When this Substack got moving in 2023 the first thing we did was thirty days of orientation - a boot camp. The seventeen articles listed here were presented in an effort to bring brand new people up to speed in terms of creeping around on the internet without having bad actors follow them home. Some of them remain relevant today, while others have aged out.
Two years later things are SO much worse than I ever imagined and theyâre going to escalate. If you plan on even watching whatâs happening, if youâve just got a friend or relative who is now compelled to act, you need to cover your behind.
This September we are going to talk a lot about things, but theyâll be simpler than prior work, because weâve got a lot of newly concerned folks milling around asking questions. If you have no idea what to do, come on in, weâll try to provide help.
Most articles here will have an ACN like the one you see below. This always explains why you would NOT want to read a specific article. For Reboot Camp, the regulars here already do more advanced stuff, and donât need review.
Attention Conservation Notice:
Iâve been roaming around the dirty end of the playing field for the last fifteen years, and getting my hooks into hostile foreign intel operations on occasion, see the PressTV piece in the masthead as an example. Reboot Camp is NOT going to be at that level, itâs for the newly awakened observers. If youâre used to traversing the Kingdom of Shadows, you can probably skip this.
Boot Camp 2023:
Here are the seventeen pieces from the original bootcamp. The ones with âevergreenâ in the description are the must-reads. The rest are marked up a bit, you can decide if you have time.
Looking Down From On High - the big picture in 2023 that got me moving. Only read if you really want deep history on this Substack.
Reading:Required & Recommended - the expected audience in 2023 was actors, collectors, and analysts, so this is very deep âsecret squirrelâ reading. Not at all appropriate for new people.
What Hunts You? - evergreen advice on characterizing your threat model before you start making security related changes. This is an accessible inventory of what sorts of threat groups you might encounter starting out.
Situational Awareness - if you REALLY want to pay close attention to stuff, thereâs a lot cost recipe in here. If you are âtop coverâ for that friend or family member who just can not sit still, you probably want to read this one.
Regarding Your Ass - advice on âcompartmentalizationâ, which means keeping separate environments that are not your real life. This is worth looking at if youâre going to shadow that friend/family member, but way too much otherwise.
Prepared Prowler - this is what I would do two years ago when I needed to go poke around on the internet. If you are not already using a hypervisor like VirtualBox and familiar with Linux, it will read like a foreign language.
Post Prowl Pondering - personal musings after a day of creeping around back in late 2023, this is meant for the would-be actors reading this.
Cultural Collateral - all about alternate reality games, influence operations, and the state of American society. Insanely deep stuff not at all related to personal security, this was meant for the actors/collectors/analysts of 2023, not new people.
The Shape Of Cyberspace - this is a moderately technical article I periodically publish that explains the internet in more familiar terms. If youâre looking at articles about who did what to whom and itâs fully of technology terms you donât understand, start here.
Occupational Specialties - this is about what a typical irregular unit looks like. If youâre here because youâre going to shadow that friend/family member, better read this evergreen piece.
Get Started With Inoreader - this is evergreen for those who want to track things in great detail. If youâre just a casual participant, will be way too much.
Get Started With Maltego - serious analyst tool, I periodically publish articles on this, often making the files I use available. If youâre not setting out to become a pentester or threat hunter, this is not for you.
Reality Under Siege - My big picture complaint about the assault on reality, closes with a âwhat would you have doneâ. Iâm glad I re-read this in 2025, not sure if youâd feel the same.
Protect Your Accounts With Authy - evergreen advice regarding two factor authentication. Everybody should have 2FA on every account, and do NOT assume that something that texts you a login code is going to be safe.
Stop Ingesting Crap - the greenest of evergreen advice. Weâve been facing Russiaâs assault on reality for more than a decade and thereâs a LOT of nonsense out there. This will help you deal with this worst of it quickly.
Cat Herder - A social movement working group went sideways, one of those specialty nodes, and it got caught in a rabbit hole. I grabbed both back legs, pulled as hard as I could, but they were firmly stuck and wiggling deeper. One of the hardest things to do is recognize that casualties are inevitable, and then just walk off before you become one of them.
The End Of The Beginning - a grim final assessment for the month, comparing our current condition to that time between the Titanic hitting the iceberg and the fantail slipping beneath the waves.
Reboot Camp 2025:
OK, so 2023 was meant for secret squirrel induction. I think the incoming folks here in 2025 are better served by content meant for the concerned parents watching their young adult child becoming politically active.
That being said, weâre going to harden against a bunch of the normal crap you might run into out there, and do a little extra work to harden against repression.
This is the stuff I think I need to cover:
Android mobile devices.
Apple mobile devices.
Phone location protection.
Apple computers.
Windows computers.
Antivirus & firewall for each type.
Two factor account protection.
Compartments for normal humans.
Backup & Restore scenarios.
Reality based VPN usage.
There are a lot of things that have been discussed here that are across the line from observer into participant world. Weâre going to avoid anything that requires a specialty operating system or a hypervisor. Weâll mention keeping second devices to improve security where it makes sense.
Conclusion:
I find myself in a position where I have to talk to people who are not even going to try to level up to virtualization with the attendant learning. They might be willing to hold on to old devices and reuse them. The challenge for me here is how to address people working at that level, without them feeling like Iâm talking down to them.
If I do a bad job of explaining something, please feel free to message me on the particulars, and if itâs big enough, Iâll write a dedicated post to explain it better.
