Sam Bent's avatar
Sam Bent
contact@sambent.com
npub1y7rv...d0r3
Agorist. Counter-economist. Privacy maximalist. Student of OPSEC. Anti-authoritarian. Free speech absolutist. Logician. Ex-Darknet Vendor. Youtuber.
Sam Bent's avatar
SamBent 5 hours ago
The government's first lesson to every kid entrepreneur is that your labor belongs to them first. image
Sam Bent's avatar
SamBent 10 hours ago
#OPSEC365 112/365 Facial recognition is running on you in stores, stadiums, and airports without your knowledge. Clearview AI scraped billions of photos from social media to build a searchable database used by law enforcement and private companies. Madison Square Garden uses facial recognition to ban lawyers suing the company from attending events. Walking through a public space puts your face into multiple of these systems at once. #OPSEC365
Sam Bent's avatar
SamBent 16 hours ago
#OPSEC365 111/365 Your Tesla logs every trip, stop, and charge with timestamps and GPS coordinates. All modern connected cars do this. GM, Ford, and BMW all collect driving data. Some sell it to insurers. Tesla's telemetry has been subpoenaed in criminal cases and divorces, placing drivers at specific locations at specific times. Before you drive somewhere you'd rather not have on record, your car is taking notes. #OPSEC365
Sam Bent's avatar
SamBent yesterday
The network stays decentralized because random people in basements run nodes, and you should be one of them. image
Sam Bent's avatar
SamBent yesterday
Delisted from exchanges, banned from on-ramps, attacked by regulators, and still the default currency of every serious darknet market. image
Sam Bent's avatar
SamBent yesterday
[fixed link] Three countries' intelligence tools sit in the quote your local cops bought, Italian hardware, Israeli Unit 8200 spyware, US ex-special-forces resellers. The same gear used on foreign targets now tracks you on a public road you paid for. image
Sam Bent's avatar
SamBent yesterday
#OPSEC365 110/365 Counter-surveillance operators think like the team they are trying to detect. Jenkins describes the core CS drill: walk the route and ask where you'd put the trigger if you were running monitoring, where you'd cover the exit. Then observe those positions from a vantage that doesn't match them.
Sam Bent's avatar
SamBent yesterday
#OPSEC365 109/365 Smart meters report your electricity usage in near real time. Usage patterns reveal when you are home, when you sleep, and how many people live with you. Utilities share this data for demand planning. Researchers have reconstructed household activities from smart meter data alone. At fifteen-minute intervals, the meter mainly exposes occupancy and sleep schedule. Appliance-level identification needs sub-second sampling. #OPSEC365
Sam Bent's avatar
SamBent 2 days ago
The CIA doesn't do interviews about Monero.Tell me more about your transparent fed coin and the L2 duct tape you bolt on to pretend it's private.Use Monero. Privacy at the protocol level since 2014.Maxis, chimp out below.Credit: Anthony Pompliano
Sam Bent's avatar
SamBent 2 days ago
#OPSEC365 108/365 Keycard systems log every door you badge through. Building access at work, hotel rooms, parking garages, gyms with keycard entry. Each swipe creates a timestamped record of where you were. This data can be subpoenaed, requested by employers, or exposed in breaches. Every badge swipe in a building you've ever worked in is retrievable under subpoena. #OPSEC365
Sam Bent's avatar
SamBent 2 days ago
A 25-word seed phrase memorized means your entire net worth crosses any border inside your skull. image
Sam Bent's avatar
SamBent 2 days ago
They say MAC randomization protects you. If it worked, they wouldn't bother collecting it. Naval Academy researchers showed Apple's Bluetooth leaks the real MAC anyway.
Sam Bent's avatar
SamBent 2 days ago
Markets form wherever there's demand, and the only people who try to stop them are the ones who can't compete. image
Sam Bent's avatar
SamBent 2 days ago
#OPSEC365 107/365 Threat profiling separates adversary intent from capability. A stalker: high intent, low technical capability. A state actor: high capability, likely zero intent against you. A data broker: moderate capability, zero intent, indiscriminate collection. Countermeasures should target the intent-capability combination of your actual adversaries: usually an ex-partner, an employer, or a data broker, not a state actor. #OPSEC365
Sam Bent's avatar
SamBent 2 days ago
#OPSEC365 106/365 Indicators are observable actions an adversary can piece together to derive critical information. Your podcast history alone means nothing. Combined with location data, purchase history, and search queries, it builds a behavioral profile. The aggregated profile is your real exposure. No single data point reveals much. The combination reveals nearly everything. #OPSEC365
Sam Bent's avatar
SamBent 1 week ago
#OPSEC365 105/365 Interview scheduling apps reveal when employees are job hunting. Calendly links shared with recruiters, interview blocks visible to curious coworkers, reference calls to colleagues who might mention it. The process of finding a new job creates signals that your current employer might notice. Recruiter activity on LinkedIn is visible to your current employer's HR team. Use personal email and phone for job searches. Schedule interviews outside work hours when possible. Create separate scheduling links for interviews. Be careful colleagues you trust with references until you're ready to announce.
Sam Bent's avatar
SamBent 1 week ago
#OPSEC365 104/365 Emergency contact information spreads further than you'd expect. The person you list on forms at work, gyms, schools, and medical offices can be called and given information about you. Some organizations share this data with third parties. Your emergency contact now has their phone number in a system they didn't sign up for. Your emergency contact never agreed to have their phone number entered into that system. Your emergency contact's phone number enters databases they didn't consent to join. For your own privacy, consider whether every form that asks for emergency contact actually needs one. For time-sensitive emergencies, yes. For gym memberships and newsletter signups, probably not.