Suznetsov: Created page with "{{Tw|{{CIA}}|{{NeedsImages}}}} Have you ever wanted to not only feel safe online, but also ''be'' safe too? A large majority of 'teens know they could be doing better: reusing weak passwords, bragging about your potentially illegal activities to literal whos, sharing personal information online, and many more acts that leave you stranded out in the middle of Hackleburg for the CIA and Quote to datamine you. Thi..."

2026-04-13T03:44:10Z

Created page with "{{Tw|{{CIA}}|{{NeedsImages}}}} Have you ever wanted to not only feel safe online, but also ''be'' safe too? A large majority of 'teens know they could be doing better: reusing weak passwords, bragging about your potentially illegal activities to literal whos, sharing personal information online, and many more acts that leave you stranded out in the middle of Hackleburg for the CIA and Quote to datamine you. Thi..."

New page

{{Tw|{{CIA}}|{{NeedsImages}}}}
Have you ever wanted to not only feel safe online, but also ''be'' safe too? A large majority of 'teens know they could be doing better: reusing weak passwords, bragging about your [[raid/|potentially illegal activities]] to [[Literal who|literal whos]], sharing personal information online, and many more acts that leave you stranded out in the middle of [[Alabama|Hackleburg]] for the [[CIA]] and [[Quote]] to [[Cloudflare|datamine]] you. This page shall serve as a guide to teach you about cybersecurity and why it's important.

== Why you should care about OPSEC (and other privacy-related measures) ==
Most normgroids and ignorant people will usually bring up the same two excuses whenever you bring up cybersecurity, that being (((they))) need permission to see what you have been doing and/or that they have nothing to hide.
Obviously, both of these arguments are stupid and if you have said these exact same things before, you have a [[Jews|yiddish brainworm]] digging around inside your frontal lobe turning you into a good little "upstanding samaritan" that does not question THE HIGHER AVTHQRITY. A dox can be achieved by someone looking at the info surrounding you (i.e. usernames, breaches, verbatim from you), and this "someone" can be ANYONE, from glowniggers to [[Foodist|failtrolls]].

Because of some shitty law made in 2001 after the September 11 attacks, the [[CIA|FBI and NSA]] are allowed to spy on you for the rest of your lives if you somehow ever interact with a terrorist or cartel member at least once. For example, lets say you're in a group chat talking with your friends when you accidentally tag Abu Bakr al-Baghdadi in your message. As if that wasn't already a horrible mistake, you now have the government scowering all of your social media accounts, your hard drives (which includes your 'cado folder), and every other aspect of your life until the day you drop dead.

On the warrants, internet surveillance permissions are granted by FISA courts. However, if you aren't an idiot, you'll realize [[Fact|99.97% of FISA court applications are accepted.]] (33,942 out of 33,954 from 1978 to 2012) IE, 99.97% of the time, Judge [[Janny]] lets the [[CIA|feds]] take a good peek at your hard drive.<ref>https://www.wsj.com/articles/SB10001424127887324904004578535670310514616</ref>

You may also not think about it, but companies are also harvesting your data so much they make entirely new companies for the sole purpose of creating a data profile for you and monitoring your day-to-day life.<ref>https://www.forbes.com/sites/bernardmarr/2017/09/07/where-can-you-buy-big-data-here-are-the-biggest-consumer-data-brokers/#394bdc846c27</ref> Usually these data-collecting methods range from questionable to BLATANTLY ILLEGAL,<ref>https://arstechnica.com/tech-policy/2019/10/35-billion-facial-recognition-lawsuit-against-facebook-moving-forward/</ref> collecting information nobody would consent to if they knew it was being collected. This data is usually sold to advertising agencies and foreign governments like China, Egypt, and Morocco to spy on journalists and activists.<ref>https://www.reuters.com/article/us-china-cyber-uighurs/china-hacked-asian-telcos-to-spy-on-uighur-travelers-sources-idUSKCN1VQ1A5/</ref><ref>https://www.theregister.com/2019/10/04/egypt_smartphone_spying/</ref><ref>https://www.amnesty.org/en/latest/research/2019/10/Morocco-Human-Rights-Defenders-Targeted-with-NSO-Groups-Spyware/</ref>

== Internet Usage ==
{{Tip|{{Bantext|Do not use the same username, email address, AND IP address (whether or not it's on a VPN, it doesn't matter) twice. (You), yourself have most likely screwed up on this.}}}}

If you are going to browse the web, you should NOT use Chrome or Edge, those are bloated pieces of shit that WILL datamine you. Instead, you should use a pre-hardened browser or a manually hardened one (preferably Firefox for manually hardened).
=== Browsers ===
;[https://librewolf.net/ LibreWolf]
:An open-source FireFox derived browser that implements a lot of good features regarding fingerprinting{{Note|the non-soysphere word for datamining}}, such as uBlock Origin being already installed and anti-tracking measures already installed.
;[https://torproject.org TOR]
:{{Tip|There was a historical security vulnerability in TOR that was codenamed by the CIA as "EGOTISTICALGIRAFFE". Read more [https://nsarchive.gwu.edu/sites/default/files/documents/3512469/Document-01-National-Security-Agency-Peeling.pdf here].}}
:Not only does TOR anonymize you by routing your connection through multiple nodes, but it also encrypts the connection However, do not log into personal accounts or use it alongside identifying information as Tor is for anonymity, not convenience. To further strengthen your privacy, consider using '''a trusted no-log VPN''' like Mullvad in combination with Tor (meds using a VPN with Tor can fuck shit up). This setup depending on the configuration, adds an extra layer of encryption and prevents your ISP or network administrator from even knowing that you're using Tor.
;[https://brave.com Brave Browser]
:Bloated crypto coal browser, but has the best fingerprinting protection out of the box.
;[https://helium.computer/ Helium]
:It's basically LibreWolf but it also removes trackers from Jewgle and the Jewgle search engine. Not as good as Brave in terms of fingerprinting protection however.
=== Extensions ===
;[https://i2p.net/en/ I2P]
:Just like TOR, I2P anonymizes you by routing your connection through multiple nodes, but it also encrypts the connection However, do not log into personal accounts or use it alongside identifying information as I2P, just like TOR{{Cn|oh my heckin science its like recursion}} is for anonymity, not convenience. Like TOR, it is recommended that something like Mullvad in combination with I2P, and depending on the configuration, adds an extra layer of encryption and prevents your ISP or network administrator from even knowing that you're using I2P. I2P and LibreWolf go together like peanut butter and jelly. They have websites that can only be accessed by I2P, which end in .i2p, of which are called "eepsites".
;[https://ublockorigin.com/ uBlock Origin]
:A must-have for cybersecurity, as it blocks ads and trackers, which is a basic necessity on the web nowadays. Also, enable the '''AdGuard URL Tracking Protection''' and '''Block Outsider Intrusion into LAN''' filters for more protection.
;[https://addons.mozilla.org/en-US/firefox/addon/user-agent-string-switcher/ User Agent Switcher and Manager]
:{{Tip|Depending on how you configure this extension, you may actually make your browser fingerprint more unique!}} Allows you to spoof your user-agent, a string of text which identifies what browser, operating system, processor architecture, type of device ''(i.e. Desktop, Mobile, etc.)'' you're currently using. Will cause the infamous "[[You look like a bot]]" error when posting on the sharty if enabled.
== Hardware ==
Normally, any piece of hardware works. (AS LONG AS ITS NOT MADE BY APPLE)<ref>https://securelist.com/triangledb-triangulation-implant/110050/</ref> However if you're serious about cybersecurity, I suggest you use these for your devices. Also, I think it's pretty obvious, but do not buy any devices online and do NOT buy smart devices at all. If you're a "Person of Interest," the NSA will stop your package mid-transit and install spyware on your device before it arrives to you.<ref>https://en.wikipedia.org/wiki/ANT_catalog</ref>

=== Computers ===
I highly recommend not getting a whole PC setup, rather have a bunch of cheap laptops and one main laptop you can use everyday.

Some good cheap laptops would probably be the IBM ThinkPads, they're very common and very affordable for the average shmuck. DO NOT get any ThinkPad (or any computer in general due to CPU backdoors) made after around 2011; IBM sold the idea to Lenovo and the build quality went down the shitter, it got even worse after 2012. A good main laptop you can get would be an ThinkPad X200, as they can be GNU booted/CanoeBooted/LibreBooted to remove Intel ME.

=== Phones ===
Get a Google Pixel 8A or 9A locally from a small family owned business, covering up as much of your face as possible. Due to the implementation of ARM hardware memory tagging, a feature that significantly reduces vulnerability to remote exploits from Pixels since pixel 8, Always prefer a recent pixel like 8 or 8a or 9 series. Pay in cash. Give as little information as necessary and do not order with a carrier. Do not use a SIM card inside of your phone. Keep Airplane Mode on at all times If you have to make calls, get a physical burner with a cheap one-use SIM. Even when not connected to any internet, cell towers can track your position down to the room you're in.<ref>https://www.qualcomm.com/videos/5g-multi-cell-positioning-ota-demonstration</ref><ref>https://www.ericsson.com/en/blog/2018/11/lte-positioning-and-rtk-precision-down-to-the-centimeter</ref><ref>https://www.cisa.gov/resources-tools/resources/overview-risks-introduced-5g-adoption-united-states</ref>

Or just don't get a smartphone in general, and only use an old, old cellphone for calls if you REALLY need to. Those things were designed as spyware machines from the very start this time. A old phone you could use is the Samsung Galaxy SIII with [https://replicant.us/ Replicant], a fully free [[Android]] ROM, although if you want to use WiFi you will need USB adapter that DOES NOT need proprietary drivers, some are listed on Replicant's site.

=== Before you even turn on your devices: ===
FOLLOW THESE TASKS!!!

*Check to see if your device has been tampered with. (Especially the screws. See if they've been stripped or worn in anyway.)
*Physically remove the camera from your device.
*Physically remove the speaker from your device.
*If unable to remove camera, cover it in tape.
*If unable to remove speaker, keep volume always muted.

== Software ==
[[File:GrapheneGODS.png|thumb|Depiction of the average GrapheneGOD.]]

=== Computers ===
For computers use either Linux, de-bloated Windows, ReactOS, or QubesOS. In either case you should enable full disk encryption.
Do {{Bantext|NOT}} use BitLocker, as Macroslop hands out BitLocker encryption keys like candy to the feds<ref> https://www.forbes.com/sites/thomasbrewster/2026/01/22/microsoft-gave-fbi-keys-to-unlock-bitlocker-encrypted-data/</ref>.

QubesOS is an operating system that heavily relies on using Virtual Machines (VM's) for everything, and having a special VM for each daily activity or purpose called "Qubes." QubesOS may seem a bit overkill for most, but remember that the government has unlimited resources and that they WILL NOT CUT CORNERS. Do not underestimate them.

If you are willing to try out SecureBlue which is a hardened fedora distro, you are also good. It uses the same hardened malloc as GrapheneOS.

Double aryan points if you use a fully libre Linux distro with 0 proprietary components or blobs, such as [https://pureos.net/ PureOS], [https://www.parabola.nu/ Parabola GNU/Linux-Libre], [https://www.hyperbola.info/ Hyperbola], [https://guix.gnu.org/ Guix] or any distro found [https://www.gnu.org/distros/free-distros.html here,] as it's 95% impossible of being backdoored, 99% if you use a Libre UEFI<sup>''[or a BIOS if your PC is older than {{Dusttext|dust...}}]''</sup> such as [https://libreboot.org/ LibreBoot],{{Keyedtext|[https://www.gnu.org/software/gnuboot/index.html GNU boot]}} or [https://canoeboot.org/ CanoeBoot.]
If you decide to flash the firmware mentioned, {{RedText|READ THE FUCKING MANUAL OR ELSE YOU WILL BRICK YOUR PC.}}{{Note|Some enthusiast motherboards have a "backup" BIOS you can switch to. That would make this more safe to experiment with.}} If you really value security, consider using GRUB as the payload and follow the LibreBoot/CanoeBoot GRUB Hardening Guide ([https://canoeboot.org/docs/linux/grub_hardening.html CanoeBoot version] / [https://libreboot.org/docs/linux/grub_hardening.html LibreBoot version])

If you don't want to use [[Tranny|Code of Conduct]]-infested shit, use [https://openbsd.org OpenBSD] or [https://freebsd.org FreeBSD] instead. OpenBSD is especially aryan btw. [http://oqptm57xf2g6mziwphlf7eqmkdg3ni6qneuuf3wbqzhdfcjufhumaxyd.onion/ Here is a CVS repo with OpenBSD guides, scripts, configuration files, etc. (tor only, you need to use Tor Browser)]

{{Glow|If you don't want to use Linux, you can de-bloat Windows 10/11 by using O&O ShutUp10++, a tool able to [[Lie|fully control]] Windows data-collecting and other features that (((MiKKKro$lop))) loves to hide.}} However, a more keyed alternative that is like Windows is [https://reactos.org ReactOS] a mostly open-source alternative to Kikedows that is debloated by default.

You could also use '''Tails OS''' (The Amnesic Incognito Live System) a portable, bootable Linux distro designed for total anonymity. It runs entirely from a USB stick or DVD, <s>leaves no trace on the host machine</s>{{CitationNeeded|Meds now}}<ref>https://gitlab.tails.boum.org/tails/tails/-/issues/5356</ref><s>,</s> and routes all internet traffic through Tor by default. Just don't forget your persistent storage passphrase, or everything is gone. {{Keyedtext|Even the keyed Aryan {{Gemtext|[[Edward Snowden]]}} who made {{Glow|Glowies}} leak by releasing classified documents revealing the existence of global surveillance programs}} once highly recommended it.

=== Phones ===

Phones are terrible for any type of privacy, and if you can, you should probably not get one, although if you need to...

'''''GRAAAAAPHEEEENEEEEE!!!!'''''

GrapheneOS is a custom-built ROM of Android letting you have full control over your phone, ranging from auto-rebooting at a certain time to toggling a pin to pop-up whenever you try to open an app. Very useful! Remember to enable duress PIN which will wipe your device once you enter it. A quality Google Pixel goes well with it (they are in a partnership with Motorola now, in 2027 some graphene Motorola phones will be realesed so stay tuned).

=== Communication ===
{{Tip|{{Bantext|Glowies can recover your Signal messages, even if you have the app deleted<ref>https://www.techradar.com/phones/iphone-owners-urged-to-change-this-key-privacy-setting-after-fbi-recovers-suspects-deleted-signal-messages</ref>.}} To remedy this, go into "Settings", "Notification", and then "Notification Content" and select either "No Name or Content" or "No Content" if [[(You)]] want to know who sent you that message.}}
Use '''Signal''', '''Threema''', '''Session'''<ref>session re-added perfect forward secrecy </ref> or '''Simplex''' for encrypted messaging. Signal is widely vetted and open-source<ref>https://github.com/signalapp</ref>, though it relies on phone numbers. Threema is also open-source<ref>https://github.com/threema-ch</ref>, though you have to pay 6 USD/EUR/CHF for a one-time personal-use license<ref>https://threema.com/en/pricing</ref>, does not require email or phone-number<ref>https://threema.com/en/faq/privacy-protection</ref>, it will generate a random ID for you once you signed up. Simplex, on the other hand, is a decentralized messenger that does not require a phone number at all.

Avoid [[Discord]], [[Telegram]], and other similar services, they are compromised or easily subpoenaed and are full of [[Furry|Furries]] and [[Tranny|trannies]]. Email should be hosted on secure, anonymous services like cock.li.

Use '''PGP (Pretty Good Privacy)''' for encrypting emails and files. PGP can also be used if you must use the earlier mentioned services, however don't share your public key through them{{Margerald}}. There is a good guide by a literal who named Kevin that goes over on how to set it up [https://kevinsguides.com/guides/security/software/pgp-encryption/ here]. You could also use thunderbird which will allow you to easily create and manage your PGP keys and proxy your email through Tor<ref>https://wiki.archlinux.org/title/Tor#Proxy_Configuration</ref>

Don't use Matrix, as it is related to the {{Mossad|(((Isreali government.)))}}<ref>https://web.archive.org/web/20201219014215/https://samba.noblogs.org/post/2018/08/27/matrix-org-a-federated-app-funded-by-a-mossad-company/</ref> Use XMPP instead.

=== Software Practices ===
*Always verify checksums and GPG signatures when downloading files.
*Avoid sketchy third-party installers.
*Use open-source software where possible.
*Stay updated, but wait a few days to avoid being the test dummy for new bugs.

Use '''Virtual Machines''', '''sandboxing tools''', or even '''dedicated hardware''' for risky tasks. Everything that runs is a potential {{Glow|backdoor}}, treat it that way.

=== {{glowmore|Intel ME}} and {{glowmore|AMD PSP}} ===

One of the biggest with modern cybersecurity is Intel ME. It is a gigantic backdoor that has {{glow|full access to your computer (operates in ring zero), is ALWAYS on, runs a proprietary separate OS and has network access.}}

{{Glow|AMD PSP}} is the same shit, but it is slightly better becuse it does not have network access. It's still a backdoor so just remove it as well.

To remove it, consider using one of these options:

*[https://libreboot.org/ LibreBoot]
*[https://www.gnu.org/software/gnuboot/index.html GNU boot]
*[https://canoeboot.org/ Canoeboot]
*[https://osresearch.net/ Heads]
*[https://www.coreboot.org/ CoreBoot]

== Apps ==
Apps are a very core aspect of cybersecurity. Most mainstream apps are usually closed-source or "proprietary" software. Apps or websites such as Youtube, Chrome, Facebook and even Spotify do not allow their users to view the source code of their apps. This is usually to hide their methods of data-collection and any backdoors they may be hiding. There are however alternative apps that can be used that are "open-source" where the code is easily accessible and can be reviewed by anybody who knows how to read it. Be careful! Just because it's open source, doesn't mean its safe. Learn how to read code to make sure any apps you're using aren't subtly {{Glow|glowing.}}

Before you can install some of the apps below, you'll need an app called F-Droid. F-Droid is an app store that only hosts open-source apps. You need an Android phone to install this app, as iPhones can't install APK files. Apps that can only be installed on F-Droid will be in bold.

=== Alternatives ===
*Youtube - '''NewPipe''' or '''PipePipe'''
*Google Play - '''F-Droid or Aurora Store'''
*Browser - Librewolf or Tor Browser ''(Remember to disable Javascript!)''
*2FA - '''Freeotp++''' or '''Aegis'''
*VPN - Mullvad, Proton VPN
*Disk Wiping - '''Extirpater'''
*Exif Remover - '''Scrambled Exif'''
*{{Brimtext|[[Discord|Der 'Cord]]}} - '''<s>IRC</s> Signal, Mumble, XMPP, Woodchipper'''
*Mail - Proton Mail, Tuta mail

== Metadata and EXIF Data ==

'''Metadata''' is invisible information embedded in files such as images that reveals details like the operating system used, timestamps, and device-specific info. Most people know about EXIF in photos, but almost every file type can leak something.

'''EXIF data''' (Exchangeable Image File Format) is a type of metadata used by cameras and smartphones. It can include:
* GPS coordinates of where a photo was taken
* Device make and model
* Shutter speed and aperture
* Time, date, and more

To remove it:
* '''PC''' – [https://www.bleachbit.org BleachBit]
* '''Android''' – '''Scrambled Exif''' (available on F-Droid)
=== Document Metadata ===
PDFs, Word files, and similar docs may include:
* Author names
* File paths
* Edit history
* Software info

To remove it:
* Use PDF printers or LibreOffice “Export as PDF”
* Use '''MAT2''' (Metadata Anonymization Toolkit)
=== Audio/Video Metadata ===
Media files can include:
* Recording device
* GPS (on phones)
* Editing software

To remove it:
* Use '''FFmpeg''' with `-map_metadata -1`
* Or run them through BleachBit

=== Archives and Code ===
ZIPs, scripts, and code can leak:
* Timestamps
* Directory paths
* Author names
* Git commit history
Always assume that anything you share might be revealing more than you intend. When in doubt, strip it out.

== See also ==
* [[CIA]]
{{Reflist}}
{{Notelist}}

The Ultimate OPSEC Guide - Revision history