This setup means that the ``entry-node`` will only have your IP address, the ``middle-node`` will only see the IP of ``entry-node`` __NOT__ your IP address.
``exit-node`` is the only node which will see *all* of your network traffic.
Utilizing Tor with other ``.onion`` sites, means that neither your IP nor the servers IP address is exposed. Like your traffic going through 3 nodes or "hops", the a server running on the Tor network also goes through the same, meaning that the ``exit-node`` *cannot* see your network traffic.
With Tor, anyone is able to setup a node meaning that you cannot possible trust anything, which there are many issues including a malicious ``exit-node``, setup by an adversary in an attempt to de-anonymize users.
The Tor network is not as secure as many put it, there are a variety of attacks that can be used to de-anonymize users. An adversary can setup multiple malicious ``entry``, ``middle``, and ``exit`` nodes, then can DDoS other public Tor nodes which can either shut them offline or increase the already terrible speeds.
Many people argue against using VPNs with Tor, though there can be real-world benefits to having a setup like this.
If you are worried about an adversary knowing you are connecting to the Tor network this can be beneficial, but keep in mind your adversary can see you connect to the VPN.
Having the proper mindset when starting a process like this, is critical for success. You must be both willing and determined.
Here is a general thought process...
* Always always always know what you are doing. You don't want to compromise yourself because you _thought_ you knew what you were doing. Make sure 100%. Do research **before**.
People may think you are paranoid, but in a world like this it *is* useful to be even a bit paranoid. This will allow you to see the true realities of the world. If you are always thinking of ways you can be compromised, you'd actually likely reduce your risk due to the fact of you constantly thinking about it, rather than just "not really thinking" about it, or rather as often as you should. Privacy and security are constantly evolving, which means that you will have to evolve with it. Are you ready for a data breach? What are you going to do if your compromised? Questions like these are what you need to ask yourself in order to be successful, you must always have a backup plan that you can execute.
Threat modeling can become an advanced topic, you will need to learn how to balance security, privacy and anonymity. You'll need to properly layout and identify what you are protecting yourself from.
Everyone has something to protect, whether it is passwords, location, internet activity, confidential documents, etc.
The items you are trying to protect will be referred here as "assets".
How to do this efficiently? Well... there is no "efficient" method, you just have to brute force this all of your data points have somewhat been eliminated.
You can first start by going to various apps that you are already signed into, start to delete all of your activities, message, posts and friends.
You'll have to do this for all of your "currently-known" services.
After you've done this, make sure everything is deleted including your PfP, and change your username, anonymize as much data as possible such as changing username, email and others.
After you've done this, you are now ready to delete this account.
As for finding services you may have forgotten, look through your entire email and find services you may have signed up for and start to do the same process.
Try to search up your commonly-used usernames to help you with this process.
Do this for every single account, just to ensure there is not anything that you may have missed.
As for finding services you may have forgotten, look through your entire email and find services you may have signed up for and start to do the same process.
Often times, search for ``register``, ``registration``, ``welcome``.
These keywords are often times used.
Try to search up your commonly-used usernames to help you with this process.
Do this for every single account, just to ensure there is not anything that you may have missed.
There are some services which exist that can help expedite this process, though be aware of the risks involved in doing this.
Try to do searches on all of your identities and use this as a good way to help ensure that you've removed everything that you can.
Utilize services such as [HaveIBeenpwned](https://haveibeenpwned.com) to ensure you haven't suffered any data breaches and use Sherlock to help find some of your missed accounts.
Our desktop contains a massive amount of information.
This device should be both secure & private.
Without these 2 things, it can easily compromise you.
*What is the point of using a secure messenger, if your desktop is compromised by the same adversary you are protecting against via your secure messenger and they can see all of your activity?*
The default desktop enviroment has a broken security model.
This is due to the fact of lacking permissions and proper isolation as done on mobile operating systems such as Android with their per-app permission toggles.
Some services like Firejail, SELinux and Apparmor can fix a lot of these issues, but the fact is configuring these services for every application can be a daunting task and can lead to much user-error.
It is assumed that the average population is likely using Windows, Mac, or ChromeOS.
These are absolutely terrible options for privacy.
There are some efforts to "privatize" these operating systems, though due to the fact that they are all *closed-source*, means that many of these hardening methods that we would do, can just as easily fail if the OS itself is backdoored.
If you are new to the "operating system realm", a good replacement / dual-boot for these would be Fedora or Manjaro.
The operating system you choose should not be based upon what is recommended here, you yourself will need to research what is best suited for your situation and needs.
Using a Linux-based operating system will **NOT** make you secure by default.
This is often times a common misconception.
The actual threat model of your Linux system will vary per-person.
Linux is *private by default*, meaning that your personal information is not being *harvested* like traditional operating systems including Windows and MacOS.
QubesOS is an exception as it is entirely based upon security.
Those who are looking for some excitement or extremely into privacy, security and / or anonymity should look at [QubesOS](https://qubes-os.org) and [Tails](https://tails.boum.org) if you haven't already.
What is QubesOS? Simply put, QubesOS is a "reasonably secure operating system" and it will be the basis of our secure setup.
It uses a method known as "security by compartmentalization".
Simply put, most aspects of the OS are split into Qubes which can be thought of as virtual machines, meaning that if something gets compromised, the rest of the system can be safely used.
Due to the way QubesOS is built, requirements will be heavy.
Recommend at *least* 16GB of RAM with plenty of storage.
The official requirements can be found [here](https://www.qubes-os.org/doc/system-requirements/).
- ``sys-net`` -> ``sys-firewall`` -> ``sys-firewall-email-personal`` -> ``personal-email`` - By placing the firewall here, this allows us to only whitelist internet traffic from specifically our email provider.
You should not install all of your applications on a single template qube, instead you should have different templates for each purpose.
This is done as a security measure along with helping us with proper compartmentalization.
It's best to use minimal templates as most applications will likely not get used, but if you need more applications you can simply install them in a new template.
Ensure to read the [official documentation](https://qubes-os.org/doc/templates/minimal) for minimal templates.
- ``sys-net`` -> ``sys-firewall`` -> ``sys-firewall-email-personal`` -> ``personal-email`` - By placing the firewall here, this allows us to only whitelist internet traffic from specifically our email provider.
- ``sys-net`` -> ``sys-firewall`` -> ``sys-firewall-IN-vpn-us-1`` -> ``sys-vpn-us-1`` -> ``sys-firewall-vpn-us-1`` - This again gives us the ability to whitelist traffic from only the ``sys-vpn-us-1``.
More:
- ``personal-web`` - Web Traffic
- ``personal-email`` - Email
- ``personal-dvm`` - Disposable
- ``personal-random`` - Random Web
- ``personal-social`` - Social Activity
- ``sys-personal-vpn`` - VPN for only ``personal``
- ``sys-firewall-personal`` - Firewall for only ``personal``
- ``personal-vault`` - Vault VM for only ``personal``
To start, clone ``vault`` and create ``pgp-keys`` and ``ssh-keys`` to store our keys securely.Both should have __no internet access__.
We will need to properly setup [split-pgp](https://qubes-os.org/doc/split-gpg) and [split-ssh](https://kushaldas/in/posts/using-split-ssh-in-qubesos-4-0.html).
Using the "split" method, we are able to create an additional [split-browser](https://github.com/rustybird/qubes-split-browser) and a [split-dm-crypt](https://github.com/rustybird/qubes-split-dm-crypt).
Using [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) allows you to "compartmentalize the browser in one qube and the USB stack in another so that they are always kept separate from each other".
It's suggested you have a high-speed SSD or M.2 for this procedure.
There are "special" options described as "rugged", which has additional layer of armor and are generally waterproof.
Ensure this drive is also high-capacity.
In some cases, it may make sense to have an additional drive incase of failure or other malfunction.
Going into redundancy, you also have the ability to setup a local RAID on your network.
This would provide increased redundancy, though it can *potentially* decrease security, as having another system on the network, proper hardening, etc. but is unlikely to cause any harm with the proper configuration.
You could setup a local NextCloud instance or another type of local network storage and utilize [wyng](https://github.com/tasket/wyng-backup).
We can generate an alias by thinking of a random word / phrase but this method could eventually compromise you if you keep choosing references from Star Trek.
If you are using QubesOS, we are able to utilize compartmentalization heavily in this instance. We will start off by creating multiple qubes for our setup.
Note that SimpleLogin has been acquired by Proton, meaning that Proton will technically know all of your email aliases, but this should be no concern for this type of setup.
Each of our aliases is going to need some sort of "story".
We are not putting this story out to tell per say, but simply knowing basic information about our new alias would be important.
Information including age, country, special food, and activities.
We just need to make note of them, not giving any of this information away.
It's crucial to blend in, therefore some of this information may be used in conversation.Remember, each alias we create is different, therefore there should be absolutely no connection between any of them.
For each alias, you will need to "reset" your memory in a way.
You must be able to organize information you know from all of your aliases.
Grudges, friendships and other must not travel over, this is how you fail.
The main differences between centralized and decentralized is that a single authority cannot easily block a decentralized network as there is not a single server unlike centralized.Decentralized services are *sometimes* prone to leaking metadata and may cause issues when federated.
- [Matrix](https://matrix.org) Matrix provides a federated platform, which allows for anyone to host their own server, meaning that it is resistent to censorship.
You should not be trying to setup a secure system if the hardware itself cannot be trusted.Anything can be pre-loaded with malicious code designed to compromise security, especially how mass-production has been increasing over time, meaning they just need to compromise a device on the production line.
[PortaPow Pure USB Data Blocker (Multicolored)](https://www.amazon.com/PortaPow-Pure-USB-Data-Blocker/dp/B07W928WRR/) - This USB-A Data Blocker is made of transparent plastic, meaning that you can physically verify that the data pins have been removed along with the removal of their "SmartChip".
Which will prevent an additional attack surface from being used.
[PortaPow USB-C to C Data Blocker](https://www.amazon.com/PortaPow-USB-C-Data-Blocker-Twin/dp/B082WDHS22/) - A USB-C cable that does not transfer any data.
[Faraday Pouch](https://wikiless.northboot.xyz/wiki/Faraday_cage) - This will block all radio waves and signals, which can ensure that absolutely connectionn is traveling out of your devices.