When it comes to making dummy accounts, Fake Name Generator is a great site to use. The site creates a wealth of fake information, from name and address, to email and eye color. It even generates social security numbers and other realistic criteria.
Use secure email services when you can. Use a dummy email address when emailing people you do not trust and make sure that that dummy email is not attached to any of your real information (use a fake name, age, etc). You can also set up emails to reroute, so that you can receive them at your normal address – just make sure that you reply from the dummy account.
This is not particularly secure against government agencies but it is fairly secure against hackers. There are also free, disposable, temporary email services, such as Guerilla Mail, that allow users to create randomly generated accounts that get automatically deleted once the user ends their browser session, or after a time limit.
Micro$oft is one of the greediest, cuckold corporations out there, and should be avoided and boycotted at all cost. Avoid purchasing anything from them, and avoid using any technology that uses their software or operating system. Windows is also notoriously unsafe, given most viruses are designed to infect Windows operating systems, since they make up the majority of personal computers.
Microsoft provides an entry key for the police which bypasses all Windows password encryption.
Linux is generally considered to be one of the most secure operating systems, it has a slight learning curve but soon becomes second nature. Linux is probably the best thing you can use when it comes to securing online privacy and computer protection. Linux Mint is the best place to begin.
Your browser keeps track of where you go, what you type, and any other data it can capture about you. A basic security measure is to regularly delete this data (history, cookies and cache).
Google are sneaky little merchants who keep records of everything to make more money and appeal to their overlords.
When you search something in Google, it usually sends search terms to that site and your browser data and computer info. These sites thus build up a profile of you, and will bombard you with ads. Your online profile can also be sold.
Google, being a tool of the paranoid and power obsessed System, also saves all search histories of users. These search histories can be legally requested:
“Like other technology and communications companies, Google regularly receives requests from governments and courts around the world to hand over user data. In this report, we disclose the number of requests we receive from each government in six-month periods with certain limitations. Usage of our services have increased every year, and so have the user data request numbers.
We continue to look for new ways to organize information and provide more detail. For example, starting with the July-December 2010 reporting period, we began to disclose the percentages of user data requests we comply with in whole or in part. And starting with the January–June 2011 reporting period, we began to disclose the number of users or accounts about which data was requested.
Our FAQ about legal process provides information about how we aim to put users first when we receive user data requests. To learn more about the laws governing our disclosure of user data and reforms to those laws that we think are important, visit http://digitaldueprocess.org/. We hope this report will shine some light on the appropriate scope and authority of government requests to obtain user data around the globe.”
This is adapted from a twitter thread.
OPSEC is short for operations or operational security. Basically, the better your OPSEC, the more difficult it is for outsiders to find out what you’re up to, whatever that may be.
One of the most vital aspects of OPSEC is situational awareness. That is, the ability to actively evaluate one’s surroundings and make detailed assessments about one’s environment.
All of the encryption in the world won’t save you if the thought police get their hands on you while you’re logged in and signed on. All of your careful planning amounts to nothing if a common street criminal lethally stabs you for your phone and wallet.
Situational awareness is a skill that can be practiced and developed. Take the time to practice this in your everyday life. Here’s a link for one page that has some exercises, but many more can be found with some basic research.
Part of situational awareness is an accurate sense of self awareness. Know where your strengths and weaknesses lie. Learn how to amplify your strengths and compensate for your weaknesses. You might not be aware of these traits yet, but others notice them and can take advantage.
Don’t be a target. Bad actors look for people who are unconfident and wrapped up in their own thoughts. When you’re in public, keep your chin up and your head on a swivel. Don’t walk around with earbuds in and/or staring at your phone.
This ties in to the grey man concept. If you don’t want attention, dress and act in a way that won’t attract it. Don’t walk around wearing a MAGA hat, a Daily Stormer T-shirt, and a swastika patch on your backpack. Don’t even wear a Glock branded hat. Be inconspicuous.
One can never be 100% secure, so don’t get lulled into a false sense of security just because you implement the tips in this thread. It’s all about reducing the likelihood that an outsider will be able to tell what you’re up to, not guaranteeing that.
For the love of all that is holy, DO NOT USE WINDOWS. OSX is marginally better, but Linux is your best bet for privacy and security. If you want to vidya, get a console, that’s what they’re for. Linux Mint is a good version to start with.
>but I did some 1337 h4x that makes Windows bulletproof
No you didn’t. Use Linux, pretty much everything electronic in this thread is virtually pointless otherwise.
Get a VPN and pay for it. If you use a free VPN, then you’re the product. (i.e. Opera VPN doesn’t count) Mullivad, Private Internet Access, and NordVPN are some decent options off the top of my head. It’s really not that expensive. (Mullivad is probably the most anonymous, but it’s also the most difficult one to use)
Also, learn how to use Tor. It’s another means of anonymous access to the internet, and it also allows you to access websites that you can’t access from your normal browser. Just be mindful of the links you click on in those realms.
Carefully maintain any online personas you might have. Don’t use similar usernames on your normie and WN accounts. Use very secure passwords, a manager like KeePass can help with that, but also use a strong password to secure that database. Don’t repeat passwords on multiple sites
This is as vital as not using Windows, DO NOT USE GMAIL. Don’t even use it for your normie stuff. Use Protonmail or Tutanota as your primary account. Set up a throwaway spam gmail account if you really need to access a certain service, but don’t use it as a primary.
Did I mention not to use Windows? It’s really not even worth reading this thread if you keep using it.
Take some time to get used to Linux, but eventually it is a good idea to do full disk encryption for your machine. That is an option during the Linux install, just be sure not to forget that password, because you will need to enter it every time you boot.
Yes, having good OPSEC is a lifestyle, but we can no longer afford the luxury of a “normal life”
Learn how to use cryptocurrency. I would specifically recommend looking into Bitcoin and Monero. Coinbase is the easiest way to buy Bitcoin, but be sure to move it off to a private wallet ASAP and don’t donate to right wingers straight from your Coinbase account.
Your bank likely sells your account transaction history to marketers. Use a service like privacy dot com to mitigate that. It lets you set up cards that can only be used with a single vendor as well as single use burners. Your account statement won’t show the vendors you use.
This should go without saying, but don’t use Google Chrome either. Use Firefox if you’re autistic enough to set it up properly or use Brave if you want something that’s usable out of the box. Also, don’t use Vivaldi or Edge.
Post Office boxes are a good way to protect your physical location, but virtual offices are even better. That will provide you with a physical address wherever you choose. You can even have mail sent for the staff to open and they will email you scans of the content.
Some banks will even let you deposit scanned checks. Some VO services will forward mail for you and others can provide phone answering. Depending on your needs and desired location, you can expect to pay anywhere from $10-$200/mo.
Tails is a ‘Live’ operating system which is built from the Linux Operating System (as opposed to Mac or Windows). You can start it on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to:
- Use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network.
- Leave no trace on the computer you are using unless you ask it explicitly.
- Use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.
Tails comes with several built-in applications pre-configured with security in mind: web browser, instant messaging client, email client, office suite, image and sound editor, etc. Tails is the equivalent of buying a computer and then throwing it away every time you use the internet. It’s pretty secure.
Do Not Torrent Over Tor
Torrent file-sharing applications have been observed to ignore proxy settings and make direct connections even when they are told to use Tor. Even if your torrent application connects only through Tor, you will often send out your real IP address in the tracker GET request, because that’s how torrents work. Not only do you deanonymize your torrent traffic and your other simultaneous Tor web traffic this way, you also slow down the entire Tor network for everyone else (noteworthy during times when multiple dissidents will be using it).
Do Not Enable Or Install Browser Plugins
The Tor Browser will block browser plugins such as Flash, RealPlayer, Quicktime, and others: they can be manipulated into revealing your IP address. Similarly, we do not recommend installing additional addons or plugins into the Tor Browser, as these may bypass Tor or otherwise harm your anonymity and privacy. The lack of plugins means that Youtube videos are blocked by default, but YouTube does provide an experimental opt-in feature that works for some videos.
Use HTTPS Versions Of Websites
Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to the final destination website depends upon on that website. To help ensure private encryption to websites, the Tor Browser Bundle includes HTTPS Everywhere to force the use of HTTPS encryption with major websites that support it. The “s” after HTTP means that the website traffic is encrypted with the SSL protocol, making the traffic more secure. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a blue or green URL bar button, include https:// in the URL, and display the proper expected name for the website. Additionally, see EFF’s interactive page explaining how Tor and HTTPS relate.
Do Not Open Documents Downloaded Via Tor While Online
The Tor Browser will warn you before automatically opening documents that are handled by external applications. DO NOT IGNORE THIS WARNING. You should be very careful when downloading documents via Tor (especially DOC and PDF files) as these documents can contain internet resources that will be downloaded outside of Tor by the application that opens them. This will reveal your non-Tor IP address. If you must work with DOC and/or PDF files, we recommend either using a disconnected computer, downloading the free VirtualBox and using it with a virtual machine image with networking disabled, or using Tails. Under no circumstances is it safe to use BitTorrent and Tor together, however.
Use Bridges And/Or Find Company
Tor tries to prevent attackers from learning what destination websites you connect to. However, by default, it does not prevent somebody watching your Internet traffic from learning that you’re using Tor. If this matters to you, you can reduce this risk by configuring Tor to use a Tor bridge relay rather than connecting directly to the public Tor network. Ultimately the best protection is a social approach: the more Tor users there are near you and the more diverse their interests, the less dangerous it will be that you are one of them.
There’s also a Tor app for Android mobile, known as Orbot.
When using an anonymity service, it is important that all the traffic originating from your computer is routed through the anonymity network. If any traffic leaks outside the secure connection, anyone monitoring your traffic will be able to log your activity.
DNS is used to translate domain names such as www.example.com into numerical IP addresses (e.g. 220.127.116.11), which are required to route packets of data on the internet (send your data from A to B).
Whenever your computer needs to contact a server on the net, when you enter a URL into your browser for example, your computer contacts a DNS server and requests the IP address. Most internet service providers assign their customers a DNS server which they control and use for logging and recording your internet activities.
Under certain conditions, even when connected to the anonymity network, the operating system will continue to use its default DNS servers instead of the anonymous DNS servers assigned to your computer by the anonymity network.
DNS leaks are a major privacy threat since the anonymity network may be providing a false sense of security while private data is leaking.
To check for DNS leaks when using Tor or other VPNs go to dnsleaktest.com and run either the standard or extended test. The results displayed will detail how secure your connection is. It is also useful if you think someone is monitoring your traffic (through spyware etc).
Running a leak test on Tor etc will take quite some time, given how much your traffic is routed around. However, the URL below* lays out it simply. It is safe to say Tor Browser and a VPN are often secure against such DNS leaks.
VPNs and Proxies are very different concepts, though people sometimes get the two mixed up.
Proxies are similar to VPNs but do not encrypt traffic. They are less secure but work great for basic browsing. Proxies are often free or cheap, opposed to VPNs, which usually cost money.
Foxy Proxy is a common, usually reliable proxy. Keep in mind that both VPNs and proxies will slow down your traffic, since the data has to travel much further than normal (remember how Tor worked?). Free/cheap proxies are generally a bad idea if you wish to completely secure your browsing: https://blog.haschek.at/post/fd9bc
A VPN (Virtual Private Network) is an end-to-end encrypted tunnel. Private Internet Access and
TorGuard are good VPNs which do not keep user records (helping to protect you from government requests). A good VPN will often allow you to send your data through almost any country in the world, which is useful for accessing any government-banned websites. Anyone can set-up a VPN for free.
For Linux a PPTP protocol is a simple, good choice.
TorGuard is no longer recommended, but PIA is still solid. I would also recommend NordVPN and Mullvad. I usually just go with OpenVPN on Linux instead of PPTP. I also can’t recall the last time I used a proxy.