OPSEC 101 — Stop Being Naked Online in 7 Steps
OPSEC 101 — Stop Being Naked Online in 7 StepsYour IP, your email, your browser, your phone number — every single one is snitching on you right now. Here’s how to shut them all up.
Operational Security isn’t optional anymore. It’s the difference between being invisible and being an open book.
Most people think “private browsing” or a free VPN makes them safe. It doesn’t. Not even close. Your ISP still sees everything. Websites still know your IP. Your browser fingerprint is unique. And if you’re using your real phone number on anything — you’re already cooked. This guide fixes all of that, one layer at a time.*
🔍 Step 1 — Check How Exposed You Are Right Now
Before you fix anything, see how bad the damage is. These tools show you exactly what the internet sees when you connect.
| Tool | What It Shows You | Link |
|---|---|---|
| Whoer | Your IP, location, DNS, browser fingerprint — everything a website sees about you in one page | whoer.net |
| IPHey | Advanced fingerprint check — how unique and trackable your browser setup is | iphey.com |
| Scamalytics | Your IP’s fraud score — how suspicious your connection looks to websites | scamalytics.com |
| Have I Been Pwned | Check if your email or passwords have been leaked in data breaches | haveibeenpwned.com |
| DNS Leak Test | Check if your VPN/proxy is actually working or leaking your real DNS | dnsleaktest.com |
Do this first. Visit whoer.net right now. If it shows your real city, real IP, and real ISP — congrats, you’re completely naked online. Everything below fixes that.
📧 Step 2 — Kill Your Real Email
Your Gmail/Outlook/Yahoo is tied to your real name, phone number, recovery info, and years of history. Stop using it for anything that matters.
| Service | What It Does | Link |
|---|---|---|
| ProtonMail | Encrypted email based in Switzerland. No phone number required. End-to-end encrypted by default | proton.me/mail |
| Cock.li | Anonymous email. No personal info needed to sign up. Multiple domains available | cock.li |
| Reusable.email | Disposable email addresses — use once, throw away. Perfect for signups you don’t care about | reusable.email |
| YOPmail | Instant throwaway inbox. No signup needed. Just pick a name and start receiving emails | yopmail.com |
| OnionMail | Email service accessible through Tor. Maximum anonymity | onionmail.org |
| Thunderbird | Open-source email client. Keeps your email local instead of on someone else’s server | thunderbird.net |
The rule: ProtonMail for anything important. Disposable emails for everything else. Your real email should never touch anything sensitive.
🌐 Step 3 — Your Browser Is a Snitch. Replace It.
Your regular browser (Chrome, Edge, Safari) sends your fingerprint, cookies, location, and browsing history to everyone who asks. Anti-detect browsers make you look like a different person every session.
| Browser | What It Does | Best For | Link |
|---|---|---|---|
| Tor Browser | Routes all traffic through 3 encrypted nodes. Your IP is invisible. The gold standard | Maximum anonymity | torproject.org |
| LibreWolf | Firefox but with all the tracking and telemetry ripped out. No phone-home nonsense | Daily privacy browsing | librewolf.net |
| Brave | Built-in ad/tracker blocking, Tor tab option. Good middle ground between usability and privacy | People who want privacy but not complexity | brave.com |
| Whonix | Entire operating system that runs through Tor. Everything is anonymous by design | Serious threat models | whonix.org |
| Octo Browser | Anti-detect browser — spoofs your fingerprint, manages multiple profiles | Multi-account management | octobrowser.net |
| Dolphin Anty | Free anti-detect browser with built-in proxy support (ASocks). Budget Octo alternative | People who can’t afford Octo | dolphin-anty.com |
| Che Browser | Anti-detect browser with promo code support | Multi-profile setups | chebrowser.site |
| Linken Sphere | Advanced anti-detect browser for professionals | High-level fingerprint spoofing | ls.app |
Minimum setup: LibreWolf for daily use + Tor for anything sensitive. If you’re doing anything involving multiple accounts, you need an anti-detect browser.
🧅 Step 4 — Route Everything Through Tor (The Real Way)
Here’s what most people don’t understand: “Private browsing” doesn’t do shit. Your ISP still sees every site you visit. Your IP still gets logged everywhere. Private tabs just stop your browser from saving history locally. That’s it. The websites, your ISP, your employer, anyone on your WiFi — they all still see everything.
Tor actually fixes this by routing your traffic through 3 encrypted relay points worldwide. Nobody — not your ISP, not the website, not even Tor itself — can see both who you are AND what you’re doing.
iPhone/iOS Setup:
| Step | What To Do |
|---|---|
| 1 | Download Orbot and connect |
| 2 | Go to Settings → Wi-Fi → tap the “i” on your network |
| 3 | Scroll to Configure DNS → Manual → remove all DNS servers → add 127.0.0.1 |
| 4 | Go to Configure Proxy → Manual → Server: 127.0.0.1 → Port: 9050 |
| 5 | Verify at check.torproject.org — should say “configured to use Tor” |
| 6 | Test for DNS leaks at dnsleaktest.com |
Windows 11 Setup:
| Step | What To Do |
|---|---|
| 1 | Install Proton VPN — enable kill switch (if VPN drops, internet cuts — no leaks) |
| 2 | Install Dolphin Anty (free) or Octo Browser (paid) |
| 3 | Use Dolphin’s built-in ASocks proxy or add your own proxy |
| 4 | For Tor routing: same proxy config — 127.0.0.1:9050 |
DNS leaks = your VPN/Tor breaks and your real connection shows through. Always test after setup. If dnsleaktest shows your real ISP — something’s wrong.
📱 Step 5 — Harden Your Telegram (It's Not Private By Default)
Telegram is convenient. It’s also not your friend. Regular chats are stored in plaintext on their servers. They’ve handed over IP addresses and phone numbers to governments. If you’re not hardening your setup, everything you type is one warrant away from being evidence.
Enable Secret Chats (End-to-End Encryption)
Regular Telegram chats? Not encrypted end-to-end. Telegram can read them. Secret Chats encrypt from your device to the recipient’s device — nobody in between can see anything. Not even Telegram.
| Tradeoff | Secret Chats |
|---|---|
| Both users need to be online to start | Yes — encryption keys need to exchange |
| Can’t access from multiple devices | Correct — keys are device-specific |
| Self-destruct timer available | Yes — messages auto-delete |
| Actually encrypted end-to-end | Yes — unlike regular chats |
Fix Your Phone Number
Your phone number is the single biggest link back to your real identity on Telegram.
| Method | Security Level | Problem |
|---|---|---|
| Your real number |  Zero |
Directly tied to your ID, carrier records, location |
| Online SMS services (SMSPool etc.) |  Low |
Numbers are public — anyone can try logging into your account |
| Burner prepaid SIM | Medium |
Deactivates if unused, purchase creates camera/witness trail, need the number again if logged out |
| Telegram Private Number (TON crypto) |  High |
Linked only to your TON wallet. No physical purchase, no traces, no deactivation risk. Expensive but it’s the only real solution |
Route Telegram Through Tor
Telegram has a built-in proxy feature. If you’re running Tor (Orbot on mobile), point Telegram’s proxy settings to 127.0.0.1:9050. All your Telegram traffic now routes through Tor. If Tor drops, nothing gets sent — zero leaks.
💱 Step 6 — Move Money Without a Trail
| Service | What It Does | Link |
|---|---|---|
| Bisq | Decentralized Bitcoin exchange — no KYC, no account, peer-to-peer trading | bisq.network |
| BestChange | Aggregator that compares rates across crypto exchangers — find the best deal | bestchange.com |
| @change | Telegram-based exchange bot | Search @change on Telegram |
| QuMix | Bitcoin mixer — breaks the link between sender and receiver by mixing your coins with others | qumix.money |
The chain: Buy crypto on a no-KYC exchange → mix it → spend from a fresh wallet. The original purchase can’t be traced to the final transaction.
🔧 Step 7 — Extra Tools for the Paranoid (Good Paranoid)
| Tool | What It Does | Link |
|---|---|---|
| Tox | Peer-to-peer encrypted messenger. No servers in between. No phone number needed | tox.chat |
| OnionShare | Anonymous peer-to-peer file sharing through Tor. No cloud, no middleman | onionshare.org |
| HoneyDB | Database of attack logs from honeypots across the internet. See what’s attacking what | honeydb.io |
| IDA Pro | Binary analysis — decompile suspicious software to see what it actually does | hex-rays.com/ida-pro |
Quick Hits
| Want To | Do This |
|---|---|
 See how exposed you are |
whoer.net — takes 5 seconds |
 Get an anonymous email |
proton.me/mail — free, encrypted, Swiss |
 Browse without being tracked |
Tor Browser — the baseline |
 Secure Telegram properly |
Secret Chats + TON private number + Tor proxy |
 Move crypto anonymously |
Bisq → QuMix → fresh wallet |
 Check for leaks |
dnsleaktest.com + check.torproject.org |
Privacy isn’t a feature you turn on. It’s a system you build — layer by layer. Start now or stay naked online. Your call.
!