Compare commits

..

No commits in common. "main" and "v1.10" have entirely different histories.
main ... v1.10

40 changed files with 321 additions and 23933 deletions

12
.drone.yml Normal file
View File

@ -0,0 +1,12 @@
kind: pipeline
name: Jekyll build
type: docker
steps:
- name: build
image: ruby:3.1.3
commands:
- gem update
- gem install bundler
- bundle install
- bundle exec jekyll build

1
CNAME
View File

@ -1 +0,0 @@
anonymousland.org

View File

@ -4,8 +4,7 @@ gem "jekyll"
gem "jekyll-theme-potato-hacker"
gem "jekyll-feed"
gem "jekyll-seo-tag"
gem "jekyll-sitemap"
gem "kramdown-parser-gfm"
gem "bundler"
gem "webrick"
gem "github-pages"
gem "kramdown-parser-gfm"
gem "jekyll-sitemap"
gem "webrick"

View File

@ -1,21 +1,4 @@
# **[Anonymousland](https://anonymousland.org)** v1.10
## Notice:
We are temporary using GitHub pages.
This provides an easier maintenance-free system of hosting.
This is beneficial as it does not require an additional VPS and configuration.
Until our infrastructure is restored, the site will remain on GitHub pages.
SERVICES OFFLINE.
VPS PROVIDER DELETED ENTIRE VPS WITHOUT NOTICE.
Our VPS provider- 1984 deleted the entire VPS without notice.
All data regarding **ALL** of our services is gone.
Only the Git mirrors remain.
> Hosing publicly usable services which provides benefits to anonymity are a great way to help the community. Unfortunately, these become difficult to manage & maintain. Many services including our Tor node and Matrix server were prone to being abused. To effectively combat abuse, this would require us to use privacy-invasive measures. Our hosting provider - 1984, the host we used for everything, decided to delete the entire VPS without notice. We received no emails or alerts on such actions. There could be a number of reasons for this - primarily being abuse. Our Tor exit node hosted on Njalla was shutdown after malicious user(s) conducted several brute-force attacks. Njalla has become ridiculously expensive to operate with, providing no real upgrades, and you are limited to a small amount of storage. While hosting services is great, it's even more difficult to do such with little to no donations, and a wide variety of malicious actors conducting abuse on such services. Services may be available in the future, but for now we best stick with this website, and this website only.
# **[Anonymousland](https://anonymousland.org)** v1.09
> Anonymity, Privacy, Security
@ -27,6 +10,7 @@ Until our infrastructure is restored, the site will remain on GitHub pages.
<div align="center">
[![Build Status](https://drone.anonymousland.org/api/badges/anonymousland/anonymousland/status.svg)](https://drone.anonymousland.org/anonymousland/anonymousland)
![Website](https://img.shields.io/website?down_color=red&down_message=down&style=flat-square&up_color=green&up_message=up&url=https%3A%2F%2Fanonymousland.org%2F)
![Security Headers](https://img.shields.io/security-headers?style=flat-square&url=https%3A%2F%2Fanonymousland.org%2F)
![GitHub contributors](https://img.shields.io/github/contributors/anonyland/anonymousland?label=GitHub%20contributors&style=flat-square)
@ -34,7 +18,6 @@ Until our infrastructure is restored, the site will remain on GitHub pages.
![GitHub](https://img.shields.io/github/license/anonyland/anonymousland?style=flat-square)
![GitHub Repo stars](https://img.shields.io/github/stars/anonyland/anonymousland?label=GitHub%20stars&style=flat-square)
![Maintenance](https://img.shields.io/maintenance/yes/2023?style=flat-square)
![GitHub release (latest by date)](https://img.shields.io/github/v/release/anonyland/anonymousland?style=flat-square)
</div>
@ -80,43 +63,6 @@ To donate, you can visit our [donation page](https://anonymousland.org/donate),
_Monero wallet address:_ `47teQv7uWPv9EALRDv9je6ckC83UYJiisHpmhNKHyPPTXinPJNRtvW8PcpEoLxex9ierqWvD89v9mVyGf77uLtS3RnGUk8K`
## Building
To build this Jekyll website you can use the following commands:
```
bundle install
jekyll build
```
Building with docker:
Ensure `docker` is installed, then execute `docker-build.sh`
**Make sure to be at the root of the repository.**
The built site files ready to host will be located at the `_site` directory.
## Hosting
To host this site, we use nginx, you can check our config at our [infrastructure repository](https://git.anonymousland.org/anonymousland/infrastructure). But this should do:
```
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
gzip on;
server_name exampledomain.com;
location / {
root /config/www;
index index.html;
try_files $uri $uri.html $uri/ =404;
}
}
```
## License
![CC0 Logo](https://upload.wikimedia.org/wikipedia/commons/6/69/CC0_button.svg)
@ -125,4 +71,4 @@ All content produced by us is licensed under *public domain* using the [CC0 lice
## Contact
Click [here](https://matrix.to/#/#lounge:anonymousland.org) to join our main Matrix *chatroom* and [here](https://matrix.to/#/#anonymousland:anonymousland.org) to join our Matrix *space.*
Click [here](https://matrix.to/#/#lounge:anonymousland.org) to join our Matrix *chatroom* and [here](https://matrix.to/#/#anonymousland:anonymousland.org) to join our Matrix *space.*

View File

@ -0,0 +1,5 @@
{
"m.homeserver": {
"base_url": "https://matrix.anonymousland.org:443"
}
}

View File

@ -0,0 +1,13 @@
{
admins: [{
matrix_id: "@deathrow:anonymousland.org",
email_address: "privatedeathrow@proton.me",
role: "admin"
},
{
matrix_id: "@nebulaonion:anonymousland.org",
email_address: "nebulaonion@tutanota.com",
role: "admin"
}],
support_page: "https://anonymousland.org/services"
}

View File

@ -4,41 +4,7 @@ title: Changelog
permalink: /changelog
---
# v1.11
- Added new links to [qubes](./qubes)
- Updated Qubes references to `fedora-37` from `fedora-36`
- Instructions for proxying `wget` on [qubes](./qubes)
- Added Mullvad VPN guide for Qubes on [guide](./guide)
- Updated [transparency](./transparency)
- New links on [information](./information)
- Created `dvm-zulucrypt` guide at [dvm-zulucrypt](./qubes/dvm-zulucrypt)
- Created `sys-dns` guide at [kicksecure-sys-dns](./qubes/kicksecure-sys-dns)
- Added new `tor-usage` section on [guide](./guide)
- Added new `tor-operating-systems` section on [guide](./guide)
- Added new `contributing-to-tor` section on [guide](./guide)
- Added new `grapheneos-hardening` section on [guide](./guide)
- Added app repository information on [guide](./guide)
- Reformatted the [collections](./collections) section on [index](./)
- Reformatted various text
- Updated the JS and CSS
---
# v1.10

View File

@ -1,6 +1,5 @@
repository: anonymousland/anonymousland
remote_theme: luxedo/jekyll-theme-potato-hacker
#theme: jekyll-theme-potato-hacker
theme: jekyll-theme-potato-hacker
theme_base: "dark"
theme_switch: off
title: Anonymousland
@ -42,5 +41,4 @@ kramdown:
input: GFM
syntax_highlighter: rouge
sass:
sass_dir: _sass
style: compressed

View File

@ -19,12 +19,10 @@
<!-- Styles -->
<link rel="stylesheet" id="css-theme" href="{{ '/assets/css/main-' | append: site.theme_base | append: '.css' | prepend: site.baseurl }}">
<link rel="stylesheet" href="{{ '/assets/css/highlight/' | append: site.highlighter_theme | append: '.css' | prepend: site.baseurl }}">
<link rel="stylesheet" href="/assets/fonts/fontawesome.min.css">
<script src="/assets/js/bootstrap.min.js" defer></script>
<script src="/assets/js/jquery.min.js" defer></script>
<script src="/assets/js/d3.min.js" defer></script>
<script type="text/javascript" src="{{ '/assets/js/main.js' | prepend: site.baseurl }}" defer></script>
<!-- JavaScript -->
<script src="/assets/js/jquery.min.js" defer></script>
<script src="/assets/js/bootstrap.min.js" defer></script>
<script src="/assets/js/d3.min.js" defer></script>
<script type="text/javascript" src="{{ '/assets/js/main.js' | prepend: site.baseurl }}" defer></script>
</head>

View File

@ -5,27 +5,10 @@ title: Collections
permalink: /collections
---
<div style="text-align:center;">
<p>Various pages on miscellaneous information and topics.</p>
</div>
## Information Pages
<br>
## [Information](./information)
A collection of links, articles, resources and more.
<br>
---
## [Qubes OS](./qubes)
A collection of QubesOS related content.
<br>
[dvm-zulucrypt](./qubes/dvm-zulucrypt) - Notes on how to setup a disposable zulucrypt instance for USB devices.
[kicksecure-sys-dns](./qubes/kicksecure-sys-dns) - Notes on how to setup a hardened dnscrypt proxy
- [Information](./information)
- [GrapheneOS](./graphene)
- [F-Droid](./f-droid)
- [Matrix](./matrix)
- [Qubes OS](./qubes)

View File

@ -5,12 +5,7 @@ title: Information
permalink: /information
---
<div style="text-align:center;">
<p>
A collection of links, articles, resources and more.
</p>
</div>
A collection of links, articles, resources and more. [<i class="fa fa-rss" aria-hidden="true"></i>](https://anonymousland.org/feed/information.xml)
<br>
@ -67,8 +62,6 @@ Articles and stories related to technology, security or privacy
A place for related various communities & media
- [Hackliberty](https://hackliberty.org) <button type="button" class="btn btn-default btn-xs"><a href="http://xj2i2lkzecitg6cq5ca3vrhlzq4evgz6qr2i4s7b4y57ktuaohff4vyd.onion">Tor</a></button>
- [PrivacyGuides](https://privacyguides.org) <button type="button" class="btn btn-default btn-xs"><a href="http://eter4u55b667kuo72ntpm7ut54sa2mxmr22iqgzns4jw7boeox3qgyid.onion">Tor</a></button>
- [Privsec](https://privsec.dev)
@ -108,8 +101,6 @@ A list of interesting projects
For research-based articles
- [Machine Generated Text: A Comprehensive Survey of Threat Models and Detection Methods](https://arxiv.org/pdf/2210.07321.pdf)
- [Practically-exploitable Cryptographic Vulnerabilities in Matrix](https://nebuchadnezzar-megolm.github.io/)
- [Memetic Warfare](https://www.academia.edu/43534914/Memetic_Warfare_The_Future_of_War)

View File

@ -65,18 +65,6 @@ Website: [https://qubes-os.org](https://qubes-os.org) <button type="button" clas
Small notes for template setup
Proxying `wget`:
Edit ``/etc/wgetrc``
Add:
```
use_proxy=yes
http_proxy=127.0.0.1:8082
https_proxy=127.0.0.1:8082
```
<br>
#### Debian
@ -167,7 +155,7 @@ echo "/usr/lib/libhardened_malloc.so/libhardened_malloc.so" | sudo tee /etc/ld.s
Running in Dom0:
```
sudo qubes-dom0-update qubes-template-fedora-37-minimal
sudo qubes-dom0-update qubes-template-fedora-36-minimal
```
```
@ -199,7 +187,7 @@ git config --global http.proxy http://127.0.0.1:8082/
Running in Dom0:
```
qvm-clone fedora-36 fedora-37
qvm-clone fedora-35 fedora-36
```
```
@ -207,7 +195,7 @@ truncate -s 5GB /var/tmp/template-upgrade-cache.img
```
```
qvm-run -a fedora-37 gnome-terminal
qvm-run -a fedora-36 gnome-terminal
```
```
@ -215,10 +203,10 @@ dev=$(sudo losetup -f --show /var/tmp/template-upgrade-cache.img)
```
```
qvm-block attach fedora-37 dom0:${dev##*/}
qvm-block attach fedora-36 dom0:${dev##*/}
```
Running inside Fedora-37:
Running inside Fedora-36:
```
sudo mkfs.ext4 /dev/xvdi
@ -233,13 +221,13 @@ sudo dnf clean all
```
```
sudo dnf --releasever=37--setopt=cachedir=/mnt/removable --best --allowerasing distro-sync
sudo dnf --releasever=36--setopt=cachedir=/mnt/removable --best --allowerasing distro-sync
```
Running inside Dom0:
```
qvm-shutdown fedora-37
qvm-shutdown fedora-36
```
```
sudo losetup -d $dev
@ -295,10 +283,6 @@ echo "/usr/lib/libhardened_malloc.so/libhardened_malloc.so" | sudo tee /etc/ld.s
#### Guides
- [Creating sys-dns](https://forum.qubes-os.org/t/guide-how-to-setup-a-sys-dns-qube/13749)
- [Using Kloak](https://forum.qubes-os.org/t/tutorial-how-to-use-kloak-with-usb-keyboards/14134)
- [Advanced Browser Fingerprinting](https://forum.qubes-os.org/t/advanced-browser-fingerprinting/12379)
- [Monero Wallet Isolation](https://forum.qubes-os.org/t/monero-wallet-daemon-isolation-with-qubes-whonix/1121)

View File

@ -1,38 +0,0 @@
---
layout: default1
description: Notes reguarding DVM zulucrypt
title: dvm-zulucrypt
permalink: /qubes/dvm-zulucrypt
---
Notes on how to setup a disposable zulucrypt instance for USB devices.
<br>
### Prerequesites:
Setup a minimal `kicksecure` template based on [this guide](./#debian-security).
Install the `zulucrypt` package:
``sudo apt install zulucrypt``
If you wish use usb devices, add the `qubes-proxy-usb` package:
``sudo apt install qubes-proxy-usb``
<br>
### Setup
- Create an `AppVM` titled `template-dvm-crypt` with the template created above.
- Net Qube: `(none)`
- In `Advanced`, select `Disposable Template`
- In `Applications` select `zuluCrypt`
<br>
After this, create a new `DisposableVM` titled `dvm-crypt` with the template as `template-dvm-crypt` and networking as `(none)`.

View File

@ -1,75 +0,0 @@
---
layout: default1
description: Notes reguarding kicksecure DNS
title: kicksecure-sys-dns
permalink: /qubes/kicksecure-sys-dns
---
Setting up a hardened `sys-dns` to proxy DNS traffic through `dnscrypt`
<br>
### Prerequisites:
Create a Debian minimal templated and setup [kicksecure](./#debian-security).
Install the required packages:
``sudo apt install dnscrypt-proxy qubes-core-agent-networking``
The `dnscrypt` settings are located at `/etc/dnscrypt-proxy/`
Edit ``/rw/config/rc.local`` to:
<br>
```
#!/bin/sh
# This script will be executed at every VM startup, you can place your own
# custom commands here. This includes overriding some configuration in /etc,
# starting services etc.
# Example for overriding the whole CUPS configuration:
# rm -rf /etc/cups
# ln -s /rw/config/cups /etc/cups
# systemctl --no-block restart cups
# allow redirects to localhost
/usr/sbin/sysctl -w net.ipv4.conf.all.route_localnet=1
/usr/sbin/iptables -I INPUT -i vif+ -p tcp --dport 53 -d 127.0.0.1 -j ACCEPT
/usr/sbin/iptables -I INPUT -i vif+ -p udp --dport 53 -d 127.0.0.1 -j ACCEPT
# redirect dns-requests to localhost
/usr/sbin/iptables -t nat -F PR-QBS
/usr/sbin/iptables -t nat -A PR-QBS -d 10.139.1.1/32 -p udp -m udp --dport 53 -j DNAT --to-destination 127.0.0.1
/usr/sbin/iptables -t nat -A PR-QBS -d 10.139.1.1/32 -p tcp -m tcp --dport 53 -j DNAT --to-destination 127.0.0.1
/usr/sbin/iptables -t nat -A PR-QBS -d 10.139.1.2/32 -p udp -m udp --dport 53 -j DNAT --to-destination 127.0.0.1
/usr/sbin/iptables -t nat -A PR-QBS -d 10.139.1.2/32 -p tcp -m tcp --dport 53 -j DNAT --to-destination 127.0.0.1
# set /etc/resolv.conf and start dnscrypt-proxy
echo "nameserver 127.0.0.1" > /etc/resolv.conf
/usr/bin/systemctl enable dnscrypt-proxy.service --now
```
<br>
### Setup:
Create an AppVM `dvm-dnscrypt` based on the template created above with:
- NetVM: `sys-net`
- Autostart: `true`
- Provides Network: `true`
<br>
Clone `dvm-dnscrypt`and create a `sys-dns` as a DispVM, ensuring the same settings as above are set.
Set your `sys-fireall` to connect to `sys-dns`
<br>
### Sources
- [[guide] how-to setup a sys-dns qube](https://forum.qubes-os.org/t/guide-how-to-setup-a-sys-dns-qube/13749)

View File

@ -59,11 +59,6 @@ _Disclaimer: This is for education / research._
-\>> [Important Concepts](#important-concepts) <br>
- -\> _[Tor](#tor)_ <br>
- -\> _[Tor with VPN](#tor-with-vpn)_ <br>
- -\> _[Tor Usage](#tor-usage)_ <br>
- -\> _[Tor Operating Systems](#tor-operating-systems)_ <br>
- -\> _[Tor Browser(s)](#tor-browsers)_ <br>
- -\> _[Contributing to Tor](#contributing-to-tor)_ <br>
-\>> [Proper Mindset](#proper-mindset) <br>
-\>> [Knowing Your Adversary](#knowing-your-adversary) <br>
@ -78,6 +73,7 @@ _Disclaimer: This is for education / research._
- -\>> _[Installation](#installation)_ <br>
- -\>> _[Template Setup](#template-setup)_ <br>
- -\>> _[Onionizing Repositories](#onionizing-repositories)_ <br>
- -\>> _[Qubes Basic Setup](#qube-basic-setup)_ <br>
-\>> [Creating our Aliases](#creating-our-aliases) <br>
-\>> [Browsers](#browsers) <br>
@ -85,20 +81,15 @@ _Disclaimer: This is for education / research._
- -\>> _[Desktop](#desktop-1)_ <br>
-\>> [Mobile](#mobile) <br>
- -\>> _[GrapheneOS](#grapheneos)_ <br>
- -\>> _[GrapheneOS Hardening](#grapheneos-hardening)_ <br>
- -\>> _[External Applications](#external-applications)_ <br>
- -\>> _[Tor](#tor-1)_ <br>
-\>> [Physical](#physical) <br>
- -\>> _[Cars](#cars)_ <br>
-\>> [Secure(ish) Communications](#secureish-communications) <br>
-\>> [Secure Communications](#secure-communications) <br>
-\>> [Secure Hardware](#secure-hardware) <br>
-\>> [Plausible Deniability](#plausible-deniability) <br>
-\>> [Tails](#tails) <br>
-\>> [Anonymous Server](#anonymous-server) <br>
-\>> [Power Analysis](#power-analysis) <br>
-\>> [TLDR](#tldr) <br>
---
@ -148,123 +139,6 @@ If you are using an "amnesic" setup such as Tails or anon-whonix on Qubes OS, yo
<br>
#### Tor with VPN
Using Tor with a VPN has both upsides and downfalls.
This setup will vary from person to person based upon usage, threat models and other factors only you can determine.
Using a VPN with Tor has its downfalls.
One of the main reasons you should use a VPN with Tor is if you are concerned with your ISP watching for Tor traffic and you can *reasonably* trust your VPN provider.
To prevent your ISP or another adversary from viewing Tor traffic, you are also able to use Tor bridges for such, but if it is not critical to use bridges, do not as there are other people who benefit from bridges.
Using a VPN will proxy your Tor traffic to another ISP, which hopefully is less malicious than an adversary you are hiding this traffic from.
Using a VPN will increase latency, along with potentially messing with the guard node selection.
<br>
#### Tor Usage
Tor is extremely important for our setup.
Since Tor relies on other people using the Tor network, to disguise everybody so they
all seem alike, it's crucial we use Tor as much as possible.
*(You should not use Tor for anything personal or linkable-activity)*
Using Tor as much as possible helps strengthen the network as whole.
On desktop, there is the [Tor Browser](https://torproject.org/download).
On IOS there is [Onion Browser](https://onionbrowser.com)
On Android there is [Tor Browser](https://torproject.org/download#android) along with [Orbot](https://github.com/guardianproject/orbot), an application which allows you to route your entire device over Tor, or proxy specific applications.
You can proxy applications such as an [F-Droid](https://f-droid.org) client such as [Neo-Store](https://github.com/NeoApplications/Neo-Store), allowing you to use [onionized repositories](https://gitlab.com/fdroid/mirror-monitor/-/raw/master/README.md) inside F-droid.
*(We will talk about F-droid and these various applications later)*
Other applications such as [Briar](https://briarproject.org).
Any application that has a `proxy` setting can be used.
The Orbot ports:
SOCKS: `127.0.0.1:9050`
HTTP: `127.0.0.1:8118`
<br>
On Orbot, you should configure the following settings:
`Start Orbot on Boot`: Automatically start Orbot and connect Tor when your Android device boots
`Allow Background Starts`: Let any app tell
Orbot to start Tor and related services
`Isolate destination addresses`: Use a different circuit for each destination address
`Prefer IPv6 connections`: Tells exits that IPv6 addresses are preferred
`Connecting padding`: Always enables connection padding to defend against some forms of traffic analysis. Default: auto
`Circuit padding`: Enable circuit padding to defend against some forms of traffic analysis
<br>
If you wish to help contribute to the Tor network, you are able to enable the following:
`Relaying`: Enable your device to be a non-exit relay
`Run Snowflake Proxy`: Allow other Tor users to connect to Tor through your device. (This can't be used if you connect alongside bridges)
<br>
#### Tor Operating Systems
There are operating systems which are designed to work with Tor.
These systems will route all / some *(depends on the OS)* network traffic over the Tor network.
There are ways to route normal OS's over Tor, but the ones listed here are specifically designed for Tor-only use.
Some notable mentions:
- [Tails](https://tails.boum.org) - an amnesic OS which runs off a USB device.
All traffic is routed over Tor, and can be used on any computer.
Tails allows for a totally ephemeral OS, in which as soon as you shutdown the computer or pull out the USB drive, the RAM will be wiped and all contents on your session will be deleted. *(Note: persistent mode will function differently)*
- [Whonix](https://whonix.org) - a "workstation"-type OS routed over Tor.
You get the features of traditional Linux *(unlike amnesic Tails)* with it being routed over Tor.
Whonix can be run on a USB device, in KVM *(the suggested method)* or with [QubesOS](https://qubes-os.org) *(the most secure method, suggested to use Whonix if you are using Qubes)*.
Running in a virtual environment (KVM, Qubes, VM), there are two Whonix instances running.
`Whonix-Gateway` and `Whonix-Workstation`.
`Whonix-Gateway` is a separate *VM* which connects you to Tor.
Its sole purpose is to connect to the Tor network.
`Whonix-Workstation` will receive the Tor connection from `Whonix-Gateway`.
All of your applications will occur in `Whonix-Workstation`.
<br>
#### Tor Browser(s)
There are several different ways to access Tor, primarily through a browser.
Browsers such as Brave offer this, but this should **NOT** be used, as it contains a unique fingerprint.
<br>
#### Contributing to Tor
Tor is an amazing project.
We need to do as much as possible to help protect the integrity of this network, and to help strengthen the network.
This can be done by regularly using Tor.
Regularly using Tor helps create more traffic on the network.
Generally, more traffic will help to anonymize users.
Consider running a [Snowflake](https://snowflake.torproject.org), this can run as a browser addon or inside of a [Docker container](https://hub.docker.com/r/thetorproject/snowflake-proxy), alternatively, you can enable Snowflake inside of Orbot.
Running a Tor relay would be the best way to help contribute to the network.
Refer to [this guide](https://community.torproject.org/relay/) on how to setup a relay.
Any relay is important but, if you can, host an `exit-relay`.
These relays are extremely important to the network as they see the clearnet traffic.
If you do not want to host a relay, you can look at the [SaveTor](https://savetor.network/) project, which is taking donations in return for hosting public Tor nodes.
<br>
---
## **Proper Mindset**
@ -283,14 +157,11 @@ Here is a general thought process...
Let's eliminate user error.
More on this subject will be later in this _guide._
- Take over-procedures.
Don't "skimp" out on encryption because you don't feel like entering in a password. Don't be lazy.
- Take over-procedures. Don't "skimp" out on encryption because you don't feel like entering in a password. Don't be lazy.
- Do not compromise your security for a friend.
If they are your friend, they will respect your new-founded love for being secure.
- Do not compromise your security for a friend. If they are your friend, they will respect your new-founded love for being secure.
- Do not reveal more than you need to.
MMJ doesn't need to know what you had for lunch.
- Do not reveal more than you need to. MMJ doesn't need to know what you had for lunch.
(things to keep in mind)\* Reveal as little about yourself and origin as possible.
@ -302,14 +173,7 @@ MMJ doesn't need to know what you had for lunch.
- Do not be lazy.
- Do not have the misconception that just because it is open-source makes it secure.
People may think you are paranoid, but in a world like this it _is_ useful to be even a bit paranoid.
This will allow you to see the true realities of the world.
If you are always thinking of ways you can be compromised, you'd actually likely reduce your risk due to the fact of you constantly thinking about it, rather than just "not really thinking" about it, or rather as often as you should.
Privacy and security are constantly evolving, which means that you will have to evolve with it.
Are you ready for a data breach?
What are you going to do if your compromised? Questions like these are what you need to ask yourself in order to be successful, you must always have a backup plan that you can execute.
People may think you are paranoid, but in a world like this it _is_ useful to be even a bit paranoid. This will allow you to see the true realities of the world. If you are always thinking of ways you can be compromised, you'd actually likely reduce your risk due to the fact of you constantly thinking about it, rather than just "not really thinking" about it, or rather as often as you should. Privacy and security are constantly evolving, which means that you will have to evolve with it. Are you ready for a data breach? What are you going to do if your compromised? Questions like these are what you need to ask yourself in order to be successful, you must always have a backup plan that you can execute.
<br>
@ -331,8 +195,7 @@ You need to properly identify a _threat model_, an _adversary_ along with perfor
The most important part of your setup.
Threat modeling can become an advanced topic, you will need to learn how to balance security, privacy and anonymity.
You'll need to properly layout and identify what you are protecting yourself from.
Threat modeling can become an advanced topic, you will need to learn how to balance security, privacy and anonymity. You'll need to properly layout and identify what you are protecting yourself from.
Everyone has something to protect, whether it is passwords, location, internet activity, confidential documents, etc.
The items you are trying to protect will be referred here as "assets".
@ -343,7 +206,7 @@ Ask yourself these basic questions:
- What happens if I fail to protect this?
These are some basic questions to ask yourself when creating your threat model.
Based upon your answers to these questions, will determine the route you must go.
Based upon your answers to these questions, will determine the route you must go.
Example - You don't want your neighbor Joe to see you sleeping, so you close your blinds.
Developing a threat model will require a lot of time and effort.
@ -397,8 +260,6 @@ Media Channels:
What is _"cleaning up"?_
*Note* This section isn't really "anonymity", it's just good practice.
Simply put, cleaning up is the process of deleting your various traces on the internet.
For the average person, this will be a long and arduous process.
You'll have to go through every single online account, email, activity, forum, message, game, etc. and literally delete _everything_.
@ -469,10 +330,6 @@ Some aliasing services:
- [AnonAddy](https://anonaddy.com/)
- [Duckduckgo Mail](https://duckduckgo.com/email/)
- [Firefox Relay](https://relay.firefox.com/)
- [SimpleLogin](https://simplelogin.io/)
<br>
@ -489,7 +346,7 @@ _What is the point of using a secure messenger, if your desktop is compromised b
A massive amount of information is stored on our desktop, meaning that it contains a trove of our personal information.
From search results to private documents.
These items are **NOT** private on "traditional" operating systems.
The default desktop environment has a broken security model.
The default desktop enviroment has a broken security model.
This is due to the fact of lacking permissions and proper isolation as done on mobile operating systems such as Android with their per-app permission toggles.
Some services like Firejail, Bubblewrap, SELinux and Apparmor can fix a lot of these issues, but the fact is configuring these services for every application can be a daunting task and can lead to much user-error.
@ -599,8 +456,6 @@ If you wanted a dedicated `sys-dns`, there are several guides on this:
- [qubes-dns](https://github.com/3hhh/qubes-dns)
- [Pihole qube](https://github.com/92VV3M42d3v8/PiHole)
For setting up a VPN Qube, we are able to use the [Mullvad Guide](https://mullvad.net/en/help/qubes-os-4-and-mullvad-vpn/) as reference.
`sys-net` -> `sys-firewall` -> `sys-vpn` -> `sys-firewall-vpn`
We will now create additional qubes for our use.
@ -661,10 +516,10 @@ qubes-usb-proxy
qubes-gpg-split
```
Fedora-37:
Fedora-36:
```
sudo qubes-dom0-update qubes-template-fedora-37
sudo qubes-dom0-update qubes-template-fedora-36
```
Debian-11:
@ -709,7 +564,7 @@ deb tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/de
Fedora Templates:
Edit `/etc/yum.repos.d/qubes-r[version].repo`, comment out the clearnet `baseurl` and uncomment the onion `baseurl`
Edit `/etc/yum.repos.d/qubes-r[version].repo`, comment out the clearnet `baseurl` and uncoment the onion `baseurl`
<br>
@ -727,10 +582,101 @@ More thoughts:
<br>
#### Additional Setup
#### U2F-Proxy
We are able to use [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) along with [yubikey](https://qubes-os.org/doc/yubikey).
Review the official documentation.
Using [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) allows you to "compartmentalize the browser in one qube and the USB stack in another so that they are always kept separate from each other".
The Qubes documentation shows the following for installation:
dom0:
```
sudo qubes-dom0-update qubes-u2f-dom0
```
Now, execute this command for all the Qubes you will utilize u2f.
```
qvm-service --enable QUBE_NAME qubes-u2f-proxy
```
To install on our templates, use the following:
Fedora:
```
sudo dnf install qubes-u2f
```
Debian:
```
sudo apt install qubes-u2f
```
Finally, you must restart your Qubes.
It's suggested you read the [u2f-proxy](https://qubes-os.org/doc/u2f-proxy) documentation.
<br>
#### YubiKey
Using a YubiKey can help mitigate certain attacks such as password "snooping", along with increasing security.
Read the [official documentation](https://qubes-os.org/doc/yubikey).
Installation for template qubes:
Fedora:
```
sudo dnf install ykpers yubikey-personalization-gui
```
Debian:
```
sudo apt-get install yubikey-personalization yubikey-personalization-gui
```
The GUI on for Debian can be run via the `yubikey-personalization-gui` command.
- Choose `configuration slot2`.
- Select `HMAC-SHA1 mode: fixed 64 bit input`.
- Ensure to backup the `Secret Key (20 bytes hex)`.
Now the following is required for dom0:
```
sudo qubes-dom0-update qubes-yubikey-dom0
```
If we had changed the name of `sys-usb` or are using something other than that, we would need to edit ``/etc/qubes/yk-keys/yk-vm'' in dom0.
- Paste the `Secret Key (20 bytes hex)` into `/etc/qubes/yk-keys/yk-secret-key.hex` in dom0.
- Paste your hashed password into `/etc/qubes/yk-keys/yk-login-pass-hashed.hex` in dom0.
To get your hashed password:
```
read -r password
```
```
echo -n "$password" | openssl dgst -sha1
```
Edit `/etc/pam.d/login` in dom0 and add:
```
auth include yubikey
```
Now, edit `/etc/pam.d/xscreensaver` to include:
```
auth include yubikey
```
<br>
@ -931,47 +877,39 @@ LibreWolf is a good alternative to utilizing Arkenfox on Qubes as we cannot reas
#### General Notes
- For using Tor, you should only use the *official* Tor Browser.
- For an ideal browser setup focused around privacy, you should **NOT** store any browser history, cookies or cache.
- HTTPS-Only should be activated on all browsers.
- Disable saving of passwords, logins, credit cards, etc. as this is a security concern saving all of this in a web browser.
There are a variety of tools to test your different browser configurations in a wide array of tests.
- [BrowserLeaks](https://browserleaks.com/)
- [CreepyJS](https://abrahamjuliot.github.io/creepjs/)
- [TorZillaPrint](https://arkenfox.github.io/TZP/index.html)
- [DeviceInfo](https://www.deviceinfo.me/)
- [SSL Test](https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html)
[Mullvad](https://mullvad.net) has released the [Mullvad Browser](https://mullvad.net/en/browser), which focuses on minimizing the browser fingerprint and to minimize tracking.
It comes installed with UBlock Origin by-default.
With this browser being brand-new, it would be advisable to proceed with caution, but this browser does appear promising.
<br>
---
## **Mobile**
Mobile devices are extremely important.
They contain a plethora of information such as contacts, files, texts and more.
Mobile devices by-default are not private or even anonymous.
While there are ways to harden IOS / stock Android, this is not the place for it.
Default un-modified mobile devices are **NOT** private.
Your mobile device likely contains the most sensitive information. Pictures, texts, location, and more.
We'll need to work heavily on reducing this fingerprint.
Anything you do on your phone is likely not private.
Apps have unnecessary permissions to contacts, messages, files, location and more.
This is an extremely terrifying thing, as any app could have the potential to view sensitive information.
Most apps require very minimal permissions to function.
The idea is minimalism.
"Calculator" does not need access to text messages, nor does it need to ping servers.
It is best to focus on minimalism for our mobile devices, for instance, the calculator app does not need location permissions.
We can reduce the amount of data being collected by eliminating apps we do not need and by removing invasive permissions.
It is important to note that any device with a SIM card is likely not anonymous, as the cellular towers can triangulate the location of the device by measuring its signal strength.
It is possible to create an anonymous mobile device by having no SIM card on it at all, and routing everything over Tor.
Android allows us to have more access over our device such as installing applications from third-party repositories and having access over `ADB` and changing permissions.
Any device with a SIM card installed is not anonymous.
The location of the device is known by the cell provider.
<br>
### GrapheneOS
To be truly "anonymous" with a mobile device, you must not have an installed SIM card.
It is not advisable to try to be "anonymous" on a mobile device.
To be as private as possible, it is advisable to install [GrapheneOS](https://grapheneos.org).
GrapheneOS is a hardened version of Android running on the *secure* Google Pixel.
@ -984,25 +922,11 @@ The cell service provider **WILL** know your location.
For additional information, view the [GrapheneOS Section](./graphene).
With GrapheneOS, you can utilize the profiles function to create separate identities with each profile.
We can use [Orbot](https://github.com/guardianproject/orbot) to route traffic over Tor on a per-profile basis.
We can use Orbot to route traffic over Tor on a per-profile basis.
You could utilize an application such as [Shelter](https://gitea.angry.im/PeterCxy/Shelter) to provide a "work profile".
*Note: UDP is not supported by Tor*
<br>
### GrapheneOS Hardening
If you've opted to install [GrapheneOS](https://grapheneos.org) on a Google Pixel, we can take some extra measures to secure our setup.
To fully prevent VPN leaks:
`Settings` -> `Network & Internet` -> `VPN` -> `settings icon` -> Enable `Always-on VPN` , `Block connections without VPN`
`Network & Internet` -> `Internet connectivity check` -> `Disabled`
VPN leaks are now prevented
<br>
@ -1012,13 +936,6 @@ Assuming you are using Android, APKs are used to install applications.
These can be dangerous as installing a malicious application can be detrimental to your system.
It would likely be best to install various APKs from a source you can reasonably trust, or you can build your own and verify the signatures.
Various repositories:
- [Accrescent](https://accrescent.app) an Android app store built and focused on security.
Allows for app signing, signed repository metadata and automatic updates.
- [F-Droid](https://f-droid.org) an Android app repository, allowing you to use custom repositories or create your own.
<br>
### Tor
@ -1033,12 +950,12 @@ If your device has the ability to create multiple profiles, you can create a "To
---
## **Secure(ish) Communications**
## **Secure Communications**
Having a secure operating system is only 1 part that we need.
We need to ensure that all of our communications stay secure.
The most common method to this is using E2EE (End-to-end encryption).
This encrypts your messages locally on your device before sending them out.
anThis encrypts your messages locally on your device before sending them out.
Let's take a look at some of the basic types of messengers.
Centralized: Meaning there is a single server / point of failure.
@ -1058,7 +975,6 @@ Here's a list of "great" messengers and services that you'll be able to use.
Session has built-in onion-routing.
- [Matrix](https://matrix.org) Matrix provides a federated platform, which allows for anyone to host their own server, meaning that it is resistent to censorship as the network does not rely on a single server.
*Note: Matrix has issues regarding metadata.*
- [Briar](https://briarproject.org) A P2P messenger app which is designed for extreme threat models.
Allows for Bluetooth communication along with routing communications over Tor network.
@ -1079,17 +995,6 @@ For more information visit [JoinMatrix](https://joinmatrix.org).
## **Physical**
<div style="text-align:center">
<div class="alert alert-danger" role="alert">
<strong>
This page is a **<b>WORK IN PROGRESS</b>**
(more so than the others)
</strong>
</div>
</div>
<br>
Your physical state is just as important as your online state.
If you can be physically tracked and stalked, this could potentially lead to the compromise of your online being.
For instance, if someone stalks your behavior and notices you leave your device unattended, this can lead to malicious activity taking place such as compromising firmware, installing a small Bluetooth transmitter, accessing device information if the device is unencrypted, or even just outright taking the device.
@ -1122,72 +1027,12 @@ At first glance, many of this seems like defining qualities, but they can be alt
<br>
### Cars
Modern cars contain a lot of information about you.
Location, speed, driving patterns, and more.
There are few actual resources on what these privacy invasions are, and what you can do about them.
The term "car" is used to describe automobiles such as sedans, SUV's, trucks, tudors, unless otherwise specified.
<br>
#### Introduction
Most modern cars contain an EDR, Electronic Data Recorder.
This device is also commonly known as a "black box".
This device contains detailed information such as vehicle speed, detailed engine information along with the vehicles occupancy status.
This device is able to be read via a simple USB dongle.
The EDR is able to use the on-board pressure sensors embedded in the driver and passenger seats to have information such as how many passengers were in the vehicle, along with the status of seat belts.
While this is used for safety purposes, it is an extreme privacy invasion.
This page is not to describe on why you might want to care about privacy, but rather an overview on the privacy concern of modern cars.
Most modern cars include "smart features", such as an embedded display usually running a version of Android.
These devices will be referred to as a "smart screen".
The smart screen has the ability to connect to the internet along with providing apps such as Spotify, and some sort of GPS / navigational system.
A concern of these devices is the lack of security consideration.
These devices have access to extremely sensitive information such as location and potentially account information granted that an account is signed in.
Often times, these devices to not receive proper security patches or even updates to the OS in general.
<br>
#### Privacy
With the rise in IOT devices, comes "smart" enabled technology.
This is often times being implemented into newer vehicles.
Unfortunately, with the rapid adoption of technology, cars are vulnerable to various types of attacks.
With more detailed information being logged by your vehicle, often times in the event of an accident of some sort, insurance companies will pull information from the vehicle such as speed and location.
<br>
#### Security
Unfortunately, with the rapid adoption of technology, cars are vulnerable to various types of attacks.
Certain types of attacks include spoofing the radio signal from a key Fob and utilizing vulnerabilities found in 3rd-party applications.
Here is a list of some educational resources:
- [Connecting to the car's network - David Bombal](https://invidious.namazso.eu/watch?v=ICOaAfLlb4o)
- [I Hacked Into My Own Car - Steve Mould](https://invidious.snopyta.org/watch?v=5CsD8I396wo)
<br>
### Walking Style
Your walking style is a unique identifier, and can be used to track you.
To change this, you are able to do a variety of things to change your normal behavior / pattern.
The easiest method would be to put a coin inside your shoe.
- [Generating digital signatures with the gait of people](https://towardsdatascience.com/generating-digital-signatures-with-the-gait-of-people-3a66f0c44b7b)
- [From Learning Gait Signatures of Many Individuals to Reconstructing Gait Dynamics of One Single Individual](https://www.frontiersin.org/articles/10.3389/fams.2020.564935/full)
<br>
### Heart Rate
@ -1200,8 +1045,6 @@ Doing such will raise / lower your heart rate based upon what you do.
To hide your heart rate from such technology, it is advisable to use tinfoil to block the signal.
This can be done via foil clothing or line a jacket with the proper tinfoil material.
- [Heart rate prediction from facial video with masks using eye location and corrected by convolutional neural networks](https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8906658/)
<br>
### Fingerprints
@ -1285,14 +1128,11 @@ You can be tracked physically with a wide array of technologies including but no
- Someone physically watching you
- Heat signature
- [Tracking you with Wifi](https://www.vice.com/en/article/y3p7xj/scientists-are-getting-eerily-good-at-using-wifi-to-see-people-through-walls-in-detail)
- [Thermal Imaging Surveillance](https://theyarewatching.org/technology/thermal-imaging-surveillance)
- [Real Time Object Tracking System using Thermal Camera](https://medium.com/analytics-vidhya/real-time-object-tracking-system-using-thermal-camera-b4d077a20f16)
- Facial recognition
- [The T-Shirt Invisibility Cloak](https://yewtu.be/watch?v=NyofHyRm5CQ)
- [Wearable face projector](https://inv.bp.projectsegfau.lt/watch?v=_PoudPCevN0)
<br>
@ -1440,7 +1280,6 @@ Various Firmware:
- [Coreboot](https://www.coreboot.org/)
- [Heads](https://github.com/osresearch/heads)
- [Skulls](https://github.com/merge/skulls)
- [TrenchBoot](https://trenchboot.org)
<br>
@ -1456,14 +1295,13 @@ Security Keys:
- [NitroKey](https://www.nitrokey.com/)
- [Tkey](https://www.tillitis.se/)
- [YubiKey](https://www.yubico.com/)
Crypto Wallets:
- [Trezor](https://trezor.io/)
<br>
---
@ -1492,47 +1330,6 @@ Tails is routed over Tor, which allows you to use it anonymously.
---
## **Anonymous Server**
Sometimes, you will need to host a server anonymously.
This can be a pain, as a lot of popular services require some sort of ID, credit card, address, etc.
For true "anonymity", we will tend to avoid these services.
These range from Amazon Azure, to Linode.
For a server, it's advisable to pay with crypto-currency, such as Monero, Zcash or some other type of "privacy"-respecting currency.
If you need a domain, it's advisable to use [Njalla](https://njal.la) <button type="button" class="btn btn-default btn-xs"><a href="http://njallalafimoej5i4eg7vlnqjvmb6zhdh27qxcatdn647jtwwwui3nad.onion/">Tor</a></button> as they do not collect any personal information, and they are well-known for their strong privacy.
While Njalla is a fantastic privacy-respecting service, their VPS plans are lacking.
For hosting a simple web server or private service, this should be sufficient, but the idea here is that we have separate providers for our VPS and our domain.
For the actual server, you can use [1984](https://1984.is/) or the listed options below:
- [BitHost](https://bithost.io/)
- [Privex](https://www.privex.io/) <button type="button" class="btn btn-default btn-xs"><a href="http://privex3guvvasyer6pxz2fqcgy56auvw5egkir6ykwpptferdcb5toad.onion/">Tor</a></button>
<br>
---
### **Power Analysis**
*"Power analysis is a form of side channel attack in which the attacker studies the power consumption of a cryptographic hardware device. These attacks rely on basic physical properties of the device: semiconductor devices are governed by the laws of physics, which dictate that changes in voltages within the device require very small movements of electric charges (currents). By measuring those currents, it is possible to learn a small amount of information about the data being manipulated."*
<br>
This is an advanced attack which requires equipment and the technical skill to sucessfully operate such an attack.
Several ways to prevent such an attack is a method known as [blinding](https://wikiless.org/wiki/Blinding_(cryptography)).
To take certain precautions, it's advisable to unplug and power off all devices not currently in-use.
It *may* be possible to bypass / increase the difficulty of this sort of attack by utilizing a system of UPS's.
<br>
---
## TLDR
Don't use the internet.

View File

@ -9,29 +9,8 @@ permalink: /services
<i>“There are too many of us, he thought. There are billions of us and that's too many. Nobody knows anyone. Strangers come and violate you. Strangers come and cut your heart out. Strangers come and take your blood. Good God, who were those men? I never saw them before in my life!” </i>
</div>
<br>
<br>
<div style="text-align:center">
<div class="alert alert-warning" role="alert">
<strong>
Notice
<br>
<br>
This page is outdated, and the information should be considered such.
<br>
<br>
</strong>
</div>
</div>
<br>
<br>
## __Services__
**Due to recent incidents with our Njalla VPS, some of our services will be offline.**
These services are publicly available and free to use.
Services are hosted in __Sweden__ and / or __Iceland__.
@ -104,19 +83,15 @@ Additional services are hosted with [Njalla](https://njal.la/about/).
<br>
### __Tor__
We host a Tor [exit node](https://metrics.torproject.org/rs.html#details/800F6AB9506498F7FE80BFF204B9F33571297636)
<br>
### __Matrix__
The Matrix homeserver is located at
`https://matrix.anonymousland.org`
Registration is done via [Element](https://element.anonymousland.org) or any other client of your choice.
Registration is done via the [registration page](https://matrix.anonymousland.org/register)
Incidents: `1`
### __Clients__
@ -170,21 +145,8 @@ and requires an email address for sign-up.
<br>
### __OTS__
*ots is a one-time-secret sharing platform. The secret is encrypted with a symmetric 256bit AES encryption in the browser before being sent to the server. Afterwards an URL containing the ID of the secret and the password is generated. The password is never sent to the server so the server will never be able to decrypt the secrets it delivers with a reasonable effort. Also the secret is immediately deleted on the first read.*
OneTimeSecret instance located at:
[OTS](https://ots.anonymousland.org) <button type="button" class="btn btn-default btn-xs"><a href="http://up6cmathcvv3gkscop56lau3rbv4ksrafukyeibiaz2oxxlll2ftofad.onion/">Tor</a></button>
<br>
## __Additional Services__
- [Dimension](https://dimension.anonymousland.org)
- [Paste](https://paste.anonymousland.org)<button type="button" class="btn btn-default btn-xs"><a href="http://h7kw36ijgdnp75kb7ofo2z4swxhkhcqfrghjkvo5q5quz3bca4lqazad.onion
">Tor</a></button>
- [OTS](https://ots.anonymousland.org)
- [Paste](https://paste.anonymousland.org)

View File

@ -44,7 +44,6 @@ Multi-factor authentication is extremely important as it provides multiple layer
- [Aegis](https://github.com/beemdevelopment/Aegis) (Mobile)
- [NitroKey](https://www.nitrokey.com/) (Hardware)
- [Tkey](https://www.tillitis.se/) (Hardware)
- [YubiKey](https://www.yubico.com/) (Hardware) <button type="button" class="btn btn-xs btn-warning"> <a href="https://www.yubico.com/blog/secure-hardware-vs-open-source/"> Proprietary </a> </button>
<br>
@ -62,7 +61,6 @@ Your browser contains everything you do.
It is the main entry point onto your system, along with the main privacy & security risk.
- [Tor Browser](https://torproject.org) <button type="button" class="btn btn-default btn-xs"><a href="http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion/">Tor</a></button>
- [Mullvad Browser](https://mullvad.net/en/browser)
- [Librewolf](https://librewolf.net/)
- [Vanadium](https://vanadium.app) (Mobile)
- [Bromite](https://bromite.org) (Mobile)

72
_items/Transparency.md Normal file
View File

@ -0,0 +1,72 @@
---
layout: default1
title: Transparency
permalink: /transparency
---
<div style="text-align:center;">
<p><i>“We do not merely destroy our enemies; we change them"</i></p>
</div>
## Servers
### 1984
4 Cores
8GB RAM
260 GB SSD
<br>
### Njalla
6 Cores
9GB RAM
90 GB SSD
<br>
---
Total Cost: €139/month
Public Services:
- Matrix Clearnet
- Matrix Onion
- Element Clearnet
- Element Onion
- Element Onion
- Cinny Clearnet
- Cinny Onion
- Schild Clearnet
- Dimension Clearnet
- Gitea Clearnet
- Mastodon Clearnet
- Status Clearnet
- OTS Clearnet
- Paste Clearnet
<br>
#### Matrix Clearnet
`media_store` : 31.6 GiB
`DB` : 47GB
**1984**
Total Price: €49/month
<br>
#### Other Services
**Njalla**
Total Price: €90/month

View File

@ -9,16 +9,11 @@ permalink: /propagate
</div>
<br>
<br>
## Orbot
<br>
## Hosting Ideas
- [Awesome Self Hosted](https://github.com/awesome-selfhosted/awesome-selfhosted)
- [Mailcow](https://github.com/mailcow/mailcow-dockerized)

View File

@ -1,15 +0,0 @@
---
layout: default1
title: Transparency
permalink: /transparency
---
<div style="text-align:center;">
<p><i>“We do not merely destroy our enemies; we change them"</i></p>
</div>
<br>
## Servers
As of now, we are currently only running a web server.

View File

@ -1,6 +1,3 @@
---
---
$color_1: #303030;
$color_2: #151515;
$color_3: #505050;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #bbbbbb;
$color_2: #888;
$color_3: #579;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #999988;
$color_2: #999999;
$color_3: #a61717;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #fbf1c7;
$color_2: #fb4934;
$color_3: #928374;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #5e5d83;
$color_2: #465457;
$color_3: #f8f8f2;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #75715e;
$color_2: #960050;
$color_3: #ffffff;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #888888;
$color_2: #cc0000;
$color_3: #a61717;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #faf6e4;
$color_2: #dee5e7;
$color_3: #a8e1fe;

View File

@ -1,6 +1,3 @@
---
---
$color_1: #FFFFFF;
$color_2: #6D6E70;
$color_3: #41ff5b;

View File

@ -1,4 +1,5 @@
---
# Front matter comment to ensure Jekyll properly reads file.
---
@charset "UTF-8";

View File

@ -1,210 +0,0 @@
.highlight table td { padding: 5px; }
.highlight table pre { margin: 0; }
.highlight .c, .highlight .cd {
color: #75715e;
font-style: italic;
}
.highlight .cm {
color: #75715e;
font-style: italic;
}
.highlight .c1 {
color: #75715e;
font-style: italic;
}
.highlight .cp {
color: #75715e;
font-weight: bold;
}
.highlight .cs {
color: #75715e;
font-weight: bold;
font-style: italic;
}
.highlight .err {
color: #960050;
background-color: #1e0010;
}
.highlight .gi {
color: #ffffff;
background-color: #324932;
}
.highlight .gd {
color: #ffffff;
background-color: #493131;
}
.highlight .ge {
color: #000000;
font-style: italic;
}
.highlight .gr {
color: #aa0000;
}
.highlight .gt {
color: #aa0000;
}
.highlight .gh {
color: #999999;
}
.highlight .go {
color: #888888;
}
.highlight .gp {
color: #555555;
}
.highlight .gs {
font-weight: bold;
}
.highlight .gu {
color: #aaaaaa;
}
.highlight .k, .highlight .kv {
color: #66d9ef;
font-weight: bold;
}
.highlight .kc {
color: #66d9ef;
font-weight: bold;
}
.highlight .kd {
color: #66d9ef;
font-weight: bold;
}
.highlight .kp {
color: #66d9ef;
font-weight: bold;
}
.highlight .kr {
color: #66d9ef;
font-weight: bold;
}
.highlight .kt {
color: #66d9ef;
font-weight: bold;
}
.highlight .kn {
color: #f92672;
font-weight: bold;
}
.highlight .ow {
color: #f92672;
font-weight: bold;
}
.highlight .o {
color: #f92672;
font-weight: bold;
}
.highlight .mf {
color: #ae81ff;
}
.highlight .mh {
color: #ae81ff;
}
.highlight .il {
color: #ae81ff;
}
.highlight .mi {
color: #ae81ff;
}
.highlight .mo {
color: #ae81ff;
}
.highlight .m, .highlight .mb, .highlight .mx {
color: #ae81ff;
}
.highlight .se {
color: #ae81ff;
}
.highlight .sb {
color: #e6db74;
}
.highlight .sc {
color: #e6db74;
}
.highlight .sd {
color: #e6db74;
}
.highlight .s2 {
color: #e6db74;
}
.highlight .sh {
color: #e6db74;
}
.highlight .si {
color: #e6db74;
}
.highlight .sx {
color: #e6db74;
}
.highlight .sr {
color: #e6db74;
}
.highlight .s1 {
color: #e6db74;
}
.highlight .ss {
color: #e6db74;
}
.highlight .s {
color: #e6db74;
}
.highlight .na {
color: #a6e22e;
}
.highlight .nc {
color: #a6e22e;
font-weight: bold;
}
.highlight .nd {
color: #a6e22e;
font-weight: bold;
}
.highlight .ne {
color: #a6e22e;
font-weight: bold;
}
.highlight .nf {
color: #a6e22e;
font-weight: bold;
}
.highlight .no {
color: #66d9ef;
}
.highlight .bp {
color: #f8f8f2;
}
.highlight .nb {
color: #f8f8f2;
}
.highlight .ni {
color: #f8f8f2;
}
.highlight .nn {
color: #f8f8f2;
}
.highlight .vc {
color: #f8f8f2;
}
.highlight .vg {
color: #f8f8f2;
}
.highlight .vi {
color: #f8f8f2;
}
.highlight .nv {
color: #f8f8f2;
}
.highlight .w {
color: #f8f8f2;
}
.highlight .nl {
color: #f8f8f2;
font-weight: bold;
}
.highlight .nt {
color: #f92672;
}
.highlight {
color: #f8f8f2;
background-color: #49483e;
}

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

15930
assets/js/d3.min.js vendored

File diff suppressed because one or more lines are too long

5317
assets/js/jquery.min.js vendored

File diff suppressed because one or more lines are too long

View File

@ -86,4 +86,4 @@ $.fn.isInViewport = function() {
var viewportTop = $(window).scrollTop();
var viewportBottom = viewportTop + $(window).height();
return elementBottom > viewportTop && elementTop < viewportBottom;
};
};

11
docker.sh Normal file
View File

@ -0,0 +1,11 @@
#!/bin/bash
docker run \
--name=site \
--network=site \
--restart=always \
--volume="$PWD:/srv/jekyll:Z" \
--volume="$PWD/vendor/bundle:/usr/local/bundle:Z" \
--detach \
-it jekyll/jekyll \
jekyll serve

View File

@ -14,25 +14,26 @@ description: A fun happy place.
<br>
</div>
<br>
<br>
<div style="text-align:center">
<div class="alert alert-info" role="alert">
<strong>Sign up for our <a href="https://element.anonymousland.org"> Matrix Server</a>, or check out our <a href="http://ps3364wgpvq46iumfm7wcewr3qxymtnd2fo753gvngzbumir7wyrlvad.onion/"> Onion Matrix Server</a></strong>
</div>
</div>
---
<br>
<div style="text-align:center">
<button type="button" class="btn btn-lg btn-default"><a href="./donate"> Donate</a></button>
<br>
<br>
<button type="button" class="btn btn-lg btn-default"><a href="./changelog"><i class="fa fa-clipboard" aria-hidden="true"></i> Changelog v1.11</a></button>
<button type="button" class="btn btn-lg btn-default"><a href="./changelog"><i class="fa fa-clipboard" aria-hidden="true"></i> Changelog v1.10</a></button>
<br>
<br>
<button type="button" class="btn btn-md btn-default"><a href="https://codeberg.org/anonymousland/anonymousland"> <i class="fa fa-github" aria-hidden="true"></i> Source Code</a></button>
<button type="button" class="btn btn-md btn-default"><a href="https://git.anonymousland.org/anonymousland/anonymousland"> <i class="fa fa-github" aria-hidden="true"></i> Source Code</a></button>
<button type="button" class="btn btn-md btn-default"><a href="./guide"><i class="fa fa-suitcase" aria-hidden="true"></i> Guide</a></button>
@ -42,13 +43,35 @@ description: A fun happy place.
<button type="button" class="btn btn-md btn-default"><a href="./collections"><i class="fa fa-list" aria-hidden="true"></i> Collections</a></button>
<br>
<br>
<button type="button" class="btn btn-lg btn-default"><a href="https://status.anonymousland.org"> Status Page</a></button>
<button type="button" class="btn btn-lg btn-default"><a href="./services"> Services Page</a></button>
<br>
<br>
<button type="button" class="btn btn-md btn-default"><a href="https://element.anonymousland.org"> Matrix</a></button>
<button type="button" class="btn btn-md btn-default"><a href="https://mastodon.anonymousland.org"> Mastodon</a></button>
<button type="button" class="btn btn-md btn-default"><a href="https://git.anonymousland.org"> Git</a></button>
<br>
<br>
<button type="button" class="btn btn-large btn-default"><a href="http://vqajogx2cyooddrtai62pzj4v346kwnfiru2fa2fftemae47rgpeglqd.onion">Onion Site</a></button>
<br>
<br>
</div>
---
<br>
<br>
---
<br>
@ -65,29 +88,6 @@ Recent blog posts from our [blog](./blog) page
- [Update](./blog/2022/11/07/Update.html)
<br>
<br>
---
## Collections
Information from [collections](./collections)
- [Information](./information) - A collection of links, articles and more.
- [GrapheneOS](./graphene)
- [F-Droid](./f-droid)
- [Matrix](./matrix)
- [Qubes OS](./qubes)
- [dvm-zulucrypt](./qubes/dvm-zulucrypt)
- [kicksecure-sys-dns](./qubes/kicksecure-sys-dns)
<br>
<br>

3
start.sh Executable file
View File

@ -0,0 +1,3 @@
#!/bin/bash
bundle install
bundle exec jekyll serve

View File

@ -1,7 +1,9 @@
#!/bin/bash
docker run --rm \
--name=site \
--network=site \
--volume="$PWD:/srv/jekyll:Z" \
--volume="$PWD/vendor/bundle:/usr/local/bundle:Z" \
-it jekyll/jekyll \
jekyll build
gem update