csrc links to notrace.how, miscellaneous edits

2025-06-08 06:42:56 -04:00 · 2023-11-12 17:57:58 +00:00 · 2023-11-12 17:57:58 +00:00 · d83276dadb
commit d83276dadb
parent 9d659896fa
17 changed files with 42 additions and 153 deletions
--- a/content/_index.md
+++ b/content/_index.md
@ -9,3 +9,6 @@ title = "Tech Guides for Anarchists"
 * You want to protect your digital devices from covert house visits by law enforcement? → [**Make Your Electronics Tamper-Evident**](/posts/tamper)
 <center><p><a href="/series"><strong>See all guides</strong></a></p>
 <h3><b>Note: AnarSec is currently in a draft state, but will launch in the near future.</b></h3>
--- a/content/contact/_index.md
+++ b/content/contact/_index.md
@ -8,16 +8,10 @@ paginate_by = 5
 <div class="has-text-centered">
 <p>
 **Cwtch**: Coming soon 
 [What is Cwtch?](/posts/e2ee/#cwtch)
 **Email**: anarsec (at) riseup (dot) net 
 [PGP key](/anarsec.asc) 
 [Why we don't recommend email](/posts/e2ee/#pgp-email)
 >Our PGP public key can be verified from a second location [at 0xacab](https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc) - commit history should display "Initial commit". 
 >
 >WayBack Machine of PGP key: [anarsec.guide](https://web.archive.org/web/20230619164601/https://www.anarsec.guide/anarsec.asc) / [0xacab.org](https://web.archive.org/web/20230619164309/https://0xacab.org/anarsec/anarsec.guide/-/blob/no-masters/static/anarsec.asc)
--- a/content/glossary/_index.md
+++ b/content/glossary/_index.md
@ -141,7 +141,7 @@ Phishing is a technique of [social engineering](/glossary/#social-engineering).
 A physical attack is a situation where an adversary first gains physical access to your device through loss, theft, or confiscation. For example, your phone may be confiscated when you cross a border or are arrested. This is in contrast to a [remote attack](/glossary/#remote-attacks). 
-For more information, see [Making Your Electronics Tamper-Evident](/posts/tamper), the [Threat Library](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance/physical-access.html), and [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
+For more information, see [Making Your Electronics Tamper-Evident](/posts/tamper), the [Threat Library](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/physical-access.html), and [Defend Dissent: Protecting Your Devices](https://open.oregonstate.education/defenddissent/chapter/protecting-your-devices/).
 ### Plausible deniability
@ -205,7 +205,7 @@ For more information, see [Tails for Anarchists](/posts/tails).
 Threat modeling is a family of activities for improving security by identifying a set of adversaries, [security goals](/glossary/#security-goal), and [vulnerabilities](/glossary/#vulnerability), and then defining countermeasures to prevent or mitigate the effects of threats to the system. A threat is a potential or actual undesirable event that can be malicious (such as a [DDoS attack](/glossary/#ddos-attack)) or accidental (such as a hard drive failure). Threat modeling is the deliberate activity of identifying and assessing threats and vulnerabilities.
-For more information, see [the CSRC Threat Library](https://www.csrc.link/threat-library/), [Defend Dissent: Digital Threats to Social Movements](https://open.oregonstate.education/defenddissent/chapter/digital-threats/) and [Defending against Surveillance and Suppression](https://open.oregonstate.education/defenddissent/chapter/surveillance-and-suppression/).
+For more information, see [the No Trace Project Threat Library](https://www.notrace.how/threat-library/), [Defend Dissent: Digital Threats to Social Movements](https://open.oregonstate.education/defenddissent/chapter/digital-threats/) and [Defending against Surveillance and Suppression](https://open.oregonstate.education/defenddissent/chapter/surveillance-and-suppression/).
 ### Tor network  
--- a/content/posts/e2ee/index.md
+++ b/content/posts/e2ee/index.md
@ -22,7 +22,7 @@ Before proceeding, there are a few concepts that need to be understood, in order
 * **Peer-to-peer** means that there is no centralized server to trust. 
 * **Tor** is an [anonymity network](/glossary/#tor-network), and some applications route your messages through it by default. 
-For a more in-depth look at these various considerations, we recommend [The Guide to Peer-to-Peer, Encryption, and Tor: New Communication Infrastructure for Anarchists](https://www.csrc.link/#the-guide-to-peer-to-peer-encryption-and-tor). This text criticizes Signal for not being peer-to-peer and not using Tor by default, and goes on to compare Signal, Cwtch, and Briar. 
+For a more in-depth look at these various considerations, we recommend [The Guide to Peer-to-Peer, Encryption, and Tor: New Communication Infrastructure for Anarchists](https://www.notrace.how/resources/#the-guide-to-peer-to-peer-encryption-and-tor). This text criticizes Signal for not being peer-to-peer and not using Tor by default, and goes on to compare Signal, Cwtch, and Briar. 
 Public-facing projects have additional needs for encrypted communication, because they will be interacting with unknown (and untrusted) contacts:
 * Anyone can contact the project without requiring a separate channel
@ -107,7 +107,7 @@ If a project has multiple members, all of them should be able to access the same
 </summary>
 <br>
-If you have decided to use a smartphone despite our [recommendation not to use phones](/posts/nophones/), Cwtch is available for Android. Follow the instructions for [installing software that isn't available in the Play Store](/posts/grapheneos/#software-that-isn-t-on-the-play-store). Updates must be done manually - back up your profile first.
+If you have decided to use a smartphone despite our [recommendation not to use phones](/posts/nophones/), Cwtch is available for Android. Install Cwtch as you would any [app that doesn't require Google Services](/posts/grapheneos/#how-to-install-software) (we don't recommend F-Droid). 
 <br>
 </details>
@ -120,7 +120,7 @@ If you have decided to use a smartphone despite our [recommendation not to use p
 </summary>
 <br>
-Cwtch is still in beta - support for Tails is very new and not thoroughly tested.
+Cwtch support for Tails is very new and not thoroughly tested.
 * Start Tails with an Adminstration Password.
 * Download [Cwtch for Linux](https://cwtch.im/download/#linux) with Tor Browser
@ -157,7 +157,7 @@ Cwtch on Whonix currently has an [issue](https://git.openprivacy.ca/cwtch.im/cwt
 # SimpleX Chat
-![](network.svg) 
+![](network.png) 
 * **Mediums**: Video call, voice call, text
 * **Metadata protection**: Yes (strong)
@ -207,13 +207,13 @@ If a project has multiple members, all of them should be able to access the same
 The Signal Protocol has a moderate amount of metadata protection; [sealed sender](https://signal.org/blog/sealed-sender/), [private contact discovery](https://signal.org/blog/private-contact-discovery/), and the [private group system](https://signal.org/blog/signal-private-group-system/). Message recipient identifiers are only stored on Signal's servers for as long as it takes to deliver each message. As a result, if Signal is served with a warrant, they [will only be able to provide](https://signal.org/bigbrother/) the time of account creation and the date of the account's last connection to the Signal servers. Still, Signal relies on the Google Services Framework (though it's possible to use it without it), and the sealed sender metadata protection applies only to contacts (by default).  
-Signal [is not peer-to-peer](https://www.csrc.link/#the-guide-to-peer-to-peer-encryption-and-tor); it uses centralized servers that we must trust. Signal will work with Tor if used on an operating system that forces it to, such as Whonix or Tails. 
+Signal is not peer-to-peer; it uses centralized servers that we must trust. Signal will work with Tor if used on an operating system that forces it to, such as Whonix or Tails. 
 Signing up for a Signal account is difficult to do anonymously. The account is tied to a phone number that the user must still control - due to [changes in "registration lock"](https://blog.privacyguides.org/2022/11/10/signal-number-registration-update/), it is no longer sufficient to register with a disposable phone number. An anonymous phone number can be obtained [on a burner phone or online](https://anonymousplanet.org/guide.html#getting-an-anonymous-phone-number) and must be maintained - most people will not do this. There have been unfounded rumors that Signal plans to remove the need for a phone number after the release of a username feature - however, [registration will still require a phone number](https://mastodon.world/@Mer__edith/110895045552696836).
 Another barrier to anonymous registration is that Signal Desktop will only work if Signal is first registered from a smartphone. For users familiar with the [command line](/glossary/#command-line-interface-cli), it is possible to register an account from a computer using [Signal-cli](http://wmj5kiic7b6kjplpbvwadnht2nh2qnkbnqtcv3dyvpqtz7ssbssftxid.onion/about.privacy/messengers-on-tails-os/-/wikis/HowTo#signal). The [VoIP](/glossary#voip-voice-over-internet-protocol) account used for registration would have to be obtained anonymously. 
-These barriers to anonymous registration mean that Signal is rarely used anonymously. This has significant implications if the State gains [physical](/glossary/#physical-attacks) or [remote](/glossary/#remote-attacks) access to the device. One of the primary goals of State surveillance of anarchists is [network mapping](https://www.csrc.link/threat-library/techniques/network-mapping.html), and it's common for them to gain physical access to devices through [house raids](https://www.csrc.link/threat-library/techniques/house-raid.html) or even simple arrests. For example, if your device's [authentication is bypassed](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), it is easy for the police to identify all of your Signal contacts (as well as the members of any groups you are in) simply by their phone number. This is a serious security breach, especially in the context of Signal groups. Compare this to the same attack on a Cwtch or SimpleX Chat user - all contacts are anonymous so device compromise does not contribute to network mapping. 
+These barriers to anonymous registration mean that Signal is rarely used anonymously. This has significant implications if the State gains [physical](/glossary/#physical-attacks) or [remote](/glossary/#remote-attacks) access to the device. One of the primary goals of State surveillance of anarchists is [network mapping](https://www.notrace.how/threat-library/techniques/network-mapping.html), and it's common for them to gain physical access to devices through [house raids](https://www.notrace.how/threat-library/techniques/house-raid.html) or even simple arrests. For example, if your device's [authentication is bypassed](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), it is easy for the police to identify all of your Signal contacts (as well as the members of any groups you are in) simply by their phone number. This is a serious security breach, especially in the context of Signal groups. Compare this to the same attack on a Cwtch or SimpleX Chat user - all contacts are anonymous so device compromise does not contribute to network mapping. 
 In a recent repressive operation in France against a riotous demonstration, the police did exactly that. The phones of suspects were accessed through physically seizing them during arrests and house raids, as well as through spyware, and then Signal contacts and group members were identified. These identities were added to the list of suspects who were subsequently investigated. **We need to understand this as a wake-up call that it is time for anarchist networks to stop using Signal**. 
--- a/content/posts/e2ee/network.png
+++ b/content/posts/e2ee/network.png
--- a/content/posts/e2ee/network.svg
+++ b/content/posts/e2ee/network.svg
@ -1,96 +0,0 @@
 <svg width="202" height="122" viewBox="0 0 202 122" fill="none" xmlns="http://www.w3.org/2000/svg">
 <rect x="171.148" y="54.8262" width="30.2948" height="60.5527" rx="4.5" transform="rotate(15 171.148 54.8262)" fill="url(#paint0_linear_621_8180)" stroke="#606C71"/>
 <rect x="172.96" y="60.9698" width="23.6142" height="51.6681" rx="2.5" transform="rotate(15 172.96 60.9698)" fill="url(#paint1_linear_621_8180)" stroke="white"/>
 <rect x="1.11042" y="62.668" width="30.2948" height="60.5527" rx="4.5" transform="rotate(-15 1.11042 62.668)" fill="url(#paint2_linear_621_8180)" stroke="#606C71"/>
 <rect x="5.75153" y="67.083" width="23.6142" height="51.6681" rx="2.5" transform="rotate(-15 5.75153 67.083)" fill="url(#paint3_linear_621_8180)" stroke="white"/>
 <path d="M82.2459 26.1038L82.246 26.1038L100.975 14.6661C100.975 14.6661 100.975 14.6661 100.975 14.6661C101.275 14.4834 101.65 14.4837 101.949 14.6668C101.949 14.6668 101.949 14.6668 101.949 14.6668L120.786 26.2084L121.048 25.782L120.786 26.2084C121.064 26.3786 121.234 26.6819 121.234 27.0093V34.5951C121.234 34.9264 121.06 35.2327 120.777 35.4017L121.011 35.7933L120.777 35.4017L101.907 46.6648C101.606 46.8445 101.23 46.8404 100.933 46.6542L82.2368 34.9379C81.9634 34.7666 81.7969 34.466 81.7969 34.142V26.9054C81.7969 26.5776 81.9674 26.2739 82.2459 26.1038Z" fill="url(#paint4_linear_621_8180)" stroke="#3F484B"/>
 <path d="M100.662 14.3185L81.9329 25.7562C81.5053 26.0173 81.2444 26.4828 81.2444 26.9846V34.2211C81.2444 34.717 81.4992 35.1778 81.9188 35.4407L100.615 47.1571C101.071 47.4429 101.649 47.4491 102.111 47.1733L120.981 35.9101C121.415 35.6507 121.682 35.1812 121.682 34.6743V27.0884C121.682 26.5874 121.422 26.1225 120.995 25.8611L102.158 14.3196C101.699 14.0384 101.122 14.038 100.662 14.3185Z" fill="url(#paint5_linear_621_8180)" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M121.314 26.2285L101.41 38.3856L81.4019 26.2811" fill="url(#paint6_linear_621_8180)"/>
 <path d="M121.314 26.2285L101.41 38.3856L81.4019 26.2811" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M101.384 47.3331V38.4258" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M82.2457 12.844L82.2457 12.844L100.975 1.40636C100.975 1.40635 100.975 1.40635 100.975 1.40635C101.274 1.22366 101.65 1.22395 101.949 1.40707C101.949 1.40707 101.949 1.40707 101.949 1.40708L120.786 12.9486L121.043 12.5299L120.786 12.9486C121.064 13.1189 121.234 13.4222 121.234 13.7495V21.3354C121.234 21.6666 121.06 21.9729 120.777 22.1419L121.011 22.5335L120.777 22.1419L101.907 33.405C101.606 33.5847 101.23 33.5806 100.933 33.3945L82.2365 21.6782C81.9631 21.5068 81.7966 21.2062 81.7966 20.8822V13.6457C81.7966 13.3178 81.9671 13.0141 82.2457 12.844Z" fill="url(#paint7_linear_621_8180)" stroke="#3F484B"/>
 <path d="M100.662 1.04507L81.9329 12.4827C81.5053 12.7438 81.2444 13.2093 81.2444 13.7111V20.9476C81.2444 21.4435 81.4992 21.9044 81.9188 22.1673L100.615 33.8836C101.071 34.1694 101.649 34.1757 102.111 33.8998L120.981 22.6367C121.415 22.3773 121.682 21.9077 121.682 21.4008V13.815C121.682 13.314 121.422 12.849 120.995 12.5877L102.158 1.04617C101.699 0.764939 101.122 0.764545 100.662 1.04507Z" fill="url(#paint8_linear_621_8180)" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M121.314 12.9551L101.41 25.1122L81.4019 13.0077" fill="url(#paint9_linear_621_8180)"/>
 <path d="M121.314 12.9551L101.41 25.1122L81.4019 13.0077" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M101.384 34.0597V25.1523" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M82.2459 92.8352L82.246 92.8352L100.975 81.3976C100.975 81.3976 100.975 81.3976 100.975 81.3976C101.275 81.2149 101.65 81.2152 101.949 81.3983C101.949 81.3983 101.949 81.3983 101.949 81.3983L120.786 92.9398L121.048 92.5135L120.786 92.9398C121.064 93.1101 121.234 93.4134 121.234 93.7408V101.327C121.234 101.658 121.06 101.964 120.777 102.133L121.011 102.525L120.777 102.133L101.907 113.396C101.606 113.576 101.23 113.572 100.933 113.386L82.2368 101.669C81.9634 101.498 81.7969 101.197 81.7969 100.873V93.6369C81.7969 93.309 81.9674 93.0053 82.2459 92.8352Z" fill="url(#paint10_linear_621_8180)" stroke="#3F484B"/>
 <path d="M100.662 81.05L81.9329 92.4876C81.5053 92.7487 81.2444 93.2142 81.2444 93.716V100.953C81.2444 101.448 81.4992 101.909 81.9188 102.172L100.615 113.889C101.071 114.174 101.649 114.181 102.111 113.905L120.981 102.642C121.415 102.382 121.682 101.913 121.682 101.406V93.8198C121.682 93.3188 121.422 92.8539 120.995 92.5926L102.158 81.0511C101.699 80.7698 101.122 80.7694 100.662 81.05Z" fill="url(#paint11_linear_621_8180)" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M121.314 92.96L101.411 105.117L81.4021 93.0126" fill="url(#paint12_linear_621_8180)"/>
 <path d="M121.314 92.96L101.411 105.117L81.4021 93.0126" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M101.384 114.065V105.157" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M82.2462 79.5754L82.2462 79.5754L100.976 68.1378C100.976 68.1378 100.976 68.1378 100.976 68.1378C101.275 67.9551 101.651 67.9554 101.95 68.1385C101.95 68.1385 101.95 68.1385 101.95 68.1385L120.787 79.68L121.043 79.2613L120.787 79.6801C121.065 79.8503 121.234 80.1536 121.234 80.481V88.0668C121.234 88.398 121.061 88.7043 120.777 88.8733L121.011 89.265L120.777 88.8733L101.907 100.136C101.606 100.316 101.23 100.312 100.933 100.126L82.237 88.4096C81.9636 88.2383 81.7971 87.9376 81.7971 87.6136V80.3771C81.7971 80.0492 81.9676 79.7456 82.2462 79.5754Z" fill="url(#paint13_linear_621_8180)" stroke="#3F484B"/>
 <path d="M100.662 67.7775L81.9329 79.2151C81.5053 79.4762 81.2444 79.9418 81.2444 80.4435V87.6801C81.2444 88.1759 81.4992 88.6368 81.9188 88.8997L100.615 100.616C101.071 100.902 101.649 100.908 102.111 100.632L120.981 89.3691C121.415 89.1097 121.682 88.6401 121.682 88.1332V80.5474C121.682 80.0464 121.422 79.5815 120.995 79.3201L102.158 67.7786C101.699 67.4974 101.122 67.497 100.662 67.7775Z" fill="url(#paint14_linear_621_8180)" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M121.314 79.6875L101.411 91.8446L81.4021 79.7401" fill="url(#paint15_linear_621_8180)"/>
 <path d="M121.314 79.6875L101.411 91.8446L81.4021 79.7401" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M101.384 100.792V91.8848" stroke="#3F484B" stroke-miterlimit="10"/>
 <path d="M46.3039 83.9824C46.1087 84.1776 46.1087 84.4942 46.3039 84.6895L49.4859 87.8715C49.6812 88.0667 49.9977 88.0667 50.193 87.8715C50.3883 87.6762 50.3883 87.3596 50.193 87.1644L47.3646 84.3359L50.193 81.5075C50.3883 81.3122 50.3883 80.9957 50.193 80.8004C49.9977 80.6051 49.6812 80.6051 49.4859 80.8004L46.3039 83.9824ZM46.6575 84.8359L73.687 84.8359L73.687 83.8359L46.6575 83.8359L46.6575 84.8359Z" fill="#606C71"/>
 <path d="M128.736 83.9824C128.541 84.1776 128.541 84.4942 128.736 84.6895L131.918 87.8715C132.114 88.0667 132.43 88.0667 132.625 87.8715C132.821 87.6762 132.821 87.3596 132.625 87.1644L129.797 84.3359L132.625 81.5075C132.821 81.3122 132.821 80.9957 132.625 80.8004C132.43 80.6051 132.114 80.6051 131.918 80.8004L128.736 83.9824ZM129.09 84.8359L156.119 84.8359L156.119 83.8359L129.09 83.8359L129.09 84.8359Z" fill="#606C71"/>
 <path d="M71.9403 38.8116C71.9403 38.5355 71.7165 38.3116 71.4403 38.3116L66.9403 38.3116C66.6642 38.3116 66.4403 38.5355 66.4403 38.8116C66.4403 39.0878 66.6642 39.3116 66.9403 39.3116H70.9403V43.3116C70.9403 43.5878 71.1642 43.8116 71.4403 43.8116C71.7165 43.8116 71.9403 43.5878 71.9403 43.3116V38.8116ZM49.2579 61.7012L71.7939 39.1652L71.0868 38.4581L48.5507 60.9941L49.2579 61.7012Z" fill="#606C71"/>
 <path d="M153.351 61.0337C153.627 61.0337 153.851 60.8099 153.851 60.5337L153.851 56.0337C153.851 55.7576 153.627 55.5337 153.351 55.5337C153.075 55.5337 152.851 55.7576 152.851 56.0337V60.0337H148.851C148.575 60.0337 148.351 60.2576 148.351 60.5337C148.351 60.8099 148.575 61.0337 148.851 61.0337H153.351ZM131.505 39.3946L152.997 60.8873L153.704 60.1802L132.212 38.6875L131.505 39.3946Z" fill="#606C71"/>
 <defs>
 <linearGradient id="paint0_linear_621_8180" x1="201.629" y1="54.2139" x2="160.994" y2="61.265" gradientUnits="userSpaceOnUse">
 <stop stop-color="#53C1FF"/>
 <stop offset="1" stop-color="#0053D0"/>
 </linearGradient>
 <linearGradient id="paint1_linear_621_8180" x1="196.859" y1="60.3574" x2="164.752" y2="65.4785" gradientUnits="userSpaceOnUse">
 <stop stop-color="#53C1FF"/>
 <stop offset="1" stop-color="#0053D0"/>
 </linearGradient>
 <linearGradient id="paint2_linear_621_8180" x1="31.3326" y1="62.3144" x2="-9.30308" y2="69.3656" gradientUnits="userSpaceOnUse">
 <stop stop-color="#53C1FF"/>
 <stop offset="1" stop-color="#0053D0"/>
 </linearGradient>
 <linearGradient id="paint3_linear_621_8180" x1="29.3914" y1="66.7295" x2="-2.71522" y2="71.8505" gradientUnits="userSpaceOnUse">
 <stop stop-color="#53C1FF"/>
 <stop offset="1" stop-color="#0053D0"/>
 </linearGradient>
 <linearGradient id="paint4_linear_621_8180" x1="121.14" y1="14.0293" x2="74.9932" y2="33.173" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint5_linear_621_8180" x1="121.087" y1="14.1084" x2="74.9407" y2="33.2521" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint6_linear_621_8180" x1="120.727" y1="26.2285" x2="97.0576" y2="52.7495" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint7_linear_621_8180" x1="121.139" y1="0.769524" x2="74.993" y2="19.9133" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint8_linear_621_8180" x1="121.087" y1="0.834954" x2="74.9407" y2="19.9787" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint9_linear_621_8180" x1="120.727" y1="12.9551" x2="97.0576" y2="39.4761" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint10_linear_621_8180" x1="121.14" y1="80.7607" x2="74.9932" y2="99.9045" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint11_linear_621_8180" x1="121.087" y1="80.8398" x2="74.9407" y2="99.9836" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint12_linear_621_8180" x1="120.727" y1="92.96" x2="97.0578" y2="119.481" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint13_linear_621_8180" x1="121.14" y1="67.501" x2="74.9934" y2="86.6447" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint14_linear_621_8180" x1="121.087" y1="67.5674" x2="74.9407" y2="86.7111" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 <linearGradient id="paint15_linear_621_8180" x1="120.727" y1="79.6875" x2="97.0578" y2="106.209" gradientUnits="userSpaceOnUse">
 <stop stop-color="#FDFF97"/>
 <stop offset="1" stop-color="#F1DA09"/>
 </linearGradient>
 </defs>
 </svg>
--- a/content/posts/grapheneos/index.md
+++ b/content/posts/grapheneos/index.md
@ -19,7 +19,7 @@ letter="grapheneos-letter.pdf"
 # What is GrapheneOS?
-GrapheneOS is a private and secure version of the Android [operating system](/glossary#operating-system-os). Standard Android smartphones have Google baked into them (for example, [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) have irrevocable access to your files, call logs, location, etc.), and it is trivial to [bypass standard Android authentication](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html) with [physical access](/glossary/#physical-attacks) to the device. GrapheneOS uses hardware-based security to [greatly increase the difficulty](https://grapheneos.org/faq#encryption) of bypassing authentication, is significantly [hardened](/glossary#hardening) against hacking, and has all Google apps and services removed by default. There are other alternative Android operating systems, [but they are inferior](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/). See the [GrapheneOS documentation](https://grapheneos.org/features) for an extensive list of privacy and security improvements over standard Android. GrapheneOS is [regularly audited](https://grapheneos.org/faq#audit).
+GrapheneOS is a private and secure version of the Android [operating system](/glossary#operating-system-os). Standard Android smartphones have Google baked into them (for example, [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) have irrevocable access to your files, call logs, location, etc.), and it is trivial to [bypass standard Android authentication](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html) with [physical access](/glossary/#physical-attacks) to the device. GrapheneOS uses hardware-based security to [greatly increase the difficulty](https://grapheneos.org/faq#encryption) of bypassing authentication, is significantly [hardened](/glossary#hardening) against hacking, and has all Google apps and services removed by default. There are other alternative Android operating systems, [but they are inferior](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/). See the [GrapheneOS documentation](https://grapheneos.org/features) for an extensive list of privacy and security improvements over standard Android. GrapheneOS is [regularly audited](https://grapheneos.org/faq#audit).
 Due to the nature of [how the technology works](https://privsec.dev/posts/android/android-tips/#carrier-tracking), cell phones leave a geolocation history when they connect to cell towers. For this reason, we recommend that you use a smartphone that stays at home like a landline and connects to the Internet via Wi-Fi in airplane mode, rather than using a SIM card to connect through cell towers. Even if you use an anonymously purchased SIM card, if it is linked to your identity in the future, the service provider can be retroactively queried for all geolocation data. Furthermore, it's not enough to only leave your phone at home when you're going to a demo or action, as this will [stand out](/posts/nophones/#metadata-patterns) as an outlier and serve as an indication of conspiratorial activity in that time window. 
@ -136,8 +136,6 @@ Some apps are not on the Play Store, either because they're still in development
 As an example of how to use Obtainium, Molly-FOSS is a hardened version of Signal without [Google software](https://github.com/mollyim/mollyim-android#free-and-open-source) and is available from [Github Releases](https://github.com/mollyim/mollyim-android/releases). In Obtanium, press **Add App**, then copy the Github Releases URL. Obtanium will be able to install the app, and if there is a new version, you will get a system notification and an update icon next to it, and you will need to update it manually.   
 Cwtch is not yet available on the Google Play Store and can be added to Obtainium by entering the [download page URL](https://cwtch.im/download/).  
 ## Software That Requires Google Play Services
 If there is an app you want to use that requires Google Play services, create a specific user profile for it from the Owner user profile; you can name it Google. This is also a good way to isolate any app you need to use that isn't [open-source](/glossary/#open-source) or reputable. If you create a Google user profile, you will need to install and configure Sandboxed Google Play in it. 
--- a/content/posts/linux/index.md
+++ b/content/posts/linux/index.md
@ -21,7 +21,7 @@ As an anarchist, you've probably heard the recommendation to use a Linux compute
 # What is Linux and Why Use It? 
-If you are reading this, you are probably using either Windows or macOS on your computer. These are both [operating systems](/glossary#operating-system-os), which is the system software that runs your device. They're also both "closed-source", which means that the software's "*source* code" is not available (*closed*) to the public, so it can't be audited for privacy and security. Windows and macOS computers send your data to Microsoft and Apple, and you can't trust their [full-disk encryption](/glossary#full-disk-encryption-fde) to protect your data if the computer is [physically accessed](/glossary/#physical-attacks) (like after a [house raid](https://www.csrc.link/threat-library/techniques/house-raid.html)). 
+If you are reading this, you are probably using either Windows or macOS on your computer. These are both [operating systems](/glossary#operating-system-os), which is the system software that runs your device. They're also both "closed-source", which means that the software's "*source* code" is not available (*closed*) to the public, so it can't be audited for privacy and security. Windows and macOS computers send your data to Microsoft and Apple, and you can't trust their [full-disk encryption](/glossary#full-disk-encryption-fde) to protect your data if the computer is [physically accessed](/glossary/#physical-attacks) (like after a [house raid](https://www.notrace.how/threat-library/techniques/house-raid.html)). 
 Linux is a set of operating systems that are [open-source](/glossary#open-source), which means that the *source* code can be analyzed by anyone. Linux is the name given to the core (**kernel**) of the operating system, and many different **distributions** (or 'distros') are based on it. Simply put, *Linux is the only type of computer that anarchists can trust*. 
--- a/content/posts/nophones/index.md
+++ b/content/posts/nophones/index.md
@ -14,7 +14,7 @@ a4="nophones-a4.pdf"
 letter="nophones-letter.pdf"
 +++
-With effective [security culture and operational security](https://www.csrc.link/read/csrc-bulletin-1-en.html#header-a-base-to-stand-on-distinguishing-opsec-and-security-culture), the forces of repression wouldn't  know about our specific criminal activities, but they also wouldn't know about our lives, [relationships](https://www.csrc.link/threat-library/techniques/network-mapping.html), movement patterns, and so on. This knowledge is a huge advantage in narrowing down suspects and conducting targeted surveillance. Your phone's location is [tracked at all times](https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon), and this data is harvested by private companies, allowing police to bypass laws requiring them to obtain a warrant. The phone's [hardware identifiers and subscription information](https://anonymousplanet.org/guide.html#your-imei-and-imsi-and-by-extension-your-phone-number) are logged by cell towers with every connection. Hacking services like [Pegasus](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/) put total phone compromise within reach of even local law enforcement and are "zero-click," meaning success doesn't depend on you clicking a link or opening a file. 
+With effective [security culture and operational security](https://www.notrace.how/resources/read/csrc-bulletin-1-en.html#header-a-base-to-stand-on-distinguishing-opsec-and-security-culture), the forces of repression wouldn't  know about our specific criminal activities, but they also wouldn't know about our lives, [relationships](https://www.notrace.how/threat-library/techniques/network-mapping.html), movement patterns, and so on. This knowledge is a huge advantage in narrowing down suspects and conducting targeted surveillance. Your phone's location is [tracked at all times](https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon), and this data is harvested by private companies, allowing police to bypass laws requiring them to obtain a warrant. The phone's [hardware identifiers and subscription information](https://anonymousplanet.org/guide.html#your-imei-and-imsi-and-by-extension-your-phone-number) are logged by cell towers with every connection. Hacking services like [Pegasus](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/) put total phone compromise within reach of even local law enforcement and are "zero-click," meaning success doesn't depend on you clicking a link or opening a file. 
 <!-- more -->
@ -22,7 +22,7 @@ On the flip side, after more than 30 recent arsons in a small town in France wen
 # Encryption and Geolocation
-Some comrades respond to the issues with smartphones by using flip phones or a landline to communicate with each other, but this approach leaves nothing hidden from the eyes of the State because nothing is [encrypted](/glossary/#encryption) - neither the content of your conversations nor who is talking to whom. For example, in a [recent repressive operation](https://www.csrc.link/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan), the police set up real-time geolocation of the suspect's phone and made a list of everyone the suspect communicated with using unencrypted phone calls. A short biography was written for each contact.
+Some comrades respond to the issues with smartphones by using flip phones or a landline to communicate with each other, but this approach leaves nothing hidden from the eyes of the State because nothing is [encrypted](/glossary/#encryption) - neither the content of your conversations nor who is talking to whom. For example, in a [recent repressive operation](https://www.notrace.how/resources/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan), the police set up real-time geolocation of the suspect's phone and made a list of everyone the suspect communicated with using unencrypted phone calls. A short biography was written for each contact.
 It has become quite common for comrades to carry a cell phone around with them wherever they go, and in the contexts where people use flip phones, to make unencrypted calls to other anarchists. We think both of these practices should be completely avoided. Let's not make the job of the police and intelligence agencies so easy by providing them with our social network and geolocation history on a silver platter. 
@ -32,7 +32,7 @@ Another primary goal of targeted surveillance is to map the target's social netw
 # Metadata Patterns
-The normalization of constant connectivity within dominant society has led some anarchists to correctly note that the [metadata](/glossary/#metadata) generated by phone activity is useful to investigators.  However, the conclusion that some draw from this insight, that we should ["never turn off the phone,"](https://www.csrc.link/#never-turn-off-the-phone-a-new-approach-to-security-culture) takes us in the wrong direction. Their logic is that if you step out of the normal metadata patterns, those moments become suspicious, and if those moments coincide with when an action occurs, that could be used as evidence to link you to the crime or to investigate you more closely. This is true, but the only conclusion that can be drawn from this - which is not a total dead end, at least - is to minimize the creation of normal metadata patterns in the first place.
+The normalization of constant connectivity within dominant society has led some anarchists to correctly note that the [metadata](/glossary/#metadata) generated by phone activity is useful to investigators.  However, the conclusion that some draw from this insight, that we should ["never turn off the phone,"](https://web.archive.org/web/20210126183740/https://325.nostate.net/2018/11/09/never-turn-off-the-phone-a-new-approach-to-security-culture) takes us in the wrong direction. Their logic is that if you step out of the normal metadata patterns, those moments become suspicious, and if those moments coincide with when an action occurs, that could be used as evidence to link you to the crime or to investigate you more closely. This is true, but the only conclusion that can be drawn from this - which is not a total dead end, at least - is to minimize the creation of normal metadata patterns in the first place.
 Our connections to the infrastructures of domination must remain sporadic and unpredictable if we are to retain any semblance of freedom and ability to strike at the enemy. What if the reconnaissance required for an action requires an entire weekend away from electronic devices? Or let's start with the simple fact that phones must be left at home during an action - this only becomes the outlier to a pattern if phones otherwise accompany us wherever we go. In a normatively "always connected" life, either of these metadata changes would stick out like a sore thumb, but this is not the case if you refuse to always be plugged in.
--- a/content/posts/qubes/index.md
+++ b/content/posts/qubes/index.md
@ -21,9 +21,9 @@ Qubes OS can be configured to force all Internet connections through the [Tor ne
 # Who is Qubes OS For? 
-Given that anarchists are [regularly targeted](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance/malware.html) for hacking in repressive investigations, Qubes OS is an excellent choice for us. AnarSec [recommends](/recommendations) Qubes OS for everyday use, and [below](#when-to-use-tails-vs-qubes-os) we compare when it is appropriate to use Tails vs. Qubes OS - both have unique strengths. While Tails is so easy to use that you don't even need to know anything about Linux, Qubes OS is a bit more involved, but still designed to be accessible to users like journalists who don't know much about Linux. This guide is labelled as "intermediate", though if you need to extensively customize your set up or troubleshoot something, it is more likely to be "advanced". 
+Given that anarchists are [regularly targeted](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/malware.html) for hacking in repressive investigations, Qubes OS is an excellent choice for us. AnarSec [recommends](/recommendations) Qubes OS for everyday use, and [below](#when-to-use-tails-vs-qubes-os) we compare when it is appropriate to use Tails vs. Qubes OS - both have unique strengths. While Tails is so easy to use that you don't even need to know anything about Linux, Qubes OS is a bit more involved, but still designed to be accessible to users like journalists who don't know much about Linux. This guide is labelled as "intermediate", though if you need to extensively customize your set up or troubleshoot something, it is more likely to be "advanced". 
-Even if nothing directly incriminating is done on a computer you use every day, its compromise will still give investigators a field day for [network mapping](https://www.csrc.link/threat-library/techniques/network-mapping.html) - knowing who you talk to and what you talk to them about, what projects you are involved in, what websites you read, etc. Most anarchists use everyday computers for some anarchist projects and to commmunicate with other comrades, so making our personal computers difficult to hack is a reasonable goal for all anarchists. That said, the time investment to learn Qubes OS isn't for everyone. For those with limited energy to put towards increased anonymity and security, Tails is much more straightforward.  
+Even if nothing directly incriminating is done on a computer you use every day, its compromise will still give investigators a field day for [network mapping](https://www.notrace.how/threat-library/techniques/network-mapping.html) - knowing who you talk to and what you talk to them about, what projects you are involved in, what websites you read, etc. Most anarchists use everyday computers for some anarchist projects and to commmunicate with other comrades, so making our personal computers difficult to hack is a reasonable goal for all anarchists. That said, the time investment to learn Qubes OS isn't for everyone. For those with limited energy to put towards increased anonymity and security, Tails is much more straightforward.  
 # How Does Qubes OS Work? 
@ -73,7 +73,7 @@ Qubes includes Whonix by default for when you want to force all connections thro
 >
 >Whonix virtual machines may be more leak-proof, however they are not amnesic, meaning data may be recovered from your storage device. By design, Tails is meant to completely reset itself after each reboot. Encrypted persistent storage can be configured to store some data between reboots. 
-In order to recover data from a Qubes OS system, the [Full Disk Encryption](/glossary#full-disk-encryption-fde) would still need to be successfully [bypassed](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html) (e.g. by seizing the computer when it is turned on, or using a weak password). If the Tails Persistent Storage feature is in use, any data configured to persist will face the same problem. 
+In order to recover data from a Qubes OS system, the [Full Disk Encryption](/glossary#full-disk-encryption-fde) would still need to be successfully [bypassed](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html) (e.g. by seizing the computer when it is turned on, or using a weak password). If the Tails Persistent Storage feature is in use, any data configured to persist will face the same problem. 
 Our recommendation is to use Qubes OS:
@ -279,7 +279,7 @@ You don't always need to attach a USB drive to another qube with the Qubes Devic
 # How to Backup
-Once your qubes are organized the way you want them, you should back up your system. Depending on your needs, we recommend a weekly backup - pick a day of the week and add a reminder to your calendar. We also recommend a redundant backup that is stored off-site and synchronized monthly (to protect against data loss in a [house raid](https://www.csrc.link/threat-library/techniques/house-raid.html)).  
+Once your qubes are organized the way you want them, you should back up your system. Depending on your needs, we recommend a weekly backup - pick a day of the week and add a reminder to your calendar. We also recommend a redundant backup that is stored off-site and synchronized monthly (to protect against data loss in a [house raid](https://www.notrace.how/threat-library/techniques/house-raid.html)).  
 Adapted from the [docs](https://www.qubes-os.org/doc/how-to-back-up-restore-and-migrate/#creating-a-backup):
@ -333,7 +333,7 @@ There is much more flexibility in how you configure Qubes OS than Tails, but mos
 	* Compartmentalization is baked into Qubes OS; instead of restarting Tails, use a dedicated qube. 
 * Limitations of the Tor network
 	* For sensitive activities, don't use Internet connections that could deanonymize you, and prioritize .onion links when available. BusKill is also [available for Qubes OS](https://www.buskill.in/qubes-os/) (and we recommend not obtaining it through the mail).
-	* If you might be a target for physical surveillance, consider doing [surveillance detection](https://www.csrc.link/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://www.csrc.link/threat-library/mitigations/anti-surveillance.html) before going to a cafe. Alternatively, use a Wi-Fi antenna from indoors. 
+	* If you might be a target for physical surveillance, consider doing [surveillance detection](https://www.notrace.how/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://www.notrace.how/threat-library/mitigations/anti-surveillance.html) before going to a cafe. Alternatively, use a Wi-Fi antenna from indoors. 
 * Reducing risks when using untrusted computers
 	* The [verification stage](https://www.qubes-os.org/security/verifying-signatures/) of the Qubes OS installation is equivalent to the [GnuPG verification of Tails](https://tails.boum.org/install/expert/index.en.html).
 	* Only attach USBs and external drives to a qube that is disposable and offline. 
--- a/content/posts/tails-best/index.md
+++ b/content/posts/tails-best/index.md
@ -16,7 +16,7 @@ letter="tails-best-letter.pdf"
 As mentioned in our [recommendations](/recommendations/#your-computer), Tails is an [operating system](/glossary#operating-system-os) that is unparalleled for sensitive computer use that requires leaving no forensic trace (writing and sending communiques, research for actions, etc.). Tails runs from a USB drive and is [designed](https://tails.boum.org/about/index.en.html) to leave no trace of your activity on your computer, and to force all Internet connections through the [Tor network](/glossary#tor-network). If you are new to Tails, start with [Tails for Anarchists](/posts/tails/). 
-This text describes some additional precautions you can take that are relevant to an anarchist [threat model](/glossary#threat-model) - operational security for Tails. Not all anarchist threat models are the same, and only you can decide which mitigations are worth putting into practice for your activities, but we aim to provide advice that is appropriate for high-risk activities. The [CSRC Threat Library](https://www.csrc.link/threat-library/) is another great resource for thinking through your threat model and appropriate mitigations. 
+This text describes some additional precautions you can take that are relevant to an anarchist [threat model](/glossary#threat-model) - operational security for Tails. Not all anarchist threat models are the same, and only you can decide which mitigations are worth putting into practice for your activities, but we aim to provide advice that is appropriate for high-risk activities. The [No Trace Project Threat Library](https://www.notrace.how/threat-library/) is another great resource for thinking through your threat model and appropriate mitigations. 
 <!-- more -->
@ -43,7 +43,7 @@ You can mitigate this first issue by **cleaning metadata from files before shari
 You can mitigate this second issue by what's called **"compartmentalization"**:
-* [Compartmentalization](https://www.csrc.link/threat-library/mitigations/compartmentalization.html) means keeping different activities or projects separate. If you use Tails sessions for more than one purpose at a time, an adversary could link your different activities together. For example, if you log into different accounts on the same website in a single Tails session, the website could determine that the accounts are being used by the same person. This is because websites can tell when two accounts are using the same Tor circuit.
+* [Compartmentalization](https://www.notrace.how/threat-library/mitigations/compartmentalization.html) means keeping different activities or projects separate. If you use Tails sessions for more than one purpose at a time, an adversary could link your different activities together. For example, if you log into different accounts on the same website in a single Tails session, the website could determine that the accounts are being used by the same person. This is because websites can tell when two accounts are using the same Tor circuit.
 * To prevent an adversary from linking your activities while using Tails, restart Tails between different activities. For example, restart Tails between checking different project emails.
 * Tails is amnesiac by default, so to save any data from a Tails session, you must save it to a USB. If the files you save could be used to link your activities together, use a different encrypted ([LUKS](/glossary#luks)) USB stick for each activity. For example, use one Tails USB stick for moderating a website and another for researching actions. Tails has a feature called Persistent Storage, but we do not recommend using it for data storage, explained [below](#using-a-write-protect-switch).  
@ -86,14 +86,14 @@ Use an Internet connection that isn't connected to you, such as in a cafe withou
 As described in the quotation above, a global adversary (i.e. the NSA) may be capable of breaking Tor through a [correlation attack](https://anonymousplanet.org/guide.html#your-anonymized-torvpn-traffic). If this happens, the Internet address you used in a coffee shop without CCTV cameras will only lead to your general area (e.g. your city) because it is not associated with you. Of course, this is less true if you use it routinely. Correlation attacks are even less feasible against connections to an .onion address because you never leave the Tor network, so there is no "end" to correlate with through network traffic analysis (if the server location is unknown to the adversary).  
-What we will term a "targeted" correlation attack is possible by a non-global adversary (i.e. local law enforcement), if you are already in their sights and a target of [physical surveillance](https://www.csrc.link/threat-library/techniques/physical-surveillance/covert.html) and/or [digital surveillance](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance.html). This is a subtype of correlation attack where the presumed target is already known, thus making the attack easier to achieve because it vastly reduces the amount of data to filter through for correlation. A non-targeted correlation attack used to deanonymize a Tor user is unprecedented in current evidence used in court, although [a "targeted" correlation attack has been used](https://medium.com/beyond-install-tor-signal/case-file-jeremy-hammond-514facc780b8) as corroborating evidence - a suspect had already been identified, which allowed investigators to correlate their local footprint with specific online activity. Specifically, they correlated Tor network traffic coming from the suspect's house with the times their anonymous alias was online in chatrooms. 
+What we will term a "targeted" correlation attack is possible by a non-global adversary (i.e. local law enforcement), if you are already in their sights and a target of [physical surveillance](https://www.notrace.how/threat-library/techniques/physical-surveillance/covert.html) and/or [digital surveillance](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance.html). This is a subtype of correlation attack where the presumed target is already known, thus making the attack easier to achieve because it vastly reduces the amount of data to filter through for correlation. A non-targeted correlation attack used to deanonymize a Tor user is unprecedented in current evidence used in court, although [a "targeted" correlation attack has been used](https://medium.com/beyond-install-tor-signal/case-file-jeremy-hammond-514facc780b8) as corroborating evidence - a suspect had already been identified, which allowed investigators to correlate their local footprint with specific online activity. Specifically, they correlated Tor network traffic coming from the suspect's house with the times their anonymous alias was online in chatrooms. 
 To explain how this works, it helps if you have a basic understanding of what Tor information is visible to various third parties - see the EFF's [interactive graphic](https://www.eff.org/pages/tor-and-https). For a non-targeted correlation attack, the investigator will need to **start from after Tor's exit node**: take the specific online activity coming from the exit node and try to correlate it with an enormous amount of global data that is entering Tor entry nodes. However, if a suspect is already identified, the investigator can instead do a "targeted" correlation attack and **start from before Tor's entry node**: take the data entering the entry node (via **the suspect's physical or digital footprint**) and try to correlate it with **specific online activity** coming from the exit node. 
 A more sophisticated analysis of the specific online activity would involve logging the connections to the server for detailed comparison, and a simple analysis would be something that is publicly visible to anyone (such as when your alias is online in a chatroom, or when a post is published to a website). For your physical footprint, a surveillance operation can note that you go to a cafe regularly, then try to correlate this with online activity they suspect you of (for example, if they suspect you are a website moderator, they can try to correlate these time windows with web moderator activity). For your digital footprint, if you are using Internet from home, an investigator can log all your Tor traffic and then try to correlate it with specific online activity.
-* Possible mitigations in this scenario include **doing [surveillance detection](https://www.csrc.link/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://www.csrc.link/threat-library/mitigations/anti-surveillance.html) before going to a coffee shop**, and changing Wi-Fi locations regularly. For projects like moderating a website that require daily Internet access, this may not be particularly realistic. In that case, the ideal mitigation is to **use a Wi-Fi antenna from indoors** (guide coming soon) - a physical surveillance effort won't see you entrying a cafe, and a digital surveillance effort won't see anything on your home Internet. If this is too technical for you, you may even want to **use your home internet** for some projects that require very frequent internet access. This contradicts the previous advice to not use your personal Wi-Fi. It's a trade-off: using Tor from home avoids creating a physical footprint that is so easy to observe, at the expense of creating a digital footprint which is more technical to observe, and may be harder to draw meaningful conclusions from (especially if you intentionally [make correlation attacks more difficult](/posts/tails/#make-correlation-attacks-more-difficult)). 
+* Possible mitigations in this scenario include **doing [surveillance detection](https://www.notrace.how/threat-library/mitigations/surveillance-detection.html) and [anti-surveillance](https://www.notrace.how/threat-library/mitigations/anti-surveillance.html) before going to a coffee shop**, and changing Wi-Fi locations regularly. For projects like moderating a website that require daily Internet access, this may not be particularly realistic. In that case, the ideal mitigation is to **use a Wi-Fi antenna from indoors** (guide coming soon) - a physical surveillance effort won't see you entrying a cafe, and a digital surveillance effort won't see anything on your home Internet. If this is too technical for you, you may even want to **use your home internet** for some projects that require very frequent internet access. This contradicts the previous advice to not use your personal Wi-Fi. It's a trade-off: using Tor from home avoids creating a physical footprint that is so easy to observe, at the expense of creating a digital footprint which is more technical to observe, and may be harder to draw meaningful conclusions from (especially if you intentionally [make correlation attacks more difficult](/posts/tails/#make-correlation-attacks-more-difficult)). 
-* If you want to submit a report-back the morning after a riot, or a communique shortly after an action (times when there may be a higher risk of targeted surveillance), consider waiting and at least taking surveillance detection and anti-surveillance measures beforehand. In 2010, the morning after a bank arson in Canada, police surveilled a suspect as he traveled from his home to an Internet cafe, and watched him post the communique and then bury the laptop in the woods. More recently, investigators physically surveilling [an anarchist in France](https://www.csrc.link/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan) installed a hidden camera to monitor access to an Internet cafe near the comrade's home and requested CCTV footage for the day an arson communique was sent.  
+* If you want to submit a report-back the morning after a riot, or a communique shortly after an action (times when there may be a higher risk of targeted surveillance), consider waiting and at least taking surveillance detection and anti-surveillance measures beforehand. In 2010, the morning after a bank arson in Canada, police surveilled a suspect as he traveled from his home to an Internet cafe, and watched him post the communique and then bury the laptop in the woods. More recently, investigators physically surveilling [an anarchist in France](https://www.notrace.how/resources/#quelques-premiers-elements-du-dossier-d-enquete-contre-ivan) installed a hidden camera to monitor access to an Internet cafe near the comrade's home and requested CCTV footage for the day an arson communique was sent.  
 To summarize: For highly sensitive activities, use Internet from a random cafe, preceeded by surveillance detection just like you would prior to a direct action. For activities that require frequent internet access such that the random cafe model isn't sustainable, it's best to use a Wi-Fi antenna positioned behind a window to access from a few kilometers away. If this is too technical for you, using your home Wi-Fi is an option, but requires putting faith in it being difficult to break Tor with a non-targeted correlation attack, and it being difficult to draw meaningful conclusions from your home's Tor traffic through a "targeted" correlation attack. 
@ -212,7 +212,7 @@ If you are using Persistent Storage, this is another passphrase that you will ha
 ## Encrypted containers 
-[LUKS](/glossary#luks) is great, but defense-in-depth can't hurt. If the police seize your USB in a house raid, they will try a [variety of tactics to bypass the authentication](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), so a second layer of defense with a different encryption implementation can be useful for highly sensitive data. 
+[LUKS](/glossary#luks) is great, but defense-in-depth can't hurt. If the police seize your USB in a house raid, they will try a [variety of tactics to bypass the authentication](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html), so a second layer of defense with a different encryption implementation can be useful for highly sensitive data. 
 [Gocryptfs](https://nuetzlich.net/gocryptfs/) is an encrypted container program that is [available for Debian](https://packages.debian.org/bullseye/gocryptfs) and can be easily installed as [additional software](/posts/tails/#optional-create-and-configure-persistent-storage). If you don't want to reinstall it every session, you will need to [configure Additional Software in Persistent Storage](#using-a-write-protect-switch). 
@ -407,4 +407,4 @@ Now that we know that we have a genuine version of the Tails .img file, we can p
 [^8]: Recognizable by the green fields in the column "Non-free firmware required."
-[^9]: AnarSec note: Keep in mind that a car can easily be [tracked with a GPS device](https://www.csrc.link/threat-library/techniques/covert-surveillance-devices/location.html). 
+[^9]: AnarSec note: Keep in mind that a car can easily be [tracked with a GPS device](https://www.notrace.how/threat-library/techniques/covert-surveillance-devices/location.html). 
--- a/content/posts/tails/index.md
+++ b/content/posts/tails/index.md
@ -58,7 +58,7 @@ Tails is not magic and has many limitations. The Internet and computers are host
 Building a threat model is simply a matter of asking yourself certain questions. Who am I defending against? What are their capabilities? What would be the consequences if they had access to that data? And then, based on the particular situation, assess how you can protect yourself. 
-It makes no sense to say "this tool is secure". Security always depends on the threat model and the level (network, hardware, software, etc.). For more information on this topic, see the [Threat Library](https://www.csrc.link/threat-library/). 
+It makes no sense to say "this tool is secure". Security always depends on the threat model and the level (network, hardware, software, etc.). For more information on this topic, see the [Threat Library](https://www.notrace.how/threat-library/). 
 # I) The Basics of Using Tails
--- a/content/posts/tamper/index.md
+++ b/content/posts/tamper/index.md
@ -14,14 +14,14 @@ a4="tamper-a4.pdf"
 letter="tamper-letter.pdf"
 +++
-If the police ever have [physical access](/glossary/#physical-attacks) to an electronic device like a laptop, even [for five minutes](https://www.vice.com/en/article/a3q374/hacker-bios-firmware-backdoor-evil-maid-attack-laptop-5-minutes), they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. One way to minimize this risk is to make it tamper-evident. As the CSRC Threat Library [notes](https://www.csrc.link/threat-library/mitigations/tamper-evident-preparation.html), "Tamper-evident preparation will make it possible to discern when something has been [physically accessed](/glossary/#physical-attacks) - it's not possible to prevent a powerful enemy from obtaining physical access to your computer when you are away, but it should be possible to be able to detect when they do."
+If the police ever have [physical access](/glossary/#physical-attacks) to an electronic device like a laptop, even [for five minutes](https://www.vice.com/en/article/a3q374/hacker-bios-firmware-backdoor-evil-maid-attack-laptop-5-minutes), they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. One way to minimize this risk is to make it tamper-evident. As the No Trace Project Threat Library [notes](https://www.notrace.how/threat-library/mitigations/tamper-evident-preparation.html), "Tamper-evident preparation will make it possible to discern when something has been [physically accessed](/glossary/#physical-attacks) - it's not possible to prevent a powerful enemy from obtaining physical access to your computer when you are away, but it should be possible to be able to detect when they do."
 <!-- more -->
 ['Evil maid' attacks](https://en.wikipedia.org/wiki/Evil_maid_attack) work like this: An attacker gains temporary access to your [encrypted](/glossary/#encryption) laptop or phone. Although they can’t decrypt your data, they can tamper with your laptop for a few minutes and then leave it exactly where they found it. When you return and enter your credentials, you have been hacked. The attacker may have [modified data on your hard drive](https://media.ccc.de/v/gpn20-32-poc-implementing-evil-maid-attack-on-encrypted-boot), replaced the firmware, or installed a hardware component such as a keylogger.  
 # Tamper-Evident Laptop Screws 
-Let's start with your laptop. For a seal to effectively alert you to intruders, it must be impossible to remove and replace without leaving a trace, and it must also be unique—otherwise, the adversary could simply replicate the seal and you’d never know they’d been there. Glitter nail polish creates a unique pattern that is impossible to replicate, and if you take a photo of this pattern, you can use it to verify that the nail polish has not been removed and reapplied in your absence, such as during a [covert house search](https://www.csrc.link/threat-library/techniques/covert-house-search.html). The presentation "[Thwarting Evil Maid Attacks](https://media.ccc.de/v/30C3_-_5600_-_en_-_saal_1_-_201312301245_-_thwarting_evil_maid_attacks_-_eric_michaud_-_ryan_lackey)" introduced this technique in 2013. 
+Let's start with your laptop. For a seal to effectively alert you to intruders, it must be impossible to remove and replace without leaving a trace, and it must also be unique—otherwise, the adversary could simply replicate the seal and you’d never know they’d been there. Glitter nail polish creates a unique pattern that is impossible to replicate, and if you take a photo of this pattern, you can use it to verify that the nail polish has not been removed and reapplied in your absence, such as during a [covert house search](https://www.notrace.how/threat-library/techniques/covert-house-search.html). The presentation "[Thwarting Evil Maid Attacks](https://media.ccc.de/v/30C3_-_5600_-_en_-_saal_1_-_201312301245_-_thwarting_evil_maid_attacks_-_eric_michaud_-_ryan_lackey)" introduced this technique in 2013. 
 Mullvad VPN [created a guide](https://mullvad.net/en/help/how-tamper-protect-laptop/) for applying this technique: first apply stickers over the laptop case screws, then apply the nail polish. An [independent test](https://dys2p.com/en/2021-12-tamper-evident-protection.html#glitzer-nagellack-mit-aufklebern) noted:
@ -102,7 +102,7 @@ This excerpt assumes that we take the cell phone with us, but [as discussed else
 # Physical Intrusion Detection 
-"Defense in depth" means that there are multiple layers of security that must be bypassed for an adversary to succeed. [Physical intrusion detection](https://www.csrc.link/threat-library/mitigations/physical-intrusion-detection.html) should be in addition to tamper-evident laptops and storage. That way, even if a covert house search doesn't interact with the tamper-evident storage (for example, because the goal is to install [covert surveillance devices](https://www.csrc.link/threat-library/techniques/covert-surveillance-devices.html)), you can still find out about it. 
+"Defense in depth" means that there are multiple layers of security that must be bypassed for an adversary to succeed. [Physical intrusion detection](https://www.notrace.how/threat-library/mitigations/physical-intrusion-detection.html) should be in addition to tamper-evident laptops and storage. That way, even if a covert house search doesn't interact with the tamper-evident storage (for example, because the goal is to install [covert surveillance devices](https://www.notrace.how/threat-library/techniques/covert-surveillance-devices.html)), you can still find out about it. 
 Haven is an Android app developed by the Freedom of Press Foundation that uses the smartphone’s many sensors — microphone, motion detector, light detector, and cameras — to monitor the room for changes, and it logs everything it notices. The version on [Github](https://github.com/guardianproject/haven) is newer than the Google Play store, so [use Obtanium](/posts/grapheneos/#software-that-isn-t-on-the-play-store) to install it. Haven should be used on a dedicated cheap Android device that is otherwise empty - an older [Pixel](https://www.privacyguides.org/android/#google-pixel) is a good choice because it is cheap but has good cameras. Make sure [full disk encryption](/glossary/#full-disk-encryption-fde) is enabled. If you have a smartphone in addition to the dedicated Haven phone, it should be turned off in the tamper-evident storage - if Haven was running on it instead and was discovered by the intruder, they would now have physical access to it while it was turned on. 
--- a/content/recommendations/_index.md
+++ b/content/recommendations/_index.md
@ -5,7 +5,7 @@ paginate_by = 5
 +++
 <br>
-These recommendations are intended for all anarchists and are accompanied by guides on how to put them into practice. They are based on a threat model that protects against government security forces and equivalent adversaries that seek to achieve [targeted digital surveillance](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance.html) for [incrimination](https://www.csrc.link/threat-library/tactics/incrimination.html) or [network mapping](https://www.csrc.link/threat-library/techniques/network-mapping.html). The goal is to obscure the visibility of our enemies into our lives and projects, and to leave no trace when relevant. Technology is hostile terrain. 
+These recommendations are intended for all anarchists and are accompanied by guides on how to put them into practice. They are based on a threat model that protects against government security forces and equivalent adversaries that seek to achieve [targeted digital surveillance](https://www.notrace.how/threat-library/techniques/targeted-digital-surveillance.html) for [incrimination](https://www.notrace.how/threat-library/tactics/incrimination.html) or [network mapping](https://www.notrace.how/threat-library/techniques/network-mapping.html). The goal is to obscure the visibility of our enemies into our lives and projects, and to leave no trace when relevant. Technology is hostile terrain. 
 We agree with the conclusion of an overview of [targeted surveillance measures in France](https://actforfree.noblogs.org/post/2023/07/24/number-of-the-day-89502-preventive-surveillance-measures-france/): "So let’s be clear about our responsibilities: if we knowingly bring a networked device equipped with a microphone and/or a camera (cell phone, baby monitor, computer, car GPS, networked watch, etc.) close to a conversation in which “private or confidential words are spoken” and must remain so, even if it's switched off, we become a potential state informer…"
@ -33,9 +33,3 @@ See [Encrypted Messaging for Anarchists](/posts/e2ee/)
 See [Make Your Electronics Tamper-Evident](/posts/tamper/).
 ## Preparation for Crossing Borders 
 It is not recommended to risk taking the phone or computer you use every day across a border. If you do, make sure that Full Disk Encryption is enabled, that it is turned off, and that you are prepared to deny password access and accept the consequences of doing so. It is not enough to delete files (or messages, apps, etc.) before crossing the border and then unlock your device. In fact, the first thing a border team will check is whether anything was recently deleted. To prevent data recovery, you must perform a Factory Reset and then reinstall the operating system.
 A better approach is to have a dedicated travel device that you can unlock for border agents, since you always cross with a fresh operating system installation. For phones, stock Android can be [easily installed (flashed)](https://flash.android.com) on [certain phone models](https://source.android.com/docs/setup/build/flash#device-requirements) after a factory reset. The fresh phone can be populated with benign contacts such as family. Once across the border, you can restore your data and use the phone normally, but redo this process before crossing the border again. The same principle applies to computers - reinstall the operating system, make it look normal, then restore the data you need once you have crossed. If the device is taken out of your sight at any point, don’t even turn it back on before trashing it, as it may now send your password to the authorities and be infected with spyware. 
--- a/layout/anarsec_article.typ
+++ b/layout/anarsec_article.typ
@ -101,8 +101,13 @@
      }
      else if it.dest.starts-with("/glossary#") or it.dest.starts-with("/glossary/#") {
        locate(location => {
-          let elements = query(label(it.dest.trim("/glossary#", at: start).trim("/glossary/#", at: start)), location)
+	  let elements = query(heading.where(label: label(it.dest.trim("/glossary#", at: start).trim("/glossary/#", at: start)), level: 2), location)
-          text[#super[†]]
+          if elements.len() != 0 {
            text[#super[†]]
          }
          else {
            footnote[anarsec.guide/glossary]
          }
        })
      }
      else if it.dest.starts-with("/") {
--- a/layout/python/anarsec_article_to_pdf.py
+++ b/layout/python/anarsec_article_to_pdf.py
@ -135,17 +135,6 @@ class Converter:
                for match in re.findall(r'\[.*?\]\(/glossary\/?#(.*?)\)', markdown_content):
                    glossary_entries.add(slugify.slugify(match))
                # Add to glossary entries the glossary entries that appear in glossary entries, recursively
                added_entry = True
                while added_entry:
                    added_entry = False
                    for entry in list(glossary_entries):
                        for match in re.findall(r'\[.*?\]\((?:/glossary|)\/?#(.*?)\)', glossary[entry][1]):
                            new_entry = slugify.slugify(match)
                            if new_entry not in glossary_entries:
                                glossary_entries.add(new_entry)
                                added_entry = True
                # Add glossary entries to the Markdown content
                if glossary_entries:
                    markdown_content += "\n\n# Glossary\n\n"
--- a/themes/DeepThought/templates/index.html
+++ b/themes/DeepThought/templates/index.html
@ -5,7 +5,9 @@
  <div class="container">
    <div class="has-text-centered">
      <h1 class="title is-2">{{ section.title }}</h1>
      {% if section.description %}
      <p class="subtitle is-4">{{ section.description }}</p>
      {% endif %}
    </div>
    <div class="content">
      {{ section.content | safe }}