The Ultimate Cybersecurity Guide

Somebody call fuckin' Soyberg!
The following page or section was written during a schizo episode.
You WILL remind the author to take his meds.

[CollapseExpand]

	Warning! The following may feature disinfo, psy-ops, or other infohazards.
	Proceed with caution.

	This is actually... helpful? You can read this for more info about the topic

This page is a gem.

Have you ever wanted to not only feel safe online, but also be safe too? A large majority of 'teens know they could be doing better: reusing weak passwords, bragging about your potentially illegal activities to literal whos, sharing personal information online, and many more acts that leave you stranded out in the middle of Nothingburgerville for the CIA and Soot to datamine you. This page shall serve as a guide to teach you about cybersecurity and why it's important.

Why you should care about your privacy[edit | edit source]

Most normgroids and ignorant people will usually bring up the same two excuses whenever you bring up cybersecurity.

>I have nothing to hide, I don't mind!

<redditspace

>They need a warrant to search my things!

Obviously, both of these arguments are stupid and if you have said these exact same things before, you have a yiddish brainworm digging around inside your frontal lobe turning you into a good little GOYCATTLE.

Because of some shitty law made in 2001 after the September 11 attacks, the FBI and NSA are allowed to spy on you for the rest of your lives if you somehow ever interact with a terrorist or cartel member at least once. For example, lets say you're in a group chat talking with your friends when you accidentally tag Abu Bakr al-Baghdadi in your message. As if that wasn't already a horrible mistake, you now have the government scowering all of your social media accounts, your hard drives, your secret furry rp sessions on Character.AI, and every other aspect of your life until the day you drop dead.

On the warrants, internet surveillance permissions are granted by FISA courts. However, if you aren't an idiot, you'll realize 99.97% of FISA court applications are accepted. (33,942 out of 33,954 from 1978 to 2012) IE, 99.97% of the time, Judge Janny lets the feds take a good peek at your hard drive.^[1]

You may also not think about it, but companies are also harvesting your data so much they make entirely new companies for the sole purpose of creating a data profile for you and monitoring your day-to-day life.^[2] Usually these data-collecting methods range from questionable to BLATANTLY ILLEGAL,^[3] collecting information nobody would consent to if they knew it was being collected. This data is usually sold to advertising agencies and foreign governments like China, Egypt, and Morocco to spy on journalists and activists.^[4]^[5]^[6]

Hardware[edit | edit source]

Normally, any piece of hardware works. (AS LONG AS ITS NOT MADE BY APPLE)^[7] However if you're serious about cybersecurity, I suggest you use these for your devices. Also, I think it's pretty obvious, but do not buy any devices online and do NOT buy smart devices at all. If you're a "Person of Interest," the NSA will stop your package mid-transit and install spyware on your device before it arrives to you.^[8]

Computers[edit | edit source]

I highly recommend not getting a whole PC setup, rather have a bunch of cheap laptops and one main laptop you can use everyday.

Some good cheap laptops would probably be the IBM ThinkPads, they're very common and very affordable for the average shmuck. DO NOT get any ThinkPad (or any computer in general due to CPU backdoors) made after around 2008; IBM sold the idea to Lenovo and the build quality went down the shitter. A good main laptop you can get would be an Asus laptop, doesn't have to be a specific model or anything.

Phones[edit | edit source]

Get a Google Pixel 8A or 9A locally from a small family owned business, covering up as much of your face as possible. Due to the implementation of ARM hardware memory tagging, a feature that significantly reduces vulnerability to remote exploits from Pixels since pixel 8, Always prefer a recent pixel like 8 or 8a or 9 series. Pay in cash. Give as little information as necessary and do not order with a carrier. Do not use a SIM card inside of your phone. Keep Airplane Mode on at all times If you have to make calls, get a physical burner with a cheap one-use SIM. Even when not connected to any internet, cell towers can track your position down to the room you're in.^[9]^[10]^[11]

Or just don't get a smartphone in general, and only use an old, old cellphone for calls if you REALLY need to. Those things were designed as spyware machines from the very start this time.

Before you even turn on your devices:[edit | edit source]

FOLLOW THESE TASKS!!!

Check to see if your device has been tampered with. (Especially the screws. See if they've been stripped or worn in anyway.)
Physically remove the camera from your device.
Physically remove the speaker from your device.
If unable to remove camera, cover it in tape.
If unable to remove speaker, keep volume always muted.

Software[edit | edit source]

Computers[edit | edit source]

For computers use either Linux, de-bloated Windows, or QubesOS. In either case you should enable full disk encryption

QubesOS is an operating system that heavily relies on using Virtual Machines (VM's) for everything, and having a special VM for each daily activity or purpose called "Qubes." QubesOS may seem a bit overkill for most, but remember that the government has unlimited resources and that they WILL NOT CUT CORNERS. Do not underestimate them.

If you don't want to use Linux, you can de-bloat Windows 10/11 by using O&O ShutUp10++, a tool able to fully control Windows data-collecting and other features that Microsoft loves to hide.

You could also use Tails OS (The Amnesic Incognito Live System) a portable, bootable Linux distro designed for total anonymity. It runs entirely from a USB stick or DVD, ~~leaves no trace on the host machine~~^{[Meds now]}^[12], and routes all internet traffic through Tor by default. Just don't forget your persistent storage passphrase, or everything is gone. Even the keyed Aryan Edward Snowden who made Glowies leak by releasing classified documents revealing the existence of global surveillance programs once highly recommended it.

Phones[edit | edit source]

GRAAAAAPHEEEENEEEEE!!!!

GrapheneOS is a custom-built ROM of Android letting you have full control over your phone, ranging from auto-rebooting at a certain time to toggling a pin to pop-up whenever you try to open an app. Very useful! Remember to enable duress PIN which will wipe your device once you enter it.

Browsing Web[edit | edit source]

Do not use the same username twice, this is where most people screw up.

If you are going to browse the web, you should use Tor. Not only does it anonymize you by routing your connection through multiple nodes, but it also helps evade tracking scripts, fingerprinting, and other forms of surveillance. However, do not log into personal accounts or use it alongside identifying information as Tor is for anonymity, not convenience. To further strengthen your privacy, consider using a trusted no-log VPN like Mullvad in combination with Tor. This setup depending on the configuration, adds an extra layer of encryption and prevents your ISP or network administrator from even knowing that you're using Tor.

Communication[edit | edit source]

Use Signal or Simplex^[13] for encrypted messaging. Signal is widely vetted and open-source, though it relies on phone numbers. Simplex, on the other hand, is a decentralized messenger that does not require a phone number at all.

Avoid Discord, Telegram, and other similar services, they are compromised or easily subpoenaed and are full of Furries and trannies. Email should be hosted on secure, anonymous services like cock.li.

Use PGP (Pretty Good Privacy) for encrypting emails or files. PGP can also be used if you must use the earlier mentioned services, however don't share your public key through them^[Marge...]. There is a good guide by a literal who named Kevin that goes over on how to set it up here. You could also use thunderbird which will allow you to easily create and manage your PGP keys and proxy your email through Tor^[14]

Software Practices[edit | edit source]

Always verify checksums and GPG signatures when downloading files.
Avoid sketchy third-party installers.
Use open-source software where possible.
Stay updated, but wait a few days to avoid being the test dummy for new bugs.

Use Virtual Machines, sandboxing tools, or even dedicated hardware for risky tasks. Everything that runs is a potential backdoor, treat it that way.

Apps[edit | edit source]

Apps are a very core aspect of cybersecurity. Most mainstream apps are usually closed-source or "proprietary" software. Apps or websites such as Youtube, Chrome, Facebook and even Spotify do not allow their users to view the source code of their apps. This is usually to hide their methods of data-collection and any backdoors they may be hiding. There are however alternative apps that can be used that are "open-source" where the code is easily accessible and can be reviewed by anybody who knows how to read it. Be careful! Just because its open source, doesn't mean its safe. Learn how to read code to make sure any apps you're using aren't subtly glowing.

Before you can install some of the apps below, you'll need an app called F-Droid. F-Droid is an app store that only hosts open-source apps. You need an Android phone to install this app, as iPhones cant install APK filed. Apps that can only be installed on F-Droid will be in bold.

Alternatives[edit | edit source]

Youtube - NewPipe or PipePipe
Google Play - Aurora Store
Browser - Librewolf or Tor Browser (Remember to disable Javascript!)
2FA - Freeotp++ or Aegis
VPN - Mullvad, Proton VPN
Disk Wiping - Extirpater
Exif Remover - Scrambled Exif
Der 'Cord - ~~IRC~~ Signal, XMPP, Woodchipper

Metadata and EXIF Data[edit | edit source]

Metadata is invisible information embedded in files such as images that reveals details like the operating system used, timestamps, and device-specific info. Most people know about EXIF in photos, but almost every file type can leak something.

EXIF data (Exchangeable Image File Format) is a type of metadata used by cameras and smartphones. It can include:

GPS coordinates of where a photo was taken
Device make and model
Shutter speed and aperture
Time, date, and more

To remove it:

PC – BleachBit
Android – Scrambled Exif (available on F-Droid)

Document Metadata[edit | edit source]

PDFs, Word files, and similar docs may include:

Author names
File paths
Edit history
Software info

To remove it:

Use PDF printers or LibreOffice “Export as PDF”
Use MAT2 (Metadata Anonymization Toolkit)

Audio/Video Metadata[edit | edit source]

Media files can include:

Recording device
GPS (on phones)
Editing software

To remove it:

Use FFmpeg with `-map_metadata -1`
Or run them through BleachBit

Archives and Code[edit | edit source]

ZIPs, scripts, and code can leak:

Timestamps
Directory paths
Author names
Git commit history

Always assume that anything you share might be revealing more than you intend. When in doubt, strip it out.

Citations

[1] ttps://www.wsj.com/articles/SB10001424127887324904004578535670310514616

[2] ttps://www.forbes.com/sites/bernardmarr/2017/09/07/where-can-you-buy-big-data-here-are-the-biggest-consumer-data-brokers/#394bdc846c27

[3] ttps://arstechnica.com/tech-policy/2019/10/35-billion-facial-recognition-lawsuit-against-facebook-moving-forward/

[4] ttps://www.reuters.com/article/us-china-cyber-uighurs/china-hacked-asian-telcos-to-spy-on-uighur-travelers-sources-idUSKCN1VQ1A5/

[5] ttps://www.theregister.com/2019/10/04/egypt_smartphone_spying/

[6] ttps://www.amnesty.org/en/latest/research/2019/10/Morocco-Human-Rights-Defenders-Targeted-with-NSO-Groups-Spyware/

[7] ttps://securelist.com/triangledb-triangulation-implant/110050/

[8] ttps://en.wikipedia.org/wiki/ANT_catalog

[9] ttps://www.qualcomm.com/videos/5g-multi-cell-positioning-ota-demonstration

[10] ttps://www.ericsson.com/en/blog/2018/11/lte-positioning-and-rtk-precision-down-to-the-centimeter

[11] ttps://www.cisa.gov/resources-tools/resources/overview-risks-introduced-5g-adoption-united-states

[12] ttps://gitlab.tails.boum.org/tails/tails/-/issues/5356

[13] session doesn't have perfect forward secrecy

[14] ttps://wiki.archlinux.org/title/Tor#Proxy_Configuration

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

The Ultimate Cybersecurity Guide

Contents

Why you should care about your privacy[edit | edit source]

Hardware[edit | edit source]

Computers[edit | edit source]

Phones[edit | edit source]

Before you even turn on your devices:[edit | edit source]

Software[edit | edit source]

Computers[edit | edit source]

Phones[edit | edit source]

Browsing Web[edit | edit source]

Communication[edit | edit source]

Software Practices[edit | edit source]

Apps[edit | edit source]

Alternatives[edit | edit source]

Metadata and EXIF Data[edit | edit source]

Document Metadata[edit | edit source]

Audio/Video Metadata[edit | edit source]

Archives and Code[edit | edit source]

See also[edit | edit source]

Citations

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Community

Tools