Defensive OPSEC 101

A short introduction to protecting your digital privacy

For many people, sharing personally identifiable information online is a non-issue. They face no repercussions and only reap the rewards of a digital experience customized to their preferences. But for people who work in sensitive fields— journalists, political activists, vice or adult industries, community organizers—activities as innocuous as online shopping can have tragic unintended consequences. These people know all too well what it’s like to be watched.

Combating the massive government and corporate surveillance apparatus can seem overwhelming if you’re just starting to think about protecting your privacy. The good news is it’s easier than you might think to boost your security online.

If you’ve ever worried about someone snooping through your messages, keeping tabs on your web browsing, or accessing your personal information without your permission, you’re not alone. This post will give you some beginner-friendly definitions and principles of operational security (OPSEC), and then introduce a handful of apps and services that can help you keep your communications and online activity safer from prying eyes.

This list of principles and apps is far from exhaustive. It’s meant to be a starting point to introduce the concepts and tools that can help individuals exercise greater agency in how they share data while engaging in digital spaces.

What is OPSEC (Operational Security)?

Operational Security (OPSEC) is a practice originally developed in the military, but it’s just as useful for everyday internet use. OPSEC means thinking carefully about how you handle sensitive information so you don’t accidentally give away clues that could expose you or people you’re working with. Imagine you have puzzle pieces of information scattered online—OPSEC is about ensuring no one can piece together those clues to harm you or your group.

Basic OPSEC Principles

1. Minimize Information Sharing: The less personal data you share online, the better. That means not using the same usernames everywhere, being cautious about posting personal details like your home address, and resisting the urge to overshare on social media.

2. Use Strong Passwords: Always worth repeating: reusing a simple password like “123456” or “password” across different accounts is like leaving your door unlocked. A long, unique password for each account makes it much harder for hackers to get in.

3. Keep Your Software Updated: Software updates often include security fixes that close loopholes hackers can exploit. Keeping your devices and apps updated means you’re protected against the latest threats.

4. Encrypt Where You Can: Encryption scrambles your data so it looks like nonsense to anyone except the intended recipient. Using encrypted tools helps ensure that even if someone intercepts your data, they can’t read it. Look for end to end encryption (E2E) in services where possible, especially platforms with messaging components.

5. Be Aware of Your Connections: Public Wi-Fi might seem convenient, but it’s often an easy target for eavesdroppers. Try to stick to using secure connections whenever possible to make that less of a risk. Use tools like a Virtual Private Network (VPN) when trusted connections are unavailable.

Privacy & Security Tools

Below are some tools that can help you replace everyday apps and services with more secure, privacy-friendly alternatives. Each tool addresses a common privacy concern and is designed to minimize surveillance and tracking.

1. Signal: Secure Messaging and Calling

• What it is: A free messaging and calling app that uses end-to-end encryption.

• Why it’s safer: Unlike standard SMS or less secure messaging apps, Signal protects your messages so only you and the person you’re talking to can read them. It even encrypts voice and video calls.

• Pros: Open-source, widely trusted by journalists and activists, super easy to use.

• Cons: Requires a phone number to sign up, but you can use a burner number if needed.

2. Tor Browser: Private Web Browsing

• What it is: A free web browser that keeps your online activities private by sending your traffic through multiple “relays” so it’s harder to trace.

• Why it’s safer: Unlike Chrome or Safari, Tor hides your IP address and helps prevent websites, advertisers, and internet service providers from tracking you.

• Pros: Strong anonymity, blocks many tracking techniques right out of the box.

• Cons: It can be slower than normal browsing, and some sites may block Tor traffic.

3. ProtonMail: Encrypted Email

• What it is: A secure, end-to-end encrypted email service based in Switzerland.

• Why it’s safer: Big email providers often scan your emails to sell ads or hand over data when asked. ProtonMail is designed to protect your privacy first.

• Pros: Strong encryption, user-friendly interface.

• Cons: Free storage is limited, and you may need a paid plan if you want more features or more storage space.

4. VPNGate: Community-run private browsing

Note: Proton also operates a free vpn, but highlighting an alternative here in the spirit of client diversity.

• What it is: VPNGate is a free, volunteer-driven academic project from the University of Tsukuba in Japan. It provides a network of VPN servers hosted by volunteers around the world, offering a decentralized and globally distributed VPN solution.

• Why it’s safer: By encrypting your connection and hiding your IP address, VPNGate makes it harder for internet service providers, government censors, or malicious actors to see what you’re doing online.

• Pros: Free of charge, wide selection of volunteer-run servers in many countries

• Cons: speeds, uptime, and reliability vary widely among volunteer servers; support and consistency are not guaranteed

5. KeePassXC: Secure Password Management

• What it is: A free, open-source password manager that stores all your passwords in an encrypted “vault” on your own device.

• Why it’s safer: Instead of writing down passwords or using weak ones, KeePassXC helps you generate and store strong, unique passwords for every account.

• Pros: No company server involved, completely free, highly customizable.

• Cons: You’ll need to manage syncing between devices yourself (or use a secure cloud storage service of your choice).

6. CryptPad: Encrypted Collaboration Tools

• What it is: A free-to-start, end-to-end encrypted alternative to Google Docs and Microsoft Office Online.

• Why it’s safer: Collaborate on documents, spreadsheets, and presentations without giving a tech giant access to your private notes.

• Pros: Easy to use, no one but you and your collaborators can read your files.

• Cons: Fewer features than mainstream tools, and can be slower at times.

7. [ADVANCED] Tails: A Portable Operating System

• What it is: A free, bootable operating system that forces all network traffic through Tor and doesn’t leave traces on the computer you use.

• Why it’s safer: Perfect for sensitive work environments. Once you shut down, all traces disappear from the machine, making it much harder for anyone to find out what you were doing.

• Pros: High-level privacy by default.

• Cons: Slower and less intuitive than your regular OS, plus a learning curve to use effectively.

Putting It All Together

You don’t have to jump into everything all at once, especially if you’re new to digital security. Start with one or two steps: maybe switch your messaging app to Signal or begin using a password manager. Over time, you can adopt more of these tools and practices as they make sense, and you’ll start to feel more confident about your ability to protect your privacy.

Remember, perfect security doesn’t exist. OPSEC is about reducing your risk, making it harder for someone to monitor or harm you. By being mindful of what you share, using strong encryption tools, and staying updated, you’re already taking big strides toward a safer online life.

Comments

[Jugdeep]

Really informative post. Thank you