fix notrace.how footnotes

2025-06-09 07:12:54 -04:00 · 2024-04-15 21:38:33 +00:00 · 2024-04-15 21:38:33 +00:00 · 3c2946baac
commit 3c2946baac
parent cba3b08223
8 changed files with 27 additions and 27 deletions
--- a/content/posts/e2ee/index.md
+++ b/content/posts/e2ee/index.md
@ -22,9 +22,10 @@ Before proceeding, let’s go over a few concepts to help you distinguish betwee
 * **Peer-to-peer** means that the messages do not pass through a centralized server. 
 * **Tor** is an [anonymity network](/glossary/#tor-network). Some applications route your messages through Tor by default. 
-For a more in-depth look at these various considerations, we recommend [The Guide to Peer-to-Peer, Encryption, and Tor: New Communication Infrastructure for Anarchists](https://www.notrace.how/resources/#the-guide-to-peer-to-peer-encryption-and-tor). This text criticizes Signal for not being peer-to-peer and not using Tor by default, and goes on to compare Signal, Cwtch, and Briar. 
+For a more in-depth look at these various considerations, we recommend [The Guide to Peer-to-Peer, Encryption, and Tor: New Communication Infrastructure for Anarchists](https://notrace.how/resources/#the-guide-to-peer-to-peer-encryption-and-tor). This text criticizes Signal for not being peer-to-peer and not using Tor by default, and goes on to compare Signal, Cwtch, and Briar. 
 Since anonymous public-facing projects such as counter-info websites interact with unknown (ie untrusted) contacts, they need more from encrypted communication than a personal user. These additional needs include:
 * That anyone can contact the project
 * Resiliency to [correlation attacks](/glossary/#correlation-attack) 
 * Resiliency to [exploits](/glossary/#exploit) 
@ -33,8 +34,9 @@ Since anonymous public-facing projects such as counter-info websites interact wi
 The following recommendations for encrypted messaging are listed in order of highest to lowest metadata protection. 
 **TLDR:** 
 * Cwtch for text communication 
-* SimpleX Chat or Signal for voice or video calls
+* SimpleX Chat or Signal for voice/video calls
 * PGP Email for anonymously-run public projects
 # Cwtch
@ -47,7 +49,7 @@ The following recommendations for encrypted messaging are listed in order of hig
 * **Peer-to-peer**: Yes
 * **Tor**: Yes
-Cwtch is our preference for text communication by a long shot. For an overview of how Cwtch works, watch the video below. Cwtch is designed with metadata protection in mind; it's peer-to-peer, uses the Tor network, and stores all data locally on the device, encrypted.
+Cwtch is our preference for text communication by a long shot. Cwtch is designed with metadata protection in mind; it's peer-to-peer, uses the Tor network, and stores all data locally on the device, encrypted.
 <br>
@ -55,8 +57,6 @@ Cwtch is our preference for text communication by a long shot. For an overview o
   <source src="cwtch-explainer.mp4" type="video/mp4">
 </video>
 <p style="text-align:center"><em>How Cwtch works</em></p>
 <br>
 Like all peer-to-peer communication, Cwtch requires *[synchronous](/glossary/#synchronous-communication)* communication, meaning that both people must be online at the same time. However, its server feature also allows *[asynchronous](/glossary/#asynchronous-communication)* communication by providing offline delivery:
@ -265,9 +265,9 @@ Signing up for a Signal account is difficult to do anonymously. The account is t
 Another barrier to anonymous registration is that Signal Desktop will only work if Signal is first registered from a smartphone. For users familiar with the [command line](/glossary/#command-line-interface-cli), it is possible to register an account from a computer using [Signal-cli](https://0xacab.org/about.privacy/messengers-on-tails-os/-/wikis/HowTo#signal). The [VoIP](/glossary#voip-voice-over-internet-protocol) account used for registration would have to be obtained anonymously. 
-These barriers to anonymous registration mean that Signal is rarely used anonymously. This has significant implications if the State gains [physical](/glossary/#physical-attacks) or [remote](/glossary/#remote-attacks) access to the device. One of the primary goals of State surveillance of anarchists is [network mapping](https://www.notrace.how/threat-library/techniques/network-mapping.html), and it's common for them to gain physical access to devices through [house raids](https://www.notrace.how/threat-library/techniques/house-raid.html) or arrests. For example, if police bypass your device's [authentication](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), they can identify Signal contacts (as well as the members of any groups you are in) simply by their phone numbers, if those contacts haven't changed their settings to hide their phone number. 
+These barriers to anonymous registration mean that Signal is rarely used anonymously. This has significant implications if the State gains [physical](/glossary/#physical-attacks) or [remote](/glossary/#remote-attacks) access to the device. One of the primary goals of State surveillance of anarchists is [network mapping](https://notrace.how/threat-library/techniques/network-mapping.html), and it's common for them to gain physical access to devices through [house raids](https://notrace.how/threat-library/techniques/house-raid.html) or arrests. For example, if police bypass your device's [authentication](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), they can identify Signal contacts (as well as the members of any groups you are in) simply by their phone numbers, if those contacts haven't changed their settings to hide their phone number. 
-In a recent [repressive operation in France against a riotous demonstration](https://www.notrace.how/resources/read/lafarge-case-the-investigation-methods-used.html#header-access-to-phone-contents-during-and-after-police-custody), the police did exactly that. Police seized suspects' phones during arrests and house raids, as well as targeting them through spyware, and then identified Signal contacts and group members. These identities were added to the list of suspects who were subsequently investigated.
+In a recent [repressive operation in France against a riotous demonstration](https://notrace.how/resources/read/lafarge-case-the-investigation-methods-used.html#header-access-to-phone-contents-during-and-after-police-custody), the police did exactly that. Police seized suspects' phones during arrests and house raids, as well as targeting them through spyware, and then identified Signal contacts and group members. These identities were added to the list of suspects who were subsequently investigated.
 The risk of a compromised device aiding the police in network mapping is partly mitigated by the [username feature](https://signal.org/blog/phone-number-privacy-usernames/) — use it to prevent a Signal contact from being able to learn your phone number. In **Settings → Privacy → Phone Number**, set both **Who can see my number** and **Who can find me by number** to **Nobody**. We recommend that you select a username and profile photo that won't be useful for establishing your identity. For voice and video calls, Signal reveals the IP address of both parties by default, which could also be used to identify Signal contacts. If you aren't using Signal from behind a VPN or Tor, then in **Settings → Privacy → Advanced**, enable **Always relay calls** to prevent this. 
--- a/content/posts/grapheneos/index.md
+++ b/content/posts/grapheneos/index.md
@ -201,4 +201,4 @@ By storing the phone in a tamper-evident manner when it's not in use, you'll be
 The [forum](https://discuss.grapheneos.org/) is generally very helpful for any remaining questions you may have. 
-For information on burner phones, see the [No Trace Project](https://www.notrace.how/threat-library/mitigations/anonymous-phones.html).
+For information on burner phones, see the [No Trace Project](https://notrace.how/threat-library/mitigations/anonymous-phones.html).
--- a/content/posts/linux/index.md
+++ b/content/posts/linux/index.md
@ -20,7 +20,7 @@ As an anarchist, someone's probably recommended that you use a Linux computer at
 # What is Linux and Why Use It? 
-If you're reading this, you're probably using either Windows or macOS on your computer. These are both [operating systems](/glossary#operating-system-os), which is the system software that runs your device. They're also both "closed-source", which means that the software's "*source* code" is not available (*closed*) to the public, so it can't be audited for privacy and security. Windows and macOS computers send your data to Microsoft and Apple, and you can't trust their [full-disk encryption](/glossary#full-disk-encryption-fde) to protect your data if the computer is [physically accessed](/glossary/#physical-attacks) (like after a [house raid](https://www.notrace.how/threat-library/techniques/house-raid.html)). 
+If you're reading this, you're probably using either Windows or macOS on your computer. These are both [operating systems](/glossary#operating-system-os), which is the system software that runs your device. They're also both "closed-source", which means that the software's "*source* code" is not available (*closed*) to the public, so it can't be audited for privacy and security. Windows and macOS computers send your data to Microsoft and Apple, and you can't trust their [full-disk encryption](/glossary#full-disk-encryption-fde) to protect your data if the computer is [physically accessed](/glossary/#physical-attacks) (like after a [house raid](https://notrace.how/threat-library/techniques/house-raid.html)). 
 Linux is a set of operating systems that are [open-source](/glossary#open-source), which means that the *source* code can be analyzed by anyone. Linux is the name given to the core (**kernel**) of the operating system, and many different **distributions** (or 'distros') are based on it.  
--- a/content/posts/nophones/index.md
+++ b/content/posts/nophones/index.md
@ -14,7 +14,7 @@ a4="nophones-a4.pdf"
 letter="nophones-letter.pdf"
 +++
-Effective [security culture and operational security](https://www.notrace.how/resources/read/csrc-bulletin-1-en.html#header-a-base-to-stand-on-distinguishing-opsec-and-security-culture) prevents the forces of repression from knowing about our specific criminal activities, but also about our lives, [relationships](https://www.notrace.how/threat-library/techniques/network-mapping.html), movement patterns, and so on. This knowledge is a huge advantage in narrowing down suspects and conducting targeted surveillance. Your phone's location is [tracked at all times](https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon), and this data is harvested by private companies, allowing police to bypass needing to obtain a warrant. The phone's [hardware identifiers and subscription information](https://anonymousplanet.org/guide.html#your-imei-and-imsi-and-by-extension-your-phone-number) are logged by each and every cell tower your phone connects to. Hacking services like [Pegasus](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/) put total phone compromise within reach of even local law enforcement and are "zero-click," meaning they don't depend on you clicking a link or opening a fileto hack your phone. 
+Effective [security culture and operational security](https://notrace.how/resources/read/csrc-bulletin-1-en.html#header-a-base-to-stand-on-distinguishing-opsec-and-security-culture) prevents the forces of repression from knowing about our specific criminal activities, but also about our lives, [relationships](https://notrace.how/threat-library/techniques/network-mapping.html), movement patterns, and so on. This knowledge is a huge advantage in narrowing down suspects and conducting targeted surveillance. Your phone's location is [tracked at all times](https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon), and this data is harvested by private companies, allowing police to bypass needing to obtain a warrant. The phone's [hardware identifiers and subscription information](https://anonymousplanet.org/guide.html#your-imei-and-imsi-and-by-extension-your-phone-number) are logged by each and every cell tower your phone connects to. Hacking services like [Pegasus](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/) put total phone compromise within reach of even local law enforcement and are "zero-click," meaning they don't depend on you clicking a link or opening a fileto hack your phone. 
 <!-- more -->
@ -22,7 +22,7 @@ On the flip side, after more than 30 arsons in a small town in France went unsol
 # Encryption and Geolocation
-Some comrades respond to the issues that arise with smartphones by using flip phones or a landline to communicate with each other, but since these devices are not [encrypted](/glossary/#encryption), the State can see the content of your conversations, who you call and who calls you. For example, in a [recent repressive operation](https://www.notrace.how/resources/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan), the police tracked the geolocation of the suspect's flip phone phone in real time and made a list of everyone the suspect called. 
+Some comrades respond to the issues that arise with smartphones by using flip phones or a landline to communicate with each other, but since these devices are not [encrypted](/glossary/#encryption), the State can see the content of your conversations, who you call and who calls you. For example, in a [recent repressive operation](https://notrace.how/resources/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan), the police tracked the geolocation of the suspect's flip phone phone in real time and made a list of everyone the suspect called. 
 It has become quite common for comrades to carry cell phones around with them wherever they go, and, where people use flip phones, to make unencrypted calls to other anarchists. We think both of these practices should be avoided. Let's not make the job of the police and intelligence agencies so easy by providing them with our social networks and geolocation history on a silver platter. 
--- a/content/posts/qubes/index.md
+++ b/content/posts/qubes/index.md
@ -21,9 +21,9 @@ Qubes OS can be configured to force all Internet connections through the [Tor ne
 # Who is Qubes OS For? 
-Given that anarchists are [regularly targeted](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/malware.html) for hacking in repressive investigations, Qubes OS is an excellent choice for us. AnarSec [recommends](/recommendations) Qubes OS for everyday use, and [below](/posts/qubes/#when-to-use-tails-vs-qubes-os) we compare when it is appropriate to use Tails vs. Qubes OS — both have unique strengths. While Tails is so easy to use that you don't even need to know anything about Linux, Qubes OS is a bit more involved, but still designed to be accessible to users with limited technical know-how, like journalists. This guide is labelled as "intermediate", though if you need to extensively customize your set up or troubleshoot something, it is more likely to be "advanced". 
+Given that anarchists are [regularly targeted](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/malware.html) for hacking in repressive investigations, Qubes OS is an excellent choice for us. AnarSec [recommends](/recommendations) Qubes OS for everyday use, and [below](/posts/qubes/#when-to-use-tails-vs-qubes-os) we compare when it is appropriate to use Tails vs. Qubes OS — both have unique strengths. While Tails is so easy to use that you don't even need to know anything about Linux, Qubes OS is a bit more involved, but still designed to be accessible to users with limited technical know-how, like journalists. This guide is labelled as "intermediate", though if you need to extensively customize your set up or troubleshoot something, it is more likely to be "advanced". 
-Even if you don't do anything directly incriminating on the computer you use every day, if it were compromised, this would still give investigators a field day for [network mapping](https://www.notrace.how/threat-library/techniques/network-mapping.html) — knowing who you talk to and what you talk to them about, what projects you are involved in, what websites you read, etc. Most anarchists use everyday computers for some anarchist projects and to communicate with other comrades, so making our personal computers difficult to hack is an important baseline for all anarchists. That said, the time investment to learn Qubes OS isn't for everyone. For those with limited energy to put towards increased anonymity and security, Tails is much more straightforward.  
+Even if you don't do anything directly incriminating on the computer you use every day, if it were compromised, this would still give investigators a field day for [network mapping](https://notrace.how/threat-library/techniques/network-mapping.html) — knowing who you talk to and what you talk to them about, what projects you are involved in, what websites you read, etc. Most anarchists use everyday computers for some anarchist projects and to communicate with other comrades, so making our personal computers difficult to hack is an important baseline for all anarchists. That said, the time investment to learn Qubes OS isn't for everyone. For those with limited energy to put towards increased anonymity and security, Tails is much more straightforward.  
 # How Does Qubes OS Work? 
@ -77,7 +77,7 @@ Qubes OS includes Whonix by default (Qubes-Whonix) for when you want to force al
 For more information on how Whonix compares to Tails against different types of deanonymization attacks, see the [Whonix documentation](https://www.whonix.org/wiki/Comparison_with_Others#Circumventing_Proxy_Obedience_Design).
-In order to recover data from a Qubes OS system when it is turned off, an adversary would still need to successfully [bypass](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html) the [Full Disk Encryption](/glossary#full-disk-encryption-fde) (e.g. by seizing the computer when it is turned on, or cracking a weak password). In order to recover data from a Tails system when it is turned off, **the situation is the same if any data is saved to Persistent Storage or an encrypted USB** — this saved data is no longer protected by anti-forensic features but by Full Disk Encryption. 
+In order to recover data from a Qubes OS system when it is turned off, an adversary would still need to successfully [bypass](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html) the [Full Disk Encryption](/glossary#full-disk-encryption-fde) (e.g. by seizing the computer when it is turned on, or cracking a weak password). In order to recover data from a Tails system when it is turned off, **the situation is the same if any data is saved to Persistent Storage or an encrypted USB** — this saved data is no longer protected by anti-forensic features but by Full Disk Encryption. 
 Our recommendation is to use Tails:
@ -299,7 +299,7 @@ You don't always need to attach a USB drive to another qube with the Qubes Devic
 # How to Backup
-Once your qubes are organized the way you want them, you should back up your system. Depending on your needs, we recommend a weekly backup. We also recommend making a redundant backup that you store off-site and synchronize monthly (to protect against data loss in a [house raid](https://www.notrace.how/threat-library/techniques/house-raid.html)).  
+Once your qubes are organized the way you want them, you should back up your system. Depending on your needs, we recommend a weekly backup. We also recommend making a redundant backup that you store off-site and synchronize monthly (to protect against data loss in a [house raid](https://notrace.how/threat-library/techniques/house-raid.html)).  
 Adapted from the [docs](https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/#creating-a-backup):
@ -355,7 +355,7 @@ Configuring Qubes OS is much more flexible than configuring Tails, but most of t
 	* Compartmentalization is baked into Qubes OS; instead of restarting Tails, use a dedicated qube. 
 * Limitations of the Tor network
 	* For sensitive activities, don't use Internet connections that could deanonymize you, and prioritize .onion links when available. BusKill is also [available for Qubes OS](https://www.buskill.in/qubes-os/) (and we recommend not obtaining it through the mail).
-	* If you might be a target for physical surveillance, consider doing [surveillance detection](https://www.notrace.how/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://www.notrace.how/threat-library/mitigations/anti-surveillance.html) before going to a cafe to use the Internet. Alternatively, use a Wi-Fi antenna from indoors. See the Tails article for further discussion of deciding what Internet to use.  
+	* If you might be a target for physical surveillance, consider doing [surveillance detection](https://notrace.how/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://notrace.how/threat-library/mitigations/anti-surveillance.html) before going to a cafe to use the Internet. Alternatively, use a Wi-Fi antenna from indoors. See the Tails article for further discussion of deciding what Internet to use.  
 * Reducing risks when using untrusted computers
 	* The [verification stage](https://www.qubes-os.org/security/verifying-signatures/) of the Qubes OS installation is equivalent to the [GnuPG verification of Tails](https://tails.net/install/expert/index.en.html).
 	* Only attach USBs and external drives to a qube that is disposable and offline. 
--- a/content/posts/tails-best/index.md
+++ b/content/posts/tails-best/index.md
@ -14,7 +14,7 @@ a4="tails-best-a4.pdf"
 letter="tails-best-letter.pdf"
 +++
-This text describes some additional precautions you can take that are relevant to an anarchist [threat model](/glossary/#threat-model) — operational security for Tails. Not all anarchist threat models are the same, and only you can decide which mitigations are worth putting into practice for your activities, but we aim to provide advice that is appropriate for high-risk activities. The [No Trace Project Threat Library](https://www.notrace.how/threat-library/) is another great resource for thinking through your threat model and appropriate mitigations. If you are new to Tails, start with [Tails for Anarchists](/posts/tails/). 
+This text describes some additional precautions you can take that are relevant to an anarchist [threat model](/glossary/#threat-model) — operational security for Tails. Not all anarchist threat models are the same, and only you can decide which mitigations are worth putting into practice for your activities, but we aim to provide advice that is appropriate for high-risk activities. The [No Trace Project Threat Library](https://notrace.how/threat-library/) is another great resource for thinking through your threat model and appropriate mitigations. If you are new to Tails, start with [Tails for Anarchists](/posts/tails/). 
 <!-- more -->
@ -39,7 +39,7 @@ You can mitigate this first issue by **cleaning metadata from files before shari
 You can mitigate this second issue by what's called **"compartmentalization"**:
-* [Compartmentalization](https://www.notrace.how/threat-library/mitigations/compartmentalization.html) means keeping different activities or projects separate. If you use Tails sessions for more than one purpose at a time, an adversary could link your different activities together. For example, if you log into different accounts on the same website in a single Tails session, the website could determine that the accounts are being used by the same person. This is because websites can tell when two accounts are using the same Tor circuit.
+* [Compartmentalization](https://notrace.how/threat-library/mitigations/compartmentalization.html) means keeping different activities or projects separate. If you use Tails sessions for more than one purpose at a time, an adversary could link your different activities together. For example, if you log into different accounts on the same website in a single Tails session, the website could determine that the accounts are being used by the same person. This is because websites can tell when two accounts are using the same Tor circuit.
 * To prevent an adversary from linking your activities while using Tails, restart Tails between different activities. For example, restart Tails between checking different project emails.
 * Tails is amnesiac by default, so to save any data from a Tails session, you must save it to a USB. If the files you save could be used to link your activities together, use a different encrypted ([LUKS](/glossary/#luks)) USB stick for each activity. For example, use one Tails USB stick for moderating a website and another for researching actions. Tails has a feature called Persistent Storage, but we do not recommend using it for data storage, explained [below](/posts/tails-best/#using-a-write-protect-switch).  
@ -83,7 +83,7 @@ When using Wi-Fi in a public space, keep the following operational security cons
 As described in the quotation above, a global adversary (i.e. the NSA) may be capable of breaking Tor through a correlation attack. If this happens, the Internet address you used in a coffee shop without CCTV cameras will only lead to your general area (e.g. your city) because it is not associated with you. Of course, this is less true if you use the location routinely. Correlation attacks are even less feasible against connections to an .onion address because you never leave the Tor network, so there is no "end" to correlate with through network traffic analysis (if the server location is unknown to the adversary). It is worth emphasizing that "End-to-end correlation attacks have been studied in research papers, but we don't know of any actual use to deanonymize Tor users." 
-What we will term a "targeted" correlation attack is possible by a non-global adversary (i.e. local law enforcement), if you are already in their sights and a target of [physical surveillance](https://www.notrace.how/threat-library/techniques/physical-surveillance/covert.html) and/or [digital surveillance](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance.html). This is a subtype of correlation attack where the presumed target is already known, thus making the attack easier to achieve because it vastly reduces the amount of data to filter through for correlation. A non-targeted correlation attack used to deanonymize a Tor user is unprecedented in current evidence used in court, although [a "targeted" correlation attack has been used](https://medium.com/beyond-install-tor-signal/case-file-jeremy-hammond-514facc780b8) as corroborating evidence — a suspect had already been identified, which allowed investigators to correlate their local footprint with specific online activity. Specifically, they correlated Tor network traffic coming from the suspect's house with the times their anonymous alias was online in chatrooms. 
+What we will term a "targeted" correlation attack is possible by a non-global adversary (i.e. local law enforcement), if you are already in their sights and a target of [physical surveillance](https://notrace.how/threat-library/techniques/physical-surveillance/covert.html) and/or [digital surveillance](https://notrace.how/threat-library/techniques/targeted-digital-surveillance.html). This is a subtype of correlation attack where the presumed target is already known, thus making the attack easier to achieve because it vastly reduces the amount of data to filter through for correlation. A non-targeted correlation attack used to deanonymize a Tor user is unprecedented in current evidence used in court, although [a "targeted" correlation attack has been used](https://medium.com/beyond-install-tor-signal/case-file-jeremy-hammond-514facc780b8) as corroborating evidence — a suspect had already been identified, which allowed investigators to correlate their local footprint with specific online activity. Specifically, they correlated Tor network traffic coming from the suspect's house with the times their anonymous alias was online in chatrooms. 
 To explain how this works, it helps if you have a basic understanding of what Tor information is visible to various third parties — see the EFF's [interactive graphic](https://www.eff.org/pages/tor-and-https). For a non-targeted correlation attack, the investigator will need to **start from after Tor's exit node**: take the specific online activity coming from the exit node and try to correlate it with an enormous amount of global data that is entering Tor entry nodes. However, if a suspect is already identified, the investigator can instead do a "targeted" correlation attack and **start from before Tor's entry node**: take the data entering the entry node (via **the suspect's physical or digital footprint**) and try to correlate it with **specific online activity** coming from an exit node. 
@ -91,10 +91,10 @@ A more sophisticated analysis of the specific online activity would involve logg
 To mitigate the risk of "targeted" correlation attacks:
-* If you only need to use the Internet briefly to submit a communique, you can **do [surveillance detection](https://www.notrace.how/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://www.notrace.how/threat-library/mitigations/anti-surveillance.html) before going to a coffee shop**, just like you would prior to a direct action. 
+* If you only need to use the Internet briefly to submit a communique, you can **do [surveillance detection](https://notrace.how/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://notrace.how/threat-library/mitigations/anti-surveillance.html) before going to a coffee shop**, just like you would prior to a direct action. 
 * For projects like moderating a website or hacking that require daily Internet access, it is not realistic to find a new Wi-Fi location every day. In that case, the ideal mitigation is to **use a Wi-Fi antenna from indoors** — a physical surveillance effort won't see you entering a cafe, and a digital surveillance effort won't see anything on your home Internet. 
 	* If a Wi-Fi antenna is too technical for you, you may even want to **use your home internet** for some projects that require frequent internet access. This contradicts the previous advice to not use your personal Wi-Fi. It's a trade-off: using Tor from home avoids creating a physical footprint that is so easy to observe, at the expense of creating a digital footprint which is more technical to observe, and may be harder to draw meaningful conclusions from (especially if you intentionally [make correlation attacks more difficult](/posts/tails/#make-correlation-attacks-more-difficult)). In our view, the main risk of using your home internet is not that the adversary is able to break Tor through a correlation attack, but that the adversary is able to hack your system, such as through [phishing](/posts/tails-best/#phishing-awareness), which [enables them to bypass Tor](/posts/qubes/#when-to-use-tails-vs-qubes-os). 
-* If you want to submit a report-back the morning after a riot, or a communique shortly after an action (times when there may be a higher risk of targeted surveillance), consider waiting and at least taking surveillance detection and anti-surveillance measures beforehand. In 2010, the morning after a bank arson in Canada, police surveilled a suspect as he traveled from his home to an Internet cafe, and watched him post the communique and then bury the laptop in the woods. More recently, investigators physically surveilling [an anarchist in France](https://www.notrace.how/resources/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan) installed a hidden camera to monitor access to an Internet cafe near the comrade's home and requested CCTV footage for the day an arson communique was sent.
+* If you want to submit a report-back the morning after a riot, or a communique shortly after an action (times when there may be a higher risk of targeted surveillance), consider waiting and at least taking surveillance detection and anti-surveillance measures beforehand. In 2010, the morning after a bank arson in Canada, police surveilled a suspect as he traveled from his home to an Internet cafe, and watched him post the communique and then bury the laptop in the woods. More recently, investigators physically surveilling [an anarchist in France](https://notrace.how/resources/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan) installed a hidden camera to monitor access to an Internet cafe near the comrade's home and requested CCTV footage for the day an arson communique was sent.
 To summarize: For sensitive and brief Internet activities, use Internet from a random cafe, preceeded by surveillance detection and anti-surveillance. For activities that require frequent internet access such that the random cafe model isn't sustainable, it's best to use a Wi-Fi antenna positioned behind a window to access from a few hundred metres away. If this is too technical for you, using your home Wi-Fi is an option, but requires putting faith in it being difficult to break Tor with a non-targeted correlation attack, and it being difficult to draw meaningful conclusions from your home's Tor traffic through a "targeted" correlation attack. 
@ -209,7 +209,7 @@ Our recommendations are:
 > **Tip** 
 >
-> Diceware passphrases can be easy to forget if you have several to keep track of, especially if you use them infrequently. To reduce the risk of forgetting a diceware passphrase, you can store all "memorized" passphrases on a LUKS USB that you create using Tails, which is hidden somewhere off-site where it won't be recovered during a police raid. You should be able to reconstruct the LUKS passphrase if a lot of time has passed. See the [No Trace Project](https://www.notrace.how/threat-library/mitigations/digital-best-practices.html) for two different approaches you can take: one relies on a trusted comrade, and the other is self-sufficient. As with all important backups, you should have at least two. 
+> Diceware passphrases can be easy to forget if you have several to keep track of, especially if you use them infrequently. To reduce the risk of forgetting a diceware passphrase, you can store all "memorized" passphrases on a LUKS USB that you create using Tails, which is hidden somewhere off-site where it won't be recovered during a police raid. You should be able to reconstruct the LUKS passphrase if a lot of time has passed. See the [No Trace Project](https://notrace.how/threat-library/mitigations/digital-best-practices.html) for two different approaches you can take: one relies on a trusted comrade, and the other is self-sufficient. As with all important backups, you should have at least two. 
 For Tails, you need to memorize two passphrases:
@ -220,7 +220,7 @@ If you are using Persistent Storage, this is another passphrase that you will ha
 ## Encrypted containers 
-[LUKS](/glossary/#luks) is great, but defense-in-depth can't hurt. If the police seize your USB in a house raid, they will try a [variety of tactics to bypass the authentication](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), so a second layer of defense with a different encryption implementation can be useful for highly sensitive data. 
+[LUKS](/glossary/#luks) is great, but defense-in-depth can't hurt. If the police seize your USB in a house raid, they will try a [variety of tactics to bypass the authentication](https://notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), so a second layer of defense with a different encryption implementation can be useful for highly sensitive data. 
 [Gocryptfs](https://nuetzlich.net/gocryptfs/) is an encrypted container program that is [available for Debian](https://packages.debian.org/bullseye/gocryptfs) and can be easily installed as [additional software](/posts/tails/#optional-create-and-configure-persistent-storage). If you don't want to reinstall it every session, you will need to [configure Additional Software in Persistent Storage](/posts/tails-best/#using-a-write-protect-switch). 
--- a/content/posts/tails/index.md
+++ b/content/posts/tails/index.md
@ -52,7 +52,7 @@ Tails is not magic and has many limitations. The Internet and computers are host
 Building a threat model is simply a matter of asking yourself certain questions. Who am I defending against? What are their capabilities? What would be the consequences if they had access to that data? And then, based on the particular situation, assess how you can protect yourself. 
-It makes no sense to say "this tool is secure". Security always depends on the threat model and the level (network, hardware, software, etc.). For more information on this topic, see the [Threat Library](https://www.notrace.how/threat-library/). 
+It makes no sense to say "this tool is secure". Security always depends on the threat model and the level (network, hardware, software, etc.). For more information on this topic, see the [Threat Library](https://notrace.how/threat-library/). 
 # I) The Basics of Using Tails
--- a/content/posts/tamper/index.md
+++ b/content/posts/tamper/index.md
@ -14,14 +14,14 @@ a4="tamper-a4.pdf"
 letter="tamper-letter.pdf"
 +++
-If the police ever have [physical access](/glossary/#physical-attacks) to an electronic device like a laptop, even [for five minutes](https://www.vice.com/en/article/a3q374/hacker-bios-firmware-backdoor-evil-maid-attack-laptop-5-minutes), they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. One way to minimize this risk is to make devices tamper-evident. As the No Trace Project Threat Library [notes](https://www.notrace.how/threat-library/mitigations/tamper-evident-preparation.html), "Tamper-evident preparation will make it possible to discern when something has been [physically accessed](/glossary/#physical-attacks) — it's not possible to prevent a powerful enemy from obtaining physical access to your computer when you are away, but it should be possible to detect when they do."
+If the police ever have [physical access](/glossary/#physical-attacks) to an electronic device like a laptop, even [for five minutes](https://www.vice.com/en/article/a3q374/hacker-bios-firmware-backdoor-evil-maid-attack-laptop-5-minutes), they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. One way to minimize this risk is to make devices tamper-evident. As the No Trace Project Threat Library [notes](https://notrace.how/threat-library/mitigations/tamper-evident-preparation.html), "Tamper-evident preparation will make it possible to discern when something has been [physically accessed](/glossary/#physical-attacks) — it's not possible to prevent a powerful enemy from obtaining physical access to your computer when you are away, but it should be possible to detect when they do."
 <!-- more -->
 ['Evil maid' attacks](https://en.wikipedia.org/wiki/Evil_maid_attack) work like this: An attacker gains temporary access to your [encrypted](/glossary/#encryption) laptop or phone. Although they can’t decrypt your data, they can tamper with your laptop for a few minutes and then leave it exactly where they found it. When you return and enter your credentials, you have been hacked. The attacker may have [modified data on your hard drive](https://media.ccc.de/v/gpn20-32-poc-implementing-evil-maid-attack-on-encrypted-boot), replaced the firmware, or installed a hardware component such as a keylogger.  
 # Tamper-Evident Laptop Screws 
-Let's start with your laptop. For a seal to effectively alert you to intruders, it must be impossible to remove and replace without leaving a trace, and it must also be unique—otherwise, the adversary could simply replicate the seal and you’d never know they’d been there. Glitter nail polish creates a unique pattern that is impossible to replicate, and if you take a photo of this pattern, you can use it to verify that the nail polish has not been removed and reapplied in your absence, such as during a [covert house search](https://www.notrace.how/threat-library/techniques/covert-house-search.html). The presentation "[Thwarting Evil Maid Attacks](https://media.ccc.de/v/30C3_-_5600_-_en_-_saal_1_-_201312301245_-_thwarting_evil_maid_attacks_-_eric_michaud_-_ryan_lackey)" introduced this technique in 2013. 
+Let's start with your laptop. For a seal to effectively alert you to intruders, it must be impossible to remove and replace without leaving a trace, and it must also be unique—otherwise, the adversary could simply replicate the seal and you’d never know they’d been there. Glitter nail polish creates a unique pattern that is impossible to replicate, and if you take a photo of this pattern, you can use it to verify that the nail polish has not been removed and reapplied in your absence, such as during a [covert house search](https://notrace.how/threat-library/techniques/covert-house-search.html). The presentation "[Thwarting Evil Maid Attacks](https://media.ccc.de/v/30C3_-_5600_-_en_-_saal_1_-_201312301245_-_thwarting_evil_maid_attacks_-_eric_michaud_-_ryan_lackey)" introduced this technique in 2013. 
 Mullvad VPN [created a guide](https://mullvad.net/en/help/how-tamper-protect-laptop/) for applying this technique: first apply stickers over the laptop case screws, then apply the nail polish. An [independent test](https://dys2p.com/en/2021-12-tamper-evident-protection.html#glitzer-nagellack-mit-aufklebern) noted:
@ -117,7 +117,7 @@ This excerpt assumes that we take the cell phone with us, but [as discussed else
 # Physical Intrusion Detection 
-"Defense in depth" means that there are multiple layers of security that an adversary must bypass in order to succeed. [Physical intrusion detection](https://www.notrace.how/threat-library/mitigations/physical-intrusion-detection.html) should be in place in addition to tamper-evident laptops and storage. That way, even if a covert house search doesn't interact with the tamper-evident storage (for example, because the goal is to install [covert surveillance devices](https://www.notrace.how/threat-library/techniques/covert-surveillance-devices.html)), you can still find out about it. 
+"Defense in depth" means that there are multiple layers of security that an adversary must bypass in order to succeed. [Physical intrusion detection](https://notrace.how/threat-library/mitigations/physical-intrusion-detection.html) should be in place in addition to tamper-evident laptops and storage. That way, even if a covert house search doesn't interact with the tamper-evident storage (for example, because the goal is to install [covert surveillance devices](https://notrace.how/threat-library/techniques/covert-surveillance-devices.html)), you can still find out about it. 
 Haven is an Android app developed by the Freedom of Press Foundation that uses the smartphone’s many sensors — microphone, motion detector, light detector, and cameras — to monitor the room for changes, and it logs everything it notices. Unfortunately Haven is currently unmaintained and unreliable on many devices. Until [a good alternative is developed](https://github.com/guardianproject/haven/issues/465), make sure to test the functionality of Haven on your device before relying on it. We don't recommend using home surveillance cameras without privacy features, because then the police can have easy knowledge of your comings and goings without needing to set up their own surveillance cameras.
`@ -201,4 +201,4 @@ By storing the phone in a tamper-evident manner when it's not in use, you'll be`

	`The [forum](https://discuss.grapheneos.org/) is generally very helpful for any remaining questions you may have.`	`The [forum](https://discuss.grapheneos.org/) is generally very helpful for any remaining questions you may have.`

	`For information on burner phones, see the [No Trace Project](https://www.notrace.how/threat-library/mitigations/anonymous-phones.html).`	`For information on burner phones, see the [No Trace Project](https://notrace.how/threat-library/mitigations/anonymous-phones.html).`