A Quick Guide to Online Anonymity
Protect yourself from the MAGA Coup
Intro
This is one approach to security. In the end, using security software may be more of a liability than the activity you are doing (organizing groups, rallies, creating media). Make your own choices carefully.
Is this guide for you?
If you are already being pursued by a government or you are a whistleblower, you probably need more secure options. This guide is meant to make it increasingly expensive for mass surveillance, not to survive direct targeting from nations or large corporations.
Following the steps below does not mean you are safe. It only means you are harder and more expensive to track. You should consider anything and everything you type, even from the setup suggested below, as if it can be traced directly back to you with enough effort.
Finally, this is written for someone who is comfortable with setting up computers and network connections. Please reach out to someone in your circle or affinity group if any of this seems daunting. They can probably get a laptop setup and walk you through the steps to take before every session.
For a more complete guide, see links below the warnings.
Warnings
Don’t start using Tor, the Tor Browser, or VPNs from your home network. Avoid searching for these items using Google, DuckDuckGo, or anything else.
Be careful about clicking any of the links in this post. Using certain software, network technology, visiting certain domains, or searching for key words and phrases directly from your home network won’t get someone knocking at your door, but it will put you on the shortlist for the future.
Avoid linking your personal identity to any resistance activity.
It may be tempting to put your name or other details out there to seem more authentic than a random internet persona, but there are many people already doing this and they have experience protecting themselves and their family. The MAGA faithful are already violent and dangerous. Try not to make yourself an easy target.
Do not drastically change your patterns.
Another thing that will flag your identity is if you depart from a well developed routine. If you need to start making regular visits to a new location, consider making tandem change, like starting a new hobby that takes you to certain shops, working out or changing gyms, or choosing a different form of transit. Your phone, regardless of your privacy settings, is in constant contact with radio towers that reveal your location.
Your phone is a spy machine.
Equipped with GPS, Bluetooth, WiFi, microphones, motion sensors, and cameras, your phone is probably your greatest liability in correlating your activity to anonymous internet usage. The radio beacons your phone sends are a necessary part of the technology, so all you can do is disable them or leave them in your backpack, car, or locker. Try not to have your phone near your Reasonably Secure Laptop when it is turned on.
Browse local.
Many large retailers monitor Bluetooth signals to track your behavior in the store or provide indoor navigation. Modern enterprise WiFi networks monitor any radio that is turned on, even if it’s not connected to the network. Look for small businesses that have WiFi, as they will probably not have camera systems and advanced networks that would make it easy to identify you.
Don’t trust me.
Don’t trust anyone but the folks in the trust chain in your local affinity group. If you want a more detailed explanation of the concepts below, check out The Hitchhiker’s Guide to Online Anonymity.
The Short Guide to Anonymous Internet Usage
Get the hardware.
Go buy a laptop with cash, cheap enough to drop into a trash can and not think about it. Pawnshops or small computer shops are an option but the machine may be compromised if it’s used. Big Box retailers will be able to easily link you with video to the purchase.
Do not buy a Chromebook or anything with less than 8GB of RAM.
AMD chipsets have fewer remote exploits than Intel.
If you are planning on advanced security scenarios, you will need to be picky about hardware virtualization support.
Buy a typical cheap flash drive, 16GB or below if possible, from a different store. This will be the source of your OS installation.
Buy a high performance SSD based USB drive with cash somewhere else. You want at least 64GB. This will serve as the operating drive for your new OS. Using a cheaper, non-SSD style drive here is an option, but it will be painfully slow to boot up the OS.
Install the OS.
Boot the laptop into the BIOS if it has one, and disable Bluetooth. If that’s not possible, disable Bluetooth where you can inside the OS. If you have advanced use cases, you can go ahead an double check your virtualization settings.
Boot the laptop into the OS and setup a user without creating or using a cloud account.
Go to a busy public cafe, pick a random search engine and download Tails or if you’re more technical, Qubes OS.
Use a tool like Rufus to copy the ISO file to the smaller flash drive.
Boot from the flash drive and go through the installation process, choosing your larger 64GB+ USB SSD drive as the destination.
At the end of the process, test that with only the 64GB+ drive plugged in, your new OS boots without errors.
When you boot from this drive, you have a Reasonably Secure Laptop.
With the 64GB+ USB SSD drive unplugged, reinstall/reset the original OS on the laptop’s internal hard drive or install Ubuntu over it using secure erase.
Use the OS.
If your arrival/departure times roughly correlate with the anonymous network traffic, you could be flagged. Randomize the time you arrive at a spot with public WiFi to when you start using the Reasonably Secure Laptop, and don’t immediately leave after you are done using it.
If you are one of a few people using public WiFi in a given area, it will be too easy to correlate your phone geo data with the anonymous network activity. Randomize your public WiFi access locations, and avoid using your Reasonably Secure Laptop in a low traffic area.
At your discretion, consider finding a way to pay anonymously for a VPN service. Tails and other OSes use Tor automatically, but many of those nodes are hosted by nation states.
Make sure you always know where your 64GB+ USB SSD drive is in case it needs to be ditched. Tails by default never writes to this drive after installation, but you should destroy it if possible just in case.
Additional Tips? Comments?
If you see any errors or have additional information, please reach me at carlutz@pm.me
In Solidarity,
-JA