Rate my opsec setup

N

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
Hey, i wanted to ask you all what you thought of my opsec setup. Any tips/tops are welcome

Laptop => Logless VPN => VM with Windows => RDP paid with crypto => antidetect browser with socks5 proxy

Thanks
 
Advertise on BHW
CreativeDaddy

CreativeDaddy

Supreme Member
Joined
Aug 24, 2019
Messages
1,226
Reaction score
944
Website
www.blackhatworld.com
You need to specify each step to understand how good your opsec setup is.

For example, on your laptop you should remove (hardware remove) cam, bluetooth, wireless wifi (anything that can screw you over distance) and this list goes on & on.
In terms of OS, you should use one for opsec like tails for multiple reasons obviously.

Not a opsec master here, however if you wanna be good and have a good setup you need to go deep on it.

My reccommendation is for you to visit proper opsec blogs & forums and not that surface web bs full with crappy tips.
 
N

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
CreativeDaddy said:
You need to specify each step to understand how good your opsec setup is.

For example, on your laptop you should remove (hardware remove) cam, bluetooth, wireless wifi (anything that can screw you over distance) and this list goes on & on.
In terms of OS, you should use one for opsec like tails for multiple reasons obviously.

Not a opsec master here, however if you wanna be good and have a good setup you need to go deep on it.

My reccommendation is for you to visit proper opsec blogs & forums and not that surface web bs full with crappy tips.
Click to expand...
Would you say installing Tails OS on the laptop is enough? Or do you think the hardware removal of peripherals might be a bit overkill? Is that even possible? Assuming I'm not on like a watchlist or anything
 
Rakzs

Rakzs

Jr. VIP
Jr. VIP
Joined
Aug 6, 2022
Messages
396
Reaction score
476
Firstly it completely depends on your threat model. IF it's extreme then there are things like Intel ME / hardware level backdoors which can be of concern to you, then there's the matter of your router, and all other hardware that you'll have to get which is usually unnecessary effort and a waste of time (Laptops like Purism fit this though). Then, know that you can even be tracked by how often you type (typing speed, break time, common words used, etc. Look up what Keystroke Deanonymization is if you don't believe it).

My point being, you need to assess what you are doing that you need your opsec setup for and elaborate on your threat model. If you know what the threats are you will know how to better avoid them. Read the Whonix wiki to start.
 
R

roddysyn8

Junior Member
Joined
Dec 7, 2006
Messages
106
Reaction score
86
neilarmstrong1 said:
Hey, i wanted to ask you all what you thought of my opsec setup. Any tips/tops are welcome

Laptop => Logless VPN => VM with Windows => RDP paid with crypto => antidetect browser with socks5 proxy

Thanks
Click to expand...
and why you want to hide?
 
Gogol

Gogol

Jr. VIP
Jr. VIP
Joined
Sep 10, 2010
Messages
9,823
Reaction score
16,969
Website
twitter.com
neilarmstrong1 said:
Hey, i wanted to ask you all what you thought of my opsec setup. Any tips/tops are welcome

Laptop => Logless VPN => VM with Windows => RDP paid with crypto => antidetect browser with socks5 proxy

Thanks
Click to expand...
and then you come to bhw talking about it haha :p

ps, How do you know the vpn is logless? Do you have access to their server, or are you self hosting it?
 
N

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
Rakzs said:
Firstly it completely depends on your threat model. IF it's extreme then there are things like Intel ME / hardware level backdoors which can be of concern to you, then there's the matter of your router, and all other hardware that you'll have to get which is usually unnecessary effort and a waste of time (Laptops like Purism fit this though). Then, know that you can even be tracked by how often you type (typing speed, break time, common words used, etc. Look up what Keystroke Deanonymization is if you don't believe it).

My point being, you need to assess what you are doing that you need your opsec setup for and elaborate on your threat model. If you know what the threats are you will know how to better avoid them. Read the Whonix wiki to start.
Click to expand...
Ahh yeah I see. What about medium threat then? Not near NSA level or anything
 
Rakzs

Rakzs

Jr. VIP
Jr. VIP
Joined
Aug 6, 2022
Messages
396
Reaction score
476
neilarmstrong1 said:
Ahh yeah I see. What about medium threat then? Not near NSA level or anything
Click to expand...
In that case it is significantly less trouble. You should read into the QubesOS, Whonix, and TailsOS wikis and choosing the one that fits your situation best.
 
uncutu

uncutu

Elite Member
Joined
Aug 6, 2010
Messages
2,850
Reaction score
2,367
nice set up. you should run it on tails os or qubes or something. its all void if youre running windows.
watch a few old snowden interviews. he goes over interesting scenarios for opsec. @CreativeDaddy touched on some of the physical modifications you should do. and where to go for better advice
 
irivi

irivi

Junior Member
Joined
Dec 24, 2018
Messages
153
Reaction score
77
Since this is a school paper, does this mean your setup is theoretical? i.e. you can make it alot more intense than you might want to if it were a tangible project? Or are you making a tangible setup and then writing the paper?
 
N

neilarmstrong1

Junior Member
Joined
Aug 28, 2021
Messages
119
Reaction score
114
irivi said:
Since this is a school paper, does this mean your setup is theoretical? i.e. you can make it alot more intense than you might want to if it were a tangible project? Or are you making a tangible setup and then writing the paper?
Click to expand...
Going to that level of opsec would give me too much to write about, 3000 word limit
 
irivi

irivi

Junior Member
Joined
Dec 24, 2018
Messages
153
Reaction score
77
neilarmstrong1 said:
Going to that level of opsec would give me too much to write about, 3000 word limit
Click to expand...
This is the first time I've heard of the term, but I wonder if you might want to include a mechanism that would cause physical destruction upon being activated. Another portion that might be interesting is the physical security protocols involved with accessing the location of the setup. I do not know of good suggestions but in my imagination I think of under-the-table cash apartments and rooms built to block signals with faraday cages.
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Web Design Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Top