/r/opsec
OPSEC is the process and practice of Operations Security. Although it has roots in the military, OPSEC can be applied to any venture requiring secrecy and survival, from business security to personal safety. OPSEC is a mindset of critical thinking and safe habits. Read the sidebar below for more information!
Operations Security, or OPSEC, OPSEC is about minimizing attack surfaces and single points of failure through proper habits and policies. It's a systematic and proven process that we can use to deny adversaries information they need to do us harm or interrupt our plans. It's also a mindset that can be applied to any mission or plan.
Although the term originated in the military, OPSEC is now used for so much more. This includes law enforcement, computer and network security, home safety, travel, and so much more.
OPSEC isn't a list of rules, and it's not as simple as using a VPN and keeping your mouth shut. It includes elements of INFOSEC, APPSEC, NETSEC, COMSEC[TRANSEC/SIGSEC/EMSEC], PHYSEC[PERSEC], and (CO)INTEL.
1. Identify the information you need to protect
2. Analyze the threats
3. Analyze your vulnerabilities
4. Assess the risk
5. Apply countermeasures
Understand your own risk/threat model: Who is your adversary? What needs protecting?
The OPSEC Two-Step: Know what to protect and know how to protect it.
Don't post without reading the rules thread or your post will be removed, and you may be banned.
Don't give advice without knowing the user's threat model first. If you proceed to give advice when the OP has not explained their threat model, you will be banned.
Don't offer single tool solutions (e.g. VPN, bitcoin, Signal) when the threat model isn't clear
Don't give bad, ridiculous, or misleading advice (e.g. "you can't get arrested if you use Tor")
Don't ask for help or help others in illicit and unlawful activities (e.g. "I want to buy drugs on the internet").
Don't post without mentioning your threat model, unless it's a post about how to threat model.
/r/opsec
Threat model: Politically oriented community work in my near future, trying to clean up my back end and have better opsec habits now before starting
In a few days I am going to upgrade my Galaxy S21 that's on my family's verizon plan (likely) to a Google Pixel. The funny thing is that I actually already own a Pixel, with GrapheneOS.
About a year ago I bought a Google Pixel 3a secondhand in cash, and flashed it with GrapheneOS and got it up and running with Mint Mobile SIM and jmp.chat VoIP. But since my threat model is low and not urgent, I never prioritized weening off my current phone, apps, accounts, etc and never fully transitioned to that device. But I did value learning about Graphene during this time.
Now that my phone is due for an upgrade, I am probably going to go for a new Pixel, but use it normally to start and not flash Graphene. But I do not know if it will be safe to use the new device as I normally do (logging into all my accounts and using Stock OS) and then flashing it with GrapheneOS when I'm ready. I still have storage to move and accounts to delete as I slowly work on degoogling and weening off all my current profiles and such. So I will essentially have to use the new Pixel just like my current phone for the timebeing, but if I get to a place where I can flash it with GrapheneOS, will there be any trace of my use on the stock OS? Or will it be no different than getting a "clean" Pixel (my 3a) and using Graphene from the start.
I have read the rules
Hi, English is not my first language, sorry for mistakes in advance. My threat model is Government dosent like it when they are bad mouthed. I want to acquire a phone from where I can text (trough signal and Facebook) without being found. I have thought about buying an google pixel 7a and using grapheneOS. Running vpn on the phone and get a sim to create a hotspot so I can take the phone with me everywhere. Yes I have read the rules Thanks everyone
I know the title seems stupid but hear me out.
So I am an activist and in my group we are worried mainly about the secret services of our country accessing our Documents. (I have read the rules, this is my rough threat model)
I use a secure Mail Provider with PGP and also Signal. However some of my fellow activist insist on sending all files via PGP encrypted Email rather than via Signal, even though most of them have a Gmail account. They say Signal is not as safe... I think if we are already taking the step with PGP we should use secure email providers and not Data-hoarders like Gmail.
I assume it is okay as long as no one gets their PGP key. However the encrypted Email files are still visible to Gmail and can be given to Authorities if needed to.
What do you all say. Is there Reason for me to call them out on using PGP and Gmail or is it ok.
You all sound so COMPETENT it’s very attractive. Love a professional level protector. That being said, I’m going to delete this comment in a day or two because privacy and anonymity!
Btw I have read the rules I might not understand em But I read em ✨
First off I am aware that phones can be pinged to be triangulated and get their location. My first question is if the phone is currently off with the sim out I assume that they can access records and see via triangulation where I had previously been using the phone. Is that correct?
Second question is approximately how accurate is triangulation? I keep seeing people say it depends but I'm really just looking for a general idea.
Not sure if it matters but phone only supports 2g and has no GPS.
My threat model assumes that a particular entity with lots of resources becomes interested in my activity (because it is unusual), and accesses cell-tower data to try and triangulate the location of my device, in order to link it to my identity. If my activity gets linked to my identity, it would make my life difficult. i have read the rules
I have read the rules and I'm hoping to take part in activism through social media. I do not believe a government would be a threat to me, which if it was, I don't believe I have the capabilities from where I am to protect myself then. My primary threat I've identified is opposing people who could doxx me for my beliefs.
As of now, the measures I've taken is to use a separate proton account for my X account and not providing any of my personal identifiable information to X (phone number/location etc.). As I don't wish to be doxxed by being hacked somehow (in the very edge scenario as I don't expect to get my device compromised or click random links through that account) I don't wish for it to connect to my personal life in any ways. The only other personally identifiable account I have on the internet is my personal Instagram account which is on an entirely different email account.
Any ideas on other simple/free ways to improve my opsec measures as well as thoughts on these ones? Is this adequate enough?
Any software that makes Opsec Threat Modeling easier? I know there are bunch for software development but is there something I can use with general physical opsec?
I have read the rules
So I got pidgin working with a domain called 5222.de, but only on the clear net. I want to know how I should setup pidgin (I am new) and how to setup a tor domain/tor hidden service or whatever it's called. Thanks!
my threat (or at least what i think this means from reading a little): I want better online security and to be able to talk with whoever I want without anyone listening in.
"i have read the rules"
Hey! I was curious of how could I have a totally secure phone from Google spying on me.
Threat model: (idk what that means but is in the rules) just don't want to have my info out there in Google hands, btw my PC is Linux and I use Floorp browser so I dont have much tracking
I have read the rules ;)
P.S: my phone is a BlackView
I have read the rules.
I quit using my social media accounts around 5 years ago for a multitude of reasons, most of which privacy related. While I have pretty much no desire to return to social media, I am heavily involved in my local music scene and want to network with people to make friends and find local gigs without giving out my phone number. The only social media I see being useful is Instagram. I considered Snapchat for messaging, but it seems fruitless.
MY THREAT MODEL: I primarily want to protect my identity from being determined by Meta, as to avoid being targeted for advertising, data collection, etc. I suspect it would be easiest to identify me through cross-referencing other photos posted online from the same concerts, though I imagine this would take lots of manual effort and couldn't be reasonably automated, especially considering my appearance has changed since the last time my face was posted on IG. If you can prove otherwise, do so.
I am also looking to avoid being passively identified by people I might know or employers as to avoid being profiled due to the music scene I'm involved with (while I know times have changed, metal/punk/rap/etc is still generally frowned upon around here) I don't anticipate being manually targeted by any people or groups, though if that were to happen I want to have as much redundancy and protection as possible. I think not putting my birth name, face, or phone number into this account will do the majority of the heavy lifting here.
I want to maintain privacy and security in compliance with my threat model, while still keeping a somewhat decent level of convenience.
The plan is to install Instagram as a Firefox or Vanadium PWA on my main phone, a google pixel running GrapheneOS. The browser would be used only for that PWA, only have network permissions, and I am running an always-on paid-VPN. I would likely install it on my primary user profile, as my alternate work profiles tend to be really buggy with Google services.
General obvious practices would be not sharing any PII as previously stated, not adding (many) people I know irl, not posting my face without redaction, etc.
Is my listed plan realistic, what are some possible flaws that pose a risk to my threat model, and what can I do to generally improve my opsec in this situation?
Whenever any of my devices are connected to my ISP home router, I'm able to see information like device name, device type, hostname, brand, model, OS (including version), connection type, connection point (gateway), MAC address, and IP address. This is too much... How do I protect myself from this? Threat model: ISP, local law selling my data without my consent. Living in 14 eye country. Changing MAC address is not preventing them from detecting device information. i have read the rules
So. I have read the rules, but I'm still not entirely clear on the threat model thing, so I hope I'm doing this right. How would one remove a hidden camera? I don't have a phone so those types of solutions wouldn't work. I know the camera also has a microphone attached. Also btw this isn't hypothetical I legitimately know it's here I just can't find it.
I have read the rules. I don't really have any adversaries. I just don't want people to profit of me just because im using the internet. What are some good places to learn more about op sec and ensure my privacy and anonymity on the internet? Also what are some good habits that I can adopt that reduce the amount of vulnerabilities I have?
My goal is to set up a virtually hosted VM that could seperate my on-machine activity and would not give away any hardware/network clues as to my identity. I want to be able to access this machine from (possibly) any windows machine. If you do have a proposal:
-What are the various ways I could setup such an environment without the setup/payment having the ability to deanonimise me
-Assume a situation in which the VM is completely compromised, what vulnerabilities would there now be to the access machine. Does even complete control of the VM even need to happen to compromise identity.
If there are better solutions to encapsulating access, I'm very keen to hear, thank you.
My threat model is not complete and am asking this to fill it in.
I have read the rules
Hello friends,
I use a Pixel 8 with CalyxOS every day.
I need a new phone just for a Wi-Fi hotspot with a VPN—nothing else.
Can you suggest a good phone with no heating issues and a strong battery for full-time hotspot use?
I don't want to spend on a latest model like Pixel 8 just for a hotspot.
Must-have features: VPN kill switch and Wi-Fi hotspot with VPN. 5G support preferred.
Threat model: i want to post against govt. On social media platform. I'm in a country where it's not safe to post against the government. Any recommendations?
I have read the rules.
Recently found a video about a false 911 call linked to the perp's phone via their IMEI. Can this address also be correlated to internet habits on 5G/WiFi networks? If so, how can I improve my OPSEC around this? I figured kill-switched ProtonVPN coupled with a GPS spoofer would protect my privacy well enough when away from ny desktop, but now with this digital fingerprint brought to my attention, I'm about to the point of trading out my Galaxy Note for an Ubuntu Touch. I have read the rules, but please pardon my ignorance, I'm new here. Law abiding citizen, I just hate corporations for more reasons than one, not the least of which their seemingly indefinite entitlement to my privacy that US citizens can't easily opt out of.
I have read the rules.
My objective is to safeguard my online presence, including social media and online ventures, from an individual who poses a threat to my safety.
My actual identity, including my name and contact details, is not my primary worry as this is already known to this person. I've already restricted my personal social media accounts tied to my real name to friends-only settings.
Key areas of privacy concern include:
Background on the individual:
Examples of their stalking behaviors include:
On a positive note, the active stalking has subsided since the eviction happened a number of years ago. However, there remains a possibility of intermittent harassment or stalking in the future.
I live in a country where the police often "throw the book" at people who criticize the government, it's not explicitly illegal but there are many suspicious arrests. Is there a way to talk to people that if the police got ahold of the contact could not be traced back to me without great effort aside from something manual like arranging to meet? I considered telegram and signal but I have to use a phone number for both and that seems easy to find me with. I know it sounds dumb, and I am new to this but I read snapchat has end-to-end encryption for pictures, what are your thoughts on this.
i have read the rules
Say I only want to protect myself against doxxing. Hypothetically, every OPSEC meassure is on point. The only way to find out who I am, is to somehow listen to my messages (without any official access to my chatrooms). Encryption would protect me from this threat right, since it protects each message with an advanced encryption algorithm? But the only one who have authority to do that would be LE, Intel agencies etc. Since I am not hiding from LE or governments, encryption would be overkill right?
Or do you know a fancy method to listen to chats without your presence in the actual chatroom?
I have read the rules
I have read the rules!
Today, I talked with my friend. They told me that they were put on a site called "Doxbin" and asked, "What should I do now?" I recommended to change passwords and IP. Address
There 17 years old. There real name, phone number, birthday, address, 3 passwords, emails, and parents names got out.
Can someone please provide a guide or any sort to help in this situation?
Hi, yes i have read the rules.
English is not my main language, please be tolerant. My threat model is corporate/governement surveillance of my private life versus my professional life.
I am good knowledge about computer, linux, vpn... Now I would like to get a burner phone.
I have read this article: https://www.offgridweb.com/preparation/burner-phone-basics-how-to-set-up-an-anonymous-prepaid-phone/
Comments on that ?
My plan would be to buy a phone with paypal or even better cash, install Fdroid.
Then protonmail or tutatnota app (From Fdroid), no google accouts and only use it on public WIFI or through VPN router. This phone would be turn off everydays, sometime remaining of during weekdays.
What would be your advises ? Thanks.
Say I have a telegram account. The account is set up with a burner phone number, fake name and username and all privacy settings is at its finest. BUT, the telegram is installed on your main phone.
Threat model: You doesn’t hide from enemy governments or intelligence agencies. You or only concerned of doxxing by civilian actors.
I have read the rules.
I want to understand if there's any threats involved in using SSH to access a server you and others (strangers) have permission to access. Is there any good reasons to use measures such as a VM, VPN, TOR, etc?
In the past I played some CTF games that required players to use SSH to access their server. The main one I did was Over The Wire wargames which I'd like to have another go at now. The reason to access the server is to dig through the filesystem and individual files looking for flags/passwords to allow you to advance to the next level. At least one of the ones I played (it might be OTW) suggested players keep a file on the server to record the flags they had found, and it was possible to find other player's files.
I can't think of any reason to not just SSH from my personal computer's (or phone's) terminal straight into the server with no added precautions. A conversation with an IT grad recently made me wonder if there's some threat I'm missing.
(i have read the rules)
I want to outfit a car with a homemade tracker, in case of theft. I plan to use an Android phone, plan below. I am open to critiques, looking for any holes, and better ideas if you have them. I have also considered going with a micro-controller and a LoRa or cell hat, but I prefer the tech to be a little higher (decision based on reliability).
Commercial trackers are pricey, plus I don't want my data flowing through someone else's networks or servers.
Ingredients:
Preparation:
I'll have a cron job on a terrestrial server to periodically download and remove location files over vpn from remote rental server (anonymously paid with crypto). On phone, I may add a cron-bash script to gpg-encrypt the files and scp to rental server, instead of using GPS Logger's built-in sftp.
The car is a classic, buying from a friend going bankrupt, market value US$225k-350k. It will sit in shared a basement garage with a rollup door, unlocked from an external keypad (public) having a six-digit passcode. The garage door's emergency release cord has been removed. Car cover. Dense urban area with high vehicle crime. Car registration will be as anonymous as permitted under U.S. and state laws.
I have read the rules. Comments, please!
I have read the rules.
I'm a beginner looking to start improving my digital hygiene, specifically when it comes to personal account creation (ex. signing up for a free trial at a gym that requires a phone number and email). Ideally, I'd like to distance my personal phone number and emails that I use for important tasks (ex. financial, residential) from accounts that I use for much more trivial tasks (ex. signing up for newsletters, forums, social media, etc.). This way, I can sort of self-contain the impact of a breach of personable identifiable information (PII) as one company/organization faces a breach/leak going forward.
As an average joe, the primary threat actor are commercial interests, such as marketing, spam, etc from the products or services I want to try or use. Signing up for one thing tends to open up the floodgates for marketing, even when I've declined those options. Furthermore, like many, I've recently had information like my phone number and email discovered on the "dark web," so receiving spam, especially from foreign countries, has become increasingly annoying. A secondary, but more unlikely, threat would be potential threat actors (whether commercial or political) generating an aggregate model of my interests/activities using accounts tied to my phone number and emails for more ~nefarious~ purposes such as impersonation. Second one might be more a paranoia type thing, but who knows.
What I've done so far:
What I'm considering doing/planning on doing:
One important caveat is that I'm on a budget, so I'd ideally like to do things that don't increase my monthly costs substantially. For ex., I'd like to avoid having to buy a second phone with another phone plan to use as a burner phone if I don't have to. But, if this is the best practice, please let me know. Ultimately, I'm willing to sacrifice some convenience, and a little bit of money, for a little more security in protecting my PII.
Please let me know if I'm heading in the right direction/if I'm missing anything. I'm looking for any sort of feedback, advice, and resource recommendations.
I'm also trying to practice articulating my opsec, so I'm open for all critique (did I threat model correctly?). Thank you for the help.
Hello r/opsec,
I am reaching out to you seeking guidance and expertise in a rather unsettling situation. I have inadvertently associated myself with an online group of hackers, and now, as a 16-year-old, I have been informed that when I turn 18, they plan to doxx me and harass my parents. It is important to note that despite their intentions, these individuals, roughly 20 of them, have been unsuccessful in their attempts to dox me so far. Nevertheless, I want to take measures to protect myself and my loved ones from potential harm.
While I understand that these people may not be skilled hackers, rather skids who rely on public records and data breaches, I still want to take measures to protect myself and my loved ones from potential doxxing.
With that in mind, I come to this community seeking advice on how to safeguard my privacy once I reach adulthood. I am aware that doxxing can have severe consequences, and I am determined to prevent any harm that may result from these individuals exposing my personal information. I have read the rules.
I would like to mention that the individuals who plan to doxx me only have access to a SimpleLogin email address that I used, as well as some past email addresses that are not connected to any accounts. Additionally, they are aware of my Discord account. I understand that this information may limit their ability to gather more personal data about me, but I still want to ensure that I am taking all necessary precautions to protect myself.
Here are a few specific questions that I hope you can help me address:
Thanks.
I have read the rules.
The goal is to be able to use a pseudonymous Twitter (now "X") account profile for political activism, and disseminating (legal) propoganda while protecting and hiding my real identity online.
The threats are motivated government agencies and activists with more financing and better ability with tech than I will ever have. I'd be especially vulnerable to doxxing by activist civilians, political parties, and state agencies for the purpose of tarnishing my personal reputation, issuing subpoenas, gag orders, etc. I live in a country where police and security agencies are willing and able to track people without meaningful justification (e.g., without a court order), and the political parties in control use this against activists and those who do not agree with them. Even if I wanted to resist this tracking in court and exercise any rights to privacy, this would require revealing my identity -- and the game would be over.
Using Twitter requires an email and may for practicality's sake require a phone number able to receive texts and pass identity spoofing (some numbers are blacklisted by Twiter). I may need to pay for some services, like a VPN, a phone number, and Twitter may begin requiring payment to create a new profile. I have a budget for this but would need an untraceable way to keep this money.
This is a pseudonymous profile which I would like to use with Telegram, Signal, or blogging platform as well as the Twitter account.
I am considering the following countermeasures:
Thank you.
I have read the rules
First of all, I live in a country where criticizing the governement is a crime (It legally isn't but they find an around-way for it). I want to share my opinions freely. I know how Tor and other things work, I'm aware of the risks. I need "social media" to reach the people out but most of the social media blocks Tor usage without verifying phone number etc... I firstly decided to create an Instagram account using ProtonMail with Tails on, after a few days of usage It wanted me to verify myself due to suspicious IP activity (Tor connects from different locations so that might be normal). I verified myself with a free temporary number which people can find with a quick google search. I used the account for personal purposes like watching videos etc for a while. After a month of usage I requested my data from Instagram from this link (Accounts Center). I inspected the data and there was nothing that could be related to me. I want to use this account for sharing my opinion about governement. My question is:
The bigtech is well-known for the datas they collect and hold. The data I requested has nothing related to me (IP, Phone number, Phone model, Shared photos etc...) but Meta doesnt guarantee that the data we are able to request is what they hold. I mean there can be a bigger data which they dont give to their clients. Should I continue to use this account? How anonymous would I be if I use it for purposes? Normally I wouldnt doubt that Tor and Whonix/Tails will protect me but its bigtech and you know, any mistake people do against authoritinaon governements might have big consequences (including me, it can end up in prison) so Im here. Also can you all rate my OPSEC?
Currently using Whonix with Tor, have an anonymous ProtonMail account only for those purposes, When I share photos I clean metadatas of them, I use temporary numbers for being Anonymous and I dont share anything that can be related to me.
The flair might be wrong but Im new there, sorry if its wrong.
Threat model:
I want to prevent the possibility of someone hijacking my Google and Bitwarden accounts and yet I want to allow for emergency access in case of death or injury.
I want to defend against memory loss, burglary (opportunist & targeted) and malware/keyloggers.
EDIT: Reason to attack me: Only thing I can think of is, I run a website with hundreds of thousands of members with many disgruntled banned users. I'm also an avid crypto user/investor. What are the stakes: The impact of a successful attack is just too great because my life is my Google account. I use it for backing up everything on my computer and it controls the keys to my business (e.g. domain ownership).
Rationale:
My primary Google and Bitwarden accounts are solely locked by Yubikeys with no recovery methods. I memorise both passwords because having my Google account hijacked is one of my top fears in life.
Due to death or injury, it seems I should not solely rely on human memory for these core passwords. However, I feel extremely uncomfortable writing it down somewhere, and safe deposit boxes are expensive in my country.
Objective:
Allow access to my accounts in an emergency if I forget my passwords or family needs access. Require no trust in any person until such a scenario occurs.
Components:
Emergency Bitwarden account
Small safe with cable tie
Fire Resistant Envelope
UV marker and torch
Setup & process:
1. Fresh Bitwarden Account (no 2FA) to be Emergency Access Contact for my real account.
2. Place Login/Pass of the above in a safe box inside a fireproof envelope. Also include 1 of 2 parts of my Google password in UV ink.
3. Set a PIN that is already used by my family so nothing new needs remembering.
4. If I have memory loss/or die, the safe is opened revealing the emergency account details. Request for access would be granted to my real account after 1 week of no response.
5. Inside my real Bitwarden account includes a Secure Note containing the second half of my Google password. It also includes a reminder to use UV light on the letter in the safe to reveal the first part. It also reminds them that one of distributed Yubikeys will be needed to login.
That's it.
My own assessment:-
Pros:
Cons:
I'd be hugely grateful of any feedback on my setup.
^(( i have read the rules) )
I have read the rules
I have had my reddit account blocked from being compromised recently, fortunately I was able to regain access after I changed my password.
This gets weirder because I get an login request with an OTP from a different mail address (completely isolated from the reddit issue, neither reddit account address nor oauth was associated with that mail), as in, someone trying to access my general mail address.
I never reuse passwords, don't use public computers or click shady links. None of the above mail address were found in a data breach (as per haveibeenpwned).
I assumed this has been a session / token / cookie leak since I have 2FA enabled and have manually revoked many of them.
Reddit compromised account was used as an upvote and comment bot for some porn subreddits and shoe retailers, so it wasn't personally targeted, but it got increasingly more concerning with mail login.
How do I figure how this occured and what should my next steps be?