- cross-posted to:
- privacy@lemmy.ml
- cross-posted to:
- privacy@lemmy.ml
cross-posted from: https://lemmy.ml/post/25679666
I recently put together a detailed opsec guide that covers practical steps for reducing your digital footprint, securing communications, and avoiding common pitfalls people make when trying to stay private online.
The goal was to create something that’s actually useful and not just the usual “use a vpn and tor” advice. I tried to break down realistic methods that can help both beginners and people already familiar with opsec.
Id love to get some feedback from the community - what’s missing, what could be improved, and if there’s anything you disagree with.
You must log in or # to comment.
I think it’s good you tell people to check their threat model, but then on the other hand some of the advice comes across for those in an extreme category of the spectrum, which most people aren’t.
For example, most people aren’t whistleblowers or political dissidents sharing news online and needing to hide from state governments - they’re regular working folks who need to be more worried about falling prey to the everyday phishing and social engineering attacks aiming for their bank accounts and credit cards.
It’s cool to know the extreme parameters for top security, but it’s important to get the daily, small stuff right, too. Like using password managers, MFA, being vigilant looking out for all chances of scams, not using shady websites, services or pirated software, leaving software and devices unpatched, etc.
Searx is unmaintaned, there is a fork called SearXNG.
I skimmed it really quick. Looks like a really good writeup! You talk about stylometry, you might be as paranoid as I am.
I don’t even try to hide my speech patterns, but I should.
Will try to give it a slow read when I have time. I like your work so far!
Thanks! Take your time and share your opinion after reading.
I’ve read it more slowly now. I think it could use a few edit passes to get things condensed into fewer categories. I felt I was reading the same advice in multiple contexts.
The amount of bullshit was near zero, I really think you know what’s up. Sometimes, you left out basic “everybody knows” details, and I had to process for a moment to decide if it was because you were unaware or just for brevity. I concluded that you just wanted to write about the important stuff and not rehash old tips. That’s a good thing.
Be safe out there.
Hi thanks again! Can you expand what you mean by “it could use a few edit passes to get things condensed into fewer categories” and “I felt I was reading the same advice in multiple contexts”. Would love to fix it.
A table of contents with links to headers would be good to include, so people can easily jump to sections that interest them.
An additional subheading for each category that covers negative consequences of using whatever method might be good, especially since this is a guide for neophytes as well as more experienced people, and the (often) inverse relationship between security and useability isn’t always understood.
thanks for the feedback! I will add these things, appreciate it bro.
Okay I’m not sure if this is offtopic but, I feel like this kinda fit here:
About Cellular triangulation…
There is a way to sort of communicate “off grid”
AFIAK, portable Ham Radio / Two-Way radios don’t have a “IMEI”, while their signals can be tracked, its more difficult than cell triangulation, since there’s no IMEI.
So… you just don’t transmit from home, and find a different place to transmit from every time (and avoid getting recorded by CCTV while you are traveling / transmitting.
So here’s an Encrypted Communication method that’s “Off Grid”:
Rattlegram is an app on iOS/Android that alllows converting a string of text to audio and play it over your phone’s speaker
Secure Space Encryptor (SSE) (known as Paranoia Text Encryption on iOS) is an Open Source app that can encrypt text.
- Use SSE to encrypt text (both the sender and receipient need to share a password over a secure channel beforehand)
- Copy-Paste the Ciphertext to Rattlegram (Rattlegram will convert the ciphertext into an audio)
- Play the audio over the radio
- On the other end, use Rattlegram to turn the audio back to the ciphertext
- Use SSE to decrypt.
Or replace SSE with OpenPGP, but the problem with PGP messages, is that they are much longer and you need to send multiple Rattlegram transmissions to send the entire ciphertext, basically its more time consuming. You want to finish your transmissions as soon as possible.
You probably want an airgapped device that have the aforementioned apps pre-installed.
Voila! Off-Grid Encrypted communications.
(Encryption is illegal over Ham Radio in many jurisdictions btw. I will neither confirm nor deny that I have tested sending an encrypted transmission 😏)
