Home Upgrade Search Memberlist Extras Hacker Tools Award Goals Help Wiki Contact

HF Rulez the UniverseHF Rulez the Universe
code vending machine
opsec operations security privacy personal info PI

Maintaining OPSEC (Operations Security) & Privacy Online

Posted Apr 4, 2024 10:51 AM
OPSEC, or operational security, is a combination of concepts that help you protect yourself online. For example, just using a username like 'nodes' instead of my full personal name is an example of very basic OPSEC. A more advanced example would be using a VPN to browse Hack Forums, talk to people off-site, etc. How much you need to implement is based on what you are here for, probably your local/national laws, and who you are. Not everyone requires the same level of OPSEC to keep their identity safe, and some users may not even care about it at all.

Good Ideas for Maintaining OPSEC
  • Pick a username that isn't tied to any other online profiles of yours
  • Use an email you've never used elsewhere
  • 2FA on a separate device than your personal
  • Use a VPN
  • Crypto or gift cards for all online purchases
  • New Chrome/etc Profile
  • Avoid over sharing personal details
  • Do not play games, chat off-site, join networks, etc where you identity there is tied to your personal info
  • Avoid using personal name, birthday, or other details in username
  • Refrain from oversharing about personal life, location, job, etc.
  • Don't too much context / extra info. For example, saying you are the pitcher on a softball team with Lucy, Sally, and Emily may be enough to find you.
  • Avoid using your personal wifi, or workplace IP on unknown sites/apps
  • Do not share your personal Git, LinkedIn, portfolio website
  • Don't use your debit or credit card for purchases

Avoid Accidental Exposure
  • Visiting an unknown website - exposing IP
  • Opening or viewing an embedded an image not hosted on known websites
  • Video calls, sharing selfies, etc
  • Don't open a Google Sheet, Slide, Doc, etc from personal profiles
  • Don't enable autofill on web pages (sites can detect values, log it)
  • Opening unknown programs, bat, or executables
  • Scan any files, attachments, etc
  • Do not open unknown links - even "fake-example.com" can return a file on its homepage that auto downloads
  • Don't enable auto download or auto open on download complete settings

Limit Discoverability
  • Dictionary word username are harder to search for sup3rCU5t0m (super custom) names are easy to find
  • Unique signatures, titles, etc leave a search trail
  • Specific phrases, speaking styles, font colors, thread formats, create your signature
  • Selling software, services, products from multiple sites creates a web of possible contacts & patterns
  • Don't assume other users maintain personal OPSEC as well
  • Avoid sharing travel plans or specific details that can be compared to social media

Don't Give Them A Reason
  • Scamming, hacking, or otherwise targeting others may bring you unwanted attention. Keep your business clean
  • Committing crimes is a great way to have authorities look your way. It's better to make legal money anyways
  • Don't harass someone or bother fellow hackers

Only you can decide what is best and how far you are willing to go to protect your personal info. I know this is not a comprehensive list of every single possible thing you can do to protect yourself online, but I hope it serves as a good guideline for you. Beware of anything that could expose your identity online unless you want to do that.

Safe browsing!
May 4, 2024 10:08 PM
EXCELLENT write up, everyone needs to read this
Apr 9, 2024 05:41 PM
Nice write up, thanks for the share. Alot of valuable information that could save someone in the event they're involved in risky behavior. Another tip I was given, when sharing information about yourself, mix false info with real info, to throw people off.