Digital Compartmentalization - State of Surveillance

⚠️ Critical Disclaimers

No method provides perfect protection - All security measures have limitations
Compartmentalization requires discipline - One mistake can compromise multiple compartments
Consider your threat model - Balance security needs with usability
We do not endorse specific services - Research current options independently
Jurisdiction and laws matter - Some techniques may be restricted in your location

🎯 What is Digital Compartmentalization?

Digital compartmentalization is the practice of separating your online activities into distinct, isolated segments or "compartments." Each compartment uses different accounts, devices, or virtual environments to prevent adversaries from correlating your activities across different contexts.

Why Compartmentalize?

Limit breach impact: If one account is compromised, others remain secure
Prevent correlation: Make it harder to build a complete profile of your activities
Protect sensitive contexts: Keep work, personal, and activist activities separate
Reduce attack surface: Minimize the number of services that have access to any given data set

🔑 Core Principles

🚫 Never Cross-Contaminate

Never use information, accounts, or credentials from one compartment in another. Each should be completely isolated.

📱 Separate Everything

Use different devices, browsers, email addresses, phone numbers, and payment methods for each compartment.

🎭 Unique Identities

Create distinct online personas with different names, birthdays, interests, and behavioral patterns.

⏰ Timing Isolation

Use compartments at different times and avoid predictable patterns that could link activities.

🏗️ Compartmentalization Strategies

Device-Level Compartmentalization

🔒

Separate Physical Devices

Method: Use completely different computers, phones, or tablets for different activities.
Pros: Maximum isolation, hardware-level separation
Cons: Expensive, inconvenient, suspicious if discovered
Best for: High-risk activities, journalists, activists

💻

Virtual Machines (VMs)

Method: Run isolated operating systems within your main OS using VirtualBox, VMware, or Qubes.
Pros: Strong isolation, cost-effective, easy to delete/reset
Cons: Performance overhead, requires technical knowledge
Best for: Tech-savvy users, multiple personas

💿

Live Operating Systems

Method: Boot from USB drives with Tails, Kodachi, or other amnesic systems.
Pros: No traces left, highly portable, reset after each use
Cons: Limited persistence, slower performance
Best for: Sensitive research, whistleblowing, high-risk activities

Browser-Level Compartmentalization

🌐

Separate Browser Profiles

Method: Use different Firefox or Chrome profiles for different activities.
Setup: Firefox: about:profiles | Chrome: --user-data-dir flags
Pros: Easy to set up, different extensions/settings per profile
Cons: Can leak between profiles, shared browser vulnerabilities

🗂️

Container Tabs

Method: Firefox Multi-Account Containers isolate tabs with different identities.
Setup: Install "Firefox Multi-Account Containers" extension
Pros: Built into Firefox, easy switching, visual indicators
Cons: Same browser instance, less isolation than profiles

🌍

Different Browsers

Method: Use Firefox for personal, Chrome for work, Tor for sensitive activities.
Pros: Clear visual separation, different security features
Cons: More software to maintain, potential feature differences

📧 Identity Compartmentalization

Email Strategy

⚠️ Email Compartment Rules

Each compartment gets its own unique email address
Never forward between compartment emails
Use different email providers when possible
Consider using email aliases or forwarding services

🎭 Persona-Based Emails

Real Identity: Your legal name email for official business
Social Identity: Nickname for social media and forums
Shopping Identity: Separate email for online purchases
Research Identity: Anonymous email for sensitive topics

🏷️ Email Aliasing Services

SimpleLogin: Unlimited aliases, EU-based
AnonAddy: Open source, self-hostable
Firefox Relay: Mozilla's email masking service
DuckDuckGo Email: Simple email forwarding

Phone Number Strategy

📱

Separate SIM Cards

Method: Physical SIM cards for different compartments
Pros: Complete number separation
Cons: Multiple devices needed, ongoing costs

☁️

VoIP Services

Method: Google Voice, Skype numbers, TextNow
Pros: No additional hardware, disposable
Cons: May not work for all verification

🎫

Temporary Numbers

Method: SMS reception services for one-time verification
Pros: Completely disposable
Cons: Not suitable for ongoing accounts

💳 Financial Compartmentalization

Payment Methods

💰

Prepaid Cards

Method: Buy prepaid debit cards with cash for different compartments
Pros: No banking connection, disposable
Cons: Not accepted everywhere, fees, may require ID

🏦

Virtual Credit Cards

Method: Services like Privacy.com, Capital One Eno, Apple Card
Pros: Unique numbers per vendor, spending limits
Cons: Still tied to real banking, geographic limitations

₿

Cryptocurrency

Method: Use privacy coins (Monero) or mixed Bitcoin
Pros: Pseudonymous, decentralized
Cons: Limited acceptance, volatile, complex

🔧 Technical Implementation

Setting Up Browser Compartments

Firefox Profile Method:

Open Firefox and go to about:profiles
Click "Create a New Profile"
Choose a name (e.g., "Work", "Personal", "Research")
Create desktop shortcuts with different profile flags:

firefox.exe -P "Work" -no-remote
firefox.exe -P "Personal" -no-remote
firefox.exe -P "Research" -no-remote

Chrome Profile Method:

Create separate user data directories
Launch Chrome with different user data directories:

chrome.exe --user-data-dir="C:\Chrome-Work"
chrome.exe --user-data-dir="C:\Chrome-Personal"
chrome.exe --user-data-dir="C:\Chrome-Research"

Virtual Machine Setup

🖥️ VirtualBox (Free)

Download VirtualBox and create new VMs
Install different OS for each compartment
Use snapshots to reset to clean states
Disable clipboard sharing between host/guest

🔒 Qubes OS (Advanced)

Install Qubes as your main OS
Create different "qubes" for different activities
Use color-coding to identify compartments
Leverage built-in isolation features

🎯 Compartment Examples

Basic Personal Compartments

👔

Professional Identity

Use for: Work email, LinkedIn, professional development
Browser: Chrome with real name
Email: firstnamelastname@company.com
Phone: Work number or Google Voice

🏠

Personal Identity

Use for: Social media, friends, family
Browser: Firefox with real name
Email: nickname@gmail.com
Phone: Personal mobile number

🛒

Shopping Identity

Use for: Online purchases, retail accounts
Browser: Separate Firefox profile
Email: shopping.alias@provider.com
Payment: Virtual credit card numbers

🕵️

Research Identity

Use for: Sensitive topics, political content
Browser: Tor Browser or VM
Email: Anonymous ProtonMail account
Payment: Cryptocurrency or prepaid cards

Advanced Activist Compartments

⚠️ High-Risk Activity Warning

If you're involved in activism or journalism in authoritarian contexts, compartmentalization becomes critical for safety. Consider these advanced techniques:

📰

Journalist Identity

Device: Separate laptop with Tails
Communication: Signal on burner phone
Email: ProtonMail with Tor
Storage: Encrypted external drives

✊

Activist Identity

Device: Separate device or VM
Communication: Briar or Element
Email: Tutanota with pseudonym
Payment: Monero cryptocurrency

💼

Legal Identity

Device: Clean laptop for legal work
Communication: Standard encrypted email
Email: Professional legal address
Storage: Encrypted cloud backup

🚧 Common Mistakes

💥 Compartment Failures

Cross-contamination: Using the same password, recovery email, or phone number across compartments
Timing correlation: Switching between compartments too quickly or in predictable patterns
Device fingerprinting: Using the same device without clearing browser data between compartments
Payment correlation: Using the same credit card or bank account for different identities
Behavioral patterns: Writing style, interests, or posting times that reveal connections
Location correlation: Always accessing different compartments from the same IP address
Emergency recovery: Using the same recovery methods that could link compartments when breached

🔒 Operational Security (OPSEC)

📋 Compartment Checklist

✅ Unique email for each compartment
✅ Different passwords (use password manager)
✅ Separate phone numbers when possible
✅ Different payment methods
✅ Distinct browsing habits/timing
✅ Clear browser data between switches

🕒 Timing Considerations

Wait at least 30 minutes between compartment switches
Use different times of day for different activities
Avoid predictable patterns (same order, same days)
Consider using delayed posting/scheduling

🌐 Network Isolation

Use different VPN servers for different compartments
Consider Tor for most sensitive compartments
Use public WiFi from different locations
Be aware of ISP logging and correlation

📱 Mobile Compartments

Use separate devices when possible
Consider dual-SIM phones for basic separation
Use different apps for different compartments
Be aware of location tracking and correlation

🛠️ Tools and Software

Compartmentalization Tools

🖥️

Virtualization

VirtualBox: Free VM software
VMware: Professional VM solution
Qubes OS: Security-focused OS with built-in compartmentalization
Whonix: VM setup with Tor integration

🌐

Browser Tools

Firefox Multi-Account Containers: Tab isolation
Tor Browser: Anonymous browsing
Temporary Containers: Disposable tabs
ClearURLs: Remove tracking parameters

📧

Identity Management

SimpleLogin: Email aliasing
AnonAddy: Anonymous forwarding
Bitwarden: Password manager with multiple vaults
Privacy.com: Virtual credit cards

💿

Live Systems

Tails: Amnesic live OS
Kodachi: Anonymous Linux distribution
Ubuntu Privacy Remix: Privacy-focused live system
Quebes Live: Live version of Qubes OS

📚 Further Learning

📖 Recommended Reading

"The Art of Invisibility" by Kevin Mitnick
"Digital Privacy Handbook" by Surveillance Self-Defense
Qubes OS Documentation - Advanced compartmentalization
OPSEC Guidelines - Operational security best practices

🎓 Practice Exercises

Set up basic browser compartments for different activities
Create separate email addresses for shopping vs. social media
Practice VM creation and management
Test compartment isolation by trying to correlate your own activities

🚀 Start Simple, Build Up

Don't try to implement perfect compartmentalization immediately. Start with basic browser profiles or email separation, then gradually add more sophisticated techniques as you learn. The goal is sustainable security that you'll actually use.

Back to Protection Guides