OPSEC
Now, this is a REALLY IMPORTANT topic. Bad OPSEC (Operations Security) is probably why most hackers get caught easily by those 3-letter-agencies (*cough* FBI/CIA/NSA). If you're about to hack someone/make malware, you better make sure nobody can trace it back to you or you'll surely be in trouble that's rather nice to avoid. I'll make this section a brief dive into anonymity, but I'll include a very nice collection of stuff in the references section.
The Ten Crack Commandments
Funny as it sounds, these 10 are good material for those practising OPSEC (albeit with some modifications).
Never let anyone know how much money you have.
Never let anyone know your next move.
Never trust anyone.
Never use what you sell.
Never sell where you live.
Never take credit.
Keep your family and business completely separated.
Never keep any crack on you.
If you aren't being arrested, stay away from the police.
Consignment is strictly for live men.
Now, here's an OPSEC version of these commandments (source)
Never reveal your operational details
Never reveal your future plans β silence and violence
Never trust anyone
Never confuse recreation with work
Never operate from your own house
Be proactively paranoid, it doesnβt work retroactively
Keep your life and your freedom activities separate
Keep your personal environment contraband free
Donβt ever talk to the police
Donβt give anyone power over you
These 10 are the golden rules to staying safe as a malware dev. (Just good general advice >.>). Follow these and you'll be grand.
I've decided that it'll be nicer to dedicate an entire space for practical OPSEC. So if you wanna know more about how OPSEC works and how you can practice it effectively, here you go:
Last updated