mirror of
https://git.anonymousland.org/anonymousland/anonymousland.git
synced 2024-10-01 11:49:49 -04:00
Merge branch 'master' of https://codeberg.org/deathrow/anonymousland
This commit is contained in:
commit
881aa3c35f
@ -39,7 +39,7 @@ _Disclaimer: This is for education / research._
|
||||
##### Table of contents:
|
||||
|
||||
-\>> [Important Concepts](#important-concepts) <br>
|
||||
- -\> *[TOR](#tor)* <br>
|
||||
- -\> *[Tor](#tor)* <br>
|
||||
|
||||
-\>> [Proper Mindset](#proper-mindset) <br>
|
||||
-\>> [Knowing Your Adversary](#knowing-your-adversary) <br>
|
||||
@ -67,7 +67,7 @@ This guide requires you to understand various important concepts in order to tru
|
||||
There is a vast array of concepts that will need to be thoroughly understood.
|
||||
You'll be able to make and choose your own model based upon this guide.
|
||||
|
||||
* Understanding of TOR and its threats<!--(put link here) -->
|
||||
* Understanding of Tor and its threats<!--(put link here) -->
|
||||
* Understanding benefits and negatives of a VPN <!--(PUT LINK HERE) -->
|
||||
* Understanding important privacy concepts <!--(PUT LINK HERE) -->
|
||||
* Understanding important security concepts <!--(PUT LINK HERE or make a section) -->
|
||||
@ -77,30 +77,30 @@ You'll be able to make and choose your own model based upon this guide.
|
||||
General Ideas:
|
||||
|
||||
- Using a VPN will *NOT* make you anonymous
|
||||
- Just because you are using TOR does *NOT* mean you are safe
|
||||
- Just because you are using Tor does *NOT* mean you are safe
|
||||
- An adversary with enough time and resources will eventually find you
|
||||
- The best way to hide is to not use the internet
|
||||
- The land of compromises
|
||||
|
||||
<br>
|
||||
|
||||
##### TOR
|
||||
##### Tor
|
||||
|
||||
TOR or The Onion Router was originally developed to keep U.S. military communications secure, and is now used world-wide to bypass censorship.
|
||||
TOR will route your network traffic through 3 servers worldwide randomly.
|
||||
Tor or The Onion Router was originally developed to keep U.S. military communications secure, and is now used world-wide to bypass censorship.
|
||||
Tor will route your network traffic through 3 servers worldwide randomly.
|
||||
``entry-node`` -> ``middle-node`` -> ``exit-node``.
|
||||
This setup means that the ``entry-node`` will only have your IP address, the ``middle-node`` will only see the IP of ``entry-node`` __NOT__ your IP address.
|
||||
``exit-node`` is the only node which will see *all* of your network traffic.
|
||||
|
||||
Utilizing TOR with other ``.onion`` sites, means that neither your IP nor the servers IP address is exposed. Like your traffic going through 3 nodes or "hops", the a server running on the TOR network also goes through the same, meaning that the ``exit-node`` *cannot* see your network traffic.
|
||||
Utilizing Tor with other ``.onion`` sites, means that neither your IP nor the servers IP address is exposed. Like your traffic going through 3 nodes or "hops", the a server running on the Tor network also goes through the same, meaning that the ``exit-node`` *cannot* see your network traffic.
|
||||
|
||||
With TOR, anyone is able to setup a node meaning that you cannot possible trust anything, which there are many issues including a malicious ``exit-node``, setup by an adversary in an attempt to de-anonymize users.
|
||||
The TOR network is not as secure as many put it, there are a variety of attacks that can be used to de-anonymize users. An adversary can setup multiple malicious ``entry``, ``middle``, and ``exit`` nodes, then can DDoS other public TOR nodes which can either shut them offline or increase the already terrible speeds.
|
||||
With Tor, anyone is able to setup a node meaning that you cannot possible trust anything, which there are many issues including a malicious ``exit-node``, setup by an adversary in an attempt to de-anonymize users.
|
||||
The Tor network is not as secure as many put it, there are a variety of attacks that can be used to de-anonymize users. An adversary can setup multiple malicious ``entry``, ``middle``, and ``exit`` nodes, then can DDoS other public Tor nodes which can either shut them offline or increase the already terrible speeds.
|
||||
This could force a user to connect to the adversary's malicious nodes.
|
||||
On a large DDoS scale, it is possible to be connected to all 3 malicious nodes, which would ultimately de-anonymize you.
|
||||
|
||||
Many people argue against using VPNs with TOR, though there can be real-world benefits to having a setup like this.
|
||||
If you are worried about an adversary knowing you are connecting to the TOR network this can be beneficial, but keep in mind your adversary can see you connect to the VPN.
|
||||
Many people argue against using VPNs with Tor, though there can be real-world benefits to having a setup like this.
|
||||
If you are worried about an adversary knowing you are connecting to the Tor network this can be beneficial, but keep in mind your adversary can see you connect to the VPN.
|
||||
If you are concerned about a malicious ``entry-node``, using a VPN can mask your IP address in this case.
|
||||
If you are using an "amnesic" setup such as Tails or anon-whonix on QubesOS, you do not need to worry about having the same ``guard-node``.
|
||||
|
||||
@ -173,12 +173,12 @@ Example - You don't want your neighbor Joe to see you sleeping, so you close you
|
||||
Developing a threat model will require a lot of time and effort.
|
||||
You will need to think of every possibility for your "assets".
|
||||
Using your resources.
|
||||
You will need to start documenting various tools and services will be a benefit to you, such as ProtonMail, TOR, Matrix, etc.
|
||||
You will need to start documenting various tools and services will be a benefit to you, such as ProtonMail, Tor, Matrix, etc.
|
||||
The tools and services will all depend on your threat model.
|
||||
|
||||
Examples:
|
||||
|
||||
- If you are trying to hide internet activity, then you would likely use a proxy, TOR, or a VPN.
|
||||
- If you are trying to hide internet activity, then you would likely use a proxy, Tor, or a VPN.
|
||||
|
||||
- If you want to encrypt your emails, you would likely use a secure email provider and PGP.
|
||||
|
||||
@ -288,7 +288,7 @@ Why should we use QubesOS?
|
||||
- It is commonly regarded as one of the most secure operating systems
|
||||
- Provides amazing potential for creativity
|
||||
- Still can be considered trusted even if a section is compromised
|
||||
- Can heavily utilize TOR, proxies and VPNs
|
||||
- Can heavily utilize Tor, proxies and VPNs
|
||||
|
||||
QubesOS gives us an amazing amount of customization that we can harness for security.
|
||||
The sky is the limit with Qubes as it's based on VM's.
|
||||
@ -342,7 +342,7 @@ Now you are ready for the final configuration.
|
||||
Ensure you have all the Whonix options selected.
|
||||
If you are using a desktop **do not** select the ``sys-usb`` option.
|
||||
This will render your mouse and keyboard useless.
|
||||
Use ``sys-usb`` on a laptop! For increased anonymity it is recommended to chose updates over TOR.
|
||||
Use ``sys-usb`` on a laptop! For increased anonymity it is recommended to chose updates over Tor.
|
||||
We also want our default qubes along with the default system qubes.
|
||||
|
||||
###### Qube Basic Setup
|
||||
@ -413,8 +413,8 @@ When installing applications, it may be best to clone a minimal template and ins
|
||||
|
||||
###### Onionizing Repositories
|
||||
|
||||
If you've opted to have updates over TOR, it is recommended that we also update our repositories on both dom0 and our templates.
|
||||
Changing our repositories over TOR helps increase anonymity as we'd be connecting to the onion site instead of the clearnet.
|
||||
If you've opted to have updates over Tor, it is recommended that we also update our repositories on both dom0 and our templates.
|
||||
Changing our repositories over Tor helps increase anonymity as we'd be connecting to the onion site instead of the clearnet.
|
||||
|
||||
dom0:
|
||||
|
||||
@ -637,7 +637,7 @@ If you are using QubesOS, we are able to utilize compartmentalization heavily in
|
||||
By doing this for each alias, you have now setup an amazing solution for compartmentalization.
|
||||
This only works if you utilize each qube for the specified task.
|
||||
Ensure that nothing will leave the qube.
|
||||
Ensure that all the ``alias`` qubes are properly routed via VPN or TOR to ensure proper setup.
|
||||
Ensure that all the ``alias`` qubes are properly routed via VPN or Tor to ensure proper setup.
|
||||
For a more advanced setup, you are able to utilize Whonix qubes.
|
||||
For each of our email addresses, we are able to setup email aliases using AnonAddy and SimpleLogin.
|
||||
|
||||
|
@ -58,7 +58,7 @@ Multifactor authentication is extremely important as it provides multiple layers
|
||||
|
||||
Your browser contains everything you do. It is the main entry point onto your system, along with the main privacy & security risk.
|
||||
|
||||
- [TOR Browser](https://torproject.org) <button type="button" class="btn btn-xs btn-info"><a href="http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/">TOR</a></button>
|
||||
- [Tor Browser](https://torproject.org) <button type="button" class="btn btn-xs btn-info"><a href="http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/">Tor</a></button>
|
||||
- [Librewolf](https://librewolf.net/)
|
||||
- [Vanadium](https://vanadium.app) (Mobile)
|
||||
- [Bromite](https://bromite.org) (Mobile)
|
||||
@ -84,7 +84,7 @@ Extensions help increase privacy, at the cost of anonymity. None of these should
|
||||
|
||||
#### Currencies
|
||||
|
||||
- [Monero](https://getmonero.org) <button type="button" class="btn btn-xs btn-info"><a href="http://monerotoruzizulg5ttgat2emf4d6fbmiea25detrmmy7erypseyteyd.onion/">TOR</a></button>
|
||||
- [Monero](https://getmonero.org) <button type="button" class="btn btn-xs btn-info"><a href="http://monerotoruzizulg5ttgat2emf4d6fbmiea25detrmmy7erypseyteyd.onion/">Tor</a></button>
|
||||
- [ZCash](https://z.cash)
|
||||
|
||||
<br>
|
||||
@ -108,7 +108,7 @@ Extensions help increase privacy, at the cost of anonymity. None of these should
|
||||
|
||||
Registering a domain anonymously is very important, especially considering they can reveal a lot about you in a ``whois`` search if you haven't paid for "whois protection". These services will protect you.
|
||||
|
||||
- [Njalla](https://njal.la) <button type="button" class="btn btn-xs btn-info"><a href="http://njallalafimoej5i4eg7vlnqjvmb6zhdh27qxcatdn647jtwwwui3nad.onion/">TOR</a></button>
|
||||
- [Njalla](https://njal.la) <button type="button" class="btn btn-xs btn-info"><a href="http://njallalafimoej5i4eg7vlnqjvmb6zhdh27qxcatdn647jtwwwui3nad.onion/">Tor</a></button>
|
||||
- [1984](https://1984hosting.com)
|
||||
|
||||
<br>
|
||||
@ -126,7 +126,7 @@ Your files should *always* be encrypted. Even if your devices are compromised, y
|
||||
|
||||
Sharing files can often times be difficult task. These are some applications that can securely share files.
|
||||
|
||||
- [OnionShare](https://onionshare.org) <button type="button" class="btn btn-xs btn-info"><a href="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/">TOR</a></button>
|
||||
- [OnionShare](https://onionshare.org) <button type="button" class="btn btn-xs btn-info"><a href="http://lldan5gahapx5k7iafb3s4ikijc4ni7gx5iywdflkba5y2ezyg6sjgyd.onion/">Tor</a></button>
|
||||
- [Syncthing](https://syncthing.net)
|
||||
|
||||
<br>
|
||||
@ -174,7 +174,7 @@ YouTube -[NewPipe](https://netpipe.net) (Mobile) <br>
|
||||
|
||||
Email is a nessecary evil that is required in this world. Email is inherently insecure, which means your email provider can read any of your messages. These providers offer encryption, anonymity and security.
|
||||
|
||||
- [Proton](https://proton.me) <button type="button" class="btn btn-xs btn-info"><a href="https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion">TOR</a></button>
|
||||
- [Proton](https://proton.me) <button type="button" class="btn btn-xs btn-info"><a href="https://protonmailrmez3lotccipshtkleegetolb73fuirgj7r4o4vfu7ozyd.onion">Tor</a></button>
|
||||
- [Mailfence](https://mailfence.com)
|
||||
|
||||
#### Aliases
|
||||
@ -218,8 +218,8 @@ Your messages must be secure as they reveal a lot about you. Choosing an encrypt
|
||||
Your operating system is the most important part, if it is insecure then you can assume any activities done are also compromised. This is the "heart" of ones setup and should be heavily considered and researched.
|
||||
|
||||
- [Tails](https://tails.boum.org)
|
||||
- [Whonix](https://whonixproject.org) <button type="button" class="btn btn-xs btn-info"><a href="http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/">TOR</a></button>
|
||||
- [QubesOS](https://qubes-os.org) <button type="button" class="btn btn-xs btn-info"><a href="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/">TOR</a></button>
|
||||
- [Whonix](https://whonixproject.org) <button type="button" class="btn btn-xs btn-info"><a href="http://www.dds6qkxpwdeubwucdiaord2xgbbeyds25rbsgr73tbfpqpt4a6vjwsyd.onion/">Tor</a></button>
|
||||
- [QubesOS](https://qubes-os.org) <button type="button" class="btn btn-xs btn-info"><a href="http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/">Tor</a></button>
|
||||
- [GrapheneOS](https://grapheneos.org) (Mobile)
|
||||
|
||||
<br>
|
||||
@ -236,7 +236,7 @@ Password managers are a great way to both securely and remember all of your pass
|
||||
|
||||
Your search engine knows a lot about you. This information is often times sold to 3rd parties and given away to government agencies. They often show biased search results. Choose a better one here.
|
||||
|
||||
- [DuckDuckGo](https://duckduckgo.com) <button type="button" class="btn btn-xs btn-info"><a href="https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/">TOR</a></button> <button type="button" class="btn btn-xs btn-warning"><a href="https://help.duckduckgo.com/duckduckgo-help-pages/community/open-source/">Partially Closed-Source</a></button>
|
||||
- [DuckDuckGo](https://duckduckgo.com) <button type="button" class="btn btn-xs btn-info"><a href="https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/">Tor</a></button> <button type="button" class="btn btn-xs btn-warning"><a href="https://help.duckduckgo.com/duckduckgo-help-pages/community/open-source/">Partially Closed-Source</a></button>
|
||||
- [SearX](https://searx.me)
|
||||
- [Brave Search](https://search.brave.com)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user