General :  K-Meleon Web Browser Forum
General discussion about K-Meleon 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog InPrint View
VPN, privacy & 'Gecko browsers'* rev. 0.3.10
Posted by: luk3Z
Date: October 16, 2017 02:22PM

+----------------------------------------------------------------------------------+
| Your privacy - VPN & Firefox (+ other Gecko browsers)* rev. 0.3.10 |
+----------------------------------------------------------------------------------+


========== VPN section ==========

+ You can try free OpenVPN configs or Softether:

+ OpenVPN:
- OpenVPN - you can edit configs (.ovpn) with notepad to change encryption (line 88 - standard is not so good: AES-128-CBC - try AES-256-CBC instead)
- OpenVPN - you can edit configs (.ovpn) with notepad to add option "block-outside-dns" (for example in line 104) to avoid DNS leaks
- OpenVPN - if you add option "block-outside-dns" you don't need (Simple) DNSCrypt
(my testing suggest that when you using OpenVPN without "block-outside-dns" option together with Simple DNSCrypt you are affected by DNS leaks)
(Simple DNSCrypt not working for me, anyway this needs further testing...)
- OpenVPN - you can edit configs (.ovpn) with notepad to add option "--remote-cert-tls server" (for example in line 21) to avoid "Man-in-the-Middle" attack
https://openvpn.net/index.php/open-source/documentation/howto.html#secnotes [OpenVPN 2.1 and above]
- https://www.vpnbook.com/ (few free OpenVPN configs)
- http://www.vpngate.net/en/ (a lot of free OpenVPN configs)

+ OpenVPN manuals:
- https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
- https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
- https://openvpn.net/index.php/open-source/documentation/howto.html
- https://openvpn.net/index.php/open-source/documentation/security-overview.html

+ Softether:
- http://www.vpngate.net/en/
- you need good server with strong encryption (standard is really bad: RC4 MD5)
https://en.wikipedia.org/wiki/RC4#Security
https://en.wikipedia.org/wiki/MD5#Security
- I recommend to use DNSCrypt to avoid DNS leaks (check your DNS leaks - links are below)
- http://www.softether.org/1-features/3._Security_and_Reliability

+ Softether disadvantages:
- logging policy: 2 weeks [default]
- when you will be disconnected then your IP will be exposed (there is no 'kill switch' feature)
- DNS leaks...

========== Browser section ==========

+ Secure your privacy in Firefox:
- by using addons like in IceCat [https://directory.fsf.org/wiki/IceCat] I mean:
Adblock Plus (ABP), Disable WebRTC, Fat-Free Fox, No Resource URI Leak, NoScript, Privacy Badger, uBlock Origin (uBO), uMatrix etc.
Additionally you can add: CanvasBlocker, Disconnect, FoxyProxy, Https Everywhere, Privacy Settings, Random Agent Spoofer.
Take a look @ these sites:
- https://web.archive.org/web/20170404173124/http://b.agilob.net/better-security-privacy-and-anonymity-in-firefox
- http://configfox.sourceforge.net/
- https://www.bestvpn.com/make-firefox-secure-using-aboutconfig/
- https://www.bestvpn.com/privacy-news/control-firefox-privacy-settings-with-an-add-on/
- https://vikingvpn.com/cybersecurity-wiki/browser-security/guide-hardening-mozilla-firefox-for-privacy-and-security
- https://www.howtogeek.com/102032/how-to-optimize-mozilla-firefox-for-maximum-privacy/
- http://www.ghacks.net/2015/07/01/control-privacy-settings-in-firefox-easily/

+ If you would like to use Google Chrome anyway you can replace it with Chromium or Iron:
- https://en.wikipedia.org/wiki/Chromium_(web_browser)
- https://en.wikipedia.org/wiki/SRWare_Iron

+ Use Tor or Tor Browser (based on Firefox):
- "We will never be able to de-anonymize all Tor users all the time. • With manual analysis we can de-anonymize a very small fraction of Tor users"
- https://edwardsnowden.com/docs/doc/tor-stinks-presentation.pdf‎
- https://commons.wikimedia.org/wiki/File:Tor_Stinks.pdf
- https://en.wikipedia.org/wiki/Tor_(anonymity_network)#Tor_Browser
- https://www.torproject.org/docs/tor-manual.html.en
- https://www.torproject.org/docs/faq.html.en
- https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters

+ SSH/SOCKS/proxy:
- Privoxy - https://en.wikipedia.org/wiki/Privoxy
- https://lifehacker.com/5763170/how-to-secure-and-encrypt-your-web-browsing-on-public-networks-with-hamachi-and-privoxy
- https://lifehacker.com/237227/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy
- https://outflux.net/blog/archives/2006/12/07/paranoid-browsing-with-squid/
- https://embraceubuntu.com/2006/12/08/ssh-tunnel-socks-proxy-forwarding-secure-browsing/
- Pirate Tor Browser - http://www.softpedia.com/get/Internet/Browsers/PirateBrowser.shtml or http://www.majorgeeks.com/files/details/piratebrowser.html

+ Change your UserAgent frequently (get UA addon for your browser). Example of UA sites:
- Random Agent Spoofer addon for firefox: https://addons.mozilla.org/en-US/firefox/addon/random-agent-spoofer/
List of UA sites:
- http://www.browser-info.net/useragents
- http://mybrowseraddon.com/custom-useragent-string.html
- https://developers.whatismybrowser.com/useragents/explore/
- https://udger.com/resources/ua-list
- https://techblog.willshouse.com/2012/01/03/most-common-user-agents/
- http://www.useragentstring.com/pages/useragentstring.php

+ Fingerprint (fingerprinting algorithms):
- https://en.wikipedia.org/wiki/Fingerprint_(computing)
- https://en.wikipedia.org/wiki/Canvas_fingerprinting
- https://en.wikipedia.org/wiki/Device_fingerprint
- https://browserleaks.com/canvas

+ Check your browser privacy:
- https://browserleaks.com/
- http://browserspy.dk/
- https://panopticlick.eff.org/

+ Other sites worth mentioning:
- riseup.net/en/better-web-browsing
- privacytools.io
- https://en.wikipedia.org/wiki/Category:Internet_privacy
- https://en.wikipedia.org/wiki/Category:Crypto-anarchism


========== OS section ==========

+ Use Tails Linux:
- https://en.wikipedia.org/wiki/Tails_(operating_system)
- https://www.wired.com/2014/04/tails/

+ Secure you DNS with DNSCrypt:
- For Linux follow this: http://www.webupd8.org/2014/08/encrypt-dns-traffic-in-ubuntu-with.html
- For Windows - you need: "dnscrypt-winclient" or "Simple DNSCrypt".
URLs:
- https://simplednscrypt.org/
- https://github.com/jedisct1/dnscrypt-proxy/wiki
- https://github.com/Noxwizard/dnscrypt-winclient
(Simple DNSCrypt not working for me (I'm still using "block-outside-dns" option in OpenVPN config file).
(Anyway this needs further testing...)

+ Check your DNS leaks:
- https://ipleak.net/
- https://www.dnsleaktest.com/
- https://whoer.net/

__________________________________________________________
* Other Gecko browsers - this means it may also work with:
Airfox, Beonex Communicator, Camino, Comodo IceDragon, Conkeror, Classilla, Firefox for Android, Flock, Galeon, Ghostzilla, HP Secure Web Browser, IceCat (GNU IceWeasel), K-Meleon, Kazehakase, Kirix Strata, Lotus Symphony, Lunascape, MicroB, Minimo, Netscape 6, Nightingale, Oxygen, Pale Moon, Portable FireFox, SeaMonkey, Swiftfox, Swiftweasel, Sylera (for mobile), TenFourFox, Timberwolf (AmigaOS 4), Tor Browser, Waterfox, xB Browser

https://en.wikipedia.org/wiki/Gecko_(software)

Any suggestions are welcomed.

Source:
https://beamstat.com/chan/privacy
https://beamstat.com/chan/Crypto-Anarchist%20Federation
(Bitmessage channel)

__________________________________________
How to install Firefox addons in KM 76 RC:
http://kmeleonbrowser.org/forum/read.php?9,141979
Icons for Goanna KM/SM:
http://kmeleonbrowser.org/forum/read.php?10,150634
K-Meleon Quick Reference:
http://kmeleonbrowser.org/docs.php
Basilisk/KM/SM xpi converter:
https://www.addonconverter.fotokraina.com/
Best regards.



Edited 1 time(s). Last edit at 10/16/2017 02:24PM by luk3Z.

Options: ReplyQuote


K-Meleon forum is powered by Phorum.