mirror of
https://0xacab.org/anarsec/anarsec.guide.git
synced 2025-07-01 17:56:59 -04:00
motioneye and css
This commit is contained in:
parent
1354ddb396
commit
6597d786ae
4 changed files with 13 additions and 5 deletions
|
@ -17,7 +17,7 @@ There are several different options for [end-to-end encrypted](/glossary/#end-to
|
|||
<!-- more -->
|
||||
Before proceeding, let’s go over a few concepts to help you distinguish between the different options.
|
||||
|
||||
* **End-to-end encryption** means (in theory) that only you and the person you are communicating with can read messages. However, not all [encryption](/glossary/#encryption) is created equal. The quality of the encryption is determined by the *encryption protocol* used and how it's implemented at the software level.
|
||||
* **End-to-end encryption** means (in theory) that only you and the person you are communicating with can read messages. However, not all [encryption](/glossary/#encryption) is created equal. The quality of the encryption is determined by the *encryption protocol* used and how it's implemented at the software level. See ["End-to-end encryption security: attacks and defense"](https://simplex.chat/blog/20240314-simplex-chat-v5-6-quantum-resistance-signal-double-ratchet-algorithm.html#end-to-end-encryption-security-attacks-and-defense) for more information.
|
||||
* **Metadata protection** means that the message [*metadata*](/glossary/#metadata) (the data about the data) is obscured. Even if the message itself is encrypted, metadata can reveal who is communicating with whom, when, how often, the sizes of any files that may have been transferred, and so on. Metadata exposure is [a major concern](https://docs.cwtch.im/security/risk#threat-model).
|
||||
* **Peer-to-peer** means that the messages do not pass through a centralized server.
|
||||
* **Tor** is an [anonymity network](/glossary/#tor-network). Some applications route your messages through Tor by default.
|
||||
|
@ -241,7 +241,8 @@ SimpleX Chat on Whonix does not guarantee Tor [Stream Isolation](/posts/qubes/#w
|
|||
* Copy the file to your new App qube
|
||||
* Make the AppImage executable
|
||||
* In the File Manager, right-click "Properties". Under "Permissions", enable "Allow this file to run as a program".
|
||||
* Reboot the App qube for SimpleX Chat to show up in the **Settings > Applications** tab
|
||||
* Reboot the App qube. In the **Settings > Applications** tab of the new App qube, you may need to click "Refresh applications" for SimpleX Chat to show up. Move SimpleX Chat to the Selected column and press "OK".
|
||||
* Updates will be handled by **Qubes Update** as you would expect.
|
||||
|
||||
<br>
|
||||
</details>
|
||||
|
@ -341,7 +342,7 @@ http_proxy = 127.0.0.1:8082
|
|||
https_proxy = 127.0.0.1:8082
|
||||
```
|
||||
* [Create an App qube](/posts/qubes/#creating-qubes) with the Template `whonix-workstation-17-signal` and networking `sys-whonix`.
|
||||
* In the **Settings → Applications** tab of the new App qube, move Signal to the Selected column and press **OK**.
|
||||
* In the **Settings → Applications** tab of the new App qube, you may need to click "Refresh applications" for Signal to show up. Move Signal to the Selected column and press "OK".
|
||||
* Updates will be handled by **Qubes Update** as you would expect.
|
||||
|
||||
>**Alternative method**
|
||||
|
|
|
@ -98,7 +98,7 @@ When using Wi-Fi in a public space, keep the following operational security cons
|
|||
|
||||
If you need to regularly use the Internet for projects like moderating a website or hacking, going to a new Wi-Fi location after doing surveillance countermeasures might not be realistic on a daily basis. Additionally, a main police priority will be to seize the computer while it is unencrypted, and this is much easier for them to achieve in a public space, especially if you are alone. In this scenario, the ideal mitigation is to **use a Wi-Fi antenna positioned behind a window in a private space to access from a few hundred metres away** — a physical surveillance effort won't observe you entering a cafe or be able to easily seize your powered-on laptop, and a digital surveillance effort won't observe anything on your home Internet. To protect against [hidden cameras](https://www.notrace.how/earsandeyes), you should still be careful about where you position your screen.
|
||||
|
||||
If a Wi-Fi antenna is too technical for you, you may even want to **use your home internet** for some projects that require frequent internet access. This contradicts the previous advice to not use an Internet connection that is tied to your identity. It's a trade-off: using Tor from home avoids creating a physical footprint that is so easy to observe, at the expense of creating a digital footprint which is more technical to observe, and may be harder to draw meaningful conclusions from (especially if you intentionally [make correlation attacks more difficult](/posts/tails/#make-correlation-attacks-more-difficult)). In our view, the main risk of using your home internet is not that the adversary deanonymizes you through a correlation attack, but rather through hacking your system (such as through [phishing](/posts/tails-best/#phishing-awareness)), which [enables them to bypass Tor](/posts/qubes/#when-to-use-tails-vs-qubes-os).
|
||||
If a Wi-Fi antenna is too technical for you, you may even want to **use your home internet** for some projects that require frequent internet access. This contradicts the previous advice to not use an Internet connection that is tied to your identity. It's a trade-off: using Tor from home avoids creating a physical footprint that is so easy to observe, at the expense of creating a digital footprint which is more technical to observe, and may be harder to draw meaningful conclusions from (especially if you intentionally [make correlation attacks more difficult](/posts/tails/#make-correlation-attacks-more-difficult)). There are two main deanonymization risks to consider when using your home internet: that the adversary deanonymizes you through a targeted correlation attack, or that they deanonymize you by hacking your system (such as through [phishing](/posts/tails-best/#phishing-awareness)) which [enables them to bypass Tor](/posts/qubes/#when-to-use-tails-vs-qubes-os).
|
||||
|
||||
#### To summarize
|
||||
|
||||
|
|
|
@ -116,7 +116,7 @@ We recommend employing physical intrusion detection in addition to all of the ta
|
|||
|
||||
Haven is an Android app developed by the Freedom of Press Foundation that uses the smartphone’s many sensors — microphone, motion detector, light detector, and cameras — to monitor the room for changes, and it logs everything it notices. Unfortunately Haven is currently unmaintained, remote notifications are [broken](https://github.com/guardianproject/haven/issues/454), and it is unreliable on many devices.
|
||||
|
||||
Until [Haven is fully functional](https://github.com/guardianproject/haven/issues/465), we recommend also using a video surveillance system so that you can receive remote notifications — this is important to protect against the local logs being modified by an intruder. Choose a model with privacy features (e.g. it doesn't function through the cloud) so that the police cannot easily learn the timing of your comings and goings from it.
|
||||
Until [Haven is fully functional](https://github.com/guardianproject/haven/issues/465), we recommend also using a video surveillance system so that you can receive remote notifications — this is important to protect against the local logs being modified by an intruder. Choose a model with privacy features (e.g. it doesn't function through the cloud) so that the police cannot easily learn the timing of your comings and goings from it. For instance, [motionEye OS](https://github.com/motioneye-project/motioneyeos/wiki/Features) supports remote notifications for motion detection, but it requires Linux knowledge to set up.
|
||||
|
||||
## In practice
|
||||
|
||||
|
|
|
@ -588,6 +588,13 @@ code
|
|||
.icon-text
|
||||
font-size: 16px
|
||||
|
||||
summary
|
||||
cursor: pointer
|
||||
margin-top: 0.5em
|
||||
|
||||
summary > p
|
||||
display: inline
|
||||
|
||||
body[theme="dark"]
|
||||
background-color: black !important
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue