OPSEC Guides

A practical GigaTap route for threat modeling, safer habits, compartmentalization, Tor context, and high-risk civil-society workflows.

/guides/opsec GigaTap indexable route

A practical GigaTap route for threat modeling, safer habits, compartmentalization, Tor context, and high-risk civil-society workflows.

What should an OPSEC plan decide before tools?

An OPSEC plan should decide who the adversary is, what they can observe, which mistakes would cause harm, which identities, devices, accounts, and workflows must stay separated, and what recovery steps should happen if a compartment, channel, or device becomes unsafe.

Definitions

Threat model
A practical description of who can harm you, what they can see or control, and which outcomes you are trying to prevent.
Compartmentalization
Keeping identities, accounts, devices, browsers, networks, and communication paths separated so one compromise does not expose everything.
Recovery path
A pre-decided plan for rotating credentials, preserving evidence, contacting trusted parties, or abandoning an unsafe channel.

Comparison

RiskBest first routeWhy it matters
Everyday privacy/guides/privacyMost OPSEC failures start with ordinary metadata and habits.
Network exposure/guides/vpnVPN, Tor, DNS, and client behavior need context-specific use.
High-risk work/articles?category=opsecThreat model and recovery planning come before tool selection.

FAQ

  • Is OPSEC only for high-risk users? No. Everyone has operational habits, but high-risk users need stricter separation, evidence handling, and recovery planning.
  • Should I start with Tor, VPN, or a new account? Start with the threat model. Tool choice depends on whether the problem is network observation, identity linkage, device compromise, or account exposure.
  • What is the most common OPSEC mistake? Mixing identities or workflows and then relying on one privacy tool to undo the linkage later.