Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,570 --> 00:00:06,390
Let's go through my 10 OP set rules these are inspired by the awesome work of a gentleman called the
2
00:00:06,390 --> 00:00:09,410
group whose work I highly recommend.
3
00:00:09,450 --> 00:00:13,650
This is a blog here if you want to check out his work on OPSEC.
4
00:00:13,650 --> 00:00:20,310
So in no particular order and so may relate to each of these Lemont OPSEC rules for those who need serious
5
00:00:20,400 --> 00:00:24,150
anonymity and pseudo anonymity online.
6
00:00:24,150 --> 00:00:28,120
Rule number 1 Always keep your mouth shut.
7
00:00:28,140 --> 00:00:31,740
This means never revealing operational details.
8
00:00:31,770 --> 00:00:38,970
For example you don't tell people you use nest of ends and tails or Tor that you use a Debian laptop
9
00:00:38,970 --> 00:00:40,680
or you love iPhones.
10
00:00:40,920 --> 00:00:46,290
An example could be just simply messaging to your freedom fighter or associate and complaining that
11
00:00:46,290 --> 00:00:48,320
Tor is slow don't do it.
12
00:00:48,370 --> 00:00:53,550
You're revealing operational details never reveal plans of what you intend to do.
13
00:00:53,550 --> 00:00:56,680
Remember if you don't say it you don't have to encrypt it.
14
00:00:56,700 --> 00:01:02,630
You don't have to protect it in public places where you could be overheard or recorded.
15
00:01:02,640 --> 00:01:07,470
Never be explicit use code words or so called crypto names.
16
00:01:07,470 --> 00:01:08,600
Rule number 2.
17
00:01:08,820 --> 00:01:10,010
Trust no one.
18
00:01:10,080 --> 00:01:11,890
Use the zero trust model.
19
00:01:11,930 --> 00:01:18,040
When I talk about throughout the course I assume everything and every one cannot be trusted.
20
00:01:18,180 --> 00:01:25,380
Operate from this perspective by mitigating the risk through security controls and distributing trust
21
00:01:25,860 --> 00:01:29,310
information should be given out on a need to know basis only.
22
00:01:29,460 --> 00:01:32,360
The less you say to people the better you are.
23
00:01:32,520 --> 00:01:36,010
The smaller group of co-conspirators the better you are.
24
00:01:36,120 --> 00:01:38,870
Especially do not trust co-conspirators.
25
00:01:39,060 --> 00:01:44,480
Conspiracies can be turned to work for your adversary or may be your adversary.
26
00:01:44,490 --> 00:01:45,570
They are not friends.
27
00:01:45,570 --> 00:01:47,340
Do not treat them as friends.
28
00:01:47,340 --> 00:01:50,360
They will become criminal codefendants.
29
00:01:50,430 --> 00:01:56,580
If your adversary arrest them the less they know about you and all the operational activity the better
30
00:01:56,580 --> 00:01:56,780
.
31
00:01:56,820 --> 00:01:58,570
People don't keep their mouth shut.
32
00:01:58,590 --> 00:02:00,700
People won't go to prison for you.
33
00:02:00,750 --> 00:02:04,210
Watch for co-conspirators who disappear and then come back.
34
00:02:04,260 --> 00:02:05,550
All habits change.
35
00:02:05,550 --> 00:02:09,110
They could have been caught and are now under the control of your adversary.
36
00:02:09,210 --> 00:02:11,580
And beware of people offering to buy information.
37
00:02:11,580 --> 00:02:15,140
This is a common law enforcement agency tactic.
38
00:02:15,210 --> 00:02:19,400
If possible operate alone don't tell friends or family.
39
00:02:19,470 --> 00:02:24,080
Don't allow people to take power over you so it can be used against you.
40
00:02:24,090 --> 00:02:26,900
Never let anyone get in a position to blackmail you.
41
00:02:26,910 --> 00:02:31,260
Don't let people take control over your actions or life.
42
00:02:31,260 --> 00:02:35,440
Rule Number 3 Never contaminate identities.
43
00:02:35,640 --> 00:02:43,980
This means do not share anything between aliases email addresses accounts friends IP addresses cookies
44
00:02:44,130 --> 00:02:51,750
browsers email client operating systems locations anything you shouldn't even have the same password
45
00:02:51,840 --> 00:02:52,950
among identities.
46
00:02:52,950 --> 00:02:55,080
This is total contamination.
47
00:02:55,080 --> 00:03:01,890
Don't use different identities at the same time e.g. don't post via your real identity on Facebook while
48
00:03:01,890 --> 00:03:06,690
logged into your freedom fighter identity in Tor Barnardo see Channel.
49
00:03:06,690 --> 00:03:08,310
This could be correlated.
50
00:03:08,310 --> 00:03:14,580
Don't visit sites and locations associated with other identities with other identities.
51
00:03:14,580 --> 00:03:20,170
I don't go into your personal Facebook account or real email while on tour.
52
00:03:20,250 --> 00:03:21,570
It's a different identity.
53
00:03:21,570 --> 00:03:23,090
This can be correlated.
54
00:03:23,130 --> 00:03:29,220
Never log into accounts as an anonymous identity through Tor or other such anonymising service that
55
00:03:29,220 --> 00:03:31,200
you were previously logged into.
56
00:03:31,220 --> 00:03:38,400
Without anonymizing your adversary could then associate an anonymous connection with a real IP.
57
00:03:38,430 --> 00:03:44,970
Don't make connections with those involved with operations relating to your or the aliases whenever
58
00:03:45,000 --> 00:03:46,120
possible.
59
00:03:46,200 --> 00:03:52,410
If you are using an offsite internet connection to protect your anonymity don't take any mobile phone
60
00:03:52,710 --> 00:03:56,640
associated with other identities or your real identity.
61
00:03:56,640 --> 00:04:02,090
This can be linked if your adversary is of significant means and the consequences are high.
62
00:04:02,100 --> 00:04:09,120
Don't use an internet connection at your house your home or location connected to your real identity
63
00:04:09,120 --> 00:04:09,480
.
64
00:04:09,490 --> 00:04:17,280
We cover more on this later in offsite connections but otherwise always use anonymising service as discussed
65
00:04:17,340 --> 00:04:18,520
in the course.
66
00:04:18,600 --> 00:04:25,620
Always use aliases separated through isolation and compartmentalisation in separate security domains
67
00:04:25,620 --> 00:04:25,860
.
68
00:04:26,010 --> 00:04:32,940
For example maybe a separate laptop or virtual machine VPN Tor browser configuration etc..
69
00:04:33,180 --> 00:04:36,300
Or storing sensitive data encrypted in the cloud.
70
00:04:36,300 --> 00:04:37,960
We cover all this later.
71
00:04:38,130 --> 00:04:39,880
One phone for one identity.
72
00:04:39,900 --> 00:04:48,350
Don't call contact's of one identity with the phone of another rule number four be on interesting this
73
00:04:48,350 --> 00:04:51,770
means make everything as uninteresting as possible.
74
00:04:51,770 --> 00:04:53,350
Fly on the radio.
75
00:04:53,360 --> 00:04:54,760
Don't make a force.
76
00:04:54,770 --> 00:04:57,730
Don't be outspoken when it comes to technology.
77
00:04:57,740 --> 00:04:59,990
Use things like steganography.
78
00:04:59,990 --> 00:05:04,720
Hide your knowledge and conceal your use of security controls.
79
00:05:04,760 --> 00:05:11,680
Avoid high risk areas and actions for example don't hang around on a political forum making posts.
80
00:05:11,720 --> 00:05:17,330
If your political dissidents don't hang around on hacker forums if you're a hacker a freedom fighter
81
00:05:17,390 --> 00:05:23,470
if at all possible don't maintain accounts if at all possible and especially in high risk places.
82
00:05:23,510 --> 00:05:29,740
If you have to post on forums keep the business to hand and no chat about anything else.
83
00:05:29,750 --> 00:05:32,020
Don't post questions if you can help it.
84
00:05:32,060 --> 00:05:38,270
Don't draw the attention of a well resourced adversary whenever possible don't perform actions that
85
00:05:38,270 --> 00:05:41,270
could shine a light on you for further investigation.
86
00:05:41,270 --> 00:05:46,940
For example don't get caught breaking the law by doing something silly like speeding which results in
87
00:05:46,940 --> 00:05:53,420
a house search which results in you getting sent to jail for your counter of material discovered.
88
00:05:53,420 --> 00:05:57,720
Establish an average identity a believable identity.
89
00:05:57,740 --> 00:06:01,360
Don't make yourself a 6:46 lesbian with red hair.
90
00:06:01,490 --> 00:06:05,280
A three year old Joanie Camden is much better.
91
00:06:05,280 --> 00:06:07,160
Don't know anything longer than you have to.
92
00:06:07,160 --> 00:06:12,260
The longer you do something the more likely it can be correlated.
93
00:06:12,260 --> 00:06:13,530
Rule Number 5.
94
00:06:13,610 --> 00:06:17,540
Be paranoid now instead of when you get caught.
95
00:06:17,630 --> 00:06:19,320
Be actively paranoid.
96
00:06:19,430 --> 00:06:24,400
If you have an active adversary and you know it then they are out to catch you.
97
00:06:24,500 --> 00:06:26,180
You should be paranoid.
98
00:06:26,180 --> 00:06:28,030
Always consider all the angles.
99
00:06:28,040 --> 00:06:33,950
Spend time thinking about all the possible angles from your adversaries perspective.
100
00:06:33,950 --> 00:06:37,750
Your adversary will always try the easiest route to catching you.
101
00:06:37,850 --> 00:06:40,230
So tighten up the simple things first.
102
00:06:40,270 --> 00:06:45,470
Like patching a laptop before you worry about bouncing your traffic around the world through all possible
103
00:06:45,470 --> 00:06:47,970
transports and nest VPN.
104
00:06:48,110 --> 00:06:50,390
Be aware at all times.
105
00:06:50,450 --> 00:06:53,550
Plan for things going wrong and how you mitigate risk.
106
00:06:53,600 --> 00:07:00,530
When they do if they do plan for a knock at the door and being arrested you fail safe or fail.
107
00:07:00,530 --> 00:07:04,200
Close technology like VPN kill switches.
108
00:07:04,280 --> 00:07:08,800
If something fails most fail in a way that continues to protect you.
109
00:07:09,200 --> 00:07:16,940
If you don't use them disable or remove wireless Bluetooth webcams or cover the webcam with tape disable
110
00:07:16,940 --> 00:07:17,950
the microphone.
111
00:07:17,960 --> 00:07:23,930
Don't use a wireless keyboard mouse or monitor if you can get away with not using all of those.
112
00:07:23,930 --> 00:07:27,260
Don't use them if you talking about anything sensitive.
113
00:07:27,260 --> 00:07:33,260
Move the battery out of your phone or as a minimum turn it off switch off all the electric devices such
114
00:07:33,260 --> 00:07:39,740
as tablets smartphones TVs when using someone else's Wi-Fi or network.
115
00:07:39,740 --> 00:07:41,810
Assume everything is logged.
116
00:07:41,870 --> 00:07:48,230
Maintain all the same security privacy and an empty security controls that you would normally at a minimum
117
00:07:48,230 --> 00:07:48,270
.
118
00:07:48,290 --> 00:07:53,830
The IP will tie to a physical location and time and that could be enough to identify you.
119
00:07:53,930 --> 00:07:59,960
Never leave your devices on attended and the screens unlocked preferably store them in physically secure
120
00:07:59,960 --> 00:08:01,640
or hidden places.
121
00:08:01,640 --> 00:08:06,920
Power off your devices especially if you're using whole disk encryption and you should be using whole
122
00:08:06,920 --> 00:08:08,040
disk encryption.
123
00:08:08,060 --> 00:08:12,770
We cover that and it's N.S. if possible against your real identity.
124
00:08:12,860 --> 00:08:19,760
Never promote or discuss security privacy in an unlimited matters don't share your PTG peaky mentioned
125
00:08:19,760 --> 00:08:27,970
Tor VPN or anything that would raise a slight fly that you're interested in these topics run on 6.
126
00:08:27,980 --> 00:08:29,770
Know your limitations.
127
00:08:29,960 --> 00:08:32,660
Operate at the level of your abilities.
128
00:08:32,690 --> 00:08:37,500
If you don't fully understand what you're doing then either stop what you are doing.
129
00:08:37,520 --> 00:08:42,650
Until you do or accept the risk that your lack of knowledge could get caught.
130
00:08:42,650 --> 00:08:47,380
Stick with technology and processes you understand and can effectively implement.
131
00:08:47,450 --> 00:08:53,070
Keep it as simple as possible so not to introduce complexity that can get you caught.
132
00:08:53,240 --> 00:08:58,080
Physical security domains can be simpler when things become too complex.
133
00:08:58,220 --> 00:08:59,170
They go wrong.
134
00:08:59,360 --> 00:09:07,220
For example it can be easier to have a separate secure USP stick with tails on it than engage in complex
135
00:09:07,250 --> 00:09:11,860
virtualization for compartmentalisation as described in this course.
136
00:09:12,050 --> 00:09:14,970
If you just don't understand it enough.
137
00:09:15,020 --> 00:09:16,160
Rule number 7.
138
00:09:16,370 --> 00:09:18,170
Minimize information.
139
00:09:18,200 --> 00:09:21,310
No logs equals no crime.
140
00:09:21,320 --> 00:09:28,040
Avoid logging anything if you can keep operational information that you need but destroy everything
141
00:09:28,040 --> 00:09:31,070
else browser history for example is not required.
142
00:09:31,160 --> 00:09:32,120
So where possible.
143
00:09:32,120 --> 00:09:33,740
Don't leave evidence.
144
00:09:33,800 --> 00:09:38,240
Is better to not leave it than encrypt it and leave it if it is not needed.
145
00:09:38,240 --> 00:09:45,650
Don't keep it especially not tied to your real identity on your laptop logs browser history etc..
146
00:09:45,770 --> 00:09:49,850
Minimize what people can find even if it's fully protected.
147
00:09:49,850 --> 00:09:53,240
Send as little information as possible in communications.
148
00:09:53,240 --> 00:09:59,000
The less said the better you see perfect examples of this on the TV show The Sopranos.
149
00:09:59,000 --> 00:10:01,410
They say things-I bring the thing in.
150
00:10:01,430 --> 00:10:02,700
Meet you at the place.
151
00:10:02,750 --> 00:10:08,190
Don't forget to tell the guy instead of I'll bring the bag of drugs to but.
152
00:10:08,220 --> 00:10:13,430
And don't forget to tell Tony or whatever it is they might say is easy for your defense later.
153
00:10:13,460 --> 00:10:17,160
If you are they don't send clear text messages.
154
00:10:17,270 --> 00:10:20,570
Everything should be encrypted even if it's non-sensitive.
155
00:10:20,600 --> 00:10:26,870
If you only encrypt what is sensitive than that in itself gives a way that it's sensitive never leave
156
00:10:26,870 --> 00:10:29,480
anything behind that might be traced back to you.
157
00:10:29,540 --> 00:10:36,710
Your real identity environment and security domain associated with you should have no contraband and
158
00:10:36,710 --> 00:10:40,100
be evidence free and don't leave a money trail.
159
00:10:40,100 --> 00:10:41,310
Rule number 8.
160
00:10:41,360 --> 00:10:42,800
Be professional.
161
00:10:42,980 --> 00:10:49,460
If your adversary is professional and the consequences are high for you then you must also act equally
162
00:10:49,520 --> 00:10:50,490
professional.
163
00:10:50,510 --> 00:10:52,170
Don't be an amateur and get caught.
164
00:10:52,250 --> 00:10:59,240
You must treat your OPSEC security privacy and NMT with the seriousness it requires.
165
00:10:59,240 --> 00:11:01,120
A man must know his limitations.
166
00:11:01,190 --> 00:11:03,940
But if you have limitations that create risk.
167
00:11:04,010 --> 00:11:05,870
You need to educate yourself.
168
00:11:05,870 --> 00:11:07,990
This course will help you do that.
169
00:11:08,000 --> 00:11:11,930
Take a logical and systematic approach to what you're doing.
170
00:11:11,930 --> 00:11:13,650
Treat it as a business.
171
00:11:13,730 --> 00:11:16,030
Don't make it a pursuit of pleasure.
172
00:11:16,040 --> 00:11:22,790
Make it a business and treat it as one rule them and 9 employ anti profiling.
173
00:11:22,790 --> 00:11:30,140
This means avoid revealing personal information or stories about yourself as it can be used for profiling
174
00:11:30,140 --> 00:11:30,290
.
175
00:11:30,290 --> 00:11:37,340
This includes in chat discussions voice calls for and post private messages encrypted messages everywhere
176
00:11:37,460 --> 00:11:39,210
even if you think these are private.
177
00:11:39,230 --> 00:11:40,610
They are not.
178
00:11:40,610 --> 00:11:47,570
Never reveal your real gender location jobs hobbies hair color height weight physical attributes where
179
00:11:47,570 --> 00:11:53,810
you were born your favorite sports team the car you drive or what tattoos you have.
180
00:11:53,810 --> 00:11:59,810
Nothing no personal information do not even include personal information in your online identity your
181
00:11:59,810 --> 00:12:05,460
nickname your username your handle or even a similar name don't even indicate your gender.
182
00:12:05,540 --> 00:12:10,910
Do not reveal anything that can reveal your location or time zone.
183
00:12:10,910 --> 00:12:18,020
Like talking about location references where the political events entertainment events or by using special
184
00:12:18,020 --> 00:12:21,270
characters from a keyboard related to your language.
185
00:12:21,350 --> 00:12:27,370
Avoid keeping regular hours as this can reveal a time zone and a geographic location if you do.
186
00:12:27,470 --> 00:12:35,590
If you can don't keep regular routines habits or methods being consistent and unpredictable used misinformation
187
00:12:35,600 --> 00:12:38,110
to mislead change your time zones.
188
00:12:38,150 --> 00:12:40,340
Speaking of language not your own.
189
00:12:40,340 --> 00:12:44,120
If you know them use alternative spellings if you can.
190
00:12:44,120 --> 00:12:51,710
For example if you are from the US UK spellings Australian spellings and words as part of a UK alias
191
00:12:52,100 --> 00:13:00,140
maybe and metor data to photos and documents snottily pointing to your fake identity to provide misinformation
192
00:13:00,530 --> 00:13:03,380
provide misinformation to your co-conspirators.
193
00:13:03,440 --> 00:13:10,250
If they ask you any question answers your alias and use authorship recognition evasion methods that
194
00:13:10,250 --> 00:13:11,590
we'll discuss later.
195
00:13:11,690 --> 00:13:13,490
And the final rule will attend.
196
00:13:13,490 --> 00:13:14,870
Protect your assets.
197
00:13:14,900 --> 00:13:18,150
Don't send data without encryption.
198
00:13:18,170 --> 00:13:25,070
Use the security controls tools technologies processes highlighted in this course to enable your security
199
00:13:25,070 --> 00:13:29,210
privacy and anonymity protect your assets and your secrets.
200
00:13:29,210 --> 00:13:35,390
Based on your level of risk acceptance your adversary and the consequences you need to choose the right
201
00:13:35,390 --> 00:13:37,950
technology and configure it correctly.
202
00:13:38,030 --> 00:13:41,150
This course will help guide you through that process.
203
00:13:41,210 --> 00:13:43,270
Protect what matters most.
204
00:13:43,280 --> 00:13:44,840
You'll know if it worked.
205
00:13:44,900 --> 00:13:46,370
If you don't get a knock at the door
20906
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.