Skip to content
Irregularpedia Logo Irregularpedia

Sock Puppet Accounts/Phase1 First Action

Sock Puppet Accounts/Phase1 First Action

Section titled “Sock Puppet Accounts/Phase1 First Action”

Principle

Section titled “Principle”

Minimize your “attack surface” and be deliberate before taking any action. You cannot take this step back!

Return to Puppet Creation Outline

Actions

Section titled “Actions”

Prep your gear

Section titled “Prep your gear”

Why is this in the “first action”? Because things you do may impact your sock. For instance, if you are setting up a VM, the mirror you download an ISO from might persist with artifacts in your machine. Or if you think you will have to interact with a target on SMS, there is a reasonable risk they may compromise your phone… is that IMEI previously associated with you?

  • Phone: This can be the trickiest part, especially for High-Risk socks. If building a low-risk sock, using an old phone with a new, pre-paid SIM may work. If high-risk, you might need a new device and use it in a location not associated with you (i.e., phone GPS and cell towers).

  • Some online services let you send an MFA code to an unassociated individual for a by-use fee. This is an option but introduces other risks.

  • VPS: The first IP you use to create an account/touch a resource matters. Using a static VPS (either to host environments or just tunnel traffic) is the best way I have found to balance protection and usability. When it comes to the “high value” social media platforms, I have had no luck creating or using Sock with a public VPN (e.g., Nord, Proton, PIA)

  • Isolate: You must isolate your sock’s environment from your own. There are several ways to do this. The solution you choose depends on your threat model.

  • separate browser profile

  • a different browser

  • another user account

  • a local VM

  • a remote VM or browser (e.g., kasm)

  • Apps: Consider how you will load applications in your environment. Do you need to have already an account to get the required application (i.e., in iOS)

  • Mobile Emulator: This can be very useful after getting started but hard to use for account setup

Remember what artifacts may come over from your setup! You can’t take things back once you start. # Resources