[Guide] Protect your Crypto: Security tips for your home computer & network

[o_e_l_e_o]

Maybe "completely uncustomized as-generic-as-possible browser" may help to merge with the crowd, but you need to configure it or find one ready and test it.

The most commonly used desktop web browser is Chrome, by a long shot, with somewhere around 65-70% of market share. Firefox comes a distant second at 8-10%, and everything else on single figure percentages. If you wanted to find the biggest crowd to try to blend in with, then these numbers suggest you should just be picking the latest version of Chrome, and not downloading any add ons or tweaking any settings. Sure, while doing so may mean you don't have a unique fingerprint and you can "blend in", there is a much bigger problem being that if you use "out-of-the-box" Chrome, then you are being bombarded with tracking cookies and scripts, as well as Google keeping a log of absolutely everything that you do.

There is of course another way to approach this issue, and that is to use different browsers, or different but separate instances of the same browser. One for personal emails, social media, general internet surfing. One for work. One for crypto. It's impossible to track your fingerprint from Facebook to a crypto exchange if you use different browsers for each. Bonus points for running one of the browsers from a VM and using a different VPN server.

[aundroid]

For the Passwords section, please consider to add this topic, that is helpful and deserves your consideration.
[GUIDE] How to Create a Strong/Secure Password

The best way is to simply use the Keepass password generator and use a unique password for each service. Then you don't need any instructions on how to create a strong password.

KeePass is good password manager, but personally i'd prefer KeePassXC if you're linux or mac users.

If you are a Windows user, I would simply stick with the original Keepass.
To my knowledge the original is also the only one that supports plugins. (like OTP, QRCodeGenerator, Word Sequencer or stuff like that)
Here are all available plugins listed by the way: https://keepass.info/plugins.html

If you don't use Windows or several different operating systems KeepassXC should be preferred.

But using a Yubikey you can't mix Keepass and KeepassXC cause both use different encryption methods. (according to: https://keepassxc.org/docs/#faq-yubikey-incompatible)

[PrimeNumber7]

This is beneficial if you are using a public WiFi or an internet connection belonging to a third party. This will not provide the additional privacy that most VPNs provide because you will be the only one using that IP address. This will probably not increase security if you are accessing a website from home via a 'private' VPN, although it would prevent any website from knowing if you are at home or away. If you are using a public WiFi, this will prevent the WiFi host from impersonating any website you try to access, and will prevent the WiFi host from knowing what websites you are accessing.

Yes, this is a reasonable remark. But I am more afraid of unnecessary third-party applications/extensions on my computer and collecting logs about all my visits by VPN provider than the fact that someone will collect information at my one address.

That is one tradeoff of using a VPN instead of using a VPS as a 'private' VPN. You can't really know for sure if a VPN provider is keeping logs.

You don't need any third party application to use a VPN, as you can use an open source application whose code you can inspect to connect to a VPN server. Although if you do this, you may lose some features that many VPN providers offer such as checking the current performance of many of their servers at once and connecting to a specific server accordingly.

Using a VPS as a 'private VPN' may be a good way to achieve "regulatory arbitrage" if you are in an oppressive country and your VPS is located in a country with more protections against searches by government.

And modern systems make a very accurate browser fingerprint. Are you sure that you cannot be precisely identified by it as well as me by one ip?

I am not sure I understand what you are asking here. If you are accessing a website from a specific IP address, and are the only person accessing the website from that IP address, the website will know you are the same person.

[squatter]

That is one tradeoff of using a VPN instead of using a VPS as a 'private' VPN. You can't really know for sure if a VPN provider is keeping logs.

In some cases, you can be reasonably sure. Twice now, Private Internet Access has been subpoenaed for subscriber information in major criminal cases. In both cases, they were unable to provide any data that could link online crimes with a user's identity.

That's why when someone asks for a VPN recommendation, I always recommend PIA.

[PrimeNumber7]

That is one tradeoff of using a VPN instead of using a VPS as a 'private' VPN. You can't really know for sure if a VPN provider is keeping logs.

In some cases, you can be reasonably sure. Twice now, Private Internet Access has been subpoenaed for subscriber information in major criminal cases. In both cases, they were unable to provide any data that could link online crimes with a user's identity.

That's why when someone asks for a VPN recommendation, I always recommend PIA.

That is good to know about PIA/Private Internet Access. I will have to keep this in mind in the future.

[aundroid]

Time to bump before the thread disappears into oblivion.