fixed

Reviewed-on: nihilist/blog-contributions#164

opsec/0_anon/index.html

@@ -62,7 +62,7 @@
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist - 00 / 00 / 00</ba></p>
 <h1>SRVNAME Setup </h1>
-<img src="0.png" style="width:250px">
+<img src="0.png" class="imgRz">
 <p> </p>
           
 	       </div>

opsec/MobileTor/index.html

@@ -74,7 +74,7 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <p><h2><u>Technology Recommended: </u></h2></p>
+          <p><h2><u>OPSEC Recommendations: </u></h2></p>
 <ul>
 	<li><p>Hardware: Google Pixel</p></li>
 	<li><p>Host OS: <a href="../graphene/index.html">Graphene OS</a></p></li>

opsec/anoncreditcard/index.html

@@ -0,0 +1,328 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>How to Get a Credit Card Anonymously (Credit Cards as a Service)</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>XMRonly - 2024 / 11 / 06</ba></p>
+<h1>How to Get a Credit Card Anonymously (Credit Cards as a Service)</h1>
+<img src="0.png" width="100px">
+<p> </p>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Introduction</b></h2>
+<p>
+With the growing economy and increasingly aggressive marketing, every company is competing to earn your business. There are no shortages of ways to spend your hard-earned money, but you may not always want to have your purchases tied to your real identity. For in person purchases, there is the obvious choice of cash as no information about you is recorded. However, online is a different story. E-commerce is heavily reliant on the use of credit cards, which leave a digital trail of metadata that ties back to you, is shared with third parties and is repackaged and sold to data brokers. Some forward-thinking vendors accept cryptocurrency but given online markets as a whole, this is still relatively niche. If your preferred method of buying something is Monero and your target vendor doesn't accept Monero, wouldn't it be great if you could still just use Monero anyway? In this article, we will explore how to obtain an anonymous prepaid card for Monero using Cake Pay and how to use this prepaid card to purchase a VPS from Hostinger, a KYC web hosting provider. 
+</p>
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
+    <li><p>Virtual Machine: <a href="../whonixqemuvms/index.html">Whonix</a> or <a href="../tailsqemuvm/index.html">Tails</a> </p></li>                                                    </ol>
+<p>Every steps listed below are to be done via the Tor browser, in order to preserve our anonymity.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Obtaining the Card</b></h2> </br> </br>
+<p>
+Using the Tor Browser, navigate to <b>https://buy.cakepay.com</b>. Here we are going to select the Mastercard Prepaid USD Debit (Virtual Only) option. Click Buy Now. 
+<img src="1.png" class="imgRz">
+</p>
+
+<p>
+When prompted, enter an <a href=../anonemail/index.html target=_blank>anonymous email</a> and then retrieve and enter the one-time password emailed to us. 
+<img src="2.png" class="imgRz">
+</p>
+
+<p>
+The next screen has some important information on it. It informs us that a name and email will be required for sign-up. It just doesn't specify that it has to be <i>our</i> name and address. This card will not work in Apple Pay or Google Wallet, not that we were planning on using those anyway. Additionally, trying to redeem this card while using a VPN (or in our case, the Tor Browser) may fail. More on that later. Enter a desired amount and click Buy Now. 
+<img src="3.png" class="imgRz">
+</p>
+
+<p>
+We are now presented with a payment screen. 
+<img src="4.png" class="imgRz">
+</p>
+
+<p>
+Copy the destination address and amount into your Monero wallet and send the payment. 
+<img src="5.png" class="imgRz">
+</p>
+
+<p>
+Cake Pay will quickly detect the payment, and after a few more on-chain confirmations it will say the invoice is paid. 
+<img src="6.png" class="imgRz">
+</p>
+
+<p>
+Back in your inbox, you will now receive an email with Redemption Instructions and a Code. 
+<img src="7.png" class="imgRz">
+</p>
+
+<p>
+Attempting to redeem the code through the Tor Browser or through a VPN will fail and after around 10 consecutive attempts your redemption link and code will be temporarily locked. 
+<img src="8.png" class="imgRz">
+</p>
+
+<p>
+This is where a <a href=../anonproxy/index.html target=_blank>residential proxy</a> will come in handy. After setting one up, we can continue unimpeded using the Tor Browser. Input the code, confirm you are not a robot and click Submit.
+<img src="9.png" class="imgRz">
+</p>
+
+<p>
+Our card purchase was successful. Copy the code and navigate to the provided link.
+<img src="10.png" class="imgRz">
+</p>
+
+<p>
+Enter the code and click on Redeem Code.
+<img src="11.png" class="imgRz">
+</p>
+
+<p>
+Complete the captcha if prompted by sliding the puzzle piece in place.
+<img src="12.png" class="imgRz">
+</p>
+
+<p>
+We are now prompted to fill out the information we want for registering this card. We enter a name, an address that is for sale online, a phone number and email. After everything is populated click the checkboxes and finally hit Activate. Note that the phone number is not verified in any way. 
+<img src="13.png" class="imgRz">
+</p>
+
+<p>
+Our card is ready! 
+<img src="14.png" class="imgRz">
+</p>
+
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Using the Card</b></h2> </br> </br>
+<p>
+With our (digital) card in hand, it's time to actually buy something. Hostinger is a clearnet web hosting company with no explicitly stated support for signing up anonymously. All of their payment options require some information about the user and while their site supports a long list of cryptocurrencies, they somehow forgot to accept Monero. That's OK, we have a prepaid card for that. 
+<img src="15.png" class="imgRz">
+</p>
+
+<p>
+Using the Tor Browser, navigate to <b>https://hostinger.com</b> and click on Hosting -> VPS hosting. 
+<img src="16.png" class="imgRz">
+</p>
+
+<p>
+If prompted, verify you are human. 
+<img src="17.png" class="imgRz">
+</p>
+
+<p>
+We will select a plan that costs less than the amount on our prepaid card. 
+<img src="18.png" class="imgRz">
+</p>
+
+<p>
+OPTIONAL: A quick online search found a promo code. Apply it and click Continue. 
+<img src="19.png" class="imgRz">
+</p>
+
+<p>
+It is time to create an account. Enter an email address and password. 
+<img src="20.png" class="imgRz">
+</p>
+
+<p>
+Enter the billing details we used to create our prepaid card. Note that a phone number is not required here. 
+<img src="21.png" class="imgRz">
+</p>
+
+<p>
+Enter the card details and click Submit payment. 
+<img src="22.png" class="imgRz">
+</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>VPS Configuration</b></h2>
+
+<p>
+We are now prompted to configure our VPS. A few quick steps are required before we can start using it. Click through to choose a location, an OS, a malware scanner, set a root password and then click Finish setup. 
+<img src="23.png" class="imgRz">
+</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Conclusion</b></h2>
+
+<p>
+After a short setup, our VPS is ready! 
+<img src="24.png" class="imgRz">
+</p>
+
+<p>
+Let's try to connect via <a href=../anonaccess/index.html target=_blank>SSH over Tor</a>.
+<pre><code class="nim">
+~ ❯ torsocks ssh root@145.223.79.150
+The authenticity of host '145.223.79.150 (145.223.79.150)' can't be established.
+ED25519 key fingerprint is SHA256:bF9YlAl82SyfCu3X911lclJ0TwywiU6qgNtKCYDdnd0.
+This key is not known by any other names.
+Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
+Warning: Permanently added '145.223.79.150' (ED25519) to the list of known hosts.
+root@145.223.79.150's password:
+Linux srv636770 6.1.0-26-cloud-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.112-1 (2024-09-30) x86_64
+
+The programs included with the Debian GNU/Linux system are free software;
+the exact distribution terms for each program are described in the
+individual files in /usr/share/doc/*/copyright.
+
+Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
+permitted by applicable law.
+root@srv636770:~#
+
+</code></pre>
+<p>And that's it ! we have managed to get access to a credit card anonymously, and we also managed to use it to get a VPS anonymously, all while maintaining our anonymity.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4 class="readable">About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u>
+						8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
+					</p></br>
+					<p style="word-wrap: break-word;"><u>Donate XMR to the author:</u>
+						8AHNGepbz9844kfCqR4aVTCSyJvEKZhtxdyz6Qn8yhP2gLj5u541BqwXR7VTwYwMqbGc8ZGNj3RWMNQuboxnb1X4HobhSv3</p>
+					<p class="readable"><u>Contact:</u> nihilist@contact.nowhere.moe (<a
+							href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>

opsec/anonprotest/index.html

@@ -218,7 +218,7 @@
 					<h4 class="readable">As we have discussed the various methods that Law Enforcement agencies can track you down
 						precisely, and there isn't much you can do to stop it, leaving your personal mobile phone, smart
 						watch, or any other smart device at home is the best way to stay anonymous in a protest, leaving
-						no proof that you took part in it and <a href="../encryption/index.html">denying</a> that
+						no proof that you took part in it and <a href="../deniability/index.html">denying</a> that
 						you ever left your home.</h4>
 
 				</div>
@@ -709,4 +709,4 @@
 
 </body>
 
-</html>
+</html>

opsec/anonproxy/index.html

@@ -0,0 +1,207 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="prism_breaker">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>How to get and use residential proxies anonymously</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>prism_breaker</ba></p>
+<h1>How to get and use residential proxies anonymously</h1>
+<p>While Tor is a requirement to protect your anonymity online, some services refuse to be accessed anonymously, and are intentionally blocking connections coming from Tor exits nodes. These services are against your anonymity, but there are still ways to access them anonymously:<p>
+<img src="AccessDenied.jpg" class="imgRz">
+<p>A residential proxy will reroute your access through a residential ip address, which makes your connection look like it is coming from your ISP or your mobile carrier.</p>
+<p><u>Serverside Context:</u> This setup is to be considered only in the case where the destination website also blocks your attempts at connecting there via a <a href="../whenTorisblocked/index.html">(you -> Tor -> VPN -> destination)</a> setup.</p>
+
+<img src="../torthroughvpn/12.png" class="imgRz">
+<p> Under this setup you can access those websites that are blocking both Tor and VPN traffic, while still keeping your anonymity intact.</p>
+<img src="AccessAllowed.jpg" class="imgRz">
+
+<p style="color: red;">Warning: This setup is not officialy supported by Tor project, it should be considered as experimental. It is still recommended to use the default setup of Whonix and Tor browser for the rest of your anonymous activities online.</p>
+
+<p>For further details on how you can combine Tor and VPNs to protect your anonymity, refer to <a href="../torthroughvpn/index.html">this tutorial</a></p>
+
+<p>Other useful reference: <a href="https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy">https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy</a> </p>
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a> (Or Qubes OS)</p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a> (Or Qubes OS's Xen)</p></li>
+    <li><p>Virtual Machine:<a href="../whonixqemuvms/index.html">Whonix</a> (that must be dedicated to the (you -> Tor -> residential proxy -> website) setup </p></li>                                                    </ol>
+</ol>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Proxy Purchase</b></h2>
+<p><p style="color: red;"><u>Warning:</u> Everything below needs to be done inside the dedicated new whonix workstation VM!</p></p>
+<p><a href="https://smspool.net/">smspool.net</a> is chosen to be the proxy provider for this demo, the author is not affiliated with this service. It is used because it is monero friendly, other service providers should work similarly.</p>
+<p>First you need to register:</p>
+<img src="Reg.png" style="width: 400px; height: auto;" class="small">
+<p>Choose "switch to hCaptcha" otherwise you might get stuck at the cloudflare verification.</p>
+<p>The next step is to deposit monero into the website and purchase the proxy.</p>
+<img src="Deposit.png" class="imgRz">
+<p>When your deposit get credited, purchase the proxy.</p>
+<img src="Proxy.png" class="imgRz">
+<p>Now your proxy is ready, check for the details inside "My Proxy" section.</p>	
+<img src="ProxyData.png" class="imgRz">
+<p>Copy your proxy ip, port, username, password. It will be used later.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Browser setup</b></h2> </br> </br>
+<p>Due to an upstream change, the proxy setup method mentioned in whonix tutorial is not working <a href="https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy/Proxy_Settings_Method">https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy/Proxy_Settings_Method</a></p>
+
+<p>One of the other methods is to use the foxyproxy addon. <b>However please note that installing a plugin will change the Tor browser fingerprint, so it is highly recommended you keep the rest of your anonymous activities in a separate default Whonix Workstation VM.</b> Use this setup only when you are in this specific serverside context.</p>
+<img src="InstallAddon.png" style="width: 400px; height: auto;" class="imgRz">
+<p>Choose the "add-ons and themes" in the firefox menu and search for foxyproxy.</p>
+<img src="FoxyProxySearch.png" class="imgRz">
+<p></p>
+<img src="FoxyProxySearch2.png" class="imgRz">
+
+<p>Install the plugin, pin the plugin and allow it to work in private windows.</p>
+<img src="FoxyProxyInstall.png" class="imgRz">
+<P></P>
+<img src="FoxyProxyInstall2.png" style="width: 400px; height: auto;" class="imgRz">
+
+
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Connect to Proxy</b></h2> </br> </br>
+<p>Finally, we will connect to the proxy we just purchased.</p>
+<p>First find foxyproxy in the menu bar and choose "options".</p>
+<img src="FoxyProxyOptions.png" style="width: 400px; height: auto;" class="imgRz">
+<p>Add the proxy information in the "proxy" tab.</p>
+<img src="FoxyProxyAdd.png" class="imgRz">
+<p>In this demo, the proxy is HTTP, if you use a different provider and it doesn't work, try to check the protocol. Fill all the info and save it.</p>
+<p>Now check the website you want to accessed, it is blocked because you are still using the Tor exit node.</p>
+<img src="WebsiteDenied.png" class="imgRz">
+<p>Choose the proxy you just added in FoxyProxy button, and reset your Tor browser identity.</p>
+<p>Now access <a href="https://check.Torproject.org">https://check.Torproject.org</a>, and you should see a warning says you are not using Tor, due to having the connection originating from the residential Proxy IP, <b>this means that you have successfully completed the (you -> Tor -> residential proxy -> website) Setup, effectively hiding that you're using Tor from the destination website.</b></p>
+<img src="CheckIP.png" class="imgRz">
+<p>Now try the website that blocks Tor, it should work now if you did everything correctly!</p>
+<img src="WebsiteAccessed.png" class="imgRz">
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>PrismBreaker</h4>
+          <p>
+						Shatter the big brother.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About Prism Breaker</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 87iB34vdFvNULrAjyfVAZ7jMXc8vbq9tLGMLjo6WC8N9Xo2JFaa8Vkp6dwXBt8rK12Xpz5z1rTa9jSfgyRbNNjswHKTzFVh</p></br><p><u>Contact:</u> prismbreaker@waifu.club (<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/735816B2B9E6F4660ECE44D983E602C4B6EA6AEE">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>

opsec/anonymity/index.html

@@ -1,927 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
-    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
-
-    <title>Anonymity Management</title>
-
-    <!-- Bootstrap core CSS -->
-    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
-	<link href="../../assets/css/xt256.css" rel="stylesheet">
-    
-    
-
-    <!-- Custom styles for this template -->
-    <link href="../../assets/css/main.css" rel="stylesheet">
-
-    
-
-    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
-    <!--[if lt IE 9]>
-      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
-      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
-    <![endif]-->
-  </head>
-
-  <body>
-
-    <!-- Static navbar -->
-    <div class="navbar navbar-inverse-anon navbar-static-top">
-      <div class="container">
-        <div class="navbar-header">
-          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-          </button>
-          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
-        </div>
-        <div class="navbar-collapse collapse">
-          <ul class="nav navbar-nav navbar-right">
-
-            <li><a  href="/about.html">About</a></li>
-            <li><a  href="/blog.html">Categories</a></li>
-<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
-            <li><a  href="/contact.html">Contact</a></li>
-          </ul>
-        </div><!--/.nav-collapse -->
-        
-      </div>
-    </div>
-
-	<!-- +++++ Posts Lists +++++ -->
-	<!-- +++++ First Post +++++ -->
-	<div id="anon2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nothing@nowhere - 2023-10-12</ba></p>
-<h1>Anonymity Management  (DISCLAIMER: i need to redo that tutorial!)</h1>
-<p>In this tutorial we're going to take a look at how to manage your online Anonymity.</p>
-
-</br><b>DISCLAIMER: we're using only harddrives (HDDs) here, because using SSDs are not a secure way to have Plausible Deniability, that is due to hidden Volumes being detectable on devices that utilize wear-leveling</b>
-<pre><code class="nim">
-source: https://anonymousplanet.org/guide.html#understanding-hdd-vs-ssd
-
-regarding wear leveling:
-"Also as mentioned earlier, disabling Trim will reduce the lifetime of your SSD drive and will significantly impact its performance over time (your laptop will become slower and slower over several months of use until it becomes almost unusable, you will then have to clean the drive and re-install everything). But you must do it to prevent data leaks that could allow forensics to defeat your plausible deniability. The only way around this at the moment is to have a laptop with a classic HDD drive instead."
-
-</pre></code>
-
-<p>This tutorial is based on my previous explanation on <a href="../opsec/index.html">OPSEC</a> make sure that you take it into account before proceeding.</p>
-<img src="100.png" class="imgRz">
-<p>So, we basically want 3 ways to access websites. The first being while using tor, for complete anonymity, to do that we'll use whonix. The second is to do the same but to masquerade it with a non-KYC VPN which will also be acquired anonymously to be used only in the case of a website blocking tor exit nodes, and the last one is without any protection, for websites you cannot use without KYC.</p>
-<img src="101.png" class="imgRz">
-<p>As a safety measure for Anonymity, there will be a veracrypt hidden partition in use for plausible deniability.</p>
-<img src="102.png" class="imgRz">
-<p>To prepare the computer for those tasks, we will rely on opensource software to avoid any tracking, we'll remove logs from linux. </p>
-<p>And lastly, we're going to take a look at how to keep track of your accesses to the websites you access anonymously</p>
-
-          
-	       </div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /grey -->
-
-	<!-- +++++ Second Post +++++ -->
-	<div id="anon3">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Initial Setup </b></h2>
-<p>First let's make sure all logs get erased upon system shutdown as described in my previous tutorial on <a href="../antiforensics/index.html">host OS hardening</a> (by piping all logs to go to the /tmp/ folder):</p>
-
-<p>We also make sure that the script to remove logs also includes shutting down the VMs and closes the veracrypt volume just like the emergency shutdown script we detailed in <a href="../physicalsecurity/index.html">the previous tutorial on homeserver physical security</a>:</p>
-<pre><code class="nim">
-
-[ mainpc ] [ /dev/pts/2 ] [~/logremover]
-→ cat /etc/systemd/system/reboot_logremover.service
-[Unit]
-Description=Shutdown Anti forensics
-DefaultDependencies=no
-Before=shutdown.target reboot.target halt.target
-
-[Service]
-Type=oneshot
-ExecStart=/root/shutdown.sh
-TimeoutStartSec=0
-
-[Install]
-WantedBy=shutdown.target reboot.target halt.target
-
-[ mainpc ] [ /dev/pts/2 ] [~/logremover]
-→ cat shutdown.sh
-#!/bin/bash
-
-#remove VMs
-
-sudo virsh -c qemu:///system destroy Whonix-Gateway
-sudo virsh -c qemu:///system destroy Whonix-Workstation
-sudo virsh -c qemu:///system undefine Whonix-Gateway
-sudo virsh -c qemu:///system undefine Whonix-Workstation
-sudo virsh -c qemu:///system net-destroy Whonix-External
-sudo virsh -c qemu:///system net-destroy Whonix-Internal
-sudo virsh -c qemu:///system net-undefine Whonix-External
-sudo virsh -c qemu:///system net-undefine Whonix-External
-
-#then unmount veracrypt volumes
-
-sudo veracrypt -d  -f
-
-# then cleanup logs
-
-sudo rm -rf /dev/shm/*
-sudo rm -rf /var/log/*
-sudo dmesg -c
-
-</pre></code>
-<p>In the shutdown.sh script we also make sure that the VMs are removed, and that the veracrypt volumes are unmounted, before clearing up the logs.</p>
-
-<p>Next we're going to install libvirt as seen in our previous tutorial on host os hardening<a href="../antiforensics/index.html">here</a>:</p>
-<pre><code class="nim">
-sudo pacman -S libvirt qemu-full virt-manager dnsmasq bridge-utils
-	
-sudo systemctl enable --now libvirtd
-
-#####################vault.sh:#######################################
-#!/bin/bash
-echo "[+] MOUNTING VAULTS..."
-
-sudo cryptsetup luksOpen /dev/nvme1n1p1 VAULT
-sudo mkdir /run/media/nihilist/VAULT 2>/dev/null
-sudo mount /dev/mapper/VAULT /run/media/nihilist/VAULT
-
-echo "[+] VAULTS MOUNTED"
-###################################################################
-
-usermod -a -G libvirt nihilist
-usermod -a -G kvm nihilist
-
-[root@nowhere ~]# vim /etc/libvirt/libvirtd.conf 
-[root@nowhere ~]# cat /etc/libvirt/libvirtd.conf  | grep sock_group
-unix_sock_group = "libvirt"
-unix_sock_rw_perms = "0770"
-
-sudo chmod 770 -R VMs 
-sudo chown nihilist:libvirt -R VMs 
-
-cat /etc/libvirt/qemu.conf
-group = "libvirt"
-user = "nihilist"
-
-systemctl restart libvirtd.service
-
-virt-manager
-
-</code></pre>
-
-<p>Next step we create the veracrypt drives, so use the /dev/sdb harddrive for it:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/2 ] [~/Nextcloud/Obsidian]
-→ lsblk
-NAME          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
-sda             8:0    0   1.8T  0 disk
-└─sda1          8:1    0   1.8T  0 part
-<b>sdb             8:16   0 447.1G  0 disk</b>
-sdc             8:32   0   3.6T  0 disk
-└─VAULTBACKUP 253:1    0   3.6T  0 crypt /mnt/VAULTBACKUP
-zram0         254:0    0     4G  0 disk  [SWAP]
-nvme1n1       259:0    0   1.8T  0 disk
-└─nvme1n1p1   259:1    0   1.8T  0 part
-  └─VAULT     253:0    0   1.8T  0 crypt /mnt/VAULT
-nvme0n1       259:2    0 465.8G  0 disk
-├─nvme0n1p1   259:3    0   511M  0 part  /boot
-└─nvme0n1p2   259:4    0 465.3G  0 part  /
-	
-</code></pre>
-
-<p>Be aware that the 3 VMs we need to place in a veracrypt container all weigh 100GB each so <b>you need 300Gb for all 3 VMs</b>, so you need at least 2x300Gb to replicate the setup in the decoy partition, <b>so pick a 1.2TB harddrive instead</b>, with some additional space <b>so preferably a 1.8TB</b> one just to be safe, unlike as shown below (a 500gb disk which is not enough!)</p>
-<p>So let's now setup the hidden partition there:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/2 ] [~/Nextcloud/Obsidian]
-→ sudo pacman -S veracrypt
-	
-</code></pre>
-<img src="20.png" class="imgRz">
-<img src="21.png" class="imgRz">
-<img src="22.png" class="imgRz">
-<img src="23.png" class="imgRz">
-<img src="24.png" class="imgRz">
-<img src="25.png" class="imgRz">
-<img src="26.png" class="imgRz">
-<img src="27.png" class="imgRz">
-<img src="28.png" class="imgRz">
-<img src="29.png" class="imgRz">
-<img src="30.png" class="imgRz">
-<img src="31.png" class="imgRz">
-<img src="32.png" class="imgRz">
-<img src="33.png" class="imgRz">
-<img src="34.png" class="imgRz">
-<img src="35.png" class="imgRz">
-<img src="36.png" class="imgRz">
-<img src="37.png" class="imgRz">
-<img src="38.png" class="imgRz">
-<img src="39.png" class="imgRz">
-<img src="40.png" class="imgRz">
-<img src="41.png" class="imgRz">
-<img src="42.png" class="imgRz">
-<img src="43.png" class="imgRz">
-<img src="44.png" class="imgRz">
-<img src="45.png" class="imgRz">
-<p>Now that's done, let's setup the whonix and workstations templates, we will then copy them in the veracrypt harddrive afterward to edit them. So let's go <a href="https://www.whonix.org/wiki/KVM#Download_Whonix">here</a> to download whonix for QEMU:</p>
-
-<img src="1.png" class="imgRz">
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ mv ~/Downloads/Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz .
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ tar -xvf Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_BINARY_LICENSE_AGREEMENT
-WHONIX_DISCLAIMER
-Whonix-Gateway-Xfce-17.0.3.0.xml
-Whonix-Workstation-Xfce-17.0.3.0.xml
-Whonix_external_network-17.0.3.0.xml
-Whonix_internal_network-17.0.3.0.xml
-Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2
-Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ touch WHONIX_BINARY_LICENSE_AGREEMENT_accepted
-</pre></code>
-<p>Next we edit the XML files to have the working VMs, for which we will give 2GB of ram for the gateway, and 4GB of ram for the workstation while also specifying the path to their .qcow2 volumes:</p>
-<pre><code class="nim">
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml | grep GiB
-  <<b></b>memory dumpCore='off' unit='GiB'>4</memory>
-  <<b></b>currentMemory unit='GiB'>4</currentMemory>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/mnt/VAULT/ISOs/whonix/Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-
-
-
-
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml | grep GiB
-  <<b></b>memory dumpCore='off' unit='GiB'>2</memory>
-  <<b></b>currentMemory unit='GiB'>2</currentMemory>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/mnt/VAULT/ISOs/whonix/Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-</pre></code>
-<p>and now to make things easier let's put a refreshvms.sh script in there to remove and restart the VMs:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim refreshvms.sh
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat refreshvms.sh
-#!/bin/bash
-
-#remove VMs
-
-sudo virsh -c qemu:///system destroy Whonix-Gateway
-sudo virsh -c qemu:///system destroy Whonix-Workstation
-sudo virsh -c qemu:///system undefine Whonix-Gateway
-sudo virsh -c qemu:///system undefine Whonix-Workstation
-sudo virsh -c qemu:///system net-destroy Whonix-External
-sudo virsh -c qemu:///system net-destroy Whonix-Internal
-sudo virsh -c qemu:///system net-undefine Whonix-External
-sudo virsh -c qemu:///system net-undefine Whonix-External
-
-echo '[+] VMs removed, re-install them ? (ctrl+c to exit)'
-read
-
-#install VMs
-
-sudo virsh -c qemu:///system net-define Whonix_external*.xml
-sudo virsh -c qemu:///system net-define Whonix_internal*.xml
-sudo virsh -c qemu:///system net-autostart Whonix-External
-sudo virsh -c qemu:///system net-start Whonix-External
-sudo virsh -c qemu:///system net-autostart Whonix-Internal
-sudo virsh -c qemu:///system net-start Whonix-Internal
-sudo virsh -c qemu:///system define Whonix-Gateway*.xml
-sudo virsh -c qemu:///system define Whonix-Workstation*.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ chmod +x refreshvms.sh
-
-</pre></code>
-<p>then run it:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ./refreshvms.sh
-error: Failed to destroy domain 'Whonix-Gateway'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation'
-error: Requested operation is not valid: domain is not running
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-error: Failed to define network from Whonix_internal_network-17.0.3.0.xml
-error: operation failed: network 'Whonix-Internal' already exists with uuid 48298ccf-9352-4b21-b6c4-17ad13ad1d6d
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-
-</pre></code>
-<p>Then launch the VMs from virt-manager:</p>
-<img src="2.png" class="imgRz">
-<p>let's start with the Gateway:</p>
-<img src="3.png" class="imgRz">
-<img src="4.png" class="imgRz">
-<img src="5.png" class="imgRz">
-<img src="6.png" class="imgRz">
-<img src="9.png" class="imgRz">
-<p>Now that's done you can also finish the initial setup for the workstation:</p>
-<img src="7.png" class="imgRz">
-<img src="8.png" class="imgRz">
-<p>So from here you can use whonix regularly to browse with the tor browser, don't forget to disable javascript and to always keep the browser up to date like so:</p>
-<img src="10.png" class="imgRz">
-<p>As suggested above, we'll also upgrade the VMs, and to go further we'll install unattended upgrades (note whonix's default system credentials are <b>user:changeme</b>:</p>
-<pre><code class="nim">
-$ passwd
-$ sudo -i
-# apt update -y ; apt upgrade -y ; apt autoremove -y
-# apt install unattended-upgrades apt-listchanges -y
-# dpkg-reconfigure -plow unattended-upgrades 
-
-^ select yes there
-	
-</code></pre>
-<p>Next step is to have the second workstation which will be used as the vpn over tor setup later on so let's copy the .xml and .qcow2 after shutting down the existing workstation:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ls
-refreshvms.sh                             Whonix_external_network-17.0.3.0.xml            Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-WHONIX_BINARY_LICENSE_AGREEMENT           Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2  Whonix-Workstation-Xfce-17.0.3.0.xml
-WHONIX_BINARY_LICENSE_AGREEMENT_accepted  Whonix-Gateway-Xfce-17.0.3.0.xml                Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_DISCLAIMER                         Whonix_internal_network-17.0.3.0.xml	
-
- 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cp Whonix-Workstation-Xfce-17.0.3.0.xml Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cp Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2 Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-
-</code></pre>
-<p>Then edit the new xml file to match the new VM name:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Workstation2-Xfce-17.0.3.0.xml | grep Workstation2
-  <<b></b>name>Whonix-Workstation2<</b>/name>
-      <<b></b>source file='/mnt/VAULT/ISOs/whonix/Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-	
-</code></pre>
-<p>Then we include it in the refreshVMs.sh script:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat refreshvms.sh
-#!/bin/bash
-
-#remove VMs
-
-sudo virsh -c qemu:///system destroy Whonix-Gateway
-sudo virsh -c qemu:///system destroy Whonix-Workstation
-sudo virsh -c qemu:///system destroy Whonix-Workstation2
-
-sudo virsh -c qemu:///system undefine Whonix-Gateway
-sudo virsh -c qemu:///system undefine Whonix-Workstation
-sudo virsh -c qemu:///system undefine Whonix-Workstation2
-
-
-sudo virsh -c qemu:///system net-destroy Whonix-External
-sudo virsh -c qemu:///system net-destroy Whonix-Internal
-sudo virsh -c qemu:///system net-undefine Whonix-External
-sudo virsh -c qemu:///system net-undefine Whonix-Internal
-
-
-
-
-echo '[+] VMs removed, re-install them ? (ctrl+c to exit)'
-read
-
-#install VMs
-sudo virsh -c qemu:///system net-define Whonix_external*.xml
-sudo virsh -c qemu:///system net-define Whonix_internal*.xml
-
-
-sudo virsh -c qemu:///system net-autostart Whonix-External
-sudo virsh -c qemu:///system net-start Whonix-External
-
-sudo virsh -c qemu:///system net-autostart Whonix-Internal
-sudo virsh -c qemu:///system net-start Whonix-Internal
-
-sudo virsh -c qemu:///system define Whonix-Gateway*.xml
-sudo virsh -c qemu:///system define Whonix-Workstation2*.xml
-sudo virsh -c qemu:///system define Whonix-Workstation-*.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ./refreshvms.sh
-error: Failed to destroy domain 'Whonix-Gateway'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation2'
-error: Requested operation is not valid: domain is not running
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Domain 'Whonix-Workstation2' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-Network Whonix-Internal has been undefined
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-Network Whonix-Internal defined from Whonix_internal_network-17.0.3.0.xml
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation2' defined from Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-
-</code></pre>
-<p>Then edit the new workstation VM to have the 10.152.152.12 ip by default (since the other one has the 10.152.152.11 ip):</p>
-<img src="11.png" class="imgRz">
-<img src="12.png" class="imgRz">
-<p>Now that our VM templates are done, let's put them on our veracrypt harddrive:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ./refreshvms.sh
-[sudo] password for nothing:
-Domain 'Whonix-Gateway' destroyed
-
-Domain 'Whonix-Workstation' destroyed
-
-Domain 'Whonix-Workstation2' destroyed
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Domain 'Whonix-Workstation2' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-Network Whonix-Internal has been undefined
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-^C
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ls
-refreshvms.sh                             Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2       Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-WHONIX_BINARY_LICENSE_AGREEMENT           Whonix-Gateway-Xfce-17.0.3.0.xml                     Whonix-Workstation-Xfce-17.0.3.0.xml
-WHONIX_BINARY_LICENSE_AGREEMENT_accepted  Whonix_internal_network-17.0.3.0.xml                 Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_DISCLAIMER                         Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-Whonix_external_network-17.0.3.0.xml      Whonix-Workstation2-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<img src="14.png" class="imgRz">
-<img src="15.png" class="imgRz">
-<p>Once mounted, let's copy them here and launch them: </p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cd /media/veracrypt1
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cp /mnt/VAULT/ISOs/whonix/* .
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ls -lash
-total 21G
-4.0K drwxr-xr-x 2 nothing nothing 4.0K Oct  8 13:35 .
-4.0K drwxr-xr-x 3 root    root    4.0K Oct  8 13:34 ..
-4.0K -rwxr-xr-x 1 nothing nothing 1.2K Oct  8 13:35 refreshvms.sh
- 40K -rw-r--r-- 1 nothing nothing  39K Oct  8 13:35 WHONIX_BINARY_LICENSE_AGREEMENT
-   0 -rw-r--r-- 1 nothing nothing    0 Oct  8 13:35 WHONIX_BINARY_LICENSE_AGREEMENT_accepted
-8.0K -rw-r--r-- 1 nothing nothing 4.1K Oct  8 13:35 WHONIX_DISCLAIMER
-4.0K -rw-r--r-- 1 nothing nothing  172 Oct  8 13:35 Whonix_external_network-17.0.3.0.xml
-5.2G -rw-r--r-- 1 nothing nothing 101G Oct  8 13:35 Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2
-4.0K -rw-r--r-- 1 nothing nothing 2.4K Oct  8 13:35 Whonix-Gateway-Xfce-17.0.3.0.xml
-4.0K -rw-r--r-- 1 nothing nothing   97 Oct  8 13:35 Whonix_internal_network-17.0.3.0.xml
-6.9G -rw-r--r-- 1 nothing nothing 101G Oct  8 13:35 Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-4.0K -rw-r--r-- 1 nothing nothing 2.3K Oct  8 13:35 Whonix-Workstation2-Xfce-17.0.3.0.xml
-7.0G -rw-r--r-- 1 nothing nothing 101G Oct  8 13:35 Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-4.0K -rw-r--r-- 1 nothing nothing 2.3K Oct  8 13:35 Whonix-Workstation-Xfce-17.0.3.0.xml
-1.3G -rw-r--r-- 1 nothing nothing 1.3G Oct  8 13:35 Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-
-</code></pre>
-<p>Now that's done, you need to edit each XML to make sure it has the correct path in it:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Gateway-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/media/veracrypt1/Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation2-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-	
-</code></pre>
-<p>Then you can use the VMs using the refreshvms.sh script:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ./refreshvms.sh
-[sudo] password for nothing:
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-Network Whonix-Internal defined from Whonix_internal_network-17.0.3.0.xml
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation2' defined from Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<p>Now with this if you are forced to give away the password for that harddrive, you can give them this decoy partition, and they'll find the whonix VMs you've copied there.</p>
-<p>So now dismount the veracrypt partition, to do that you need to first remove the VMs with the script, and then you need to EXIT the folder, otherwise it'll complain and tell you that the target drive is busy and can't be unmounted: </p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ./refreshvms.sh
-error: Failed to destroy domain 'Whonix-Gateway'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation2'
-error: Requested operation is not valid: domain is not running
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Domain 'Whonix-Workstation2' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-Network Whonix-Internal has been undefined
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-^C
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cd ..
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media]
-→
-</code></pre>
-<img src="46.png" class="imgRz">
-<p>Now that's done for the decoy partition, we do the same for the hidden partition:</p>
-<img src="47.png" class="imgRz">
-<img src="48.png" class="imgRz">
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media]
-→ cd veracrypt1
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cp /mnt/VAULT/ISOs/whonix/* .
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ls
-refreshvms.sh                             Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2       Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-WHONIX_BINARY_LICENSE_AGREEMENT           Whonix-Gateway-Xfce-17.0.3.0.xml                     Whonix-Workstation-Xfce-17.0.3.0.xml
-WHONIX_BINARY_LICENSE_AGREEMENT_accepted  Whonix_internal_network-17.0.3.0.xml                 Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_DISCLAIMER                         Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-Whonix_external_network-17.0.3.0.xml      Whonix-Workstation2-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<p>Then edit the paths again:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Gateway-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/media/veracrypt1/Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation2-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-	
-</code></pre>
-<p>Then start the VMs:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ./refreshvms.sh
-[sudo] password for nothing:
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-Network Whonix-Internal defined from Whonix_internal_network-17.0.3.0.xml
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation2' defined from Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<p>You need to keep in mind that currently we have not given out any information about ourselves, other than we've used Tor. We won't stop there, and in order to use a VPN anonymously, you need to acquire it through Tor, buy it with Monero, and force the VPN Connection itself through Tor. Cherry on top is that we're going to use a well-used VPN service, so we won't be the only user with that public VPN ip. But what matters is that we do not give any information about us to the VPN provider. If the VPN provider forces you to provide anything personal (if the vpn provider blocks tor connections, or forces you to buy it with something else than monero), then it would not truly be a non-KYC VPN provider, and thus it's against your privacy. That's the only way you can find out which ones are all just marketing.</p>
-<img src="104.png" class="imgRz">
-<p>Now that's done we can go find a vpn provider for the workstation2, let's try out the very praised mullvad vpn provider <a href="https://kycnot.me/service/mullvad">here</a>, Firstly because it's a non-KYC VPN provider (meaning you can acquire it and use it through Tor, and pay with Monero), also due to the fact that we won't be the only ones using that service, it means we won't need to change the VPN server when we want to have another identity online. On top of that, mullvad gives us the ability to connect to a random server of theirs, via openvpn via TCP on port 443, which is definitely neat because it mimicks web HTTPS traffic, and isn't blockable by tor exit node hosters (which is definitely a trend, most of them block ports that are suceptible to abuse, 443 https being the least likely of them): </p>
-<img src="49.png" class="imgRz">
-<img src="50.png" class="imgRz">
-<p>now to not loose your accesses , make sure to save credentials in a local keepass database on the VM.</p>
-<img src="51.png" class="imgRz">
-<img src="52.png" class="imgRz">
-<img src="53.png" class="imgRz">
-<p>Now let's add time to our account, and of course we will pay with <a href="https://iv.nowhere.moe/watch?v=YTTac2XjyFY">the only cryptocurrency that's used</a>:</p>
-<img src="54.png" class="imgRz">
-<img src="56.png" class="imgRz">
-<p>To get some monero you can buy it on localmonero.co, and make sure it arrives on your monero wallet inside the whonix VM, never trust centralised exchanges with your assets, always keep them locally.</p>
-<img src="55.png" class="imgRz">
-<p>Once it finishes installing, create your monero wallet:</p>
-<img src="57.png" class="imgRz">
-<p>Then say no to mining and use an onion-based monero daemon, like the one i'm hosting, you can find a full list of other ones <a href="https://monero.fail/">here</a>:</p>
-<img src="58.png" class="imgRz">
-<p>Wait for it to finish synchronizing, then get some monero from a vendor on localmonero.co (by giving them a wallet address you'd have created: </p>
-<img src="59.png" class="imgRz">
-<img src="60.png" class="imgRz">
-<p>Once you've paid, download the .ovpn file to connect via vpn:</p>
-<img src="61.png" class="imgRz">
-<p>Then unzip and let's now make sure the vpn goes through tor:</p>
-<img src="62.png" class="imgRz">
-<img src="63.png" class="imgRz">
-<p>To do that we need to make sure the VPN goes through the local SOCKS port 9050, and to mention the entry node which is the gateway 10.152.152.10:</p>
-<img src="66.png" class="imgRz">
-<p>before we launch it keep in mind this:</p>
-<img src="67.png" class="imgRz">
-<p>Then launch the VPN and you can then see that you no longer have a tor exit node IP:</p>
-<img src="68.png" class="imgRz">
-<img src="69.png" class="imgRz">
-<p>Now check your ip from Firefox, not the tor browser:</p>
-<img src="70.png" class="imgRz">
-<p>You can also check if there are any DNS leaks:</p>
-<img src="71.png" class="imgRz">
-<p>here we see the test revealed a dns ip leak, but upon checking (in shodan.io) we see that it's a tor exit IP address:</p>
-<img src="72.png" class="imgRz">
-<p>We can also check if there are any WebRTC leaks:</p>
-<img src="73.png" class="imgRz">
-<p>and there we see that there are no webRTC leaks either, so it's all good.</p>
-<p>To make sure the vpn is started automatically we can make it a systemd service:</p>
-<pre><code class="nim">
-root@workstation:~# cat /etc/systemd/system/vpn.service
-[Unit]
-Description=VPN
-After=network-online.target
-Wants=network-online.target
-
-[Install]
-WantedBy=multi-user.target
-
-[Service]
-Type=simple
-WorkingDirectory=/home/user/Desktop/mullvad_config_linux_nl_ams/
-ExecStart=/usr/sbin/openvpn /home/user/Desktop/mullvad_config_linux_nl_ams/mullvad_nl_ams.conf
-ExecStop=kill -9 $(pidof openvpn)
-Restart=always
-
-root@workstation:~# systemctl daemon-reload ; systemctl enable --now vpn.service ; systemctl restart vpn.service
-
-</pre></code>
-<img src="103.png" class="imgRz">
-<p>Now thanks to that, you can still browse websites anonymously in case if they block tor exit nodes.</p>
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-  <div id="anon2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-
-  <!-- +++++ Second Post +++++ -->
-	<div id="anon1">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Anonymity management</b></h2> </br> </br>
-<p>To implement Anonymity Management, simply ask yourselves the following questions:</p>
-<p>First question to answer is "Is the activity Sensitive, and will I need to be able to deny it's existence ?" If the answer is no, then we have the following questions:</p>
-<img src="105.png" class="imgRz">
-<p>If the website requires you to give it your home address like Amazon for example, you can forget trying to be anonymous because you'll anyway need to de-anonymize yourself with your actions, no matter how you accessed the website.</p>
-<p>If the website doesn't block tor exit nodes, browse it via the Whonix VMs. But if it does, then use the VPN through Tor setup to circumvent the blockage.</p>
-<p>And lastly, for all websites you browsed to anonymously, make sure you log it to have an global view of your online anonymity.</p>
-<img src="106.png" class="imgRz">
-<p>If your activities are sensitive enough that you need to be able to deny their existence, then we make use of veracrypt's plausible deniability features, and we open the whonix VMs from inside the hidden partition.</p>
-<p>And there the same questions apply, but you better remain anonymous while you conduct said sensitive activities.</p>
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-	<!-- +++++ Footer Section +++++ -->
-
-	<div id="anonb">
-		<div class="container">
-			<div class="row">
-				<div class="col-lg-4">
-					<h4>Nihilism</h4>
-          <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
-						
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>My Links</h4>
-					<p>
-
-						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
-
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>About nihilist</h4>
-					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
-				</div><!-- /col-lg-4 -->
-
-			</div>
-
-		</div>
-	</div>
-
-
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    
-  </body>
-</html>

opsec/anonymity/old.html

@@ -1,309 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
-    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
-
-    <title>anonymity Setup</title>
-
-    <!-- Bootstrap core CSS -->
-    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
-	<link href="../../assets/css/xt256.css" rel="stylesheet">
-    
-    
-
-    <!-- Custom styles for this template -->
-    <link href="../../assets/css/main.css" rel="stylesheet">
-
-    
-
-    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
-    <!--[if lt IE 9]>
-      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
-      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
-    <![endif]-->
-  </head>
-
-  <body>
-
-    <!-- Static navbar -->
-    <div class="navbar navbar-inverse-cis navbar-static-top">
-      <div class="container">
-        <div class="navbar-header">
-          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-          </button>
-          <a class="navbar-brand-cis" href="\index.html">The Nihilism Blog</a>
-        </div>
-        <div class="navbar-collapse collapse">
-          <ul class="nav navbar-nav navbar-right">
-
-            <li><a  href="/about.html">About</a></li>
-            <li><a  href="/blog.html">Categories</a></li>
-<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
-            <li><a  href="/contact.html">Contact</a></li>
-          </ul>
-        </div><!--/.nav-collapse -->
-        
-      </div>
-    </div>
-
-	<!-- +++++ Posts Lists +++++ -->
-	<!-- +++++ First Post +++++ -->
-	<div id="cis2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nothing@nowhere - 2023-09-24</ba></p>
-<h1>anonymity Setup </h1>
-<p>In this tutorial we're going to take a look at how to manage your online Anonymity.</p>
-<img src="0.png" class="imgRz">
-<p>We want 3 ways to access websites. The first being while using tor, for complete anonymity. The second is to do the same but to masquerade it with a non-KYC VPN which will also be acquired anonymously, and the last is without any protection.</p>
-<img src="1.png" class="imgRz">
-<p>As a preventive measure, we're going to separate each VMs using VLANs, so that there's a clear separation between any KYC VMs, and VMs used for anonymity. To do so there will be 3 separate VLANs, one being for Anonymity purposes, and the others for KYC use.
-For Anonymity, there will be a veracrypt hidden partition in use for plausible deniability.</p>
-<img src="2.png" class="imgRz">
-<p>To prepare the computer for those tasks, we will rely on opensource software to avoid any tracking, we'll remove logs from arch linux, and from pfsense. </p>
-<p>And lastly, we're going to take a look at how to keep track of your accesses to the websites you access anonymously</p>
-
-          
-	       </div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /grey -->
-
-	<!-- +++++ Second Post +++++ -->
-	<div id="cis3">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Initial Setup </b></h2>
-<p>First let's make sure all logs get erased upon system shutdown (by piping all logs to go to the /tmp/ folder):</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ sudo rm -rf log
-[sudo] password for nothing:
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ sudo ln -s /tmp/ /var/log
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ ls -lash log
-0 lrwxrwxrwx 1 root root 5 Sep 24 18:43 log -> /tmp/
-	
-</code></pre>
-
-<p>Next we're going to install libvirti as seen <a href="../virtual/virtmanager.html">here</a>:</p>
-<pre><code class="nim">
-sudo pacman -S libvirt qemu virt-manager dnsmasq bridge-utils
-	
-sudo systemctl enable --now libvirtd
-
-virt-manager
-
-</code></pre>
-<p>Then create the 2 separate LANs for the VMs in virt-manager like so:</p>
-
-<img src="27.png" class="imgRz">
-<img src="28.png" class="imgRz">
-<p>Then you're going to need to create the pfsense VM, so first get the iso from the <a href="https://www.pfsense.org/download/">official website</a>:</p>
-<img src="8.png" class="imgRz">
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ cd /mnt/VAULT/ISOs
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/mnt/VAULT/ISOs]
-→ mv ~/Downloads/pfSense-CE-2.7.0-RELEASE-amd64.iso.gz .
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/mnt/VAULT/ISOs]
-→ ls -lash | grep pfSense
-730M -rw-r--r--  1 nothing      nothing      730M Sep 24 19:16 pfSense-CE-2.7.0-RELEASE-amd64.iso
-	
-</code></pre>
-<p>Then create the VM:</p>
-<img src="7.png" class="imgRz">
-<img src="9.png" class="imgRz">
-<img src="10.png" class="imgRz">
-<img src="11.png" class="imgRz">
-<p>Before installing the VM we will setup the 3 network cards it will handle: The default WAN, and the 2 LANs </p>
-<img src="12.png" class="imgRz">
-<img src="13.png" class="imgRz">
-<img src="14.png" class="imgRz">
-<img src="15.png" class="imgRz">
-<p>Now let's start installing the pfsense VM:</p>
-<img src="16.png" class="imgRz">
-<img src="17.png" class="imgRz">
-<img src="18.png" class="imgRz">
-<img src="19.png" class="imgRz">
-<img src="20.png" class="imgRz">
-<img src="21.png" class="imgRz">
-<img src="22.png" class="imgRz">
-<p>And now that's done, next step is to make sure pfsense handles the 2 VLANs properly:</p>
-<img src="23.png" class="imgRz">
-<img src="24.png" class="imgRz">
-<img src="25.png" class="imgRz">
-<img src="26.png" class="imgRz">
-<p>Then we set the ip addresses of each interface, starting with the LAN-KYC VLAN:</p>
-<img src="29.png" class="imgRz">
-<img src="30.png" class="imgRz">
-<img src="31.png" class="imgRz">
-<img src="32.png" class="imgRz">
-<p>Then do the same for the LAN-ANON VLAN:</p>
-<img src="36.png" class="imgRz">
-<img src="37.png" class="imgRz">
-<img src="38.png" class="imgRz">
-<p>For this next step, we're going to put a VM in the KYC vlan to finish the pfsense router setup</p>
-<img src="39.png" class="imgRz">
-<img src="40.png" class="imgRz">
-<p>From there, it's a matter of setting up pfsense:</p>
-<img src="41.png" class="imgRz">
-<img src="42.png" class="imgRz">
-<img src="43.png" class="imgRz">
-<img src="44.png" class="imgRz">
-<img src="45.png" class="imgRz">
-<p>To change the pfsense theme to a dark theme, go in System > General Setup > webConfiguratior > Theme > set to pfsense-dark</p>
-<img src="46.png" class="imgRz">
-<p>As you've seen above, we've set 2 temporary public dns servers, so next we're going to setup 2 local TOR DNS servers, which will allow the VMs to resolve any domain anonymously. </p>
-<img src="47.png" class="imgRz">
-<p>Once done, we make sure that pfsense takes these 2 dns servers, and only uses them, will also setup firewall rules to deny any other dns traffic. </p>
-<img src="48.png" class="imgRz">
-<p>Here you can see it's working fine:</p>
-<img src="49.png" class="imgRz">
-<p>Then shutdown the VM, clone it and you'll have the 2 tor DNSes working.</p>
-<img src="50.png" class="imgRz">
-<p>Next just put them in the anon VLAN:</p>
-<img src="51.png" class="imgRz">
-<img src="52.png" class="imgRz">
-<p>Once in there, we make sure that they are DHCP reserved so their ip won't change over time:</p>
-<img src="53.png" class="imgRz">
-<img src="54.png" class="imgRz">
-<img src="55.png" class="imgRz">
-<p>Then do the same for the other tordns:</p>
-<img src="56.png" class="imgRz">
-<img src="57.png" class="imgRz">
-<p>Then from the firewall, we allow the whole subnet to communicate to tordns1 and 2, because they will also be the bridge nodes, and we allow the tordns 1 and 2 servers to connect anywhere with any protocol.
-That way, the only traffic that can escape from the anon subnet, will only be through these 2 servers, that will prevent any data leak from happening.</p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-  <div id="cis2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Setup</b></h2> </br> </br>
-<p></p>
-<img src="" class="imgRz">
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<img src="" class="imgRz">
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<img src="" class="imgRz">
-<pre><code class="nim">
-	
-</code></pre>
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-
-  <!-- +++++ Second Post +++++ -->
-	<div id="cis1">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Setup</b></h2> </br> </br>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-	<!-- +++++ Footer Section +++++ -->
-
-	<div id="cisb">
-		<div class="container">
-			<div class="row">
-				<div class="col-lg-4">
-					<h4>Nihilism</h4>
-          <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
-						
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>My Links</h4>
-					<p>
-
-						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
-
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>About nihilist</h4>
-					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
-				</div><!-- /col-lg-4 -->
-
-			</div>
-
-		</div>
-	</div>
-
-
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    
-  </body>
-</html>