Removed as it is just an empty project with 2 markdown files.

I’ll use a chinese mail provider just to piss you off.

Does GrapheneOS (non-WebUSB install of course) and a no-proprietary-firmware POWER9 desktop exemplify the kind of overkill you are thinking of?

QubesOS is also something in the borderline paranoid realm, though I think it still requires x86, which has either Intel ME or AMD SP, pick your poison. There is definitely a desire to port Qubes to POWER9, but it is still a ways away, as far as I know.

In the meantime, there is always OpenBSD, which represents more so the approach of programming carefully and with simplicity, at the expense of having fewer “layers” of security. At least that is my impression; I think that is why OpenBSD has avoided importing ZFS or MAC (Mandatory Access Control) into its code.

There is a dude on Youtube with the channel TechLore, he’s an archetypical Californian soyboy, but he has a full course on op-sec (or “guide to privacy” I think he calls it) named “Go Incognito,” which gets everything from the basics that even normies can follow, up to the most ridiculous browser hardening and OS telemetry debloating (on macOS and Windows). I don’t remember him getting into Linux hardening (he’s a mac user, lol), but he does recommend Tails and Qubes as they were intended. He does have the basics of op-sec laid out very clearly (questions to put, threat modeling and approaches to make). Annoying as he is, he does make great privacy tutorials, I won’t take that away from him. And lately, his (and Nate from TheNewOil) coverings of “Surveillance Report” gives more privacy and security insights than Level1 News does lately. But it’s definitely not as humorous as Ryan’s commentary (I just love pro-criminal tips and other such intro / outro punchlines).

Graphene is an interesting OS, but I don’t like Android and don’t really trust it, even if it’s a great alternative like Graphene is. A POWER desktop with any Linux on top running separate VMs for separate tasks should be ok enough. Going even further, make that multiple POWER desktops and separate them at a hardware level.

I find OpenBSD to be the most secure OS, but not as privacy oriented. Sure, privacy is something that humans have to take action to protect, but security is something that the software has to be capable of (well, more like, not be vulnerable). Having a low attack surface makes it harder to compromise and it is the approach that Wireguard also has taken and is now becoming a standard. This KISS philosophy is also the reason why Suckless Software is growing in popularity. Being simple means less bugs or unexpected stuff happening. Need more features? Follow the Unix philosophy and just make programs talk to each other, instead of making one big software. I believe this is the best approach to security, software stability and computing efficiency.

If you want privacy, you have to get into more complicated systems, such as sandboxing, which introduce complexity. Or better yet, just use different hardware for different tasks and never have them share the same network or have other shared resources, unless they must have (and if they do, separate those in different networks and never allow them to talk to each other). I believe the best approach to privacy and security is to firewall, blacklist everything, have a PC running i2p and nothing else and allow only it to go outside to the internet, have a separate device in another network that is only allowed to access i2p on its port and nothing else (and if needed, update your OS and programs through i2p, there is support for Ubuntu and Debian to do this).

Don’t depend on firewall software on the OS you are using (as in, the desktop and the i2p box), have a separate box, preferably running OpenBSD and pf. However, keep using the one on your desktops and servers as well, it’s not bad having both a network FW and a local FW, especially if it’s not the same one (pf and nftables).

If you are autistic enough (and you probably should be in this insane op-sec case), also add ebtables to the mix and filter by MAC locally. Prevent layer 2 attacks. I’ll use the Cisco terminology, because that’s what I know, but these are available on other providers under different names. Always use VLANs or use different switches between network segments. Enable Port Security and have limited number of MAC addresses connected to your switch. Don’t use any wireless connectivity (if you do, separate it from your secure network and if you must, add a 3rd and 4th router / firewall to the mix to block access from the untrusted network segment to the firewall on the trusted segment, albeit one isn’t as needed for the insecure networks if they are separated enough). Only allow a MAC address you know on the port and nothing else. Prevent DHCP starvation attacks. Use MAC filtering on your DHCP server. Also enable DHCP Snooping on your switch to prevent rogue DHCP servers. After this, enable dynamic ARP inspection to avoid ARP attacks. Then enable IP Source Guard. Remember on Port Security to also enable PortFast and BPDU guard, to avoid VLAN hopping.

At layer 3, block DNS and NTP, they are no exceptions to the “blacklist everything”. Have a separate device running a NTP server for your network (OpenBSD OpenSMTPD). And again, only allow traffic to it on port 123 and nothing else. And only allow it to connect to a NTP server on the internet you trust on port 123 and nothing else. Have a local mirror for your OS repo, like for OpenBSD for your network devices and whatever Linux distro you choose for your desktops.

And when I inevitably decide to ditch JS completely from my life, I probably won’t frequent L1 Forum (Discourse is cool software, but it’s complex, we can do things easier with things like IRC, or when it’ll be available in I2P, Matrix). But if you do decide to move your life to the dark web and only use eepsites, to obfuscate the origin of the traffic, the bare minimum is have a separate device just for this and nothing else and prevent it from going anywhere on the internet, to avoid exploits and workarounds that make your hardware try to ping a honeypot server to identify you. I haven’t been to I2P in years now, I don’t know what stuff is out there now. I remember going to IronGeek’s site and to some communist webpages. And there were lots of conspiracy theory documentaries and pdf files available to torrent (I remember they didn’t sound interesting at the time, so I never tried downloading them).

Regarding this, I believe that even if you have untrusted hardware, you can kill off remote access and exploits to it if you severely lock down your network. Run OpenBSD as firewall on Pine64 / Rock64 / RockPro64 / RPi 4 and on a Talos II / Blackbird hardware (have 2 firewalls with different architectures). An adversary would have to first pass your POWER9 firewall to get to your i2p server in the DMZ (which can run on either a POWER9 board or an ARM SBC), then have to break your second firewall to access the desktop you are using to browse the dark web. Conversely, if your browser gets exploited (not that hard, when browsers are so bloated), it will have to pass 2 firewalls to try to ping to any honeypot through the clear web.

I really miss the days when the internet was slow not because of bloated http, but because we had slow single-core CPUs. Back when I used I2P, I got a feeling of nostalgia (I had NoScript enabled, but nothing I had visited required JS, just had to refresh the webpages, it was beautiful).

Qubes on a machine with coreboot and disabled intel ME is about as good as most people can get without a whole ton of expense. Why is POWER9 important if you can disable the ME or use a machine without it?
If we are talking paranoia here, it’s much easier to get a T430 or X230 Thinkpad local, anonymously, in cash, and coreboot it yourself, than it is to get a POWER system and make sure it hasn’t been hardware tampered with by the glowies in transit.

Intel ME can’t be fully disabled starting from Sandy Bridge or the last version of Core 2, IIRC (or was it Haswell? don’t quote me on that, I wasn’t that interested in it to read too much into that). But again, you can use x86 as long as you cut off all the traffic to and from it, except 1 or 2 ports. But you would want POWER9 or even an ARM CPU for your firewall specifically because the former is open hardware and runs open firmware, while the latter is more simplistic than x86 and has a really small chance of actually having backdoors built-in, albeit it’s not out of the question (but again, really slim chances). RISC-V would be ideal, as it should be cheaper and as open if not more, but you should work with what we currently have.

Rolling secure hardware will either have you looking like a trash lord or like a weird collector of embarrassingly unsupported hardware. The former, as the title states, is cheap for the end user, while the latter, as I guess the title also states, is going to be egregiously expensive.

How To Choose A Machine

What OS do you want to use?

You have a few options here.

• Linux

• BSD

• Solaris

• Reddox

• AROS Based Systems

What Is Your Goal?

Depending on the job you want the machine to do, and on your budget, you can either go really old and basically build a highly efficient appliance out of 5 dollars and a dead canary or two, or go really new and do anything you want… supposedly. I am trash king status so I can’t really tell you what the new stuff does.

• Modeling

• Gaming

• Creativity

Any of these can be done, though you probably want to be careful as your processor platform of choice could be loose of support, either being dead in the water as its too old, or no one uses it.

Architectures You Could Use

• Power

• PPC

• X86 (yes, it is possible, not 64 bit though)

• SPARC (Good Luck)

• ARM

• RV (if you’re lucky)

• MIPS (if you’re batshit)

Power, PPC, SPARC, some ARM platforms, RV, and some MIPS platforms have the ability to be secure, or are naturally secure. Meaning they are open platforms, naturally hardened because modern exploits don’t work on them, or esoteric enough it won’t matter.

Equally some hardware platforms are easy to get, but may not be secure because of other features of the machine. I would trust a Pentium M any day, I would not trust any manias machine, any 925, 35, or 45 MOBILE chipset, and I would be judging the other IC’s in the system super hardcore.

There are parts of systems that can be ripped out of course, and then you are missing features, but you tighten security.

Desktop

PowerMac G5 2.5ghz 2x 970MP cores

PCIe - GIGACCEL / MediaTek Accelerators

…GPU (RX480 8GB / GTX 1060 6GB [compute] + RX 5500XT [display]

…USB 3.1 Breakout (NUO based if possible)

4-16GB Ram options

Sata 2 / 3 card / RAID/HBA Unit

OFW upgr to OpenBIOS 314/316

NVMe Available

Use the accelerator to handle extra processes the main CPU could otherwise do, with whitelisting on your processes and apps that would run on it. Use your GPU [compute] for anything 3d, and your GPU [display] for plainly displaying the system. Depending on your setup, you can pass hardware thru.

You can get more and more in depth. Choose out your USB controllers, network controllers, and all that, and make sure cache can’t be cross-accessed. There are common machines that are more secure than uncommon machines that are more desireable. Look around.

Just some basics, nothing big

Oh screw that then run risc OS on a T4 type relay computer and just don’t give a shit afterwards.

Thinkpad concerns

Thinkpads can be good because they are better understood than most laptops, but remember that even Libreboot might not itself a be panacea for your paranoia; the Embedded Controller (EC) on a Libreboot-ed Thinkpad is still usually running proprietary code. The Libreboot site once linked to a work-in-progress opensource EC replacement project, but sometime after May 02 that link has been removed.

The Libreboot hardware documentation actually recommends temporarily installing the updated proprietary CPU firmware/BIOS because it also updates the proprietary EC firmware. A bit ironic, to run proprietary code to install newer proprietary code somewhere where you will not be able to change it, because the EC update mechanism is not understood, all in the pursuit of of having a device with less proprietary code on it.

POWER9 v. ‘a RISC-V chip’

I mention POWER9 because it is a specific CPU that we know does not require proprietary firmware, rather than an ISA like x86, ARM, or RISC-V. You can certainly build a proprietary RISC-V chip, or really with any ISA unless the ISA itself is licensed with some sort of legal restriction like a hardware version of GPLv3.

For example, just because WD and Oculus are members of RISC-V and your next HDD, SSD, or VR headset might be built on RISC-V chips, it does not mean the firmware for those chips will be opensource, or even that it will allow you to run self-signed or unsigned code of your own at all.

To run with the GPLv3 comparison, your next Tivo might be RISC-V, but that does not prevent Tivo-isation.

Add-in cards and device concerns

That does bring up the fact that many other components, like controllers for networking, USB, Firewire, SATA/SAS, or devices themselves like keyboards, mice, HDDs, SSDs are themselves often running poorly-understood proprietary code.

PCIe device/controller and IOMMU considerations

In Blackbird/Talos II (POWER9) circles, the opinion seems to be that the risk of potentially malicious PCIe devices can be kept in check with the IOMMU and encryption. If you cannot trust, but must use, a PCIe device, keep it from modifying foreign memory via IOMMU; if your NIC is suspicious, then be sure to use transport encryption (TLS/SSH/etc.) when possible; if you cannot trust your storage or its controller, then use Full-Disk Encryption (FDE) and set Petitboot to only boot your own GPG-signed and encrypted kernels, thereby preventing any theoretical MITM attack from your HDD or SSD.

Outside of POWER9, I think IOMMUs tend to group devices together, which might (again, theoretically) allow covert listening if your sound card and NIC share an IOMMU group and can talk to each other directly via DMA or something like that. I do not think POWER9 does that, because each PCIe device is a connected directly to the CPU as a separate endpoint; no bifurcation or chipset is involved.

USB considerations

With the above in mind, USB starts to look a bit concerning… how isolated are your USB devices from each other? Can a malicious hub or adapter listening in to keystrokes exfiltrate them somehow?

Again to bring up the Blackbird/Talos II board, it specifically uses a USB 3.0 controller (xHCI) which HLandau (who performed the reverse engineering of Blackbird/Talos II’s Broadcom NIC) has stated has no firmware. This is not always the case with USB 3 controllers; you can see the Coreboot wiki’s Binary Situation page and its references to USB 3 (xHCI) controllers, and how:

For example ME or USB 3.0 firmwares are always-on, as they operate concurrently with the OS.

Having no firmware is not foolproof, the hardware could be designed to operate maliciously, but it eliminates the ability to target a specific user with a “personalised” back-door, and makes any backdoor more likely to be discovered and more fragile; hard to imagine a chip errata stating, “there is a bug in our hardware backdoor, please fix it in your driver”.

Even on a platform with a trusted, non-backdoored USB adapter or hub, is the USB spec actually guaranteeing that that there can be no communication between devices on the same bus?

Normal functionality to be aware of

Some curious features of hardware I keep in mind when theorising like this:

• USB on-the-Go; if a hub/adapter manufacturer reuses a chip that was initially designed for USB-otG, maybe a USB device could trick the USB hub/adapter into becoming the host and talk to other devices that way?
• Some devices use PCIe Option ROMs, which could be loaded by the firmware. Microsoft has a page about this for UEFI that I have been planning to read: UEFI Validation Option ROM Guidance | Microsoft Docs
  On POWER9, this is probably less of a concern since it is unlikely that a device will have a Power/PowerPC Option-ROM.
• Host Protected Area (HPA) / Device Configuration Overlay (DCO) - ATA (and potentially other protocols like SCSI, NVMe) can define areas of a drive that can be hidden from normal disk access.

Regarding security…

Most of the stuff in this thread, and the stuff in the GitLab only deals with technical protections, which are the weakest form of protections.

Way more important than having a “secure machine” is having a security concept, and knowing against what types of attacks you can actually protect yourself, and which are useless to try and protect against.

At the end of the day, you’re vulnerable to some attacks - learn to deal with it. Minimize the risk a compromised system is to you. Assume your system is compromised.

DON’T try create a “secure” machine, and trust your life with it.
In fact, don’t ever trust a single computer.
Not even your ancient calculator wrist watch
If you need a secure computer for secure things, get a second one.

NEVER assume your “daily-driver” is secure
You can try your best to create a secure machine, but the machine won’t be protected from you. All you can try to do is reduce your potentially negative impact on your computers security. Everybody sometimes “just installs a few packages” just to get something working, and this is fine. Just don’t assume your computer is as secure as before afterwards.

If you think you’ve got a “secure system”, and that you can “sleep soundly” as the OP suggested, you’re simply wrong.
If you think having full-disk encryption and no Intel ME on all open firmware will protect you from the TLAs, you’re simply wrong - there is no such thing as effective protection from them from a technical standpoint.

There is no such thing as protection from an Evil Maid attack - If you can unlock and use your device, somebody else can as well. Your device can be modified in so many so creative ways, no TPM, attested boot etc. will ever protect you fully.

You proof to your machine that you’re you either by knowledge(typing in a password only you know), by possession(you own a hardware token), or by biometrics(Your literal fingerprint).
None of the above can protect you against a TLA - They can force you to give a password, token, fingerprint, or all of the above.

A legal guarantee that they won’t extract such things in an illicit manner is worth exactly nothing in this case: They get your password by whatever means necessary, then write a post-it note and attach it to your computer, then say you left it there(Reverse construction, in reality probably more subtle).

A TLA doesn’t need a million-dollar exploit to “get you” - They need a police van and handcuffs. And they can do it legally.

For almost all things you could’ve done they won’t go as far as they could - Because the incredible cost to them, and the problems they face if caught doing immoral things.
Just don’t make it (seem) worth the effort for them.

BTW, this does not only hold for TLA. Criminals actually have it way easier, they don’t have to get permissions to do such things - If you watch the L1 News you surely heard the stories of rich crypto-people getting “crypto-robbed” at gunpoint - No amount of “security” in your device is going to protect you from that(Maybe get a daily spend limit or something?)

You should still try to make it more difficult for them. There is no excuse not to have your HDD encrypted, or have your browser blast out to everyone who you are etc. - Most of the tips in this thread are good practice. But don’t feel insecure because you’re not comfortable flashing coreboot on some old laptop - The scenarios that this actually protects you from are very rare. If somebody even gets to interact with your BIOS, simply assume you lost(That even holds after a coreboot install).
If you’re worried about your Intel ME 0wn1ng your computer simply don’t allow it network access.

**Do your research! Use more than one source! Don’t just believe some glowie internet bozo! **
Oh, and keep in mind that badly implemented “security measures” can bite you as well, by loosing data or just looking more secure, while not actually being more secure, or at worst, being less secure. Better not do something if you don’t understand it enough.

Another very important thing with computer hygiene in general in minimalism - If you don’t absolutely need it, don’t use it.
This is not only true for “software”: e.g. if you’re worried about the TLAs, don’t leave drugs etc. at your house, or anything that could be construed against you, even if completely unrelated to what you’re protecting.

Conclusion:
Let’s face it:
All the technical measures are good for protecting against mass surveillance, but that could be archived with less.
And they’re at best only partially reliable when really protecting against a TLA that is after you, which makes them worthless.
Even the TLAs themselves don’t have “perfect security”, because that doesn’t exist(See also: all the leaks, all the time).
It is still really interesting, and for the people with the time and interest I can only recommend doing these things(I have a thinkpad running coreboot, not because I’m afraid of the big bad TLAs of the world(I am, and so should you!), but because it’s incredibly cool and fun to setup, AND gives some extra protection.
But if you were some kind of whistleblower/spy/drug kingpin trying to secure your computer against some TLAs with tips from this thread, you have the wrong approach.

Wow, this turned into quite a rant(This thread is called paranoid schizophrenic, right?).
I’m incredibly sorry anybody had to read that, and hope nobody from this community ever gets to test it

The Go Incognito course (link in my first reply) details how to do op-sec. If you’re curious to watch it all, you will see attack vectors follow human vulnerabilities and how to deal with them (up to and including not trusting your friends and family with sensitive information, not because you don’t trust them to keep them secret, but because you don’t trust their security model, which could get your data compromised). It’s a good presentation overall.

If we are to assume this, we would have to dispose of them (basically the fallacy of “if you don’t trust it, go live in the woods”).

Actually a good advice. Daily drivers are used for all kinds of random web navigation and opening files, you can’t know what kind of dormant malware you could get. They’re basically the most vulnerable machines, if you exclude the test VMs people use to install spooky looking stuff, just to see if there’s anything wrong with the packages. A second, third, forth device, dedicated for certain tasks is better. Way better than simple virtualization if we get paranoid enough.

Not necessarily true. A strong enough will can resist torture (up to the point where one might even forget the passwords due to trauma). Biometrics are the most insecure and the easiest to compromise, just look how many drug dealers were caught by posting some random pics online containing their fingerprints (cameras these days have a huge resolution). I don’t believe there is no fingerprint printer out there that takes as input random finger pics and prints out gloves (same for eyes and eye contact lenses). And hardware tokens can be found and stolen. So your best bet is still a very strong, unique password, combined with a hardware that has anti-tampering features built-in (and also require your special sauce to disable), as to prevent hardware keyloggers by detecting alien hardware when present (of course, then there’s the other theoretical methods of data exfiltration, like sound-recording keyboard presses).

True. Governments operate outside their own laws and any restrictions on paper will do exactly jack- about them. They have a monopoly on violence and a perceived authority in people’s minds. You cannot fight that, so you’d better do nothing to annoy them (but there’s been many cases where people have done nothing and still managed to be guilty of something, power attracts the corrupt and the corruptible).

Again, if you are ready to face any consequences, including death, your data can be secure.

They don’t care about “getting caught” doing immoral things. They daily bomb brown people and spy on innocent people at home and abroad. They have massive propaganda operations to win the support of the majority (support in this case just means "getting people to be passive about their wrongdoings, not necessarily being actively supportive).

I strongly believe it’s the other way around, because the TLAs have 0 incentive to act morally and have nothing to fear, unlike criminals. They will just hold “internal investigations” and conclude they did nothing wrong.

Which is why anti-tampering hardware is important. If you are paranoid enough, just make a shock bomb for your own device, put it in a drawer or safe, if it gets opened without a procedure, it fries all electronics inside, leaving the data inside unreadable (just make sure you don’t affect anyone around, potentially lethal booby traps are not cool with me and neither with most TLAs - and you don’t want to see what happens when you even as little as scratch or spook one of them).

Sure thing, Mr. FBI Agent, thanks for the kind tips

This ^

I wouldn’t go as far as “trusted,” but only as “reasonably trusted / reasonably secure.” If you blindly trust something just because you built it and you know each and every thing inside it (up to and including building your own silicon in the backyard), then you’re in for some fun.

And yes, I agree with you. The point is to stay as private as possible, lay low and not get too much attention (if you’re a criminal, you will get caught, that’s how things work). Being secure and private has some definite advantages, like avoiding identity thefts and getting you out of trouble with abusive TLAs (not sure where I heard this, probably in the L1 News, you jog around a building where there’s a crime going on, you bluetooth or wifi MAC addresses get recorded and suddenly you’re on a watch list for no fault of your own) and many more things.

Yes. BUT a hypothetical TLA knows that. They don’t even need to torture you. Do you have loved ones? Friends? Family? They don’t even need to torture them, they just need to promise you that they make their lives as miserable as possible. Your own pain threshold is something completely different than inflecting something like that on others. Of course they still can’t force you give out a password - Just for most people the option of potential Jail time is the better option.

So, theoretically you can’t be forced to give out a password, but practically everybody’s vulnerable. Kind of reminds one of Mob tactics, doesn’t it?

Most people aren’t willing to go that far.

They do, but not because of some moral values.
Having people know about their doings works against them in many ways. If they have a reputation for being immoral(or corrupt, etc.) makes it way harder for them to stay unnoticed, recruit new people(This is a real issue, BTW!), get net budged requests through, etc.

Now, getting press to be on your side, that is the real issue here. And you can’t plan on that, which kind of makes my point mood.

Criminals don’t have it easier in general. TLAs have the infrastructure, the knowledge, the will, and the history.
I meant specifically the give-me-your-password-at-gunpoint thing.

It’s not. If somebody had physical access to your machine you lost. No anti-tamper hardware is going to protect you effectively.
Booby traps can only work if your adversary does not know about them.
Same goes for self-destroying hard drives etc. - Did you know you can buy NAND flash with built-in gunpowder? Still won’t protect you though.

The sophistication of possible attacks is just to high if you assume a TLA really wants to get you. Crypto keys in RAM? Secure enclave? They’ll bore a whole in the lid of your RAM/CPU, pour liquid nitrogen in it, pull the power, and analyze the keys with a Scanning electron microscope. Seriously, attacks like that have been demonstrated.

Not an FBI agent, sadly(Or any glowie, for that matter). They would get paid to write this stuff
Just don’t trust me more than I trust you.

No. You have to interact with a lot of systems that are potentially compromised. Ever wrote an email, forum post, or gotten money from an ATM? There are so many computers in these kinds of systems, I can’t tell you if one of them might be compromised.
Of course potentially is the key here, if you find TLA malware(You’ve got a good eye… ) of course you should get rid of the device, but probably not before talking to a lawyer.

My point is, before you use a device for anything, but especially compromising things, make sure you would know the impact of the compromise. If all you do is watch pr0n and netflix(The lonely version of netflix and chill) you don’t need to worry much.
If you’re a crypto gazillionaire accessing a large fund of money, I’d think twice about accessing my funds, even if I had a device that I mostly trust.

The problem really is that there is no such thing as perfect security.
The person that can and has read and deeply understood every line of code, every transistor on a chip, and every system that interacts with any of that doesn’t exist. If you claim you do, you’re either some hyper-intelligent super-AI, or you’re plain wrong.
If you want to do secure things on a computer, NEVER ASSUME PERFECT SECURITY.

I mean legit we JUST started this…

True, but irrelevant. The point of this thread is to canvass ideas for improving opsec. Improving. Not perfecting. Improving. It matters not one iota that neither X nor Y nor Z are perfect. What matters is that they are all better than nothing.

It is up to the individual to consider their own circumstances and decide what, if anything, from this thread is of value. That’s not your call to make.

Shooting down ideas on the basis that they are “not perfect” is counter-productive. Even if you are right. A defensive layer that is only 24% effective is still better than no layer at all. It is entirely possible to add enough layers to opsec for an individual to be confident that what they have in place has raised a sufficiently high barrier to withstand the threat(s) they are personally concerned about. That’s what SECURE means in this context. It doesn’t mean 100%. No-one cares about 100%. “Perfect security” is not relevant to the discussion.

“Thin clients” booting over wireless.

Have a laptop with WiFi and a lot of RAM, but no onboard storage (HDD or SSD). Configure the BIOS/UEFI to retrieve the boot image wirelessly (using TFTP or similar). You end up with a long boot time, but once booted your entire operating environment resides in RAM.

The laptop’s battery acts as a UPS, so no unexpected power interruptions (and subsequent data loss) should occur.

All you need to do to completely wipe your system is power it off or pop the battery out.

If you use your laptop on a table most of the time, you can deliberately break the battery retention clip, so that unless it is picked up in a very specific way, the battery will simply fall out. Thus if someone attempts to steal/seize your laptop, it gets auto-wiped the moment it gets lifted off the table.

Since booting is over WiFi, the actual server that holds your operating system, and all of your data, is located somewhere else… where “somewhere” could be, in effect, anywhere — a different room, underground, a different building, a different town, city or even country.

A non-booting laptop with no internal storage will take a sufficiently large amount of time to examine and understand that, if and when the means of operation is finally deduced, a deadman’s switch (or similar protocol) has already activated to safeguard all remote data.

For bonus points, actually have internal storage but configure your system to never mount it. Take a payload and encrypt it in the strongest way possible. Then encrypt that with something weaker. Then something weaker again. Repeat a half-dozen times so you end up with something like a Russian nesting doll of encrypted/encoded layers. Have that file be the only thing stored on the drive. Since the weakest layer will be on the outside (perhaps BASE-64, ROT-13, or similar) anyone examining the drive should be able to peel the outer layer relatively easily. The next one should be doable, but a little trickier. The typical mentality of people examining such drives, driven by easy and early success, should guarantee that they will spend inordinate amounts of time and effort trying to unwrap the whole thing.

Of course, your ‘payload’ would probably have to be a copy of…

May as well mess with ‘their’ heads for a change.

The best opsec (legit guide 2021):

1. Don’t use electric - at all
2. Grow your own food, only using open-source soil and water (compiled from source)
3. Be born && die before computers / databases / the internet were even invented

E.Z., follow this guide and you will be fine :^)

I posted about such things, because those are the interesting protections to me, more of them have general applicability, and they are things one could actually fix rather than mitigate.

Having multiple completely independent setups of devices in Faraday cages, with (if you want to take a quasi-psychological approach) entirely different keyboards and distinct surrounding decor to prevent even accidents of unconscious mistaking of one setup for the other and entering information (passwords, site visits, etc.) in the wrong domain is perhaps the ideal, but at some point it really just becomes a game of maximising separation to impractical degrees.

I think it is far more beneficial to primarily try to fix surveillance/tracking with technical fixes that more people can easily benefit from. Surveillance, be it foreign, private, or public-sector, will only become easier and more automated over time, and I worry that mainly focusing on buying more computers will not really improve the situation as a whole, whereas technical approaches can create a market for computers which are themselves safer.

As I see it, privacy/security/opensource enthusiasts will always be better protected, but work on technical solutions can act as a proving ground for privacy technologies that less niche users may be able to use. For examples, ad-blockers, the Signal protocol, and full disk encryption come to mind.

That said, I am all for hearing interesting ideas for improving the human component, but as just maybe ease up a little on the fatalism?

I think relative benefits could be interesting to discuss, as long it is a discussion and not just a continuous cycle of, “this sucks.”, “No this sucks”, “go live in the woods”.

Tam, ta ra ra, ta tam and he’s done it. I don’t like shilling for other channels other than L1T, on their own forum nonetheless, but this is good:

It’s not a step-by-step tutorial, but more of an overall “things to do.” It has links to some good resources, like the NSA Linux hardening docs.

Some of the things in the video are debatable, like flatpak, VMs, Whonix and Qubes, but overall it’s ok.

Instead of breaking battery retention clips, maybe use this tool and keep a usb device in a loose port tethered to your wrist or belt?

So basically we need to live in Minecraft?