So You Want To Be A Whistleblower? A Crash Course in OPSEC

So You Want To Be A Whistleblower? A Crash Course in OPSEC.

July 27, 2018 by Neon Revolt

Your voice is powerful. Did you know that? We take our words for granted, but the truth is, we all have the power to speak life or death to the people in our lives, to the world around us, and even ourselves and our circumstances. Our words can literally change the world. It’s why I write what I write here almost every day.

But sometimes, we need to be shrewd – especially in the case of whistleblowers, where some bad indviduals may seek to silence us.

Despite this, lots of leakers – especially in Hollywood – are starting to speak up.

Perhaps you are someone who wishes to expose some evil in the world, but doesn’t know how to stay safe while doing it.

Well you’re in luck, because this guide is for you:

We’re going to go over a few steps today to keep you secure while dropping intel on the chans.

Here’s what you’re going to need to get started:

A laptop. Preferably something that isn’t your daily driver, something with a fresh OS, but we can work with whatever you’ve got.

  1. Familiarity with 8ch.net/qresearch. Learn how chans work, if you haven’t already, and learn how to post.
  2. At least TWO USB drives. At least 8 GB each. These are pretty cheap these days, but you’ll need more if you’re making dead-man switches.
  3. A public wifi connection in an unsurveilled place. Local coffee shops are usually good (but make sure they have no security cameras and a public toilet – more on that later). Or you can hijack wifi from a publicly available, unsecured connection (think a neighbor who doesn’t have a password on his router… but make sure it’s not actually a neighbor. This is why I prefer coffee shops). Sit in the back, somewhere private.
  4. A VPN connection.
  5. Friends and family you absolutely trust.
  6. An appropriate level of personal protection before you start leaking. This could be as simple as travelling out-of-state for a while, or as costly as hiring armed security and installing a panic room in your home. I’ll let you determine what’s appropriate, based on your own good judgment.

The goals of having all this in place are to

  1. Keep you alive.
  2. Keep you free from harm.
  3. Keep your ID safe and secure.

We can do all three, if we’re smart.

Part 1) Meatspace plans:

So you’ve made the decision to leak online. Good. The world thanks you.

The first thing you need to do is this:

GET RID OF YOUR PHONE.

Don’t bring it with you ANYWHERE. Don’t talk about sensitive things over it. Don’t even talk about sensitive things IN THE SAME ROOM as your phone, because it is always listening and transcribing everything you say.

When travelling to our hypothetical coffee shop, you’re not bringing your phone with you, because it tracks where you go (even if you tell it not to).

If you ignore this rule, you will be caught.

If you need a phone for emergencies, buy a physical prepaid burner with cash, and stuff it in your glove box, powered off.

The second thing you need to do is:

Be careful and plan ahead.

What this means is this:

Write out and plan your drops beforehand.

Whatever it is you want to say, make sure you have, at the very least, a VERY good idea of what you’re going to say. I would even recommend writing them out on paper beforehand, perhaps in a notebook. When you are done, you can destroy the papers (either by ripping them up and flushing them down said coffee shop toilet), or through other means (though I highly recommend doing this as soon as you’re done dropping.

When you are planning your drops, keep them as short as you can.

An economy of words is always best. You’re not trying to impress anyone with your linguistic prowess.

Make sure there is nothing in your drops that could personally identify you.

Plausible deniability only goes so far. For instance, if you know that, say, David Geffen ordered a hit because you two were the only ones in his office when he was on the phone with his favorite hitman, he’s going to figure out pretty quickly who’s squealing, and send that hitman after you.

If you have a lot of personally identifying drops…

Create a deadman’s switch. There are a couple ways to do this. One would be to give individuals you know and trust encrypted USB drives, and to put the password to those drives in a safety deposit box. Grant them access to the safety deposit box, in case you were ever to pass away.

Another method is similar, but digital and automated. I can not vouch for the security of this service, but if you were to do the exact same thing as above – give out encrypted USB drives to individuals you trust – you can use http://www.deadman.io/ to automatically send them the password.

Deadman.IO - a digital dead man’s switch

DEADMAN.IO

Just know, if you are setting this up, you need to keep a few things in mind:

You absolutely have to trust these people.

You may be putting them in danger by asking them to do this for you.

That’s not the worst thing in the world, and in all likelihood, they’ll be very concerned and start asking you all kinds of questions. You can share your goals with them, but not specific details. The less they know, the better. It’s important that they’re onboard with “your mission” while simultaneously knowing as little as possible.

They need to know what do do with the information, should you come to an unfortunate end.

PLAN the next steps with them. Give them specific instructions. Say something like, “If I die, I’m going to need you to upload the contents of this drive to 8ch.net/qresearch.” I would even leave a file called “INSTRUCTIONS.txt” on the drive itself laying out step-by-step what you want them to do, and how you want them to do it.

Obviously, don’t just leave this with grandma, who not only doesn’t know how to use a computer, but will also freak out and go to a corrupt police department only to hand over the drive and the password, never to see it again.

I mean… unless you want to see your grandma in the afterlife shortly after you appear there.

Oh, and if you HAVE to buy the coffee and pastry when you finally get to that little coffee shop – DON’T USE YOUR CREDIT CARD!

Use cash. Last thing you want is a financial record of you being there.

Part 2) Digital Tools:

It’s time to get technical.

Okay, enough of that silliness.

Creating Deadman Drives

If you’re going to make Encrypted USB drives to go along with your deadman switch, you’ll need a program called Veracrypt, which you can get below. As of this writing, the Latest Stable Release is version 1.22 (Friday March 30, 2018):

VeraCrypt - Free Open source disk encryption with strong security for the Paranoid

VeraCrypt - Free Open source disk encryption with strong security for the Paranoid


VeraCrypt is free open-source disk encryption software for Windows, Mac OS X and Linux. In case an attacker forces you to reveal the password, VeraCrypt provides plausible deniability. In contrast to file encryption, data encryption performed by VeraCrypt is real-time (on-the-fly), automatic, transparent, needs very little memory, and does not involve temporary unencrypted files.

www.veracrypt.fr WWW.VERACRYPT.FR

Here’s a video tutorial on how to use it. It’s pretty straightforward. These things won’t open without a password. If you fail to check in with your deadman switch service, that password get sent to your deadman switch holders.

Creating a Secure Laptop

I may say something that might shock you, if you weren’t already aware of this fact.

Your normal laptop isn’t secure!

No, if you WANT to get caught, do your drops on Windows or Mac OS.

You have to use something more secure; something designed for safety and security and TOTAL PRIVACY.

You’re going to be using TAILS.

TAILS is a linux-based system that is designed to erase all traces of your activity after using it. You plug in your USB stick, boot your computer from that stick, and anything you do on the OS while its running will be erased when you turn off your computer. No traces whatsoever.

It’s configured to run all internet traffic through TOR out-of-the-box, and it comes with built-in MAC address spoofing by default. So even if someone managed to track you (through the TOR onion network, which is no small feat) – they would still have no idea what the source was, because you’ve spoofed your MAC address.

Now, you can buy USB sticks with it pre-installed from some third party vendors, and while this is easier, I think it’s much more secure to just download a copy of the OS yourself and install it on your drives manually.

It’s a bit of a pain, but it’s much more secure.

This video will explain how to do this, but the alternate course of action – and this might be a bit simpler, if a bit more expensive – would be to just install TAILS to a “burner” computer. Say you went online and bought a cheap windows machine for 200 or 300 bucks. That would be suitable for this. But in case you don’t want to do that, this is how you proceed:

Here are the links you’ll need to get this done:

Tails - Download and install Tails

Tails - Download and install Tails

tails.boum.org TAILS.BOUM.ORG

Universal USB Installer - Easy as 1 2 3 | USB Pen Drive Linux

Universal USB Installer - Easy as 1 2 3 | USB Pen Drive Linux


Universal USB Installer aka UUI is a Live Linux Bootable USB Creator that allows you to choose from a selection …

USB Pen Drive Linux USB PEN DRIVE LINUX

Once you’re up and running, you’re going to be using the TOR Browser to get online with TAILS.

The TOR network is interesting because it is basically what allows one to get on to the “dark web” by creating a network of nodes, and in theory, your data gets split between all these nodes and randomized, and the theory goes that anyone can operate a node, but in actuality, this means that intelligence agencies are also operating TOR nodes. So what they could do to potentially track you is correlate the data flowing from your entrance node to whatever exit node it’s landing and, and get a match, thereby tracking your IP.

But this is pretty difficult to do, and it’s why you’re using public wifi in said hypothetical coffee shop (ideally, out of state, or at least several hours from your home).

Even if you are tracked, it’s not going back to your home, or place of work. It’s going to some random public coffee shop, where hundreds, if not thousands of people go every day.

All that’s left is for you to actually drive to our hypothetical coffee shop (without your phone), buy your coffee and croissant (with cash) and drop what you have to drop.

Head over to: 8ch.net/qresearch, join the latest Qresearch General thread, and get dropping!

Move as quickly as you can. Don’t linger. Say what you need to say. Get in and get out. Once you’re done, shut down the system, unplug the tails drive, and head home. You can keep the TAILS USB drives, in case you need to use them again. They won’t have any incriminating info on them. Or, if you’re paranoid, you can destroy them completely (and heck, even the “burner” laptop, if you so choose).

Civilians can’t do much better than this when it comes to whistleblowing. If you’re smart, you’ll be safe. And these are by far the only how-to guides on how to do this kind of stuff. I was just trying to compile a bunch of resources here to make it (relatively) easy for someone like you to get started with this, but if you need more help – yes, search youtube. Yes, look all over online. There are TONS of tutorials that can help you get up and running safely and securely.

Godspeed, whistleblowers.

Let’s take down #TheCabal together.

1 Like

Really good info!! Opsec a day keeps the baddies away. :stuck_out_tongue_winking_eye: