What specifically are you looking for?

Privacy in the registration process, privacy friendly VPS location(s)? Not many providers (willingly) allow you to sign up without non-identifiable information. Most of the "privacy web hosts" think that just allowing BitCoin as a payment option is somehow "privacy" but then ask you for your name, address, phone number, etc.

Find a server location outside of the 5/9/14 eyes ( https://restoreprivacy.com/5-eyes-9-eyes-14-eyes/ ) and a provider offering KVM or Xen based Virtual Servers (Though KVM is more popular nowadays). Don't use their premade Linux images, install your own ISO and VNC in and encrypt the disk via LUKS.

I plan on writing up a guide for /f/webguides eventually on installing Debian 10 on a VPS with LUKS disk encryption which will be the same process for virtually any KVM VPS provider. It's been on the to-do list with like 500 other items.

... unless you are using tor's transparent proxy feature.

tor browser is free too, you are the product. :^)

I kind of meant not to run any browser or if so avoid javascript. but... Lynx?

for safety, Lynx doesn't support Javascript, but many web sites, including dark net ones, idiotically require javascript.

Links...?

Lynx and elinks does not support JavaScript, but Links does: sudo apt-get install links then to compile Links with JavaScript support, use the configure option --enable-javascript ... etc

https://softwarerecs.stackexchange.com/questions/11678/text-based-browser-that-runs-javascript

I would avoid the javascript entirely if possible, or use a remote proxy doing all the javascript and rerendering back through tor to your location

Thank you!!!!!!

This is quite brazen of them.

Some of it might be laziness of checking out mods to chrome source they depend on, rather than their possibly obfuscated source alterations.

No way to tell probably without compiling or downloading chromium yourself and confirming what they try to patch over : https://github.com/brave/brave-browser
and https://github.com/brave/brave-core

And now I think you are on to a money avenue they are seeking....

.... if a program is Free... then YOU are the Product

DNS LEAKAGE spotted 23 hours ago from ramble research and formally reported 23 hours ago !:

.onion request in regular window should also avoid DNS leakage #14261:
https://github.com/brave/brave-browser/issues/14261

"No fancy web browsers"

What about lynx?

Thanks for the share.

I am reading and trying to get my head around what is posed there.

This--> "...If you connect to a VPN over Tor, this traffic separation goes away completely..."

People go connecting to their VPN via Tor? That's not ahh bright.

Normally: Computer ---> REMOTE VPN ---> TOR

No single tunnel there like claimed. Sure VPN is, but it's a drop in replacement in essence for your local gateway. Normal pedestrian leakage of IP and you get the VPN IP instead of your actual IP. More advanced leaking, well, nothing is saving you.

Then there is this ---> there's the matter of trust to consider again. Alice must be sure her VPN provider is worthy of the trust she will be placing in it. She must have paid her VPN provider in a way that can't be traced back to her. She must be sure that the VPN provider doesn't keep traffic or connection logs. She has to trust herself to never mess up and connect to her VPN without Tor. And for this VPN to be of any benefit at all, she must convince herself that her adversary can't somehow work with the VPN provider, compromise the VPN provider, or work with/compromise ISPs and ASes near the VPN provider.

This is why you need real provider for VPN that is exercising maximum transparency and who answers the tough questions. A compatible philosophy they live by is most important. But have to implement thing, not just lip service.

Same argument made for trust thy VPN provider NOT --- can be 100% extended to your ISP and its upstreams. This is why crypto matters and everything should be encapsulated in something, ideally multiple wrappers.

Peel back a layer of this and there is another layer - if your protection is working effectively.

For VPN to work in this mix you need provider that doesn't want to intimately knows its customers.

• Zero knowledge of customers.
• Anonymous payments (prepaid cards, cash, privacy coins, barter).
• No name or info required to maintain account. No logs on the servers.
• Forced DNS that is scoured clean of fluff and abuse 3rd party noise.
• Something better than a warrant canary - how about full posting of all abuse@provider inbound emails automatically?

That's a decent start.

You will see that around here soon as a thing. Cause the VPN industry is a marketing scam most of it. Gets exploited and they toss more into ad buys and placement spots. Fake privacy niche is a real tragedy.

Wear your web condom with a VPN, then Tor...

Please see https://matt.traudt.xyz/posts/vpn-tor-not-mRikAa4h/

I think the recent arrest news should tell us that Tor is not completely anonymous.

Here's how to be 99.99% anonymous:

• Buy 2nd hand laptop
• Park outside a library with free Internet
• Use something like Tail OS to further hide your identity

So how about that Brave :)

A month ago Aspenwu was saying look out.

Rambler posted it.

Then we made this: https://ramble.pw/f/privacy/2387/brave-browser-leaks-your-tor-onion-service-requests-through

Since then Brave continues to graft garbage into their browser. Like putting NEWS reader in it. Thing constantly phoning home ET...

Brave isn't any longer allowed in my environment unless quarantined in contained machine for testing their broken stuff.

Pretty good list

So once again ads bite users in the rear.

Decoupling ad blocking from the browser would be darn smart (ublock origin is simply awesome - so far).

Ad blocking on browser layer should be done via plugins / addons.

Question is what is / was Brave shipping out - calling home - to check? Is Brave saying here is a domain that cleared in the browser, let's call home remotely to verify? That's what it appears.

That isn't a feature. That is Brave collecting lookups unknown to those running the browser. When I do a lookup I expect MY DNS SERVER to deal with it. I don't expect the browser to go talking behind my back.

Terrible 'feature' that should be removed. It is distributed intelligence and I understand that pursuit well. However, it is something people ought to opt into and be aware of.

So yes, Brave likely has been logging onion addresses also and internal domains and other private things they should never be seeing. What is being done with that data and where is note of handling and destruction thereof?

Funnier though is Brave should have seen these onion address lookups whenever 'bug' was introduced. Smart people know those don't belong there. Something isn't right about all of this. Doesn't pass sniff test.

It is up to Brave to prove what they are or aren't doing. I don't believe it until someone speaks and provides code and breaks it down for non coders.

We made mass media about this :) ZDNet on MSN.

https://www.msn.com/en-us/money/other/brave-browser-leaks-onion-addresses-in-dns-traffic/ar-BB1dPSnS

Brave browser leaks onion addresses in DNS traffic Catalin Cimpanu 11 hrs ago

Added in June 2018, Brave's Tor mode has allowed throughout the years access to increased privacy to Brave users when navigating the web, allowing them to access the .onion versions of legitimate websites like Facebook, Wikipedia, and major news portals.

But in research posted online this week, an anonymous security researcher claimed they found that Brave's Tor mode was sending queries for .onion domains to public internet DNS resolvers rather than Tor nodes.

While the researcher's findings were initially disputed, several prominent security researchers have, in the meantime, reproduced his findings, including James Kettle, Director of Research at PortSwigger Web Security, and Will Dormann, a vulnerability analyst for the CERT/CC team.

Furthermore, the issue was also reproduced and confirmed by a third source, who also tipped off ZDNet earlier today.

The risks from this DNS leak are major, as any leaks will create footprints in DNS server logs for the Tor traffic of Brave browser users.

While this may not be an issue in some western countries with healthy democracies, using Brave to browse Tor sites from inside oppressive regimes might be an issue for some of the browser's other users.

Brave Software, the company behind the Brave browser, has not returned a request for comment sent before this article's publication earlier today.

Over the past three years, the company has worked to build one of the most privacy-focused web browser products on the market today, second only to the Tor Browser itself.

Based on its history and dedication to user privacy, the issue discovered this week appears to be a bug, one the company will most likely hurry to address in the coming future.

Update: Minutes after this article went live, the Brave team announced a formal fix on Twitter. The patch was actually already live in The Brave Nightly version following a report more than two weeks ago, but after the public report this week, it will be pushed to the stable version for the next Brave browser update. The source of the bug was identified as Brave's internal ad blocker component, which was using DNS queries to discover sites attempting to bypass its ad-blocking capabilities, but had forgotten to exclude .onion domains from these checks.

... limiting it because their tech can't identify all people equally as well?

We call this a bias? I call it a bias against white people. Technologists are racists against whites.

No sane person wants any of this tech to get better than it is already. It is already a weapon and will be abused.

I encourage people to hold these projects accountable.

Auditing is a normal thing in the real world. Transparency is necessary to some level.

Tor will never be clean trustworthy project. Government directly invested in it. There are shortcomings in design and not enough nodes to mix things up by default, thus prior endpoint hacker data collection.

It's just a piece of a solution. Wear your web condom with a VPN, then Tor...

Another day and more known but unfixed security issues.

Funny that it is in Android, which Google owns.

The same Google dumping sh%t on open source the other day and talking about making themselves a gateway for open source published projects that are core.

Got news you wealthy tards in Mountain View --- worry about how badly your code sucks and how lousy your company has become as citizens.

Censor this you big dummies.

As for TikTok BOOM. Worst app. When you have 15 second attention span and endlessly swiping. Yeah, that might be good approach for your masturbation fodder but it isn't smart for hours a day, for a developing young person's brain, etc.

Nevermind the obvious spying and leaking - which is all the tech tards know how to do. The all knowing fake godplex is what is all about. They are in cahoots. Companies not on the team get blacklisted and downed - i.e. Parler.

This has been a 'feature' in Firefox and likely other browsers.

I would test but I am lazy right now and I disable and mutate browsers to pretend they could be privacy adhering (in reality they are lying, cheating, c*nts who report to everyone whatever).

Chromium just recently cleaned up their version of this stupidity:

https://www.theregister.com/2021/02/04/chromium_dns_traffic_drop/

Chromium cleans up its act – and daily DNS root server queries drop by 60 billion That’s a 41 per cent traffic relief for all concerned Simon Sharwood, APAC Editor Thu 4 Feb 2021 // 08:01 UTC The Google-sponsored Chromium project has cleaned up its act, and the result is a marked decline in queries to DNS root servers.

As The Register reported in August 2020, Chromium-based browsers generate a lot of DNS traffic as they try to determine if input into their omnibox is a domain name or a search query.

Verisign engineers Matthew Thomas and Duane Wessels examined the resulting traffic and reached the conclusion that it accounted for up to 60 billion DNS queries every day.

Wessels has since penned a new post that went unreported when it appeared on January 7 – the day after the US Capitol riot – but was today resurfaced by APNIC, the Regional Internet Registry for the Asia-Pacific region.

In the post he says the Chromium team redesigned its code to stop junk DNS requests, and released the update in Chromium 87.

F-off to reddit and other control NAZIS (as opposed to my kosher friends - at least the genuine ones of faith).

This gatewaying of all information and only calling something valid when it is admitted by a head of pyramid is tired.

This is why people sit on 0 day exploits for years and drop things strategically. Because too many people out there in power positions are abusive and in denial that their sh!t stinks.

Brave is an ugly baby.

I went back and found I tagged Brave leaking to plain DNS back on February 6th. Was new to me. Working on other stuff involving Tor and had just spun up Brave to check it out. Wondered why strange stuff in my DNS logs (you log your DNS lookups, don't you? You should).

Now who can point me to all the bundled Brave releases? Cause they are all fronted to feed you latest one. I want to selectively install and test and see how many releases they've been outing .onion addresses and putting normies at risk.

It's more secure than Brave :) Just look at how Brave has been leaking addresses to regular DNS for how long? (who can feed me a URL with their old releases so I can test?)

Seriously you should be running Tor browser with javascript off. JS is a nuisance and privacy sewer and by design. Javascript creator should be charged with crimes against humanity.

Oh isn't that fellow the lad behind Brave?

This analysis is good for my edification. I'm reading some of the sources and will have some related questions later on.

There's an example and description at Mullvad for the two-hop connection: http://xcln5hkbriyklr6n.onion/en/help/wireguard-and-mullvad-vpn/ [Forgive the onion link, but search "wireguard-and-mullvad-vpn" for clearnet]

"Each WireGuard server is connected to all the other WireGuard servers through WireGuard tunnels."

The user gets confirmation that their target website sees the IP of the second node, but what does the ISP see? Aren't they routing to the first node (at least physically), and is it masked as the second node? Does the tunnel between nodes become redundant as the user connection tunnels through the entry node to the exit node?

Nodes/servers
Is it wrong to use "nodes" in this scenario

I tested it with 20 far-right domains and ZERO were blocked.

THANKS! I completed my tests.

Quad9 does not censor on behalf of ADL, JIDF, nor SPLC yet.

The sites it blocks that they claim they block are truly scam domains that phish from your retarded older relatives.

In case a public DNS blocks, you can use some others as fallbacks :

• 8.8.4.4 < google fast fast fast, but spys and logs you for making money
• 64.6.64.6 < verisign open
• 208.67.222.222 < OpenDNS
• 9.9.9.9 < Quad9 public DNS in europe

One of those on occasion blocked a famous far-right site that agitated the (((ADL)) but it was not permanent.

Quad9 is far too far from me to use it in all my routers and machines, but I will use it as a secondary and parallel search. I measure everything in my life in fractions of milliseconds and though I also have many of my own DNS servers, and caching, I do not live in Switzerland, though I love visiting it often.

Searx has multiple engines. If you're lucky enough, you can even get Google results. It must be Google bans Searx instances quickly because of heavy traffic or automated requests.

We built the internet around having a special individualized identification code in every single computer whenever it tries to communicate ... but, nobody was going to use it, of course! Damn those Chinese for stealing the U.S. Government's intellectual spy property!

Funding can influence a project pretty significantly.

Not when done in a completely transparent manner in which the funding's objectives are clearly stated (e.g. https://gitlab.torproject.org/legacy/trac/-/wikis/org/sponsors/Sponsor58 ).