Operations security

From Soyjak Wiki, the free ensoyclopedia
(Redirected from OPSEC)
Jump to navigationJump to search
Operations security is currently a work in progress page.
You WILL NOT edit parts of this page until they are properly finished.
 This is actually... helpful?

You can read this for more info about the topic

OPSEC, short for Operations Security are a set of practices which help hide potentially useful information to adverseries and other bad actors, that could potentially be used to find out who you are.

Proper OPSEC technique is paramount to staying safe whilst raiding.[it actually just is, ok??]

Guide[edit | edit source]

>You will let us datamine you, because you just will ok??

Hardening your internet[edit | edit source]

  • Use some form of VPN, one that isn't being shilled by JewTubers and with a good track record of complying with law enforcement requests that haven't revealed anything of use to them. Preferably one which doesn't require any form of personal information to begin with, like Mullvad. PAY IN CASH OR CRYPTO IF YOU CAN
  • Use some form of hardened browser:
    • Mullvad Browser: Certified Swedish win, co-developed with the Tor Project. Doesn't allow you to use .onion links doebeit.
    • LibreWolf: Has uBlock Origin pre-installed, good for normalGOD use as well.
    • Tor: Extremely slow when connected to the Tor network but is the most effective at stopping backtrace attempts, also allows you to visit darknet sites using .onion links.
  • Install the following browser extensions: (May only be available on Firefox based browsers cause (((Jewgle))) has to track you to make money)
    • uBlock Origin: Blocks ads and trackers, basic necessity for browsing the modern web.
    • Privacy Badger: Blocks trackers and various other methods websites can use to create a digital fingerprint of you.
    • Port Authority: Blocks websites from scanning which ports you have open, this can be used for instance to tell if you have Discord open, or if you're hosting some kind of service on another port.
    • User Agent Switcher and Manager: Allows you to spoof your user-agent, a string of text which identifies what browser, Operating System, processor architecture, type of device (i.e. Desktop, Mobile, etc.) you're currently using. Will cause the infamous "You look like a bot" error when posting on the sharty if enabled.
  • Switch your default search engine to a privacy focused one:
    • DuckDuckGo: Uses Bing as it's indexing dataset, image results are often lacking, also has a ChatGPT wrapper without any tracking[supposedly] called Duck.ai
    • Searx: A metasearch engine, aggregating the results of other search engines.
    • Qwant: Another metasearch engine, it has results similar to Bing but lacks information regarding certain websites and image searches.

Keeping yourself anonymous[edit | edit source]

Don't be retard and use anything directly connected you, personal emails, phone numbers, usernames, passwords, etc. Several 'teens have gotten themselves exposed and potentially gotten a knock on the door by the feds by for instance using their own phone number to order 'za, spamming 'oxeralds on personal accounts, and accidentally clicking on tracking links.

If you ever use something that's connected to your personal life, even once, you've already fucked up. Burn your burner and start over.

Prerequisites[edit | edit source]

Use a different browser than you do day-to-day, or use incognito mode as this gives you a clean browser state that doesn't contain any saved logins (tokens), as if these get compromised an attacker will have access to your accounts without your username, password, or two-factor authentication code. You do not want your personal accounts being compromised because you accidentally clicked on a malicious link.

Registering accounts[edit | edit source]

When buying phone numbers for verification, NEVER use a credit card or anything else, only crypto.
Free phone verification services rarely ever work, their entire purpose is to show you ads while you wait for a code that never arrives.

Before you participate in a raid or similar event, make sure to register your accounts well in advance. As newly registered accounts look incredibly suspicious on things like 'cord servers and for automated spam detection systems.

  • Create burner email accounts:
    • 10minutemail.com (or similar services): Email addresses from these services are often disallowed for registering accounts on some services, otherwise a very good choice since it's free.
    • Gmail: Quite simple, allows you to use "Sign in with Google" which automatically makes your account look less suspicious, especially if your Google account has a phone number linked.[it just does, ok??]
    • Firefox Relay: Allows you to mask your email address, forwards emails from the burner address to inbox of choice. (Note: Do not use your personal email as your inbox in case of a dataleak.)
  • Use a burner phono: (if phone verification is required)
    • 5sim.net: Fast and reliable. Quite cheap as well, prices are listed as "credits" but are in fact just rubles.
    • onlinesim.io: Bit more expensive but works more often.
  • Pick a username:
    • Randomly generated ones are fine, or use whatever nuvariant you're forcing, or some sharty phrase. (i.e. peculiar_seranade1488, mogsonWABAG, embedded_p)
  • Use a randomly generated password:
    • DO NOT REUSE PASSWORDS, if it ever were to get leaked it VVILL be able to be traced back to you.
    • Use a password manager, the one built into Firefox or Chrome is fine.

Account linking[edit | edit source]

Never ever link something like a PayPal or CashApp to your anonymous accounts, this will give the glowies and jannies immediate access to your name and potentially where you live. On some services like der 'cord, this information becomes public unless you opt-out.[it might not anymore but still don't]

Retrieved from "https://soyjakwiki.org/index.php?title=Operations_security&oldid=295793"