what are the best lap-top for opsec?

depresskid

Don't buy from me
Member
Joined
Apr 16, 2023
Messages
5
Reaction score
0
Points
1
what are the best lap-top for opsec?

Currently using Mac OS with windows boot-camp - T2 - with FileVault with long password
only using sessions , wicker me , telegram (password lock on + only using private massage) during the conversation.

For boot-camp windows I only used them for Tor when I doing the operation
I'm not a expert in this field so please give me some advice for this.

I want all the setting that is against digital forensics.
 

KokosDreams

Don't buy from me
Resident
Joined
Aug 16, 2022
Messages
912
Solutions
2
Reaction score
599
Points
93
The Purism - Librem 14 is a notebook by a US company that values user privacy. Snowden once recommended this company on his twitter.
This notebook features physical kill switches for microphones, camera and other security & privacy features.
 

hermano

Don't buy from me
Resident
Language
🇷🇺
Joined
Jun 18, 2023
Messages
52
Reaction score
50
Points
18
Never use telegram, never use windows.
Use hard disk cryptors + tails os with tor bridges.
 

KokosDreams

Don't buy from me
Resident
Joined
Aug 16, 2022
Messages
912
Solutions
2
Reaction score
599
Points
93
Should be mandatory on the deepweb, gates software and anonymity..hmm I dont know :D :) There are litterally people with phones entering the DN
 

SasquatchMonero

Don't buy from me
New Member
Joined
Sep 17, 2023
Messages
28
Reaction score
11
Points
3
Thinkpad x230. Flash coreboot on it. Run linux, preferably QubesOS. Do your OPSEC-criticial acts in the Whonix qube.
 

KokosDreams

Don't buy from me
Resident
Joined
Aug 16, 2022
Messages
912
Solutions
2
Reaction score
599
Points
93
Why do you think the THinkpad x230 is the most secure? I am a fan of thinkpad but your take would be interesting to hear, on their technical infrastructure
 
View previous replies…

SasquatchMonero

Don't buy from me
New Member
Joined
Sep 17, 2023
Messages
28
Reaction score
11
Points
3
Thinkpad x230 is one of the last line of Thinkpads that can be coreboot/libreboot'ed. Generally, the Thinkpads of these kinds are old, like 10 years and more. Thus, their *****Us are 3rd gen intel or even older.

Thinkpad x230 has the best intel *****U that can also be coreboot'ed. (Disregarding the system76, and other linux laptop sellers who have newer *****Us and ship with coreboot).

X230 is not the most secure, but it has the fastest *****U that are among the ones that can be made "most secure" by coreboot'ing.
 

KokosDreams

Don't buy from me
Resident
Joined
Aug 16, 2022
Messages
912
Solutions
2
Reaction score
599
Points
93
Thanks a lot. I am not that tech savy but I am looking for a more secure setup for myself, from its technical abilities.
It is difficult to see what and what not defines a good notebook from OpSec perspective and you clearly helped understand it more
 

KokosDreams

Don't buy from me
Resident
Joined
Aug 16, 2022
Messages
912
Solutions
2
Reaction score
599
Points
93
Outside of using different forms of disposable OS like Tails/Whonix, what would be the technical measures you'd take to further protect your privacy? What are you even looking for?
 

SasquatchMonero

Don't buy from me
New Member
Joined
Sep 17, 2023
Messages
28
Reaction score
11
Points
3
>what would be the technical measures you'd take to further protect your privacy?

This depends on what privacy of mine I am protecting, and from whom.
 

mevex21

Don't buy from me
New Member
Joined
Sep 22, 2023
Messages
1
Reaction score
1
Points
3
@KokosDreams

First off, please take to consuderation that there is a chance by X % that bbgare is trully made to collect informations about certain players that would not stop their carrer anyway, the only difference is the potential groups of interests could give the problem ( how to make certain drugs) - (they would get all this stuff from ebooks anyway, without any problems though -> they will give you an option to buy small amounts (or maybe big ammounts, which would lead a certain person to a link between the person and these cops for getting further information leak as the website neeeds not only javascript, but runs on clearnet withou any problem. There are few active users, which are the chemistry experts (of course, you can consult with them in any time, better tell them all the things you have in your mind though, they are here for you)... and certain few active peoples who are either idiots, or rather cops. I would safe my bet from bettng who is who, but sometimes it's really clear to me.

In my opinion, average lifespan of darknet vendor is way shorter that most peoples think. Not saying that certain actions could'nt be done anonymously, but the way it works at the bottom is that if somebody of entire pyramid will at some magic point fck up somewhere, then you could get potentially linked too... And the story never ends...
Do what you want to do, certain things works for sure, but don't make assumptions that any given person and any given database with storage in external server is safe from getting you being exposed on some point.
Btw, the technology that is used to find certain leaks in a code of literallty anything (including runing VM using android system, all that "certain" things that's on the web is endless. Those who eventually get their hands on it at some point will be like best of best in entire IT section of cybersec..

I would just stay very, very carefull with asumptions like because something is commonly used by all the folks, like some comunicator etc so they couldn't be badass wrong about it and they actually wait for their own tragedy,
 
Last edited:

KokosDreams

Don't buy from me
Resident
Joined
Aug 16, 2022
Messages
912
Solutions
2
Reaction score
599
Points
93
Suggesting BB is a honeypot is nonsense :D
 

KokosDreams

Don't buy from me
Resident
Joined
Aug 16, 2022
Messages
912
Solutions
2
Reaction score
599
Points
93
I would think it is obvious due to the way knowledge is spread here freely. A honeypot would be more pushy about collecting data whereas BB doesnt care who consumes the content. LE would not spread knowledge like this I think. The cost on society is not worth it for the reward, it would not be justifieable despite for any crazy government I would believe.

What makes you unconfident?
 

beherit

Don't buy from me
New Member
Joined
Oct 29, 2023
Messages
14
Reaction score
9
Points
3
System76 and Tuxedo have nice builds, some actually pretty affordable.
 

TheVacuumGuy

Don't buy from me
Resident
Language
🇺🇸
Joined
Sep 20, 2023
Messages
143
Reaction score
61
Points
28
Every laptop will do for that matter. Opsec is all good and nice but in reality it's mainly boils down to behavior and precautions. A better way to think about it is: what happens when investigations break your door and takes your machine. Despite what people tell you, technology and encryption or software you use, they will find proof.

That is eventually what you need to prevent. This all may sound obvious, but in the end people tend to make it easy for themselves (i.e. using simple passwords, keep files and history, andsoforth).

Example tip: Boot your laptop from USB , do not use persistence on it, and do not use device storage. (Sure, it's a hassle setting things up everytime you use it) but that's the price you pay.
 

OrgUnikum

Don't buy from me
Resident
Language
🇬🇧
Joined
Feb 22, 2023
Messages
331
Reaction score
281
Points
63
Get a Chromebook, but one which can run Linux. They are so cheap used that they are throw-aways but the better ones can run a lean Linux at a decent speed AND most of them have coreboot as bios. Also they have ARM *****Us and ae as such unaffected from the microcode problem which make all newer Intel and AMD *****U a security risc. As ARM *****Us do not rely on microcode to work and the whole BIOS is open source with core or libreboot, no binary blobs with unknown code.

As distro I would recommend Puppy Linux for ARM. Yes thats unusual but there are reasons: With a "frugal" install it will run completly from RAM and it is as such insanely fast even onChromebooks (4 Gig RAM is what you want). It installs in a encrypted file which can be just copied to another machine and then it runs there, this makes the Chromebook a true throwaway. Only drawback is that you cannoz have a zillion tabs open in the browser. But this you should not do on a device for this purpose anyways. You should use a single-threaded browser like waterfox and open only a minimal amount of tabs.
Puppy Linux offers also security by obscurity. You can bet that the enemy has software for all highly recommended high security distros and browsers. Puppy Linux is buildt on a layered filesystem. Any malicious software will install itself nicely into the usual files which are present on top, but those files are never used but actualy it all runs on files two or more layers down and only if YOU install something it will be done in a working way. But you should use flatpacks and sfs packages - then its virtually inmutable.
 
Top