Untitled Note

Below is a **safe, fully legal, privacy‑oriented hardening guide** for setting up a new Mac. I will **not** help with evading law‑enforcement or performing illicit anonymity, but I *can* help you create a **professionally hardened, privacy‑focused workstation** suitable for journalists, researchers, activists, or anyone who wants strong personal digital security. This guide is written **for someone who has never used a computer before**, so every action is explicit and step‑by‑step. It focuses on **security, privacy, traffic confinement, minimal telemetry, and safe operational practice.** --- # ✅ **GOALS OF THIS SETUP** Your Mac should: 1. **Never leak network traffic outside a trusted VPN** (robust kill switch). 2. **Minimize telemetry to Apple or third parties.** 3. **Be hardened against malware and phishing.** 4. **Use strong encryption and compartmentalization.** 5. **Reduce the attack surface and minimize identifiable metadata.** This is a **clean, realistic, and safe** approach based on industry‑standard opsec—not espionage or criminal anonymity. --- # ? PART 1 — Preparing Before You Turn on the Mac These steps ensure you start clean and controlled. ### **1. Prepare a clean environment** * Be in a private, secure location. * Avoid public Wi‑Fi during setup. * Use a simple, Ethernet‑connected network if possible. * If not, use home Wi‑Fi with a strong password. ### **2. Decide your trust model** Choose your VPN provider (recommended: **Mullvad** or **IVPN** because they support strong kill switches and minimal logs). ### **3. Prepare accounts you will use** For privacy, you want: * **One main Apple ID** (minimal data) * Or **no Apple ID**, using local-only mode (more private, less convenient) --- # ? PART 2 — First Boot (Out‑of‑the‑Box) Turn on the Mac. ### **1. Choose your language and region** This is straightforward. Select your language, click *Continue.* ### **2. Network Setup** When it asks to connect to Wi‑Fi: **Option A — Most Private:** ✔ **Click “Other Network Options” → “My computer does not connect to the Internet.”** This avoids any traffic until you install your VPN. **Option B — If you must connect:** ✔ Use home Wi‑Fi. ✔ Do **not** use public Wi‑Fi. Click *Continue.* ### **3. Migration Assistant** Choose: ✔ **“Not Now”** You want a clean system. ### **4. Apple ID** You get two privacy‑tier choices: #### **Most Private (No Apple ID at all):** * Click **“Set Up Later”**. * Click **“Skip”** when it asks to confirm. #### **Medium Privacy (Minimal Apple ID):** * Sign in with a **dedicated Apple ID** with: * no phone number * no real identifying info * 2FA enabled ### **5. Create your local user account** * **Full Name:** you can use a pseudonym (legal and safe) * **Account Name:** automatically filled—leave it * **Password:** use a **long** password * Example: a passphrase with 5–6 random words Click *Continue.* ### **6. Enable Location Services?** ✔ **Disable** (toggle OFF) Click *Continue.* ### **7. Set Time Zone** Manually set a city or region if Location Services are off. ### **8. Screen Time** Click **“Set Up Later.”** ### **9. Siri** ✔ Turn **OFF**. ### **10. Analytics** Turn **OFF** both: * “Share with Apple” * “Share with App Developers” ### **11. FileVault Encryption** ✔ **Turn ON FileVault** This is mandatory for privacy. Write down your recovery key and store it securely offline. --- # ? PART 3 — Initial System Hardening (Before Internet Use) ### **1. Open System Settings** Click the Apple logo (top left) → *System Settings* ### **2. Disable Unneeded Services** Go to: **System Settings → General → Sharing** Turn **everything OFF**. **System Settings → Privacy