I'm not too worried about downloading movies tbh, we're not heavy on that and the popular ones are easy to find without even using torrenting services. I just generally am getting the sense that to do anything that would need real security, more than just downloading content, neither (even with a live usb on a public wifi) is really going to cut it.
This is a fact that neither will cut it. Like every shitty answer to a complex problem it is more about adopting a security methodology and analyzing what you are doing and keeping to the facts moreso than thinking there is a single solution or a magic bullet. Every piece of your computer should really be analyzed and it honestly unreasonable for people who are not professional systems administrators to really be able to do it but that doesn't mean it doesn't need to be done. I suppose the first step is to understand what the zero-trust model is then start to adopt zero-trust technologies and worklows into your normal life. Over time you can come up with secure solutions to each problem.
One thing that gets me is that you don't know what you don't know. For example most people don't know about DNS servers and how your network adapters communicate to them. Every time you type a domain name it communicates to a dns server tells them what you are trying to do. This data is aggregated and is extremely effective at tracking and profiling and this is far more important to secure than using TOR or proxying through some shady VPN service yet most people aren't even aware of its existence so how are you going to explain to them the necessity of DNSSEC and being aware who your DNS provider even is.
I'm not too worried about downloading movies tbh, we're not heavy on that and the popular ones are easy to find without even using torrenting services. I just generally am getting the sense that to do anything that would need real security, more than just downloading content, neither (even with a live usb on a public wifi) is really going to cut it.
This is a fact that neither will cut it. Like every shitty answer to a complex problem it is more about adopting a security methodology and analyzing what you are doing and keeping to the facts moreso than thinking there is a single solution or a magic bullet. Every piece of your computer should really be analyzed and it honestly unreasonable for people who are not professional systems administrators to really be able to do it but that doesn't mean it doesn't need to be done. I suppose the first step is to understand what the zero-trust model is then start to adopt zero-trust technologies and worklows into your normal life. Over time you can come up with secure solutions to each problem.
One thing that gets me is that you don't know what you don't know. For example most people don't know about DNS servers and how your network adapters communicate to them. Every time you type a domain name it communicates to a dns server tells them what you are trying to do. This data is aggregated and is extremely effective at tracking and profiling and this is far more important to secure than using TOR or proxying through some shady VPN service yet most people aren't even aware of its existence so how are you going to explain to them the necessity of DNSSEC and being aware who your DNS provider even is.