Git-Mirrors/anarsec.guide
1
0
Fork 0
mirror of https://0xacab.org/anarsec/anarsec.guide.git synced 2025-07-23 23:01:04 -04:00
Code Issues Projects Releases Packages Wiki Activity

header hrefs relative

Browse source
This commit is contained in:
anarsec 2024-04-15 14:27:12 +00:00
parent 022d014abc
commit 6679c65ba9
No known key found for this signature in database
5 changed files with 24 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

4
content/posts/grapheneos/index.md
View file

@ -33,7 +33,7 @@ Avoid carrier variants of the phone, i.e. don't buy one from a mobile operator,
[GrapheneOS can be installed](https://grapheneos.org/install/) using a web browser or the [command line](/glossary#command-line-interface-cli). If you are uncomfortable with command line, the web browser installer is fine; as the [instructions note](https://grapheneos.org/install/cli#verifying-installation), "Even if the computer you used to flash GrapheneOS was compromised and an attacker replaced GrapheneOS with their own malicious OS, it can be detected with Auditor", which is explained below. Both methods list the officially supported operating systems.
The first time you boot Graphene, it will ask you if you want to connect to Wi-Fi. Don't, we need to do [hardware-based attestation](#auditor) first. Never set up fingerprint authentication. Set a [strong password](/posts/tails-best/#passwords).
The first time you boot Graphene, it will ask you if you want to connect to Wi-Fi. Don't, we need to do [hardware-based attestation](/posts/grapheneos/#auditor) first. Never set up fingerprint authentication. Set a [strong password](/posts/tails-best/#passwords).
There is no official support for installing from Qubes OS, but it is possible with the following steps.
@ -195,7 +195,7 @@ Why recommend a Pixel over a Linux desktop phone? Linux desktop phones like the
# Wrapping Up
With the set-up described in this guide, if a cop starts with your name, they wont be able to simply look it up in a cellular provider database to get your phone number. If you use the phone as a Wi-Fi only device and always leave it at home, it cannot be used to determine your movement profile and history. If you use a VoIP number, it's accessed through a VPN, so even if that number is known, it can't be used to locate you. All communications with comrades use [end-to-end encryption](/posts/e2ee/) so they do not aid in network mapping. Even if you are unlucky enough to be the target of a well-funded investigation, the hardened operating system makes it difficult to compromise with spyware, and such a compromise should be [detectable](#auditor).
With the set-up described in this guide, if a cop starts with your name, they wont be able to simply look it up in a cellular provider database to get your phone number. If you use the phone as a Wi-Fi only device and always leave it at home, it cannot be used to determine your movement profile and history. If you use a VoIP number, it's accessed through a VPN, so even if that number is known, it can't be used to locate you. All communications with comrades use [end-to-end encryption](/posts/e2ee/) so they do not aid in network mapping. Even if you are unlucky enough to be the target of a well-funded investigation, the hardened operating system makes it difficult to compromise with spyware, and such a compromise should be [detectable](/posts/grapheneos/#auditor).
By storing the phone in a tamper-evident manner when it's not in use, you'll be able to tell if it's been physically accessed. See the guide [Make Your Electronics Tamper-Evident](/posts/tamper/).