Same for GY!BE, I guess

You’re right, and I’m sorry if I came over as condescending. The thing is, with projects like these, you need to front load a lot of the safety concerns if you are going to be the one actually hosting the content. It’d be an easier entry to contribute to existing structures, staying more low-key and learning along the way. Many established projects are open-source and need programmers and hackers to help improve and secure their codebases, for example.

That said, if you wanted to start something of your own, I think Anna’s blog is a nice starting point, before you delve into the technical nitty-gritty:

https://annas-archive.org/blog/blog-how-to-become-a-pirate-archivist.html

https://annas-archive.org/blog/how-to-run-a-shadow-library.html

Then, for the actual hosting process, much depends on the stack you use. Never pay for anything in a way that can be traced, which basically only leaves cash or anonymous crypto like Monero. Don’t use any account names, emails, passwords, etc that you’ve ever used before. Never, ever go boasting to strangers, or even worse, friends, about what you’re doing. Do all the standard things of hardening your servers, but always plan around some or all of them being shut down it seized. Even “bulletproof hosting” providers get raided every once in a while. That means decentralization, and don’t put convenience over safety.

Now, while shadow libraries and other forms of media piracies certainly are sought-after targets, you’re likely not going to be anyone’s number one priority, while there’s still rings of child abusers and terrorists on the web. But once you reach a certain size, state actors will come after you, like they did after z-lib a while ago. I don’t have any comprehensive guides on Opsec (and I’m no expert on it, by any measure), but most of it boils down to common sense and keeping your mouth shut, anyways. Most people that get busted don’t have missed some technical vulnerability, but because they’ve talked about their illegal projects on accounts linked to their real name, or something similarly trivial.

Becoming a provider (on any significant scale) should be treated like a second job, at least. If you want to go the silent route, you need to completely separate your daily life from the illegal stuff. Obvious stuff, like no shared email- or other accounts, but even down to no shared browser sessions. The old fashioned way is a second laptop. If you want to make an impact and contribute to the community, consider seeding torrents for some of the existing shadow libraries. Anna’s Archive has about a petabyte of torrents that have less than three seeders, for example.

putting aside the obvious glowie talk someone else raised, you should really, really reconsider your opsec. And I mean, really. Using discord to communicate? And spamming Reddit, from a non-dedicated account, no less? Posting PII to justify downtimes? If this gets any traction at all, you’re in deep shit. There’s a good reason Anna is as anonymous as she is. Cat is out of the bag at this point, I’d recommend shutting it down. You could always continue developing the code for it, the frontend looks pretty good. But please, reconsider if you have the dedication and knowledge it takes to run a shadow library and not be caught.

Don’t know how your get one from the other. I can think that state socialist experiments were flawed, misguided, and ultimately destined for autocracy, and still think that targeting them with imperialist intervention is wrong.

Just because the US empire is evil doesn’t make everyone opposing them good. The world is not black and white.