4. Avon:You only got to fuck up once⌠Be a little
slow, be a little late, just once. How you
ainât gonna never be slow? Never be late?
You canât plan for that. Thats life.
20. ⢠put the plumbing in ďŹrst
⢠create a cover (new persona)
⢠work on the legend (history, background,
supporting evidence for the persona)
⢠Create sub-aliases
⢠NEVER CONTAMINATE
24. ⢠Rule 1: Never reveal your operational
details
25. ⢠Rule 1: Never reveal your operational
details
⢠Rule 2: Never reveal your plans
26. ⢠Rule 1: Never reveal your operational
details
⢠Rule 2: Never reveal your plans
⢠Rule 3: Never trust anyone
27. ⢠Rule 1: Never reveal your operational
details
⢠Rule 2: Never reveal your plans
⢠Rule 3: Never trust anyone
⢠Rule 4: Never confuse recreation and
hacking
FREEDOM FIGHTING
28. ⢠Rule 1: Never reveal your operational
details
⢠Rule 2: Never reveal your plans
⢠Rule 3: Never trust anyone
⢠Rule 4: Never confuse recreation and
hacking
FREEDOM FIGHTING
⢠Rule 5: Never operate from your own
house
29.
30. ⢠Rule 6: Be proactively paranoid, it doesnât work
retroactively
31. ⢠Rule 6: Be proactively paranoid, it doesnât work
retroactively
FREEDOM
⢠Rule 7: Keep personal life and hacking
FIGHTING
separated
32. ⢠Rule 6: Be proactively paranoid, it doesnât work
retroactively
FREEDOM
⢠Rule 7: Keep personal life and hacking
FIGHTING
separated
⢠Rule 8: Keep your personal environment
contraband free
33. ⢠Rule 6: Be proactively paranoid, it doesnât work
retroactively
FREEDOM
⢠Rule 7: Keep personal life and hacking
FIGHTING
separated
⢠Rule 8: Keep your personal environment
contraband free
⢠Rule 9: Donât talk to the police
34. ⢠Rule 6: Be proactively paranoid, it doesnât work
retroactively
FREEDOM
⢠Rule 7: Keep personal life and hacking
FIGHTING
separated
⢠Rule 8: Keep your personal environment
contraband free
⢠Rule 9: Donât talk to the police
⢠Rule 10: Don't give anyone power over you
89. Virus (10:30:18 PM): don't start accusing me of
[being an informant] - especially after you
disappeared and came back offering to pay me for
shit - that's fed tactics
90. Virus (10:30:18 PM): don't start accusing me of
[being an informant] - especially after you
disappeared and came back offering to pay me for
shit - that's fed tactics
Virus (10:30:31 PM): and then your buddy, topiary,
who lives in the most random place
91. Virus (10:30:18 PM): don't start accusing me of
[being an informant] - especially after you
disappeared and came back offering to pay me for
shit - that's fed tactics
Virus (10:30:31 PM): and then your buddy, topiary,
who lives in the most random place
Virus (10:30:36 PM): who's docs weren't even public
92. Virus (10:30:18 PM): don't start accusing me of
[being an informant] - especially after you
disappeared and came back offering to pay me for
shit - that's fed tactics
Virus (10:30:31 PM): and then your buddy, topiary,
who lives in the most random place
Virus (10:30:36 PM): who's docs weren't even public
Virus (10:30:38 PM): gets owned
93. Virus (10:30:18 PM): don't start accusing me of
[being an informant] - especially after you
disappeared and came back offering to pay me for
shit - that's fed tactics
Virus (10:30:31 PM): and then your buddy, topiary,
who lives in the most random place
Virus (10:30:36 PM): who's docs weren't even public
Virus (10:30:38 PM): gets owned
Sabu (10:32:29 PM): offering to pay you for shit?
94. Virus (10:30:18 PM): don't start accusing me of
[being an informant] - especially after you
disappeared and came back offering to pay me for
shit - that's fed tactics
Virus (10:30:31 PM): and then your buddy, topiary,
who lives in the most random place
Virus (10:30:36 PM): who's docs weren't even public
Virus (10:30:38 PM): gets owned
Sabu (10:32:29 PM): offering to pay you for shit?
Virus (10:32:55 PM): yeah, you offered me money for
"dox"
95. Virus (10:30:18 PM): don't start accusing me of
[being an informant] - especially after you
disappeared and came back offering to pay me for
shit - that's fed tactics
Virus (10:30:31 PM): and then your buddy, topiary,
who lives in the most random place
Virus (10:30:36 PM): who's docs weren't even public
Virus (10:30:38 PM): gets owned
Sabu (10:32:29 PM): offering to pay you for shit?
Virus (10:32:55 PM): yeah, you offered me money for
"dox"
Virus (10:33:39 PM): only informants offer up cash
for shit -- you gave yourself up with that one
118. Personas
⢠Danger to personas is contamination
⢠Contact between personas (covers)
contaminates both
⢠Keep cover identities isolated from each
other
120. ⢠Fail safe technological solution
⢠TOR all the things!
⢠Back stop persona
⢠Primary cover alias as ďŹrst identity
⢠Secondary cover aliases (eg. handles)
123. Practice
⢠Amateurs practice until they get it right,
professionals practice until they canât get it
wrong
⢠Practice makes perfect
124. Stringer: What you doing?
Shamrock: Robert's Rules says we got to
have minutes of the meeting.
These the minutes.
Stringer: Nigga, is you taking notes on a
criminal fucking conspiracy?
128. Guidelines against
proďŹling
⢠Do not include personal informations in
your nick and screen name.
⢠Do not discuss personal informations in the
chat, where you are from...
⢠Do not mention your gender, tattoos,
piercings or physical capacities.
129. Guidelines, cont.
⢠Do not mention your profession, hobbies
or involvement in activist groups
⢠Do not use special characters on your
keyboard unique to your language
⢠Do not post informations to the regular
internet while you are anonymous in IRC.
⢠Do not use Twitter and Facebook
130. Guidelines, cont.
⢠Do not post links to Facebook images. The
image name contains a personal ID.
⢠Do not keep regular hours / habits (this can
reveal your timezone, geographic locale)
⢠Do not discuss your environment, e.g.
weather, political activities,
137. VPNs vs. TOR
⢠VPNs provide privacy
⢠TOR provides anonymity
⢠Confuse the two at your peril
138. ⢠TOR connection to a VPN => OK
⢠VPN connection to TOR => GOTO JAIL
139. On VPNs
⢠Only safe currency is Bitcoins
⢠because they come from nothing
⢠Purchase only over TOR
⢠http://torrentfreak.com/which-vpn-
providers-really-take-anonymity-
seriously-111007/
145. PORTAL
⢠Router ensuring all trafďŹc is transparently
sent over TOR
⢠Reduce the ability to make mistakes
⢠Use mobile uplink
⢠Mobility (go to a coffee shop)
⢠Reduce risk of wiďŹ monitoring
154. If you think, donât speak
If you speak, donât write
If you write, donât sign
If you sign, donât be surprised
Editor's Notes
\n
\n
STFU\nNeed to Know\nPlumbing\n
The Wire, season 1, episode 5. This show is the most quotable show for OPSEC, evar!\n
\n
\n
“Thwarting enemies at home and abroad” book. Blackmail is basically, don’t allow anyone to have power over you where they can dictate your actions. You ceed control of your actions to someone else, and it will end poorly for you.\n
\n
I love this guide. It provides general guidelines to committing criminal activities and staying out of jail. These are good OPSEC techniques for one activity (smoking weed), but many can be generalized to all criminal^W freedom fighting activities.\n
\n
\n
\n
NOTE: not using code doesn’t mean don’t use cryptonyms (code names). These are very good.\n
NOTE: not using code doesn’t mean don’t use cryptonyms (code names). These are very good.\n
NOTE: not using code doesn’t mean don’t use cryptonyms (code names). These are very good.\n
NOTE: not using code doesn’t mean don’t use cryptonyms (code names). These are very good.\n
\n
\n
\n
\n
#4 - don’t socialize with your criminal co-conspirators\n
#4 - don’t socialize with your criminal co-conspirators\n
#4 - don’t socialize with your criminal co-conspirators\n
#4 - don’t socialize with your criminal co-conspirators\n
#4 - don’t socialize with your criminal co-conspirators\n
#4 - don’t socialize with your criminal co-conspirators\n
#4 - don’t socialize with your criminal co-conspirators\n
#10: control over your actions.\n
#10: control over your actions.\n
#10: control over your actions.\n
#10: control over your actions.\n
#10: control over your actions.\n
#10: control over your actions.\n
#10: control over your actions.\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
This is a violation of the principle of “need to know”. Your lawyer needs to know that you are on probation (for a specific charge). Your criminal co-conspirators do not need to know this!\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
note: example of good opsec, the feds dont’ name the other guy, ‘co-conspirator not named ... herein’. Only people who know who this is are: donncha, the hacker^Wfreedom fighter, and the feds pursuing the case\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
Keep your hacking^W freedom fighting, and family, completely separated\n
\n
\n
\n
\n
\n
\n
\n
directly connecting to the target from your home IP? Are you out of your fucking mind!\n
directly connecting to the target from your home IP? Are you out of your fucking mind!\n
directly connecting to the target from your home IP? Are you out of your fucking mind!\n
directly connecting to the target from your home IP? Are you out of your fucking mind!\n
directly connecting to the target from your home IP? Are you out of your fucking mind!\n
directly connecting to the target from your home IP? Are you out of your fucking mind!\n
colloquially, don’t shit where you eat.\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
They call them warning signs for a reason...\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
They call them warning signs for a reason...\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
self incriminating confession == bad\n
\n
Interrogation tactic: appeal to pride, ridicule the hacker’s abilities, encouraging him to “correct” your misperception of him... and in the process, confess. DO NOT TALK TO POLICE!\n
\n
\n
\n
\n
\n
\n
\n
\n
\n
credit: ben nagy found this pic, i stole it from him cause my conference talk is first, :D\n
\n
NOTE: he’s wearing a mask. \ncredit: ben nagy also found this photo. \n
