OP 27 February, 2021 - 10:01 AM
I see people posting basic opsec and people write guides on it, so I figured I'd share some basic information.
#1 - Privacy is not equal to anonymity.
For instance, a VPN will give you some privacy, but will offer very little in terms of anonymity. You must get rid of services like google, facebook, amazon, social media, etc. They are very good at tracking your computer and what you do.
#2 - Don't tell anybody about what you do. This means people in person, and people online. You don't know who the person on the other side of the screen is, and these days people are willing to turn in their own family. I don't care if you browse porn all day, don't tell people.
#3 - If you're ever in trouble, shut your mouth, don't speak to anybody without a lawyer.
#4 - If you are receiving something for free, you are the product. You are being tracked and traced. They are reading everything (this especially goes for you gmail users).
#5 - Use Tails OS if possible. Use Tor if possible.
It's important to prevent things from happening in the first place.
I'd recommend a separate computer for any sort of non kosher activities.
Stick with open source and audited software. Don't trust closed source.
Use a password Manager of some sort. Don't use the same password anywhere.
- Bitwarden
- Keepass XC
- LessPass - You can use this to generate your bitwarden password which will keep everything safe.
USE STRONG PASSWORDS!!! NEVER SHARE YOUR PASSWORD WITH ANYONE, FOR ANY REASON. DON'T KEEP PAPER BACKUPS.
Use Full Disk Encryption - Use a good random password. You can checkout password managers, or look into masterpassword.
- If you are using a PC with Windows use Veracrypt.
- If you are using a mac use FileVault. (breaks my open source and audited, but if you're using a mac you have no choice - You can use Veracrypt or boxcryptor on a partition).
- If you are using Linux use LUKS.
- If you are encrypting on the cloud use boxcryptor.
Use a good VPN. Using a VPN basically hands over the trust on the side of the VPN provider. Are they better than your ISP? Maybe...
- I have some recommendations, but there's so many, so I'll refrain. Ideally don't trust a company located in a 5 or 14 eyes country.
Communication
- Session Messenger
- Signal
- Threema
- Element
- Briar
- Jami
Use encrypted email services
- Encrypt your own email using PGP
- Posteo
- Disroot
- Tutanota
Self host email using mailinabox.
- Stop using Google as your search engine. Better to stop using it for everything to be honest. Same with Amazon. Remember you are the product.
Cloud storage
- Besides least authority, there really isn't much that's open source. It's also no longer available unless you are self hosting. There are some closed source cloud storage such as tresorit, but that depends on what level of security you are looking for.
- Nextcloud if you have your own server, there's some downsides, but it's the best available.
Paying for stuff
- If you use bitcoin make sure to tumble it. Bitcoin is not 100% safe and secure. Use a wallet like Wasabi (with coinjoin). For anonymity monero is better.
These are just some basics, honestly it feels like it never ends. You need to find a mix of privacy, security, anonymity as well as convenience.
#1 - Privacy is not equal to anonymity.
For instance, a VPN will give you some privacy, but will offer very little in terms of anonymity. You must get rid of services like google, facebook, amazon, social media, etc. They are very good at tracking your computer and what you do.
#2 - Don't tell anybody about what you do. This means people in person, and people online. You don't know who the person on the other side of the screen is, and these days people are willing to turn in their own family. I don't care if you browse porn all day, don't tell people.
#3 - If you're ever in trouble, shut your mouth, don't speak to anybody without a lawyer.
#4 - If you are receiving something for free, you are the product. You are being tracked and traced. They are reading everything (this especially goes for you gmail users).
#5 - Use Tails OS if possible. Use Tor if possible.
It's important to prevent things from happening in the first place.
I'd recommend a separate computer for any sort of non kosher activities.
Stick with open source and audited software. Don't trust closed source.
Use a password Manager of some sort. Don't use the same password anywhere.
- Bitwarden
- Keepass XC
- LessPass - You can use this to generate your bitwarden password which will keep everything safe.
USE STRONG PASSWORDS!!! NEVER SHARE YOUR PASSWORD WITH ANYONE, FOR ANY REASON. DON'T KEEP PAPER BACKUPS.
Use Full Disk Encryption - Use a good random password. You can checkout password managers, or look into masterpassword.
- If you are using a PC with Windows use Veracrypt.
- If you are using a mac use FileVault. (breaks my open source and audited, but if you're using a mac you have no choice - You can use Veracrypt or boxcryptor on a partition).
- If you are using Linux use LUKS.
- If you are encrypting on the cloud use boxcryptor.
Use a good VPN. Using a VPN basically hands over the trust on the side of the VPN provider. Are they better than your ISP? Maybe...
- I have some recommendations, but there's so many, so I'll refrain. Ideally don't trust a company located in a 5 or 14 eyes country.
Communication
- Session Messenger
- Signal
- Threema
- Element
- Briar
- Jami
Use encrypted email services
- Encrypt your own email using PGP
- Posteo
- Disroot
- Tutanota
Self host email using mailinabox.
- Stop using Google as your search engine. Better to stop using it for everything to be honest. Same with Amazon. Remember you are the product.
Cloud storage
- Besides least authority, there really isn't much that's open source. It's also no longer available unless you are self hosting. There are some closed source cloud storage such as tresorit, but that depends on what level of security you are looking for.
- Nextcloud if you have your own server, there's some downsides, but it's the best available.
Paying for stuff
- If you use bitcoin make sure to tumble it. Bitcoin is not 100% safe and secure. Use a wallet like Wasabi (with coinjoin). For anonymity monero is better.
These are just some basics, honestly it feels like it never ends. You need to find a mix of privacy, security, anonymity as well as convenience.
