From 60595ecb63d357c99246cfb440241c7ad14e93f5 Mon Sep 17 00:00:00 2001 From: nihilist Date: Sun, 15 Sep 2024 14:06:09 +0200 Subject: [PATCH] updatd list of tutorials, with latest brainstorm --- opsec/index.html | 56 +++++++++++++------ .../index.html | 4 +- opsec/tailsqemuvm/index.html | 2 +- 3 files changed, 42 insertions(+), 20 deletions(-) diff --git a/opsec/index.html b/opsec/index.html index 67366d8..d30d02b 100644 --- a/opsec/index.html +++ b/opsec/index.html @@ -114,7 +114,11 @@
- +

πŸ’» File Sharing

+
    +
  1. ❌ One on One large file sharing (Syncthing over VPN)
  2. +
  3. ❌ P2P large file sharing (Torrents over VPN)
  4. +

πŸ’» Privacy means Open Source (FOSS)

@@ -127,6 +131,7 @@
  • βœ… Serverside: Should I trust serverside encryption? Should I use PGP?
  • βœ… Private Messaging (PGP encryption)

  • +

    ⚠️ Miscellaneous - In real life

    1. ❌ Hide the contents of a mail package
    2. @@ -154,8 +159,8 @@
    3. βœ… Why isn't Privacy enough for Anonymous use ?
    4. βœ… The main source of Anonymity: The Tor Network
    5. βœ… Using Tor Safely: Tor through VPN or VPN through Tor ?
    6. -
    7. 🟠 Shifting from a public to an Anonymous online persona
    8. 🟠 Phone Numbers are incompatible with Anonymity
    9. +
    10. ❌ Stylography protection (Running a Local LLM and copy pasting messages)

    πŸ’» Clientside - Getting Started (⚠️ Check if your ISP allows Tor or Not!)

    @@ -164,10 +169,15 @@
  • βœ… How to use the Tor Browser on Mobile
  • βœ… Tails OS QEMU VM for Temporary Anonymity
  • βœ… VMs for Long-term Anonymity (Whonix QEMU VMs)
  • -
  • ❌ How to send files Anonymously (Onionshare)

  • +

    πŸ’» File Sharing

    +
      +
    1. ❌ How to send small files Anonymously (Onionshare)
    2. +
    3. ❌ One on One large file sharing (Syncthing over Tor)
    4. +
    5. ❌ P2P large file sharing (Torrents over i2p or Tor)
    6. +

    πŸ’» Clientside - Decentralized Finances ⭐

    @@ -261,27 +271,15 @@
    1. βœ… What is Plausible Deniability ? Why is it Important ?
    2. βœ… Why Anonymity isn’t enough for Sensitive use ?
    3. -
    4. ❌ The main source of Plausible Deniability: Veracrypt Hidden Partitions
    5. 🟠 Sensitive Services: Self-Host or Host Remotely ?

    πŸ’» Clientside - Getting Started

      -
    1. βœ… Plausible Deniability (Veracrypt Hidden Partition)
    2. -
    3. βœ… Plausibly Deniable Critical Data Protection
    4. +
    5. βœ… The main source of Plausible Deniability: Veracrypt Hidden Partitions
    6. +
    7. βœ… Plausibly Deniable Critical Data Backups
    8. 🟠 Plausibly Deniable Anonymity VMs (Whonix VMs in a Hidden Volume)⭐

    -
    -
    - -

    πŸ§… Serverside - Protecting Plausible Deniability (⚠️ Self Hosting = Risky!)

    -
      -
    1. βœ… Open source router VM setup (pfsense on QEMU/KVM)
    2. -
    3. βœ… Electrical Failover (basic UPS setup)
    4. -
    5. βœ… Internet Failover (Dual WAN pfsense setup)
    6. -
    7. βœ… Physical Protection for an .onion Service (SSH + USB + Physical intrusion detection, automatic mail notifications, emergency shutdowns)
    8. -
    9. βœ… Endgame V3 (.onion service Anti DDOS / Load Balancer / WAF service + Captcha) ⭐
    10. -

    πŸ’» Steganography - Hiding secrets in plain sight

    1. ❌ Other sources of Plausible Deniability: Steganography
    2. @@ -289,6 +287,30 @@
    3. βœ… Hiding entire zipfiles into videofiles files (zulucrypt)

    +
    + +
    + +

    πŸ§… Serverside - Plausible Deniability at Home (⚠️ Self Hosting = Risky!)

    +
      +
    1. βœ… Open source router VM setup (pfsense on QEMU/KVM)
    2. +
    3. βœ… Electrical Failover (basic UPS setup)
    4. +
    5. βœ… Internet Failover (Dual WAN pfsense setup)
    6. +
    7. ❌ Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service)
    8. +
    9. βœ… Automating Deniable Encryption Protection (USB Changes, detecting movements, and SSH bruteforce attempts)
    10. +
    11. βœ… Endgame V3 (.onion service Anti DDOS / Load Balancer / WAF + Captcha) ⭐
    12. +

    +

    πŸ§… Serverside - Remote Plausible Deniability (⚠️ Remote Hosting = Safer!)

    +
      +
    1. ❌ When the Adversary is the cloud provider himself
    2. +
    3. ❌ Protecting against cold boot attacks, with RAM encryption (no hardware access!)
    4. +
    5. ❌ System Intrusion / Integrity monitoring (kernel modules, binary files, unwanted processes, hardwre changes)
    6. +
    7. ❌ Custom Linux OS making (debian-based)
    8. +
    9. ❌ Obtaining a non-KYC dedicated server, with a custom OS
    10. +
    11. ❌ Intrusion detection on remote servers
    12. +

    + + diff --git a/opsec/plausiblydeniabledataprotection/index.html b/opsec/plausiblydeniabledataprotection/index.html index 7a671bd..b1f1ec2 100644 --- a/opsec/plausiblydeniabledataprotection/index.html +++ b/opsec/plausiblydeniabledataprotection/index.html @@ -8,7 +8,7 @@ - Plausibly Deniable Data Protection Setup + Plausibly Deniable Data Backups Setup @@ -61,7 +61,7 @@
    Previous Page

    nihilist@mainpc - 2024-03-10

    -

    Plausibly Deniable Data Protection Setup

    +

    Plausibly Deniable Data Backups Setup

    In this tutorial we're going to look at how you can backup your critical data (Keepass accesses, pgp key, ssh key, etc) while still maintaining the plausible deniability.


    DISCLAIMER: we're using only harddrives (HDDs) here, because using SSDs are not a secure way to have Plausible Deniability, that is due to hidden Volumes being detectable on devices that utilize wear-leveling diff --git a/opsec/tailsqemuvm/index.html b/opsec/tailsqemuvm/index.html index bea4207..278f689 100644 --- a/opsec/tailsqemuvm/index.html +++ b/opsec/tailsqemuvm/index.html @@ -87,7 +87,7 @@

    Tails Setup

    -

    First we download Tails OS as a USB image here:

    +

    First we download Tails OS as a USB image here:

    Then we resize the image size to be able to contain persistent storage (in this case, i'll make it 8Gbs):