Git-Mirrors/into-the-crypt
1
0
Fork 0
mirror of https://0xacab.org/optout/into-the-crypt.git synced 2024-09-27 21:55:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

TAOAF revealed

Browse Source
This commit is contained in:
arcanedev 2021-08-09 22:35:10 +00:00
parent d84274ca7e
commit cb184c1c43
No known key found for this signature in database
GPG Key ID: 13BA4BD4C14170C0
1 changed files with 99 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

208
README.md
View File

@ -70,26 +70,23 @@ The digital side of forensics has taken off in recent years. This is multi-facet
What is to come throughout this book consists of not only methods of strong cryptographic implementations, automated tasking, and obscurity, but underlying concepts for increasing the time expended on investigations.
If you make a large enough splash against the system, they will come after you with all of their resources. If you dive deep enough, you can at least reach the bottom and muddy the waters. Successful operations often depend on how long you can hold your breathe.
## Hardware Selection
This section has been prioritized as hardware is at the core of your operations. A supply chain attack resulting in embedded hardware or inherently vulnerable hardware can compromise your operation before it has even begun.
[#] - https://www.forbes.com/sites/andygreenberg/2011/02/11/palantir-apologizes-for-wikileaks-attack-proposal-cuts-ties-with-hbgary/
Unfortunately, there are no easy solutions in the realm of hardware. There are many rabbit holes one can take in regards to the avoidance of negative ring architecture (layers below the operating system), selecting processors that gut/avoid the use of MinixOS and Intel's management engine (ME), inherent vulnerabilities to the processor, chipsets that require proprietary blobs, and ultimately procuring hardware that isn't subject to side-loading attacks (this can weaken device encryption).
## Hardware Selection
This section has been prioritized as hardware is at the core of your operations. A supply chain attack resulting in embedded hardware or inherently vulnerable hardware can compromise your operation before it has even begun.
Central processing units (CPU) have a narrowed list of options. For the vast majority of desktops and laptops, the competitors are Intel and AMD. Both of these CPUs have the potential for root level backdoors that are undetectable by your OS. Some privacy-oriented organizations, such as Purism and System76, claim to neutralize Intel's ME. If you are going to select a system with an Intel CPU and detest this critical design, you are limited to a few options. You can shill out the money to System76 (disables ME) and Purism (neutralizes ME by gutting critical components), or you can flash the computer's motherboard with a Raspberry Pi by running the me_cleaner program (if supported processor/architecture) and installing coreboot in replace of the BIOS[#](https://github.com/corna/me_cleaner). The novice runs the risk of ruining their device, coupled with the fact that the setup was likely completed for legacy hardware that has unpatched vulnerabilities. This process is not a trivial task and will cause headaches for those who simply want the system to work. If you are not willing to shill out the money to one of these organizations that disables the ME and are not technologically savvy, consider using a CPU by AMD while noting that this is far from a silver bullet.
Unfortunately, there are no easy solutions in the realm of hardware. There are many rabbit holes one can take in regards to the avoidance of negative ring architecture (layers below the operating system), selecting processors that gut/avoid the use of MinixOS and Intel's management engine (ME), inherent vulnerabilities to the processor, chipsets that require proprietary blobs, and ultimately procuring hardware that isn't subject to side-loading attacks (this can weaken device encryption).
Taking a step back from the two CPU monoliths, Broadcom provides CPUs for smaller devices such as Raspberry Pis
##### Lots to add with broadcomm
Central processing units (CPU) have a narrowed list of options. For the vast majority of desktops and laptops, the competitors are Intel and AMD. Both of these CPUs have the potential for root level backdoors that are undetectable by your OS. Some privacy-oriented organizations, such as Purism and System76, claim to neutralize Intel's ME. If you are going to select a system with an Intel CPU and detest this critical design, you are limited to a few options. You can shill out the money to System76 (disables ME) and Purism (neutralizes ME by gutting critical components), or you can flash the computer's motherboard with a Raspberry Pi by running the me_cleaner program (if supported processor/architecture) and installing coreboot in replace of the BIOS[#](https://github.com/corna/me_cleaner). The novice runs the risk of ruining their device, coupled with the fact that the setup was likely completed for legacy hardware that has unpatched vulnerabilities. This process is not a trivial task and will cause headaches for those who simply want the system to work. If you are not willing to shill out the money to one of these organizations that disables the ME and are not technologically savvy, consider using a CPU by AMD while noting that this is far from a silver bullet.
## Operating System
Researching the right operating system (OS) for your specific operation can be a monstrous task. If Operations Security (OPSEC) is of utmost importance, then operating systems that generate excess logs and call home with telemetry and error reporting should be ruled out.
For desktop, this process eliminates Windows, Mac, and ChromiumOS/CloudReady from the race. While there are significant attempts at undermining Windows telemetry, this requires a substantial amount of effort that is bound to corrupt processes and retain the bloat from disabled software.
Taking a step back from the two CPU monoliths, Broadcom provides CPUs for smaller devices such as Raspberry Pis
#Lots to add with broadcomm
Note: Solutions with Windows 10 aren't necessarily the anti-thesis to anti-forensics. These systems are extremly bloated and can pursue the same aims. Windows provides many areas to hide files amongst the system. Windows systems can also be an overload to inexperienced investigators with the caches, shellbags, shortcut files, monolithic registry hives, and a myriad of way to set persistence mechanisms. This could force investigators to expend more time in the investigation. The reason it is avoided in this book is due to the proprietary blobs, bloatware, legacy protocols (which will continue to render it vulnerable to exploitation), and excess telemetry. In good faith, one could not claim to provide secure cryptography on a system that was designed for the aims of counterinsurgency.
## Operating System
Researching the right operating system (OS) for your specific operation can be a monstrous task. If Operations Security (OPSEC) is of utmost importance, then operating systems that generate excess logs and call home with telemetry and error reporting should be ruled out.
For desktop, this process eliminates Windows, Mac, and ChromiumOS/CloudReady from the race. While there are significant attempts at undermining Windows telemetry, this requires a substantial amount of effort that is bound to corrupt processes and retain the bloat from disabled software.
Note: Solutions with Windows 10 aren't necessarily the anti-thesis to anti-forensics. These systems are extremly bloated and can pursue the same aims. Windows provides many areas to hide files amongst the system. Windows systems can also be an overload to inexperienced investigators with the caches, shellbags, shortcut files, monolithic registry hives, and a myriad of way to set persistence mechanisms. This could force investigators to expend more time in the investigation. The reason it is avoided in this book is due to the proprietary blobs, bloatware, legacy protocols (which will continue to render it vulnerable to exploitation), and excess telemetry. In good faith, one could not claim to provide secure cryptography on a system that was designed for the aims of counterinsurgency.
GNU/Linux is the only operating system baseline that will not phone home and create excess logs locally. Even after making such a decision, there are hundreds of derivatives to sift through. At the time of writing, the only anti-forensic friendly distributions designed to reduce the creation and storage of artifacts are Qubes, TAILS, and Whonix. However, any OS lacking telemetry with properly implemented full-disk encryption (FDE) and physical security is sufficient for the job of anti-forensics. If more persistence is desired while keeping distribution size minimal, hardened variants of Arch, Void, Gentoo, or Alpine are advised.
GNU/Linux is the only operating system baseline that will not phone home and create excess logs locally. Even after making such a decision, there are hundreds of derivatives to sift through. At the time of writing, the only anti-forensic friendly distributions designed to reduce the creation and storage of artifacts are Qubes, TAILS, and Whonix. However, any OS lacking telemetry with properly implemented full-disk encryption (FDE) and physical security is sufficient for the job of anti-forensics. If more persistence is desired while keeping distribution size minimal, hardened variants of Arch, Void, Gentoo, or Alpine are advised.
One more factor to consider for the OS selection is the service manager being used. There are plenty of security enthusiasts who justifiably denounce the use of the SystemD service manager (used to spawn processes like networking, scheduled tasks, logging, etc). There are a variety of service managers that have less bloat and a more simple codebase - OpenRC, runit, etc. The fact that most of these OSs are open-source results in the problem of funding. A side-project that has peaked a developer's interest often go long durations (if not permanantly) without any efforts to maintain/patch. The best OS alternatives without systemD at the time of writing include Artix (Arch variant), Void Linux (Debian Variant), and Alpine Linux.
@ -105,15 +102,15 @@ GNU/Linux based phones, such as Pine64's Pine Phone or Purism's Librem 5, are no
## Disable Logging
Disable logging at the source is the best solution to ensure excess logs are not being stored. Daemons or processes can automate the process of log collection. This has its useful functions for both debugging and security (auditing), however it is detrimental to the idea of information retention.
On GNU/Linux with SystemD, logging can be disabled through the use of the following commands:
`systemctl disable syslog.service
```systemctl disable syslog.service
systemctl disable rsyslog.service
systemctl disable systemd-journald.service`
systemctl disable systemd-journald.service```
Note: These commands will not work on systems running lightweight service managers such as OpenRC.
While it is wise to reduce your logging footprint locally on your device, full disk encryption (FDE) is a sufficient anti-forensic mitigation for logging. If the attacker obtains access to your device as it is running (either physical or remote via a security compromise), logging is most likely the least of your concerns.
##### Include information about filesystem journaling
##### Include information about filesystem journaling
## Traffic Manipulation
### Packet Filter
@ -156,22 +153,20 @@ This command would use GNU coreutils shred function to wipe over the designated
-note: this is an example command; I am not recommending 32 overwrites.
Secure deletion should not be assumed to be possible. The NSA has in the past developed malicious firmware for HDDs that can create secret copies of user-written data.
SSDs which make use of wear-leveling (look into SSD wear-leveling) cannot have information securely erased by the user. However, SSDs with wear leveling also pose a significant annoyance, and even create difficulty for, forensic investigators (look into SSD garbage collection). Such annoyance cannot be considered a security guarantee.
Secure deletion should not be assumed to be possible. The NSA has in the past developed malicious firmware for HDDs that can create secret copies of user-written data.
SSDs which make use of wear-leveling (look into SSD wear-leveling) cannot have information securely erased by the user. However, SSDs with wear leveling also pose a significant annoyance, and even create difficulty for, forensic investigators (look into SSD garbage collection). Such annoyance cannot be considered a security guarantee.
## Browsing
### Browsee Configuration
Ungoogled variants of Chromium are advised. The security model actually exists unlike Gecko-based browser derivatives (i.e. Firefox).
It is no secret that governments deliver malware based on anomalous internet activity, alternately put, flagged activity. While the common forms of investigations are typically conducted via physical device seizure, security mechanisms should be taken into account to stunt "passive" investigations. Browsers can be configured to disable the installation of extensions, device storage usage, setting alterations, theme changes, cookie restrictions, and cache deletions. Browser security and anti-fingerprinting do not always align. For instance, the TOR Browser is not unique based on fingerprinting. Tor Browser with JavaScript disabled is generally a secure setup. Most browser-based vulnerabilities require JavaScript or some other browser-run code (fonts, WebGL, etc). Tor Browser on security setting "Safest" reduces this attack surface hugely. While Chromium browsers may have upped the ante in terms of security, they do not have any built-in anti-fingerprinting features.
## Browsing
### Browsee Configuration
Ungoogled variants of Chromium are advised. The security model actually exists unlike Gecko-based browser derivatives (i.e. Firefox).
It is no secret that governments deliver malware based on anomalous internet activity, alternately put, flagged activity. While the common forms of investigations are typically conducted via physical device seizure, security mechanisms should be taken into account to stunt "passive" investigations. Browsers can be configured to disable the installation of extensions, device storage usage, setting alterations, theme changes, cookie restrictions, and cache deletions. Browser security and anti-fingerprinting do not always align. For instance, the TOR Browser is not unique based on fingerprinting. Tor Browser with JavaScript disabled is generally a secure setup. Most browser-based vulnerabilities require JavaScript or some other browser-run code (fonts, WebGL, etc). Tor Browser on security setting "Safest" reduces this attack surface hugely. While Chromium browsers may have upped the ante in terms of security, they do not have any built-in anti-fingerprinting features.
### Search Engine Selection
DuckDuckGo (DDG) [#](https://duckduckgo.com) has long been used as an alternative to Google. There are some underlying problems with DDG such as being based in the US, and they are not completely open-source. Without having reviewable source code, there is no way of validating their seemingly well-intentioned privacy mission statement. However, source code review becomes a moot point when you consider the fact that you are using their centralized services. Odds are that the providers of the service do not make the entirety of their systems publicly reviewable/auditable. Arbitrary code or excess applications could exist on their servers. Searx instances [#](https://searx.space/) are decentralized search engines that can be stood up by anyone. Decentralization with Searx doesn't remove the issue of inherent trust that must be placed in the instances, but it ensures that you have control in where you place your trust. This also enables people to stand up their own instances and configure them with better protections. Decentralization is preferred, however some of the instances are likely ran by intelligence agencies.
### Search Engine Selection
DuckDuckGo (DDG) [#](https://duckduckgo.com) has long been used as an alternative to Google. There are some underlying problems with DDG such as being based in the US, and they are not completely open-source. Without having reviewable source code, there is no way of validating their seemingly well-intentioned privacy mission statement. However, source code review becomes a moot point when you consider the fact that you are using their centralized services. Odds are that the providers of the service do not make the entirety of their systems publicly reviewable/auditable. Arbitrary code or excess applications could exist on their servers. Searx instances [#](https://searx.space/) are decentralized search engines that can be stood up by anyone. Decentralization with Searx doesn't remove the issue of inherent trust that must be placed in the instances, but it ensures that you have control in where you place your trust. This also enables people to stand up their own instances and configure them with better protections. Decentralization is preferred, however some of the instances are likely ran by intelligence agencies.
## Live booting
Live media (USB or CD) can be booted from in a process called Live Boot. Data is prevented from being stored on the hard drive of your computer (so long as you do not attempt to decrypt your hard drive that is detected). Nothing lives in permenance from the live boot. This is a useful tool for the privacy conscious as there is little to no cleanup process of your actions. Some operating systems such as The Amnesiac Incognito Live System (TAILS) are forensicly conscious and wipe the data from the device's physical memory once the USB is removed or the system is shutdown. This is not always the case for live media. Be conscious of network activity living on in permenance. This is where the use of strong cryptography can come into play from Virtual Private Network (VPN) configurations to the use of TOR. Live booting reduces the effectiveness of the Cold Boot attacks. Cold boot is heavily reliant upon data that is temporarily stored in Random Access Memory (RAM).
## Live booting
Live media (USB or CD) can be booted from in a process called Live Boot. Data is prevented from being stored on the hard drive of your computer (so long as you do not attempt to decrypt your hard drive that is detected). Nothing lives in permenance from the live boot. This is a useful tool for the privacy conscious as there is little to no cleanup process of your actions. Some operating systems such as The Amnesiac Incognito Live System (TAILS) are forensicly conscious and wipe the data from the device's physical memory once the USB is removed or the system is shutdown. This is not always the case for live media. Be conscious of network activity living on in permenance. This is where the use of strong cryptography can come into play from Virtual Private Network (VPN) configurations to the use of TOR. Live booting reduces the effectiveness of the Cold Boot attacks. Cold boot is heavily reliant upon data that is temporarily stored in Random Access Memory (RAM).
- note:
Cold boot attacks require a system to be under attacker control. DDR3 memory modules lose data within 3 seconds of losing power under normal circumstances. DDR4 loses data within 1 second (more like a fraction of a second) after losing power under normal conditions.
@ -180,21 +175,21 @@ This command would use GNU coreutils shred function to wipe over the designated
Parrot enables many SysRq commands by default. Among those allowed by Parrot include SysRq+o (immediate poweroff, with no shutdown cycle).
## Physical Destruction
Physical destruction of critical operation data is advised. Institutional authorities such as the National Security Agency (NSA) and Department of Defense (DoD) see no value in the wiping of critical data. If they believe data is at risk or a device under classification is to be removed from a closed area, all media drives must be completely degaussed. The lesson to be learned here is that if institutional authorities do not trust wiping and overwriting methods, be cautious in your operational threat model. If your life depends on the media being sanitized, save yourself the stress and physically destroy it. If your operation would have adverse consequences if you are caught, there is no room for sentiment.
## Physical Destruction
Physical destruction of critical operation data is advised. Institutional authorities such as the National Security Agency (NSA) and Department of Defense (DoD) see no value in the wiping of critical data. If they believe data is at risk or a device under classification is to be removed from a closed area, all media drives must be completely degaussed. The lesson to be learned here is that if institutional authorities do not trust wiping and overwriting methods, be cautious in your operational threat model. If your life depends on the media being sanitized, save yourself the stress and physically destroy it. If your operation would have adverse consequences if you are caught, there is no room for sentiment.
- note:
The DoD generally cites a drive wiping policy of 7 passes using random data. Each pass is peformed on the entire drive.
Other acceptable means of data removal include a single random pass (modern drives make it nearly impossible to recover data, even with a single overwrite), microwaving the platter (the platter should be removed from the enclosure before doing this), applying sand paper aggressively to the platter, heating the drive in an oven (500 degrees farhenheit for 15 minutes? 30 if you want to be extra paranoid, or just leave it in the oven until investigators arrive), or taking a powerful magnet (perhaps from a home/car stereo) to degauss the drive (the platter should be removed first to maximize effectiveness)
## Cryptography
Cryptography is a monolith of a topic that is included with the anti-forensics threat model. If the cryptography cannot be broken, forensic investigations are stunted in their tracks. Cryptography can range from encryption of individual files or messages to Full Disk Encryption (FDE). As Simon Singh has said in The Code Book, "I must mention a problem that faces any author who tackles the subject of cryptography: the science of secrecy is largely a secret science."
History goes back and forth favoring both codemakers and codebreakers through different eras. While there are algorithms that exist (and yet to be created) that could be unbreakable for the necessary classification time (at least outside the statute of limitations) against codebreakers. Such encryption could involve the use of multiple algorithms such as Serpent((Twofish)(AES)) with the hash algorithm of Whirlpool, Streebog-512, or SHA512. Do be warned that there are threats imposed from the use of cascading algorithms or the use of multiple algorithms with the same key.
## Cryptography
Cryptography is a monolith of a topic that is included with the anti-forensics threat model. If the cryptography cannot be broken, forensic investigations are stunted in their tracks. Cryptography can range from encryption of individual files or messages to Full Disk Encryption (FDE). As Simon Singh has said in The Code Book, "I must mention a problem that faces any author who tackles the subject of cryptography: the science of secrecy is largely a secret science."
History goes back and forth favoring both codemakers and codebreakers through different eras. While there are algorithms that exist (and yet to be created) that could be unbreakable for the necessary classification time (at least outside the statute of limitations) against codebreakers. Such encryption could involve the use of multiple algorithms such as Serpent((Twofish)(AES)) with the hash algorithm of Whirlpool, Streebog-512, or SHA512. Do be warned that there are threats imposed from the use of cascading algorithms or the use of multiple algorithms with the same key.
All this being said, there is only one form of unbreakable encryption that will stand the test of time. This is a one-time pad (OTP) cipher. This encrypts the message based on completely randomized data. This cannot be digitally or mentally generated; this needs pure randomness to be bulletproof.
All this being said, there is only one form of unbreakable encryption that will stand the test of time. This is a one-time pad (OTP) cipher. This encrypts the message based on completely randomized data. This cannot be digitally or mentally generated; this needs pure randomness to be bulletproof.
"The security of the onetime pad cipher is wholly due to the randomness of the key. The key injects randomness into the ciphertext, and if the ciphertext is random then it has no patterns, no structure, nothing the cryptanalyst can latch onto. In fact, it can be mathematically proved that it is impossible for a cryptanalyst to crack a message encrypted with a onetime pad cipher. In other words, the onetime pad cipher is not merely believed to be unbreakable, just as the Vigenère cipher was in the nineteenth century, it really is absolutely secure. The onetime pad offers a guarantee of secrecy: the Holy Grail of cryptography." - Simon Sughes, The Code Book
"The security of the onetime pad cipher is wholly due to the randomness of the key. The key injects randomness into the ciphertext, and if the ciphertext is random then it has no patterns, no structure, nothing the cryptanalyst can latch onto. In fact, it can be mathematically proved that it is impossible for a cryptanalyst to crack a message encrypted with a onetime pad cipher. In other words, the onetime pad cipher is not merely believed to be unbreakable, just as the Vigenère cipher was in the nineteenth century, it really is absolutely secure. The onetime pad offers a guarantee of secrecy: the Holy Grail of cryptography." - Simon Sughes, The Code Book
- note:
An OTP using a CSPRNG (cryptographically secure pseudo-random number generator) still maintains the security of the CSPRNG used, although isn't really an OTP anymore. Instead, it acts as a stream cipher.
@ -204,8 +199,8 @@ This command would use GNU coreutils shred function to wipe over the designated
Serpent was the most secure of the 5 AES semifinalists. Rijndael (now known as AES) was the least secure. Rijndael displays a concerningly linear structure, which causes many cryptoanalysts discomfort. However, Rijndael has received the most review of all AES semifinalists and is therefore the best understood. This provides higher assurance that Rijndael is secure than for any other AES semifinalist.
ChaCha20 is considered equivalent in security to AES and peforms better on embedded devices. ChaCha20 is also more resistant to improper implementations.
### Randomness
This is the complement to cryptography, or rather a fundamental component. There are two forms of randomness that one would use to generate a One-Time Pad (OTP) message. This randomness can be derived from computational randomness (pseudo random) or pure (theoretical) randomness. Pure randomness is always the goal with the use of OTPs. Unfortunately, there are few ways of achieving this pure randomness. Computational randomness but not theoretical randomness has potential to be broken.
### Randomness
This is the complement to cryptography, or rather a fundamental component. There are two forms of randomness that one would use to generate a One-Time Pad (OTP) message. This randomness can be derived from computational randomness (pseudo random) or pure (theoretical) randomness. Pure randomness is always the goal with the use of OTPs. Unfortunately, there are few ways of achieving this pure randomness. Computational randomness but not theoretical randomness has potential to be broken.
- note:
Many (most) modern computers contain hardware true-random number generators (TRNG). To identify if your hardware has such hardware, run `cat /dev/random` on a Linux-based OS.
@ -213,64 +208,64 @@ This command would use GNU coreutils shred function to wipe over the designated
For systems with a TRNG, `cat /dev/random` will produce output continuously, appearing to behave the same as `cat /dev/urandom`.
(on some systems with TRNGs, `cat /dev/random` will actually produce output faster than `cat /dev/urandom`).
For systems with TRNGs, the /dev/random and /dev/urandom devices provide no security difference from each other. However, /dev/urandom performs additional processing on the random data which could help mitigate certain hardware (mis)trust issues, specifically the risk of a backdoored TRNG (while there's no evidence TRNGs have ever been backdoored, this is a concern for some).
For systems with TRNGs, the /dev/random and /dev/urandom devices provide no security difference from each other. However, /dev/urandom performs additional processing on the random data which could help mitigate certain hardware (mis)trust issues, specifically the risk of a backdoored TRNG (while there's no evidence TRNGs have ever been backdoored, this is a concern for some).
### Key Usage
Properly implemented cryptographic usage of keys provides a substantial barrier to overcome for the assigned analyst. Key usage renders bruteforce password cracking ineffective. The randomness or entropy contained in the key allows for much stronger encryption than could be created by a simple or complex password (especially since the keys are typically password protected in implementation).
### Key Usage
Properly implemented cryptographic usage of keys provides a substantial barrier to overcome for the assigned analyst. Key usage renders bruteforce password cracking ineffective. The randomness or entropy contained in the key allows for much stronger encryption than could be created by a simple or complex password (especially since the keys are typically password protected in implementation).
For the justified paranoid, keep a hardware-based key or a separate USB/MicroSD for the sole purpose of key storage. Create hundreds of keys varying in bit length. Take mental note of the key (or keys) that you decide to use. Only connect designated key storage device into the system when the volume decryption is necessary.
For the justified paranoid, keep a hardware-based key or a separate USB/MicroSD for the sole purpose of key storage. Create hundreds of keys varying in bit length. Take mental note of the key (or keys) that you decide to use. Only connect designated key storage device into the system when the volume decryption is necessary.
- note:
Look into: OnlyKey, NitroKey, and SoloKey
### Cryptographic Software
While we would love to maintain idealism and believe that we could write something that would retain relevance in perpetuity, we understand that this is not the nature of the technological system. To successfully orchestrate safe operations, I must address software-based cryptographic solutions. To date, Linux Unified Key Setup (LUKS) and Veracrypt are the two most notable options.
### Cryptographic Software
While we would love to maintain idealism and believe that we could write something that would retain relevance in perpetuity, we understand that this is not the nature of the technological system. To successfully orchestrate safe operations, I must address software-based cryptographic solutions. To date, Linux Unified Key Setup (LUKS) and Veracrypt are the two most notable options.
Note: Veracrypt can be set to leverage cascading ciphers. Its cascading encryption uses mutually-independent keys.
-note: Veracrypt can be set to leverage cascading ciphers. Its cascading encryption uses mutually-independent keys.
### PIM (Personal Iterations Multiplier)
PIM is treated as a secret value that controls the number of iterations used by the header key derivation function. So long as PIM is treated as a secret parameter, this increases the complexity that an attacker would have to guess.
### PIM (Personal Iterations Multiplier)
PIM is treated as a secret value that controls the number of iterations used by the header key derivation function. So long as PIM is treated as a secret parameter, this increases the complexity that an attacker would have to guess.
- note:
Larger-value PIMs also increase the time complexity of attacks, at the expense of time taken to perform password hashing. Most cryptologists would argue that a PIMs should not be treated as a secret parameter (or at least, such secrecy should not be relied on). The user's own password should be the source of security. Password hashing, in general, is a mitigation for users with less-than-secure passwords.
As a person who values security against the world's most powerful attackers, one should make a point to not rely on password hashing for security.
## Obscurity
### Justification
Security professionals will often preach that security through obscurity is an inadequate method of security and should never be a way of addressing your current threat model. The original basis is the distinction "security through obscurity" vs "security by design," often cited as "Kerkhoff's Principle," which concludes a secure cryptosystem should be secure even if everything about the system, except the key, is public knowledge. Kerckhoff's Principal is sometimes cited in terms of Shannon's Maxim: "One ought to design systems under the assumption that the enemy will immediately gain full familiarity with them," or more simply "The enemy knows the system." With the maxim in mind, "security though obscurity" is specifically a cryptographic principal which has been extended to include any system designed with security. It is not discouraged to use security through obscurity. However, it is discouraged to rely on security through obscurity instead of relying on security by design. Obscurity can be used as an additional layer, but security should be guaranteed by the design, with obscurity used only as a padding against unforeseen vulnerabilities.
## Obscurity
### Justification
Security professionals will often preach that security through obscurity is an inadequate method of security and should never be a way of addressing your current threat model. The original basis is the distinction "security through obscurity" vs "security by design," often cited as "Kerkhoff's Principle," which concludes a secure cryptosystem should be secure even if everything about the system, except the key, is public knowledge. Kerckhoff's Principal is sometimes cited in terms of Shannon's Maxim: "One ought to design systems under the assumption that the enemy will immediately gain full familiarity with them," or more simply "The enemy knows the system." With the maxim in mind, "security though obscurity" is specifically a cryptographic principal which has been extended to include any system designed with security. It is not discouraged to use security through obscurity. However, it is discouraged to rely on security through obscurity instead of relying on security by design. Obscurity can be used as an additional layer, but security should be guaranteed by the design, with obscurity used only as a padding against unforeseen vulnerabilities.
A threat model with the application of anti-forensics should not adhere strictly to one distinction of security vs design. Cryptographic software can perform means of obscurity. For instance, Veracrypt produces cryptographically secured volumes that contain differential hidden volumes for plausible deniability. These hidden volumes can hinder the effectiveness of an amateur (and perhaps well-versed) investigator. We are not claiming the process to be systematically flawless, however security has never been fault-less. If you have applied some of the cryptographic advice heeded in the book like full-disk encryption (FDE), and the adversary has managed to gain unbridled, decrypted access to your computer regardless, it becomes self-evident that obscurity is friend when the design has been bypassed or simply failed.
A threat model with the application of anti-forensics should not adhere strictly to one distinction of security vs design. Cryptographic software can perform means of obscurity. For instance, Veracrypt produces cryptographically secured volumes that contain differential hidden volumes for plausible deniability. These hidden volumes can hinder the effectiveness of an amateur (and perhaps well-versed) investigator. We are not claiming the process to be systematically flawless, however security has never been fault-less. If you have applied some of the cryptographic advice heeded in the book like full-disk encryption (FDE), and the adversary has managed to gain unbridled, decrypted access to your computer regardless, it becomes self-evident that obscurity is friend when the design has been bypassed or simply failed.
Perhaps mechanisms for clandestine messaging are set in place, standing up your own instances or using decentralized services can reduce your attack surface. It is difficult to attack infrastructure that did not provide any indication of its existence. You added more architecture into the mix for this chatter, however the attack surface from using centralized servers is removed. Even Snowden recommended using decentralized servers over TOR with strong cryptography.
Perhaps mechanisms for clandestine messaging are set in place, standing up your own instances or using decentralized services can reduce your attack surface. It is difficult to attack infrastructure that did not provide any indication of its existence. You added more architecture into the mix for this chatter, however the attack surface from using centralized servers is removed. Even Snowden recommended using decentralized servers over TOR with strong cryptography.
### Code Implementation
Code is a great complement to cryptographic ciphers. It has an incredibly easy implementation, and its application can be as simple or complex as desired. Using the principle of randomness, you and your affiliates could generate a word list to send out messages in a similar way that cryptocurrency wallets generate word phrase seeds. Anyone in the conversation would be given the word list and their correlated meanings (i.e. snow = money, owl = printer). Think of this method as speaking cryptically without a real cryptographic implementation. For conversations over-the-air, phrases and words can be reused; however, reuse of codes will give away more and more of the true message (under the assumption that your messages are decrypted by unauthorized parties). Once a certain amount of messages have been sent using the code for messages, it is advised to have each of your affiliates burn the page correlating the words and code. Frequency analysis is a cryptographic code-breaking technique for deciphering messages that could make short work of finding the hidden meanings. The technique is exactly how it sounds - praying upon reused messages to determine the meaning of words and phrases.
### Code Implementation
Code is a great complement to cryptographic ciphers. It has an incredibly easy implementation, and its application can be as simple or complex as desired. Using the principle of randomness, you and your affiliates could generate a word list to send out messages in a similar way that cryptocurrency wallets generate word phrase seeds. Anyone in the conversation would be given the word list and their correlated meanings (i.e. snow = money, owl = printer). Think of this method as speaking cryptically without a real cryptographic implementation. For conversations over-the-air, phrases and words can be reused; however, reuse of codes will give away more and more of the true message (under the assumption that your messages are decrypted by unauthorized parties). Once a certain amount of messages have been sent using the code for messages, it is advised to have each of your affiliates burn the page correlating the words and code. Frequency analysis is a cryptographic code-breaking technique for deciphering messages that could make short work of finding the hidden meanings. The technique is exactly how it sounds - praying upon reused messages to determine the meaning of words and phrases.
### Blending
"Do not speak truth to power; they will hammer you." While this is more a statement from the perspective of dissident political discourse, it stands true in an anti-forensic threat model. Operating under the radar in your operations can stand to provide valuable protection. To say the least, having federal agents breathing down your neck is an undesirable position. The concept of blending is applied with the use of previously discussed TOR and mixnet traffic routing. Simply put, "anonymity loves company," and standing out in the vulnerable world of computing is ill-advised.
### Blending
"Do not speak truth to power; they will hammer you." While this is more a statement from the perspective of dissident political discourse, it stands true in an anti-forensic threat model. Operating under the radar in your operations can stand to provide valuable protection. To say the least, having federal agents breathing down your neck is an undesirable position. The concept of blending is applied with the use of previously discussed TOR and mixnet traffic routing. Simply put, "anonymity loves company," and standing out in the vulnerable world of computing is ill-advised.
-weak maybe remove this portion
I've had a contact who surprised me to the degree in which he blended - less so digital, more so physical. He owned and operated many "side-hustles" that amassed a large amount of wealth. There was no intention of paying tithings or taxes to the state. His wealth remained in cryptocurrency wallets that had no tie back to him. Looking at the guy, you'd never know he owned several million dollars. He had a commercial driver's license (CDL), a worn-down truck, and a lower middle-class home. He would (typically) keep any mention of this lock-and-key. He had little to no risk of an audit while being able to work as little as he wanted and vacation as he saw fit. If he was to liquidate tens of thousands of dollars in cryptocurrency out of what appears to be thin air, buy a luxury vehicle, and a nice residency, he would be opening himself up to outside suspicion. The given anecdote is to show that blending in is not a difficult task. This is not to say you have to live minimalist or dedicate your appearance with a lower caste of society; this is one way of addressing his particular threat model.
I've had a contact who surprised me to the degree in which he blended - less so digital, more so physical. He owned and operated many "side-hustles" that amassed a large amount of wealth. There was no intention of paying tithings or taxes to the state. His wealth remained in cryptocurrency wallets that had no tie back to him. Looking at the guy, you'd never know he owned several million dollars. He had a commercial driver's license (CDL), a worn-down truck, and a lower middle-class home. He would (typically) keep any mention of this lock-and-key. He had little to no risk of an audit while being able to work as little as he wanted and vacation as he saw fit. If he was to liquidate tens of thousands of dollars in cryptocurrency out of what appears to be thin air, buy a luxury vehicle, and a nice residency, he would be opening himself up to outside suspicion. The given anecdote is to show that blending in is not a difficult task. This is not to say you have to live minimalist or dedicate your appearance with a lower caste of society; this is one way of addressing his particular threat model.
Standard security mechanisms are inadequate for the purpose of anti-forensics. Nation-States and Advanced Persistent Threat (APT) groups do not play by the rules. All bets are on that no matter how hardened your system kernel is or how safe your OPSEC precautions may be, there is always a point of compromise. An unpatched vulnerability is waiting to be exploited against your system. If your device is emitting traffic, all bets are on that with enough resources, these groups will be able to decrypt the traffic. Maybe it won't be today, but it certainly will be in the not-so-distant future. If you are a target, chances are that you are already compromised. Use the masses as cover; open deviation is ill-advised.
Standard security mechanisms are inadequate for the purpose of anti-forensics. Nation-States and Advanced Persistent Threat (APT) groups do not play by the rules. All bets are on that no matter how hardened your system kernel is or how safe your OPSEC precautions may be, there is always a point of compromise. An unpatched vulnerability is waiting to be exploited against your system. If your device is emitting traffic, all bets are on that with enough resources, these groups will be able to decrypt the traffic. Maybe it won't be today, but it certainly will be in the not-so-distant future. If you are a target, chances are that you are already compromised. Use the masses as cover; open deviation is ill-advised.
- note:
Go into more detail about using the masses as cover. Also, distro hopping can be a useful method of keeping powerful attackers enough steps behind that they won't be able to compromise your system.
A solid security strategy will likely be sufficient to keep government attackers away.
- note:
Go into more detail about using the masses as cover. Also, distro hopping can be a useful method of keeping powerful attackers enough steps behind that they won't be able to compromise your system.
A solid security strategy will likely be sufficient to keep government attackers away.
## Minimimal Attack Surface
## Minimimal Attack Surface
While living in the "end of trust," we must follow standard system hardening practices. These practices emphasize the reduction of software and hardware needed throughout the operation. There is no purpose of strong keys in cryptography if the underlying system operations have compromised you via keylogging and other variants of malware. You can create an intricate system of firewalls, intrusion prevention/detection systems (IPS/IDS), event log management to detect compromises, proxies, virtual private networks, TOR, I2P, but your must recognize the underlying fingerprint of these systems. Minimal architecture should not be limited to solely software and hardware, but also the signals being used; treat all signals as hostile. On mobile devices, consider the different Cellular protocols such as 3-5G variants and LTE. In times of unrest, the state has the power to disable and manipulate the protocols available for use. Most modern devices allow you to select settings such as LTE only or whitelist specific towers. You may go offline in times of unrest, but at least they aren't leveraging legacy protocols, potentially engaging in packet injection, and redirecting your device like a good puppet following dictates of its puppeteer.
While living in the "end of trust," we must follow standard system hardening practices. These practices emphasize the reduction of software and hardware needed throughout the operation. There is no purpose of strong keys in cryptography if the underlying system operations have compromised you via keylogging and other variants of malware. You can create an intricate system of firewalls, intrusion prevention/detection systems (IPS/IDS), event log management to detect compromises, proxies, virtual private networks, TOR, I2P, but your must recognize the underlying fingerprint of these systems. Minimal architecture should not be limited to solely software and hardware, but also the signals being used; treat all signals as hostile. On mobile devices, consider the different Cellular protocols such as 3-5G variants and LTE. In times of unrest, the state has the power to disable and manipulate the protocols available for use. Most modern devices allow you to select settings such as LTE only or whitelist specific towers. You may go offline in times of unrest, but at least they aren't leveraging legacy protocols, potentially engaging in packet injection, and redirecting your device like a good puppet following dictates of its puppeteer.
< insert settings here>
Every introduced system creates a larger fingerprint and attack vector, ultimately leading to more trust in more systems and services. The most anonymizing and secure operations require minimal architecture and physical security.
## Automated Shutdown Procedures
Depending on your threat model, not all operations can be conducted from a coffee shop. There are an increasing amount of cameras, and facial recognition technology is already being deployed, along with license plate scanners at every street light. If operations are sensitive and must be conducted from the same location consistently, preparation should always lean towards the worst-case scenario.
While some of these proposed methods may be unconventional, these are unconventional times. Mechanisms can be put in place to ensure that your systems are sent shutdown signals that will lock them behind disk encryption. Shutdown signals are the most common, however we are not limited to the commands we issue. The use of radio transmitters to issue shutdowns have some level of intricacy that surpasses skills of the novice user.
#### Still provide remote ideas
A physical wired dead man's switch reduces attack surface and intricacy. After the dead man's switch aka killswitch is configured, we can move on to the commands to issue. If we wanted to securely wipe the random access memory before shutting down, we could issue the "sdmem -v" command to verbosely clean the RAM as the killswitch is activated. The killswitch can be activated from a system event. Any form of shell command that is compatible with the particular GNU/Linux system can be ran based on a specified system behavior. See resources at the end of this section [#](https://tech.michaelaltfield.net/2020/01/02/buskill-laptop-kill-cord-dead-man-switch/) and [#](https://github.com/hephaest0s/usbkill/blob/master/usbkill/usbkill.py) for USB dead man's switch.
## Automated Shutdown Procedures
Depending on your threat model, not all operations can be conducted from a coffee shop. There are an increasing amount of cameras, and facial recognition technology is already being deployed, along with license plate scanners at every street light. If operations are sensitive and must be conducted from the same location consistently, preparation should always lean towards the worst-case scenario.
While some of these proposed methods may be unconventional, these are unconventional times. Mechanisms can be put in place to ensure that your systems are sent shutdown signals that will lock them behind disk encryption. Shutdown signals are the most common, however we are not limited to the commands we issue. The use of radio transmitters to issue shutdowns have some level of intricacy that surpasses skills of the novice user.
#### Still provide remote ideas
A physical wired dead man's switch reduces attack surface and intricacy. After the dead man's switch aka killswitch is configured, we can move on to the commands to issue. If we wanted to securely wipe the random access memory before shutting down, we could issue the "sdmem -v" command to verbosely clean the RAM as the killswitch is activated. The killswitch can be activated from a system event. Any form of shell command that is compatible with the particular GNU/Linux system can be ran based on a specified system behavior. See resources at the end of this section [#](https://tech.michaelaltfield.net/2020/01/02/buskill-laptop-kill-cord-dead-man-switch/) and [#](https://github.com/hephaest0s/usbkill/blob/master/usbkill/usbkill.py) for USB dead man's switch.
[#] - USBKill/BusKill - https://tech.michaelaltfield.net/2020/01/02/buskill-laptop-kill-cord-dead-man-switch/
[#] - https://github.com/hephaest0s/usbkill/blob/master/usbkill/usbkill.py
@ -279,9 +274,9 @@ Every introduced system creates a larger fingerprint and attack vector, ultimate
Also look into Silk Guardian (listed in UsbKill's readme on GitHub).
Add info about NFC Kill - https://usbkill.com/products/nfckill
There are USB devices known as "Mouse Jigglers" that are used by forensic teams after device seizure. These jigglers are serial devices plugged in to interface with the system to keep the screenlock from being invoked.
There are easy preventative software-based solutions such as USBGuard that can prevent these devices for operating, however this will likely be picked up on and human mouse jigglers can take their place.
Ideally a process can be utilized to detect such a device and invoke a shutdown process. A mitigation for the human mouse jigglers could be implementing forced authentication every half hour to an hour. If the credentials have not been entered, the user session could be terminated, memory could be cleared, or the shutdown command could even be invoked.
There are USB devices known as "Mouse Jigglers" that are used by forensic teams after device seizure. These jigglers are serial devices plugged in to interface with the system to keep the screenlock from being invoked.
There are easy preventative software-based solutions such as USBGuard that can prevent these devices for operating, however this will likely be picked up on and human mouse jigglers can take their place.
Ideally a process can be utilized to detect such a device and invoke a shutdown process. A mitigation for the human mouse jigglers could be implementing forced authentication every half hour to an hour. If the credentials have not been entered, the user session could be terminated, memory could be cleared, or the shutdown command could even be invoked.
## Play on Resources
Earlier, it was said that these groups have unlimited resources; this is not entirely true. The one resource which they lack is time. While they have infinite funds to allocate towards password and key cracking methods, so long as quantum physics strays behind computing, time is their main constraint. Taking methods from obscurity, the use of non-default encryption algorithms and hashing mechanisms for keys substantially increases the amount of time the analyst must expend on cracking. If the analyst cannot identify the hash function or cipher, they must try all possible options. Even if the correct password is obtained, this becomes useless without the proper cipher. For instance, Veracrypt uses over fifteen combinations of individual encryption algorithms and cascaded/stacked ciphers. Complement this with the five supported hash functions, and we are looking at 75 possible combinations of symmetric ciphers and one-way hash functions. As stated by ElcomSoft, "Trying all possible combinations is about 175 times slower compared to attacking a single combination of AES+SHA-512." [#](https://blog.elcomsoft.com/2020/03/breaking-veracrypt-containers/)
@ -291,17 +286,15 @@ Every introduced system creates a larger fingerprint and attack vector, ultimate
- note:
VeraCrypt does not keep encryption/hashing algorithms secret. Keeping such information secret would break the functionality of VeraCrypt (unless the user were to enter such information on every boot, comparably to how PIMs work). An attacker will never need to attempt multiple combinations. They will simply need to attempt cracking a single, different, algorithm.
Leveraging Veracrypt
i. Generate keyfiles: `veracrypt --create-keyfile`
ii. Create a Normal volume: `veracrypt -t -c /home/user/crypt/vault --volume-type=Normal --encryption=Serpent-Twofish-AES --hash=Whirlpool --filesystem=FAT --pim=<INSERT VALUE> -k </PATH/TO/KEYFILE> --random-source=</PATH/TO/RANDOMSOURCE>`
iii. Create a Hidden volume: veracrypt -t -c /home/user/crypt/vault --volume-type=Hidden --encryption=Serpent-Twofish-AES --hash=Whirlpool --filesystem=FAT --pim=<INSERT VALUE> -k </PATH/TO/KEYFILE> --random-source=</PATH/TO/RANDOMSOURCE>
Leveraging Veracrypt
i. Generate keyfiles: `veracrypt --create-keyfile`
ii. Create a Normal volume: `veracrypt -t -c /home/user/crypt/vault --volume-type=Normal --encryption=Serpent-Twofish-AES --hash=Whirlpool --filesystem=FAT --pim=<INSERT VALUE> -k </PATH/TO/KEYFILE> --random-source=</PATH/TO/RANDOMSOURCE>`
iii. Create a Hidden volume: `veracrypt -t -c /home/user/crypt/vault --volume-type=Hidden --encryption=Serpent-Twofish-AES --hash=Whirlpool --filesystem=FAT --pim=<INSERT VALUE> -k </PATH/TO/KEYFILE> --random-source=</PATH/TO/RANDOMSOURCE>`
Distractions are also effective methods of increasing the resources allocated to an investigation. All of the previously listed methods for increasing time of the investigation so far have dealt with decrypting a single Veracrypt or LUKS volume. What happens if multiple decoy volumes are set up? The investigation increases in cost and time consumption.
Unless you are an undeniably high-value target, it is unlikely to have entire infrastructures simultaneously aimed at cracking your volumes.
##### https://blog.elcomsoft.com/2020/03/breaking-veracrypt-containers/
## Radio Transmitter Removal
Every radio transmitter, the hardware component that emits a radio frequency, adds a substantial attack vector. Near-field communication (NFC), Bluetooth, Wi-Fi, Cellular, and GPS are all examples of wireless communications.
When feasible, radio transmitters should be physically removed from devices. From a software perspective, the use of certain transmitters can be limited; however, without purging the hardware, there is no absolute assurance. Chipsets could still emit frequencies, and there is a potential for leakage.
@ -387,29 +380,29 @@ There are a few concepts to touch on this topic.
3. Order with an alias - There are plenty of defined methods of "dead drops" that exist. Consider ordering to a hotel with an alias, paying with a prepaid card that was paid for with cash.
There is no perfect solution here, and procurement can quickly become intricate. This landscape undergoes constant change, therefore I have refrained for diving into minute detail. The traditional cash route, preload cards, and cryptocurrencies with strong cryptography and privacy features stand to be the best options to date.
### Cryptocurrency
Similar to how cryptography is a monolith of a concept to tackle, cryptography with blockchain-based payment methods also becomes intricate. Many associate cryptocurrency as untraceable forms of money, when in reality most cryptocurrencies that exist today are more susceptible to correlation than cash. Most altcoin derivatives (along with Bitcoin) have public ledgers (viewable to any party). This seemed like the easiest method to maintain integrity of the chain. There are a few cryptocurrencies that fall in line with privacy: Monero (XMR), Zcash (ZEC), and Pirate Chain (ARRR).
### Cryptocurrency
Similar to how cryptography is a monolith of a concept to tackle, cryptography with blockchain-based payment methods also becomes intricate. Many associate cryptocurrency as untraceable forms of money, when in reality most cryptocurrencies that exist today are more susceptible to correlation than cash. Most altcoin derivatives (along with Bitcoin) have public ledgers (viewable to any party). This seemed like the easiest method to maintain integrity of the chain. There are a few cryptocurrencies that fall in line with privacy: Monero (XMR), Zcash (ZEC), and Pirate Chain (ARRR).
Zcash (ZEC) was ground-breaking in the implementation of a protocol known as Succint Non-Interactive Zero-Knowledge Proofs (zk-SNARKs). The protocol enabled the use of what they refer to as shielded "sapling" addresses. This facilitates anonymous payment from one party to the other. The pitfall to Zcash is that it also allows the use of transparent addresses. The vast majority of Zcash is held in a completely transparent blockchain. When amounts are exchanged via the shielded private addresses, the scope is narrowed on those making the transactions. Money going in and out of the private sapling addresses becomes trivial to correlate.
Zcash (ZEC) was ground-breaking in the implementation of a protocol known as Succint Non-Interactive Zero-Knowledge Proofs (zk-SNARKs). The protocol enabled the use of what they refer to as shielded "sapling" addresses. This facilitates anonymous payment from one party to the other. The pitfall to Zcash is that it also allows the use of transparent addresses. The vast majority of Zcash is held in a completely transparent blockchain. When amounts are exchanged via the shielded private addresses, the scope is narrowed on those making the transactions. Money going in and out of the private sapling addresses becomes trivial to correlate.
Monero is often hailed as the privacy king of cryptocurrency. While it has commendable features with its RingCT protocol, the overarching theme is obscurity rather than traceless transactions.
Monero is often hailed as the privacy king of cryptocurrency. While it has commendable features with its RingCT protocol, the overarching theme is obscurity rather than traceless transactions.
"The fundamental problem of coin mixing methods though is that transaction data is not being hidden through encryption. RingCT is a system of disassociation where information is still visible in the blockchain. Mind that a vulnerability might be discovered at some point in the future which allows traceability since Moneros blockchain provides a record of every transaction that has taken place."
This operates similar to a mixnet where it is difficult to discern the originating address from a transaction. One of Monero's developers publicly admits that "zk-SNARKs provides much stronger untraceability characteristics than Monero (but a much smaller privacyset and much higher systemic risks)." Intelligence agencies have placed their eyes on Monero for some time. The United States has even brought in a private firm called CipherTrace who claims to have built tools capable of tracing transactions. [#](https://ciphertrace.com/ciphertrace-announces-worlds-first-monero-tracing-capabilities/) At the time of writing, these are unsubstantiated claims; there is no evidence to suggest that Monero has been deobfuscated.
Pirate Chain's ARRR addresses the fungibility problem of Zcash by removing the transparent address schema (t-tx) and forcing all transactions to use Sapling shielded transactions (z-tx). "By consistently utilizing zk-SNARKs technology, Pirate leaves no usable metadata of users transactions on its blockchain." This means that even if the blockchain was compromised down the line, the adversary would obtain little to no useful metadata. The transactions contain no visible amount to no visible address from no visible address. The underlying cryptography would have to be broken or the viewing/spending keys would have to be intercepted in order to peer into the transactions. For an adversary without key possession, the trace is baseless. "A little bit of math can accomplish what all the guns and barbed wire cant: a little bit of math can keep a secret." - Edward Snowden
Pirate Chain's ARRR addresses the fungibility problem of Zcash by removing the transparent address schema (t-tx) and forcing all transactions to use Sapling shielded transactions (z-tx). "By consistently utilizing zk-SNARKs technology, Pirate leaves no usable metadata of users transactions on its blockchain." This means that even if the blockchain was compromised down the line, the adversary would obtain little to no useful metadata. The transactions contain no visible amount to no visible address from no visible address. The underlying cryptography would have to be broken or the viewing/spending keys would have to be intercepted in order to peer into the transactions. For an adversary without key possession, the trace is baseless. "A little bit of math can accomplish what all the guns and barbed wire cant: a little bit of math can keep a secret." - Edward Snowden
While I could write mounds of literature diving into the depths of cryptocurrency, I have brought forth only what is useful to the aims of anti-forensics. There is no real purpose in regurgitating quotations from various whitepapers and protocol designs. Any further research into the matter is up to you. If this has peaked your interest, consider diving into the various communities, protocol specifications, and whitepapers.
While I could write mounds of literature diving into the depths of cryptocurrency, I have brought forth only what is useful to the aims of anti-forensics. There is no real purpose in regurgitating quotations from various whitepapers and protocol designs. Any further research into the matter is up to you. If this has peaked your interest, consider diving into the various communities, protocol specifications, and whitepapers.
Further information pertaining to zk-SNARKs: https://z[.]cash/technology/zksnarks
Monero (XMR) Whitepaper: https://www.getmonero[.]org/resources/research-lab/pubs/whitepaper_annotated.pdf
Pirate Chain Whitepaper: https://pirate[.]black/files/whitepaper/The_Pirate_Code_V2.0.pdf
Further information pertaining to zk-SNARKs: https://z[.]cash/technology/zksnarks
Monero (XMR) Whitepaper: https://www.getmonero[.]org/resources/research-lab/pubs/whitepaper_annotated.pdf
Pirate Chain Whitepaper: https://pirate[.]black/files/whitepaper/The_Pirate_Code_V2.0.pdf
## Defensive Mechanisms
System security or hardening is vital for successful operations. Lack of hardening could result in your machines being cut through like hot butter. Center for Internet Security (CIS) [#](https://www.cisecurity.org) - and Defense Information Systems Agency (DISA) with Standard Technical Implementation Guides [#](https://public.cyber.mil/stigs) both have decent system hardening standards that are to be applied to all DoD contractor, government, and affiliated nodes. For Linux and Unix systems, Kernel Self-Protection Project (KSPP) [#](https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings) is a great resource for kernel configuration settings. More information about these configurations and concepts can be found at https://www.kernel.org/doc/html/latest/security/self-protection.html.
Hardening procedures fall in line with the concept of minimizing architecture and running processes on a system. This makes each system easier to audit with less noise/clutter, and reduces the attack surface for exploitation. Hardening should encompass patches, scans with most recent virus definitions, restrictive permissions, kernel hardening, purging unnecessary software, and disabling physical ports, unnecessary users, filesystems, firmware modules, compilers, and network protocols.
System hardening is far from a quick and easy process, unless you have preconfigured images for systems. For small operations lacking technical prowess, preconfigured operating systems such as TAILS or Whonix mentioned in the Operating System section assure the greatest security and the least hassle.
If the goal is to run a more persistent lightweight OS with minimal functionality, I suggest running a variant of Arch Linux that does not use SystemD (Consider runit, OpenRC, or s6). If wide community support is needed, Arch with a hardened configuration will be your best bet. For the tech-savvy, hardened variants of Gentoo are ideal.
## Defensive Mechanisms
System security or hardening is vital for successful operations. Lack of hardening could result in your machines being cut through like hot butter. Center for Internet Security (CIS) [#](https://www.cisecurity.org) - and Defense Information Systems Agency (DISA) with Standard Technical Implementation Guides [#](https://public.cyber.mil/stigs) both have decent system hardening standards that are to be applied to all DoD contractor, government, and affiliated nodes. For Linux and Unix systems, Kernel Self-Protection Project (KSPP) [#](https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings) is a great resource for kernel configuration settings. More information about these configurations and concepts can be found at https://www.kernel.org/doc/html/latest/security/self-protection.html.
Hardening procedures fall in line with the concept of minimizing architecture and running processes on a system. This makes each system easier to audit with less noise/clutter, and reduces the attack surface for exploitation. Hardening should encompass patches, scans with most recent virus definitions, restrictive permissions, kernel hardening, purging unnecessary software, and disabling physical ports, unnecessary users, filesystems, firmware modules, compilers, and network protocols.
System hardening is far from a quick and easy process, unless you have preconfigured images for systems. For small operations lacking technical prowess, preconfigured operating systems such as TAILS or Whonix mentioned in the Operating System section assure the greatest security and the least hassle.
If the goal is to run a more persistent lightweight OS with minimal functionality, I suggest running a variant of Arch Linux that does not use SystemD (Consider runit, OpenRC, or s6). If wide community support is needed, Arch with a hardened configuration will be your best bet. For the tech-savvy, hardened variants of Gentoo are ideal.
- note:
The listed hardening is incomplete and will not fit all operations and GNU/Linux systems. This is not meant to be a book on methods for defensive cybersecurity.
@ -437,9 +430,6 @@ This wouldn't be a complete work on anti-forensics without some mention of physi
With nuances added from the modern surveillance state, traffic cameras force your hand by revealing every intersection which you have passed through. There are a few methods to circumventing this privacy infringement. Darkened weather covers for your license plate (Warning: This method could result in a fine with the wrong officer) or a well-rigged bicycle rack could prevent cameras from picking up your plate number. Alternatively, if a destination is within a few miles of proximity you could either ride a bicycle (with a disguise), or decide to become a motorcyclist. With motocycles, the plate numbers are significantly smaller and could even be blocked by your feet on certain bikes. The helmet would stand to mask facial features, and the jacket would cover any identifiable features such as tattoos. <<add in note about palantir collecting tattoo/vehicle information from state cameras>>
It should go without saying that any tech devices that you purchase will have some identifier that could lead back to you. Make this a moot point and procure every device (even USBs) anonymously with cash. If you're out on a distant roadtrip, make some of your purchases. Wear a hat accompanied with some baggy clothes. Perform a slight change in your gait as you walk (uncomfortable shoes could help with this). Alternatively, pay that bum off the street to do your bidding.
##### ADD CANARY TOKEN SECTION
##### ADD DETECTION SECTION
@ -457,34 +447,34 @@ If the virtualized Android is too close to home being on your host, there is no
Anonymity and activism are difficult to go hand-in-hand, albeit they need to. Playing on a platform of the adversary means conforming to their rules, and circumvention can be costly. Decentralization can mitigate issues with SIM correlation, hostile communication, and the need for an emulated Android system. However, adoption rates and exposure will significantly decrease.
2. Journalist
For all intents, the use-case of journalism varies widely, therefore I will isolate this to a more "paranoid" threat model. Let's make a few key assumptions:
1. You are investigating a nation-state.
2. Freedom of speech / lawful protection does not apply.
3. Being caught could land you anywhere from imprisonment to death.
It's evident that poking powerful players could result in irreversable consequences. Therefore many of the concepts described in this book should be applied with the emphasis on encryption, signal restriction, and minimal infrastructure.
For all intents, the use-case of journalism varies widely, therefore I will isolate this to a more "paranoid" threat model. Let's make a few key assumptions:
1. You are investigating a nation-state.
2. Freedom of speech / lawful protection does not apply.
3. Being caught could land you anywhere from imprisonment to death.
It's evident that poking powerful players could result in irreversable consequences. Therefore many of the concepts described in this book should be applied with the emphasis on encryption, signal restriction, and minimal infrastructure.
The OS selection should be oriented towards amnesia. TAILS could be leveraged with a USB, and the drive in the system could simply be a dummy (filled with insignificant data, vacation pictures, etc). The physical wireless chipset should be removed and replaced with a wireless dongle and attached only when needed. While I prefer hardware mitigations over software mitigations, you may not wish to fry the USB ports or desolder the SATA ports. The BIOS should be password-protected, and the USB ports at the very least can be disabled from the menu. If you will be operating from public locations, consider running a blank keyboard with a privacy screen covering the LED.
The OS selection should be oriented towards amnesia. TAILS could be leveraged with a USB, and the drive in the system could simply be a dummy (filled with insignificant data, vacation pictures, etc). The physical wireless chipset should be removed and replaced with a wireless dongle and attached only when needed. While I prefer hardware mitigations over software mitigations, you may not wish to fry the USB ports or desolder the SATA ports. The BIOS should be password-protected, and the USB ports at the very least can be disabled from the menu. If you will be operating from public locations, consider running a blank keyboard with a privacy screen covering the LED.
If a live USB with minimal processing power is not your niche, consider running a hardened base Linux, preferably using a Windows Manager (WM) over a full Desktop Environment (DE), to act as a hyper-visor that runs amnesiac virtual machines such as Whonix. If the option is taken to avoid live boot, the hardware selection becomes more important. First off, it would be in your best interest to use at least 16 GB of RAM. Secondly, consider using one SSD and one HDD. The HDD will be used to hold files, while the SSD is used for facilitating performance for the host OS. As previously stated, HDDs can be wiped by degaussing or overwriting physical sectors while this should be assumed an impossibility for an SSD. Each VM on the host should have a primary function; separate cases and even processes should have separate VMs. For the more technical, sandboxing applications can be used to add nested layers of security. Consider using a sandboxed profile for your virtualization software, whether it be KVM or VirtualBox. Inside the VM, use sandboxing to isolate your processes.
If a live USB with minimal processing power is not your niche, consider running a hardened base Linux, preferably using a Windows Manager (WM) over a full Desktop Environment (DE), to act as a hyper-visor that runs amnesiac virtual machines such as Whonix. If the option is taken to avoid live boot, the hardware selection becomes more important. First off, it would be in your best interest to use at least 16 GB of RAM. Secondly, consider using one SSD and one HDD. The HDD will be used to hold files, while the SSD is used for facilitating performance for the host OS. As previously stated, HDDs can be wiped by degaussing or overwriting physical sectors while this should be assumed an impossibility for an SSD. Each VM on the host should have a primary function; separate cases and even processes should have separate VMs. For the more technical, sandboxing applications can be used to add nested layers of security. Consider using a sandboxed profile for your virtualization software, whether it be KVM or VirtualBox. Inside the VM, use sandboxing to isolate your processes.
If a mobile device is deemed a necessity, leverage GrapheneOS on a Google Pixel. Encrypt all communications through trusted services or peer-to-peer (P2P) applications like Briar. Route all device traffic through TOR with the use of Orbot. Keep the cameras blacked out with electrical or gorilla tape. The concept of treating all signals as hostile should be emphasized here as the hardware wireless chipset cannot be desoldered. Sensors and microphones can successfully be disabled, but the trend with smaller devices is that they run as a System on a Chip (SoC). In short, multiple functions necessary for the system to work are tied together in a single chip. Even if you managed not to fry the device from the desoldering process, you would have gutted the core mechanisms of the system, resulting in the newfound possession of a paperweight.
If a mobile device is deemed a necessity, leverage GrapheneOS on a Google Pixel. Encrypt all communications through trusted services or peer-to-peer (P2P) applications like Briar. Route all device traffic through TOR with the use of Orbot. Keep the cameras blacked out with electrical or gorilla tape. The concept of treating all signals as hostile should be emphasized here as the hardware wireless chipset cannot be desoldered. Sensors and microphones can successfully be disabled, but the trend with smaller devices is that they run as a System on a Chip (SoC). In short, multiple functions necessary for the system to work are tied together in a single chip. Even if you managed not to fry the device from the desoldering process, you would have gutted the core mechanisms of the system, resulting in the newfound possession of a paperweight.
3. Market Vendor
Let's assume the vendor is selling some sort of vice found on the DEA's list of schedule 1 narcotics.
Fortunately in this use-case, unlike that of the anonymous activist, OPSEC is welcomed with open arms. In fact, vendors are even rated with their stealth (both from shipping and processing) as one of the highest criteria in consideration, along with the markets being TOR friendly, leveraging PGP, and ensuring full functionality without Javascript.
3. Market Vendor
Let's assume the vendor is selling some sort of vice found on the DEA's list of schedule 1 narcotics.
Fortunately in this use-case, unlike that of the anonymous activist, OPSEC is welcomed with open arms. In fact, vendors are even rated with their stealth (both from shipping and processing) as one of the highest criteria in consideration, along with the markets being TOR friendly, leveraging PGP, and ensuring full functionality without Javascript.
VMs for isolated processes or hardened linux hypervisor with amnesiac OS
VMs for isolated processes or hardened linux hypervisor with amnesiac OS
# Conclusion
## Conclusion
As stated earlier, relevancy in the tech industry is difficult to maintain in perpetuity. The proposed concepts applied with adequate discipline and mapping stand to render investigations ineffective at peering into operations. Most mistakes take place in the beginning and come back later to haunt an operation. The success stories are never highlighted. For instance, there are plenty of vendors across marketplaces that have gone under the radar for years. OPSEC properly excercised would not leave a trail for the intelligence community; thus obscure and cryptographic implementations like steganography or FDE would not have to be relied on. I hope to learn that some of this material aids dissidents and journalists to combat regimes rooted in authoritarianism, coupled with privacy-minded individuals who have the desire to be left alone. Freedom and privacy have never been permitted by the state, nor are they achieved through legislature, protests, petitions; they are reclaimed by blatant non-compliance, loopholes, and violence. Every man possesses the right of revolution, and every revolution is rooted in treason, non-conformity, and ultimately to escape from subservience.
For the dissidents:
"In a nation of frightened dullards, there is a shortage of outlaws, and those few who make the grade are always welcome." - Hunter S. Thompson
*"In a nation of frightened dullards, there is a shortage of outlaws, and those few who make the grade are always welcome."* - Hunter S. Thompson
For the hollow men (federal agents or contractors) who stumbled upon my work by investigation or happenstance:
"If ye love wealth better than liberty, the tranquility of servitude better than the animating contest of freedom, go home from us in peace. We ask not your counsels or arms. Crouch down and lick the hands which feed you. May your chains set lightly upon you, and may posterity forget that ye were our countrymen." - Samuel Adams
*"If ye love wealth better than liberty, the tranquility of servitude better than the animating contest of freedom, go home from us in peace. We ask not your counsels or arms. Crouch down and lick the hands which feed you. May your chains set lightly upon you, and may posterity forget that ye were our countrymen."* - Samuel Adams