Technology, Science, and the pursuit of Enlightenment This guide will describe how to setup a persistent browser (forEvil Corp) that’s isolated in a sandbox (with firejail) and forced to use a SOCKS5 proxy to retain a static IP address (using proxychains) Have you ever beenlocked out of your own account, and then got an email for your service provider annoyingly letting you know that they’ve“blocked a login attempt —for your protection?“ There’s countless reports of frustrated users who havepermanently lost access to their own gmail accountsbecause of Google’s faulty “fraud protection” systems that locked the account owner out of their own account,due to false-positives. Especially the past 10 years, large corporations have been using machine learning anomaly detection systems on their login pages. Unfortunately, sometimes this is (ab)used to have priority over credential authentication challenges. Even if you enter your username, password, and 2FA credentials correctly on the very first login attempt, you may get locked out of your own account because you “look different” Even if you enter your username, password, and 2FA credentials correctly on the very first login attempt, you may get locked out of your own account because you “look different”. These systems wouldn’t be so terrible if: The biggest issue with machine-learning anonmoly-detection systems is that they’re frequently not trained on a specific user’s account. I say:TAILSis the most secure OS we have today If, for example, I signed-up for my account using an IP address that’s a known Tor Exit node, thenit is not an anomaly for my account to see a login attempt coming from a Tor Exit node. And ifeverytime I login to my Google account, it’s from a new IP address that has never been used before to login to my account, thenit is not an anomaly for my account to see a login attempt from a new IP address. Or, say, if it’s very common for me to login from a different country almost every time I login, thenit is not an anomaly to see a login attempt originating from a new geoip region. And ifeverytime I login, you fingerprint my browser and discover that, huh, you can’t actually associate my fingerprint with any prior history (even across thepanopticdataset that you collect from almost all of the internet), thenit is not an anomaly to see a login attempt originating from a new session whoose fingerprint you have 0 historical data-on As a freelance sysadmin, I frequently have clients who need me to login to their E-Corp service providers. As a security- and privacy-conscious freelance sysadmin,I’m frequently locked outof these Google, Facebook, and Bank accounts —even when I enter the correct authentication credentials on the first try. God damn it Google, Iamthe domain admin, andyoulocked me out (even thoughI entered the correct username and passwordon the first attempt!) Since most of these service providers don’t let you simply turn-off their terribly faulty anomaly detection systems (that, in fact,cause more harm than good for users with strong passphrases and TOTP 2FAenabled), I’ve had to create a tool to minimize myself getting locked-out of my own accounts: Persistent, Sandboxed, Single-Site Browsers using firejail and proxychains. It’s absurd that we have to do all of this just to prevent Google from stealing our gmail accounts and Meta from stealing our facebook accounts, but this is where we are in 2026: the age of AI-driven, false-positive, idiocracy-level distopia.