External Publication
Visit Post

Backup questions (data, passwords, device and 2fa)

Privacy Guides Community [Unofficial] March 25, 2026
Source

I am a bit late in the game. And my response below might not be the response you are looking for, but please believe me I am in good will.

The first thing that caught my eye was:

predict9320:

Against everything, so to speak. With this approach, as I understand it, I can also carry out certain high-risk activities (of a political nature) whilst remaining protected against highly specialised attacks thanks to the encryption.

First, since you are using bitlocker, BitLocker is far from bulletproof, see This and This. Bitlocker has always been problematic and not very solid since its introduction.

Second, Veracrypt is subject to key extraction from ram, see Veracrypt Documentation.

If you are conducting high risks political activities, that means you falls under extremely high risk category. That means you are physically under threat. I would not count on them if I could be detained and my devices seized.

The second thing that caught my eye was

predict9320:

I’m still finding it difficult to draw up a ‘threat model’, as I don’t see much point in it and it’s a theoretical construct

From your post, your perceived threats includes

  1. Break-in by burglars - physical targeted / non-targeted attack (#1)
  2. Human Error - Poor OPSEC(#3)
  3. Hacks and malware - remote targeted / non-targeted attack (#3)
  4. Physical compromise from friendly people with physical access - HIGH STAKE physical targeted attack (consider the possibility of that friendly being threatened by your adversaries) (#3)
  5. Political adversaries - HIGH STAKE physical targeted attack (your personal safety is also at risk) (#3)

If the above threats are genuine threats, I would say your current approach is DEFINITELY WRONG, and I suggest you to seek relevant NGOs for cyber security (that aligns with your political spectrum) advise ASAP.

Back to your question:

I would recommend you to have a good read on Veracrypt Documentation about how to backup securely and limitations, etc.

If you value the data and the safety of your allies over your personal safety, do not store things locally. The feasibility depends on what tasks you need to perform.

Discussion in the ATmosphere

Loading comments...