“[The advice in this article can be adapted to suit the needs of other hidden services, including ones which are legal in your jurisdiction. The threat model in mind is that of a drug market. The tone is that of a grandfather who is always annoyingly right, who can’t help but give a stream-of-consciousness schooling to some whippersnapper about the way the world works. If this article inspires you to go on a crime spree and you get caught, don’t come crying to me about it.]-firstname.lastname@example.org, “So, you want to be a darknet drug lord…” pastebin.com. Unknown date.
The tl;dr of this piece is the notion of parallel construction and that all it takes is one fuck-up for someone with the necessary resources to find you. But, on the other hand, if your threat profile is trying to become a less vulnerable target to criminals, learning what criminals do to avoid law enforcement will put you far ahead of the kinds of people they normally target. Obviously, don’t be a darknet drug lord. There are easier ways to make money.
“Data privacy matters, and we all deserve respect and consideration from those we visit on the internet. As shown by the numerous data breaches that have affected companies and individual users around the world, individuals and governments, however, we must also look out for our own personal data and privacy. Using a VPN to obfuscate your location and encrypt data is a powerful way to prevent the tracking, stalking and theft of personal and private data.”
—Eric Jeffrey, “How to Boost Your Data Privacy With a Virtual Private Network.” Security Intelligence. November 2, 2018.
A layman’s explanation of VPNs and why you should be using them. I’ve mentioned VPNs before. If interested in using one, check this website for a comparison of different services.
“The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.”
Beyond security, the first game, “Bandit,” is a useful introduction to the command line, common tools, e.g, ssh, man, grep, etc., and basic operating system concepts, such as permissions.
Secure Accounts is comprised of five different modules, each designed to function as a standalone resource on a specific aspect of account security, or as a series, with each module building on one another.
The five modules include:
- Secure Your Accounts: A comic that explains why people should take their account security seriously
- Account Phishing and Civil Society: A brief explanation of what phishing is and two examples of phishing attacks against civil society groups based on recent Citizen Lab research
- 2-step verification in 2-minutes: A comic that explains what 2-step verification is and why it’s important
- Set up 2-step verification now: A collection of links to instructions on how to set up 2-step verification on popular online platforms
- Who could get access?: A app that users humour to highlight how adopting better security habits will mean hackers need more time and skill to break into your accounts