blog-contributions/opsec/anonpersona/index.html
2024-08-28 20:13:19 +02:00

222 lines
11 KiB
HTML

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>Shifting To An Anonymous Persona Setup</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
<link href="../../assets/css/xt256.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="../../assets/css/main.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Static navbar -->
<div class="navbar navbar-inverse-anon navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="/about.html">About</a></li>
<li><a href="/blog.html">Categories</a></li>
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
<li><a href="/contact.html">Contact</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-03-11</ba></p>
<h1>Shifting To An Anonymous Persona Setup </h1>
<img src="0.png" style="width:250px">
<p>In this tutorial we're going to look at how you can move from a public persona to an anonymous one online along with the process behind it. </p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<!-- +++++ Second Post +++++ -->
<div id="anon3">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Self-Auditing</b></h2>
<p>Let's first assume that you have a public internet presence online, you have a domain name registered to your name, and you host some services online. </p>
<p>Let's also assume that you have followed the previous tutorials, meaning you now have whonix VMs in a veracrypt hidden partition that you can deny the existence of <b>(reminder: do NOT use SSDs, use HDDs otherwise devices that use wear-leveling can reveal the existence of a hidden partition)</b>.</p>
<p>So from now on your publicly you're going to PGP sign a message for everyone to see that you wish to sell the domain and all of it's subdomain services to someone else, and to message you over email/ or a chatrom for the price. The message can look as follows: </p>
<pre><code class="nim">
Hi all, planning to stop all of my services soon due to lack of interest / or X Y Z.
Please note that i'm ready to take offers as i'm selling the domain and all of it's underlying services to the highest bidder.
Contact me at email@example.com to discuss this offer if you're interested.
</pre></code>
<img src="1.png" class="imgRz">
<p>Basically here you're going to want someone anonymous to buy your services, officially. Secretly you will simply have moved to an anonymous way of operating.</p>
<img src="2.png" class="imgRz">
<p>Unless if you're hosting something incredible, Most likely noone will answer, but in the meantime you're going to audit your infrastructure on the following points:</p>
<pre><code class="nim">
-How is your domain accessed ?
-Did you register your domain under your own name ?
-Did you buy your domain using monero ?
-How are your servers accessed ?
-Did you ever not access those servers locally or through tor alone (ssh through tor)?
-Did you rent those servers under your own name ?
-Did you ever pay for those servers without using monero ?
-Do you have any services hosted at home ?
-if so, are they accessible through your public home IP ?
-if not, are they all accessible through a remote VPN gateway ?
-if not, are they all accessible through tor alone (via a .onion link) ?
-are they behind an open-source router such as pfsense ?
-Did you implement the recommended physical security measures in the previous tutorials?
-for any local home server: movement detection, usb changes, unauthorized login attempts, secret maintenance procedure ?
-for any client device (laptop/mainpc/phone):
-is the host OS of those devices open source ? (linux for pcs, grapheneOS for phone ?)
-are they all tampered protected ?
-Did you implement a secure OPSEC for your online accesses to services ?
- did you ever reuse a password on a closed-source OS ?
- did you ever reuse a password at all for an online service ?
- did you ever use your public IP, or a VPN IP to create an online email account that you've used in the past ?
- did you ever try to do any anonymous activity using that email account ?
</code></pre>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Formulating the plan</b></h2> </br> </br>
<p>Once you have the answer to all these questions, you're going to need to formulate a plan to move all of those services to their anonymous counterpart. Yes, sacrifices will need to be made.</p>
<pre><code class="nim">
-If you have any public domains, you're going to transfer it to a non-KYC domain name registrar or reseller, one that accepts monero and tor traffic, such as https://nicevps.net
-If you have any public servers, you're going to need to transfer all of your services to another server that will be bought with monero and accessed through tor alone. such as https://servers.guru
-If you have any servers at home, you're going to need to make sure that no traffic ever goes to and from your public servers without going through Tor first-hand.
-If you have any servers at home, you're going to need to make sure that they're behind an open-source router such as pfsense. (because closed-source routers cannot be trusted due to government pressures.
-If you have not implemented the required physical security measures for your client and home server devices, apply them as listed above.
-If you have ever used a password or an email with bad OPSEC as listed above, consider it burned and immediately give up using those moving forward.
-You must have an email address for public activities, and another for anonymous activities.
-You must have a master password for a keepass databse for public activities, and another for private activities, and another for anonymous activities.
</pre></code>
<p>Here's how your ideal infrastructure must look like, if you want to maintain anonymity online:</p>
<img src="3.png" class="imgRz">
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Second Post +++++ -->
<div id="anon1">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Carrying out the plan</b></h2> </br> </br>
<p>Once the plan is clear to you, it's time to implement it. This whole anonymization process can be disguised as a "i've sold all of my services to this anonymous guy online" scenario, while "This anonymous guy online" is secretely you, from the Whonix VMs inside of your hidden veracrypt partitions. A typical anonymization of your services would look like this: </p>
<pre><code class="nim">
Conversation on email / in a chatroom:
A: Hey i want to buy your services, i can pay 2 XMR
you: sure, here's my XMR address:
A:payment sent, awaiting accesses
you: ok payment recieved, here is the domain transfer code for domainexample.com: mkmkkljnnuju, i made sure it was unlocked
A: ok i've created the transfer request on nicevps.net, it will get transferred in a few days (can take 2 weeks for example). Please send me the accesses to your public servers.
you: here is SSH root access for server A, B, and C (typically the 2 dns servers, and the main public server)
A: ok i changed all of the accesses, please send me the files for the X Y Z services that you host at home. i've created a temporary user you can SSH with to copy the files in /tmp/
you: ok i just SCP'd (sent via SSH) the files in /tmp/
A: recieved, thanks.
you: Please publicly state, and PGP-sign that the domain, and all of it's servers have been bought by you, by mentioning the new name, email and the plan moving forward.
A: Domain has been successfully transfered to nicevps.net, all good thanks.
A: done, and added to the public page as an announcement, thanks.
</pre></code>
<img src="" class="imgRz">
<p>Make sure that you save the proof of the transaction (the whole chatlog, and the monero transaction ID), and that you sign it with you PGP key just in case if an adversary asks if you still are the owner of those services.</p>
<p>As a result, publicly you will now state that you no longer offer any of the services you were doing previously, and that someone else took over the website and services after buying it.</p>
<p>While secretely onwards, <b>these services will all be accessed, paid for and administered anonymously by you from the Whonix VMs you have inside your hidden veracrypt partition.</b></p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Footer Section +++++ -->
<div id="anonb">
<div class="container">
<div class="row">
<div class="col-lg-4">
<h4>Nihilism</h4>
<p>
Until there is Nothing left.
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>My Links</h4>
<p>
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://matrix.to/#/#nowheremoe:nowhere.moe">Matrix Chat</a><br/>
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>About nihilist</h4>
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
</body>
</html>