Git-Mirrors/anarsec.guide
1
0
Fork 0
mirror of https://0xacab.org/anarsec/anarsec.guide.git synced 2025-06-08 14:52:54 -04:00
Code Issues Projects Releases Packages Wiki Activity

change tails header levels

Browse source
This commit is contained in:
anarsec 2024-04-13 23:00:17 +00:00
parent 1fc0ee894f
commit 40d727d8a3
No known key found for this signature in database
4 changed files with 54 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

34
content/posts/tails-best/index.md
View file

@ -14,17 +14,13 @@ a4="tails-best-a4.pdf"
letter="tails-best-letter.pdf"
+++
As mentioned in our [recommendations](/recommendations/#your-computer), Tails is an [operating system](/glossary#operating-system-os) that is unparalleled for sensitive computer use that requires leaving no forensic trace (writing and sending communiques, research for actions, etc.). Tails runs from a USB drive and is [designed](https://tails.net/about/) to leave no trace of your activity on your computer, and to force all Internet connections through the [Tor network](/glossary#tor-network). If you are new to Tails, start with [Tails for Anarchists](/posts/tails/).
This text describes some additional precautions you can take that are relevant to an anarchist [threat model](/glossary#threat-model) - operational security for Tails. Not all anarchist threat models are the same, and only you can decide which mitigations are worth putting into practice for your activities, but we aim to provide advice that is appropriate for high-risk activities. The [No Trace Project Threat Library](https://www.notrace.how/threat-library/) is another great resource for thinking through your threat model and appropriate mitigations.
This text describes some additional precautions you can take that are relevant to an anarchist [threat model](/glossary#threat-model) - operational security for Tails. Not all anarchist threat models are the same, and only you can decide which mitigations are worth putting into practice for your activities, but we aim to provide advice that is appropriate for high-risk activities. The [No Trace Project Threat Library](https://www.notrace.how/threat-library/) is another great resource for thinking through your threat model and appropriate mitigations. If you are new to Tails, start with [Tails for Anarchists](/posts/tails/).
<!-- more -->
# Tails Warnings
Let's start by looking at the three topics covered on the [Tails Warnings page](https://tails.net/doc/about/warnings/index.en.html): protecting your identity, limitations of the Tor network, and untrusted computers.
Let's start by looking at the [Tails Warnings page](https://tails.net/doc/about/warnings/index.en.html).
## Protecting your identity when using Tails
# Protecting your identity when using Tails
![](identity.png)
@ -33,13 +29,13 @@ Let's start by looking at the [Tails Warnings page](https://tails.net/doc/about/
> 1. Sharing files with [metadata](/glossary#metadata), such as date, time, location, and device information
> 2. Using Tails for more than one purpose at a time
### 1. Sharing files with metadata
## 1. Sharing files with metadata
You can mitigate this first issue by **cleaning metadata from files before sharing them**:
* To learn how, see [Remove Identifying Metadata From Files](/posts/metadata/).
### 2. Using Tails for more than one purpose at a time
## 2. Using Tails for more than one purpose at a time
You can mitigate this second issue by what's called **"compartmentalization"**:
@ -47,7 +43,7 @@ You can mitigate this second issue by what's called **"compartmentalization"**:
* To prevent an adversary from linking your activities while using Tails, restart Tails between different activities. For example, restart Tails between checking different project emails.
* Tails is amnesiac by default, so to save any data from a Tails session, you must save it to a USB. If the files you save could be used to link your activities together, use a different encrypted ([LUKS](/glossary#luks)) USB stick for each activity. For example, use one Tails USB stick for moderating a website and another for researching actions. Tails has a feature called Persistent Storage, but we do not recommend using it for data storage, explained [below](#using-a-write-protect-switch).
## Limitations of the [Tor network](/glossary#tor-network)
# Limitations of the [Tor network](/glossary#tor-network)
![](tor.png)
@ -56,20 +52,20 @@ You can mitigate this second issue by what's called **"compartmentalization"**:
> 1. Hiding that you are using Tor and Tails
> 2. Protecting your online communications from determined, skilled attackers
### 1. Hiding that you are using Tor and Tails
## 1. Hiding that you are using Tor and Tails
You can mitigate this first issue by [**Tor bridges**](https://tails.net/doc/anonymous_internet/tor/index.en.html#bridges):
* Tor Bridges are secret Tor relays that hide your connection to the Tor network. However, this is only necessary where connections to Tor are blocked, such as in heavily censored countries, by some public networks, or by some parental control software. This is because Tor and Tails don't protect you by making you look like any other Internet user, but by making all Tor and Tails users look the same. It becomes impossible to tell who is who among them.
### 2. Protecting against determined, skilled attackers
## 2. Protecting against determined, skilled attackers
An [*end-to-end correlation* attack](/glossary/#correlation-attack) is a theoretical way that a global adversary could break Tor's anonymity:
> A powerful adversary, who could analyze the timing and shape of the traffic entering and exiting the Tor network, might be able to deanonymize Tor users. These attacks are called *end-to-end correlation* attacks, because the attacker has to observe both ends of a Tor circuit at the same time. [...] End-to-end correlation attacks have been studied in research papers, but we don't know of any actual use to deanonymize Tor users.
You can mitigate the techniques available to powerful adversaries by **not using an Internet connection that is tied to your identity**, and by **prioritizing .onion links when available**.
#### Internet not tied to your identity
### Internet not tied to your identity
"Mobile Wi-Fi" devices exist which give you Internet access through the mobile network (via SIM cards) - these are a bad idea. The unique identification number of your SIM card (IMSI) and the unique serial number of your adapter (IMEI) are also transmitted to the mobile operator every time you connect, allowing identification and geographic localization. The adapter works like a mobile phone! If you do not want different research sessions to be associated with each other, do not use the same device or SIM card more than once!
@ -83,7 +79,7 @@ When using Wi-Fi in a public space, keep the following operational security cons
* One person in charge of a darknet marketplace had his Tails computer seized while distracted by a fake fight next to him. Similar tactics have been used [in other police operations](https://dys2p.com/en/2023-05-luks-security.html#attacks). If his Tails USB had been attached to a belt with a short piece of fishing line, the police would most likely have lost all evidence when the Tails USB was pulled out. A more technical equivalent is [BusKill](https://www.buskill.in/tails/) - however, we only recommend buying this [in person](https://www.buskill.in/leipzig-proxystore/) or [3D printing it](https://www.buskill.in/3d-print-2023-08/). This is because any mail can be [intercepted](https://docs.buskill.in/buskill-app/en/stable/faq.html#q-what-about-interdiction) and altered, making the hardware [malicious](https://en.wikipedia.org/wiki/BadUSB).
* If coffee shops without CCTV cameras are few and far between, you can try accessing a coffee shop's Wi-Fi from outside, out of view of the cameras.
#### Non-Targeted and Targeted Correlation Attacks
### Non-Targeted and Targeted Correlation Attacks
As described in the quotation above, a global adversary (i.e. the NSA) may be capable of breaking Tor through a correlation attack. If this happens, the Internet address you used in a coffee shop without CCTV cameras will only lead to your general area (e.g. your city) because it is not associated with you. Of course, this is less true if you use the location routinely. Correlation attacks are even less feasible against connections to an .onion address because you never leave the Tor network, so there is no "end" to correlate with through network traffic analysis (if the server location is unknown to the adversary). It is worth emphasizing that "End-to-end correlation attacks have been studied in research papers, but we don't know of any actual use to deanonymize Tor users."
@ -102,7 +98,7 @@ To mitigate the risk of "targeted" correlation attacks:
To summarize: For sensitive and brief Internet activities, use Internet from a random cafe, preceeded by surveillance detection and anti-surveillance. For activities that require frequent internet access such that the random cafe model isn't sustainable, it's best to use a Wi-Fi antenna positioned behind a window to access from a few hundred metres away. If this is too technical for you, using your home Wi-Fi is an option, but requires putting faith in it being difficult to break Tor with a non-targeted correlation attack, and it being difficult to draw meaningful conclusions from your home's Tor traffic through a "targeted" correlation attack.
## Reducing risks when using untrusted computers
# Reducing risks when using untrusted computers
![](warning_compromisedpc.png)
@ -111,7 +107,7 @@ To summarize: For sensitive and brief Internet activities, use Internet from a r
> 1. Installing from an infected computer
> 2. Running Tails on a computer with a compromised BIOS, firmware, or hardware
### 1. Installing from an infected computer
## 1. Installing from an infected computer
You can mitigate this first issue by **using a computer you trust to install Tails**:
@ -119,7 +115,7 @@ You can mitigate this first issue by **using a computer you trust to install Tai
* Use the "Terminal" installation method ["Debian or Ubuntu using the command line and GnuPG"](https://tails.net/install/expert/index.en.html), as it more thoroughly verifies the integrity of the download using [GPG](/glossary/#gnupg-openpgp). If using the [command line](/glossary/#command-line-interface-cli) is over your head, ask a friend to walk you through it. Alternatively, learn the basics of the command line with [Linux Essentials](/posts/linux/) and see the [Appendix](#appendix-gpg-explanation).
* Once installed, do not plug your Tails USB stick (or any [LUKS](/glossary/#luks) USBs used during Tails sessions) into any other computer while it is running a non-Tails operating system; if the computer is infected, the infection can [spread to the USB](https://en.wikipedia.org/wiki/BadUSB).
### 2. Running Tails on a computer with a compromised BIOS, firmware, or hardware
## 2. Running Tails on a computer with a compromised BIOS, firmware, or hardware
This second issue requires several mitigations. Let's start with a few definitions.
@ -129,7 +125,7 @@ This second issue requires several mitigations. Let's start with a few definitio
Our adversaries have two attack vectors to compromise BIOS, firmware, hardware, or software: [remote attacks](/glossary#remote-attacks) (via the Internet) and [physical attacks](/glossary/#physical-attacks) (via physical access). Not everyone will need to apply all of the advice below. For example, if you're only using Tails for anonymous web browsing and writen correspondence, some of this may be overkill. However, if you're using Tails to take responsibility for actions that are highly criminalized, a more thorough approach is likely relevant.
#### To mitigate against physical attacks:
### To mitigate against physical attacks:
> Your computer might be compromised if its physical components have been altered. For example, if a keylogger has been physically installed on your computer, your passwords, personal information, and other data typed on your keyboard could be stored and accessed by someone else, even if you are using Tails.
@ -139,7 +135,7 @@ Our adversaries have two attack vectors to compromise BIOS, firmware, hardware,
* **Make the laptop's screws tamper-evident, store it in a tamper-evident manner, and monitor for break-ins**. With these precautions in place, you'll be able to detect any future physical attacks. See the [Make Your Electronics Tamper-Evident](/posts/tamper/) tutorial to adapt your laptop's screws, use some form of intrusion detection, and store your laptop so you'll know if it's been physically accessed. Store any external devices youll be using with the laptop in the same way (USB, external hard drive, mouse, keyboard). When physical attack vectors are mitigated, an adversary can only use remote attacks.
#### To mitigate against remote attacks:
### To mitigate against remote attacks:
* **Wi-Fi that is unrelated to your identity**. We recommend using Wi-Fi that is unrelated to your identity (i.e. not at your home or work) not only to mitigate deanonymization, but also to mitigate remote hacking. It is best to never use the dedicated Tails laptop on your home Wi-Fi. This makes the laptop much less accessible to a remote attacker than a laptop that is constantly connected to your home Wi-Fi. If an attacker is targeting you, they need a point to start, and your home Wi-Fi is a pretty good place to start.
* **Remove the hard drive**—it's easier than it sounds. If you buy the laptop, you can ask the store to do it and potentially save some money. If you search on youtube for "remove hard drive" for your specific laptop model, there will probably be an instructional video. Make sure you remove the laptop battery and unplug the power cord first. We remove the hard drive to completely eliminate the hard drive firmware, which has been known to be [compromised to install persistent malware](https://www.wired.com/2015/02/nsa-firmware-hacking/). A hard drive is part of the attack surface and is unnecessary on a live system like Tails that runs off a USB.

26
content/posts/tails/index.md
View file

@ -24,25 +24,19 @@ The [documentation on the Tails website](https://tails.net/doc/index.en.html) is
Tails is an operating system. You have probably heard of "Windows" or "macOS", these are names for two of the most common operating systems. An operating system is the set of programs that run the various components (hard drive, screen, processor, memory, etc...) of the computer and allow it to function.
There are other operating systems. Maybe you have heard of Linux? Linux refers to a family of operating systems that branches off into several sub-families, or different versions of Linux, one of which is called Debian. In the Debian sub-family we find Ubuntu and Tails. Tails is a distribution (version) of Linux with several distinguishing features.
There are other operating systems. Maybe you have heard of Linux? Linux refers to a family of operating systems that branches off into several sub-families, or different versions of Linux, one of which is called Debian. In the Debian sub-family we find Ubuntu and Tails. Tails is a distribution (version) of Linux with several distinguishing features:
***Live System***
* Tails is a so-called live system. While other operating systems live on your computer's hard drive, Tails is installed on an external device such as a USB (or even an SD card or DVD). When you start your computer with the Tails device plugged in, your computer runs off of that device instead, leaving your hard drive untouched. You can even use Tails on a computer without a hard drive.
***Amnesia***
* Tails is designed to leave no data on the computer you are using; it writes nothing to the hard drive, and runs only in RAM (memory), which is automatically erased after shutdown. The Tails live system itself (usually running on a USB) is also left untouched. The only way to save information is to move it to another USB partition before shutting down (see below). The purpose of this is to avoid leaving forensic traces that someone with physical access to your computer or your Tails USB could later read. Things like Internet search history, cache, "recently edited" documents, etc. are all erased. Tails also leaves no trace that it was ever used on the computer itself.
***Incognito***
* Tails is also a system that allows you to be incognito, or anonymous. It hides the elements that could reveal your identity, location, etc. Tails uses the [Tor anonymity network](/glossary#tor-network) to protect your anonymity online by forcing all default software to connect to the Internet through Tor. If an application tries to connect to the Internet directly, Tails will automatically block the connection. Tails also changes the "MAC address" of your network hardware, which can be used to uniquely identify your laptop.
* ***Live System***
* Tails is a so-called live system. While other operating systems live on your computer's hard drive, Tails is installed on an external device such as a USB (or even an SD card or DVD). When you start your computer with the Tails device plugged in, your computer runs off of that device instead, leaving your hard drive untouched. You can even use Tails on a computer without a hard drive.
* ***Amnesia***
* Tails is designed to leave no data on the computer you are using; it writes nothing to the hard drive, and runs only in RAM (memory), which is automatically erased after shutdown. The Tails live system itself (usually running on a USB) is also left untouched. The only way to save information is to move it to another USB partition before shutting down (see below). The purpose of this is to avoid leaving forensic traces that someone with physical access to your computer or your Tails USB could later read. Things like Internet search history, cache, "recently edited" documents, etc. are all erased. Tails also leaves no trace that it was ever used on the computer itself.
* ***Incognito***
* Tails is also a system that allows you to be incognito, or anonymous. It hides the elements that could reveal your identity, location, etc. Tails uses the [Tor anonymity network](/glossary#tor-network) to protect your anonymity online by forcing all default software to connect to the Internet through Tor. If an application tries to connect to the Internet directly, Tails will automatically block the connection. Tails also changes the "MAC address" of your network hardware, which can be used to uniquely identify your laptop.
![](tor-features.png)
***Security***
* Tails was designed with security in mind. A minimal, functional, and verified environment is already installed (with everything needed for basic word processing, image editing, etc.). It comes bundled with easy-to-use [encryption](/glossary/#encryption) and data deletion tools, as well as protection against common attacks or threats.
* ***Security***
* Tails was designed with security in mind. A minimal, functional, and verified environment is already installed (with everything needed for basic word processing, image editing, etc.). It comes bundled with easy-to-use [encryption](/glossary/#encryption) and data deletion tools, as well as protection against common attacks or threats.
Today's digital security is not necessarily tomorrow's. **Protecting personal data requires regular updates.** Digital tools are unreliable if they are never updated, and to have lasting confidence in these tools, it is good to know that teams are actively maintaining them and that they have a good reputation. It is important to understand the spirit of Tails: everything is designed with security in mind. However, in software, there is no such thing as an omnipotent tool; there are always limits. Also, **the way you use Tails can create security problems.**
@ -442,5 +436,7 @@ Sometimes the Synaptic Package Manager will refuse to install software. In this
[Tails Best Practices](/posts/tails-best) are important to establish before using Tails for highly sensitive activities. To avoid overwhelming yourself, start by learning how to use Tails in basic ways, such as reading anarchist websites or writing texts. See the [Tails tag](/tags/tails/) for tutorials on topics like [removing identifying metadata from files](/posts/metadata/).
---
*This article is heavily modified from* [TuTORiel Tails](https://infokiosques.net/spip.php?article1726) *(in French), and also includes some excerpts from* [Capulcu #1](https://capulcu.blackblogs.org/neue-texte/bandi/) *(in German).*

31
themes/DeepThought/sass/deep-thought.sass
View file

@ -535,27 +535,45 @@ pre[theme="dark"]
max-height: calc(100vh - 48px)
overflow-y: scroll
img
margin: auto
display: block
#image-gay
width: auto
height: auto
max-height:90vh
ul
font-size: 18px
color: #373737 !important
.toc
font-size: 15.5px !important
ol
font-size: 18px
color: #373737 !important
p
font-size: 17px
font-size: 18px
color: #373737 !important
h1
text-align: center !important
font-size: 2.8em !important
h2
font-size: 1.44em !important
h2:not(.title)
font-size: 1.8em !important
margin-top: 2.5rem !important
margin-bottom: 2rem !important
h3
font-size: 1.09em !important
font-size: 1.4em !important
font-style: italic !important
h4
font-size: 0.9em !important
font-size: 1em !important
text-decoration: underline !important
a
@ -567,3 +585,6 @@ a
code
color: #AE3B8B
.icon-text
font-size: 18px

4
themes/DeepThought/templates/page.html
View file

@ -52,7 +52,7 @@
<ul class="menu-list">
{% for h1 in page.toc %}
<li>
<a id="link-{{h1.id}}" class="toc is-size-7 {% if loop.first %}is-active{% endif %}"
<a id="link-{{h1.id}}" class="toc {% if loop.first %}is-active{% endif %}"
href="{{ h1.permalink | safe }}">
{{ h1.title }}
</a>
@ -60,7 +60,7 @@
<ul>
{% for h2 in h1.children %}
<li>
<a id="link-{{h2.id}}" class="toc is-size-7" href="{{ h2.permalink | safe }}">
<a id="link-{{h2.id}}" class="toc" href="{{ h2.permalink | safe }}">
{{ h2.title }}
</a>
</li>