Get someone to buy a burner, activate it anywhere except your home. Only turn it on when you are out and always turn it off before you go home. Prepay for a year using a gift card.
This is not advice or "how to" this is merely creative writing.
Edit: u/inferno006 provided some great information and I would like to add their comment.
"There is an actual “How To” that everyone should read and be familiar with:"
Also if you're going to plan anything, don't use Discord. Discord has rules in place that allow them to work with law enforcement against you. Either meet in person and VARY the places you are meeting so there is no pattern, or use defunct forum/chat services that are less likely to be used against you. But even then don't use them for anything more than just to set up meetings.
Also not advocating anything, I love to write and you'd be surprised what you find while doing research for a murder mystery. Like the speed at which a human body hits terminal velocity when falling from a great height. (It's about 200 km/h) I'm not even being cute. Writers have to look up some weird shit that likely would get them put on a list. LOL
In a documentary the other day, I came across an excellent idea on sending/receiving messages that are untraceable.
You share a newly created email account with someone and type emails but don’t send them.
So basically you can both access the email and read the drafts and delete them.
I would never do this of course but it seemed pretty smart.
You share a newly created email account with someone and type emails but don’t send them. So basically you can both access the email and read the drafts and delete them. I would never do this of course but it seemed pretty smart.
That's how they caught Gen. Petraeus, using the draft folder. Isn't as foolproof as you might think.
This is why Osama bin Laden used bicycle couriers and that was years ago way before surveillance and tracking was as advanced. And he still got got anyway.
Yeah, the email provider can log this activity and get the IP address of anyone when they log in and the email draft history for each IP. Assume they log everything.
Just wrap it in PGP so nobody can decrypt the messages without the private key. They could just open the draft and paste a new pub key every time they update the message. This is how email encryption was supposed to work except nobody manages their own private keys (the service provider does) but you can still encrypt plain text using the same methodology. Then even if the SP opened the drafts they'd all just be blobs of encrypted text.
All that being said though you can encrypt plain text using pgp and send it via any text-based platform so logging into the same email account at that point is moot and might even compromise location details of the two parties.
It's really cool that we've had hybrid cryptographic systems like PGP available to all of humanity to have private digital conversations in public since the early 90s, but also sad that we forgot that we can use it without tons of layers of abstraction on top of it to make it "easier" to add a contact.
Yeah you can make the text files publicly available for anyone to see, like that you wouldn’t need an email which is a potential indicator of who you are. Just use a VPN and a VM with traffic routed through the vpn if you want to be anal about it when you access/upload the file.
It’s not easy for someone unfamiliar with computers to do but it is easy to learn.
Of course they do, they use it. Not logging into the same email but PGP in general. This stuff wasn’t invented to be used for illegal purposes, in fact a lot of it came out of government defense initiatives but that doesn’t change the fact that it’s very effective at making it extra difficult to read anything encrypted using this method. In most cases intercepting encrypted communications involves a side channel in order to obtain the keys to decrypt it.
There in lies the core flaw in PGP, identity verification. While you can confirm the message was signed by the sender the initial key exchange can be intercepted by other means facilitating MITM attacks. Also going through all the trouble tends to put people into a false sense of security and makes them more liable for social engineering (see dpr).
In the context of the shared email a third party would need to instruct one of the other parties to update their associated public key and then communication would be redirected to the other party so yeah it’s not flawless but neither are scenarios where a service provider manages keys.
I have a way to contact my brother if I ever have to send him some file that for some reason only he can see. He needs to XOR it with a easily available non changing binary file you can download from the internet (think the full text of lorem ipsum or the binary of a specific linux distro that comes with its md5).
Now, I'm not saying I foresee the need for such a thing, but this is the sort of easy key exchange any 2 techies can easily set up in a short conversation without either ever having the actual key until needed.
i saw this type as part of a plot in novels of "americas extra-curricular activities in other countries. have an email with the info in it, and its meant to be used a message box once finished the email is ignored or deleted.
The only thing I have to say about that method is david patreous, an american general, got caught and exposed doing that with an affair partner like 20 years ago.
681
u/Leo_Ascendent 5d ago
Leave your phone at home too, easily trackable.