Add operating id guidelines

Author: namcios

pseudonymous-identity.md

@@ -166,7 +166,7 @@ Below are choices you can take based on their required dedication of time, money
 - **Tor Browser**. You should opt for using the Tor Browser for your pseudonymous identity only if you have absolutely _no time, no money, no technical skills, no effort to allocate, and very limited resources_. The reason is that it will provide the smallest level of protection for you, but is also the easiest to use, as you also would not need to purchase additional hardware. You can simply use the computer you already use, install Tor Browser in it, and use that for your advocacy needs. But beware of the shortcomings of this setup too, notably the limited protection it will give you. Tor usage can be deanonymized based on your non-Tor usage and behaviors, so keep that in mind.
 - **Tails**. If you have a bigger amount of time and learning motivation, but still has limited resources and can't purchase a dedicated laptop, you might want to use [Tails](https://tails.boum.org/index.en.html). Although [not perfect](https://tails.boum.org/doc/about/warnings/index.en.html), Tails can help you [protect your digital life from censorship and surveillance](https://tails.boum.org/about/index.en.html) in a somewhat easy way. You can setup a Tails USB stick to temporarily turn your computer into a secure machine or stay safe while using the computer of somebody else. Do note that if used on a compromised machine, for instance a computer with viruses or with malicious hardware, like keyloggers, Tails won't _always_ be able to protect you. And considering how difficult it can be to spot some malicious software and hardware in a given device, physical compartmentalization is always a better choice.
 - **Tails on a dedicated laptop**. If your budget allows it, you might want to purchase a dedicated laptop to use for your sensitive activities over Tor on Tails. You can purchase an used business laptop for cash and install Debian on it for increased privacy and security and lower costs. You can also buy an used MacBook Air from 2012 or 2013 for cheap, reset it, and [harden it for increased security and privacy](https://github.com/drduh/macOS-Security-and-Privacy-Guide); then you can use it more safely with Tails. Just make sure you only use this computer for the very specific set of activities your identity needs.
-- **Whonix or Qubes OS on a dedicated laptop.** The reason for having these two operating systems separately here is because of the increased hardware and system specifications they require. Both Whonix and Qubes OS are more demanding to the machine they run in, so you'd need a bigger budget –– and more time and effort –– to set it up. Also reference [this comparison](https://www.whonix.org/wiki/Comparison_with_Others) (onion site [here](http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Comparison_with_Others)) to judge which system would be better for your specific case.
+- **Whonix or Qubes OS on a dedicated laptop.** The reason for having these two operating systems separately here is because of the increased hardware and system specifications they require. Both [Whonix](http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/) and Qubes OS are more demanding to the machine they run in, so you'd need a bigger budget –– and more time and effort –– to set it up. Also reference [this comparison](https://www.whonix.org/wiki/Comparison_with_Others) (onion site [here](http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/wiki/Comparison_with_Others)) to judge which system would be better for your specific case.
 
 Please note that depending on your threat model you may be required to go at greater lengths to have full anonymity, including anonymous phone numbers. If that's your case, please reference [The Hitchhiker's Guide to Online Anonymity](http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion/guide.pdf).
 
@@ -222,3 +222,24 @@ Phew! If you performed each and every step with caution and attention, your new
 
 ## Operate Your New Identity
 
+Your main goal while operating your pseudonymous identity should be to prevent having it being linked back to your real world identity, because if that happens then all your work goes to waste. There are many techniques you can use to ensure that to the best of your ability, but that can vary depending on your specific circumstances. 
+
+Read more about [privacy](https://www.eff.org/issues/privacy) and [anonymity](https://www.eff.org/issues/anonymity) to become more aware of the different ways adversaries may be able to threaten them. Also beware and grow accustomed to some basic security best practices for defending yourself:
+
+- [Create secure passwords](https://ssd.eff.org/en/module/animated-overview-how-make-super-secure-password-using-dice) (some complementary thoughts on strong passwords [here](https://ssd.eff.org/en/module/creating-strong-passwords)).
+- [Use a password manager](https://ssd.eff.org/en/module/animated-overview-using-password-managers-stay-safe-online).
+- Enable two-factor authentication and [use your YubiKey](https://www.wired.com/story/how-to-use-a-yubikey/).
+- [Mind your communications](https://ssd.eff.org/en/module/communicating-others).
+
+Generally, however, since the main goal is to avoid links to your real identity, you should focus on _compartmentalization_. The level to which you commit to compartmentalize parts of your life will, again, depend on your available time, skills, and budget.
+
+The best case scenario, which you should strive for, is to have one separate device for each activity. That entails having one mobile device, one laptop, one phone number, one YubiKey (mabe here you'd want to have a second one as backup), and one of each device you might need for your pseudonymous identity –– and use them only for that single identity! Need a new identity? Then you'd need new devices.
+
+But that is often not feasible, and rather than quitting it altogether, you should start small and build your way to the top. Striving for perfection is good if it means stimulating you to improve, but it can quickly become detrimental if it stops you from acting. Therefore, start with the good rather than the perfect.
+
+In either case, you should compartmentalize as much as you realistically can at a given time.If you currently can't buy a new smartphone for your new identity, you can at least grab a new phone number, which is fairly cheap in most places, and a new VPN account with a different provider than your real identity one. If your current phone supports two SIMs, for instance, you can use both numbers and both VPN accounts, switching VPN connections every time you need to connect to an app and based on the identity that app is associated with. I know, that can be rather cumbersome, but that's what a lower budget will often require.
+
+Similarly, if you can't afford a new laptop, you can start by buying a VPN subscription as described previously in the guide and use the Tor Browser. However, that would only suffice for more basic threat models. You might then consider dedicating some time to flashing Tails onto a USB stick and learning the basics of the anonymity live operating system. That will enhance your setup right away, as Tails will enforce many best practices for you.
+
+However, you _always_ need to remember that all these tools are [not perfect](https://www.torproject.org/docs/faq.html.en#AttacksOnOnionRouting) and that you might still be at risk. For instance, [Tor can do little for you if you use it wrong](https://www.torproject.org/download/download.html.en#Warning). It currently goes beyond the scope of this guide to discuss why and provide some steps one could take to mitigate it, but here are some [good and thorough guidelines (really read this!)](https://security.stackexchange.com/a/43485). If you're more inclined to academic research, reference [Free Haven's Selected Papers in Anonymity](http://7fa6xlti5joarlmkuhjaifa47ukgcwz6tfndgax45ocyn4rixm632jid.onion/anonbib/index.html).
+