![[FCO]FreeCoursesOnline](https://onehack.us/uploads/default/original/3X/b/4/b4d2fc8468becec1e9976784dba394e5a378ec81.jpg){kind=small}
Learn how to protect your privacy, and guard your secrets. Conduct a risk assessment on your personal digital footprint, prepare a mitigation security plan, and learn how to execute clandestine operations.
Learn counterintelligence skills and techniques for protecting your secrets against any adversary. I am a heavily medicated schizophrenic and this is how I will keep you from getting your door kicked down
Read this shit if:
• I have something I wish to keep private
• I am trusted with something I need to protect
• I often move in unsafe environments
• What I do is not considered legal everywhere I go
Disclaimer!!
I take no responsibility if this information or these methods do not prevent you from getting caught doing something you shouldn’t have been doing to begin with. Any glowies reading this can suck my dick. This contains heavy plagarizim.
Operational security (OPSEC) is a security and risk management process that prevents sensitive information from getting into the wrong hands.
Secure Operating Systems
Aside from the normal, everyday Windows, Macintosh, or Linux distros, these are operating systems that are renowned for the security pre-built within them. Many people are weary of switching from windows and I understand that I was a skid once but it’s like dating a black girl once you try it theres no going back. The only real thing that I couldn’t do on linux is game certain games, but espically in Qubes OS (More below) its super easy to set up a windows virtual machine inside your linux machine, dual booting is an option as well. But the fact is windows is hard to harden and espically if you’re one to download random shit off forums or telegram (you’re here) youre device is at risk and these linux operating systems are built to be secure. Windows mac are built to collect as much data from you as possible.
Tails OS
Tails, also known as The Amnesic Incognito Live System, is an open-source OS designed to predominantly be ran via live disc like a CD/DVD, USB, or SD card. The main operation of Tails is aimed at keeping your privacy and anonymity safe while leaving as little trace of use as possible. Since it is an amnesiac OS, nothing is left behind every time you reboot such as save files, new software, and realistically leaves a clean slate when you need to power down. Tails default networking application is TOR (TheOnionRouter) which allows the user to stay encrypted through whatever network they are currently connected to. Many of Tails pre-installed software come pre-configured with security in mind such as the Pidgin IM client which is setup up with OTR for Off-the-Record Messaging or the TOR Browser with all the necessary plugins already added into it. There are many more features to this amazing OS found on their website. If you want to stay on windows this is a good choice for a secure virtual machine or to use off a live boot usb. But really wouldn’t work as a daily drver.
Tails Link: https://tails.boum.org/
Whonix OS
Whonix is another operating system which is aimed on your privacy, security, and anonymity. It is based on three things: The TOR network, Debian Linux, and security by isolation. The creator’s of Whonix stand by the fact that DNS leaks are not possible and malware with root privileges can not find out the user’s real IP according to their website. There are two different parts to Whonix itself: Whonix-Gateway & Whonix-Workstation which is on a completely isolated network with TOR as its only connection possibilities. The Whonix-Gateway is exactly as it sounds, the gateway to the internet and all TOR connections. The Whonix-Workstation is the actual desktop environment you as a user will interact with during daily usage. The two parts of Whonix sync with each other to make sure the connection is secure as possible while also making sure the two are coinciding correctly. This OS is mainly used within Virtual Machines but can be applied in many different ways. I use this in a virtual machine daily.
Whonix Link: https://www.whonix.org/
Qubes OS (Used daily by Edward Snowden and myself)
Qubes, is a third operating system which is mostly aimed on system security. Qubes OS is best described as a Xen distribution running multiple virtual Linux domains. Xen is a extremely stable and mature “bare-metal” type 1 hypervisor. This type of virtualization is analogous to what you may be picturing when using a product like VirtualBox with one important difference. A type 1 hypervisor has no operating system running “below” it which can be compromised. Xen is installed on the “bare metal” and this architecture therefore allows Qubes to create separate multiple virtual machines (“domains”, in Xen parlance) in which you run your applications. This ensures that risky applications can not affect trusted applications, or even write to the underlying file system. This degree of separation doesn’t provide much anonymity in itself, but it does provide a significant degree of protection from malware spread. If you for example end up being infected with malware from a bad website, or by falling prey to an email phishing scam, it would be very hard for that malware to spread outside of the domain it is in, meaning only that virtual machine or "“domain” would be affected and not the entire operating system. I use this daily and it has whonix built in which I love. It runs off debian 11 and fedora 36 vms by default, but you can use anything you want. Its a little rough with nvidia drivers, but does require an above average machine I have 32gb of ram and an i7-7700 and it runs like a breeze.
ParrotOS (Good for laptops)
Parrot Security (Parrot OS, Parrot) is a Free and Open source GNU/Linux distribution based on Debian Stable designed for security experts, developers and privacy aware people. It includes a full portable arsenal for IT security and digital forensics operations. It also includes everything you need to develop your own programs or protect your privacy while surfing the net. From information gathering to the final report, the Parrot system gets you covered with the most flexible environment.
Parrot Link: https://parrotlinux.org/
Virtual Machine Software
VMware Link: https://my.vmware.com/web/vmware/downloads
VirtualBox Link: https://www.virtualbox.org/wiki/Downloads
USB Live Disc Software
Etcher: https://www.balena.io/etcher/
Sardu 330: https://www.sarducd.it/downloads
Rufus: https://rufus.ie/
Every company you entrust with a piece of data that comes back to you, you are trusting that company with your life. Every day the alphabet boys (FBI, CIA, SÄPO, СВР РФ) issue supbpeonas to these companies to take that data that people trusted them with and use it for their own advantage (put people in prison). You can read about it if you like here
Telegram: https://newsrnd.com/tech/2022-06-03-tele…Qrwd5.html
Proton mail: https://www.wired.com/story/protonmail-a…ists-data/
It’s usually best to try to avoid propietary software (non open source) as these usually are spying on you in some way or another. Some of them can be “hardened” to ensure that they are secure and will keep you safe.
Harden Firefox: (if youre going to do anything in here do this)
https://chrisx.xyz/blog/yet-another-fire…ing-guide/
Harden Telegram/Signal (this guys channel is amazing)
Harden Google (by same creator)
Note All VPN’s listed below advertise that they are based in Privacy-Respected and Privacy-Focused Countries and keep ZERO logs of what users do while accessing the VPN.
iproyal
Residential proxy network consists of real IP addresses from real users, making sure you never get detected or blocked. There’s no sharing of any kind, so your proxy is available only to you. Pick between sticky (up to 24 hours) or rotating proxies and enjoy 99.9% uptime and a continuously growing global IP pool. Residential proxies are ideal for reliable data scraping because they’re indistinguishable from organic visitors. We created our own network of residential proxies with genuine users all over the world. Every participant can enter or leave the pool as they wish, and they’re all compensated for their resources.
iproyal link: https://iproyal.com/
ProtonVPN
ProtonVPN is also a well known and reputable Switzerland-based VPN with a very friendly graphical user interface. Also, besides being compatible with just about every operating system and mobile / ipad device platform in the world, ProtonVPN is well known for their Secure Core architecture which gives their secure VPN service the very unique ability to defend against any network-based attacks. Secure Core protects your connection by routing your traffic through multiple servers before leaving their network which means an advanced adversary over who can monitor the network traffic at the exit server and also no one will be able to discover the true IP address of a ProtonVPN user nor match your browsing activity to that IP. All Secure Core servers are also located in hardened data centers in Switzerland, Iceland, and Sweden which is protected by strong privacy laws, and also operated on ProtonVPN’s own dedicated networks.
ProtonVPN Link: https://protonvpn.com/secure-vpn
NordVPN (last resort lol)
NordVPN is another well known and reputable Panama-based VPN with a very friendly graphical user interface. Also, besides being compatible with just about every operating system and mobile / ipad device platform in the world, Panama is a country with no mandatory data retention laws and also does not participate in the Five Eyes or Fourteen Eyes alliances laws. NordVPN also have over 5400 servers in 59 countries with very fast, stable and Military-grade encrypted connections and with multiple different secure network protocols and specialty servers. Plus an advanced Secure CyberSec technology architecture which means enhanced security, enhaced privacy, better performance, faster speeds and more control.
NordVPN Link: https://nordvpn.com/
DNS Leaking
While you are on a VPN, you want all traffic coming from your computer to go through the encrypted network. If any of your traffic leaks outside this encrypted network, people can then log that information which is not good at all. The Domain Name System (DNS) translates domain names such as HackForums.net into IP addresses such as 190.93.250.145 which is required to send packets of data on the Internet. When you try to access a specific website, before you go there you computer must interact with the DNS server to request the IP address. Internet service providers (ISPs) usually use specific DNS servers which log and record specific activities you do while on the Internet. The main issue here is when you use a VPN, sometimes the OS will default to the normal DNS servers instead of the DNS servers your VPN provides. DNS leaks while using a VPN can make you feel safe while you are truly leaking data that you don’t want leaked. This is a major issue which is why all VPNs I listed above have some sort of DNS Leak protection, a must have when stay anonymous. You can test to see if you are DNS leaking at the links below.
IPLeak Link: https://ipleak.net/
LeakTest Link: https://www.dnsleaktest.com/
For anyone not using a VPN with DNS Leak Protection, try using one of these DNS servers:
OpenDNS: 208.67.222.222 and 208.67.220.220
ComodoDNS: 156.154.70.22 and 156.154.71.22
UltraDNS: 156.154.70.1 and 156.154.71.1
NortonDNS: 198.153.192.1 and 198.153.194.1
NordDNS: 103.86.96.100 and 103.86.99.100
SOCKS4/SOCKS5 Servers
SOCKS, which stands for Socket Secure, is an Internet Protocol that routes network packets between a client and server through a proxy server and allows you for sessions to traverse securely across firewall security. SOCKS4 & 5 are different types that do slightly different things. The main difference between the two is SOCKS4 only supports TCP application while SOCKS5 supports both TCP and UDP. With added supports, authentication methods, and domain name resolution, the main outgoing SOCKS proxy are SOCKS4 proxy. You won’t be able to use UDP applications but it will be to your benefit overall. So if you are in need of a proxy instead of a VPN for a specific application, try to keep this in mind.
Tor
What is Tor?
Tor, which stands for ‘The Onion Router’, is a non-profit group of volunteer-operated servers that allows people to improve their privacy, privacy tools, and security on the Internet. The Tor network works by moving your traffic across various nodes through a series of virtual tunnels rather than making a direct connection, allowing anyone to share vital information without compromising one’s identity. Anyone trying to trace you would see the traffic going through various Tor nodes on the network rather than directly from your computer. All that is needed to access the Tor network and .onion links (hidden service sites only accessible on Tor network) is the Tor Browser. The Tor Browser comes ready to use and routes everything you do through the Tor network without any configuration needed although I’d recommend a few steps to take which you will see later in this thread.
Tor Benefits
Tor has many benefits for all kinds of privacy issues people face in the world we live in. Many journalists, hackers, or people living in a dictatorship with a lot of censorship can use the Tor network to anonymize your traffic and access sites you may not have been able to before all while being absolutely FREE. Tor is also very useful for anyone looking to keep their online activity hidden from other people or your ISP. Tor can also be used to host sites which contain hidden services only accessible by other Tor users and sometimes needing an invitation to access for added security.
Browser Configuration
Although the Tor Browser comes pre-configured and can be used right away, there are a few more steps that people should take to secure it even more. Here is a list of addons which should be used within the Tor browser:
HTTPS Everywhere - HTTPS Everywhere is an open-source extension created in collaboration by the Tor Project and the Electronic Frontier Foundation. It allows you to automatically make any website which supports HTTPS, use the secure HTTPS connection instead of the normal HTTP.
NoScript - NoScript is a web browser extension which provides extra protection for Firefox, Seamonkey and other mozilla-based web browsers. This free and open source add-on allows JavaScript, Java, Flash and other plugins to be executed ONLY by trusted web sites of YOUR choice in order to protect your privacy and security. NoScript also provides the most powerful anti-XSS and anti-Clickjacking protection ever available in a web browser. (This will break most websites)
Search Engine - Although many people use Google as their main search engine for normal web browsing, Google shows a lack of care for users privacy in general. Also, Google is notorious for tracking clicks on result pages that you search with alongside sometimes having you log into GMail to access certain things. To prevent that here are a few search engines you can set to default instead.
Exit Node Security Warning!!
One thing I need to talk about is how other entities may be able to see your traffic over the Tor network. On Tor, instead of taking a direct route from your computer to the destination, the Tor network routes a random path through many Tor relays to encrypt and hide your data. Once your at the last relay of the path, this is called the exit node. The exit node is the one that actually makes the connection to the destination server. Tor, by design, cannot encrypt data between the exit node and destination server so whoever may be in control of the exit node has the ability to capture the traffic passing through it. The best way to combat this is to use End-to-End encryption which I will explain more about in the Encryption section later on in this thread.
Invisible Internet Project (I2P)
I wasn’t sure about adding this in but I think it needs to be explained and talked about a little bit. I2P is a decentralized anonymizing network built on similar principles to Tor except was designed to be a self-contained darknet. Users still connect using P2P encrypted tunnels but there are still many differences.
Distributed peer-to-peer model.
Garlic routing (encrypts multiple messages together, harder traffic analysis).
Uni-directional tunnels so incoming and outgoing traffic are seperate.
Uses packet switching instead of circuit switching.
Uses its own API rather than SOCKS like Tor. This makes it technically more secure than Tor.
Aside from being very secure, it will also be much faster than Tor overall. The best way to explain I2P is as a internet within an internet. One thing to mention is I2P does not hide the fact you are using the service at all. If you don’t like Tor for some reason, this is another option to check out.
I2P Link: https://geti2p.net/en/
Encryption
Encryption is a vital part of computer security when it comes to important documents, personal data, or internet traffic. It allows you to securely protect data that you don’t want anyone else to see or have access to. When it comes to privacy and anonymity, encryption plays one of the most important roles possible for securing data being transferred over the internet. Here are just a few types of encryption which everyone should be using.
PGP Encryption
PGP, Pretty Good Privacy, is a program used for the encryption/decryption of email over the Internet but also serves as a way to authenticate messages with digital signatures and encrypted stored files. PGP uses a variant on the public key system. It starts with each user having an encryption key that is publicly known and a private key only that user has. Each person sends a message, encrypting it with their public key. Then when the message is received, the message is decrypted using the user’s private key. To make this the encryption process much faster, PGP uses an algorithm which encrypts the message, then uses the public key to encrypt the shorter key. There are two versions of PGP available: RSA & Diffie-Hellman. Both of these have different algorithms for encryption but as just as secure as the other. Sending digital signatures is a similar process but creates a hash using the user’s name and other signature information. The hash is encrypted with the user’s private key. They recipient uses the sender’s public key to decrypt the hash code. If it matches, the recipient knows that this is an authentic file.
Here are some links to PGP software and guides.
Guide on PGP: http://www.bitcoinnotbombs.com/beginners-guide-to-pgp/
GNU Privacy Guard (alternative): https://www.gnupg.org/
GPG for Windows: http://www.gpg4win.org/
GPG for USB: http://www.gpg4usb.org/
Another good site but is currently invite only is Keybase.io which allows you to confirm someone else’s PGP key, fingerprint, BTC address, social media accounts, etc.
Keybase: https://keybase.io/
Whole Disk Encryption
Disk encryption is software which protects your information by turning it into unreadable code which can’t be cracked easily by unwanted users. Disk encryption uses specific software or hardware to encrypt all data that goes on a disk or a disk volume. Whole disk encryption is when everything on the disk is encrypted as well as all the programs that can encrypt bootable OS partitions. One thing to note is computers using Master Boot Record (MBR) will NOT have that part of the disk encrypted. Whole disk encryption has many benefits to it. Number one is ALL parts of the disk are encrypted, even the swap space and temporary files which may contain sensitive information. By using full disk encryption, you don’t have the chance of accidentally not encrypting a file since everything is indeed encrypted regardless. Lastly, by destroying the cryptography keys, it will render the data completely useless. It’s not needed on everybody’s computers since everyone has different need, but definitely recommended. Most people have used software called TrueCrypt in the past but that software is no longer being developed.
Warning Please make sure to backup your entire system before attempting to do whole disk encryption in the case of a failure during the process.
File Encryption
File encryption follows the same procedure as whole disk encryption but instead of the whole disk, you are specifically encrypted an individual file or a whole folder. File encryption is a much simpler process that whole disk encryption and can be done with the same software, VeraCrypt. One thing to note is that with VeraCrypt, you can make a much larger encrypted volume (basically extra storage) to put files in and encrypt it as a whole. For instance, I have an external hard-drive which I made a 200GB encrypted volume for so once I type the password for that volume, I can drop anything in and close it. It will now be encrypted until I unlock that volume at another point in time.
https://privacy.net/best-free-encryption…are-tools/
Encrypted Backups
I won’t be saying much about backups but I suggest everyone to keep backs and then encrypt them with this software for added security and to have that safety of being able to restore your system if something were to go wrong.
File/Download Security
File and download security is not something the average user thinks about which is why I wanted to write this section to explain a little bit about it. Hopefully after reading this section you’ll understand more about why file and download security should be a higher priority than most since it’s something the average user will use most.
https://alternativeto.net/category/backu…ed-backup/
Metadata
Metadata is data that describes other data. Now that may sound confusing but think about it from a files perspective. Author, date created, date modified, and file size are simple examples of metadata that almost all documents carry. On top of that, images, videos, Excel sheets, and web pages all carry their own personalized metadata. Metadata is something which could easily give away personal information that you wouldn’t even realize is there. The biggest one that people don’t realize is simple pictures taken on your cellphone camera.Depending on if you have location on or not, metadata can even give GPS coordinates of where the picture was taken. All files contains this sensitive information within them and most people don’t even realize it exists. Thankfully, there are tools out there which can be used to find and delete that information from files. This software is called MAT: Metadata Anonymization Toolkit and will help aid in the removal of metadata from the files that you want to clean.
MAT Link: https://mat.boum.org/
Deleting Files/Information Correctly
I feel like there are many users currently out there who think that by simply deleting a file, it’s magically gone from your computer. This is NOT true! When you delete something from your computer, the only thing you are doing is deleting where it was located on the drive. It’s still within the drive but the location data is no longer there. This is the reason why file recovery software exists, to grab those files you “deleted” and get them back. The correct way to delete something (file shredding) is by overwriting the data. One thing you must understand is that by overwriting previous data/files, this doesn’t remove a files location but instead makes it unrecoverable. For the average user, overwriting a file once should be enough although the NSA recommends 3 times, while the DoD recommends 7 times. It all comes down to preference but some people believe that when you only go over a file once, you miss some of the data so by going over it many times, you get rid of the data that is left over. Here are some of the tools many people use for correct file cleaning and deletion.
Blancco Data Erasure: https://www.blancco.com
KillDisk Data Erasure: https://www.killdisk.com/eraser.html
Glary Utilities: https://www.glarysoft.com/
For people who want an extra step to stay safe, every time you empty your recycling bin, you should shred all files within it.
MD5/SHA-1 Checksums
Before learning what a checksum is, you first need to know what MD5 & SHA-1 are first. MD5 & SHA-1 are common cryptographic hash functions with MD5 being a 128-bit (16-byte) hash value while SHA-1 is a 160-bit (20-byte) hash value. With these two hash type, we can use them to verify data integrity of a file/download. After downloading a file or software is when you are able to check the checksum of the file. The checksum is where the contents of the file get thrown into a mathematical algorithm and output a specific MD5/SHA-1 string. This method of verifying downloads/files is not as good as PGP + signature file but if you cannot use that method, this is a good second. Almost all Linux distros have the commands sha1sum and md5sum built into it. All you do is run these commands against the file in question and it will output the checksum string for you. Once you do this, all you do is compare that to what the download should of been and you should be able to verify if the download was authentic or not.
https://support.quest.com/essentials/too…y-checksum
One thing to note is that MD5 has known collisions. With enough force, this allows MD5 to be broken into.
Social Related
Within this section I will be talking about everything related to interacting with people socially via messaging of some sorts. This section is my opinion on what should be used and may differ from person to person. This will give you a general idea of what you want to be doing while using social related messaging services.
XMPP
XMPP stands for Extensible Messaging and Presence Protocol and is used for communications for message-oriented middleware based on the Extensible Markup Language (XML). Many more people are starting to use this as a main way of communication using programs such as Pidgin to accomplish this. Pidgin is an open-source multi-platform IM client which most people will recommend for XMPP. The main reason is because Pidgin has a simple plugin which you can download that allows you to incorporate Off-the-Record (OTR) messaging into it. OTR allows you to have private conversations over XMPP by using encryption, authentication, and the fact that messages you send do not have digital signatures that a third party can check for. This is a must use plugin/step you need when using any type of XMPP client.
Pidgin Link: https://pidgin.im/
Good XMPP Servers
riseup.net
xmpp.ninja
darkness.su
captio.ch
thedark.army
IRC
IRC, which stands for Internet Relay Chat, is an application layer protocol that facilitates the transfer of messages in the form of text. IRC has been around for a very long time but is still widely used by people all over. Most IRCs consist of a community or group of people with a specific goal/topic in mind. To connect to a specific IRC, you need two main things: the IP to the server and the channel (which has a # infront of it like #channel). There are plenty of public IRCs but most will be private depending on the topic of conversation. When it comes to security and IRC, there are more steps that need to be taken that with XMPP, so I will link a good guide to follow when setting up IRC and explain some good IRC clients to use.
IRC Clients
X-chat
mIRC
HexChat
irssi (Linux cli)
IRC Anonymity Guide: https://newblood.anonops.com/
How good is your opsec? https://www.saymine.com/ checks your email and sees just how many companies have your data, then offers you to be able to request deletion of your data. Very helpful tool.
Email Providers
https://lavabit.com/
https://protonmail.com/
https://www.hushmail.com/
https://runbox.com/
https://onionmail.org/ (my choice)
General Computer Security
This is a section I just wanted to throw in to have my opinion on security related applications for both Windows and Linux. This doesn’t have to do with anonymity but will help users who aren’t sure what type of applications they should use when browsing the web and making sure they don’t get infected as much as they may have using crappy software.
Firewall
Sophos XG Next-Gen Firewall (Recommended)
FortiGate Next-Gen Firewall
PfSense Next-Gen Firewall
Anti-Virus
https://www.privateinternetaccess.com/antivirus
https://cisomag.com/privacy-oriented-antivirus/
DON’T GET VIRUSES ITS NOT THAT HARD USE A VIRTUAL MACHINE OR PAY PENNES FOR AN RDP THERE IS 0 REASON TO USE UNTRUSTED SOFTWARE ON YOUR MAIN SYSTEM VIRUS SCAN EVERYTHING DONT TRUST ANYONE
https://odysee.com/ is a great youtube alternative and I seriously hope more of the youtube community migrates over. Youtube is the only thing keeping me attatched to the google suite at this point.
STEAL PUBLIC WIFI your ip will be a lot less valuble if youre connecting to a public ip. What you can do is buy a long range wifi antenna (https://www.youtube.com/watch?v=C3UttshkkQw) and steal a local business (or neighbor) for their free unprotected wifi, whever your ip is traced, it goes back tho that.
Signal
All communications on Signal—including one-to-one messages, group messages, file transfers, photos, voice calls, and video calls—are end-to-end encrypted. Only the people involved in the communication can see them. The encryption happens between the individual devices using Signal. The company that operates Signal could not see these messages even if it wanted to. Signal actually created its own encryption protocol for this. Even if Signal is subject to a subpoena on you and forced to disclose what it knows about you, the company knows almost nothing about you and your Signal activity. Signal could reveal only your account’s phone number, last connection date, and account creation time.
Check it out! https://www.signal.org/ I wish more people used this over telegram because i truly believe it is superior.
Darknet Diaries
“This is a podcast about hackers, breaches, shadow government activity, hacktivism, cybercrime, and all the things that dwell on the hidden parts of the network” It is a pretty cool podcast and you can learn a whole lot about it. I love hearing about others opsec and often inspires you on how to improve or not get caught.
https://www.youtube.com/watch?v=RrH4qOYt…YfQpT2yUEo
TRUE SCHIZOID CHECKLIST
DO NOT TALK TO THE POLICE YOU KNOW NOTHING
Only communicate to others with pgp encryption over the tor network
Only use open source software audited by yourself
Use burner phones and monthly plans instead of using your moms shitty tmobile plan
Also stop using windows, android, mac, and iphone. Use only a secure linux os like Qubes and and use a custom phone os or android rom like librem 5 lineage os
Only connect to public internet connections
Make sure your systems have a quick way to wipe it even if its locked, and automatically encrypts drives when device is locked
Use an encrypted password file manager
Store your password manager on an encrypted secure usb or hard drive, dont use password managers that require internet connection
Host your own email server, and use different emails for each service
Each account should have unique passwords.
Passwords should be at the maximum potential security for the form
Don’t talk about your operation anywhere on clear web
Don’t tell anyone irl about your operation
Order to drop address abandoned buildings without cameras
Host your own offline cold crypto wallets
Use monero for transactions
Have multiple fake identities on hand (passports id scans)
DO NOT TALK TO THE POLICE YOU KNOW NOTHING
Have secure physical machines across the world for you to use as proxy, vpn, or for remote access if needed
Move to a country NOT under the 14 eyes alliance https://www.securitymadesimple.org/cyber…-explained
Australia
Canada
New Zealand
United Kingdom
United States
Denmark
Netherlands
France
Norway
Germany
Belgium
Spain
Sweden
Italy
If traveling internationally, pay in crypto to fly privatly or use fake identities from drop bank accounts
Spend every day learning something
Study the history of cyber criminals, learn from mistakes of others
Be nice to others on the internet
Give back to the community when possible
Take your meds
Happy learning!