Posts

High resistance OpSec guide for activists - check different laptops google “qubes certified computers” not included in post

High‑Resilience OPSEC Guide for Activists High‑Resilience OPSEC Guide for Activists This guide outlines practical operational security (OPSEC) practices for activists focused on reducing attack surfaces, compartmentalisation, and deniability. It assumes a realistic threat model (state surveillance, device seizure, social graph analysis) and prioritises reliable security over exotic tricks. Table of Contents Hardware Physical Attack Surface Reduction Networking: Tor & Whonix Messaging Browsing & Research VPN Router Passwords & Secrets Identity Compartmentalisation Behavioural OPSEC Threat Model Reality Check 1. Hardware: Start by Being Boring Dumb Phones (Primary Phone) Use a dumb phone as your only daily-carry phone . Calls + SMS only, no apps. No location tracking or social graph harvesting. Do not log into activist accounts or pair with laptops. Keep contacts minimal and non-descriptive. ...
Post a Comment
Read more

Ultimate privacy setup: Buy certified qubes os laptop and use tor browser/whonix for web browser and ricochet refresh for chat over tor/file sharing

Qubes OS Secure Setup Guide (WebTunnel + Ricochet-Refresh) Qubes OS Secure Setup Guide This guide explains how to build a high-security Qubes OS system using: Certified hardware Whonix with WebTunnel bridges Disposable Tor Browser Ricochet-Refresh over Tor Optional VPN router for defense-in-depth Quick Introduction to Qubes OS Qubes OS is a security-focused operating system that isolates applications into separate virtual machines (VMs). A compromise in one VM does not affect others. TemplateVMs – Base OS and software AppVMs – Daily-use application VMs DisposableVMs – Destroyed after use sys-whonix – Tor gateway for all Whonix-based VMs Step 1: Buy and Configure Certified Qubes Hardware Recommended hardware: NovaCustom V54 Series (preinstalled with Qubes OS). Choose These Options for Maximum Security Coreboot + Heads – verified boot and firmware tamper detection Disable Wi-Fi and Bluetooth – use Ethernet only ...
Post a Comment
Read more

Use Ricochet Refresh IM on qubes os

Ricochet-Refresh on Qubes OS – Full Guide Ricochet-Refresh on Qubes OS – Full Guide This guide covers setting up Ricochet-Refresh on Qubes OS with: Persistent .onion address Using sys-whonix only (avoiding Tor-over-Tor) Changing your identity safely Step 1: Decide Your Qubes Architecture Component Qube Type Notes Tor network sys-whonix Whonix Gateway handles all Tor traffic Ricochet-Refresh App AppVM based on Whonix or Debian Template Isolated from other AppVMs Persistent storage Dedicated Data Qube (e.g., ricochet-data ) Stores profile folder to preserve .onion address Step 2: Create a Ricochet AppVM Open Qube Manager → “Create Qube”. Set: Name: ricochet-app Template: whonix-ws-XXX (or Debian) Networking: sys-whonix Storage: default Create the Qube. Step 3: Create a Persistent Data Qube Open Qube Manager → “Create Qube”. Set: Name: ricochet-data Type: Standalone or Persistent AppVM Storage: d...
Post a Comment
Read more

Using ricochet refresh on windows/mac/linux

Here’s a complete, safe guide to preserving your Ricochet‑Refresh .onion address so your contacts stay intact, covering Windows, macOS, and Linux. Ricochet‑Refresh: Keep Your .onion Address / Identity Step 1: Understand What Needs to Be Backed Up Your Ricochet‑Refresh identity is a Tor hidden service, and it’s tied to: A private key (keeps your .onion address the same) Your contacts list and other app configuration All of this is stored in the profile folder of Ricochet‑Refresh. Backing up this folder preserves your identity completely. Step 2: Locate Your Profile Folder OS Default Location Notes Windows C:\Users\<YourUser>\AppData\Roaming\Ricochet-Refresh\ %APPDATA% is a hidden folder, enable “show hidden files” macOS ~/Library/Application Support/Ricochet-Refresh/ ~ is your home folder Linux ~/.local/share/ricochet-refresh/ Hidden folder (dot folder) Inside this folder you’ll find: hostname — contains your .onion ad...
Post a Comment
Read more