DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

Are you using antidetect browsers?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Axie Infinity
    replied
    i am using fitrefox

    Leave a comment:


  • dmr
    replied
    Thanks Dark.

    Actually, Nord is my VPN of choice. Probably as good as any, privacy-wise, and does not dog down the web response too badly.

    Leave a comment:


  • The Dark Tangent
    replied
    I don’t think so.

    I was looking for a browser privacy Matrix and found this:

    https://nordvpn.com/blog/best-privacy-browser/

    Leave a comment:


  • dmr
    replied
    Does Brave automatically vary your browser fingerprint to foil tracking?

    Leave a comment:


  • Exist
    replied
    Brave is your best option. Out of the box it has enough security features enabled for the average person.

    You could add the following plugins if you would like a more secure experience:

    HTTPS Everywhere, Privacy Badger, Ublock Origin, uMatrix (advanced)

    Leave a comment:


  • dmr
    replied
    I use Firefox with Ublock Origin and Privacy Badger. I don't do any affiliate drek.

    Leave a comment:


  • Choronzon
    replied
    i use brave
    and duck duck go

    Leave a comment:


  • kellyhubbard90
    replied
    As we know that google is not safe (privacy concern), so i am currently using Brave browser.

    Leave a comment:


  • number6
    replied
    Originally posted by haxovyk View Post
    What about using VPN for securing your data? Is it possible or not?
    At best, a VPN can only provide added protections through hostile networks, but VPN only work when several criteria are met:
    * Well tested ciphers and hashes used, obsoleting weak, on both client and server
    * You can reliably trust the VPN provider to not harm you, mine your data, inject bad stuff, keep logs of your activities, not cooperate with those that want to take actions against your interests, etc.
    * Secured and trusted VPN client, VPN server, Client OS & applications, Server OS & applicaitons
    * (more)

    If any of these are broken, a VPN doesn't provide as much protection as desired or expected.

    The issue of trust is a reason many security professionals claim the only VPN you can trust is a VPN you alone manage and run. However, building, configuring and running your own VPN is a complicated process which is easy to get wrong, and risk leaking information in ways you didn't intend. A poorly configured VPN can be as bad as not even using a VPN.

    If anonymity is needed, tor/onion networks tend to offer more opportunities for anonymity without trusting a single VPN provdier, but these have issues similar to VPN. Claims have been made that evil people running exit nodes happily inject malicious content to answered requests as MitM, and there have been other allegations that nation state actors are using large numbers of nodes to try to de-anonymize individuals, but these claims often lack evidence necessary for a majority of people to find them believable, and most of these have required significant amounts of data relying on math based in statistics and probability combined with user profiling.

    (The topic of this thread is specialized on "Anti-detect browser":)
    Whether you use a VPN or a tor/onion network system, the network setup and browser you use is important, as a browser configured to run Java, javascript or launch obsolete applications with known security risks that can bypass your attempt at privacy. Whether your browser downloads and executes content (lke drive-by-download-and-run) or you download and execute content, risks for exposing who you are, information about your machine, contents from your machine, or claimed network location are all risks. (For example, MS Word/Excel Macros are a things which can be used to run code on your machine when those files are opened. PDF files support executable JavaScript to run when you open a PDF for reading. Not all PDF have JavaScript, but PDF storage allows for it, and most "free" PDF viewers supports JavaScript execution without telling or asking, every time you open them.) Choosing a good browser is important enough for users to start a thread just on browsers.

    Next, there are issues with DNS-based cookies. These can take many forms, but an easy to understand form? Your browser caches html content which provides requests to download various icons on a page. It is possible for a domain zone to contain a unique FQDN as a host for each image to be loaded, or not even use DNS, and have the local file on a webserver use seemingly random strings to request loading of images/icons. If a unique filename/hostname is specified per session, when you return to browse a site and use cached content, the site or DNS could identify you as a returning guest, and then establish a link between you accessing it from one network, vs. another without relying on host-based cookies in your browser. As a counter to some of these, you can try disabling browser caching, and ensure cookies and cache are both cleared on each restart.

    What is left for privacy? Not many options remain. One is to build a VM for each "account" you want to use, and then only use each VM on whatever VPN/tor/onion network you want, but never use these VM for anything else.
    You could break your expected user experience in web browsing by disabling javascript, CSS, images, etc and only use plain HTML, but most modern sites (especially those that mine data) probably won't even render or load content for you to read.

    What are ideal uses for a VPN if you trust the vendor, they keep up-to-date on only supporting non-weak cipers/hashed, and you do the same?

    Maybe you are visiting a coffee shop, or free wifi hotspot and there are automated systems there trying to steal your data, compromise your system or harm your sessions. If the only service you are running is a vpn client and all your network traffic only passes through it, a VPN can help you in that case. (You can't reliably assume that the people you see in such a coffee shop are out to get you by how they look or act. First, skilled actors/liars can appear to be someone they are not. Next, their machines may be compromised and they may not even know it, while automated scripts attack peers around them. Also, the nature of wifi allows for an attacker to be outside the coffee shop, or a device could be left in the coffee shop and remote-controlled by an evil user.)

    Maybe you have a private file-server, DB, or other resources, and they are reachable only on your VPN.

    Once the data you tunnel through a VPN or Tor is then relayed to the rest of the Internet, then it is no longer protected by the VPN. If a malicious user manages to setup hardware in front of your VPN server, like on same subnet or just outside your default gateway, your VPN traffic leaving your VPN server for the Internet or returning from the Internet is still at risk.

    Like SSH, a VPN is used to enhance security between *trusted* hosts over an *untrusted* network. (Once your traffic leaves the VPN to the rest of the Internet, it is no longer protected by the VPN.)

    If you can't trust your client or the server, both models (VPN, tor/onion, or SSH) fail.

    An example that might provide many of these (privacy settings in browsers, support for tor/onion browsing, fewer web-client available applications to reduce attack surface against browsers?) If you *trust* the creators and can boot your hardware from USB and hardware is supported by it, check out Tails: https://tails.boum.org/install/download/index.en.html ... The concept is fairly simple; Instead of booting your full OS and using it to browse with all files saved on your local storage, you boot a new OS from a USB thumbdrive, and if paranoid, disconnect all your local storage, making all of your local information physically unavailable, then boot from Tails, enable tor/onion sessions and the included privacy focused browser. If done well, each boot from these contains no information from previous boots. Saved bookmarks are lost, as are saved files. They often have support for less-secure persistent storage across reboots, but that can risk privacy if saved data can be read by bad people. There is often a cost when privacy and security are preferred, and it is often in the form of accessibility, and service, making things that were easier on your desktop more difficult or impossible in the new environment.

    There are other "Live CD" OS which you can boot from USB. Review them all, and find something that YOU TRUST and which works for you.

    A note on booting from USB: you really need to trust the creator of images for bootable USB system BEFORE you boot from them, as any OS that contains malicious content can brick your hardware, or in some cases make changes to your BIOS, IPMI, UEFI settings, or other hardware which persist across boots, putting other OS you boot from at risk. If your persistent storage is connected while booting from another untrusted OS with malicious content, then your risk it being exfiltrated by bad people. It can be dangerous to boot from untrusted systems. Do your own checks to determine what you can trust, and what you should avoid. Don't just boot from an OS/image because "someone on the Internet said it was cool/safe."
    Last edited by number6; February 10, 2022, 15:41.

    Leave a comment:


  • haxovyk
    replied
    What about using VPN for securing your data? Is it possible or not?

    Leave a comment:


  • pletara
    replied
    Which anti detect browsers are the best

    Leave a comment:


  • hellion
    replied
    I have been doing affiliate marketing for a long time and have tried various antidetects. To begin with, I would like to advise you to take affiliate marketing seriously, this is very important. For a long time I chose for myself antidetekt gologin.kom. He incidentally also helps to keep your data in case anything happens.

    Leave a comment:


  • karlfort
    started a topic Are you using antidetect browsers?

    Are you using antidetect browsers?

    I would like to secure my data, besides they say that an antidetect browser is needed to work in affiliate marketing, is that so?
Working...
X