This article was submitted to Amerikaner.org by Quiet Quoll. If you would like to submit your own content, please email amerikanercontributions@proton.me
OpSec (short for Operational Security) is a concept that has been around for a long time in the tech world. It is a process of limiting dissemination of sensitive information. What is sensitive information? This usually refers to PII (Personally Identifiable Information), which should be self-explanatory.
Why is it important to limit access to this information? The primary reason is that there are those who would use this information to hurt you. The common parlance is doxing, referring to gathering documentation. This is a common tactic of degenerates and those who find you disagreeable.
Your free expression is painful to them. Using words they don’t agree with. Daring to infer that personal responsibility is a thing. Not placing degenerates on a pedastal. In some people’s opinion, these “crimes” are worthy of ruining you.
The statement “the only way to win is not to play” is true, but not always palletable. The old days of like-minded people meeting in person weekly is not always viable. Luckily, we have a tool for making and maintaining connections: the Internet. And like venturing down any Martin Luther King Jr. Boulevard as a White, the Internet is a dangerous place.
Lucky for us there are some very simple steps to keep yourself safe. These steps are easy to put in place, but can be inconvenient. For example, not re-using usernames can make connections difficult. Not impossible by any stretch, but exchanging follows becomes more complex.
Likewise, discouraging the re-use of passwords is more difficult than not. Finally, “mainstream” service providers have no problem cutting you off. Not only that, but they might have access to your PII to spread around. Don’t discount that because it is illegal our enemies will not use any tool at their disposal.
Don’t Re-Use Usernames
This one is likely the most inconvenient, but also the most necessary. Doxing is easier when you have been using the same username since you were a teenager. Separating from old usernames has a similar effect to changing your name. The username I’m posting from here is not used anywhere else, making it difficult to tie account to others.
That is not to say it is impossible, but its made more difficult. I like to use random username generators when I create a new account. BitWarden, which I’ll talk about more later, has a username and password generator. You can also use a site like this to generate a random username.
https://jimpix.co.uk/words/random-username-generator.asp
Don’t Re-Use Passwords
Everyone is guilty of this at some point in their life. In a world where there were not breaches at service providers every week, this was much less of a problem. Once someone has your email address, they can search for password you have used. In the modern landscape, there is no longer a reason for password re-use.
Grab a free password manager like BitWarden, or any other password manager, and use it. I use BitWarden and the $10/year subscription allows me to have it on my phone and desktop. BitWarden has a built-in password and username generator. It also will prompt you to save credentials when logging into a site. That way, you can keep your credentials in line and your identity anonymous.
Don’t Use Mainstream Service Providers
On the surface, this refers to not using services like GMail, Twitter, and Facebook. These companies hate you and will take any opportunity they have to hurt you. This sort of goes along with the concept of don’t pay companies that hate you. There is evidence that employees of these companies have betrayed consumer trust. Even though their policies say they keep your data private, bad employees have access too.
If there is a need to use these services for whatever reason, deploy the previous tactics. Create a random username for Twitter to talk shit to commies. Make a generic email account to sign up for Facebook under an assumed name. Don’t create a KiwiFarms account with your personal GMail.
Conclusions
In an ideal world, you would create a unique email address, username, and password for sites like this one. Yes, this is inconvenient. Using a password manager eases the burden quite a bit. Even a program like KeePass would be preferrable to re-use. There are plenty of email services considered safe and private. ProtonMail is the first that comes to mind, followed by Tutanota, fedora.email, even cock.li.
There are many more OpSec principles that one could deploy to keep private data private. This is not intended to be a comprehensive list. These are a few simple steps one could take to beginning the journey down the road to privacy. Here are a few sites I recommend checking out if you want to learn more.
https://www.privacytools.io/
https://www.privacyguides.org/
https://kiwifarms.net/threads/cybersecurity-101.11731/
Please leave a comment below if you have any questions and I will do my best to answer.
Thank you this helpful info I plan to pass on to other boomers like myself , I look forward to more helpful insight from you guys.
All the best and keep well brothers.
Don’t use online password manager services. First thing that gets caught in an opsec audit.
That is not necessarily true. Though LastPass has been compromised over and over again, there is no evidence that anyone’s unencrypted vault data has been leaked.
That being said, you are right in one aspect: if your password manager is not locking itself automatically and someone takes over your computer (as is the case with the recent chudbuds.lol hack), you might as well just have an excel spreadsheet with your passwords in it. Though they may not be able to just export your passwords directly, they can certainly grab out some specific ones and do whatever they need to do.
This is the case with offline managers like KeePass as well; if your password manager is just sitting on your desk unlocked, you are opening yourself up to trouble. I know it’s inconvenient, but it would be inconvenient for attackers as well.
I like bitwarden for this! It is opensource and can even run your own instance if your so inclined to run things locally on your home network.
unfortunately in todays climate it isn’t if something gets hacked it is when. Also not counting
we also have to deal with Rabid NPC sheep who more then likely would “leak” info about us.
So I try and use 2fa authentication that isn’t tied to a phone if possible. I hate phones for that.
When I create my 2fa. I don’t scan the QR code initially. I ask for the text of it. that way you can save that text into your bitwarden or lastpass account and it makes it easier to import later into your 2fa application or even just use python if you code at all.