Just things that can be correlated. Time, device, network, accounts, and apps all correlate. Precise location, device sensors, etc also correlate.
You have to decide what you want security or privacy against, then you have to be mindful always.
Every internet connection is a fingerprint.
E.g. The second you use that device on an VPN all your apps phoning home, checking notifications, logging events, etc. collapse your profile and deanonymize your anonymous activity.
So I actually use a dedicated device for anything I want a VPN on.
Opsec almost requires that you need a public device for your regular use, and a secondary device with limited scope, third party OS for higher privacy for anything you actually don’t want to share.
It’s safer to tunnel specific whitelisted connections through a VPN than whole device VPN for that reason (the less traffic goes to VPN the better). iOS VPN doesn’t work for that reason.
If you want VPN security, the best way is to run a container with only VPN networking, then a second container with the service you want protected and route all networking through the VPN container.
Also, say no to Chrome based apps looking for devices on your network. That uniquely fingerprints you across tons of surfaces.
They say it’s for chrome cast or something but it’s too much info to share.
That’s really great, thank you. I’ve got a working knowledge of applying opsec and related principles, but my understanding quickly drops off when we get into the why. That’s super helpful.
Just things that can be correlated. Time, device, network, accounts, and apps all correlate. Precise location, device sensors, etc also correlate.
You have to decide what you want security or privacy against, then you have to be mindful always.
Every internet connection is a fingerprint.
E.g. The second you use that device on an VPN all your apps phoning home, checking notifications, logging events, etc. collapse your profile and deanonymize your anonymous activity.
So I actually use a dedicated device for anything I want a VPN on.
Opsec almost requires that you need a public device for your regular use, and a secondary device with limited scope, third party OS for higher privacy for anything you actually don’t want to share.
It’s safer to tunnel specific whitelisted connections through a VPN than whole device VPN for that reason (the less traffic goes to VPN the better). iOS VPN doesn’t work for that reason.
If you want VPN security, the best way is to run a container with only VPN networking, then a second container with the service you want protected and route all networking through the VPN container.
Also, say no to Chrome based apps looking for devices on your network. That uniquely fingerprints you across tons of surfaces.
They say it’s for chrome cast or something but it’s too much info to share.
That’s really great, thank you. I’ve got a working knowledge of applying opsec and related principles, but my understanding quickly drops off when we get into the why. That’s super helpful.