This forum needs to have a talk about OPSEC

Yall are freaking nuts posting things so publicly, like I'm not always the best at keeping my stuff secure but holy wow you guys need to STOP just listing things on the clearnet, get your gibber jabber up and encrypt, send public keys PGP and start working on protecting yourself and your connections. This forum is all about trust and information about a community that NEEDS EVERYONE to be up on their opsec. I would encourage everyone who is experiencing someone who isn't using secure commos to drop all subscriptions, zines, and etc no matter how reliable. Chances are someone is watching you. Just because you're paranoid doesn't mean they aren't out to get you.

btw if anyone has any questions about best practices I can help, plz ask me I am ready to give what knowledge I have to all members

Any time I see a thread or question with blatant no-nos in plain language, my first thought is *FᎧᎠ* which is probably ridiculous 99% of the time. I just have a hard time believing that people can be so careless or naive, thereby exposing my own naïveté, I suppose. If you were to drop a personal ᎠᎥᏀᎥᎦᎧᏣ masterclass here, I’m sure there would be plenty of interest and input from other knowledgeable folks.

Gulp2788 said:

btw if anyone has any questions about best practices I can help, plz ask me I am ready to give what knowledge I have to all members

Click to expand...

Well asking here is one of my usual no’s but yes I do hav some ?’s. The landscape is changing.

They don't care about end users, and vendors can decide if they want to be open on the clear or a little more hidden on the dark. Popo is on every dark web market anyway. Not much difference. What matters is the vendors OPSEC.

No, they generally don't care about end users, this much is true however always remember that every link is important when conducting forensics. If you are an end user and being too open in your commo to middlemen then you are creating an opening vector for attack. Assume that there is a little guy with a stethoscope on the pulse of the tube you're using to send information through. Better yet, if anyone is familiar with ham radio operation, realize that most every communication is PUBLIC unless actively scrambled to obfuscate. ANYONE CAN LISTEN, even if authorized users are only allowed to talk. This isn't the best example since there is more to internet protocols than there is within the radio world but it's not terribly different.

The only ways to reduce prying eyes is to ensure that only the intended recipients of messages are able to see what information is being delivered. Think like the Enigma machine during WW2. Only those who have set their machine up to receive the information are capable of translating it and reading it clearly. Obviously, there are those who spend their lives dedicated to cracking these codes however if you make it difficult to crack, it immediately becomes a cost-benefit analysis for those capable of doing so. Chances are, it's not worth it for them no matter how problematic the individual or group may be as it would be easier to simply wait for those individuals to become complacent than to attempt to break a code. If have an autistic level of conforming to these protocols (as you should) than you'll never have problems because by the time anyone capable of breaking these methods can do so, the information they gather likely has zero use to them.

Furthermore most encryption protocols tend to add a layer of "I didn't say that shit" to your message therefore adding plausible deniability in legal matters which is arguably as good as being able to say you weren't involved in anything that those who might seek to do your group harm would claim. I would highly recommend people try out the free coursera course google put out on cybersecurity for more information. if anyone wants tutorials on PGP there are a few good courses on youtube. DM me if you have specific questions I might be able to answer though I would say most of my knowledge is publicly available and you probably don't need me to go into details. I might write up a basic guide though I'm pretty sure I saw one somewhere on the forum already.