Read on Twitter
OP SEC BEST PRACTICES, A THREAD:
1. If for whatever reason you *have* to post a picture, strip all XCIF data from it and make sure there is absolutely nothing personally identifiable within it, including location, reflection, phone numbers, ID cards, badges, etc. https://twitter.com/rasputinoid_KG/status/1281779712692416512
1. If for whatever reason you *have* to post a picture, strip all XCIF data from it and make sure there is absolutely nothing personally identifiable within it, including location, reflection, phone numbers, ID cards, badges, etc. https://twitter.com/rasputinoid_KG/status/1281779712692416512
2. Seed your online persona with misinformation and red herrings that will ultimately obscure who you are; surround yourself in an ink cloud of bad data
3. Use VPNs in all aspects of the online process; this will help protect you against civilian aggressors seeking to unmask you (but not state actors, unfortunately, but it's still a useful line of defense)
4. AIR GAP YOURSELF FROM YOUR REAL LIFE ACCOUNTS: exclusively use throwaway and anonymous emails, burner phones, and other disposable forms of communication when creating online accounts
5. If in the past you ever posted Personally Identifiable Information (PI2) to an account that can be connected to your online persona, change your online persona immediately if you aren't willing to abandon it (abandon it just to be safe)
6. If for any reason you are in a POSITION OF INFLUENCE AND ACTION you are to protect that position JEALOUSLY, it is your RESPONSIBILITY to sever ALL PERSONAL CONNECTIONS between you and your online persona IMMEDIATELY and never join them again; remake your online ID if you hav 2
7. Do not ever even share your FIRST NAME with *anyone* online; even small pieces of information that seem insignificant by themselves can be assembled into a bigger weapon that can destroy you; do not give ANY PI2 if you can help it
8. Do not post your elementary school, do not post your high school, do not post your college, yearbooks exist and you would be surprised how easy they can be to find.
9. It sucks, but you should regularly purge all posts on your account, this is something Chinese dissidents do when posting anonymously on twitter and you should too; what's more valuable, your shitposts that people will forget or your future?
10. That person you trust online? Don't trust them. No exceptions.
10.2 almost every time our most valuable people get doxxed its because they were too loose with information with people they trusted; this was, unfortunately, what happened with Paul Nehlen and Ricky, and that shithead Cantwell got it from Nehlen and published it.
10.3 even if you trust a person, they might not see you the same way, and while they might not be the one who publishes your information, they could be cavalier with it in a way that exposes you and destroys you
11. An alternative form of op-sec is to wear the skin of someone else you know; find a shitlib you dislike, and take various data points from their life and post them online as if they belong to you; when you get "doxxed" they'll just destroy their own
