Just curious OP: Why would you put up an HTTP link instead of an HTTPS link? I'll accept ignorance as a reason, provided you are now aware of the hazard. HTTP conversations between nodes are transmitted in cleartext. And if you're browsing chans in HTTP, well that's just a bad idea these days. 4chan does not automatically redirect to HTTPS.
Don't browse the chans from your own IP, regardless of HTTPS. Use a VPN, which includes encryption from your connection to the VPN node. This negates the "bad idea" part related to government surveillance. Also, use a logless VPN outside five, preferably eleven eyes.
If your setup does not automatically switch over to HTTPS when available you're doing yourself a disservice. Don't use HTTPS everywhere, it is blacklist-based. Use an add-on that defaults to HTTPS and then tries HTTP if secure connection isn't available. This negates the problem of HTTPS everywhere manually having to add sites and thus never can be complete.
Also, uBlock Origin or Adblock Plus and NoScript, Privacy Badger, Decentralize and WebRTC disabled.
Assuming the VPN is trustworthy. Still not worth locking yourself down to one entry point when you can use TAILS + TOR and have multiple random entry and exit points plus no one point knows both who you are and what you're doing.
view the rest of the comments →
oftotc ago
Just curious OP: Why would you put up an HTTP link instead of an HTTPS link? I'll accept ignorance as a reason, provided you are now aware of the hazard. HTTP conversations between nodes are transmitted in cleartext. And if you're browsing chans in HTTP, well that's just a bad idea these days. 4chan does not automatically redirect to HTTPS.
Weyland ago
A lot of wonderful ideas in the thread.
Don't browse the chans from your own IP, regardless of HTTPS. Use a VPN, which includes encryption from your connection to the VPN node. This negates the "bad idea" part related to government surveillance. Also, use a logless VPN outside five, preferably eleven eyes.
If your setup does not automatically switch over to HTTPS when available you're doing yourself a disservice. Don't use HTTPS everywhere, it is blacklist-based. Use an add-on that defaults to HTTPS and then tries HTTP if secure connection isn't available. This negates the problem of HTTPS everywhere manually having to add sites and thus never can be complete.
Also, uBlock Origin or Adblock Plus and NoScript, Privacy Badger, Decentralize and WebRTC disabled.
wincraft71 ago
Assuming the VPN is trustworthy. Still not worth locking yourself down to one entry point when you can use TAILS + TOR and have multiple random entry and exit points plus no one point knows both who you are and what you're doing.