Opsec discussion thread

Opsec discussion thread

Should I be purchasing a Faraday Tent right now for secure computing, or should I be admitting myself to a mental hospital for schizophrenia? I can't tell at this point but I don't see anything objectively wrong with being extra careful.

The latter.

But why, it's a great blanket security measure that removes a large swath of opsec concerns - anything related to radio data exfiltration. This includes anything involving WiFi which is most of them.

You're worthless. No one is going to spend all that effort on getting a scrub like you's data.

It's not about them targeting me. It's about me accidentally messing up and becoming infected with malware somehow during one boot session.

I just want to be safe user why am I worthless...

Yes.

looks fake
sauce?

Yes, not only for your computing but EM fields pervade too much the common households nowadays. If you can seal your home.

Find out exacly what frequencies you wanna block and acquire a noise source to mask your tempest shit.

How would you shitpost without internet though?

That machine isn't for that

get one just be safe against shit like this

in the post-flare world the man with a working computer is king

RF leakage is a real thing. What you should be asking is; do you actually believe your life is interesting enough for anyone to devote any resources to investigating it?

You should be farday'ing your whole house.

LEA and Intelligence agencies can use thermal optics and synthetic apeture radar to literally look into your house... never mind using two or more wi-fi transmitters to do the same.

and you need a cage that works for a broad spectrum of EM frequencies.

Also, if you deem that it is; is the rest of your OPSec so good that this avenue, among all available channels, the best attack vector to tracking your activities

>linux

fake and gay

This isn't how solar flares work.

>secure computing
>current year

Make
1. public computer
Windows, direct lan connection, etc. chrome, newish cpu...

2. private computer
Some safe linux distro like Subgraph OS or something that Stallman recommends on hardware from 2006. with encrypted hdd and wireless internet access trough some public access point not related to you directly.

3. typwriter replacent
486 or Pentium before pro or k6 or Duron with temple os or something and with no internet or any kind of connection.

Truly secure computing is basically illegal

Do you really think you're important enough to have CIA niggers sitting in theie operation van outside of your house at all times?
If no, don't do it, it's fucking dumb. If yes, don't do it either. There are better and more sane ways of data protection.

your bios has a option to actually randomize signals to reduce magnetic flux which can be read with special devices as the CPU is constantly changing voltages you can determin certain functions and even read memory with other devices.

The option will reduce your performance by like 2-5% though..

This used to be mitigated by 100% steel cases in the 80s-90s but now since everything is plastic to reduce cost and weight we are vulnerable to it.

I've seen a blackhat group at a coffee shop at close range use a electro magnetic skimmers under the table within a foot of a laptop and that can pickup keystrokes. (every key press produces a pulse with unique voltage)

The keyboard scanners are much much more limited by range for accurate reading because it degrades for every inch by like 10-20%.

This can only be prevented with a optical keyboard. (rare and expensive)

If I use a Faraday cage though I don't need an old computer because Intel's spying stuff can't get through. Only ever connect the machine to power inside my Faraday cage

Fucking damnit. I just don't even want to use a computer anymore.

>If I use a Faraday cage though I don't need an old computer because Intel's spying stuff can't get through.

You dont know how any of this works do you?
Imagine a small computer in your cpu that has access to everything in your system. it uses different protocols, works at a low level is impossible to detect

If you do end up using a Faraday cage, i hope you also use your own source of power you know, because the grid is already compromised.

And how do they exfiltrate user

Battery user

Internet

Rumors about 3g modems in cpus are old and probably true. Same for rumors about power line using network adapters similar to old homepna but these are in your cpu at least since the time memory controllers are in the cpu.
Your ethernet connection cable has 8 wires and a very wide range of frequencies for signals to use ...

Obscuring and obfuscating is more secure these days.
using some methods can bring you into the spotlight and then if you get their attention you will have much bigger problems than the privacy of your data.

user I know they can exfiltrate over the internet, but I mean inside a Faraday cage how do they exfiltrate? There is no network, they can't.

Note I will keep this computer inside its Faraday cage forever and never take it out

Also I'm not really trying to hide data from the NSA, I'm trying to hide my data from Russians who want to steal my crypto in my cold wallet

just remove your wifi and BT cards, now no russians can hax you

Because you're overthinking shit based on what COULD happen instead of analyzing the situation rationally based on what DOES happen. There is no such thing as a drive-by malware install that just infects a computer that is idling. You get that shit going to web sites with unregulated ads and not using a fully-registered version of Common Sense 2018. There is often a delay on destruction with malware
and the worst aspects won't take effect until the computer is restarted. If you boot up your computer one day and find yourself infected, it was something you did the last time the computer was used, not some black hat with aircrack hopping on your wifi.

There is experimental malware that can be transmitted through speakers and microphones that a faraday cage cannot protect against. It doesn't really exist in the wild but the capability is there. If you are genuinely worried about your digital safety the best course of action is to simply get rid of it all and go back to pen and paper. Otherwise, stop overreacting.

you can only get drivebys with firefox

It does not look fake. It's probably Syria.

Okay user but Faraday cage gives me peace of mind knowing that even if there are 10 crypto stealer viruses on my laptop then I'm still safe

does it even matter? when hardware is backdoored what can we do?

I would not be surprised if all major ethernet cards contained backdoor too and US have access to any connected device through some obscure communication protocol

>Russians

Depending on the amount of money your risk can go from 0 to 99% very fast.

nice snowden larp
nipple tweezers lean towards kinky tho

Probably one of my favorite images.

Come live with me in my jungle coke lab, we got all the opsec you need. The only way of communicating is via satellite phone.

Why would you harden things which don't require it? It only makes you more suspicious, which might compromise something that is actually sensitive. Use burner devices and offline storage. If what you're doing doesn't warrant at least that, you don't need to guard yourself against the government.

Those coca leaves look tasty.

64208631

Do not listen to these kind of tools.
Better be safe than sorry.

>Autist tries security
Give up, Sup Forums. You'll just focus on the wrong thing endlessly and not understand wider context.

Okay what is the wider context? I'm trying to cover every single base

>Strong encryption
>100% air gap
>Verify hashes of all binaries

What the fuck else do I need? I'm being genuinely serious here - if I'm missing anything please tell me because I want to learn. If I'm wrong about something teach me and I'll say "sorry senpai you are superior and I'm just an r9k autist"

a few of the many:
noticed by you:
- rubber hose cryptography
unnoticed by you:
- above + fancy chemwork to cause amnesia
- trust base attack (see thompson hack, hard drive firmware issues, FDE bootloader/kernel tweaks, etc)
gotta have a threat model m8

If you're really THAT paranoid I'd go with something really obscure. Also something with more secure hardware like a modded PS3 with a very lighweight, secure *nix OS installed on it

You need to not be so conspicuous with yourself in general and keep ops to devices you can destroy. Ideally your ops don't take place on US soil. If you're doing all this without something to hide you've lost the ability to blend in with the herd for no reason. Blending in and having green profiles is good. Harden stuff that NEEDS it, and particularly against a reasonable attacker. Right now you are hardening against the government despite probably not having something they care about. You are acting like a target they would pursue, yet doing it badly because you're not destroying devices, and you're not off US soil, you're just increasing the likelihood of an escalated search.

Rubber hose is always an issue that's why I don't tell anyone about my crypto

Fancy chemwork to cause amnesia? What? Trust base attack? How does this allow anything to be exfiltrated? None of these issues matter unless there's a way to exfiltrate my crypto private keys

user I'm securing crypto from online hackers. I have no social life or friends and literally nobody knows who I am because I'm autistic as fuck. My threat that I'm modelling against is malware, be it downloaded or existing in binaries I use exfiltrating private keys