Privacy

My time on the 4chan /g/ board, specifically privacy threads. (/psg/) I have learned how to protect my privacy online and maintain it. While I believe most practices in those boards are very valid, especially when starting off from improving your privacy, has very positively impacted my wellbeing and privacy online. I do not use all of their methods. Along with the links shared on those boards to privacy guide-centric sites. However since nearly a year since I began hardening my privacy, I've learned to identify and choose carefully on what I should do to improve my opsec. While I started from the /g/ board, I have read many peoples' neocities sites and websites such as privacyguides.com and the likes, and have done much of my own studying. (since a lot of people on /g/ are schizo half the time) I hope this guide will help others in hardening their privacy, if they so choose, and be able to make good privacy choices on their own.

Before you attempt to harden your online privacy. You should first be aware of some things.

• When you decide to harden your privacy, lets say, by using a privacy-respecting browser.
  You will likely have to trade your convience for privacy. A good example is disabling or completing removing features such as cloud syncing.
  
• You should not feel peer-pressured by other privacy enthusasists, rather you should take note of what they tell you and decide yourself on whether you want to follow.
• Often be skeptical of corporates that are renown to being "privacy-respecting." I only say this because, in the past I believed that Mozilla was extremely trustworthy, and I'm not alone when it comes to this. However, after reading about Mozilla's privacy policies and their browsers being not so friendly (lots a telemetry by default). I have come to dislike Mozilla and no longer use any of their services. (Mozilla accounts, syncing, etc.)
  I highly recommend reading this: Digdeeper's "Mozilla" article. The first section will go over Mozilla's "pretend" privacy. While I believe most of it, since it all comes straight from Mozilla's terms or privacy policies, it's purely up to you on what to believe. You don't have to be skeptical of everyone, but just be aware.
• Proprietary software is not your friend. Ever. Proprietary software is the opposite of Open-Source software. Usually also named "closed-source" software, is software where the source code is not given to the public eye. The reason this is an issue and I urge others to priortize open-source software always, is that you have no clue what is actually going on. Let's say a proprietary browser gives you an option to toggle off telemetry. How would you definitively know its ACTUALLY off? While it becomes schizo if you read too much into it, it has happened before. With open-source you'll always know what goes in and out if that project even has telemetry at all. You'll mostly, if not nearly all, find open-source projets on Github. Just be aware Github is owned by Microsoft. :/

Now, you can begin hardening your privacy. The very, very first thing to harden is the very software that you use everyday. Your browser. You might be using a very common browser, such as brave, chrome, microsoft edge, or firefox. These are all terrible for opsec. However, it's up to you to determine how bad they really are. I recommend reading spyware watchdogs' articles on each of these. (chrome, firefox, brave, microsoft edge is owned by microsoft). For simplicity sake I will only guide you using librewolf. However, if you need to stick to your current browser for whatever reason. You are free to research hardening methods for them.
I use librewolf and have recommended them to my friends because its a firefox fork that removes all of Mozilla's telemetry and online features. Comes default with a lot of good options for hardening, along with more options for hardening.

Basic rules to follow for browsers:

• Disable IPv6 (if possible) - Why?: Personally, it's useless and poses security risks. (Research paper) This is purely optional.
• Disable auto-updating - Why?: Auto-updating will ensure you're always up to date, safe from CVEs and security holes. However, auto-updating pings the upstream server constantly, which you might deem as insecure. Most people will deem pinging servers are spyware even. (Scroll to "Misc. requests...") (Especially Google, Microsoft, and Mozilla). Optional once again.
• Disable any and all 'sync' features - Why?: Most browsers will sync your bookmarks, passwords, and other data to an online server. You have no control on what is being sent, and have no idea where it's truly going. It's a good practice to keep your personal data LOCAL at all costs. Sending your sync data will impose your data in a risk of being breached.
• Check privacy options (if there are any) - Why?: Self-explanitory. Ensure all telemetry toggles are toggled OFF, or you toggled the opt-out options. In the case for Firefox, you might need a FF profile.
• "FF profile" - (You can ignore this if you aren't using a firefox browser) These are configuration files that override flags in Firefox. You can see flags by typing "about:config" into your address bar.
  You can manually override them, or use a FF profile creator to help you. Below is an example in a telemetry flag being force disabled in Librewolf.
  
• Enable "anti-fingerprinting" or "ResistFingerprinting (for FF)" - Why?: A must have in any form of privacy using a browser. Fingerprinting relates to a site taking note of your (let's say) your screen size. If your browser fingerprint isn't different on another site. That site will know its still you but on a different website.
  I recommend the CanvasBlocker extension with the ResistFingerprinting. It will protect you from fingerprinting methods and tell you if an attempt was made.