Previous Page

OPSEC: Privacy, Anonymity and Plausible Deniability

Tutorials to show how to achieve Privacy, Anonymity and Plausible Deniability online. I have a quality standard as to how i do these tutorials, if there are any improvements i can do on them please let me know.

SHOWCASED ARTICLE: Learn how to audit your own setup, to determine your Operational Security (OPSEC) Level, and find out what is the most appropriate internet use for it.


Articles Status:

  1. ⭐: Personal Favorite
  2. βœ…: Completed
  3. 🟠: Work in progress
  4. ❌: Not started yet (can be brainstormed on their assigned gitea issues here)

⚠️ This Blog is open to contributions:

If you want to contribute, check out the gitea repository for contributions (along with the guidelines) here, check out the project board here to know the status of which tutorial being assigned to whom. (i'm rewarding 10 to 50 euros in monero per new complete blogpost, as advertised on Xmrbazaar). if the blogpost you want to contribute is not listed below, contact me directly so that I can validate your blogpost idea beforehand. For a step-by-step tutorial on how to contribute, please check out this tutorial.

OPSEC LEVEL 2: Anonymity

πŸ“ Explaining Anonymity

  1. βœ… What is Anonymity ? Why is it Important ?
  2. βœ… Why isn't Privacy enough for Anonymous use ?
  3. βœ… The main source of Anonymity: The Tor Network
  4. βœ… Using Tor Safely: Tor through VPN or VPN through Tor ?
  5. βœ… Phone Numbers are incompatible with Anonymity
  6. ❌ How to protect against fingerprinting (persona, text, files)
  7. ❌ Stylography protection (Running a Local LLM and copy pasting messages)

πŸ’» Clientside - Getting Started (⚠️ Check if your ISP allows Tor or Not!)

  1. ❌ How to setup and navigate Qubes OS
  2. βœ… Tor Web Browser setup
  3. βœ… How to use the Tor Browser on Mobile
  4. βœ… Tails OS QEMU VM for Temporary Anonymity
  5. βœ… VMs for Long-term Anonymity (Whonix QEMU VMs)
  6. ❌ How to Anonymously access websites that block Tor
  7. βœ… Easy Anonymous Chats - SimpleX

πŸ’» Clientside - Censorship Evasion

  1. βœ… How to access Tor when it is being blocked, using VPNs
  2. ❌ How to temporarily access Tor when VPNs are blocked, using Tor bridges
  3. ❌ How to access Tor when VPNs are blocked, using VPSes (SSH port forwarding / OpenVPN port sharing)
  4. ❌ How to access Tor when you are in Russia or China using v2ray (vmess / vless)

πŸ’» File Sharing

  1. βœ… How to send small files Anonymously (Onionshare)
  2. ❌ One on One large file sharing (Syncthing over Tor)
  3. ❌ P2P large file sharing (Torrents over Tor)

πŸ’» Clientside - Decentralized Finances ⭐

  1. βœ… Why Financial decentralisation ? (Cryptocurrencies, Exchanges and KYC) ⭐
  2. βœ… How to setup your Monero Wallet
  3. βœ… Why can't I trust Centralised Exchanges, and random Monero nodes ?
  4. ❌ How to get your first Monero ? (xmrbazaar.com, crypto swaps, p2p chats, or work)
  5. βœ… Haveno Decentralised Exchange direct Fiat -> XMR transaction ⭐
  6. βœ… Haveno DEX Dispute resolution (Fiat -> XMR)
  7. βœ… Haveno DEX Bank Transfer (ex: SEPA) -> XMR transaction
  8. βœ… Haveno DEX Cash By Mail -> XMR transaction ⭐
  9. ❌ Convert Monero into other Cryptos Anonymously (XMR -> BTC w/ BasicSwap DEX)
  10. ❌ Monero Inheritence Management (Threshold encryption (2of3)+ PGP)

πŸ’» Clientside - Making use of Anonymity (Non-KYC Providers)

  1. βœ… How to Get an Email Account Anonymously (Emails as a Service)
  2. βœ… How to Receive Anonymous SMSes (Remote SMSes as a Service)
  3. ❌ How to get a credit card anonymously (Credit cards as a service)
  4. ❌ How to get residential proxies anonymously

πŸ§… Serverside - Contributing to Anonymity

  1. βœ… Tor Node
  2. βœ… Tor Bridge Node
  3. βœ… Tor Exit Node
  4. βœ… Monero Node
  5. βœ… Monero Mining with p2pool (help validate the network)
  6. βœ… Haveno Seed Node
  7. ❌ Haveno DEX Network

πŸ§… Serverside - Anonymous Hidden Services

  1. βœ… Where to host Anonymous Hidden Services ?
  2. βœ… Hidden Service with custom .onion Vanity V3 address
  3. ❌ Basic Webserver setup (NGINX / PHP / MYSQL)
  4. ❌ Minimalistic MoneroSSO .onion setup
  5. ❌ Gitea .onion setup (Code repositories)
  6. ❌ Nextcloud .onion setup (cloud storage)
  7. ❌ Mastodon .onion setup (Microblogging)
  8. ❌ Discourse .onion setup (Forums)
  9. ❌ How to setup Nerostr (Nostr blogging)


πŸ§… Serverside - Anonymous Clearnet Services

  1. βœ… Where to host Anonymous Clearnet Services ?
  2. βœ… How to rent remote servers anonymously (Cloud resellers) ⭐
  3. βœ… How to rent remote domains anonymously (Registrar resellers) ⭐
  4. βœ… Remote anonymous access setup (cockpit + ssh through tor)
  5. βœ… Clearnet Bind9 DNS server setup (with DNSSEC)
  6. βœ… Anonymous (remote or self-hosted) clearnet Mail Server ⭐


⚠️ Miscellaneous - In real life

  1. ❌ How to send a mail package anonymously
  2. ❌ How to recieve a mail package anonymously
  3. βœ… How to remain Anonymous during a protest



OPSEC LEVEL 3: Plausible Deniability

πŸ“ Explaining Plausible Deniability

  1. βœ… What is Plausible Deniability ? Why is it Important ?
  2. βœ… Why Anonymity isn’t enough for Sensitive use ?
  3. 🟠 Sensitive Services: Self-Host or Host Remotely ?

πŸ’» Clientside - Getting Started

  1. βœ… The main source of Plausible Deniability: Veracrypt Hidden Partitions
  2. βœ… Sensitive use VMs Setup (Whonix VMs in a Veracrypt Hidden Volume)⭐
  3. 🟠 Plausibly Deniable Critical Data Backups

πŸ’» Steganography - Hiding secrets in plain sight

  1. βœ… Other sources of Plausible Deniability: Steganography Introduction
  2. βœ… Hiding files in images with Steghide
  3. βœ… Hiding entire zipfiles into videofiles files (zulucrypt)

πŸ’» Decentralised Finances

  1. ❌ How to Cash out your crypto gains (Fiat income limits, and justifications)

⚠️ When you risk being persecuted for just using technology

  1. ❌ When your harddrives must look innocent and you can use Tails
  2. ❌ When your harddrives must look innocent and you can only use VPNs
  3. ❌ When your harddrives must look innocent and you can't use Tails nor VPNs

πŸ§… Serverside - Plausible Deniability at Home (⚠️ Self Hosting = Risky!)

  1. βœ… Open source router VM setup (pfsense on QEMU/KVM)
  2. βœ… Electrical Failover (basic UPS setup)
  3. βœ… Internet Failover (Dual WAN pfsense setup)
  4. ❌ Isolating on-premise hidden services (VM-based restrictive networking)
  5. ❌ Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service)
  6. βœ… Automating Deniable Encryption Protection (USB Changes, detecting movements, and SSH bruteforce attempts)
  7. βœ… Endgame V3 (.onion service Anti DDOS / Load Balancer / WAF + Captcha) ⭐

πŸ§… Serverside - Remote Plausible Deniability (⚠️ Remote Hosting = Safer!)

  1. ❌ When the Adversary is the cloud provider himself
  2. ❌ Protecting against cold boot attacks, with RAM encryption (no hardware access!)
  3. ❌ System Intrusion / Integrity monitoring (kernel modules, binary files, unwanted processes, hardwre changes)
  4. ❌ Custom Linux OS making (debian-based)
  5. ❌ Obtaining a non-KYC dedicated server, with a custom OS
  6. ❌ Intrusion detection on remote servers

⚠️ Miscellaneous - In real life

  1. ❌ When protests go wrong - SimpleX Disappearing Messages



Inspirations

  1. Hack Liberty Resources
  2. Privacy Guides
  3. Simplified Privacy
  4. The Hitchhiker's guide to Anonymity


Non-KYC VPS providers



Current services used:

  1. ServersGuru (KYC-Free reseller of cloud providers like Hetzner)
  2. nicevps.net (KYC-Free registrar)

Previous services:

  1. Incognet (both registrar and cloud provider)
  2. Hostiko (cloud provider)
  3. Other Non-KYC Cloud Providers



LEGAL DISCLAIMER: 
Across the entirety of my blog, in all articles that I made, I advocate for the legal use of technologies, even when I am talking about Privacy-enhancing and Anonymity-enabling technologies. In no way am I advocating for any illegal use of any technology showcased in any article on my blog. as the goal of this blog is to remain stricly informative and educative.


I decline any and all responsibility for any mis-use of any of the technology i showcase in the entirety of my blog. I also decline any and all responsibility for any physical, digital and psychological damage caused by the mis-use of any showcased technology, as the responsibility of such acts remains with the perpretating third-party. By reading this blog, you permanently, irrevocably and world-widely agree that I am in no way am responsible for any illegal action done by you or anyone that uses any of the showcased technology in my blog articles.

Nihilism

Until there is Nothing left.



Creative Commons Zero: No Rights Reserved

About nihilist

Donate XMR: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8


Contact: nihilist@contact.nowhere.moe (PGP)