[ / / / / / / / / / / / / / ] [ dir / animu / chemo / choroy / mde / tingles / vichan / xdarmy / yuri ]

/prepare/ - Prepare

When SHTF You Best Be Ready!
Winner of the 75nd Attention-Hungry Games
/caco/ - Azarath Metrion Zinthos

March 2019 - 8chan Transparency Report
Comment *
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.

Allowed file types:jpg, jpeg, gif, png, webm, mp4
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 4 per post.

File: b4ce782632d8b6a⋯.jpg (52.13 KB, 735x400, 147:80, 73214981237.jpg)


Great OPSEC/security tips mirrored here:





I'll mirror most of the tips below. NOTE: there is no such thing as absolute 100% security/privacy while using any electronic device. The idea behind these tips is to make it as difficult as possible for your potential enemies to track, monitor and identify you. Anyone who has enough money, resources and time at their disposal could likely still find you no matter how hard you try hiding. These tips just help make it costly and difficult for them to do so.

Great tips for finding a trustworthy VPN service:



Post last edited at


"What we need to do is to simply stop hooking every damn thing up to the internet. We need to prioritize what kind of information we want out and that means adopting forward secrecy in many cases. You can start by purchasing a cheap VPN service or using Tor. You can reduce the information you put in your personal computer/laptop (via using an alias, having backups of your files in case hacked, storing sensitive files offline, keeping things you might not want others to see OFF an intenet-connected machine). You can make multiple email accounts, each for specific clients/services/transactions. You could purchase multiple used computers (much cheaper), each dedicated for various activities (online and offline). Stop using Winbot 10, use linux with wine instead. You can ditch those iPhones which are notorious for spying, replace them with an older flip phone or jitter bug. You can boycott all those big tech "smart" utilities, use older electronics. Never take the mark of the beast. Don't buy new digitized vehicles, stick to older models that have a lot of spare parts on the market (cheaper to maintain). As for social life, stop using social media! Abandon Facebooked and Instaspam and Snitchat and never look back. Meet up with your friends and talk face to face. The ONLY "social media" I have ever use is anonymous image boards and that's all I'll ever use."

"Any device that has a camera, I cover the camera up with black tape, or at times just rip it out completely. A lot of devices (like my laptop) come with cameras. These can and often are easily hacked into and can be used for spying on people."


Besides spoofing your IP address remember many sites are filled with third party scripts to instantly siphon metadata and browser history from your web browser so its important to use add-ons like noscript (advanced) or uBlock (simple). Use something like Random Agent Spoofer to spoof your browser agent and associated metadata and block unwanted vulnerable crap like webgl. HTTPS Everywhere is a must have, it keeps your content encrypted as you visit sites. Remember when you are using a browser to always erase your history caches and cookies. You can install add-ons like "Self-destructing Cookies" that will routinely purge those for you if your too lazy to do that yourself. For more security tips go to the link below.



It is important to point out that no matter how many measures you take to maintain your privacy and security that if you were to do something *extremely illegal* and become a surveillance target by the NSA or GHCQ or some other govt agency that they have a lot of secret tools to trace where communications are going through the backbone and then there is almost no hiding from that point on (unless you go completely off-grid, bug out and change your identity). VPNs and even Tor will not hide you from real-time ISP backbone surveillance and collection.

That being said it is possible now days to make it very difficult to trace you because of all the things we know and because of all the tools and services available to spoof IPs, MAC addresses and metadata. As well as utilizing encryption tools. If you do everything above, and take extreme measures as provided by these anons then it would be very difficult for even the feds to find out who you are because there would be numerous obstacles thrown their way to de-anonymize you.

You can spoof your [MAC] address easily with Operating Systems such as Whonix or Tails and Tor is built in by default. If you were to spoof you MAC address, use a private VPN service and then run Tor it would become an ENORMOUS pain in the rear for the feds to trace or track you down (not that it would be impossible but you *might* stand a chance at that point). But forward secrecy would also have to play a part along with ALL the other security precautions in this entire thread.


How to disable WebGL in Firefox?

Security researchers identified serious vulnerability in WebGL - which is turned on by default for Firefox and Chrome browsers – allows attackers to run malicious code on users' Computers.

Open up Firefox and type in about:config into the address bar.

Type in webgl.disable into the Search bar. Find webgl.disabled. If the value is false, double click on the webgl.disabled row to turn it on to make it true.

Find pdfjs.enableWebGL and change the value to false.

Find webgl.force-enabled and change the value to false.

Find webgl.min_capability_mode and change the value to false.

Find webgl.enable-draft-extensions and change the value to false.

Find webgl.enable-privileged-extensions and change the value to false.

Other about:config tweaking tips here: https://archive.fo/RYAp4


How to disable WebRTC in Firefox?

WebRTC is a new communication protocol that relies on JavaScript that can leak your actual IP address from behind your VPN.

In short: Set "media.peerconnection.enabled" to "false" in "about:config".


Enter "about:config" in the firefox address bar and press enter.

Press the button "I'll be careful, I promise!"

Search for "media.peerconnection.enabled"

Double click the entry, the column "Value" should now be "false"

If you want to make sure every single WebRTC related setting is really disabled change these settings:

media.peerconnection.turn.disable = true

media.peerconnection.use_document_iceservers = false

media.peerconnection.video.enabled = false

media.peerconnection.identity.enabled = false

media.peerconnection.identity.timeout = 1

media.peerconnection.trickle_ice = false

media.peerconnection.use_document_iceservers = false

Done. Do the WebRTC leak test again.


Now you can be 100% sure WebRTC is disabled.


To disable telemetry in Firefox type about:config in the address bar, accept the warning and click "I accept the risk!" to continue.

You'll be searching for two keywords: "telemetry" and "datareporting"

double click "toolkit.telemetry.infoURL" and delete the url completely

double click "datareporting.healthreport.service.providerCategories" and delete the data string

Set the following values to false:


datareporting.policy.dataSubmissionEnabled = false

datareporting.healthreport.service.enabled = false

datareporting.healthreport.service.firstRun = false

datareporting.healthreport.uploadEnabled = false

toolkit.telemetry.archive.enabled = false

toolkit.telemetry.enabled = false

toolkit.telemetry.unified = false

toolkit.telemetry.unifiedIsOptIn = false

Set the following value to true:

toolkit.telemetry.rejected = true

There, telemetry has been disabled.


The Mozilla Firefox sqlite files listed below hold a lot of data about your browser activity:










Sqlite files are typically found installed with most chrome browsers. The great thing is you can delete these files after you close your browser, then restart the browser and they'll come back completely empty with 0 data each time.

On a typical linux OS you can find them stored here:


You can use tools like Bleachbit or Ccleaner to manually add them to a list and routinely have them wiped out when you desire. This will get rid of ALL cookies, supercookies, web cache, browser history, pretty much any data collected from the browser or third parties.


I might as well add this report to this OPSEC thread: https://archive.fo/bBjkm

Do not allow any electronic made after 2018 into your home and you better have some backup older electronics which don't have cameras and hidden mics. The Wall Street Journal just rubbed it in our face that this is going to become the norm very soon as they will be embedding tiny microphones in almost every single thing they can get away with. So anything digital beyond 2018: don't buy it.

And do avoid things like Echo, Siri and other crap created by the big tech monopolies. Make it clear to your family, relatives and friends you won't allow this around your presence (or at least in your own residence). It is all up to us to wake others up about how they are stealing our data and selling it all over the world and if we allow it we are stupid as a bunch of rocks.



(1) Don't use social media [Avoid Facebook/Myspace/Twitter/Snapchat/etc.] (no brainer) Tell your friends to just hang out with you face-to-face instead of using social media.

(2) Forward secrecy (keep your mouth shut about any personal info if you don't want to expose yourself)

(3) Use a cheap private VPN (w/ no IP logging policy) and Tor browser! You can also use an OS like Whonix or Tails to spoof your MAC address in extreme cases.

(4) Always disconnect your internet (physically) when you are not going to use it! Make sure bluetooth and WiFi is physically disabled/disconnected. Don't keep your modem online all the time! If you do, you are asking to be hacked!

(5) Use an old "flipper" phone. AKA a jitterbug. Cover up any camera if has one. Jitterbugs are basic cellphones for people with disability problems / senior citizens! Just a bare basic cell phone where you can take out the battery. Has no internet platform. Any kind of device that has a camera you might want to consider covering up because they can easily be hacked to spy on and identify you remotely.

(6) Flock to flea markets, garage sales, thrift shops to buy older electronics! Do not by 'smart' or 'green' appliances! Learn how to maintain and fix older products/utilities too! All IoT (Internet of Things) tech can be used to spy on you, avoid IoT and 'home automation' technologies! Trojan horses, all of them.

(7) Never put your real name or personal info into your computer, always use FAKE names / aliases.

(8) Use cash whenever possible. Credit Card and other digital transactions can be tracked and directly linked to you. Cash could be tracked back to you too, but it is much harder and takes a lot of effort and human resources for governments to do.

(9) No OS is safe. Just exclude as much personal information you can from your Operating System. Make sure its disconnected offline when not being used! Make sure bluetooth and WiFi is also physically disabled/disconnected when not in use. If you use a "hot spot" which I do NOT recommend, at least turn it off and put it inside a little faraday cage bag when not being used (to prevent more sophisticated remote tampering).



(10) Always bleach you browser cache / cookies / web logs! 35x gutmann style! (Bleachbit, Ccleaner, etc.)

(11) Browser Security: Use Noscript Security Suite add-on. Noscript is a must: make sure to block all global scripts, wipe the whitelist in Noscript and re-configure the whitelist that best fits your browser habits. IPFlood is also a useful add-on to obfuscate IP GET requests. You should use Random Agent Spoofer (or Blender) to spoof your browser & OS metadata while you surf the web, making it a lot more difficult to track your activity. Tin Foil is another great security addon. Also, make sure WebGL and WebRTC are disabled in about:config (research how to disable those, there are tutorials out there).

(12) Its best to have two computers, rather than just one. For example, have one just for banking / legit LEGAL purposes. Have another one (completely separated) just for private or illegal activity. Make sure you don't put any personal info in the private computer.

(13) Use encryption and strong passwords! Write them down on a piece of paper or memorize them. DO NOT store passwords on a computer file. That is a big no-no! Try easy to remember long sentences for passwords, and combine all the words together. The more characters used, the harder it is for hackers to break the passwords.

(14) Have separate email accounts for each kind of activity (legal or not, don't matter).

(15) Make sure you physically disconnect your web cam or cover it up with black electrical tape. Most laptops these days come with web cams attached above or below the monitor. Make sure the camera cannot be used to identify you or spy on you in any way. (Yes, webcams can be hacked / remotely hijacked to spy on you!)

(16) Avoid new "Smart TVs" (they spy on you too)! If you have a newer TV, make sure you cover up or unplug the camera and microphone. Or keep it offline and disconnected from the cable box when not in use. You could cancel cable and just rip DVDs of your favorite movies and shows instead, using them on an offline TV set.

(17) Avoid all new digitized vehicles. They can easily be hacked, used to spy on you and even be remotely hijacked by criminal entities/governments!

(18) Never allow another person to use your computer. Make sure you routinely backup important files to a flashdrive or DVD and store that data offline. Also make sure you have a backup copy of the OS you use as well as backups of the software you use. If you ever have problems with your OS someday, just wipe your partitioned OS, and then re-partition the OS again yourself from scratch. Do not allow others to 'fix' your computer, they could easily steal information from your OS you might not want them knowing about. Geek Squad works with the FBI and other agencies to steal data from their customers, do not trust them to fix or repair your computer.

(19) Any photos you take with modern cameras contain EXIF metadata that contain GPS coordinates among other data used to identify the owner of the photo. If you store your modern photos online, people will be able to identify you. Don't do it! I repeat: do not post modern photos online unless you want to be identified! (I have been told PNG formats do not store any metadata, so photos converted to PNG might be safe).

Test your online privacy and learn more: https://www.privacytools.io/


From /os/

"A note about the rotary telephone recommendation. Assume that your conversations on the telephone network are being recorded every time that you use the phone. Using electro-mechanical devices over phones with microprocessors / digital controllers is simply to remove a hacking vector whereby a hacker can bug your entire house reversing the phone from a communication tool into a surveillance device. Stick to lawful non personal, business and fact relaying only conversations over the telephone, (ordering takeout, calling the government, job interviews, etc).

If you can, get a tape deck answering machine. Most of the modern digital answering machines allow (key code) remote playback. Get a tape deck and a cassette for phone messages with a physical control (play stop and rewind buttons) (mechanical requires physical access). Don't use a "digital mail box" at the phone company to store your messages.

Don't ever respond to telephone surveys, (Phishing attempts) just tell them no thank you I'm not interested , and hang up, and do this politely (say thank you, have a great day and hang up)."

MY comment: if you still use the phone line today and avoid cell phone use I can understand why. I'd recommend buying an old rotary phone from the 50s or 60s that still works, the circuity is bare basic and is much less likely vulnerable to any other kinds of unwanted RF/ultrasonic eavesdropping attacks around the local vicinity. Not that its completely private as you know the NSA and other spooks have a collection of ALL our calls no matter what phone you use. At least wire-to-wire conversations still need warrants due to the lack of legal loopholes that wireless communications provide them.


"Start thinking about older hardware and compartmentalization of different tasks onto different hardware units. If you're doing something that doesn't need speed (writing and sending email, text browsing, low impact web/mail servers) use older hardware, if it needs speed (rendering, gaming, 1080p streaming video, number crunching,) then use something modern but only for that task (and for nothing else).

Also assume that you're being keylogged if you're connected to the internet on a modern operating system (including linux and bsd) on a modern hardware machine (Anything >2005). Just operate as if that is true and weigh the implications of your typing and mouse clicks accordingly in your actions online and "Offline".

Also get an airgap for anything that you wouldn't want to share publicly with your boss, spouse, grandmother, neigbour or law enforcement. Make sure you do volume encryption or full disk encryption if you have sensitive data on the airgap. I consider personal financial information ( like taxes, income, planning, purchases, etc) to be in this category that requires an airgap. Anything to do with planning, inventory or income sources ( what books you have in your personal library, how many "things you own", un-booked travel plans etc…), part time revenue etc, stock picking and purchasing plans, business plans, business ideas etc. Do all of that on an airgap. Mainly I'm thinking of personal spreadsheets, and personal text documents, digital photography and personal digital collections (music, pictures, videos, pdfs, etc). Also be sparing in what you share about this information in conversation with other people. Stick to the weather and sports teams.

Also start thinking about low tech ( pen and pad, mechanical typewriters, rotary dial telephones, mechanical locks) to confound some of the more obvious possible entry points for government or criminal hackers to peer into your residence. Keep your blinds up in your study and maybe tinfoil the windows in your 'study'. Also no cellphones. No smart phones. No Alexea, No Siri, No Google Home, no remote home security (don't be a retard). Buy books and things second hand and try to pay in cash (second hand book stores and electronic recyclers).

Making small todo lists should go in a non online hand writen journal, if its sensitive,then put the journal book in a fireproof mechanical safe inside your study, and shred/burn the contents when it is no longer required to keep track of the information. Low tech can beat high tech in the spy game. You loose convienience but you'll gain personal privacy. Just some ideas, feel free to contribute."




"To add something small, never get anything delivered to your house if you can avoid it. At the very least, always go pick up any food you order."

"True, if you are of any mid to higher level target they'll try poising you if they can't dig dirt on you. I learned to actually cook recipes via older cookbooks and some youtube tutorials (plenty of good cooking channels on youtube). Cooking is really not that hard, you just carefully follow instructions and practice as you go. You'll get the hang of it in no time. Not only is cooking your own food often healthier, but cheaper (and safer)."

"I agree cook your own food. Buy from the local farmer's market, or from the grocery store. Cook your own food in your own house. Don't order in. You'll save money and it's healthier. As you mentioned its easy to poison you once they know your pattern. You call for take out and they intercept the delivery or have someone planted there to poison your pizza.

I just meant to say don't do crime or talk about crime or personal things on the phone, no phone sex, no dirty talk, just innocuous facts, and lawful business. "Hey are we low on milk? Yeah? OK I'll pick some up, bye." Nothing about money, politics, drugs, crime, or sex. It's all being recorded digitally and stored, and if you become a "Person of Interest" they go through it and pin point all the incriminating stuff to use on you for blackmail, coercion, criminal indictment, front running etc.

Its too bad that they removed all of the public pay phones…If there were no cameras in the area you had a small level of anonymity (very small). We're going to have to look to an encrypted VOIP by tcp solution for a "Secure Line". Even then don't trust it too much."



Anon #1 posts following:

Now As far as passwords go, here is how I do it:

I'll give you an example by posting a supposed password:


As you can tell, this passowrd has 35 characters total. This is A LOT of characters but also easy to memorize too, for example, its easy to remember the phrase; "do not let the feds see this account" ; and added to that phrase is a code (which you can also memorize easily) 887756. Once you come up with a phrase you can memorize it, then attach a code number you can easily remember right after it. This will make your password very difficult for hackers or spies to brute force using 'dictionary attacks' by adding random entropy at the end of the phrase (via the random code).

This 'password' would be unbelievably hard to crack if it were not a fake and had I not posted it. Use your tinfoil hats, paranoia can be your best friend.

Anon #2 responds to Anon #1:

It is better not to do letter/number type strings camel casing and special characters as well. Pass phrases are easier to remember but mixing it up makes it exponentially harder to brute.

Though your example is secure enough a minor change can make a large difference in your password scheme. Also a lot of programs cut you off at 16 (or even fewer) characters so casing/ascii helps.

Ex: donotletthefedsseethisaccount887756

would average 10^66 tries.

Just moving the numbers and adding casing/one special character you get:


which bumps it up to 10^84 and is just as easy to remember.



all VPNs log ip addresses, you are taking a major risk. You can use a VPN OVER TOR. or vise versa or both

VPN over TOR -> vpn provider only see's the tor exit node address, tor only see's encrypted vpn traffic

TOR over VPN -> vpn provider sees your ip address but only the encrypted tor traffic inside of it.

How to set up TOR+VPN

–Tor over VPN

1. Connect to VPN

2. Connect to Tor (which will now route via VPN)

(this is simple)

–VPN over Tor

1. Setup 2 Virtual Machines, a gateway, and a workstation

2. Setup internal network between gateway and workstation

3. Disable NAT on gateway, firewall off everything that isn't a tor socks port your opening for the workstation ( or outgoing so tor can connect )

4. On the workstation, connect to a vpn, in the vpn config, specify the socks proxy port (the tor port you opened in the gateway ).

*You cannot do this on a single computer without massive iptables wizardry, because if you tell openvpn to connect via a tor proxy on the same computer, the moment it does, it will break the tor connection as the vpn successfully connects, and then routes that tor connection over the vpn ( which it used to connect in the first place), it will fail.

Alternatively you can use whonix


which is this idea in practice for niggers who are too lazy to set this up themselves

If using a vpn, make sure the VPN connection fails closed via a firewall

You shouldn't be using ONLY a vpn to begin with, but many VPN connections will fail on occassion, at which point whatever traffic you have going on will immediately dump onto the clearnet, and your burned ( serious business in these no-freedom countries right now, ie that 18 year old about to get 10 years for sharing and commenting on the shooting video) YOU DO NOT WANT THIS. Configure your firewall to allow outgoing connections ONLY to the VPN server ip address, and via the VPN network adapter. If the VPN connection is broken, all connections should fail except for trying to connect back to the VPN server. If your too lazy for this, use whonix.

[Return][Go to top][Catalog][Nerve Center][Cancer][Post a Reply]
Delete Post [ ]
[ / / / / / / / / / / / / / ] [ dir / animu / chemo / choroy / mde / tingles / vichan / xdarmy / yuri ]