Going Full “Tekfoil Hat” - A Discussion on Privacy and Being Secure

So here is the big question; What would it take to become as secure as possible online?

If I wanted to protect myself from the data harvesting of large corporations like Google, Apple, Microsoft, Facebook, Amazon, etc. As well as from government organizations like the NSA. How many everyday luxuries would I have to give up? What operating systems would I have to run? What services would I have to personally host? What daily habits would I have to change? Out of all the data harvesting, which companies are the least insidious? Which are the most insidious?

Try to answer these questions from the perspective of a average technology enthusiast. Don’t come in and start posting things like; “just don’t use the net” or “make your own ISP”. These ideas are not realistic and do not add anything constructive to the conversation.

It seems like most people in this community are serious about privacy and are open-source enthusiasts. Let’s pool our knowledge and help each other be more secure and more informed.

Edit Edit: So it seems like people are going a bit TOO crazy with this. My objective of this thread is not to go absolutely crazy. I want things that a normal user could actually do. Sure there are ways of going off the grid but that is not practical. One still needs to get some work done. Try to think more along the lines of something you would ACTUALLY do.

Note: not sure what category to place this under?

1 Like

Go offline.

Edit: Seriously though, host your own email server, manually control all connections, basically, get rid of all automated processes which you don't control.

Don’t come in and start posting things like; “just don’t use the net”


1 Like



There's a few threads on this already.
Edward Snowden uses linux Tails and I think the Tor browser.

TAILS seems like an interesting distro. It could be useful to keep on a thumb drive in case of an emergency. But I don't think this would make a very good "daily driver" OS. For someone who actually needs to get work done.

Also using Tor makes me cringe a bit, it's a minefield out there.

How would you manually control all connections? What do you mean by this? Things like devices on your network? Or applications and programs on these devices?

In short, Both.

Also living in a RF shielded chamber will help as well. Its not that bad. They make copper mesh screen rooms too, so you can see outside and avoid the dread of living in a windowless bunker.

Let's try for some more realistic solutions guys.

I think you are yourself over-killing it a bit. All the data harvesting by big companies is pretty basic (I guess/hope). It's basic because it is all it needs to be since people don't protect themselves that much from it.

  1. Get Firefox, tweak its settings and get a few addons.
  2. Get a trustworthy VPN with shared IP.
  3. Get a trustworthy encrypted email service, like tutanota or protonmail. Not hushmail.
  4. Use duckduckgo & startpage.com search engines as much as you can.
  5. Don't use services by big internet companies, like facebook and google. If you have to, make fake profiles and be sure not to share personal information, like phone numbers and primary email-addresses

Simple steps to make it much harder to track you without making your own life much harder. After these 5 steps you could run local http server on your pc, collect all needed javascript libraries that websites use from different CDNs, and re-direct them with hosts file to your local http server.

1 Like

At first this is going to keep tedious and perhaps a bit overkill but the value of privacy and security is what you put on it so if it matters to you then you'll attempt taking a different approach to things. My list is going to progress from easy and be increasingly difficult but all listed items have their place so decide up to which point you'd like to go

  • Use a different search provider, Google stores and sells so much data that you cannot consider your searches private. Consider what you search for, do you want to share what you search? Use a provider such as duckduckgo, or privatesearch where your searches are actually private

  • Change your web browser to firefox or if you REALLY don't like that then use Chromium but even that isn't ideal. Chrome isn't secure, Google has had their fingers all around it

a) EXTRA: Some important browser extensions I highly recommend are HTTPS Everywhere, ublock or adblock edge, and Privacy Badger or Disconnect. The value in these things comes from that this helps block the tracking that comes with ads and social media buttons etc.

b) OPTIONAL AND SLIGHTLY HARDER then I'd like to put in this section but it is here if you wish, change your Firefox settings to prevent your IP leaking and harden the browser

  • If you use Skype consider the fact it is owned by Microsoft now and Microsoft is in NSAs pocket meaning your calls are recorded and listened in on. Talk to your friends and see if you guys can switch to another software for your calls, good options are things such as Jitsi, Tox, Subrosa

  • Change your DNS to one that is not your ISPs or Googles, but preferably one that is free and open and does not log. An option for this is FreeDNS. This is a basic and important step as ALL the websites you visit get resolved through DNS which means whoever's DNS you are using can see all the websites you're going to (unless they don't use logs)

  • Switch away from compromised email services such as hotmail and gmail. Use something such as ProtonMail.ch or OpenMailBox.org

  • Password security is a factor, the average password isn't much more than a short word with maybe some numbers stuck onto the end. This has very low entropy and can be cracked easily, using a tool such as Keepass can help you securely store your login information, and generate very strong passwords

  • A VPN is also a good idea, it's good for helping get disconnected from tracking since your connection is tunnelled through your provider serving as a gateway to the internet in a way that serves to hide you. The bonus is between you and your VPN provider your connection is very securely encrypted (using a good provider that has good settings on their openVPN)

Providers such as NordVPN.com, Cryptostorm.is, or frootvpn.com are private, secure, no logs, good price, etc.

  • and finally, I highly recommend using Linux. An Linux distribution such as Linux Mint is both easy to use and inherently more secure right out of the box compared to Windows. Windows is backdoored and insecure, if possible and there is nothing holding you to Windows (such as work, specific software etc) than switching is recommended and not as hard as you think. Linux isn't all wizard terminal foo as some may think, the average user if they can install Windows can install Linux Mint and learn the basics in an afternoon

a) if you do this some basics to do are enable your firewall, follow previous suggestions such as change your DNS, install firefox, etc

Online presence:

Consider what you share online, even with the security noted above all of it is thrown away when you share very specific information about yourself, your habits, where you're from, etc as it adds up and becomes a web of identifying information. So being vague is your friend


@100557662 Thanks for the post, you went into some real detail here and this was the kind of thing I was looking for. Right now I think my first step will be moving to Firefox, I use chrome right now. I already use the extensions Ghostery, HTTPS Everywhere, and Adguard. I think after that the next step will be finding a new email provider. Currently using Gmail. Also I'm going to be trying out Linux on my non-gaming machines.

Question: What is the popular opinion on Google Docs? As far as privacy goes? I use it quite alot so this will be difficult to find a replacement for. Because it is owned by Google I'm assuming it is compromised as well.

I am already seeing the things I need to change as fast as possible. Moving away from basically everything Google will be my first step. Thanks for the reply.

Here are my most essential addons:

Then you should turn off history in the browser, because it can be leaked to sites by simple CSS.
Disable WebRTC in settings by disabling media.peerconnection.enabled (leaks your real IP)
Disable safebrowsing features like browser.safebrowsing.enabled
Disable flash or https://addons.mozilla.org/en-US/firefox/addon/flashblock but if you use flash, then you "must" edit mms.cfg in C:\Windows\SysWOW64\Macromed\Flash and add following setting: DisableSockets=1. Otherwise your real IP can easily be leaked when you use VPN.
And be sure only to save cookies from sites you trust with Self Destructing Cookies for example. Cookies are the easiest way to track you.

Next step would then be to minimize fingerprinting, which is a bit difficult to be honest.

I'm a horrible human being for using adblock. I can live with this.

Thanks for the list. I'm not using ALL the steps immmediatly but I'm moving in the right direction.

( Typing from Firefox :D )

I think that's a great reply, It really is a short beginner guide to browsing the web more privately.

Always browse the web inside a VM or container that has no personal information. No script, and blur are useful plug ins for stopping tracking.

Use Kolab to run your own email. Use Owncloud to have cloud storage and your own "docs" web app. Remember to use SSL for your own services and have clam AV scan your server. You should also run keep ads on said server as well.

Encrypt all your storage with 256bit AES.

A hardware firewall that does intrusion detection, antivirus, and package sniffing. PFsense and IPfire do this.

Using a cheap computer (Raspi) as a ssh box to connect to things like IRC and web browsing is a nice way to add another layer between you and the net.

For Linux distros it is hard to abeam a Harden Gentoo install. Opensuse has a pretty good security setup out of the box though.

Smart phones advoid them if possible. If you have to use them use SailfishOS, Ubuntu or a stripped version of android. The phone it's self should be off unless you are using it. Only use pay as you go phones with a fake name.

Pay for everything with cash or crypto currency. When you use a card only use refillable ones and rotate where you buy them from

1 Like

This posted started out pretty basic then the further it went the more and more tinfoil hat it got. Well done. lol

Don't insult me, and don't start with this "holier-than-thou" attitude, it adds nothing constructive to the conversation.