(stop using dual linking) - Re-order hardlinks to make it easy to
manage</p>
<p>v1.1.6-pre1 - Update on Tor Browser route due to major changes - Tor
Project has condensed their settings and it is no longer necessary to
manually configure bridges. - Fix out of date options/settings for Tor
on Android - Small grammar/spelling fixes - Removal and fix of some bad
links - Removal of AnonArchive (down) - “How to spot if someone has been
searching your stuff” fixed - PDF and ODT builds disabled temporarily -
Update to social links for SEO plugin - Link to Qubes tutorial for
installing Windows VMs - Added link to Arkenfox/user.js - Remove
unnecessary addons</p>
<p>v1.1.5 - Various spelling and grammar fixes - Fixed several numbering
errors in references - Updated and fixed many broken URLs and saved them
in the Wayback Machine - Noted that https://mastodon.social/<spanclass="citation"data-cites="anonypla">@anonypla</span> is gone? added
strike-through - Adapted Qubes OS hardware requirements that were too
low for a decent experience (RAM) according to their recommendation -
Put more incentive to use Tor Browser Safest mode as long as it does not
break anything and switch to Safer if necessary and with precautions
linked in an appendix - Precision that Anti-Evil Maid on Qubes OS is
only available on Intel CPUs - Removed dead link of Centry Fork project
- Added Windows 11 support to the guide - Partial additions of partial
Qubes 4.1.X support but needs completion and testing (coming soon) -
Added link to official guide to upgrade from Qubes 4.0.X to 4.1.X (fresh
or in-place) - Fixed issue in Qubes OS Tor over VPN and VPN over Tor
Networking cases that were just plain wrong - Added guidance to run
Windows 11 within Virtualbox + link to official guide from Oracle -
Added recommendation to install/use Safing PortMaster and added a link
for some compatibility issues between Portmaster and some VPNs - Removed
Windows AME completely from the guide - Replaced the “I would” by a “We
would” since it is now a group effort and project - Added a safest
recommendation for more paranoid people in security level choices in
Tor</p>
<p>v1.1.4-pre2 - Fixed some spelling/grammar - Update to contributing
guidelines - Update of modern-crypto room rules - Addition of
chatroom-rules for the PSA community - Update of verification guide
(removed outdated content, fixed links, updates) - Removal of CTemplar
references since it was shutdown - Fixed links to Proton services,
references, onion URL, and archives - Removal of BTC Wasabi
recommedation in favor of Coinjoin alternative and wallet
recommendations - Re-phrasing of some confusing sentences - LibRedirect
extension is recommended again - Fixed many links formatting - Removal
of removed content (dark pdf) - Fixed links to ODT file - Added
recommendation to <ahref="https://z0ccc.github.io/extension-fingerprints/#"class="uri">https://z0ccc.github.io/extension-fingerprints/#</a> and <ahref="https://www.deviceinfo.me/"class="uri">https://www.deviceinfo.me/</a> - Removed links to
non-existant mirrors - Updated some outdated references(old project)</p>
<p>v1.1.4-pre1 - Addition of a legacy resources page for the old
archives - Changes in the about page to reflect the current situation -
Changes in the donation page to reflect the current situation - Fix link
to video “How to Hack a Turned-Off Computer, [..]” - Misspelling and
linking fixes - Privacyguides changed their URL scheme - Almost all
archive.org links fixed - Annotated some links to make them more
descriptive - Got rid of dupes and empty refs - Renew links for
researchgate articles that were removed - Removed mobile wikipedia links
- Fix a couple patent links & Rubber-hose cryptanalysis wiki -
Update PDF archivals so they are direct links but not downloaded - Some
scientific articles were removed or replaced - IEEExplore,
Spread-spectrum watermarking of audio signals - ScienceDirect, Robust
audio watermarking using perceptual masking - SSRN, The Cryptocurrency
Tumblers: Risks, Legality and Oversight - Property of the People, Lawful
Access to Secure Messaging Apps Data - Arxiv url fixes -
s/grayshirt/grayshift/gi - Trailing parentheses and commas removed -
Fixed all broken links - Removed uMatrix from the guide (use uBlock
Origin) - Removal of https://xchange.me/ (abandoned) - Removal of
https://swap.lightning-network.ro/ (abandoned) - Removal of
https://privacyguides.org/providers/hosting/ (category removed from
website) - Added a warning about the privacy redirect extension stating
it might be abandoned/unmaintained - Added Anonymouth for linguistic
antiforensics & related links</p>
<p>v1.1.3 - Added dedicated section about gait recognition and other
long-range biometric techniques - Updated PDF toolchain to allow
embedding images in the PDF guide</p>
<p>v1.1.3-pre1 - Updating info to reflect the new identity being used to
publich the guide - Attempted to reconstruct toolchain to generate PDF
and ODT guides</p>
<p>v1.1.2 - Removed SIM/Virtual Numbers providers not accepting at least
XMR from the guide as there are sufficient providers accepting XMR -
Added some more free SMS providers in the guide - Added links to
Scribe.rip front-end to Medium.com for Medium.com links - Considerable
work was done in relation to the community aspects of this project and
other related projects with the creation of a Matrix space (PSA)
regrouping several efforts. - Added link to <ahref="https://psa.anonymousplanet.org/"class="uri">https://psa.anonymousplanet.org/</a> containing the
community rules for our chatrooms on Matrix and Discord - Added
reference to <ahref="https://en.wikipedia.org/wiki/Sybil_attack"class="uri">https://en.wikipedia.org/wiki/Sybil_attack</a> to the
attacks against anonymized Tor traffic section - Added reference to <ahref="https://arstechnica.com/information-technology/2014/07/active-attack-on-tor-network-tried-to-decloak-users-for-five-months/"class="uri">https://arstechnica.com/information-technology/2014/07/active-attack-on-tor-network-tried-to-decloak-users-for-five-months/</a>
in the attacks against anonymized Tor traffic section - Added reference
to <ahref="https://www.whonix.org/wiki/Anbox"class="uri">https://www.whonix.org/wiki/Anbox</a> for running Android
Apps within the Whonix Workstation - Added reference to <ahref="https://www.wikigain.com/install-macos-monterey-on-virtualbox/"class="uri">https://www.wikigain.com/install-macos-monterey-on-virtualbox/</a>
to the macOS VM section - Added reference to <ahref="https://blog.kraken.com/post/11905/your-fingerprint-can-be-hacked-for-5-heres-how/"class="uri">https://blog.kraken.com/post/11905/your-fingerprint-can-be-hacked-for-5-heres-how/</a>
to the biometrics section - Added reference to <ahref="https://propertyofthepeople.org/document-detail/?doc-id=21114562"class="uri">https://propertyofthepeople.org/document-detail/?doc-id=21114562</a>
- Added reference to <ahref="https://12ft.io/"class="uri">https://12ft.io/</a> in the introduction section - Added
reference to <ahref="https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/"class="uri">https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/</a>
to the SSD wiping conclusions - Added reference to <ahref="https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf"class="uri">https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf</a>
to the advanced targeted techniques section - Small grammar/spelling
fixes - <strong>Special thanks to the anonymous donator of 1
XMR</strong></p>
<p>v1.1.1 - Added reference to <ahref="https://www.youtube.com/watch?v=H33ggs7bh8M"class="uri">https://www.youtube.com/watch?v=H33ggs7bh8M</a> as an intro
video to Monero in the Monero Disclaimer section - Added reference to <ahref="https://www.youtube.com/watch?v=qkJGF3syQy4"class="uri">https://www.youtube.com/watch?v=qkJGF3syQy4</a> in the Guest
VM Browser section about Brave - Added reference to <ahref="https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon"class="uri">https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon</a>
in the metadata/geo-location section - Added reference to <ahref="https://fingerprintjs.com/blog/disabling-javascript-wont-stop-fingerprinting/"class="uri">https://fingerprintjs.com/blog/disabling-javascript-wont-stop-fingerprinting/</a>
in several sections about JavaScript - Added reference to <ahref="https://qua3k.github.io/ungoogled/"class="uri">https://qua3k.github.io/ungoogled/</a> in the sections about
Ungoogled-Chromium - Re-Added Privacytools.io in the Links section -
Added a general disclaimer on the Links page about websites possibly
using sponsorships, affiliate links, paid services, premium offers, and
merchandising… - Re-Added a Discord server to provide easier access to
the community through <ahref="https://discord.gg/V8dmd9y7mt"class="uri">https://discord.gg/V8dmd9y7mt</a> with all the rooms bridged
to Matrix rooms - Changed the Matrix/Discord communities from being room
focused (#anonymity) to a broader “Privacy Security Anonymity” space
with a new #security focused room and an off-topic room. - Creation of a
Matrix space at <code>#privacy-security-anonymity:matrix.org</code><ahref="https://matrix.to/#/#privacy-security-anonymity:matrix.org"class="uri">https://matrix.to/#/#privacy-security-anonymity:matrix.org</a>
- Added an RSS bot to those rooms relaying some relevant security and
anonymity news within those rooms. - Started the test hosting of a small
Synapse server with the domain anonymousplanet.org</p>
<p>v1.1.0 - Removed SHA-3 from recommended methods for password storage
- Added reference to <ahref="https://docs.securedrop.org/en/stable/source.html"class="uri">https://docs.securedrop.org/en/stable/source.html</a> in the
section about communicating sensitive information to various
organizations - <strong>Pending review</strong> removal of
privacytools.io from the guide after discovering sponsored
recommendations within the lists on their website. Disclaimer added on
the links page. - Added reference to <ahref="https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf"class="uri">https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf</a>
in the Stylometry section - Added reference to <ahref="https://www.whonix.org/wiki/Surfing_Posting_Blogging#Stylometry"class="uri">https://www.whonix.org/wiki/Surfing_Posting_Blogging#Stylometry</a>
in the Stylometry section - Added reference to <ahref="https://www.whonix.org/wiki/Surfing_Posting_Blogging#Anonymous_File_Sharing"class="uri">https://www.whonix.org/wiki/Surfing_Posting_Blogging#Anonymous_File_Sharing</a>
in the appendix checklist of things to check before sharing information
- Added reference to <ahref="https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf"class="uri">https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf</a>
in the section about countering stylometry using translators - Changed
the fonts of the website to improve readability (now using “Helvetica”,
“Calibri”,and “Times New Roman”) - Removed some unnecessary information
from the main page and the donations page to reduce their size - Added a
new Tor Exit node (Tor-Exit-05) - Various spelling/grammar fixes</p>
<p>v1.0.9 - Re-Added Privacytools.io (along Privacyguides.org) as a good
source of information and recommendations for various
services/products/platforms within the guide. - Added a Links page to
the website with a small collection of recommended projects to visit. -
Changed the layout of the website to make the buttons a bit smaller -
Added reference to <ahref="https://medium.com/@c5/darkweb-vendors-and-the-basic-opsec-mistakes-they-keep-making-e54c285a488c"class="uri">https://medium.com/@c5/darkweb-vendors-and-the-basic-opsec-mistakes-they-keep-making-e54c285a488c</a>
in the OPSEC section. - Added reference to <ahref="https://kycnot.me/"class="uri">https://kycnot.me/</a> which lists non-KYC cryptocurrencies
exchange services - Fixed some mistakes in the cryptocurrency swapping
section</p>
<p>v1.0.8-hotfix - Added a reference to <ahref="https://privacytests.org/"class="uri">https://privacytests.org/</a> in the section about picking a
browser in a guest VM - Fixed not-working Nitter links by changing the
Nitter instance to Nitter.net - Added Minisign signatures for the PDFs
and the ODT file - <strong>Hotfix</strong> Added a reference to <ahref="https://qua3k.github.io/ungoogled/"class="uri">https://qua3k.github.io/ungoogled/</a> and now strongly
recommends <strong>against</strong> using Ungoogled-Chromium due to them
lagging behind in security patches</p>
<p>v1.0.8 - Added a reference to <ahref="https://www.websiteplanet.com/blog/gethealth-leak-report/"class="uri">https://www.websiteplanet.com/blog/gethealth-leak-report/</a>
in the Smart Devices section - Added several academic references to the
Tor Correlation Fingerprinting attack: <ahref="https://homes.esat.kuleuven.be/~mjuarezm/index_files/pdf/ccs18.pdf"class="uri">https://homes.esat.kuleuven.be/~mjuarezm/index_files/pdf/ccs18.pdf</a>,
and <ahref="https://www.esat.kuleuven.be/cosic/publications/article-2456.pdf"class="uri">https://www.esat.kuleuven.be/cosic/publications/article-2456.pdf</a>
- Added a reference to <ahref="https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations"class="uri">https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations</a>
in the same section - Added an important precision/correction that Tor
Correlation Fingerprinting attacks references papers were done in a
limited closed-world testing environment and their efficiency in a real
open-world situation has not been demonstrated other than theoretically
- Added two VPS hosting providers to the list of possible providers: <ahref="https://cryptoho.st/"class="uri">https://cryptoho.st/</a> and <ahref="https://www.privex.io/"class="uri">https://www.privex.io/</a> -
Added reference to <ahref="https://about.fb.com/news/2021/10/end-to-end-encrypted-backups-on-whatsapp/"class="uri">https://about.fb.com/news/2021/10/end-to-end-encrypted-backups-on-whatsapp/</a>
announcing e2ee backups on WhatsApp</p>
<p>v1.0.7 - Added reference to <ahref="https://www.scientificamerican.com/article/a-blank-wall-can-show-how-many-people-are-in-a-room-and-what-theyre-doing/"class="uri">https://www.scientificamerican.com/article/a-blank-wall-can-show-how-many-people-are-in-a-room-and-what-theyre-doing/</a>
in the targeted techniques section - Added reference to <ahref="https://www.scientificamerican.com/article/a-shiny-snack-bags-reflections-can-reconstruct-the-room-around-it/"class="uri">https://www.scientificamerican.com/article/a-shiny-snack-bags-reflections-can-reconstruct-the-room-around-it/</a>
in the targeted techniques section - Added reference to <ahref="https://www.scientificamerican.com/article/footstep-sensors-identify-people-by-gait/"class="uri">https://www.scientificamerican.com/article/footstep-sensors-identify-people-by-gait/</a>
in the targeted techniques section - Switched various links from
PrivacyTools.io to PrivacyGuides.org that were forgotten in a previous
update - Added guidance to share information and files publicly
including IPFS - Added an appendix containing a checklist of things to
verify before sharing any information or file (metadata…) - Complete
reworking of the Introduction and Prologue for better readability (there
was way too much text in there) - Added references to <ahref="https://thenewoil.org"class="uri">https://thenewoil.org</a>, <ahref="https://privacyguides.org"class="uri">https://privacyguides.org</a>, and the YouTube Techlore
channel <ahref="https://www.youtube.com/c/Techlore"class="uri">https://www.youtube.com/c/Techlore</a> as bonus introduction
reads on privacy and security - Various grammar/spelling fixes</p>
<p>v1.0.6 - Added reference to <ahref="https://www.forbes.com/sites/thomasbrewster/2021/10/04/google-keyword-warrants-give-us-government-data-on-search-users"class="uri">https://www.forbes.com/sites/thomasbrewster/2021/10/04/google-keyword-warrants-give-us-government-data-on-search-users</a>
in the digital fingerprint section - Added the fourth Tor Exit node in
the donation page listing - Added recommendation for considering
Minisign (<ahref="https://jedisct1.github.io/minisign/"class="uri">https://jedisct1.github.io/minisign/</a>) as an alternative
to PGP/GPG for file signing - Added new archive of the guide on
anonarchive.org - Added Content-Security-Policy and X-XSS-Protection
metatags to the HTML headers of the website - Added reference to <ahref="https://latacora.singles/2019/07/16/the-pgp-problem.html"class="uri">https://latacora.singles/2019/07/16/the-pgp-problem.html</a>
to justify the recommendation to use Minisign over PGP/GPG for signing -
Added <ahref="https://mobilesms.io"class="uri">https://mobilesms.io</a> to the list of online phone number
providers - Added an “extra paranoid” route using Zcash in addition to
Monero if you want even more safety than just relying on Monero alone
for anonymous crypto transactions - Added instructions to install a
Zcash wallet on various OSes including the Whonix Workstation - Refined
the VPN over Tor sections with more information about using a
self-hosted VPN/Proxy instead of a VPN provider - Added guidance to
upgrade Whonix from version 15 to version 16 on Qubes OS - Added
disclaimer about Windows 11 not being supported (yet) by the guide -
Some grammar/spelling fixes - Various broken links fixes</p>
<p>v1.0.5 - Added reference to <ahref="https://www.theguardian.com/australia-news/2021/sep/11/inside-story-most-daring-surveillance-sting-in-history"class="uri">https://www.theguardian.com/australia-news/2021/sep/11/inside-story-most-daring-surveillance-sting-in-history</a>
in the smartphone warnings section - Made main website available through
IPv6 - Endnotes are now also supported on the repository MD file through
thanks to markdown update from GitHub. Previously, those were only
working on the rendered Jekyll HTML - Added link to <ahref="https://oksms.org"class="uri">https://oksms.org</a> as an option
if you cannot afford a dedicated number. More will be added soon. -
Added reference to <ahref="https://www.vice.com/en/article/93ypke/the-nsa-and-cia-use-ad-blockers-because-online-advertising-is-so-dangerous"class="uri">https://www.vice.com/en/article/93ypke/the-nsa-and-cia-use-ad-blockers-because-online-advertising-is-so-dangerous</a>
as an argument to recommend adding uBlock to Tor Browser - Added
reference to <ahref="http://0pointer.net/blog/authenticated-boot-and-disk-encryption-on-linux.html"class="uri">http://0pointer.net/blog/authenticated-boot-and-disk-encryption-on-linux.html</a>
in the in-depth Linux hardening resources - Added reference to <ahref="https://www.usenix.org/system/files/sec21-hoang.pdf"class="uri">https://www.usenix.org/system/files/sec21-hoang.pdf</a> and
<ahref="https://gfwatch.org/"class="uri">https://gfwatch.org/</a> in
the section about hostile environments - Added reference to <ahref="https://www.d-id.com/talkingheads/"class="uri">https://www.d-id.com/talkingheads/</a> in the creating new
identities section - Added reference to <ahref="https://twitter.com/SecurityJon/status/1445020885472235524"class="uri">https://twitter.com/SecurityJon/status/1445020885472235524</a>
and <ahref="https://labs.f-secure.com/blog/sniff-there-leaks-my-bitlocker-key/"class="uri">https://labs.f-secure.com/blog/sniff-there-leaks-my-bitlocker-key/</a>
into the Windows Host OS section of the Whonix route - Added reference
to <ahref="https://www.wired.com/story/clearview-ai-new-tools-identify-you-photos/"class="uri">https://www.wired.com/story/clearview-ai-new-tools-identify-you-photos/</a>
in the biometrics section - Added reference to <ahref="https://www.coindesk.com/business/2021/09/21/leaked-slides-show-how-chainalysis-flags-crypto-suspects-for-cops/"class="uri">https://www.coindesk.com/business/2021/09/21/leaked-slides-show-how-chainalysis-flags-crypto-suspects-for-cops/</a>
in the Cryptocurrencies Transaction section - Added Cwtch <ahref="https://cwtch.im"class="uri">https://cwtch.im</a> to the
messaging apps lists and recommendations - Added a new fourth Tor Exit
node using donations funds - Some grammar/spelling fixes</p>
<p>v1.0.4 - Added reference to <ahref="https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/"class="uri">https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/</a>
in the burner phone section - Added reference to <ahref="https://sourceforge.net/p/veracrypt/discussion/technical/thread/3961542951/"class="uri">https://sourceforge.net/p/veracrypt/discussion/technical/thread/3961542951/</a>
in the Veracrypt settings sections - Changed Privacytools.io to
Privacyguides.org after name change - Added reference to <ahref="https://github.com/iperov/DeepFaceLive"class="uri">https://github.com/iperov/DeepFaceLive</a> in the Face
recognition section - Added reference to <ahref="https://www.news.ucsb.edu/2021/020392/dont-fidget-wifi-will-count-you"class="uri">https://www.news.ucsb.edu/2021/020392/dont-fidget-wifi-will-count-you</a>
within the Wi-Fi around you section - Matrix room change from
#online-anonymity:matrix.org to #anonymity:matrix.org (old alias remains
valid) - Renewed hosting of Tor-Exit-01 for 1 year using funding from
donations</p>
<p>v1.0.3 - Added reference to ProtonMail IP logging case <ahref="https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities/"class="uri">https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities/</a>
- Added more information regarding Firefox hardening settings - Added
reference to <ahref="https://www.privateinternetaccess.com/blog/internet-freedom-around-the-world-in-50-stats/"class="uri">https://www.privateinternetaccess.com/blog/internet-freedom-around-the-world-in-50-stats/</a>
- Fixed several broken links - Some grammar fixes</p>
<p>v1.0.2 - Minor layout fixes - Added BLAKE2 hash to the list of hashes
and clarified the hashes recommendations - Added Twofish and Serpent to
the recommended section in the File Encryption section - Added reference
to <ahref="https://justdeleteme.xyz/"class="uri">https://justdeleteme.xyz/</a> and <ahref="https://inteltechniques.com/workbook.html"class="uri">https://inteltechniques.com/workbook.html</a> in the
Removing traces section - Added references to <ahref="https://techcrunch.com/2021/08/19/google-geofence-warrants/"class="uri">https://techcrunch.com/2021/08/19/google-geofence-warrants/</a>
and <ahref="https://www.techdirt.com/articles/20210821/10494847401/google-report-shows-reverse-warrants-are-swiftly-becoming-law-enforcements-go-to-investigative-tool.shtml"class="uri">https://www.techdirt.com/articles/20210821/10494847401/google-report-shows-reverse-warrants-are-swiftly-becoming-law-enforcements-go-to-investigative-tool.shtml</a>
about the expanding trend of Geofencing warrants - Added reference to <ahref="https://edwardsnowden.substack.com/p/all-seeing-i"class="uri">https://edwardsnowden.substack.com/p/all-seeing-i</a> in
reference to Apple Privacy - Added various references and information
about setting up plausible deniability on Linux - Added reference and
information about setting up plausible deniability on Qubes OS -
Improved the section about countering linguistic forensics - Updated
Archive.today onion v2 address to v3 - Full (self) proofreading
resulting in a large amount of spelling/grammar fixes and some shame
about those</p>
<p>v1.0.1 - Added information about Monero Atomic Swap for converting
from BTC to Monero instead of a swapping service (Monero Rules!) - Added
link to <ahref="https://www.useapassphrase.com/"class="uri">https://www.useapassphrase.com/</a> in the
password/passphrase guidelines appendix - Added an appendix about Crypto
Swapping services with some recommendations - Added OnlyFans, Binance
and Kraken to the list of tested online services - Added Information on
how to check if your Tor Exit node is in few or many blocklists to avoid
issues when signing-up to various services - Various spelling/grammar
fixes</p>
<p>v1.0.0 Codename “Deal With It” (because it’s not perfect, so deal
with it) - Various spelling/grammar fixes to the Countering Forensic
Linguistics section - Added guidance on how to compare older PDFs with
newer releases using some online tools - Added guidance on how to
compare older ODTs with newer releases using LibreWriter - Removed the
attribution to Mark Twain from the quote in the final editorial notes -
Added some references in the list of threats to anonymity to the
proposed mitigations in the guide - Various grammar/spelling fixes -
Slightly changed the Light theme header color</p>
<p>v1.0.0-rc3-hotfix (unpublished release) - Modified the Countering
Forensic Linguistics section to remove the AutoCorrect usage
recommendation in favor of “Search and Replace” to avoid unintended
mistakes. - Removed hybrid-analysis checks from the files as I think
VirusTotal is enough</p>
<p>v1.0.0-rc3 - Added recommendation to use the Privacy Redirect
extension on the Guest VMs browsers: <ahref="https://github.com/SimonBrazell/privacy-redirect"class="uri">https://github.com/SimonBrazell/privacy-redirect</a> - Added
a section to emphasize some precautions when using a Browser with
JavaScript enabled (including Tor Browser up to the “Safer Level”) in
every route - Added more information and recommendations related to
using Tor Browser at the “Safer” level. - Added some more crypto
disclaimers to avoid some services such as Mixers/Tumblers - Re-ordered
and re-linked many sections in a more logical way - Removed some
duplicate information in some sections - Fixed some bad hyperlinks -
Added a release of the guide in the ODT format in addition to PDFs</p>
<p>v1.0.0-rc2 - Many grammar/spelling changes after some
proofreading</p>
<p>v1.0.0-rc1 (Release Candidate 1) - Small grammar/spelling fixes -
Small layout fixes - Added some information about Safari in the Guest VM
Browser selection/hardening sections - Removed DREAD in the threat
modeling references as it is deprecated - Added link to <ahref="https://arstechnica.com/gadgets/2021/07/vpn-servers-seized-by-ukrainian-authorities-werent-encrypted/"class="uri">https://arstechnica.com/gadgets/2021/07/vpn-servers-seized-by-ukrainian-authorities-werent-encrypted/</a>
in the No Logging but Logging anyway section of VPN providers - Added
Session Messenger as a possible “last resort” recommendation for iOS
users because well there is no better option it seems despite their lack
of PFS and Deniability - Corrected the Session Messenger information as
not using Tor Natively but using LokiNet Onion Routing natively - Added
a new Tor Browser route for the simplest, easiest way to access the web
anonymously with appropriate security warnings - Added additional
information on attack mitigations on Bitlocker encrypted drives and
reference to <ahref="https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network"class="uri">https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network</a>
- Changed the recommendations about the state of your real phone while
using a burner phone. You should never bring it with you and leave it on
at home. - Changed the route picking UML to only show options depending
on your skills/resources/availability without considering
threats/adversaries - Expanded the threat modeling section (after the
previous UML) with adversaries/threats and picking the adequate route in
consequence - Added reference to <ahref="https://arxiv.org/pdf/2107.04940.pdf"class="uri">https://arxiv.org/pdf/2107.04940.pdf</a> to the Bad
Cryptography section - Added reference to <ahref="https://edition.cnn.com/2021/07/23/tech/idme-unemployment-facial-recognition/index.html"class="uri">https://edition.cnn.com/2021/07/23/tech/idme-unemployment-facial-recognition/index.html</a>
to the Face Recognition section - Lowered recommendation for RiseUP as a
free mail service as they now require invitation for registration -
Added reference to <ahref="https://gitlab.com/FG-01/fg-01"class="uri">https://gitlab.com/FG-01/fg-01</a> as a possible mitigation
to gait recognition systems as well as 2 more journalistic references to
gait recognition - Changed information about China/Russia “will block”
ECH/eSNI to “might block” as it hasn’t been verified/confirmed - Added a
whole appendix on Counteracting Forensic Linguistics (Writeprint) with
your anonymous identities - Added IPFS mirror of the whole website at <ahref="https://ipfs.anonymousplanet.org"class="uri">https://ipfs.anonymousplanet.org</a></p>
<p>v0.9.9h - Fixed bad and missing linking about browser selection and
install in guest VMs setup sections - Added ShutUp10 to the list of
tools to improve Privacy on Windows 10 - Removed Windows AME from the
recommendations/possibilities within guest VMs and advising against it
instead</p>
<p>v0.9.9g - Added Safing.io to the recommended VPN providers list
(provisional) - Many links fixed/updated/replaced/removed (dead links
check on the whole document) - Updated most of the .onion v2 addresses
to .onion v3 addresses (except for Archive.today which is still on v2) -
Added .onion addresses to some publication links having a Tor mirror
such as The Intercept - Decided to switch the licensing of the project
to add NonCommercial (cc-by-nc-4.0), prior releases are not affected</p>
<p>v0.9.9f - Added section on search engines - Added some more
information on Brave source of adblocking - Added separator between the
text and the references to the online HTML version - Added a ToC entry
of the references to the online HTML version - Added a bit more
information on eventual physical destruction of HDDs and SSDs</p>
<p>v0.9.9e - Added more information on why I recommend Brave within
guests VMs and more information about other choices (mainly Firefox) -
Added Browser Hardening guidelines for Brave, Ungoogled-Chromium, Edge,
and Firefox</p>
<p>v0.9.9d - Changed wording from all incorrect “TAILS” instances to the
correct “Tails” - Changed wording from some incorrect “Qube OS”
instances to the correct “Qubes OS” - Added header to the PDFs with the
title - Added footer to the PDFs with the page numbers - Changed the
PDFs from having all references in the endnotes to having them in the
footnotes of each page for better readability</p>
<p>v0.9.9c - Improved the password/passphrase recommendation section -
Added a new Tor Exit node to the project <ahref="https://metrics.torproject.org/rs.html#details/F535BA067A776457083141688C7FE781B6DFB24E"class="uri">https://metrics.torproject.org/rs.html#details/F535BA067A776457083141688C7FE781B6DFB24E</a>
- Added ChaCha20 to the recommended file/disk encryption algorithms -
Various fixes in the README/Index</p>
<p>v0.9.9b - Changed recommendation from Veracrypt to Bitlocker for
Windows simple encryption route to prevent rubber-hose cryptanalysis -
Started running a Tor exit-node using project funds <ahref="https://metrics.torproject.org/rs.html#details/970814F267BF3DE9DFF2A0F8D4019F80C68AEE26"class="uri">https://metrics.torproject.org/rs.html#details/970814F267BF3DE9DFF2A0F8D4019F80C68AEE26</a>.
I was only able to buy 3 months with the remaining funds. Please donate
if you want this to continue. - Changed slightly the donations requests
so that they appear sooner including in the README/index.html and
earlier in the guide in a lighter way - Small grammar/spelling fixes</p>
<p>v0.9.9a - Added Wikiless links to all Wikipedia articles for enhanced
privacy (see <ahref="https://codeberg.org/orenom/wikiless"class="uri">https://codeberg.org/orenom/wikiless</a>) - Added message to
inform users with JavaScript disabled that JavaScript is needed to
toggle the themes on the website - Removed underline of every hyperlink
in the PDF format guide for better readability - Added small section
about helping others staying anonymous by running a Tor entry/relay node
- Shortened the Index/README to make it more readable and creating a
sub-page with the safety/integrity/authentication information - Added
new hosting provider to the list (<ahref="https://1984.is"class="uri">https://1984.is</a>) and created a small appendix dedicated
to recommended hosting providers - Small grammar/spelling fixes - Small
fixes on the website layout (thanks to LiJu09 again)</p>
<p>v0.9.9 - Added toggle switch from dark to light theme for the website
(requires Javascript) to improve general UX (very special thanks to
LiJu09 for the great help) - Fixed layout issues in the OSX section
about Gatekeeper and XProtect - Small fix in the malware section “higher
level” changed to “lower level” - Added reference to <ahref="https://www.inteltechniques.com/podcast.html"class="uri">https://www.inteltechniques.com/podcast.html</a> as an OSINT
resource - Added reference to <ahref="https://github.com/Qubes-Community/Contents/blob/master/docs/privacy/anonymizing-your-mac-address.md"class="uri">https://github.com/Qubes-Community/Contents/blob/master/docs/privacy/anonymizing-your-mac-address.md</a>
in the Qubes Route section - Various spelling/grammar fixes</p>
<p>v0.9.8 - Added reference to <ahref="https://github.com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/technical_note.pdf"class="uri">https://github.com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/technical_note.pdf</a>
in the Monero Disclaimer section - Added cars in the Smart Devices
section because obviously cars are also issues - Added reference to <ahref="https://www.washingtonpost.com/technology/2019/12/17/what-does-your-car-know-about-you-we-hacked-chevy-find-out/"class="uri">https://www.washingtonpost.com/technology/2019/12/17/what-does-your-car-know-about-you-we-hacked-chevy-find-out/</a>
in the Smart Devices section - Added more OSINT links: <ahref="https://osintframework.com/"class="uri">https://osintframework.com/</a>, <ahref="https://recontool.org"class="uri">https://recontool.org</a>, and
<ahref="https://github.com/jivoi/awesome-osint"class="uri">https://github.com/jivoi/awesome-osint</a> - Added more
information about crafting your legend for your anonymous identities in
a consistent manner in the creating new identities section - Added more
OPSEC information and a reference to <ahref="https://www.youtube.com/watch?v=IqZZU9lFlF4"class="uri">https://www.youtube.com/watch?v=IqZZU9lFlF4</a> - Added more
references to Hardening Linux: <ahref="https://wiki.archlinux.org/title/Security"class="uri">https://wiki.archlinux.org/title/Security</a> and <ahref="https://codeberg.org/SalamanderSecurity/PARSEC"class="uri">https://codeberg.org/SalamanderSecurity/PARSEC</a> - Added
references to AppArmor usage on Whonix VMs: <ahref="https://www.whonix.org/wiki/AppArmor"class="uri">https://www.whonix.org/wiki/AppArmor</a> - Added
AppArmor/SELinux references within the Qubes OS section for Hardening
VMs - Added light introduction video references for hardening
Linux/Windows/MacOS by the nice people at Techlore. - Switched from
Mastodon.online to Mastodon.social <ahref="https://mastodon.social/@anonypla"class="uri">https://mastodon.social/@anonypla</a> - Fixed duplicate
notations on GPG key - Added Nitter links to Twitter links - Various
spelling/grammar fixes</p>
<p>v0.9.7b - Added disclaimer about Monero usage and its long-term
security relative to KYC regulations - Added a bonus step within the BTC
anonymizing section to reference Wasabi Wallet <ahref="https://wasabiwallet.io/"class="uri">https://wasabiwallet.io/</a>
as an added efficient obfuscation measure - Fixed layout issue at the
very end of the guide (wrong tabulation) - Added reference to RiseUp,
Disroot, and Autistici for e-mail creation if you need an e-mail
verification for creating for instance a ProtonMail or a MailFence
account - Removed <ahref="http://keys.gnupg.net/"class="uri">http://keys.gnupg.net/</a> from README because it’s dead it
seems</p>
<p>v0.9.7a - Fixed wrong information about Session messenger and
presence of Forward Secrecy and removed from recommendations due to that
and the absence of deniability - Added information about how to get/use
BTC anonymously using Monero swapping - Removed the THGTOA subreddit and
the discord server (due to being mostly unused) to leave only the Matrix
room and GitHub for discussions - Made the README slightly more
user-friendly - Various spelling/grammar fixes</p>
<p>v0.9.7 - Fixed DNS section stating that ECH/eSNI leaks DNS when in
fact it leaks only DN (Domain Name) - Fixed DNS section stating that
Firefox enforces OCSP stapling when it does not - Added information in
DNS section that Chromium based browsers do not rely on OCSP but CRLSets
- Fixed DNS illustration according to above fixes - Renamed DNS section
into DNS and IP and added information about IP correlation with various
websites despite having encrypted DNS - Added reference to <ahref="https://www.hackerfactor.com/blog/index.php?/archives/906-Tor-0day-The-Management-Vulnerability.html"class="uri">https://www.hackerfactor.com/blog/index.php?/archives/906-Tor-0day-The-Management-Vulnerability.html</a>
in the anonymize Tor/VPN traffic section - Added section about rootkits
and backdoors in the malware in the malware, exploits and viruses
section - Added information about rootkits and firmware
malware/backdoors - Added Session in the messengers table and
recommendations - Added disclaimer to be extra cautious when using Tails
(always use the last version and be extremely careful with bundled apps)
- Various spelling/grammar fixes</p>
<p>v0.9.6b - Added emphasis and disclaimer on the threat model of this
guide to clarify strongly that this guide is a DRAFT and may contain
inaccuracies. This guide should not be considered a definitive truth. -
Added reference to the new Tutanota incident forcing them to monitor
users - Added reference to the RSA Conference 2020, When Cybercriminals
with Good OpSec Attack <ahref="https://www.youtube.com/watch?v=zXmZnU2GdVk"class="uri">https://www.youtube.com/watch?v=zXmZnU2GdVk</a> video in the
OPSEC section</p>
<p>v0.9.6a - Added the USB Wi-Fi dongle option within the section to
block Host OS network access while allowing VM network access - Small
spelling/grammar fixes</p>
<p>v0.9.6 - Added references to AnonAddy and Simplelogin e-mail aliasing
services in the e-mail verification section of creating new online
identities. Could be useful. - Fixed the word SSD that was somehow
spelled SDD all over the place (/shame) - Added section to explain how
to disable/prevent Internet Access on the Host OS while allowing VMs
(specifically the Whonix Gateway) to access the internet in the Whonix
Route - Added further password recommendation based on Bruce Schneier
- Removed telegram channel because is was unused and empty in favor of
keeping only the Matrix channel (Primary) and the Discord channel
(Secondary) but linked - Added information about AMD PSP not having
remote management capabilities unlike IME - Various spelling/grammar
fixes</p>
<p>v0.9.5 - Added some small disclaimer for Coreboot containing some
proprietary software - Added reference to Tempora surveillance program -
Small correction to the text relating to the Tutanota court order to
avoid misunderstandings - Added <ahref="https://censys.io/"class="uri">https://censys.io/</a> and <ahref="https://www.zoomeye.org/"class="uri">https://www.zoomeye.org/</a>
in addition to Shodan as IoT search engines options - Removed SHA3 from
the “avoid” list because it was incorrect - Added more information in
the Online Backups section - Added more references to people caught due
to their fingerprints appearing on shared pictures online in the
biometrics section - Added link to <ahref="https://stegcloak.surge.sh/"class="uri">https://stegcloak.surge.sh/</a> in the Hidden communications
in plain sight section - Various small spelling/grammar fixing</p>
<p>v0.9.4 - Added reference to <ahref="https://www.youtube.com/watch?v=FDZ39h-kCS8"class="uri">https://www.youtube.com/watch?v=FDZ39h-kCS8</a> in the Smart
Devices around you section - Added reference to TypingDNA (<ahref="https://www.typingdna.com/"class="uri">https://www.typingdna.com/</a>) in the Online Behavior
section - Various small spelling fixes - Added reference to SORM
(Russia) along PRISM,XKEYSCORE… - Added reference to smarttags (Apple
AirTags, Samsung Smarttags, Tile…) in the smart devices section - Added
reference to Michael Bazzell’s interesting OSINT Techniques book <ahref="https://inteltechniques.com/book1.html"class="uri">https://inteltechniques.com/book1.html</a> in the bonus
resources section - Added reference to LibGen in the Introduction
section in addition to Sci-Hub - Fixed some ordering issues in the
various sections that were re-ordered in previous updates</p>
<p>v0.9.3 - Added reference to <ahref="https://disable-gatekeeper.github.io/"class="uri">https://disable-gatekeeper.github.io/</a> and how to disable
MacOS Gatekeeper on Big Sur - Various grammar/spelling/layout fixes -
Transifex translations are now possible and open for any volunteer.
Currently some are working on Russian/Ukrainian - Added
https://crypton.sh/ to the list of Monero accepting phone number
providers - Added reference to e-mail tracking in the Malware section -
Updated DNS section to reflect change from eSNI to ECH - Added more
OSINT video tutorials references from Bellingcat - Added information
about OCSP stapling in the DNS section - Added illustration for
comparing simple OCSP vs OCSP stapling - Added illustration for
comparing DNS encryption with and without ECH</p>
<p>v0.9.2a - Multiple small punctuation fixes for better
readability/translation of markdown format - Small reference fix from
BBC to The Guardian</p>
<p>v0.9.2 - Added reference to <ahref="https://mattw.io/youtube-geofind/location"class="uri">https://mattw.io/youtube-geofind/location</a> for Video
geolocation (YouTube) - Added reference to <ahref="https://jakecreps.com/tag/osint-tools/"class="uri">https://jakecreps.com/tag/osint-tools/</a> for various OSINT
tools to try on yourself - Fixed some bad links between a bunch of
cross-references - Some font color fixing in the dark themed PDF - Added
various attribution references for some external illustrations - Various
spelling/grammar fixes - Re-organized some of the de-anonymization
methods into grouped sub-sections for readability</p>
and e2e for Element/Matrix and Zoom - Added reference/guidance to
Windows AME (<ahref="https://ameliorated.info/"class="uri">https://ameliorated.info/</a>)for use in guest VMs in place
of Standard Windows 10 Pro - Added Tor Mirror into the HTML header for
discoverability - Added reference to <ahref="https://arxiv.org/pdf/1906.05754.pdf"class="uri">https://arxiv.org/pdf/1906.05754.pdf</a> in the crypto
transactions section - Added references to NEC NeoFace and Clearview AI
face recognition systems in the Face/Biometrics section - Added FLoC
opt-out and no-referrer policies into the HTML header - Added reference
to <ahref="https://arxiv.org/abs/1512.05616"class="uri">https://arxiv.org/abs/1512.05616</a> in the Smart Devices
warning section - Added reference to <ahref="https://people.eecs.berkeley.edu/~dawnsong/papers/2012%20On%20the%20Feasibility%20of%20Internet-Scale%20Author%20Identification.pdf"class="uri">https://people.eecs.berkeley.edu/~dawnsong/papers/2012%20On%20the%20Feasibility%20of%20Internet-Scale%20Author%20Identification.pdf</a>
in the digital fingerprint section - Added reference to <ahref="https://www.gwern.net/Death-Note-Anonymity"class="uri">https://www.gwern.net/Death-Note-Anonymity</a> in the Bonus
section - Fixed the Qubes OS section implying that Qubes OS is a Linux
distribution when it is not - Fixed LICENSE file missing on the website
- Various spelling/grammar fixes</p>
<p>v0.9.0 - Various layout, spelling, and grammar fixes - Added new
discussion channel on matrix <code>#online-anonymity:matrix.org</code> -
Fixed connectivity methods table recommendations (VPN over Tor over VPN)
- Removed the shark meme because it was a bit much - Added reference to
the recent Spotify AI voice recognition patent <ahref="https://patents.justia.com/patent/10891948"class="uri">https://patents.justia.com/patent/10891948</a> - Added more
information and illustration about Tor Bridges and especially Meek
bridges for users in hostile environments - Added some more information
about hash collisions - Moved Requirements section up before
Introduction - Fixed DNS privacy illustration DoHoT that was spelled
wrong - Fixed Appendixes names that were out of order - Added guidance
to create a Proxy VPS in addition to a VPN VPS in the case of the now
VPN/Proxy over Tor route - Added more guidance to the “No Tor/VPN”
<p>v0.8.9 - Added reference to <ahref="https://www.freehaven.net/anonbib/date.html"class="uri">https://www.freehaven.net/anonbib/date.html</a> in the bonus
resources section - Many small fixes in the README - Various small
layout and grammar fixes - Removed some parts about unblockable
telemetry on MacOS Big Sur since this issue is no longer relevant it
seems (and the telemetry can be blocked) - Erratum: removed a quote from
a user on his request</p>
<p>v0.8.8 - Fixed QR codes pointing to old addresses (but still valid) -
Added Keyoxide proofs to the README - Various small fixes - Huge thanks
to the generous donator of 1 XMR - Added proper native Tor mirror on <ahref="http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion"class="uri">http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion</a></p>
<p>v0.8.7 - Added reference to <ahref="https://www.scss.tcd.ie/doug.leith/apple_google.pdf"class="uri">https://www.scss.tcd.ie/doug.leith/apple_google.pdf</a> in
the Smart Devices section and the OS Telemetry section. -
Moved/rephrased small introduction paragraph about Apple being among the
best choices for Privacy in the OS and Telemetry section. - Changed
recommendation for Android VM to Androix-x86 CyanogenMod releases (14.1
r5 at the time of this writing) - Several small spelling/grammar/layout
fixes - Added more explanation and illustration to the basic concept of
Virtualization through a new Appendix - Fixed illustration to mention
Tor Stream Isolation possibilities - Added a couple easter eggs because
why not</p>
<p>v0.8.6 - Small layout fixes due to regex errors in pandoc conversion
- Small re-write of the instant messaging section that should make more
sense now - Changed the Briar information to reflect that they do now
provide a Desktop option (with limited features) in addition to the
Android client (emulator no longer strictly required) - Updated the
messaging table to include qTox (Tox) and Gajim (XMPP) - Added reference
to IDF famous tweet <ahref="https://twitter.com/idf/status/1125066395010699264"class="uri">https://twitter.com/idf/status/1125066395010699264</a> -
Added some references to Zero-Trust security models - Added some
references to Bad Opsec resources (<ahref="https://www.youtube.com/watch?v=eQ2OZKitRwc"class="uri">https://www.youtube.com/watch?v=eQ2OZKitRwc</a> and <ahref="https://www.youtube.com/watch?v=eQ2OZKitRwc"class="uri">https://www.youtube.com/watch?v=eQ2OZKitRwc</a>) - Added
several tools to check an IP or your own IP for various things in the
“Your IP Address” section - Added references to Hybrid Analysis for PDFs
in addition to VirusTotal - Added small additional illustration about
threat models in the Introduction - Added small additional illustration
about Privacy vs Anonymity in the Introduction - Removed the password
protected PDF file from the project because it was never used and
creaitng more compatibilities issues than necessary on my side -
Replaced donations QR codes with better ones</p>
<p>v0.8.5 - Changed donations QR codes with better ones with logos -
Many small fixes in grammar/spelling/layout - Fixed many unnecessary
escaping backslashes in front of special characters because pandoc does
that - Changed all lines containing code lines into inline code for
better readability on the online version - Migrated my Mastodon account
to <ahref="https://mastodon.online/@anonypla"class="uri">https://mastodon.online/@anonypla</a> (old one redirected
automatically) - Fixed Tor over VPN section that was clearly missing
emphasis on it being a viable option with good use cases - Added more
information in the Pick your Connectivity conclusions for a better
overview - Added section about Online file Syncing in the Online Backup
section - Added more information about messaging apps and a rather
detailed table comparing their privacy/security/anonymity features -
Added disclaimer on reddit/discord to not discuss sensitive topics on
those platforms</p>
<p>v0.8.4 - Added more information regarding Tor stream isolation and
VPNs - Added reference to <ahref="https://clickclickclick.click"class="uri">https://clickclickclick.click</a> in the Behavior analysis
section - Added project website mirror at <ahref="https://mirror.anonymousplanet.org"class="uri">https://mirror.anonymousplanet.org</a> (hosted at GitLab) -
Added PDFs mirror at CryptPad.from - Added reference to recently
released list of data collected by Google Chrome - Added reference to <ahref="https://www.bbc.com/news/technology-55573802"class="uri">https://www.bbc.com/news/technology-55573802</a> about
Facial recognition defeating Face Masks in the biometrics section -
Added reference to Microsoft Azure Facial Cognitive Services Demo <ahref="https://azure.microsoft.com/en-us/services/cognitive-services/face/#demo"class="uri">https://azure.microsoft.com/en-us/services/cognitive-services/face/#demo</a>
in the biometrics section - Added reference to <ahref="https://www.bellingcat.com/news/2021/03/19/berlin-assassination-new-evidence-on-suspected-fsb-hitman-passed-to-german-investigators/"class="uri">https://www.bellingcat.com/news/2021/03/19/berlin-assassination-new-evidence-on-suspected-fsb-hitman-passed-to-german-investigators/</a>
in the biometrics section</p>
<p>v0.8.3 - Added reference to <ahref="https://www.reflectacles.com/"class="uri">https://www.reflectacles.com/</a> glasses to interfere with
CCTV surveillance. - Added “enhance” example to the deblurring section -
Thanks to the anonymous donators. Their donations were spent to renew
the domain for 3 more years (4 years total). - Added information about
risks/drawbacks related to Tor Stream Isolation when using VPN over Tor
and for which use cases this method is recommended - Added QR code for
BTC legacy address in the donations section</p>
<p>v0.8.2 - Brighter fonts on some headers for better readability in
dark mode - Added reference to Sci-Hub in the introduction - Added
reference to deniable encryption on Linux and why it is not (yet) in the
current routes - Added reference to EncroChat and Sky ECC and warning
against using such commercial devices/services for anonymity - Small
fixes in some URLs that were not properly changed after domain switch to
anonymousplanet.org - Added Bitcoin legacy address in addition to Segwit
for donations - Various spelling/grammar issues</p>
<p>v0.8.1 - Fixed many various small layout/spelling/grammar issues -
Fixed 2 shortened URLs (t.me and bit.ly) from the guide with correct
destination URLs - Added some references to “roll your own crypto” cases
(Telegram, Zoom) - Added reference to <ahref="https://www.vice.com/en/article/y3g97x/location-data-apps-drone-strikes-iowa-national-guard"class="uri">https://www.vice.com/en/article/y3g97x/location-data-apps-drone-strikes-iowa-national-guard</a>
in the Metadata/Geolocation section - Removed archive.today PDF links to
replace them with Archive.org links (because archive.today doesn’t
actually save PDFs) - Added reference to a MAC tracking device <ahref="https://amsignalinc.com/data-sheets/Acyclica/Acyclica-RoadTrend-Product-Sheet.pdf"class="uri">https://amsignalinc.com/data-sheets/Acyclica/Acyclica-RoadTrend-Product-Sheet.pdf</a>
in the MAC address section - Added disclaimer about not endorsing
Cloudflare in the DNS section by mentioning them several times for
technical reasons. - Added references to Ungoogled-Chromium as an
alternative to Tor Browser, Firefox and Brave. - Added some results of
Browser fingerprinting testing by the EFF coveryourtracks project. -
Added reference to Tor Browser security levels which I realized are not
known by most people. - Added Archive.org links to all documents/pages
hyperlinks for people willing to avoid direct links to various websites
- Added Invidious (through yewtu.be invidious instance hosted in the NL)
links to all YouTube videos hyperlinks for people wanting more privacy
on Youtube videos - Added reference to AMD PSP security analysis (and
how it is not as bad as IME) in the “Your CPU” section <ahref="https://www.youtube.com/watch?v=bKH5nGLgi08&t=2834s"class="uri">https://www.youtube.com/watch?v=bKH5nGLgi08&t=2834s</a>
and the laptop recommendation section. - Moved the Safe Browser part of
Guest OSes into an Appendix to avoid duplication - Added domain for
project <ahref="https://anonymousplanet.org/"class="uri">https://anonymousplanet.org/</a> with donation funds</p>
<p>v0.8.0 - Changed mat2 VM appendix to debian testing (instead of
stable) to get latest version of mat2 - Fixed mat2 VM appendix as the
network was not working properly with the previous guidance - Added
reference to <ahref="https://en.wikipedia.org/wiki/Stylometry"class="uri">https://en.wikipedia.org/wiki/Stylometry</a> - Added
references to various threat modeling methodologies (LUNDDUN, STRIFE,
DREAD, PASTA) and some more in-depth resources for those willing to go
further - Added reference to <ahref="https://geekfeminism.wikia.org/wiki/Who_is_harmed_by_a_%22Real_Names%22_policy%3F"class="uri">https://geekfeminism.wikia.org/wiki/Who_is_harmed_by_a_%22Real_Names%22_policy%3F</a>
in the introduction - Added reference to <ahref="https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual#.22Real.22_names"class="uri">https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual#.22Real.22_names</a>
in the creating identities section - Multiple spelling/grammar fixes
(including email into e-mail, and wifi into wi-fi) - Added reference to
as bonus resources in de-anonymization methods - Added reference to <ahref="https://www.whonix.org/wiki/DoNot"class="uri">https://www.whonix.org/wiki/DoNot</a> in the OPSEC section
because it should be there - Added reference to <ahref="https://www.whonix.org/wiki/Printing_and_Scanning"class="uri">https://www.whonix.org/wiki/Printing_and_Scanning</a> in the
Printing Watermarking section - Added reference to MIT project
SeeingYellow <ahref="http://seeingyellow.com/"class="uri">http://seeingyellow.com/</a> in the Printing Watermarking
section - Re-Wrote the malware section in the de-anonymization methods
for better readability - Added a specific Anti-Virus section in the
Malware checks section with various references and arguments for some
selective/limited use. - Added reference to EFF security scenarios (<ahref="https://ssd.eff.org/en/module-categories/security-scenarios"class="uri">https://ssd.eff.org/en/module-categories/security-scenarios</a>)
in the Introduction as examples of threat models for various people. -
Added new section with guidance for safe document publishing including
various tool recommendations. - Added a bit more guidance on malware
removal for Pictures and Documents (PDFs, Office Documents…) - Added Bad
Cryptography in the de-anonymization threats with some examples - Added
several Behavior Analysis references in the renamed “Your Digital
Fingerprint, Footprint, and Online Behavior” section</p>
<p>v0.7.9 - Updated GitHub Transparency report - Added information to
make animated online identities pictures for increased plausibility -
Added references to the list of services blocking Tor (<ahref="https://gitlab.torproject.org/legacy/trac/-/wikis/org/doc/ListOfServicesBlockingTor"class="uri">https://gitlab.torproject.org/legacy/trac/-/wikis/org/doc/ListOfServicesBlockingTor</a>)
- Added reference to <ahref="https://haveibeenpwned.com/"class="uri">https://haveibeenpwned.com/</a> in the Identities
maintenance section - Added automatic archival and links of the project
to Archive.today (through Archive.fo)</p>
<p>v0.7.8 - Various small layout/spelling/grammar fixes - Added
reference to Financial transactions and KYC in the real-name system
section - Added guidance to bypass some local restrictions on supervised
computers safely (Appendix Q) - Added guidance to run Tails without
using Tor in a hostile environment - Updated UML diagram of various
routes to include a non-dedicated laptop - Changed the whole document to
a more formal/cleared grammar for better readability and compatibility
with translation engines - Changed table colors for better readability
in dark modes (PDF and Online)</p>
<p>v0.7.7 - Added some acknowledgements to various added Projects -
Changed and improved the “Picking your route” section with the new
option (Tails+Whonix) - Added basic threat model illustration in the
Introduction - Added basic UML diagram to pick your route - Added basic
UML diagrams for picking your connectivity methods - Added illustration
of the Tails with HiddenVM option - Rescaled some images that were way
too big - Added a whole bunch of platforms to the Online Identities
section - Added more references to German law in the Online Identities
section - Added a legend to the Online Identities overview table</p>
<p>v0.7.6 - Added reference to video visually explaining DNS - Added
some information related to the anonymous use of Bitcoin (vs Monero). -
Added reference to risks of using Crypto Tumblers and Mixers. - Added
reference to the Go Incognito project (<ahref="https://github.com/techlore-official/go-incognito"class="uri">https://github.com/techlore-official/go-incognito</a>) and
their informative YouTube videos for optional introduction before
reading this guide. - Added reference to ExifTool and ExifCleaner to
Metadata removal sections for documents (because they also work on those
formats) - Added reference to picture recognition cloaking tools
(Fawkes, Adverserial.io, LowKey) for preventing picture recognition
algorithms from various platforms. - Added detailed guidance to create
Android guest VMs in the Whonix Route - Added detailed guidance to
create Android Qubes in the Qubes Route - Added detailed guidance to use
Persistent Plausible Deniability with Whonix within Tails (using
HiddenVM project) - Added Briar, GitLab to the online identities
sections - Added recommended Apps for sharing and communicating
anonymously - Added some acknowledgements to various added Projects</p>
<p>v0.7.5 - Added reference to <ahref="https://github.com/rshipp/awesome-malware-analysis"class="uri">https://github.com/rshipp/awesome-malware-analysis</a> in
the Malware analysis appendix - Many small fixes in
layout/spelling/grammar - Added quotes around VirusTotal “privacy
policy” - Changed “Exploits in your Apps” to “Malware and Exploits in
your Apps” - Added references to State surveillance using “mandatory”
apps such as WeChat. - Added Wikipedia reference to <ahref="https://en.wikipedia.org/wiki/List_of_government_mass_surveillance_projects"class="uri">https://en.wikipedia.org/wiki/List_of_government_mass_surveillance_projects</a>
- Added guidance and references to check files for integrity and
authenticity in the “Checking files for malware” section. - Added
emphasis on recommendation of using Tor Browser on the Host OS if Tor is
available. - Removed GPG signatures from markdown and text files to
instead sign the whole release for convenience in Contribution workflow.
- Adapted the README to the new signatures - Added Bitcoin donation
option</p>
<p>v0.7.4 - Added reference to Whonix Live mode if you don’t want
persistence when shutting down the VMs as an added possible safety
measure - Added reference to harden Linux from <ahref="https://madaidans-insecurities.github.io/guides/linux-hardening.html"class="uri">https://madaidans-insecurities.github.io/guides/linux-hardening.html</a>
- Added reference to Linux security issues from <ahref="https://madaidans-insecurities.github.io/linux.html"class="uri">https://madaidans-insecurities.github.io/linux.html</a> -
Added reference to PDF listing malware analysis tools <ahref="https://www.winitor.com/pdf/Malware-Analysis-Fundamentals-Files-Tools.pdf"class="uri">https://www.winitor.com/pdf/Malware-Analysis-Fundamentals-Files-Tools.pdf</a>
- Added reference to SANS Malware Analysis cheat sheet <ahref="https://digital-forensics.sans.org/media/analyzing-malicious-document-files.pdf"class="uri">https://digital-forensics.sans.org/media/analyzing-malicious-document-files.pdf</a>
- Added reference to the DoHoT project in the DNS section <ahref="https://github.com/alecmuffett/dohot"class="uri">https://github.com/alecmuffett/dohot</a> and updated the DNS
illustration with this possibility - Various spelling/grammar fixes -
Started adding some proper code blocks in the online Markdown version
and will slowly adopt this in the whole guide in the future - Fixed the
Title missing a T - Fixed a an hyperlink issue causing PDFID to detect
an Automatic Action on guide.pdf - Added warning in README concerning
VirusTotal “privacy policy” - Changed the PDFID warnings in the README
to better explain their meaning for checking the PDFs published here -
Started fixing some accessibility issues in the guide (bad indents,
empty spaces…) - Fixed some bad links in cross-references - Changed link
from <ahref="https://panopticlick.eff.org/"class="uri">https://panopticlick.eff.org/</a> to <ahref="https://coveryourtracks.eff.org/"class="uri">https://coveryourtracks.eff.org/</a></p>
<p>v0.7.3 - Added extra-security measures and references for sending
cash to a VPN provider safely - Added reference to sim-swapping in TOTP
recommendation (and why SMS 2FA is bad) - Added VirusTotal scans to all
PDFs in the repository (while not endorsing/recommending VirusTotal at
all for anything sensitive) - Added Disclaimer about VirusTotal and
their privacy policy in the guide and README - Added QR code for Monero
donations within the guide itself - Added references in the Phishing
section - Added reference to <ahref="https://archive.flossmanuals.net/bypassing-censorship/index.html"class="uri">https://archive.flossmanuals.net/bypassing-censorship/index.html</a>
in the Safe Access without Tor/VPN appendix - Added guidance to
communicate sensitive information safely to various organization (such
as the press) - Various grammar/spelling/layout fixes</p>
<p>v0.7.2 - Small layout/spelling/grammar fixes - Added methods to check
your surveillance and censorship levels on your Network using various
resources. - Changed site font to Helvetica - Changed paragraph spacing
on PDFs for better readability</p>
<p>v0.7.1 - Switched Github Pages Jekyll theme to Hacker because I
prefer dark themes and this one doesn’t rely on external fonts (Google).
- Added some references to voice deepfake tech in the Biometrics section
- Slightly changed the styles/colors of the PDFs</p>
<p>v0.7.0 - Added recommendations to consider leaving your smartphone at
home online instead of just leaving it powered off or within a faraday
bag. - Added disclaimer stating that this guide is not sponsored by any
commercial entity such as VPN providers - Added specific sections and
guidance about the various connectivity schemes (Tor, VPN over Tor, Tor
Over VPN, VPN only, VPN over VPN and No Tor/VPN) with various
references. - Added guidance for using Tor Bridges with Tor Browser,
Tails, Whonix and Qubes OS. - Added last resort guidance for situations
where Tor and/or VPN might not be possible options. - Added guidance to
use Long Range Antennas (Yagi type) for connecting to Public Wi-Fis from
a safe distance - Added new face recognition reference and gait
recognition reference - Added dark themed PDF - Fixed error in Windows
VM installation behind Whonix (missing Network setting) - Various
grammar/spelling fixes</p>
<p>v0.6.9 - Fixes/Adds to the online phone numbers sections.
Recommendations based on identification requirements. - Grammar/Spelling
<p>v0.6.7 - Added guidance to possibly get online phone numbers using
Monero (less recommended than a Physical Burner Phone with a Pre-paid
SIM paid by cash). - Adapted the various sections of the guide to
reflect the above change.</p>
<p>v0.6.6 - Added reference to PornHub biometrics identification
statement - Small various spelling/layout fixes - Added reference to
Project Snowflake from Tor at the end of the guide if you wish you help
others evade censorship - Removed bad link to <ahref="https://www.blackbagtech.com/blog/2017/01/13/windows-10-jump-list-forensics/"class="uri">https://www.blackbagtech.com/blog/2017/01/13/windows-10-jump-list-forensics/</a>
(no archive available) - Fixed bad inline reference - As from now on,
all new references in this guide will also be saved to the Internet
Archive in case of article removal - Added privacy vs anonymity in the
Introduction - Added more references to legitimate use of Anonymity from
reference - Added reference to Whonix Live Host OS documentation
(Similar to HiddenVM project) - Added Twitter account (If it lasts, it
was already suspended three times) <ahref="https://twitter.com/AnonyPla"class="uri">https://twitter.com/AnonyPla</a>. I’d be grateful if you
share/like my tweet about this guide.</p>
<p>v0.6.0 - Various small spelling/grammar/layout fixes - Added various
references to Whonix Documentation (Hardening, Anti-Forensics, Anti-Evil
Maid…) - Added one Bellingcat reference to a recent case - Added some
Qubes OS references (Anti-Evil Maid and Hardening) - Added new sub-route
to the Tails route using the HiddenVM project <ahref="https://github.com/aforensics/HiddenVM"class="uri">https://github.com/aforensics/HiddenVM</a> for providing
Plausible Deniability within Tails</p>
<p>v0.5.9 - Added Monero accepting VPS providers as options for
self-hosting cloud services and self-hosting VPN services</p>
<p>v0.5.8 - Added various references to Whonix documentation
(anti-forensics, cold boot attack defenses, full disk encryption) -
Small various fixes - Added reasoning for not supporting M1 Macs - Added
Acknowledgements at the end of the guide - Added some resources to
cold-boot, evil-maid defenses</p>
<p>v0.5.7 - Added methods to check Trim/ATA/NVMe operations on external
SSDs - Added methods to securely delete data on Qubes OS</p>
<p>v0.5.6 - Added donations/sponsorship support to this project using
Monero - Added reference to Law Enforcement surveillance capabilities
(CCC video) - Added guidance to remove some forensic traces from MacOS -
Added guidance to remove some forensic traces from Linux (log deletion
and trim) - Added variants for securely erasing SSD drives (only ATA
drives were mentioned, added specific info for NVMe drives). - Added
lists of laptop brands supporting Secure Erase (SSD) from BIOS/UEFI. -
Changed recommendation from GParted to System Rescue instead due to
GParted not providing nvme-cli by default. - Fix: Multiple fixes in