Synopsis

This page is a dumping ground for opsec and cybersecurity advice I collected and shared around the web, mostly from /cyb/sec/pri/. As the title implies, these advices are unedited, albeit to make them fit some sort of QA format for readability, so expect to see some errors and contextual noises.

Unedited List of Opsec Advices

> Is it useful to use a VPN with TOR?

Marginally. You could do TOR -> VPN to hide your IP from the VPN provider, or you can use a VPN after TOR to evades all the IP bans and restrictions people put in place against TOR exit nodes since they're well known for DDOS and hacking. Do reverse (VPN -> TOR) doesn't make much more sense though.

> What in the case on Tails OS running everything through TOR, would you use a VPN as well or not?

No. Unless for the reason mentioned above. For me, TailsOS is about anonymity, so I like to think it through; While VPN providers hide your IP, they themselves could be liable to eavesdrop on your traffic or build a profile from the email address and payment info you give them (Hence why I recommend Mullvad - you can pay them in crypto and they don't need your email address either).

> If higher anonymity is needed, would you use another internet connection (neighbour or public) or is it unnecessary as Tails guarantee a high level anonymity?

OFC, the more proxy you place between you and the other party, the harder it is to trace you. However, public networks can be bugged and have their log subpoenaed. A weak link in the chain - not damning, yet a single bad opsec could be all your opponent needs to catch you. I wouldn't worry about it though.

> Why would [a website] use [a reverse proxy]?

Several reasons. Reverse proxies allow caching, faster content delivery, ddos protection, SSL/TLS encryption, and can serve as firewalls and hide the server's real IP.

> [speaking about GDPR] the location of the server determines what jurisdiction it falls under.

True, but the GDPR also governs the transfers and processing of data outside the EU and EEA. If it didn't, European businesses would simply host their operation elsewhere and get away with it.

> what vpns are least likely to be compromised?

Anyone can cheat, anyone can lie, "likely" is a subjective term. I prefer Mullvad because they don't ask for your email address and you can pay them in crypto, which makes profiling harder and less likely. They also use Wireguard, which is the fastest and safest VPN protocol. However, I prefer to host my own VPN; it's cheaper, VPS providers have no reason or reasonable means to profile me, and my public IP isn't blacklisted anywhere.