[OPSEC/Computer] So I'm probably not using the best OpSec, could anyone help me out a bit? I've done research myself but some how it never works right.

Okay, so I've been using PGP for anything sensitive (Address, tracking, ect.), 2 F.A. to log in, PGP key on a pin drive, unique passwords, reddit only through TOR, check tracking through public wifi, and don't save any incrimination evidence on computer.

I'm guessing this is minimal compared to some users on here. So I want to upgrade, rather safe than sorry right? Could some of you OpSec pro's point me toward a walk-through on a few programs? Also have a few questions, I know I'm probably coming off as lazy but I've done a good bit of searching and everything I did wouldn't run right so I came here.

Back when I first started, I created my PGP on iGolder (not smart, I know), guessing I should start off by making a new one on a more secure PGP provider?

Is running off a Mac not safe?

Could someone point me to a in-depth Tails guide for Mac? The one I used previously led me to not being able to use it.

Best service to use for PGP? Preferably one that can be ran off of USB.

Can someone explain VPN and Virtual Computer (or whatever it's called) and if they're needed or over kill?

Sorry for asking all the questions but the help is much appreciated.

Thanks in advance.


Comments


[6 Points] supervillain_:

Using a mac is your first flaw.


[3 Points] Jay-__:

http://www.reddit.com/r/DarkNetMarketsNoobs - read the sidebar there to find a few guides - if you haven't already.


[1 Points] None:

https://www.youtube.com/watch?v=Ivf9Q-Nr3nM

The tails tutorial is a bit old, but just give it a watch to see what you can do. I haven't tried it on Mac OS Yosemite, but anything before that should be fine. I personally believe you should just get a VPN, just so that your ISP can't see you using tor.


[1 Points] al_eberia:

Definitely create a new PGP key. I would recommend using http://www.gpg4usb.org, it is probably the easiest program to use.


[1 Points] The_Free_Marketeers:

Mac are really finicky about running TAILS. I finally got it to work on my sister's computer (she has a mac), but it only runs about half the time. I can't remember what I did to get it to work, but I'll say two things: there should be a guide that you can google which tells you to run the disk image you'll be using for TAILS through a script called (I think) isohybdrid.pl, or something like that. It was def a perl script. Also, TAILS 1.2.3 works TONS better on her mac than 1.2.2. By "better" I mean it actually works. 1.2.2 didn't.

Luckily, I have my Acer to fall back on!


[1 Points] throwaway:

Can someone explain VPN and Virtual Computer (or whatever it's called) and if they're needed or over kill?

Without an isolating proxy, running the TBB in tails or out is inherently unsafe because it's based on firefox, which is really struggling with security design flaws. It's only a matter of time before a major deanonymization catastrophe befalls tails users. It may have happened already. If you're serious about maintaining your privacy/anonymity, use whonix instead of tails.

Advanced privacy guides. Highly recommended.


[1 Points] sweeterthanpoppy:

If you can get TAILS to run on your MAC and you feel you HAVE to use a VPN service, you should look into the various providers out there VERY CAREFULLY - like research them throughly and DON'T use a free VPN provider. There are several that take bitcoins or even giftcards to ensure anonimity. Reddit has a ton of info on various VPN providers, so searching is a good starting point. Once you choose a VPN provider, then get a router compatible with Tomato firmware/DDWRT and flash it with many open souce firmwares out there that offer VPN support. The reason I say this is that you can fuck up TAILS trying to get your VPN to work with your computer while running it's running TAILS. If you run your VPN through a router, it makes it so much easier and you don't have to worry about screwing up the security in TAILS.