this post was submitted on 14 Jan 2025
2 points (60.0% liked)

Operations Security (OPSEC)

241 readers
1 users here now

Welcome to the first operations security (OPSEC) community on Lemmy!

This is a space dedicated to discussing, sharing, and learning about operational security practices. Whether you are a business owner, a cybersecurity expert, or just a regular person, you can always benefit from a little extra OPSEC in your life.

Community Guidelines

As we belong to all of their guidelines apply on top of ours.

  1. Stay on topic:

    • Keep discussions related to OPSEC only
    • If your post is about this community instead of OPSEC, prepend the prefix [META] to the title
    • For the sake of organization, please label your posts with prefixes such as [NEWS], [GUIDE], [QUESTION], [MEME], and so on. While this isn't standardized nor enforced, it helps keep everything nice and neat
  2. No illegal content:

    • Do not discuss, promote, or engage in illegal activities
    • While OPSEC can be used for criminal activity, we will not offer assistance to anyone planning to use it for such
  3. Quality Content:

    • Provide only good, factual and credible advice
    • Avoid spreading misinformation or unverified claims
    • Avoid low-effort posts, spam and sensationalism
    • Copypastas are allowed only as comments and if related to the post or parent comment.
    • Do not post AI-generated content; anyone can ask ChatGPT for assistance so do what you do best: be a human
    • Anyone giving blatantly false advice will be permanently banned
  4. No Self-Promotion:

    • Refrain from excessive self-promotion or advertising
    • Occasional sharing of personal projects is allowed if it benefits the community
  5. Threat Models:

    • Do not ask for advice without mentioning your threat model
    • Do not provide advice ridiculously outside the asker's threat model
    • Do not provide advice without knowing the asker's threat model (except when providing general advice to the community)

What is OPSEC?

Operations security (OPSEC) is a process that identifies critical information to determine whether friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information.

In simpler terms, it is the process of finding vulnerabilities that an adversary could exploit and patching them, thereby reducing your attack surface.

OPSEC is NOT a synonym for cybersecurity. It can encompass it; however, it also revolves around physical security.

Useful resources

founded 7 months ago

This post contains a canary message that's cryptographically signed by the official BusKill PGP release key

BusKill Canary #009
The BusKill project just published their Warrant Canary #009

For more information about BusKill canaries, see:

Hash: SHA512

Status: All good
Release: 2025-01-14
Period: 2025-01-01 to 2025-06-01
Expiry: 2025-06-30


The BusKill Team who have digitally signed this file [1]
state the following:

1. The date of issue of this canary is January 14, 2025.

2. The current BusKill Signing Key (2020.07) is

   E0AF FF57 DC00 FBE0 5635  8761 4AE2 1E19 36CE 786A

3. We positively confirm, to the best of our knowledge, that the 
   integrity of our systems are sound: all our infrastructure is in our 
   control, we have not been compromised or suffered a data breach, we 
   have not disclosed any private keys, we have not introduced any 
   backdoors, and we have not been forced to modify our system to allow 
   access or information leakage to a third party in any way.

4. We plan to publish the next of these canary statements before the
   Expiry date listed above. Special note should be taken if no new
   canary is published by that time or if the list of statements changes
   without plausible explanation.

Special announcements


Disclaimers and notes

This canary scheme is not infallible. Although signing the 
declaration makes it very difficult for a third party to produce 
arbitrary declarations, it does not prevent them from using force or 
other means, like blackmail or compromising the signers' laptops, to 
coerce us to produce false declarations.

The news feeds quoted below (Proof of freshness) serves to 
demonstrate that this canary could not have been created prior to the 
date stated. It shows that a series of canaries was not created in 

This declaration is merely a best effort and is provided without any 
guarantee or warranty. It is not legally binding in any way to 
anybody. None of the signers should be ever held legally responsible 
for any of the statements made here.

Proof of freshness

14 Jan 25 01:01:33 UTC

Source: DER SPIEGEL - International (
A Miracle? Pope Francis Helps Transsexual Prostitutes in Rome
Boost for the Right Wing: Why Did a German Newspaper Help Elon Musk Interfere in German Politics?

Source: NYT > World News (
What an Upended Mideast Means for Trump and U.S. Gulf Allies
Russia and Ukraine Battle Inside Kursk, With Waves of Tanks, Drones and North Koreans

Source: BBC News - World (
Gaza ceasefire deal being finalised, Palestinian official tells BBC
Watch: Moment man is saved from burning LA home

Source: Bitcoin Blockchain (





To view all past canaries, see:

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

What is BusKill? (Explainer Video)
Watch the BusKill Explainer Video for more info

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 weeks ago (4 children)

Okay I'll ask, what does this mean?

[–] [email protected] 2 points 3 weeks ago (3 children)

It means we can authentically say that we have not been served an NSL to install backdoors into our software or hardware. Here's two historical examples of this happening:


A warrant canary is a mechanism to let our users know that we may have been served an NSL and forced to install backdoors into our software or hardware.

[–] [email protected] 1 points 3 weeks ago (2 children)

I guess how does the signature prevent you from lying? I'm genuinely curious

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

The signature proves that the message has the property of authenticity -- that is, anyone with our public key (which is published publicly) can prove (with math) that only someone with the private key (which is kept very well-protected and only I have access-to) was able to sign the enclosed message.

How can you prove that I'm not lying? That's a social problem. It's not solved by technology; it's solved with reputation.

I think I've demonstrated my commitment to my community, but ultimately you have to decide if you trust me.

[–] [email protected] 1 points 3 weeks ago

Got it, I thought it was some hashing thing that would call out if something had happened, which I guess it does, I was wondering if there was something in code that would be forcibly changed so that trust would be broken