forked from nihilist/blog-contributions
updated
This commit is contained in:
parent
b7844a2030
commit
5f46f102bf
5
pushtoprod.sh
Executable file
5
pushtoprod.sh
Executable file
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#rsync -razP /home/nihilist/Nextcloud/blog-contributions/servers /home/nihilist/Nextcloud/blog/ --delete
|
||||||
|
rsync -razP /home/nihilist/Nextcloud/blog-contributions/servers /home/nihilist/Nextcloud/blog/
|
||||||
|
|
@ -156,7 +156,7 @@
|
|||||||
<p>📝 Explaining Anonymity</p>
|
<p>📝 Explaining Anonymity</p>
|
||||||
<ol>
|
<ol>
|
||||||
<li><a href="anonymityexplained/index.html">✅ What is Anonymity ? Why is it Important ? </a></li>
|
<li><a href="anonymityexplained/index.html">✅ What is Anonymity ? Why is it Important ? </a></li>
|
||||||
<li><a href="anon.html">❌ Why isn't Privacy Enough ? </a></li>
|
<li><a href="anon.html">❌ Why isn't Privacy enough for Anonymous use ? </a></li>
|
||||||
<li><a href="torvsvpns/index.html">✅ The main source of Anonymity: The Tor Network</a></li>
|
<li><a href="torvsvpns/index.html">✅ The main source of Anonymity: The Tor Network</a></li>
|
||||||
<li><a href="torthroughvpn/index.html">✅ Using Tor Safely: Tor through VPN or VPN through Tor ? </a></li>
|
<li><a href="torthroughvpn/index.html">✅ Using Tor Safely: Tor through VPN or VPN through Tor ? </a></li>
|
||||||
<li><a href="anonpersona/index.html">🟠 Shifting from a public to an Anonymous online persona</a></li>
|
<li><a href="anonpersona/index.html">🟠 Shifting from a public to an Anonymous online persona</a></li>
|
||||||
@ -255,7 +255,7 @@
|
|||||||
<p>📝 Explaining Plausible Deniability</p>
|
<p>📝 Explaining Plausible Deniability</p>
|
||||||
<ol>
|
<ol>
|
||||||
<li><a href="encryption/index.html">✅ What is Plausible Deniability ? Why is it Important ?</a></li>
|
<li><a href="encryption/index.html">✅ What is Plausible Deniability ? Why is it Important ?</a></li>
|
||||||
<li><a href="anon.html">❌ Why isn't Anonymity Enough ? </a></li>
|
<li><a href="anonsensitive/index.html">✅ Why Anonymity isn’t enough for Sensitive use ? </a></li>
|
||||||
<li><a href="anon.html">❌ The main source of Plausible Deniability: Veracrypt Hidden Partitions</a></li>
|
<li><a href="anon.html">❌ The main source of Plausible Deniability: Veracrypt Hidden Partitions</a></li>
|
||||||
<li><a href="anon.html">❌ Other sources of Plausible Deniability: Steganography</a></li>
|
<li><a href="anon.html">❌ Other sources of Plausible Deniability: Steganography</a></li>
|
||||||
<li><a href="sensitiveremotevshome/index.html">🟠 Sensitive Services: Self-Host or Host Remotely ?</a></li>
|
<li><a href="sensitiveremotevshome/index.html">🟠 Sensitive Services: Self-Host or Host Remotely ?</a></li>
|
||||||
|
@ -8,7 +8,7 @@
|
|||||||
<meta name="author" content="">
|
<meta name="author" content="">
|
||||||
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
|
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
|
||||||
|
|
||||||
<title>Why anonymity isn’t enough for sensitive use</title>
|
<title>Why Anonymity isn’t enough for Sensitive use ?</title>
|
||||||
|
|
||||||
<!-- Bootstrap core CSS -->
|
<!-- Bootstrap core CSS -->
|
||||||
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
|
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
|
||||||
@ -53,9 +53,9 @@
|
|||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-lg-8 col-lg-offset-2">
|
<div class="col-lg-8 col-lg-offset-2">
|
||||||
<a href="../anon.html">Previous Page</a></br></br><p><img src="../../assets/img/robert.png" width="50px" height="50px"> <ba>Robert - 6/8/24</ba></p>
|
<a href="../anon.html">Previous Page</a></br></br><p><img src="../../assets/img/robert.png" width="50px" height="50px"> <ba>Robert - 06 / 08 / 24</ba></p>
|
||||||
<h1>Why anonymity isn’t enough for sensitive use</h1>
|
<h1>Why Anonymity isn’t enough for sensitive use ?</h1>
|
||||||
<p>In this post we are going to see why anonymity is not enough for sensitive use, and what can be done about it.</p>
|
<p>In this post we are going to see why Anonymity is not enough for Sensitive use, and what can be done about it.</p>
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
</div><!-- /row -->
|
</div><!-- /row -->
|
||||||
@ -67,13 +67,18 @@
|
|||||||
<div class="container">
|
<div class="container">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col-lg-8 col-lg-offset-2">
|
<div class="col-lg-8 col-lg-offset-2">
|
||||||
<h2><b>Why anonymity is not enough for sensitive use</b></h2>
|
<h2><b>What happens when you are forced to give out your password ?</b></h2>
|
||||||
<p>Let’s say Charlie is using a popular online forum to leak information about a government agency’s unethical behavior. To stay anonymous, he makes sure to connect to the forum only through Tor & VPN, and uses a burner email address to sign up.</p>
|
<p>Let's say that Bob is using a popular online forum to leak information about a government agency’s unethical behavior. To stay anonymous, he makes sure to connect to the forum using at least Tor to connect there. He uses a burner email address to sign up there, to upload the sensitive files. His Anonymity while doing this sensitive action remains solid.</p>
|
||||||
<img src="1.png" class="imgRz">
|
<img src="1.png" class="imgRz">
|
||||||
<p>This anonymity was essential, but not a complete savior. Only 10 people originally had access to the leaked information, so <b>the government uses its key disclosure legislation to issue search warrants for all of their personal hard drives.</b></p>
|
<p>However, there are only 10 people who could have originally had access to the leaked information, and Bob is one of those 10 potential suspects. </p>
|
||||||
|
<p>The adversary makes use of the key disclosure legislation to issue search warrants to all 10 people, to get to know the contents of their personal drives. Essentially, they don't have anything solid against Bob, as the anonymity of the perpetrating party is solid, <b>but they are doing some guess work to try and find anything incriminating against him anyway, to make sure.</b> </p>
|
||||||
<img src="6.png" class="imgRz">
|
<img src="6.png" class="imgRz">
|
||||||
<p>Thankfully, Charlie needn’t worry: he has set up VeraCrypt’s deniable encryption to separate his personal life from his leaks. <b>He gives the authorities the key to the main volume; they find nothing related to the leaks. The government does not know which of the 10 people was the leaker.</b></p>
|
<p>Problem is, the adversary now busts down Bob's door, and <b>forces him to unlock his laptop, and unlock every encrypted volume on his laptop.</b> What then ?</p>
|
||||||
|
<img src="../encryption/4.png" class="imgRz">
|
||||||
|
<p><img src="../de2.png"> <b>Bob didn't implement Deniable Encryption</b>, therefore the adversary forces Bob to unlock his harddrives, and he has no other choice but to comply. He shows all the incriminating evidence contained in there, where he isn't able to deny implications with said Sensitive activity.</p>
|
||||||
<img src="5.png" class="imgRz">
|
<img src="5.png" class="imgRz">
|
||||||
|
<p> Bob's setup, although suitable for Anonymous Use, is not suitable for Sensitive use, <b>due to the lack of Deniable encryption</b></p>
|
||||||
|
<p><img src="../de0.png">For instance, if Bob had implemented <a href="../veracrypt/index.html">VeraCrypt’s deniable encryption</a> to store all that sensitive data, <b>he could've given the password A to open the decoy volume to the adversary, and claimed that there was no hidden volume, and the adversary wouldn't have a way to prove otherwise.</b></p>
|
||||||
</div>
|
</div>
|
||||||
</div><!-- /row -->
|
</div><!-- /row -->
|
||||||
</div> <!-- /container -->
|
</div> <!-- /container -->
|
||||||
|
Loading…
Reference in New Issue
Block a user