Secure communication devices
- Thread starter JohnnyDoe
- Start date
The more you do, the larger your attack surface becomes. The larger your attack surface, the more you have to protect. The more you have to protect, the greater the statistical chance something slips through and you get breached.
For most people who are genuinely OPSEC aware, the bar is surprisingly low:
Too many are actively booby-trapping themselves in the pursuit of flexing the latest encrypted phone, hardened OS, anonymous VPN stack, or obscure privacy gadget. While the examples are in tech, dependencies can also be environmental or human. Every additional black box you introduce is something you don't fully understand: unknown firmware, unvetted supply chains, telemetry you can't see, update mechanisms that could be subverted, or side-channels you never considered. The more opaque layers you stack for "protection," the less visibility you have into your actual attack surface and how well (or poorly) your defenses are really configured.
Security is, and always has been, incorporated on a SOP level. So assuming breach is inevitable (or has possibly already happened). Just live your life accordingly, constantly aware that your actions might be observed, logged, or reconstructed like Jim Carry's in The Truman Show.
For most people who are genuinely OPSEC aware, the bar is surprisingly low:
- Use strong, simple encryption where it matters (full-disk, messaging, passwords).
- Avoid leaving a digital footprint when doing anything sensitive or "stupid". You can even throw your phone away if you can bear the inconvenience.
- Ruthlessly minimize the technologies, accounts, and services you rely on.
Too many are actively booby-trapping themselves in the pursuit of flexing the latest encrypted phone, hardened OS, anonymous VPN stack, or obscure privacy gadget. While the examples are in tech, dependencies can also be environmental or human. Every additional black box you introduce is something you don't fully understand: unknown firmware, unvetted supply chains, telemetry you can't see, update mechanisms that could be subverted, or side-channels you never considered. The more opaque layers you stack for "protection," the less visibility you have into your actual attack surface and how well (or poorly) your defenses are really configured.
Security is, and always has been, incorporated on a SOP level. So assuming breach is inevitable (or has possibly already happened). Just live your life accordingly, constantly aware that your actions might be observed, logged, or reconstructed like Jim Carry's in The Truman Show.
Why not using pixel + graphene os?
Personally I do stay away from closed systems as there is always a risk for honeypot or sth similar (or like encro sky chat and so on)
Nitrophone (German based company) is also offering to remove all sensors/cameras in addition but also same risk / sb else had your phone before you have it.
Personally I run ios with Session for not that privat stuff and graphene os with session and Threema for stuff that really should stay āprivateā
āā
On the computer I would always recommend a volume encryption + a virtual machine (only work on the vm!), host and vm with a different vpn that works with a firewall/iptables based killswitch
Personally I do stay away from closed systems as there is always a risk for honeypot or sth similar (or like encro sky chat and so on)
Nitrophone (German based company) is also offering to remove all sensors/cameras in addition but also same risk / sb else had your phone before you have it.
Personally I run ios with Session for not that privat stuff and graphene os with session and Threema for stuff that really should stay āprivateā
āā
On the computer I would always recommend a volume encryption + a virtual machine (only work on the vm!), host and vm with a different vpn that works with a firewall/iptables based killswitch
Easy and effective!
100%
Exactly. Itās not that hard to remove mic, speaker and cameras yourself anyway.
All this is enough for 99% of the people, and free.
What I wanna add is:
if you are doing shady stuff for example, make sure to not use for example your private Facebook account in the same VM you are doing your stuff.
If you do - all your vpns/encryption whatever wonāt help you.
Setup above is enough for everything and I would say for 99.99% of police aswell to not be able to track you down by your ip and so on.
Also, a vpn router with killswitch (gli net has cheap and easy to handle devices) is never a bad idea.
if you are doing shady stuff for example, make sure to not use for example your private Facebook account in the same VM you are doing your stuff.
If you do - all your vpns/encryption whatever wonāt help you.
Setup above is enough for everything and I would say for 99.99% of police aswell to not be able to track you down by your ip and so on.
Also, a vpn router with killswitch (gli net has cheap and easy to handle devices) is never a bad idea.
I don't have an answer for this one š³
I can only think of this:
At the ānetwork level,ā itās no longer about one clever person staying clean.Itās about designing, or participating in, a system where:
š
PS. If they can get their hands on one guy and that guy can DOXX others...it's ALL over. It's a Domino Effect at this point
