wip adding images

opsecmistakes/index.md

@@ -5,21 +5,7 @@ gitea_url: "http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.
 xmr: 86NCojqYmjwim4NGZzaoLS2ozbLkMaQTnd3VVa9MdW1jVpQbseigSfiCqYGrM1c5rmZ173mrp8RmvPsvspG8jGr99yK3PSs
 ---
 
-to be explained:
-
-    why do you need a clear threat model (to not lose your mind over stuff that won't likely happen while overlooking simple mistakes)
-    why it's very unlikely that hardware 0-day will get you but it's very likely you'll do some dumb thing and deanonymize yourself (wondering about 0-days is overconfidence in most cases)
-    how bad people got caught in the past (what opsec mistakes they made, the stupider the better), give like 3-5 examples
-        the guy who uploaded tar of his entire home directory is my personal fav (Julius Kivimaki)
-        OSDoD mixing personal and business stuff online
-        Pharoah googling why his servers are down (because FBI was imaging them lol)
-        ...
-    threat scenarios (explain each), some examples:
-        physical breach (leaving your laptop unattended at a restaurant or sth)
-        social engineering or phishing
-        reusing the same passwords and using one already breached somewhere
-        ...
-
+![loose lips sink ships](opsec.jpeg)
 
 # OPSEC: the name of the game
 When running any kind of clandestine operation, if you want to remain anonymous, you have
@@ -31,6 +17,8 @@ it is through OPSEC mistakes.
 
 # Why OPSEC matters
 
+![attack cycle diagram](attack_cycle.png)
+
 From the adversary's point of view (let's call them Leo), repression requires the following broad steps:
 
 - Initial detection: someone is doing something we don't like
@@ -39,6 +27,8 @@ From the adversary's point of view (let's call them Leo), repression requires th
 
 ## Initial detection
 
+![protest](protest.jpg)
+
 Depending on your organization and activities, this initial detection phase can come as soon as you get started
 (if you are staging protests, then identification is inevitable).