> As soon as you connect to the internet, there is a vast surveillance infrastructure tracking your every move. Even the most hackery of hackers have trouble moving in complete anonymity.
> For most of us, however, our brains assume our pre-internet intuitions are still accurate. That what we do in our own home stays private until we decide otherwise. We feel violated when we discover how much is known about our online activity.
I am not -- in an meaningful sense -- a "hacker". I'm a reasonably technical guy. And I know how to use a bunch of tools. But "hacker"? No way.
So, my first point. Assuming that "what we do in our own home stays private until we decide otherwise" is foolish. Unless you include implementing strong OPSEC in "decide otherwise".
And second, you need not be a "hacker" to avoid surveillance. You just need to learn some OPSEC, and how to use a few simple tools. The core point is never communicating (saying, writing, imaging, etc) anything without a studied awareness of who might be observing.
I have a few Internet-facing machines. One is plain-vanilla. Just a box with basic apps, sitting behind a pfSense firewall. But of course, with no WiFi. The others, each on its own LAN, run VirtualBox, and host various VMs.
There are some low-security VMs, which reach the Internet through nested VPN chains. Which are implemented with pfSense VMs as VPN gateways. That's what Mirimir, and some of his sub-personas, use. They basically just talk about stuff. And do some consulting work. But nothing at all iffy.
Then there are a bunch of Whonix instances, which reach Tor through those nested VPN chains. That's where I do whatever interests me, with no concerns about consequences.
All of these machines are full-disk encrypted. And they're on a UPS, with a kill switches on my desk, and in the kitchen and bathroom. Although I mainly focus on being hard to find, I am prepared for discovery.
I'm not prepared, I admit, for sitting in prison, after refusing to reveal decryption passphrases. I'll probably claim ministroke and memory loss, but that damn iffy.
And then there's my physical workspace. It's basically a walk-in closet. My desk faces the door, and there's a wall behind me. There are no windows.
I painted all of the interior surfaces myself, using black EMF-blocking paint (carbon plus Al dust). For the wall behind me, I applied a series of bright washes, using custom-mixed colors.
It's locked when I'm not using it. And I live in a multifamily building, in a very cohesive community. So there's very little chance that adversaries could secretly plant bugs. They'd need to enroll or compromise one of my neighbors. That's not impossible, I know. But hey.
Anyway, my point is just that you need to keep in mind, always, that adversaries are trying to snoop. And act accordingly.
> As soon as you connect to the internet, there is a vast surveillance infrastructure tracking your every move. Even the most hackery of hackers have trouble moving in complete anonymity.
> For most of us, however, our brains assume our pre-internet intuitions are still accurate. That what we do in our own home stays private until we decide otherwise. We feel violated when we discover how much is known about our online activity.
I am not -- in an meaningful sense -- a "hacker". I'm a reasonably technical guy. And I know how to use a bunch of tools. But "hacker"? No way.
So, my first point. Assuming that "what we do in our own home stays private until we decide otherwise" is foolish. Unless you include implementing strong OPSEC in "decide otherwise".
And second, you need not be a "hacker" to avoid surveillance. You just need to learn some OPSEC, and how to use a few simple tools. The core point is never communicating (saying, writing, imaging, etc) anything without a studied awareness of who might be observing.
I have a few Internet-facing machines. One is plain-vanilla. Just a box with basic apps, sitting behind a pfSense firewall. But of course, with no WiFi. The others, each on its own LAN, run VirtualBox, and host various VMs.
There are some low-security VMs, which reach the Internet through nested VPN chains. Which are implemented with pfSense VMs as VPN gateways. That's what Mirimir, and some of his sub-personas, use. They basically just talk about stuff. And do some consulting work. But nothing at all iffy.
Then there are a bunch of Whonix instances, which reach Tor through those nested VPN chains. That's where I do whatever interests me, with no concerns about consequences.
All of these machines are full-disk encrypted. And they're on a UPS, with a kill switches on my desk, and in the kitchen and bathroom. Although I mainly focus on being hard to find, I am prepared for discovery.
I'm not prepared, I admit, for sitting in prison, after refusing to reveal decryption passphrases. I'll probably claim ministroke and memory loss, but that damn iffy.
And then there's my physical workspace. It's basically a walk-in closet. My desk faces the door, and there's a wall behind me. There are no windows.
I painted all of the interior surfaces myself, using black EMF-blocking paint (carbon plus Al dust). For the wall behind me, I applied a series of bright washes, using custom-mixed colors.
It's locked when I'm not using it. And I live in a multifamily building, in a very cohesive community. So there's very little chance that adversaries could secretly plant bugs. They'd need to enroll or compromise one of my neighbors. That's not impossible, I know. But hey.
Anyway, my point is just that you need to keep in mind, always, that adversaries are trying to snoop. And act accordingly.