First and foremost, this playbook is for educational purposes only!
Every year it becomes a little harder to completely hide on the internet. The big guys don’t want you to be able to hide… big corporations want to build a profile on you for marketing, and the government either wants to make sure you’re not some sort of threat actor. Of course, both of these mindsets seem completely fair. But I also think it’s completely fair to have the capability to not be seen.
In this little series of blogs I’ll be going through how to be completely invisible online, for what ever reason you may have to do so. All the information is to the best of my knowledge the most secure and up to date methods to go about this. If you’re reading this on waybackmachine in 2050, get a life there’s better things to be looking at, surely.
There’s going to be different levels of necessity to this… to help you on your own journey I’ll make a table here to organize the guides so you can pick out what you need. If you’re about to blow the whistle on something huge, follow every item here to a tee - skipping anything exposes you in some way. Like anything in the security world, it’s up to you to weigh risk versus reward and make your own educated decision. If you’re like me and have nothing to hide but just want to for the sake of privacy, you can do just the tasks over a 5 rating.
Everything is ranked with the CVSS scale. I used this to calculate the rating - take this with a grain of salt this is my own opinion.
| CVSS Score | Summary and Guide Link |
|---|---|
| 9.8 | Traffic Encryption and Hop Obfuscation |
| 9.1 | Source Internet Network Considerations |
| 8.2 | Basic Linux OS Hardening |
| 7.5 | Create Accounts Anonymously |
| 5.9 | Disable Microphone and Camera |
| 4.6 | PGP Encrypted communication |
| 4.6 | Disk Encryption |
| 4.0 | Anonymous Payments |
| 4.0 | Hardware spoofing |
| 3.7 | Tor browser usage guide |
| 3.9 | Clearnet browser usage guide |
| 3.1 | Mitigate Author Profiling |
| 2.3 | OS Installation |
| 2.0 | Hardware Supply Chain |
This is a work in progress, expect this to be updated many times! So far, here’s what I have planned:
- [ ] Hardcore Local Firewall Setup
- [ ] SELinux // AppArmour
- [ ] Secure Email setup
- [ ] Crypto Wallet setup
- [ ] PGP guide
- [ ] File shredding
- [x] Write Author Profiling mitigation OSS project