This used to be a mirror of the cyberpunked.org page - now it is independently maintained
NOTE: AS OF 2018 all links to the installgentoo wiki have been archived in the wayback machine due to inconsistent uptime issues and volatile hosting on their end. I encourage checking yourself to see if updated versions of those pages are available.
What is Cyberpunk?
Lainchan is dead. (as well as any imageboard which isn't a psyop, honeypot, or cancerous hellhole)
- Use audited cryptography! Do not roll your own. Do not trust others that do (e.g., telegram).
- Harden your OS.
- Encrypt your hard drive (full disk encryption, or FDE for short).
Standard LVM encryption is the best option and should be available when installing your linux distro.
For a disk that is not part of your operating system, a portable drive for example, dmcrypt/LUKS is the best option but veracrypt is available on all platforms. keep in mind your installer may or may not encrypt your GRUB and there are several ways of dealing with that issue which are discussed in the Paranoid #! security guide linked in the introductory resources below. keep in mind disk encryption means nothing to an experienced attacker with physical access if you have not completely shut down your computer and wiped the RAM. As an extra precaution, use a swap file so that your RAM is suspended to your encrypted root partition.
- Encrypt your emails.
PGP is pretty much all we have, but it is all we need.
Your metadata may still be collected. if you care about metadata, use a disposable email account or a trusted provider. suggestions include protonmail, riseup.net, autistici.org or cock.li.
I2P offers their own alternative email services, and there are similair projects like bitmesseage, but they all break compatibility with traditional email services.
Email services using I2P
Bitmessage has not been audited, but aims to hide metadata associated with messages and is P2P.
- Encrypt your instant messages.
Tor Messenger as of now appears to be the most secure way to communicate by default but has no mobile device builds yet
XMPP+OTR is arguably still the most prevalent and reliable way to encrypt instant messages.
I would not depend on anything else. Even if the crypto in other apps is theoretically sound, the implementation fails or the distribution method is inherently flawed (it is proprietary, packages not signed correctly, or has a system of trust prone to user-error). Cryptocat is an unpopular, but good option. telegram, tox, and wickr are fucked. Do not even bother. .
- Use a local password manager (no cloud bullshit).
Any one will work, just make sure you can use it easily on the go. Anything is better than what you are doing now as long as it doesn't phone home somewhere.
- Use strong passwords. make sure they are long and unique.
https://www.xkcd.com/936/ No seriously, read the XKCD.
- Never reuse passwords. Ever.
If you do, consider your password public knowledge.
Bypassing a login wall? Sure. Fuck it. Who cares if someone else uses it.
Anything you care about? No. Absolutely not.
- Better yet, use randomly generated passwords. The best password is one you cannot remember depending on your use-case.
- Check to see whether your passwords or email accounts have been compromised, their complexity or security doesn't matter if they are already on someone's bruteforcing wordlist.
email - passwords This site has been verified as trustworthy and uses the best security practices as of the latest review of this guide, you don't need to be concerned about giving them your information.
- Your new search engine is duckduckgo or searx.
List of online searx instances
- Your new browser is Firefox, however you will be using the ESL version.
Firefox ESL Downloads
- The ESL version still works with all the privacy configurations and addons linked here.
Enter about:config into your url bar and apply the following modifications. Do not bitch about there being too many options. That is the fucking point. You cannot even configure many of these settings in other browsers without modifying its source or building addons.
The changes listed above are unambiguous and unopinionated. You can go a much further than this at the expense of comfort and convenience. Consider modifying some of the settings listed on https://github.com/pyllyukko/user.js/blob/master/user.js depending on the sacrifices you are willing to make for privacy and security.
- Now install your addons.
Required: ublock origin, https everywhere, noscript, blender.
Firefox ESL downloads
- Apply your filters.
Required: easylist, easyprivacy.
- ...and test your results.
- Do not use chrome. Chrome is a closed-source browser by a for-profit corporation. Firefox is an open source browser by a non-profit organization. Use your head.
By the same logic you should not be using Mac-OSX or Windows either, install a linux distrobution.
- Do not use chromium either. It may be open source, but it still phones home.
If you don't believe me, read this: https://www.theregister.co.uk/2015/06/17/debian_chromium_hubbub/ Chromium also sends all the urls you visit to Google and other sites "to check to malware".
- Block malicious sites in your hosts file.
- Use an anonymous VPN. a paid one. Without traffic logs. There are few exceptions to this rule.
One exception is riseup.net's bitmask VPN service.
Do torrent over VPN.
- Use TOR.
Do not torrent over TOR.
- Understand the difference between anonymity, privacy, and security.
Read the resources below to get started.
Hardware Considerations - Laptops
All intel processors newer than 2008 contain vulnerabilities and backdoors.
Intel ME and AMD PSP are both proprietary attack-vectors and in ME's case a confirmed corporate/government backdoor.
If you are really paranoid, use computers with processors from before 2008 and avoid computers with UEFI since that is extremely bloated, vulnerable, and also possibly backdoored.
If you insist on a modern processor and computer look into projects like Libreboot, Coreboot, NERF, and me_cleaner, read up, and carefully consider your options. At the very least order a computer which already has intel_me disabled or allows it to be disabled.
At the moment the safest choice would just be ordering a librebooted Thinkpad X200 or T400 and running an FSF-certified linux distribution.
If you are only severely concerned about intel ME check out this page
to see the current status of the me_cleaner project. Purism now ships laptops with intel me neutered or partially removed
and system76 is working towards getting rid of intel ME on their laptops as well.
Introduction to Cybersecurity
This is an up-to-date and extended clone of cyberpunked.org with quite a few edits, but also retaining most of the original gist. The original cyberpunked.org page was made by Seph and Thufie shortly after lainchan.jp first came into being (now called arisuchan or something). This version is now maintained solely by Thufie. No ill will towards Seph, I just wanted to host a personalized mirror. I also maintain a more personalized collection of links which may or may not be considered "cyberpunk" at thufie.lain.haus on the start page for personal use which is also worth a look. If you are reading this Seph, it was a pleasure.
Last updated December 8, 12018 Human Era by thufie