COMSEC and self awareness

[TBU]

I wanted to put this out to help people keep keep themselves at a OPSEC state of awareness. You can take it or leave it. But always good to be aware of your business.

1. Get a secure email account there are several. And are very easy to use. I pay the extra money for mine so I have several email addresses that are accessible on one page.
2. Practice good COMSEC. What does that mean? Keep your info to a minimum if at all possible during communication. Less is more.
3. If you are working with someone to get product/services Save your emails and sent emails until the products/services arrive. Once you have your items/services, DELETE ALL emails. Go to trash and delete all trashed emails. Do not hold on to any history.
4. Password protect and DO NOT use face recognition or fingerprint to open secure email. Once you log off. It should close your secure email. You should be asked for your password every time.
5. Use HARD passwords. Nothing with recognition. Family. Friends. Street names. Pets. All that common stuff is bad. passwords should be 15 inputs long minimum. Use a series of Alpha/Numeric/symbols with random capitalization of letters.
6. Change passwords every 60 days. This keeps people from tracking you and your entry via keystroke programs. You’d be surprised how easy keystroke program is to install and report your use.

I think that’s it. Just a reminder from your paranoid bro. be safe out there amongst the deep state.

 

[Ominous]

Thank you.

 

[Bigmurph6]

Im going to put this in the general category not anything goes because I believe that this needs to be read by everyone because it is great information.

 

[AlmightyGL]

good write up bro

 

[TG1]

To go a step further only use protonmail to protonmail for your orders. Use 1 account just for that and don’t use anything else on it. If they don’t use protonmail then request it or use someone different

You can also enable 2 passwords on the email which makes it that much harder to get in.

Set a timer for the email to delete in the max 28 days. You don’t know if they ever delete the info or leave it online. Doing this ensures after 28 days protonmail will delete it from their end of the server regardless.

Use a password manager always. I have nearly 2 TB. Yes Terabytes of passwords that people have used. Its amazing how often people repeat things or think they are slick with passwords. At some point a service you use will get exposed.

 

[John]

Thanks Gunny aka @TBU and yes @TG i use proton but also use Tutanota

 

[John]

Any opinion on tutanota ? I use Wickr n wire to mostly wire but just for talking

 

[Ominous]

I use ProtonMail as well. Will have to use some of the features I didn’t know they have.

 

[TBU]

They are a help. But also use good practices.

 

[TBU]

Tutanota is a good encryption mail as well.

 

[TG1]

Tutanota is good encryption wise but lacks features that protonmail has. They are also really fast to delete accounts if reported where with protonmail its a lot harder.

Wire and wickr are both good options. But so is threema. Consider wires encryption protocol has been peer reviewed but its not open source. Wickr is the same but only the enterprise version has been reviewed and parts opened source. I spoke with wickr dev about this and their reasoning was they didn’t want IP stolen and was easier on enterprise. But they claim same protocol for both. Threema is paid service but cheap and lacks some functions but the data is encrypted in open source proven protocols.

I use all 3 for talking actually but different uses for each. I also have tutanota paid (cause cheap) but find myself moving accounts to protonmail more and more and I have more emails i can use there.

 

[John]

Thanks

 

[IronBerserker]

I’d also recommend a VPN with a secure email. Never know who’s watching your ip address. Google is notorious for storing and giving out info.