Rate my opsec setup

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
Hey, i wanted to ask you all what you thought of my opsec setup. Any tips/tops are welcome

Laptop => Logless VPN => VM with Windows => RDP paid with crypto => antidetect browser with socks5 proxy

Thanks
 

CreativeDaddy

Supreme Member
Joined
Aug 24, 2019
Messages
1,226
Reaction score
944
Website
www.blackhatworld.com
You need to specify each step to understand how good your opsec setup is.

For example, on your laptop you should remove (hardware remove) cam, bluetooth, wireless wifi (anything that can screw you over distance) and this list goes on & on.
In terms of OS, you should use one for opsec like tails for multiple reasons obviously.

Not a opsec master here, however if you wanna be good and have a good setup you need to go deep on it.

My reccommendation is for you to visit proper opsec blogs & forums and not that surface web bs full with crappy tips.
 

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
You need to specify each step to understand how good your opsec setup is.

For example, on your laptop you should remove (hardware remove) cam, bluetooth, wireless wifi (anything that can screw you over distance) and this list goes on & on.
In terms of OS, you should use one for opsec like tails for multiple reasons obviously.

Not a opsec master here, however if you wanna be good and have a good setup you need to go deep on it.

My reccommendation is for you to visit proper opsec blogs & forums and not that surface web bs full with crappy tips.
Would you say installing Tails OS on the laptop is enough? Or do you think the hardware removal of peripherals might be a bit overkill? Is that even possible? Assuming I'm not on like a watchlist or anything
 

Rakzs

Jr. VIP
Jr. VIP
Joined
Aug 6, 2022
Messages
396
Reaction score
476
Firstly it completely depends on your threat model. IF it's extreme then there are things like Intel ME / hardware level backdoors which can be of concern to you, then there's the matter of your router, and all other hardware that you'll have to get which is usually unnecessary effort and a waste of time (Laptops like Purism fit this though). Then, know that you can even be tracked by how often you type (typing speed, break time, common words used, etc. Look up what Keystroke Deanonymization is if you don't believe it).

My point being, you need to assess what you are doing that you need your opsec setup for and elaborate on your threat model. If you know what the threats are you will know how to better avoid them. Read the Whonix wiki to start.
 

roddysyn8

Junior Member
Joined
Dec 7, 2006
Messages
106
Reaction score
86
Hey, i wanted to ask you all what you thought of my opsec setup. Any tips/tops are welcome

Laptop => Logless VPN => VM with Windows => RDP paid with crypto => antidetect browser with socks5 proxy

Thanks
and why you want to hide?
 

Gogol

Jr. VIP
Jr. VIP
Joined
Sep 10, 2010
Messages
9,823
Reaction score
16,969
Website
twitter.com
Hey, i wanted to ask you all what you thought of my opsec setup. Any tips/tops are welcome

Laptop => Logless VPN => VM with Windows => RDP paid with crypto => antidetect browser with socks5 proxy

Thanks
and then you come to bhw talking about it haha :p

ps, How do you know the vpn is logless? Do you have access to their server, or are you self hosting it?
 

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
Firstly it completely depends on your threat model. IF it's extreme then there are things like Intel ME / hardware level backdoors which can be of concern to you, then there's the matter of your router, and all other hardware that you'll have to get which is usually unnecessary effort and a waste of time (Laptops like Purism fit this though). Then, know that you can even be tracked by how often you type (typing speed, break time, common words used, etc. Look up what Keystroke Deanonymization is if you don't believe it).

My point being, you need to assess what you are doing that you need your opsec setup for and elaborate on your threat model. If you know what the threats are you will know how to better avoid them. Read the Whonix wiki to start.
Ahh yeah I see. What about medium threat then? Not near NSA level or anything
 

Rakzs

Jr. VIP
Jr. VIP
Joined
Aug 6, 2022
Messages
396
Reaction score
476
Ahh yeah I see. What about medium threat then? Not near NSA level or anything
In that case it is significantly less trouble. You should read into the QubesOS, Whonix, and TailsOS wikis and choosing the one that fits your situation best.
 

uncutu

Elite Member
Joined
Aug 6, 2010
Messages
2,850
Reaction score
2,367
nice set up. you should run it on tails os or qubes or something. its all void if youre running windows.
watch a few old snowden interviews. he goes over interesting scenarios for opsec. @CreativeDaddy touched on some of the physical modifications you should do. and where to go for better advice
 

irivi

Junior Member
Joined
Dec 24, 2018
Messages
153
Reaction score
77
Since this is a school paper, does this mean your setup is theoretical? i.e. you can make it alot more intense than you might want to if it were a tangible project? Or are you making a tangible setup and then writing the paper?
 

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
Since this is a school paper, does this mean your setup is theoretical? i.e. you can make it alot more intense than you might want to if it were a tangible project? Or are you making a tangible setup and then writing the paper?
Going to that level of opsec would give me too much to write about, 3000 word limit
 

irivi

Junior Member
Joined
Dec 24, 2018
Messages
153
Reaction score
77
Going to that level of opsec would give me too much to write about, 3000 word limit
This is the first time I've heard of the term, but I wonder if you might want to include a mechanism that would cause physical destruction upon being activated. Another portion that might be interesting is the physical security protocols involved with accessing the location of the setup. I do not know of good suggestions but in my imagination I think of under-the-table cash apartments and rooms built to block signals with faraday cages.
 
Top