mirror of
https://git.anonymousland.org/anonymousland/anonymousland.git
synced 2024-12-25 11:09:22 -05:00
Formatting changes
This commit is contained in:
parent
133bc44274
commit
74aec59f0c
@ -13,8 +13,8 @@ priority: 1
|
|||||||
<br>
|
<br>
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
The Guide
|
# The Guide
|
||||||
---------
|
|
||||||
*Note: Work in progress*
|
*Note: Work in progress*
|
||||||
|
|
||||||
<br>
|
<br>
|
||||||
@ -34,13 +34,15 @@ Let's define a few important things here:
|
|||||||
|
|
||||||
`Anonymity: The act of hiding yourself to become indistinguishable from everyone else or simply "blending in".`
|
`Anonymity: The act of hiding yourself to become indistinguishable from everyone else or simply "blending in".`
|
||||||
|
|
||||||
### Getting Started
|
---
|
||||||
|
|
||||||
|
## Getting Started
|
||||||
|
|
||||||
_Disclaimer: This is for education / research._
|
_Disclaimer: This is for education / research._
|
||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
##### Table of contents:
|
#### Table of contents:
|
||||||
|
|
||||||
-\>> [Important Concepts](#important-concepts) <br>
|
-\>> [Important Concepts](#important-concepts) <br>
|
||||||
- -\> *[Tor](#tor)* <br>
|
- -\> *[Tor](#tor)* <br>
|
||||||
@ -63,9 +65,10 @@ _Disclaimer: This is for education / research._
|
|||||||
-\>> [Secure Communications](#secure-communications) <br>
|
-\>> [Secure Communications](#secure-communications) <br>
|
||||||
-\>> [Secure Hardware](#secure-hardware) <br>
|
-\>> [Secure Hardware](#secure-hardware) <br>
|
||||||
|
|
||||||
<br>
|
|
||||||
|
|
||||||
#### __Important Concepts__
|
---
|
||||||
|
|
||||||
|
### __Important Concepts__
|
||||||
|
|
||||||
This guide requires you to understand various important concepts in order to truly be anonymous on the internet.
|
This guide requires you to understand various important concepts in order to truly be anonymous on the internet.
|
||||||
There is a vast array of concepts that will need to be thoroughly understood.
|
There is a vast array of concepts that will need to be thoroughly understood.
|
||||||
@ -88,7 +91,7 @@ General Ideas:
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
##### Tor
|
#### Tor
|
||||||
|
|
||||||
Tor or The Onion Router was originally developed to keep U.S. military communications secure, and is now used world-wide to bypass censorship.
|
Tor or The Onion Router was originally developed to keep U.S. military communications secure, and is now used world-wide to bypass censorship.
|
||||||
Tor will route your network traffic through 3 servers worldwide randomly.
|
Tor will route your network traffic through 3 servers worldwide randomly.
|
||||||
@ -110,7 +113,7 @@ If you are using an "amnesic" setup such as Tails or anon-whonix on QubesOS, you
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __Proper Mindset__
|
### __Proper Mindset__
|
||||||
|
|
||||||
Having the proper mindset when starting a process like this, is critical for success. You must be both willing and determined.
|
Having the proper mindset when starting a process like this, is critical for success. You must be both willing and determined.
|
||||||
|
|
||||||
@ -146,7 +149,7 @@ People may think you are paranoid, but in a world like this it *is* useful to be
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __Setting Goals__
|
### __Setting Goals__
|
||||||
|
|
||||||
We need to understand what we are trying to accomplish.
|
We need to understand what we are trying to accomplish.
|
||||||
|
|
||||||
@ -156,7 +159,7 @@ You need to properly identify a *threat model*, an *adversary* along with perfor
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __Creating your threat model__
|
### __Creating your threat model__
|
||||||
|
|
||||||
The most important part of your setup.
|
The most important part of your setup.
|
||||||
|
|
||||||
@ -195,12 +198,12 @@ Listed below are some useful resources for getting started.
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __Knowing Resources__
|
### __Knowing Resources__
|
||||||
|
|
||||||
Along your journey, you'll need to have the proper resources at hand to deal with any sort of situation you will be facing.
|
Along your journey, you'll need to have the proper resources at hand to deal with any sort of situation you will be facing.
|
||||||
Get yourself accustomed to these resources to better understand various conceptions and prepare yourself.
|
Get yourself accustomed to these resources to better understand various conceptions and prepare yourself.
|
||||||
|
|
||||||
##### Common Tools:
|
#### Common Tools:
|
||||||
|
|
||||||
- [PrivacyGuides](https://privacyguides.org)
|
- [PrivacyGuides](https://privacyguides.org)
|
||||||
- [PrivacyTools](https://privacytools.io)
|
- [PrivacyTools](https://privacytools.io)
|
||||||
@ -208,14 +211,14 @@ Get yourself accustomed to these resources to better understand various concepti
|
|||||||
- [Techlore - YouTube](https://invidious-us.kavin.rocks/channel/UCs6KfncB4OV6Vug4o_bzijg)
|
- [Techlore - YouTube](https://invidious-us.kavin.rocks/channel/UCs6KfncB4OV6Vug4o_bzijg)
|
||||||
- [The Hated One - YouTube](https://invidio.xamh.de/channel/UCjr2bPAyPV7t35MvcgT3W8Q)
|
- [The Hated One - YouTube](https://invidio.xamh.de/channel/UCjr2bPAyPV7t35MvcgT3W8Q)
|
||||||
|
|
||||||
##### More:
|
#### More:
|
||||||
|
|
||||||
- [Tor Project](https://torproject.org)
|
- [Tor Project](https://torproject.org)
|
||||||
- [EFF](https://eff.org)
|
- [EFF](https://eff.org)
|
||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __"Cleaning Up"__
|
### __"Cleaning Up"__
|
||||||
|
|
||||||
What is _"cleaning up"?_
|
What is _"cleaning up"?_
|
||||||
|
|
||||||
@ -237,7 +240,6 @@ Do this for every single account, just to ensure there is not anything that you
|
|||||||
|
|
||||||
There are some services which exist that can help expedite this process, though be aware of the risks involved in doing this.
|
There are some services which exist that can help expedite this process, though be aware of the risks involved in doing this.
|
||||||
|
|
||||||
|
|
||||||
As for finding services you may have forgotten, look through your entire email and find services you may have signed up for and start to do the same process.
|
As for finding services you may have forgotten, look through your entire email and find services you may have signed up for and start to do the same process.
|
||||||
Often times, search for ``register``, ``registration``, ``welcome``.
|
Often times, search for ``register``, ``registration``, ``welcome``.
|
||||||
These keywords are often times used.
|
These keywords are often times used.
|
||||||
@ -254,7 +256,7 @@ This is a big deal.
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __Desktop__
|
### __Desktop__
|
||||||
|
|
||||||
Our desktop contains a massive amount of information.
|
Our desktop contains a massive amount of information.
|
||||||
This device should be both secure & private.
|
This device should be both secure & private.
|
||||||
@ -286,7 +288,7 @@ Those who are looking for some excitement or extremely into privacy, security an
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
##### __QubesOS__
|
#### __QubesOS__
|
||||||
|
|
||||||
What is QubesOS? Simply put, QubesOS is a "reasonably secure operating system" and it will be the basis of our secure setup.
|
What is QubesOS? Simply put, QubesOS is a "reasonably secure operating system" and it will be the basis of our secure setup.
|
||||||
It uses a method known as "security by compartmentalization".
|
It uses a method known as "security by compartmentalization".
|
||||||
@ -339,7 +341,7 @@ For Rufus users, select DD mode on format.
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### Installation
|
##### Installation
|
||||||
|
|
||||||
After booting to your installation medium click the "verify" option.
|
After booting to your installation medium click the "verify" option.
|
||||||
Afterwords, theres a few things we need to do.
|
Afterwords, theres a few things we need to do.
|
||||||
@ -357,7 +359,9 @@ This will render your mouse and keyboard useless.
|
|||||||
Use ``sys-usb`` on a laptop! For increased anonymity it is recommended to chose updates over Tor.
|
Use ``sys-usb`` on a laptop! For increased anonymity it is recommended to chose updates over Tor.
|
||||||
We also want our default qubes along with the default system qubes.
|
We also want our default qubes along with the default system qubes.
|
||||||
|
|
||||||
###### Qube Basic Setup
|
<br>
|
||||||
|
|
||||||
|
##### Qubes Basic Setup
|
||||||
|
|
||||||
As for networking, if you have a VPN service such as ProtonVPN, you are able to utilize ``qtunnel`` and setup multiple VPNs.
|
As for networking, if you have a VPN service such as ProtonVPN, you are able to utilize ``qtunnel`` and setup multiple VPNs.
|
||||||
For each of our VPN qubes, we will need a ``sys-firewall``.
|
For each of our VPN qubes, we will need a ``sys-firewall``.
|
||||||
@ -374,7 +378,7 @@ We will now create additional qubes for our use.
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### Template Setup
|
##### Template Setup
|
||||||
|
|
||||||
Templates are going to be the foundation of any QubesOS install.
|
Templates are going to be the foundation of any QubesOS install.
|
||||||
As such, it should also be carefully configured.
|
As such, it should also be carefully configured.
|
||||||
@ -425,7 +429,7 @@ There is always the ability to build your own template utilizng the [Qubes build
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### Onionizing Repositories
|
##### Onionizing Repositories
|
||||||
|
|
||||||
If you've opted to have updates over Tor, it is recommended that we also update our repositories on both dom0 and our templates.
|
If you've opted to have updates over Tor, it is recommended that we also update our repositories on both dom0 and our templates.
|
||||||
Changing our repositories over Tor helps increase anonymity as we'd be connecting to the onion site instead of the clearnet.
|
Changing our repositories over Tor helps increase anonymity as we'd be connecting to the onion site instead of the clearnet.
|
||||||
@ -457,7 +461,7 @@ Edit ``/etc/yum.repos.d/qubes-r[version].repo``, comment out the clearnet ``base
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### Qube Basic Setup
|
##### Qube Basic Setup
|
||||||
|
|
||||||
As for networking, if you have a VPN service such as ProtonVPN, you are able to utilize ``qtunnel`` and setup multiple VPNs.
|
As for networking, if you have a VPN service such as ProtonVPN, you are able to utilize ``qtunnel`` and setup multiple VPNs.
|
||||||
For each of our VPN qubes, we will need a ``sys-firewall``.
|
For each of our VPN qubes, we will need a ``sys-firewall``.
|
||||||
@ -492,7 +496,7 @@ The firewall can be useful for preventing data leaks & sniffing along with enfor
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### "Splitting"
|
##### "Splitting"
|
||||||
|
|
||||||
Let's startup by creating some basic qubes.
|
Let's startup by creating some basic qubes.
|
||||||
To start, clone ``vault`` and create ``pgp-keys`` and ``ssh-keys`` to store our keys securely.Both should have __no internet access__.
|
To start, clone ``vault`` and create ``pgp-keys`` and ``ssh-keys`` to store our keys securely.Both should have __no internet access__.
|
||||||
@ -506,7 +510,7 @@ More thoughts:
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### U2F-Proxy
|
##### U2F-Proxy
|
||||||
|
|
||||||
Using [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) allows you to "compartmentalize the browser in one qube and the USB stack in another so that they are always kept separate from each other".
|
Using [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) allows you to "compartmentalize the browser in one qube and the USB stack in another so that they are always kept separate from each other".
|
||||||
|
|
||||||
@ -540,7 +544,7 @@ It's suggested you read the [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) docu
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### YubiKey
|
##### YubiKey
|
||||||
|
|
||||||
Using a YubiKey can help mitigate certain attacks such as password "snooping", along with increasing security.
|
Using a YubiKey can help mitigate certain attacks such as password "snooping", along with increasing security.
|
||||||
Read the [official documentation](https://qubes-os.org/doc/yubikey).
|
Read the [official documentation](https://qubes-os.org/doc/yubikey).
|
||||||
@ -598,14 +602,14 @@ auth include yubikey
|
|||||||
```
|
```
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### GUI-VM
|
##### GUI-VM
|
||||||
|
|
||||||
This is for advanced users.
|
This is for advanced users.
|
||||||
Read the [official documentation](https://qubes-os.org/guivm-configuration).
|
Read the [official documentation](https://qubes-os.org/guivm-configuration).
|
||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
###### Backups
|
##### Backups
|
||||||
|
|
||||||
Creating proper backups securely is critical for any setup, especially this one here.
|
Creating proper backups securely is critical for any setup, especially this one here.
|
||||||
You must understand the different backup techniques and solutions available.
|
You must understand the different backup techniques and solutions available.
|
||||||
@ -625,7 +629,7 @@ You could setup a local NextCloud instance or another type of local network stor
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
##### Creating our aliases
|
#### Creating our aliases
|
||||||
|
|
||||||
For setting our foundation, we are going to be creating a variety of aliases and each of these aliases are going to each need an "arsenal".
|
For setting our foundation, we are going to be creating a variety of aliases and each of these aliases are going to each need an "arsenal".
|
||||||
For step 1 we are going to need a password manager.
|
For step 1 we are going to need a password manager.
|
||||||
@ -675,7 +679,7 @@ Grudges, friendships and other must not travel over, this is how you fail.
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __Secure Communications__
|
### __Secure Communications__
|
||||||
|
|
||||||
Having a secure operating system is only 1 part that we need.
|
Having a secure operating system is only 1 part that we need.
|
||||||
We need to ensure that all of our communications stay secure.
|
We need to ensure that all of our communications stay secure.
|
||||||
@ -703,13 +707,13 @@ Session has built-in onion-routing.
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
#### __Secure Hardware__
|
### __Secure Hardware__
|
||||||
|
|
||||||
You should not be trying to setup a secure system if the hardware itself cannot be trusted.Anything can be pre-loaded with malicious code designed to compromise security, especially how mass-production has been increasing over time, meaning they just need to compromise a device on the production line.
|
You should not be trying to setup a secure system if the hardware itself cannot be trusted.Anything can be pre-loaded with malicious code designed to compromise security, especially how mass-production has been increasing over time, meaning they just need to compromise a device on the production line.
|
||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
##### Basics
|
#### Basics
|
||||||
|
|
||||||
Here is a list of "everyday"-type carry / use.
|
Here is a list of "everyday"-type carry / use.
|
||||||
|
|
||||||
@ -746,13 +750,15 @@ Which will prevent an additional attack surface from being used.
|
|||||||
|
|
||||||
<br>
|
<br>
|
||||||
|
|
||||||
[Malicious Cable Detector](https://hak5.org/products/malicious-cable-detector-by-o-mg) - Can be configured to detect malicious cables
|
[Malicious Cable Detector](https://hak5.org/products/malicious-cable-detector-by-o-mg) - Can be configured to detect malicious cables.
|
||||||
|
|
||||||
Hardware Key: A small little device that can be used for MFA and GPG.
|
[Hardware Key](https://wikiless.org/wiki/Security_token)- A small little device that can be used for MFA and GPG.
|
||||||
Very useful to have a physical device.
|
Very useful to have a physical device.
|
||||||
Something like this is recommended to have a backup clone and stored in a safe location such as a safe.
|
Something like this is recommended to have a backup clone and stored in a safe location such as a safe.
|
||||||
|
|
||||||
- Faraday Pouch - [Wiki](https://wikiless.northboot.xyz/wiki/Faraday_cage) This will block all radio waves and signals, which can ensure that absolutely connectionn is traveling out of your devices.
|
<br>
|
||||||
|
|
||||||
|
[Faraday Pouch](https://wikiless.northboot.xyz/wiki/Faraday_cage) - This will block all radio waves and signals, which can ensure that absolutely connectionn is traveling out of your devices.
|
||||||
It completely air-gaps the device.
|
It completely air-gaps the device.
|
||||||
It's best to actually test this before you will need to actually use this.
|
It's best to actually test this before you will need to actually use this.
|
||||||
Connect to a bluetooth speaker while playing music, put the device into the bag and wait to see after the buffer for the music to stop.
|
Connect to a bluetooth speaker while playing music, put the device into the bag and wait to see after the buffer for the music to stop.
|
||||||
|
Loading…
Reference in New Issue
Block a user