Everything You Know About VPNs is a Lie* First of all, never believe anything that a VPN company tells you. The fact that they do everything they can to try and claim Tor is quote 'unsafe' just goes to show you how desperate they are for your business. But you shouldn't give it, at least not using it the way they recommend, because if you do you're willingly handing over your browsing data to a 3rd party in a less anonymous manner than even Google has access to. At least your ISP is beholden to more regulation and _mostly_ can't sell your data if you opt out (by the way, that's step one, I'd recommend you go do it right now, you can find tutorials based on your ISP). The fact is, VPNs for personal use are objectively a complete waste of your time and money. But if you knew that, you wouldn't spend it. There actually is a bit of history to how these companies all just showed up around the same period, realizing they could exploit people in this way through shiny marketing and the vague construct of 'privacy' that's hard to disprove, to sell them something they don't need and shouldn't even want, but here's the important bit... VPNs weren't originally created for this form of personal use, and the original inventors of the concept never even envisioned such a bone-headed use case! The technology just isn't designed or optimized for it. (From a network-layer standpoint, a different approach would have been better if one were to design it for this purpose) But that clearly doesn't seem to stop people from falling for the ruse. After all, there's money to be made by appealing to people's fear rather than logic, and TH-cam influencers to buy and sell! Of course, I don't hold anything against the creators. They are skilled and amazing at whatever content type of content they make, and it's a great thing for them to make money from it and cynical to describe it as 'selling out'. That said, I facepalm every time I see a VPN sponsor, because some of the ridiculous, non-sequitur privacy scandals (from which having a VPN wouldn't have remotely saved you) and utter, sometimes frankly straight-up factually incorrect garbage these companies make influencers spew is utterly headache inducing to any actual Network Engineer. *Why VPNs Are Not Safe* The first thing said in these carefully crafted, pre-scripted propaganda sponsor spots (aka, not this long-form video, fortunately!) is often is that "We all like to use the internet, but most of our data is unencrypted" This is not the biggest lie they spin, but it's the one that pisses me off the most, because it's the first and deepest hook, and it's a complete lie. Not only because it's straight up wrong, but because it's not even something VPNs protect you from. VPNs supposedly then "securely encrypt all your data to keep you safe online", but is that really true? They do encrypt it, yes, before they decrypt it again at the other end! It's a lie in practice, because that data is can be *read unencrypted by the VPN company*, and of course ultimately, read by the destination server. However, nearly every site you visit, big to small, is likely using HTTPS at this point, meaning you already have a secure connection to the destination, a "private, encrypted tunnel" if you well, preventing prying eyes like your ISP and the VPN, who is effectively just another ISP, from observing it. (Because encrypting your already encrypted data is like, double da security, right? N- no... It doesn't work like that, random bystander. Please take a cryptography course.) Also note that the VPN also has an ISP themselves, who is monitoring all of their traffic just like yours does... So now you have two prying eyes on your connection rather than one! And the former of the two has your credit card details and de-anonymized access to your data! Also, traffic analysis by your ISP can still reveal some aspects of your usage habits through a VPN, potentially meaning three prying eyes, but that's another topic altogether. Speaking of which, even if your VPN doesn't keep logs and that isn't a straight-up lie (it is), they could be forced to do so, just for a particular user, as well as giving up all your account info, by the government of many western countries. This is where the Fourteen Eyes comes in. Any VPN within the jurisdiction of one of the countries on the list can't be trusted for this reason, and those who are generally try to obscure and hide this fact as much as possible, some even facepalmingly claiming that a US jurisdiction is actually a good thing due to performance benefits! Well if that's the case, why use a VPN at all? What about the 'performance benefits' of using my new, proprietary VPN called... thin air. No wait, better make that ThinAir.IoTBlockchainCloud.io. Buy today, only $599.99 a month.
Hey man, you can't put the Internet of Things in the same sentence as the fuckin blockchain. The IoT is way better than that energy guzzling ponzi scheme. Except (say it with me) when the smart devices is provided via the sole discretion of a large corporation: i.e. Juicero.
I was reading your reply and agreed on everything. The thing is, i was waiting for the „How to stay anonymously the right way“ and your explanation. As an example most people who want to start being private on the internet don’t know exactly how and a VPN is easy to get etc. . Since you know what you are talking about you might be able to explain what kind of details people shouldn’t miss while using TOR. From the start of downloading it to the end of actually using it. I think a lot of people would appreciate your response and opinion.
@@Martin-lw8qb Wow I can't believe I actually wrote something this long 3 years ago in a TH-cam comment section and I don't remember writing it lol. Looking back at my old YT comments is always weird. But this one holds up I'd say XD
@@datachu Yeah sometimes seeing ourselves in the past can be weird. But it probably feels great to actually see how yourself developed and it makes you appreciate things. As long as things turned out positive and not negative lol
@@haminator55 The CIA owns Tor and actually saves the data. This was how a few hacktivists got picked up a few years ago. This isn't a conspiracy theory either, this is actually a serious issue.
Using PIA with Tor is a bad idea. You're handing the data to a company and letting a ton of potential attack vectors open up. Just use Tor on its own when using it.
Uhhm no. It just means that you are connecting to the Tor network from the exit of the VPN. Not to mention that PIA has ALREADY been subpoenaed by the FBI and had no data to hand over. Their "No Logs" policy has already held up in court. Stop spreading nonsense
PIA has been subpoenaed by the FBI and has been proven incourt to not keep logs. Also, if you read anything on Tor's website you would know that they recommend using Tor on a VPN
@@dugg117 You missed my point. If for the sake of argument PIA is trustable, you're still just giving yourself more potential vectors. I'm not saying using a VPN is bad. I'm saying using both Tor and a VPN is a bad idea from a security standpoint. No logs doesn't mean no ability to compromise.
You guys should've also discussed privacy through obscurity versus privacy through generics - it is a very large debate in the privacy world and the general argument boils down to the fact that there are very few people who actually run tails, TOR, and extensions such as NoScript, UBlock O, and so on, thus making those individuals easier to observe on the broad scope. The other end is that you do nothing to mask your browsing habits, and in fact take an approach to browsing to appear most like the average internet user (with Socials, TH-cam traffic, and google searches for unsightly genital conditions), and when you need to do private business you resort to Tails on a machine at your local library. Ultimately it all depends on how committed you are to hiding, and who you want to hide from; hiding from the US federal government is nigh impossible due to systems like IME and AMDST giving them carte blanche over your system when they need it, but hiding from corporations is far easier and far more practical. I've come to find that running an extension such as AdNauseum allows you to maintain a greater amount of privacy through the fact that your client clicks on quite literally every ad while the extension parses the visuals from your screen, this makes it difficult to be targeted as your interests might as well be everything under the sun in the advertisers view. It is a debate that will rage for the next fifty years, but in all truth we should all be advocating for legislation that protects individual's data and limits the scope of information which corporations and governments can collect on its citizens.
On the subject of hiding from the Alphabet bois. what do you think about using a pre-IME/AMDST old processor they should handle the basic stuff right ? and what about Raspberry-like mini computers and arm based processors ?
Tinfoil hat guys always forget that the big thing preventing people from watching them is lack of interest. Nobody could give less of a shit about you and your banal existence. They track the data for economic gain, but otherwise nothing you do is of interest to anyone, really.
@@sdmitch16 Yes it would. Plus if you are going through only one server, I imagine it's pretty easy to track who owns that server, so pretty pointless as far as I can see. A VPN has the advantage of having multiple servers and a ton of people using them so tracking the data to one specific user becomes a lot more complicated.
Linus, I saw an ad for this on my Google "new tab" news about Top 5 VPNs - I wanted to be able to access American Netflix from Japan. I remembered you were promoting Private Internet Access, so I searched for your video so I can give you the affiliate credit. It's a small token of my appreciation for all the great videos you do that I learn from. Thank you!
@@Leukick Tor is by default not maximized because then hackers may find out your display size. Of course they can't identify you by such a number, but e.g. it helps knowing the hair color of a peson one is searching for.
That ad @9:33 says in German/Swiss German (what maks sense because the connection goes to Basel, Switzerland):"Rekorde sind zum brechen da." That means in English:"Records are there to get beaten." You're welcome :)
I like how you hinted slightly and indirectly that you can be tracked based on ( HOW YOU USE THE COMPUTER OR PHONE ) for those of you that don't know what that may mean, the speed and style in witch you move the mouse or type on the keyboard can be also tracked and used as sort of a fingerprint so EVEN IF YOU COULD which you cant but IF YOU WERE theoretically 100% secure and hidden FROM every form of traseing and tracking possible they could STILL identify you by matching a profile of essentially ( the way you use a computer) easiest said by recording your psychological methods used when you type that one letter you always switch up by accident or the speed in witch you type certain words and phrases any direct markers or indirect signatures and commonly used emojjs the patterns, speed, skills in which you tend to use your mouse down to the way you flick your wrists off the mouse when you're done or how you always seem to leave your cursor in a specific corner essentially all of the very human vary minute and to the unknowing victim seemingly basic innocent things that you think would never even matter ONLY IF the time were to ever come where you even actually were to actively think about such differences being used. All of these basic functions we do without paying mind by habit essentially become the last ditch method of fingerprinting your internet data and use.
If Linus had actually used Tor before he'd know that NoScript, which is installed by default, does exactly what he said to do manually with those extensions whose block lists are unique (block Javascript and ads)
There's several things wrong with this advice. - Extensions on TOR are an awful idea, they make your fingerprint more unique and hence easier to track - Don't use a VPN with TOR. This is something that the original devs recommend against, because TOR is designed to protect itself. If your country blocks TOR, use a bridge. - Other than the security slider, settings on TOR should remain as they are. It's kind of surprising, I normally expect a lot higher quality out of LMG.
@@Ajinzem They talk about shit they know next to nothing about all the time, but they also talk about stuff they do actually know about too. Everyone's a sellout in some regard, we're all selling something... we all have to eat and feed our families. I'll take a sellout creator over a sellout salesman or some sellout speculative leech any day of the week. Be a decerning viewer. Go to multiple sources. Take sponsored videos with a grain of salt.
Privacy Badger: It’s possible for content scripts to detect what is in a blocklist, by presenting test images from different sites and checking to see if they are blocked. Privacy Badger dynamically builds a blocklist over time that depends on each user’s browsing history, so each user’s blocklist is unique. So it seems to me that Privacy Badger exposes the user to a fingerprinting attack. If we were to include a blocking tool in Tor Browser, it would need to contain an identical blocklist for every user. For example, AdBlock Plus with a fixed set of filters. :trac.torproject.org/projects/tor/ticket/12958
@@thermophile2106 security is a process. online is insecure. but you dont know anythink about the grabbed data and how its used. so you can do something little, but you can´t be sure if its working. blocking all cookies, can do with addon or inside Browser. add addons is a security question...u trust the tools?
Talks about how to optimize blocking. Also recommends Adblock Plus. Honestly, uBlock origin is a much better choice. Mostly because it can not be paid to open backdoors for ads. And it is free as in speech, I think Adblock plus is not.
Hey, *psssst* In the old mspaint, hold CTRL and pick a color, now you'll have a 3rd color which you'll be able to draw with when holding down CTRL, without releasing the mouse click, allowing you to draw dual-colored strokes.
"Totally Private Browsing" sounds like when phone providers gave you "Unlimited" but then you got a hefty bill. Querying it, it turned out "Unlimited" wasn't "Unlimited" ...
It's always been about the closest approximation to perfect security or privacy. The difference is, in computing terms, there is no such thing as perfect privacy or security, mostely because of human error, while ISPs and cell providers can offer a truly unlimited whatever at a flat rate and fixed price, but they don't, because it's more profitable to hide extra expenses behind fine print most users don't read anyways.
In court they can always say your transfer rates aren't throttled, ergo "unlimited". Yeah all the ISP/MO advertisementspeak is a huge pile of BS. Better to just ignore wtf they say and go through the TOS for what costs how much when etc.
You would actually trust that anybody would follow those laws that's hilarious. A society where we aren't paranoid of data collection is one where the technology to prevent it is widely available every one has your information.
But you know the old Russian saying: "Trust but verify". TBH, I would much rather the government snoop on me than the corporations. Maybe 'cause I am not an American and because my country faces existential threat from two nuclear powers.
it's been proven that metadata even passed through VPN can be attached to individual person with quite good accuracy if you wished to be totally anonymous you would have to use VPN for everything you have ever done on internet...which is impossible
FB has gotten pretty good at giving me targeted ads, and it's kinda creepy. It looks at stuff I frequently talk about and my browsing history, so I end up getting ads for Barnes & Noble, right down to specific books that I want. But it doesn't just track _my_ browsing history, it tracks my entire ISP's history. My dad goes to a lot of motorcycle forums and other websites, so I also get a lot of ads for motorcycle helmets that he's bought and other things.
Snow Crash, one of the greats of early cyberpunk, has all of the world's governments collapse because encryption was too strong for the tax collectors to audit you :). One of my favorite setups for a post apocalyptic society.
On the browser-side, you can also use puppeteer in non-headless mode to automate your browsing while adding an additional layer of proxies, changing your headers and other meta data to mislead advertisers, etc.
@@abhisohal4556 It's really bad. First of all, linus says to install extensions in the TOR browser. Generally this is just a bad idea. Then he says to use a VPN WHILE using TOR, which the TOR creators recommend NOT doing at all. He also does NOT mention never to maximize TOR, because it can track your screen resolution and sometimes figure out what device you're on. He also did not mention that your IP address can be revealed through TOR by using webRTC, Javascript and Flash. Honestly this is a horrible video and you should not follow it at all.
I'm surprised that he didn't say avoiding all social networks is also crucial for protecting your privacy, I mean you can get easily a lot of things in there
Let's open with clearing a very common misunderstanding about VPNS up; All of the VPNs being advertised commercially Log traffic. How detailed they are, how they handle logs, and who they may share them with is entirely up to the individual VPN. This doesn't mean they can see your traffic, just the in/out and who/where with the pertinent time and other basic data generated by IP traffic. Further, each VPN will control who withing their company can even access logs. This is an incredibly important note, because people view VPNs as a Ghosting service, that is NOT what you are paying for - not commercially. Being "secure" and being "anonymous" are not the same thing. Even the most "private" of the commercial VPN providers will log as a legal protection for themselves, these reasons also pertain to ISPs and how we operate(d). The legal aspect being Liability as a provider. Here in the good 'ol USA (and anywhere it reaches) a provider is able to be held liable for the content/traffic of it's users under certain conditions. To avoid this providers will simply Log the basic network traffic. That way in the event of a Warrant or DMCA (far more common) we can either provide the important information to authorities, or in with a DMCA, go directly to the client. Again, this is important to know for those who may be trying to truly hide online, say in a place of high censorship. As a final note; there still isn't a lot of data to show that any of the commercial VPNs, which when traced down tend to all be owned by a handful of large companies, provide any additional security online. The reasoning for this is that the vast majority of security compromises are due to user error and/or bad habits. The end user effectively letting the bad guy in the front door with "permission".
If a vpn service say they don't log traffic(also includes connection requests to servers) and turns out they do, they just broke one of the most important rules of GDPR and WILL be fined to hell. They can't lie about data logging.
@@bobraible have fun getting sued by the whole ass EU in international court. I mean you can choose to not show up but, an individual country (hopefully at least not one your HQ resides in) could hold you up to the court decision.
@DispelTheMyth I haven't had that issue yet. Even when leaving the torrent client run. I use the desktop app usually when torrenting. Not sure if you are using it a different way. You could use the browser extension or just use Nord's proxy settings for your torrent client. Try one of those and see if there is a difference in speeds :)
On iOS 15 on an iPhone it’s sort of possible? You can use duck duck go, use private relay which is a similar concept to TOR, turn off all cookie tracking both first and third party as well as a VPN and private browsing. So you can get pretty close but not perfect
1:48 Linus: "While a VPN does secure your data in someways making it so your ISP can't tell what you're doing" Me: Just because the ISP can't see what your doing doesn't mean the VPN service can't
Using a VPN is about trust. You either trust your VPN or you shouldn't use it. Someone somewhere can see your exit data, VPN allows you to choose who that someone is
What are you talking about, I'm using tunnel bear on 2 devices as we speak. Its also only 1 of 2 VPNs that submit themselves to regular audits by a 3rd party. Until other VPN services have the balls to open themselves up to that kind of scrutiny I'd rather pay for the knowledge that they can be trusted.
@Liberalism is a Cult that's because they allow 3rd party audits. Nord don't do that as far as I'm aware so there's little to no proof that they don't keep activity logs.
@@hammerheadcorvette4 tunnel bear have been audited by a 3rd party. They also do not keep logs. The other VPN that's audited I couldn't tell you the name I don't remember it off the top of my head. Nord VPN and all the other big ones won't allow auditing because if everyone was aware of their shady practices they would lose customers. Also I should mention, just because logs aren't kept thst doesn't mean they do a good job. Theres a lot more to a VPN than just logs. You have to take into account, data leakage, encryption levels etc. If a VPN doesn't log, but allows data leakage then it's easy to identify the VPN service. Which makes me wonder how they were subpoenaed in the first place 🤔 I'm not knocking them. I just use a service that I find reliable and reasonably priced. Also as I've mentioned many times opening themselves up to scrutiny fills me with confidence.
I would also recommend that you "split" your person online, that demands discipline! Even with all vpn setup, people get lazy and use the same browser, devices frequent visiting all hosts,websites and apps. A) Use paid VPN service running on devices like PC, but also on smartphone! B) Use multiple browsers, this is easy with a PC where I run virtual machines and keep "personalities" divided. One user agent with location X , for causual web browse. Another user agent with location Y , for trusted regular use as email and manage online private stuffs like bank. C) For torrents, or more risky things I have a expandable isolated machine, running all as LinusTips with different OS, Tor browser
In my case all "official stuff" goes over VPN and Firefox, all "not your business" browsing TOR + DuckDuckGo + ExpressVPN. I might add virtual machine just like you say as extra layer. Unfortunately nowadays so many people "live in the net" and have no idea how much info they leave there....
FYI, PIA is having trouble lately with keeping up with Netflix and other streamers identifying them as a proxy. Hopefully this will be resolved soon, but if you're looking for a VPN so you can watch streaming services in other countries, make sure you know what you're getting into. Not all VPN companies are equal. Nuff said.
8:55 I feel pretty good about using only privacy (anti-tracking) blocklists in uBlock Origin. It takes care of the 99% of ads that want to invade my privacy and still supports the good guys.
I've started using the Brave browser with built-in ad block which boasts "the fastest internet browsing experience, while providing a deep level of security and privacy protection.". This seems like an ad. lol
i use brave browser mainly for watching youtube videos, i like to split my online activity across multiple browsers and browser profiles for privacy because websites can save cookies on your pc that can track your online activity, even though i use extensions and browser features block them. i use tor for general web browsing and use waterfox (which is a more private version of firefox that doesn't send any information to Mozilla) that i have different browser profiles for, for my social media accounts, work accounts and work activity, downloads and purchases
@2:54 "TOR is also imperfect, and leaves us vulnerable, until our traffic reaches its network" The connection between your device and the TOR guard (the first of 3 TOR computers to which you connect) is encrypted. @5:08 "...to stop trackers" (while using TAILS) Trackers can follow you only while you are in your current session of using TAILS, and the trackers will not know who you are. TAILS saves nothing. So trackers can land all over your session, and after you reboot, they will all be gone. The entire TAILS session is conducted via a RAM drive, and nothing in the RAM drive gets saved to disk. So when you restart TAILS, you are always starting it like it is its first use.
is there a really good free vpn out there that's worth trying out?? and i'm talking a full vpn for free.....no trial offers.....
Bandwidth costs money.
Any free VPN will eventually need to make that money back in some way, so you should be highly suspicious of it....
I just use Opera
Use brave with tor
@@jakemorris4302 lel
Beowulf exactly.
Not only do i turn on incognito mode, I also put on the hat and glasses used in the incognito mode icon. I'm perfectly safe!
Hey don't swear this is supposed to be family friendly
Hey you need a tin-infused hat, HOW COULD YOU FORGET THAT?!? Now the Aliens at Area 51 know who you are. smh, so much for raiding Area 51.
@@jasonz8635 dude please don't swear for no reason
RafGaming you sure are funny
That is what most people do wrong, they forget this crucial step, and then they think its incognito mode that is faulty, when its just them not using it right.
Awesome, I needed this so nobody knows I watch Linus Tech Tips
YOU IDIOT!!! you just left a comment, now everyone knows!
i also need it so that my boss could not khow i do all the shitty hard things in the office,
@NaN You could use both tbh. But yes use vpn so vpn provider gets your data. Or do not use vpn so your isp gets your data.
@@pluto8404 waiting for someone to r/woooosh you to r/woooosh them lol
LINUS SAVE FRY'S ELECTRONICS!!!!!!!!!
This is depressing. the amount of work that is needed to browse the internet safely when it should be a given :(
The US government hides behind the Patriot Act to justify monitoring the American people and to justify wiretapping our phones. Everything you do is recorded by your ISP which is relayed back to the government there is no true definition of "browsing the internet safely" unless you do a lot to cover your tracks or maybe do something like in this video *MAYBE* but frankly, looking this up is just going to make your ISP and the government pretty suspicious
"Should be a given", it seems like you expect companies to provide services to you for free? I agree that would be nice.
@@casamir1 they currently provide services to us for "free" by showing us ads, just dont personalize them
@Harshit Joshi it’s trade off at what point is the security or the animosity not worth it? Because of 9/11 the patriot act was deemed worthy for our safety. But to what extent can we allow this.
@@bruh-ux1ns I don't really agree with that freedom allows us to gather resources for our own security.
One thing that people seem to be glossing over when talking about VPN services:
The only thing standing between your encrypted VPN data and your adversaries is the VPN services terms of service, the laws where they are based, and the physical/digital security practices held by the company. In other words, VPN is not exactly what people are selling it to be. VPN pretty much just obfuscates the data from ISPs and public/unprotected/compromised wifi network attackers. This is more or less just shifting where your browsing data lives. Any good VPN service will cost money. If you do go the route of VPN services, make sure they are trusted and pick one based in a country with well respected privacy laws. Also if you have a "free" service they are likely selling your data to the highest bidder.
100% when it comes to things like VPN people need to read the terms and conditions, and privacy policies. And also do research on them to see if they ever had to give user data out.
The best test is to wait until a court goes after a VPN trying to get information out of them, so long as that court is in that VPN's home country. Then we find out how robust that VPN actually is.
@@Neiva71 You make bold statements without any sources to bolster your claims.
@ " "Mullvad and AirVPN are the only decent ones that actually respect privacy" these two companies are a honeypot for NSA..." notice how you gave no proof either?
@Big Tyson everyone logs . bound by laws .
Remember to use gloves when you use Tor to avoid fingerprinting
stelfh
And don't forget to tape your webcam .....and mute the mic
i hate this joke
take my like
so smart
me: Watching linus teaching me how to run from Ads
linus: This video is brought you by
Incognito Mode + VPN + TOR = Download speeds of 37 kbps
You're actually harming yourself by using VPN over tor, VPNs are insecure so you're compromising your security for no reason. Just use tor
And you'll be on the FBI watch list
Mine can't even load single webpage 😂
@@impoppy9145 There's literally millions of people using tor for completely legitimate reasons such as bypassing censorship, protecting their privacy, hiding their activities from oppressive governments and so on. FBI, NSA, CIA couldn't give two shits about a random person using Tor. The vast majority of Tor users don't even know about much less use hidden services they simply use Tor as a proxy to access the regular web.
Tor is VPN by itself... if you know how to rewrite a text document you should be able to change the last node that connects you to internet and therefore have free vpn
Linus starts Tor, first thing he does? MAXIMIZE
Tor: "Am I a joke to you?"
That's only on windows
@benclark06 browsers and some sites can access the size of browser windows. And if it matches the size of your screen then you can somewhat narrow down types of computers and weaknesses. Least what Tor says....
you can test this yourself: there are websites that tell your browser window size. Install TOR, then change the browser size. you'll see the website can tell. so maximizing destroys your TOR privacy! It usually starts at multiple of 100 pixels width and height.
@@elonmush4793 yeah, I mean some malicious site could know I'm using a 15" laptop... incredibly dangerous for my privacy...
@@leonito_ The point is that in some cases this can be. Obviously this is not a concern for the average person, but here is an extreme case: lets say I have a rather low traffic website and lets also say you have a rather exotic 8k monitor. Then I could make an educated guess that all connections from someone with this resolution are by the same person (even if IPs are all over the place). I could then take this info combined with access times and things you clicked on to create a profile. If you are truly worried about a powerful organisation or individual finding you , this could be an issue.
Of course advertisers could also use this info. For our example of a super high res monitor this would let me to the assumption that you have a lot of spare cash and i would target accordingly.
1:33 ”Looking up content that might generate embarrassing ads in your browser the next time someone sits down at your computer.” I was not expecting the example he showed...That was much more wholesome than I suspected.
This would help but my FBI agent has already seen too much
sounds like your gonna try to kill your FBI guy.
My FBI Agent always writes me E-Mails from an .co ( Not .com) Adress.
I hope mine has a good therapist
Your FBI agent cannot arrest me.
@@gummibarchenlp8272 and he is from India.
Snowden said:
*Tails, VPN and Tor. Take all at once with a glass of water on empty stomach.*
+https everywhere, privacy badger, unlock origin, and cookie auto delete
If you want true privacy than you need the Whonix-Tails combo. But Whonix is a pain to setup even if you are generally alright with computers.
the problem is: tails plus vpn and Tor is extremely cumbersome and slow. You can also forget using most modern websites because you cannot enable javascript or any kind of scripting (scripts can leak you real IP adress even through tor). All this stuff is just not useful for any kind of normal use of the internet.
@@trappedcat3615 NoScript, Decentraleyes?
@@maximilianmustermann5763
Tor Isn't slow. That's a misconception.
Most common plugins has been disabled in Tor browser to prevent them from leaking anything.
And the tails dev's and the Tor Project are against the use of VPN + Tor.
linus: uploads video how you can browse anonymously
google: not cool bro!
Me : where is your beard?
*_Linus : gone reduced to atoms_*
He snaped it away.
he may have not had it yet. it takes a couple weeks for it to get to youtube. floatplane also gets it a week earlier than us, so keep that in mind.
what video does he have a beard? :o
@@tatyboy1337 its on his twitter
@@tatyboy1337 facebook too
4:45 nooo Linus why did you make it full screen? We can see the yellow banner from here telling you to NOT make it full screen 😂
Linux.
Firefox.
DuckDuckGo.
VPN.
Reject cookies.
Ad blockers.
Tracker blockers.
Facebook container etc.
Compartmentalization (different browsers and accounts for different things).
Firefox or brave or w3m?
@@adelaide7822 firefox + edited user.js
Compartmentalizing devices and browsers for different things is very important.
tor if youre brave enough
@NaN better than noscript would be umatrix
I approve of the editors' choice for "embarrassing search query"
I love all your videos Linus, but I don't think VPN is a good idea. It's just unsafe to trust and give a centralized server access to all my data and information. I'd prefer some decentralized alternatives instead cuz the era of web 3.0 is coming soon. No one should own my data except myself.
@hye quin try deeper
@MDLuffy 100%! u should google the difference between web 2 and 3.
duuude, web 5.0 was out like a week ago.
web 3.0 is a kinda bad concept tbh
Sorry but there is no "era" mr fad boy. That's just fake gimmick marketing just like "AI" to pander to overindulgent losers such as yourself.
please dont install adblockers or any type of sourcecode (of the website) changing addons when you want to be anonymous.
To be safe: dont istall addons in tor browser at all.
code written for this purpose can detect your addons and track you down through your session. the more or rare addons you have, the easier it is to de-anonymise you.
(PS: sorry for my english)
so don't install privacy badger?
@@SimplyNon_sense you heard him no add-ons
shut up
@@realcartoongirl we heard him, but he's a fucking moron
Why would a browser give out any of this information to begin with? If you hire an assistant and he signs *your* name on every bit of paperwork you look at isn't that pretty stupid? He's making your life harder, not safer, so why pay him? He's just handing out information about you that no one should have.
I never heard Basel pronounced like that. Thanks that made my day :DDDD
And it gave me a stroke
@DispelTheMyth You got it.
Hahahah
BA-SELLLLLLLLL
Yes I chocked on my water 😂
Linus: we going for the ultimate private setup
Also Linus: *maximises Tor*
This video is great and all but if you really want privacy and speed just follow The Hated One guides look him up
Agreed!
Great channel.
Love that guy
.
Yess
Don't make changes to Tor browser. Makes you identifiable. Don't even make it full screen. Leave it as a window.
yeah, the only thing you can change (because about half of all users do it) is disabling JavaScript
Installing add-ons and changing window size in Tor Browser is not a good idea. The browser even shows a warning when someone tries to do it.
For more private browsing there is a "Security Level" option, which when set to "Safest" disables all JavaScript, remote fonts and media (audio/video).
@@kuhluhOG you absolutely MUST disable javascript in tor browser or the whole thing is worth nothing. Javascript can just ask your browser for your real IP address and it will send it. This is why using tor browser in the most secure mode is useless for most of the internet because a lot of sites just won't work correctly. But using it in any less secure mode with scripting, you might as well just use a normal browser.
What does changing the window size do?
@@BCDeshiG Window size can be detected and used for tracking.
Step 1: Download and use TOR
Step 2: Don't enter personal Info
Thanks for sharing
@Alfie using tor isn't illegal in most countries. Save the bridges for the people that actually need it
@Alfie (Only if TOR is legally... not good)
@Alfie That wasn't through tor, that was because LE was able to prove that they were doing illegal activities, then tie them to tor which wasn't neccesary since they already know they were doing illegal things
@Alfie were they arrested? Because if Tor isn't illegal in a country then they can't arrest them because they used it. Tor is a proxy that anonymizes the network NOT the user. It's not Tor's fault that the user admits to using it for illegal things. That being said there are ways Tor can be deanonymized PARTIALLY, though these require A LOT of money and are not feasible in the long term
There are also isolated web based browser solutions. I work on one called Kasm that gives you a containerized browser that destroys itself after use and is available through any browser.
"everybody is out to get your browsing data" tinfoil hat time: What if commercial VPN services are also out there to get your browsing data? what if they're just honeypots?
Most are lol, pia is most likely a honeypot, look up tomsparks vpn reviews
Avoid VPNs from the Five Eyes, Nine Eyes, and 14 Eyes
@@tiaxanderson9725 this
More like they are selling fear to get you to use their service,
@@tiaxanderson9725 someone did their homework on privacytools.io
It's official. Linus is a ninja and it's those ninja skills that enable him to find all sorts of cool stuff from Asia.
terribly underrated comment
As someone who's certainly been down that "Rabbit hole and a half", this video is actually pretty decent compared to a lot of videos I've seen in this category from those who don't specialize in it, especially for a sponsor spot.
They managed to explain in a _decently_ technically-accurate manner why you can still be tracked using a VPN (though they didn't quite express just how great the extent of that is), thus debunking the most common lie spread relentlessly by these companies. They even mentioned Tor (which by the way, TH-camrs are sometimes explicitly told not to do, or to disparage in sponsor-spots) Good on Linus Tech Tips for that, but still... "We consider a VPN an essential part of staying safe online."
Wrong. It's redundant at worst, and such minimal addition it's a waste of money at best. VPNs are not useful for casual browsing, except in certain circumstances, like travelling, in which case, you should use a free one, and will actually be *DETRIMENTAL* if you're prepared to get serious about privacy (something LTT _almost_ mentioned but then brushed off), which by the way, is effectively a full-time job. No such thing as a free lunch, if you want anything more than a thin illusion of increased privacy, it's going to cause some serious inconvenience.
*Everything You Know About VPNs is a Lie*
First of all, never believe anything that a VPN company tells you. The fact that they do everything they can to try and claim Tor is quote 'unsafe' just goes to show you how desperate they are for your business. But you shouldn't give it, at least not using it the way they recommend, because if you do you're willingly handing over your browsing data to a 3rd party in a less anonymous manner than even Google has access to. At least your ISP is beholden to more regulation and _mostly_ can't sell your data if you opt out (by the way, that's step one, I'd recommend you go do it right now, you can find tutorials based on your ISP).
The fact is, VPNs for personal use are objectively a complete waste of your time and money. But if you knew that, you wouldn't spend it. There actually is a bit of history to how these companies all just showed up around the same period, realizing they could exploit people in this way through shiny marketing and the vague construct of 'privacy' that's hard to disprove, to sell them something they don't need and shouldn't even want, but here's the important bit...
VPNs weren't originally created for this form of personal use, and the original inventors of the concept never even envisioned such a bone-headed use case! The technology just isn't designed or optimized for it. (From a network-layer standpoint, a different approach would have been better if one were to design it for this purpose) But that clearly doesn't seem to stop people from falling for the ruse. After all, there's money to be made by appealing to people's fear rather than logic, and TH-cam influencers to buy and sell!
Of course, I don't hold anything against the creators. They are skilled and amazing at whatever content type of content they make, and it's a great thing for them to make money from it and cynical to describe it as 'selling out'. That said, I facepalm every time I see a VPN sponsor, because some of the ridiculous, non-sequitur privacy scandals (from which having a VPN wouldn't have remotely saved you) and utter, sometimes frankly straight-up factually incorrect garbage these companies make influencers spew is utterly headache inducing to any actual Network Engineer.
*Why VPNs Are Not Safe*
The first thing said in these carefully crafted, pre-scripted propaganda sponsor spots (aka, not this long-form video, fortunately!) is often is that "We all like to use the internet, but most of our data is unencrypted" This is not the biggest lie they spin, but it's the one that pisses me off the most, because it's the first and deepest hook, and it's a complete lie. Not only because it's straight up wrong, but because it's not even something VPNs protect you from. VPNs supposedly then "securely encrypt all your data to keep you safe online", but is that really true? They do encrypt it, yes, before they decrypt it again at the other end! It's a lie in practice, because that data is can be *read unencrypted by the VPN company*, and of course ultimately, read by the destination server.
However, nearly every site you visit, big to small, is likely using HTTPS at this point, meaning you already have a secure connection to the destination, a "private, encrypted tunnel" if you well, preventing prying eyes like your ISP and the VPN, who is effectively just another ISP, from observing it. (Because encrypting your already encrypted data is like, double da security, right? N- no... It doesn't work like that, random bystander. Please take a cryptography course.)
Also note that the VPN also has an ISP themselves, who is monitoring all of their traffic just like yours does... So now you have two prying eyes on your connection rather than one! And the former of the two has your credit card details and de-anonymized access to your data! Also, traffic analysis by your ISP can still reveal some aspects of your usage habits through a VPN, potentially meaning three prying eyes, but that's another topic altogether.
Speaking of which, even if your VPN doesn't keep logs and that isn't a straight-up lie (it is), they could be forced to do so, just for a particular user, as well as giving up all your account info, by the government of many western countries. This is where the Fourteen Eyes comes in. Any VPN within the jurisdiction of one of the countries on the list can't be trusted for this reason, and those who are generally try to obscure and hide this fact as much as possible, some even facepalmingly claiming that a US jurisdiction is actually a good thing due to performance benefits! Well if that's the case, why use a VPN at all? What about the 'performance benefits' of using my new, proprietary VPN called... thin air. No wait, better make that ThinAir.IoTBlockchainCloud.io. Buy today, only $599.99 a month.
Hey man, you can't put the Internet of Things in the same sentence as the fuckin blockchain. The IoT is way better than that energy guzzling ponzi scheme. Except (say it with me) when the smart devices is provided via the sole discretion of a large corporation: i.e. Juicero.
I was reading your reply and agreed on everything. The thing is, i was waiting for the „How to stay anonymously the right way“ and your explanation. As an example most people who want to start being private on the internet don’t know exactly how and a VPN is easy to get etc. . Since you know what you are talking about you might be able to explain what kind of details people shouldn’t miss while using TOR. From the start of downloading it to the end of actually using it. I think a lot of people would appreciate your response and opinion.
@@Martin-lw8qb Wow I can't believe I actually wrote something this long 3 years ago in a TH-cam comment section and I don't remember writing it lol. Looking back at my old YT comments is always weird. But this one holds up I'd say XD
@@datachu Yeah sometimes seeing ourselves in the past can be weird. But it probably feels great to actually see how yourself developed and it makes you appreciate things. As long as things turned out positive and not negative lol
Still very confusing for a layman. Is there a good resource/book out there that explains this in detail?
Privacy... ditch all tech. Simple!
That's 99.99% of your privacy issues gone.
untill your car gets integrated internet and your fridge
And live under a rock in australia
-Nah they're gonna implant microchips into your newborns-
@@arnabghosh6636 how is that possible
Australia is upsidedown
how can a rock be under it
help
@@techdiyer5290 not my samsung smart fridge
Me: Shouldn't this be a Techquickie...?
"Sponsored by PIA"
Me: Never mind.
Linus: makes video about protecting yourself from unwanted guests tracking your internet access
*CIA wants to know your location*
This was also addressed as the Machine using TOR showed up in Switzerland.
The NSA already put you on a list for downloading tails/tor IIRC.
@@haminator55 The CIA owns Tor and actually saves the data. This was how a few hacktivists got picked up a few years ago. This isn't a conspiracy theory either, this is actually a serious issue.
Speaking of private, use code Linus when buying madrinas coffee
speaking of access, you need wires to get access. Glasswire!
Speaking of access use code Linus to get TunnelBear for free! TunnelBear is a VPN that will help you access restricted websites.
oh no, dont give linus any ideas
Speaking of private, use code LTT to get 50% off when buying underwear.
Me: Searches up embarrassing things
tails: *I'm going to pretend I didn't see that*
Using PIA with Tor is a bad idea. You're handing the data to a company and letting a ton of potential attack vectors open up. Just use Tor on its own when using it.
I'm pretty sure that even the developers of tor recommend against this
Attack vectors? You mean they serve me more ads? OH NOES!
Uhhm no. It just means that you are connecting to the Tor network from the exit of the VPN. Not to mention that PIA has ALREADY been subpoenaed by the FBI and had no data to hand over. Their "No Logs" policy has already held up in court. Stop spreading nonsense
PIA has been subpoenaed by the FBI and has been proven incourt to not keep logs. Also, if you read anything on Tor's website you would know that they recommend using Tor on a VPN
@@dugg117 You missed my point. If for the sake of argument PIA is trustable, you're still just giving yourself more potential vectors.
I'm not saying using a VPN is bad. I'm saying using both Tor and a VPN is a bad idea from a security standpoint. No logs doesn't mean no ability to compromise.
You guys should've also discussed privacy through obscurity versus privacy through generics - it is a very large debate in the privacy world and the general argument boils down to the fact that there are very few people who actually run tails, TOR, and extensions such as NoScript, UBlock O, and so on, thus making those individuals easier to observe on the broad scope. The other end is that you do nothing to mask your browsing habits, and in fact take an approach to browsing to appear most like the average internet user (with Socials, TH-cam traffic, and google searches for unsightly genital conditions), and when you need to do private business you resort to Tails on a machine at your local library. Ultimately it all depends on how committed you are to hiding, and who you want to hide from; hiding from the US federal government is nigh impossible due to systems like IME and AMDST giving them carte blanche over your system when they need it, but hiding from corporations is far easier and far more practical. I've come to find that running an extension such as AdNauseum allows you to maintain a greater amount of privacy through the fact that your client clicks on quite literally every ad while the extension parses the visuals from your screen, this makes it difficult to be targeted as your interests might as well be everything under the sun in the advertisers view. It is a debate that will rage for the next fifty years, but in all truth we should all be advocating for legislation that protects individual's data and limits the scope of information which corporations and governments can collect on its citizens.
On the subject of hiding from the Alphabet bois. what do you think about using a pre-IME/AMDST old processor they should handle the basic stuff right ? and what about Raspberry-like mini computers and arm based processors ?
@@JABRONIANGELOR Sir, walk outside with your hands up immediately. We have you surrounded.
@@ramb0lxmb Jokes on you i'm not even in the same hemisphere as the US :p
Also, get rid of your phone. It's legit always listening.
but only if you sync it. I've never done that as it makes zero sense to me. This is one reason I refuse to use apple products.
GET RID OF YOUR MICROWAVE ! THE GOVERNMENT IS IN THERE
Or disable your phone's mobile data or wifi when not needed
Tinfoil hat guys always forget that the big thing preventing people from watching them is lack of interest. Nobody could give less of a shit about you and your banal existence. They track the data for economic gain, but otherwise nothing you do is of interest to anyone, really.
What always
If the video wasnt sponsored i'd trust it much more...
PIA has been proven in court to not keep logs. Probably the safest VPN out there.
DoctorPurpleSwag if you don’t trust PIA just buy your own server and learn to encrypt and everything
@@nova1882 Wouldn't data between the server and websites be unencrypted?
@@sdmitch16 Yes it would. Plus if you are going through only one server, I imagine it's pretty easy to track who owns that server, so pretty pointless as far as I can see. A VPN has the advantage of having multiple servers and a ton of people using them so tracking the data to one specific user becomes a lot more complicated.
@@nova1882 that can be done with a cloud provider like digital ocean, and the streisand code on github to set up your own vpn !
Linus, I saw an ad for this on my Google "new tab" news about Top 5 VPNs - I wanted to be able to access American Netflix from Japan. I remembered you were promoting Private Internet Access, so I searched for your video so I can give you the affiliate credit. It's a small token of my appreciation for all the great videos you do that I learn from. Thank you!
Nice
Linus: Here is how you can browse the internet anonymously.
Also Linus: First thing to do in Tor is to make the window full size.
What's the problem with that?
Yeah, what's the problem with that?
@@Leukick Tor is by default not maximized because then hackers may find out your display size. Of course they can't identify you by such a number, but e.g. it helps knowing the hair color of a peson one is searching for.
@@johanness6545 Ahh okay thank you! Nice way of explaining it
That ad @9:33 says in German/Swiss German (what maks sense because the connection goes to Basel, Switzerland):"Rekorde sind zum brechen da." That means in English:"Records are there to get beaten." You're welcome :)
*You're
:-)
@@RoniRonkoKovatch Thx :)
Me: signs in amazon on tails
Also me: logs out
Me: signs in ro mins later
Amazon: I've never seen this man in my life
I like how you hinted slightly and indirectly that you can be tracked based on ( HOW YOU USE THE COMPUTER OR PHONE )
for those of you that don't know what that may mean, the speed and style in witch you move the mouse or type on the keyboard can be also tracked and used as sort of a fingerprint so EVEN IF YOU COULD which you cant but IF YOU WERE theoretically 100% secure and hidden FROM every form of traseing and tracking possible they could STILL identify you by matching a profile of essentially ( the way you use a computer) easiest said by recording your psychological methods used when you type that one letter you always switch up by accident or the speed in witch you type certain words and phrases any direct markers or indirect signatures and commonly used emojjs the patterns, speed, skills in which you tend to use your mouse down to the way you flick your wrists off the mouse when you're done or how you always seem to leave your cursor in a specific corner essentially all of the very human vary minute and to the unknowing victim seemingly basic innocent things that you think would never even matter ONLY IF the time were to ever come where you even actually were to actively think about such differences being used.
All of these basic functions we do without paying mind by habit essentially become the last ditch method of fingerprinting your internet data and use.
Linus: I'm behind my sponsorship commitments. Better make a video full of ads.
You don't need to use privacy badger and uBlock Origin together, uBlock Origin does everything better
I use ABP and uBlock at the same time, haven't seen a fucking add on my PC in years. Linus shut the fuck up!!!
@@Neiva71, they can't trace shit that way.
The more you know.Thanks
NO PLUGINS , NO JAVASCRIPT , NO FLASH IN TOR else you will be ass fucked by trackers .
If Linus had actually used Tor before he'd know that NoScript, which is installed by default, does exactly what he said to do manually with those extensions whose block lists are unique (block Javascript and ads)
There's several things wrong with this advice.
- Extensions on TOR are an awful idea, they make your fingerprint more unique and hence easier to track
- Don't use a VPN with TOR. This is something that the original devs recommend against, because TOR is designed to protect itself. If your country blocks TOR, use a bridge.
- Other than the security slider, settings on TOR should remain as they are.
It's kind of surprising, I normally expect a lot higher quality out of LMG.
The problem is that he is doing sponsored videos. He is a sellout and keeps information hidden for profit.
But I don't want my ISP to know I'm using Tor, so they can't throttle me.
@@linux_fox Your ISP can't see what you do on Tor. But they'll see you using it but can't actually see the material that's being viewed.
@@linux_fox Then use a bridge lol
@@Ajinzem They talk about shit they know next to nothing about all the time, but they also talk about stuff they do actually know about too. Everyone's a sellout in some regard, we're all selling something... we all have to eat and feed our families. I'll take a sellout creator over a sellout salesman or some sellout speculative leech any day of the week. Be a decerning viewer. Go to multiple sources. Take sponsored videos with a grain of salt.
Privacy Badger:
It’s possible for content scripts to detect what is in a
blocklist, by presenting test images from different sites and checking
to see if they are blocked. Privacy Badger dynamically builds a
blocklist over time that depends on each user’s browsing history, so
each user’s blocklist is unique. So it seems to me that Privacy Badger
exposes the user to a fingerprinting attack.
If we were to
include a blocking tool in Tor Browser, it would need to contain an
identical blocklist for every user. For example, AdBlock Plus with a
fixed set of filters.
:trac.torproject.org/projects/tor/ticket/12958
I wonder if there is a more blanket approach. Like just blocking all cookies.
@@thermophile2106 security is a process.
online is insecure. but you dont know anythink about the grabbed data and how its used. so you can do something little, but you can´t be sure if its working.
blocking all cookies, can do with addon or inside Browser. add addons is a security question...u trust the tools?
Talks about how to optimize blocking.
Also recommends Adblock Plus.
Honestly, uBlock origin is a much better choice. Mostly because it can not be paid to open backdoors for ads. And it is free as in speech, I think Adblock plus is not.
I actually live in Basel - thanks for the shout out :D p.s. that was the weirdest pronunciation ever :))
Ah yes, Now I can finally serch up illegal MS Paint techniques
Hey, *psssst*
In the old mspaint, hold CTRL and pick a color, now you'll have a 3rd color which you'll be able to draw with when holding down CTRL, without releasing the mouse click, allowing you to draw dual-colored strokes.
Don't search for cheese pizza.
"Totally Private Browsing" sounds like when phone providers gave you "Unlimited" but then you got a hefty bill. Querying it, it turned out "Unlimited" wasn't "Unlimited" ...
It's always been about the closest approximation to perfect security or privacy. The difference is, in computing terms, there is no such thing as perfect privacy or security, mostely because of human error, while ISPs and cell providers can offer a truly unlimited whatever at a flat rate and fixed price, but they don't, because it's more profitable to hide extra expenses behind fine print most users don't read anyways.
In court they can always say your transfer rates aren't throttled, ergo "unlimited". Yeah all the ISP/MO advertisementspeak is a huge pile of BS. Better to just ignore wtf they say and go through the TOS for what costs how much when etc.
Unlimited anything is a lie. Once you start to exceed the capacity of the network you run into an invisible cap.
That's the exact reason I regret attacking minecraft servers with 500gbps
I'd rather we had laws to prevent unscrupulous data mining & a society that does not have paranoid agencies mistrusting ev-er-y-thing!
911 destroyed more than the wtc
You would actually trust that anybody would follow those laws that's hilarious. A society where we aren't paranoid of data collection is one where the technology to prevent it is widely available every one has your information.
We would all like to have a lof of things.
But you know the old Russian saying: "Trust but verify".
TBH, I would much rather the government snoop on me than the corporations. Maybe 'cause I am not an American and because my country faces existential threat from two nuclear powers.
it's been proven that metadata even passed through VPN can be attached to individual person with quite good accuracy
if you wished to be totally anonymous you would have to use VPN for everything you have ever done on internet...which is impossible
4:10 the other benefit of tails, is that he can fly with his two tails
I see what ya did there
FB has gotten pretty good at giving me targeted ads, and it's kinda creepy. It looks at stuff I frequently talk about and my browsing history, so I end up getting ads for Barnes & Noble, right down to specific books that I want. But it doesn't just track _my_ browsing history, it tracks my entire ISP's history. My dad goes to a lot of motorcycle forums and other websites, so I also get a lot of ads for motorcycle helmets that he's bought and other things.
"expedia blocked me, thats cute" okay hacker tech tips lol
This is the future. RAM based OS, TOR protocol for any connections, and LTT telling us about PIA.
Snow Crash, one of the greats of early cyberpunk, has all of the world's governments collapse because encryption was too strong for the tax collectors to audit you :). One of my favorite setups for a post apocalyptic society.
@@aidanlevy2841 and how would one set stuff up like that?
@@coolraspyhobbit4723 It's not realistic, because governments would never let banks or payment processors resist a warrant. But it is hilarious.
Ah yes, my middle and high school memories are all flooding back to me now. Sweet nostalgia.
Private? Yes. Anonymous? No.
anonymous with tor? maybe
>>> 1:09
All at comfort from your home isp.
das ouside the ip range
ikr 🤣🤣🤣
We in 2019, PIA in 3019
On the browser-side, you can also use puppeteer in non-headless mode to automate your browsing while adding an additional layer of proxies, changing your headers and other meta data to mislead advertisers, etc.
Most people: OMG my privacy is sooo important!
Also same people: I must log into Facebook and tell everybody EVERYTHING.
Other people: 🙄
This man gets it.
I'm going to download tails just to... uhmm... do some Christmas shopping >.>
browsers: it feels familiar, because it uses chromium
me, a lifelong firefox user: wat
Thought it was going to be a 12 minute ad for PIA. I was pleasantly surprised
*GOOGLE WANTS TO KNOW YOUR LOCATION*
"...helps when they serve up those juicy ads everywhere that you frequent."
*laughs in Adblock*
This is by far the most incomplete Privacy video by LTT I have seen
That would be because this was a sponsor video, not a proper guide.
What's wrong with the video? I thought it was good.
What’s missing?
@@abhisohal4556 It's really bad.
First of all, linus says to install extensions in the TOR browser. Generally this is just a bad idea. Then he says to use a VPN WHILE using TOR, which the TOR creators recommend NOT doing at all. He also does NOT mention never to maximize TOR, because it can track your screen resolution and sometimes figure out what device you're on. He also did not mention that your IP address can be revealed through TOR by using webRTC, Javascript and Flash.
Honestly this is a horrible video and you should not follow it at all.
@@YourNightmar3 you seem knowledgeable in the area, have you checked out sentinel dVPN? It's not released into mainnet just yet.
I'm surprised that he didn't say avoiding all social networks is also crucial for protecting your privacy, I mean you can get easily a lot of things in there
Browse the Internet Anonymously = use your neighbor's wifi
7:39 That's infact R.I.P (when you are being tracked)
Let's open with clearing a very common misunderstanding about VPNS up;
All of the VPNs being advertised commercially Log traffic. How detailed they are, how they handle logs, and who they may share them with is entirely up to the individual VPN. This doesn't mean they can see your traffic, just the in/out and who/where with the pertinent time and other basic data generated by IP traffic. Further, each VPN will control who withing their company can even access logs. This is an incredibly important note, because people view VPNs as a Ghosting service, that is NOT what you are paying for - not commercially. Being "secure" and being "anonymous" are not the same thing.
Even the most "private" of the commercial VPN providers will log as a legal protection for themselves, these reasons also pertain to ISPs and how we operate(d). The legal aspect being Liability as a provider. Here in the good 'ol USA (and anywhere it reaches) a provider is able to be held liable for the content/traffic of it's users under certain conditions. To avoid this providers will simply Log the basic network traffic. That way in the event of a Warrant or DMCA (far more common) we can either provide the important information to authorities, or in with a DMCA, go directly to the client.
Again, this is important to know for those who may be trying to truly hide online, say in a place of high censorship.
As a final note; there still isn't a lot of data to show that any of the commercial VPNs, which when traced down tend to all be owned by a handful of large companies, provide any additional security online. The reasoning for this is that the vast majority of security compromises are due to user error and/or bad habits. The end user effectively letting the bad guy in the front door with "permission".
If a vpn service say they don't log traffic(also includes connection requests to servers) and turns out they do, they just broke one of the most important rules of GDPR and WILL be fined to hell. They can't lie about data logging.
@@TealJosh That is only true if they lie within the jurisdiction of the EU.
@@bobraible have fun getting sued by the whole ass EU in international court. I mean you can choose to not show up but, an individual country (hopefully at least not one your HQ resides in) could hold you up to the court decision.
Tour's ad should be "We'll save you $100 right off the bat".
Nord vpn advertises them selves by default on some deep/dark web sites with ads. Hmmm...
That's the confidence Nord has XD
I would vouch for Nord, been using it for a few months and its the fastest speeds I’ve tested so far.
I've been using NordVPN for a year now and I get great speeds with it. By far the best one I've used.
@DispelTheMyth I haven't had that issue yet. Even when leaving the torrent client run. I use the desktop app usually when torrenting. Not sure if you are using it a different way. You could use the browser extension or just use Nord's proxy settings for your torrent client. Try one of those and see if there is a difference in speeds :)
This video was insanely useful and helpful! Sitting here waiting for the smartphone version!
On iOS 15 on an iPhone it’s sort of possible? You can use duck duck go, use private relay which is a similar concept to TOR, turn off all cookie tracking both first and third party as well as a VPN and private browsing. So you can get pretty close but not perfect
Linus this was really really good! You just keep getting better and better...
I thought it was 12 min long word from the sponsor
8:38 so we're talking sims now, huh
Greetings from Switzerland. Dont use my internet, we only have 2x 10 Gbit/s per Houshold...
*cries in Australian*
We have 100gbps here in Sweden, for companies.
@@lething1237 damnnnnn. Dont know why. But would buy it...
Same speed as my house....
Yes but you have mountains and snow. That's a good tradeoff in my opinion!
Linus: "It's like, preeeetty sure I'm a bot, eh?!"
Me: Ohhhh I miss CANADAAAAAA
3:45 yay he recommends an OS that you don't have to despy for half an hour
Feels like Linus is back in his full element here
When is Anthony going to do another build?. They are really enjoyable!.
1:48
Linus: "While a VPN does secure your data in someways making it so your ISP can't tell what you're doing"
Me: Just because the ISP can't see what your doing doesn't mean the VPN service can't
Using a VPN is about trust. You either trust your VPN or you shouldn't use it. Someone somewhere can see your exit data, VPN allows you to choose who that someone is
Incognito mode PLUS sticky note placed OVER THE CAMERA
Say whatever you want
TUNNEL BEAR ISN'T COMMING BACK :(
@Liberalism is a Cult it's $10 a month, better than Nord
What are you talking about, I'm using tunnel bear on 2 devices as we speak.
Its also only 1 of 2 VPNs that submit themselves to regular audits by a 3rd party. Until other VPN services have the balls to open themselves up to that kind of scrutiny I'd rather pay for the knowledge that they can be trusted.
@Liberalism is a Cult that's because they allow 3rd party audits. Nord don't do that as far as I'm aware so there's little to no proof that they don't keep activity logs.
@@robertdale2964 The only VPN to date to have been proven in court after being subpoenaed to not keep logs, was PIA...
@@hammerheadcorvette4 tunnel bear have been audited by a 3rd party. They also do not keep logs. The other VPN that's audited I couldn't tell you the name I don't remember it off the top of my head.
Nord VPN and all the other big ones won't allow auditing because if everyone was aware of their shady practices they would lose customers.
Also I should mention, just because logs aren't kept thst doesn't mean they do a good job. Theres a lot more to a VPN than just logs. You have to take into account, data leakage, encryption levels etc.
If a VPN doesn't log, but allows data leakage then it's easy to identify the VPN service. Which makes me wonder how they were subpoenaed in the first place 🤔
I'm not knocking them. I just use a service that I find reliable and reasonably priced. Also as I've mentioned many times opening themselves up to scrutiny fills me with confidence.
I would also recommend that you "split" your person online, that demands discipline!
Even with all vpn setup, people get lazy and use the same browser, devices frequent visiting all hosts,websites and apps.
A) Use paid VPN service running on devices like PC, but also on smartphone!
B) Use multiple browsers, this is easy with a PC where I run virtual machines and keep "personalities" divided.
One user agent with location X , for causual web browse.
Another user agent with location Y , for trusted regular use as email and manage online private stuffs like bank.
C) For torrents, or more risky things I have a expandable isolated machine, running all as LinusTips with different OS, Tor browser
In my case all "official stuff" goes over VPN and Firefox, all "not your business" browsing TOR + DuckDuckGo + ExpressVPN. I might add virtual machine just like you say as extra layer. Unfortunately nowadays so many people "live in the net" and have no idea how much info they leave there....
FYI, PIA is having trouble lately with keeping up with Netflix and other streamers identifying them as a proxy. Hopefully this will be resolved soon, but if you're looking for a VPN so you can watch streaming services in other countries, make sure you know what you're getting into. Not all VPN companies are equal. Nuff said.
Linus: So these ads are completely irrelevant
Ads are all tech 2 seconds after searching in Newegg
He's so immersed in tech he's probably forgoton other adverts exist, other than perhaps the baby toys ads, bet he gets buckets of those.
8:55 I feel pretty good about using only privacy (anti-tracking) blocklists in uBlock Origin. It takes care of the 99% of ads that want to invade my privacy and still supports the good guys.
7:50
Linus: And over here we have some nonsense I've never seen or heard of before.
Me: You know your protected when you don't recognize your own IP.
Okay, but isn't incognito mode in the Tor browser basically just the regular Tor browser?
Lol
I've started using the Brave browser with built-in ad block which boasts "the fastest internet browsing experience, while providing a deep level of security and privacy protection.". This seems like an ad. lol
i use brave browser mainly for watching youtube videos, i like to split my online activity across multiple browsers and browser profiles for privacy because websites can save cookies on your pc that can track your online activity, even though i use extensions and browser features block them. i use tor for general web browsing and use waterfox (which is a more private version of firefox that doesn't send any information to Mozilla) that i have different browser profiles for, for my social media accounts, work accounts and work activity, downloads and purchases
@2:54 "TOR is also imperfect, and leaves us vulnerable, until our traffic reaches its network"
The connection between your device and the TOR guard (the first of 3 TOR computers to which you connect) is encrypted.
@5:08 "...to stop trackers" (while using TAILS)
Trackers can follow you only while you are in your current session of using TAILS, and the trackers will not know who you are.
TAILS saves nothing. So trackers can land all over your session, and after you reboot, they will all be gone.
The entire TAILS session is conducted via a RAM drive, and nothing in the RAM drive gets saved to disk. So when you restart TAILS, you are always starting it like it is its first use.
Just wanted to say : Greetings from "BS, CH?" :)
9:32 I used my Scarlett interface today. Are you tracking me? 😨
someone should invent a video sponsor blocking AI so linus cant watch us showering
not a bad intro, but the big tool they are using was not explained might want to do a tech quicky about browser fingerprinting and link it here
This is basically an add with you extra steps
I enjoyed this sponsored content much, much more than the last one.
7:00
Hotel??
Trivago...
huh?