In the face of mass surveillance I figured it's probably best you give people a helping hand, regardless of political preferences. For starters it's important to realize your limitations. Guys like the NSA & CIA will most likely find out who you are despite your attempts to stay anonymous and secure on the web. The only way to MAYBE avoid their detection is using something like TAILS or Whonix. Which you should definitely be using if you're going to do anysort of whistle blowing. But even these can become compromised if you don't know what you're doing. And since this is just "general safety" I'll avoid this topic for now. First and foremost you want to avoid Google products. Don't use chrome, opt for firefox. Then you're going to want to do something that's called "hardening". Quite simple really just go to settings and tell firefox to never store any history, always leave tracking protection on, and disable the ability for Mozilla to receive interaction data. At this point your firefox browser is officially "hardened". Next step is to get some useful extensions for firefox such as HTTPS everywhere, Ublocker, and Privacy Badger. Noscripts is good too, however it does disable javascript which hides you better but also limits you vastly. Now the biggest step is to decide if you want to use a VPN or DNS over TLS. This is a big decision, because both these methods encrypt your internet data, but both can have drawbacks. DNS over TLS will not change your IP address, so your ISP still know what you're doing to an extent (although their ability to view your websites is somewhat limited). VPNs Will encrypt your data and hide your IP. However, the drawback here is many VPN firms are actually quite malicious. They all claim to keep no logs, but very few actually honor it. Plus any VPN based inside either USA or EU jurisdictions will leave you vulnerable to the 14 eyes act. I personally use VPN, but if you go this route do extensive research before picking one. I usually recommend only ExpressVPN, NordVPN, and IPvanish. But like I said, do your own extensive research beforehand. I sometimes also use a firefox extension called Firex Proxy which gives you access to some proxies. You can use them by themselves or with your VPN to blanket your VPN IP. However you better have fast internet because both together can drastically slow you down. Firex Proxy is almost a essential though if you choose DNS over TLS, because this dosen't offer a IP change. Good luck.
General Safety for Noobs
Other urls found in this thread:
youtube.com
thecrimson.com
en.wikipedia.org
twitter.com
If that don't keep the Mexicans out, I don't know what will.
I'd recommend everyone who cares even slightly about being tracked online listen to The Grugq's legendary opsec talk. It's only an hour long, and it is about six years old now, but a lot of the technical aspects are still very much relevant.
youtube.com
This is about knowing what you are up against and how they typically match individuals to crimes and conversations. For example, all it took to bring down LulzSec was Sabu connecting to the team's IRC without a proxy/TOR connection once. After they flipped him it was all over.
Definitely worth your time.
Nice illegible wall of text, idiot. Before I get into it, the main thing I want people to know is that THE INTERNET IS VERY UNSAFE NO MATTER WHAT YOU DO, and real OPSEC means simply not using the internet in many cases. People must also know that IF YOUR OS IS COMPROMISED, NOTHING YOU DO FOR SECURITY MATTERS. If you are unwilling to install a free or open source OS like Linux or BSD, then you simply do not care about your security.
The "Anonymuzz Haxxor" persona is a persona of feds and snitches, with no real connection to actual revolutionary praxis. Real revolutionary praxis must be learned and studied from real life examples ranging from historical (Bolsheviks) to modern (IRA, Hezbollah, Naxalites..).
Let's extract some statements:
Key thing missing here is that using TAILS, TOR, and similar tools DRAWS ATTENTION to you.
Yes, though Firefox technically doesn't have as many security features as Chrome (irrelevant since Chrome is botnet). Only very recent Firefox versions are catching up to Chrome in security.
This is laughable, there are dozens of settings in about:config that you really need to enable or disable for a suitable FF config.
uMatrix is superior to noScript.
VPNs are a mitigation, but don't protect against CIA/Mossad/NSA if they're interested in you.
All pretty good points. I would say that this discussion always largely comes down to your threat model. If you're making Marx and Stalin memes for an imageboard you're a much less valuable target than a legitimate government whistleblower or a 'freedom fighter' in another country. People in that position do have to take the utmost care. However, most of us are not valuable targets and don't know anyone irl involved with any kind of resistance movement. Hell most of us won't give up smartphones or botnet OSs, so that game is already over. Still, these are legitimate points for someone who's life depends on staying anonymous.
Giving a shoutout to /gnussr/.
Yes, but what actually happens (and is happening) in Western countries is that communists "get involved in the fight for communism" before thinking for a single second about what tactics and necessary precautions that entails. They join some opportunist/honeypot group and add a bunch of other "revolutionaries" on facebook or text messages. These people will not become valuable targets (valuable revolutionaries) because they will always be low-value targets, constantly getting arrested or profiled at fake protests, constantly getting infiltrated and strung along in bizarre and fruitless schemes. This process actually PREVENTS people becoming revolutionaries, because the longer they do this, the better the profile the feds have on them, and if they actually do end up getting a clue, it's easy to close in and stop them for good. As well, it causes burnout. People who waste their energy on this cycle come to the conclusion that it's "just a phase," or "there's no hopeā¦"
It appears as if you are either trying to start confrontation or you missed the point entirely about "General Safety". Perhaps you should've read my second sentence.
Your "general safety" is a myth.
I'd say that's largely true, though I don't expect we'd hear much about the people that this doesn't apply to, so there's that to keep in mind.
All the same, if someone wants to fight for a revolutionary cause but doesn't understand even the basics of opsec and doesn't care to educate themselves before getting involved then there's really no hope for them. There will always be people like that, which is why a thread like this might be beneficial, if this is where someone is first discovering revolutionary thought. Best we can do is point them in the right direction.
That said, if people are here, and reading this, and they watch the presentation posted earlier in this thread, and they attempt to educate themselves on how organizations are infiltrated and surveilled, how people are flipped, if they can get into the mindset of how a state actor watches and combats these groups that will be better 'general safety' (if there is such a thing) than any browser config tweak or internet protocol.
Know thy enemy, as the saying goes. I think that's what you're trying to say. That people who don't do the initial work to understand how to compartmentalize an underground organization or keep secure communications have no hope to influence such a movement or larger political organization, that in fact they'll be a hindrance/weak link in that organization's chain. I don't think you're wrong about that.
We'd know they existed because the products of their activities would be evident. But yes, the idea would be that they would only have some public-facing pseudonyms and organizational names.
I wouldn't be so pessimistic. Think of Palestinian or Lebanese kids who throw rocks at IDF soldiers. They're actually exposing themselves to immense danger usually, and some do end up locked up and tortured/raped in some Israeli dungeon, or extorted to inform on family and neighbors. Certainly braver and more revolutionary than most Western "socialists," but reckless and insecure nonetheless. But many of these kids grow up, learn, and get recruited into revolutionary parties like Hezbollah, where their skills are developed further. The key thing here is the presence of a vanguard to take raw anger and the revolutionary impulse and sculpt it into something that is actually effective. No such thing in imperialist USA of course.
Yes, what I'm reacting against is "Anonymous" "hacktivist" anarcho-CIA culture. The vast majority of OPSEC advice on the internet comes from CIA and Silicon Valley front groups, meaning all of the advice should be subject to intense scrutiny. Communists can't always follow the same example or use the same tools (TOR for instance) that the CIA and its "foreign dissidents" do. They must research and emulate the tactics of the ENEMIES of the CIA.
Care to elaborate for dummies?
There are dozens of settings in about:config that are relevant to security, if you search (on Startpage) for "Firefox security guide" you can get an idea of how much shit there is. The problem with all these lists is that half are BS or not applicable to you, and half are missing, meaning it's up to you to research and determine what will work for you. But a few simple settings is not "hardening," that's a flagrant abuse of the term.
He's referring to WebRTC. However Privacy Badger disables this by default. WebRTC leaks your real IP to third party sites despite your attempt to mask it.If you aren't using a method to conceal your IP then disabling it is essentially useless and will actually slow you down. Please note, most of these replies are rather ignorant in the topic of cyber sec. They're here for political purposes. And they all nearly deflect from that fact I wasn't intending on giving you ways to hide form the NSA/CIA anyways. However if you would like to hide from your ISP, local/state government, and make secure bank transactions this is the way to go.
Watch any DEFCON talk since 2014, my dude. The more people that use it the better.
A good leftist movement I reckon would provide his dad's warehouse of 200 librebooted thinkpads to its members and get cracking on their own networks and chipsets.
Security alert! Do not use any social media! What are you thinking user? They have at least a decade of your data provided to them for free, with ads, and attached to your name and gmail account which they also read, dude! Get the fuck off of Twitter Now and stop DMming Democrat Cops of America members about your left-leaning politics!
For peering you can use jabber, or riot/matrix clients and GNU/Social or Mastodon to get your pings out / share insurrectionnews articles on.
I'd seriously love to see alternate, backdoorless chipsets become - not a market force as much as a force where unionized tech workers really hold a sway. That is the best timeline we're looking at right now. A future where we have the actual means of production for cool things that people enjoy for once, and Foundations that people can rely on for consistency and not rely on playing Overwatch for your Patreon followers and other precarious means of subsistence. Tech Unions Now.
Hippie idealism, TOR will never be popular, period the end. If you use it, you go on a list. Moreover, as pointed out by Grugq in this video (2012) TOR is absolutely not some kind of magic shield against state level intel threats.
The rest of your post is just equally garbage.
In what sense Hezbollah is revolutionary?
Then why does Gruqq recommends it?
Basically a nation-state that controls enough TOR nodes can correlate traffic and trace it back to where it originated, but only if they own all of the nodes you are using, or, like, the first and last node and are able to correlate your traffic based on protocols, volume and timestamps.
There's still a chance that you will cross a node that isn't government run/hacked. That chance might be lower now, that talk is from 2012, but still, the tech itself does obscure the path your traffic takes.
As others in the thread have mentioned, using TOR does perhaps make you a more visible/suspicious target for LEO. I don't remember if this is in the Grugq's talk or not, but I remember hearing/reading about someone who got pinned to some hack by the TOR traffic coming out of their apartment based on the times that they were home. That was enough for a warrant and a computer search, and that was that.
At the end of the day it is still better than nothing, but you should be aware of how that kind of traffic can be correlated to an individual.
Yeah, but in that presentation, he also mentioned to not do that in your home, so that's that
Yeah, it isn't generally advisable to do anything that someone in authority might consider a crime from your house. It's all about not being tied back to you. The harder you can make that for your adversary the better off you are.
So this is why nothing really can get done online right? This is why IRL any rallies the left and right attempt get disrupted and nothing really ever seems to change.
Well keep in mind most of his technological advice is also outdated. For instance he talks about the defunct "Liberty Reserve." But specifically, he is addressing a few different demographics:
petty criminals
smalltime hackers
"""activists"""
His advice is obviously useless to, for instance, people in Hezbollah. So it's of limited use to amateur communists trying to learn real revolutionary techniques.
This is correct, he's not misleading when he says that security should be many-layered.
Do you have any updated info?
Yes, I think this has happened to several people, here's one example:
thecrimson.com
A bunch of drug cases also come up on google.
HEADS - heads.dynedotorg
Should mention IceCat instead. And no, "settings" tab changes little to nothing.
Protip: about:config, uMatrix and don't even try, just use links and 9050.
Yeah, you definitely should pay a few bucks to another leaky, sketchy and honeypotty ISP.
OpenNIC and dnsmasq.
Use TOR(the protocol) instead.
Gentoo, Slack, Devuan, OpenBSD, Artix. Stay out of systemdicks not respecting your freedoms and shit like openssl and anything freedesktopdotorg related.
Risc&FSF approved.
Better to be on list than to be spied on. #staycucked
Reminder, do not use GNU Social because:
>Almost all the text and files that users upload to this site is available under the site license (see the license block at the bottom of this page). Users agree to the license when they register to use the site for the first time. Typically that means that the data can be copied far and wide, for commercial and non-commercial purposes, and in modified or unmodified form. If you're not OK with that, don't use the service.
the Content is not libelous or defamatory (more info on what that means), does not contain threats or incite violence towards individuals or entities, and does not violate the privacy or publicity rights of any third party''
Well hello censorship!
Pretty much.
The tools, tactics and procedure for surveilling, infiltrating, flipping members and breaking up these kinds of groups have been something that the world's governments have been working on for over a hundred years now. The fact that their resources will always dwarf resistance movements, and that their knowledge-base of procedure and tactics gets passed on to new agents is something that's hard to compete with, especially when it comes to online tech, which, let's be honest, any big tech company, be they in hardware, software, cloud shit or networking is going to bow to a government request for information related to 'a matter of national security'.
Lavabit is pretty much the only company I can think of that didn't buckle to that pressure (to protect Snowden, we later learned) and that's why that guy doesn't have a company anymore.
-> I was incorrect in that assumption, Ladar Levison started a new end-to-end email encryption platform in 2017.
All the same, if we'd heard about other instances of this they would be violating gag-orders. Levison is the only open example of this I recall, and look how the government treated him.
Could you explain that to me again? That entire phrase flew over my head
Not really, though I intend to do some serious research on the topic. My basic advice is: your phone's not secure, the internet's not secure. Facebook/social media is a honeypot. 8ch is basically a honeypot from how badly coded it is, and that's not even talking about Shady Businessman (but it doesn't gather a ton of stuff on you long-term, is probably "safer" than twitter for instance). Use the internet for learning and discussion, not for doing stuff. Install Linux. It's basically OK to post/repost propaganda and research on the internet, provided it isn't illegal speech. If it's illegal/semi-illegal be more careful about it, use some VPNs/proxies and be anonymous about it. Wait for China to start handing out encrypted quantum communication devices to enemies of the USA I guess.
kb.mozillazine .org/About:config
github .com/gorhill/uMatrix
links.twibright .com
torproject .org/docs/faq.html.en
If you use tor which Tails runs on you're just drawing attention to yourself from making people think you're up to something dangerous or shady. I mean you are paying for your internet. Your ISP knows your traffic is encrypted. Anyone that thinks using a Linux distribution makes them immune to being hacked or infiltrated by a virus is an idiot even if they go as far as replacing the bios with an alternative.
No, IceCat is based on outdated LTS releases of Firefox, meaning it still has a ton of basic security flaws (NO SANDBOXING) that are fixed/being fixed in the latest versions. IceCat could be viable when Firefox 60 hits and is made the new LTS.
VPN reduces your threats from "everyone on wifi and my ISP" to "the guys who can hack/issue warrants to the VPN" (obviously the websites themselves can still be malicious) while making your traffic basically look like someone who downloads torrents. It's not a cure-all but it's one tool.
Getting on a list gets you spied on you fucking idiot.
I meant it's what Tails runs it's internet through.
This, I should clarify that people need to install Linux because it doesn't actively spy on you by default the way Windows does. It still has plenty of vulnerabilities (main vector is your browser/anything from internet).
You get a point, kinda. But since it's for noobs who get scared of anything where text is the main course, it's better alternative even if it's just for not having ultimately shitty presets.
Not a privacy tool.
You go there? You're already listed. And the premise you believe in, that you are not spied on when you use only usenet/vpn.. is amazing! Keep it up and #staycucked!
I didn't know there are more kernels named Linux.
And no one is immune, just the possibility of getting fucked is way, wayyyyyyyyyyyyyy smaller than on windows/pooubuntu. No one here talked about being "immune".
Jfc they fucked him beyond hard, I'm no constitutional scholar but that looks like a list of rights violations.
The real way to be safe is: use chrome, use facebook, make normalfag posts, don't like, visit, share, be aware of the existance of any leftist pages including here. Get all your news from regular news sources (always critically and aware of the ideology of the writer) don't buy anything on-line, only use paper money and a dumphone.
I like some of what you said. However there's no debating between tails and whonix, whonix is better hands down for all around security. The only advantage to tails is the fact it erases itself from the pc each time. As for regular net (i.e not tor) I tunnel my vpn through a socks proxy giving me double layering protection. The extensions you mentioned are fine, but like one guy said, I would probably use umatrix over noscripts. Privacy Badger is a good recommendation.
What if you just used it a few times? I have used tor just to check it out not really doing anything interesting and stopped after like a few months randomly. Do you think it depends on who your ISP is or is there always suspicion for any use?
I don't really worry about OpSec. I run GNU/Linux on this machine for writing and compiling code, but I usually use Chrome OS, signed into my google account to browse the internet. I like its layout and it runs quickly. My web history would suggest that I am involved in / have been involved in communist organizing as well as illicit manufacturing and distribution of drugs, alcohol and explosives. Not saying this is the case or anything of course ;)
I've been involved in communist activity for literally my whole life so I know that I and those around me are being watched, so when I discuss any genuine criminal or revolutionary activity it is in person away from any electronic devices. Holla Forums is for memes and reading recommendations. I don't really care if the NSA has a vague idea of what I am really up to as long as they don't have the details they need to stop me.
Also this. I like Hezbollah's tactics and think they are certainly an honorable movement that we can learn a lot from, but their political ideology is 100% reactionary. I get the sense that people who push the "Hezbollah is revolutionary" meme are just trying to be edgy.
Depends on who your ISP is and what country you're from. Also, when you were using tor, did you just browse onion sites or did you got to .com and .org sites? It's really only recommended that people use tor for .onion. You're the safest when you're on onion sites. 2357225 sounds like a fear monger. You're probably not on a list, nor is most tor users. The people that get put on lists are those who expose governments and whatnot. Not some dipshit looking to buy drugs or download cp. The NSA just dosen't care about trivial matters.
what exactly are their OPSEC tactics?
this is what most people do out of curiosity, you are absolutely on a list, but you are not high priority or anything. Your traffic might be hard to distinguish from botnet activity.
Well, you're a dumbass. Appropriate flag.
Mostly just normal domains and a breif look at some onion sites that I only visited once then was gone. I'm in the US and have a big ISP but it's not any of the ones most people use and so far I haven't heard it's name mentioned in any involvement with gov or corporate plots.
If just anyone could get on a list for merely using it I would be surprised if no one programmed something that sends requests to the tor network from everyones computers so everyone becomes part of this list so it becomes useless.