DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Are you using antidetect browsers?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Are you using antidetect browsers?

    I would like to secure my data, besides they say that an antidetect browser is needed to work in affiliate marketing, is that so?

  • #2
    I have been doing affiliate marketing for a long time and have tried various antidetects. To begin with, I would like to advise you to take affiliate marketing seriously, this is very important. For a long time I chose for myself antidetekt gologin.kom. He incidentally also helps to keep your data in case anything happens.

    Comment


    • #3
      Which anti detect browsers are the best

      Comment


      • #4
        What about using VPN for securing your data? Is it possible or not?

        Comment


        • #5
          Originally posted by haxovyk View Post
          What about using VPN for securing your data? Is it possible or not?
          At best, a VPN can only provide added protections through hostile networks, but VPN only work when several criteria are met:
          * Well tested ciphers and hashes used, obsoleting weak, on both client and server
          * You can reliably trust the VPN provider to not harm you, mine your data, inject bad stuff, keep logs of your activities, not cooperate with those that want to take actions against your interests, etc.
          * (more)

          If any of these are broken, a VPN doesn't provide as much protection as desired or expected.

          The issue of trust is a reason many security professionals claim the only VPN you can trust is a VPN you alone manage and run. However, building, configuring and running your own VPN is a complicated process which is easy to get wrong, and risk leaking information in ways you didn't intend. A poorly configured VPN can be as bad as not even using a VPN.

          If anonymity is needed, tor/onion networks tend to offer more opportunities for anonymity without trusting a single VPN provdier, but these have issues similar to VPN. Claims have been made that evil people running exit nodes happily inject malicious content to answered requests as MitM, and there have been other allegations that nation state actors are using large numbers of nodes to try to de-anonymize individuals, but these claims often lack evidence necessary for a majority of people to find them believable, and most of these have required significant amounts of data relying on math based in statistics and probability combined with user profiling.

          (The topic of this thread is specialized on "Anti-detect browser":)
          Whether you use a VPN or a tor/onion network system, the network setup and browser you use is important, as a browser configured to run Java, javascript or launch obsolete applications with known security risks that can bypass your attempt at privacy. Whether your browser downloads and executes content (lke drive-by-download-and-run) or you download and execute content, risks for exposing who you are, information about your machine, contents from your machine, or claimed network location are all risks. (For example, MS Word/Excel Macros are a things which can be used to run code on your machine when those files are opened. PDF files support executable JavaScript to run when you open a PDF for reading. Not all PDF have JavaScript, but PDF storage allows for it, and most "free" PDF viewers supports JavaScript execution without telling or asking, every time you open them.) Choosing a good browser is important enough for users to start a thread just on browsers.

          Next, there are issues with DNS-based cookies. These can take many forms, but an easy to understand form? Your browser caches html content which provides requests to download various icons on a page. It is possible for a domain zone to contain a unique FQDN as a host for each image to be loaded, or not even use DNS, and have the local file on a webserver use seemingly random strings to request loading of images/icons. If a unique filename/hostname is specified per session, when you return to browse a site and use cached content, the site or DNS could identify you as a returning guest, and then establish a link between you accessing it from one network, vs. another without relying on host-based cookies in your browser.

          What is left for privacy? Not many options remain. One is to build a VM for each "account" you want to use, and then only use each VM on whatever VPN/tor/onion network you want, but never use these VM for anything else.
          You could break your expected user experience in web browsing by disabling javascript, CSS, images, etc and only use plain HTML, but most modern sites (especially those that mine data) probably won't even render or load content for you to read.

          What are ideal uses for a VPN if you trust the vendor, they keep up-to-date on only supporting non-weak cipers/hashed, and you do the same?

          Maybe you are visiting a coffee shop, or free wifi hotspot and there are automated systems there trying to steal your data, compromise your system or harm your sessions. If the only service you are running is a vpn client and all your network traffic only passes through it, a VPN can help you in that case. (You can't reliably assume that the people you see in such a coffee shop are out to get you by how they look or act. First, skilled actors/liars can appear to be someone they are not. Next, their machines may be compromised and they may not even know it, while automated scripts attack peers around them. Also, the nature of wifi allows for an attacker to be outside the coffee shop, or a device could be left in the coffee shop and remote-controlled by an evil user.)

          Maybe you have a private file-server, DB, or other resources, and they are reachable only on your VPN.

          Once the data you tunnel through a VPN or Tor is then relayed to the rest of the Internet, then it is no longer protected by the VPN. If a malicious user manages to setup hardware in front of your VPN server, like on same subnet or just outside your default gateway, your VPN traffic leaving your VPN server for the Internet or returning from the Internet is still at risk.

          Like SSH, a VPN is used to enhance security between *trusted* hosts over an *untrusted* network. (Once your traffic leaves the VPN to the rest of the Internet, it is no longer protected by the VPN.)

          If you can't trust your client or the server, both models (VPN or SSH) fail.
          number6
          404 Image not found
          Last edited by number6; 3 days ago.
          Disclaimer: I do not run or control any villages, contests, events, parties, etc. at DEF CON. Any announcements or updates about Villages, Contests, Events, Parties, etc. posted by me include content from the people running it. I am not responsible for their content or claims. Any answers provided by me about these are best-effort with information i have available at the time of posting/edit but are NOT authoritative. For official answers, contact the organizers. I grant permission to any DEF CON Forum admins to alter announcements for these as needed.
          ------------------------------------------
          6: "Who is Number1?"
          2: "You are number6"
          6: "I am not a number!..."

          Comment

          Working...
          X