diff --git a/b2sum.txt b/b2sum.txt
index 9221f33..d3b3e31 100644
--- a/b2sum.txt
+++ b/b2sum.txt
@@ -1,11 +1,11 @@
f5be8ab341067ed597da7858e8cafff948ba6b65b0e101f4176d613a5aeec1abcb2195e645f77e7658bdae58ba37c3e6ad14468f764f08ba93a4c5e93b749c05 about.md
590458ce5bd35c3734dd7e2d5da86269c72e8fd8457557ba57309f139dc69cca6620d9b3585b4832d2df6f5af7498e3c1d461becf13712034cd3be347ef93ca7 briar.md
-3fda4879ae566ab26e8adb66eb210f13459a794e2ea574f4d43419d984b99863ae2cef5a6e618409e41b95ee09583da2f3187693c6443e763b052348dd2f94d2 CHANGELOG.md
+508535a9c57c88e71905e3e355ab27445f3ac45352486331ddc1438a241db7dd1fb7cb2bf2d29225e17d88ac74c436683f483e39ad70d9bcdd82a0f5fa42d6cc CHANGELOG.md
356e84e2d72b7ec8c8c39fc46efcb0e7e907456493a1ec82c9bf78ad204f82d57ea523bf3fd016ffb27d0fc4903a0ce054d86a9e9a92d0e0ccabd7b47a3b645c chatrooms-rules.md
13a500b51aaaab394f40d459c722f25c94fdb92c0488a45caa67b5ef5c4d8ea1d5a9e303879cb04fbe61fb756a0b0e713533178cac66310d1f6d227c7a1b9bc7 CODE_OF_CONDUCT.md
5521e16ba14031692e50492a10c170cd472a95f7611c1d2489c6e4117f764702e83589d9d3d40f95fd6986de473d005ca41d4ff5dc1f1e58485e79a59d399528 CONTRIBUTING.md
-2f37ba45a595c53498483c5fde331dacbf3f231ecdb2093e615c2b70e1f107e5c814055ecc554b42cc4a28a833c9f857d3fb4eb21799e56ac80ee77ce234a778 donations.md
-fa1265817c50354a6eb240edfaca71e150952d777e52e7aeb38481d8fa82a76f74be80c1c69e07c4be3511372b8776ceed5db1a80550aae126101c0217bde1ea guide.md
+87503a6f656acdee2d063a96c731d8eab88db0881a5b27ee23c80fe4d600b8c371189acc9549d9acd363dea15e5a6447fb69527beb3f7353ded5cd47458339b8 donations.md
+93b926dbd672031ce3b7ae6dc060288f32ed63ad8bb42effaf6d79ef5c8c342fc65e8d556811793a380c744e432ccf080456478b1cd6cb66f09c8e0fe59870ac guide.md
29ee4751542b8a15463da06ef1481066391cf0c6c3a8157a3bda0c5e656137428ca8e4b78edf64fb9a93ef916150fe745f83a9e12ea5171f4dab088020beb014 KEY_ROTATION.md
046a52e53005963dd38343505aa43e51b5d750f0891c0a20a675c80ef9a254077db98b15165641a5f7ea33cc19f035e2aa7dbec4504a95c32b63911e3c7a8046 legacy.md
f9aa769f3572fd8c1bf2c46cfac9c49113f73b8185e5edad04ccca003f973d79ccaa728c30078bd45a60bdb7f5a090a22a95f04836e9ea07aa53d16684158b19 LICENSE.md
diff --git a/b2sum.txt.asc b/b2sum.txt.asc
index 947b061..cade4cf 100644
--- a/b2sum.txt.asc
+++ b/b2sum.txt.asc
@@ -1,48 +1,48 @@
-----BEGIN PGP MESSAGE-----
-owFFVguQVlUd30Uey2JAg9gEkR8oDJrheT+MIFhWWNf2g2UNcYbgPGGN3aV9KI9C
-IxA1MZwShxgQZ8QaUUIoghhCpYDGCSrMKRYlVCCbTDJHGnCi3/1mnHZnvp299557
-fv/f63zrP3VVVW311aPvaf7odEOp+oWaJX6gZ109bRO6l3b7V5ufzdIn4zwXlCid
-orQ6Om2kSSa4nLMVxjvllfQkUUKzoFpFRbmTLqVAnQ+eUSuTEjJrnbSSxkeX8Om4
-DjwpF6kQymStRCa4arkTQSbLvRY2EFkqOd/R0z2hLdZKS4Q0IUkfuQxccxGjTizK
-6IxiygbNksnRCKml1N5JzYnNlNsYcDM4pRiJ1nNppBeGs8hiVlm6jJ1M4oFGoahP
-AUs0ZYSLELlPXOiULQ9Ol0q+s9V1FlB4jk4YbTGJUs4zBY6iVyphWoL1QlqnrUgs
-AYXIIgoQaKM1wltrFHeJhYStVVLUCGKToB4sJWKl4dGxzKnRCrsqIThY455IxoWJ
-kYHyyEqluhlTmqbX31GeXoEjAQC7Rc28TsHgl9schEo5QBidLNFCKgFyKW6zYH3W
-QMyIyAYEasBk3GeMRajK2TMdCdZbwh0JiUgRjXI2WWdZJImATB+1F9pxD2VDqRQW
-ue7Ojo62ri929ixOXQWowgSEeEkdfjy3oIFEEAOZWGYy4EL0lgUijHF4iXNKewlW
-AnZLjkaJHTnhoBlDiOzBVfZaKkeKmSiXnFMNGwalOCWRZhUZ00E7cOkD5KorT6uf
-X75tfl25adqddS0VD0lGE1XeUUE4VZYlSYRljpJANQlRaOYsrKoohR+YMDYoiEN1
-YVBNYDDYB0JGHgXJeDIq6BmT0DwSgiEEXJSzjIFmCpsLIxNsIrHAWslMAaqppblh
-6p0tDU0V7aA1vCoknpFBclgR3gx4ccJ40YVCFcYhW/SMWCSGygCVEbdMiU4yGIwi
-ZQpBSuEFC0E4ZpzhPNhspI48e1H4UlsLt7pgSEpahwQ/Oa2BKHa0u+7WjvaKatlR
-hpBSHSThUrjC0oKkmB0SAOokLAqfIcuSJe2S58BLo8nOMKcVsoS+AJmIXCI64D8u
-KQLFvNFahYQKiZ46A8jEuYTNUBuBAJ6PiSZXKi3saY2pwoxN4FVSKbDY4Y9CNAg8
-TbEjgeiWhkyCCtwZKgsv4ja6Q0kUkBYM1jBJeG2AHu3i4V6OKFMwSHJCILLhsBgt
-Qko1uis6T4whjPjkCRWlUmP93PnN5ZYpLQ3lpgIREQpBSZJDags0kRsuuCTSOcRU
-Ui+jxruJATLiGIGjZcF3to5JQbSG4Y2nkgKioA4+Sw46BWozyE7MOTyRgoAn4cLA
-mS+GpOgmDcaEKpUWp4UuLKsIZfG0splLzVB6gfrMkPgAoSySC86z5t5QGFCm6CIR
-AbElhGcLr+qiEJ0GR5hFo5NhQEV89BqtRCzAV3KAbHKVbHJEOyd5pEoZQdHe1JZK
-dzTU1TfNri/AJFidK2gPxkkqcINKGyVJBRKBmkxZaCpwBmB1INQTnAwQVAnvc6BI
-k/cuO1RULkzDgJ6oWBmCAhXaTDANHmxCA6aYYGkekHaSMAinIKa1/RsVA2PjhH4L
-yUFpTWFUuMzAN3gQQZIC7vE2o6AF4h1R8wKWQZtl5KmwmMiIbESEhGA5YxScGo5C
-eI0QWJoZKIBI8Hd0DnZzRROgQzIHnAiN2jpi6mwPncuWdHf8vw4jBUEoHK2Rd7Si
-h4HgWu489cwLiBazR/kq9E4yOuIUjZZ6ND+iEgRmicyCEZQoFwknZlJeamUYVqCc
-IL4yOHoC5kV40SL4zCgQwU3Ci3mp1Fw/ZdpXK3JFzpNjkaKubEL5gHuceDg7neYB
-wUGscegI4lFhJOAow3hBOY6m81olhNjjeIYlomSSS1jG4agUOipXIEaxa0BMnApf
-FI4Qjlu8K6HyVWLFoX5v6mzNFR8/3If3raqurRp17ei+U6/I3s3nX3po+5DXfvzJ
-d5J+fYqvIVW1A4d+cmXVA0OuTF+z7TZ1fmw+/PywR9adG/WfKz0f/H7wn77pp0x8
-SyzYVLNw3ceLNmx+pes7O294rX7F5ZFPb/za2bNVN5+at/XLx4dubXxn7evDT85f
-W/PHd1cMGzP+6IWxK9np9z7+cP3rF/Oug0+NuOXG64gZd//y1sdn76877W4edO+J
-2gMvrO9z647Dm5450tsxeuZzZ4Y82p81bzhx6ezb1U+UdXbfHbXx8V1H9lT/aMH1
-qx768ODnqravP7Rqe+POz8/qv3bX3b0Xl3/hny+PWTx+/4U92871PPDmb3+4+/D+
-8tenjtxePXbWTSe35LIafWD1vz+a+Njk93J8c+WICYN++ucdy48faFu5Y6it3Xyp
-/NS+V363dsiEHetkV3fb9/bUH501rHdduLq5fviub4/5xxtP925Ycf22xrvT+Rc/
-/dJqPbt6wI1fmrqy6fh1DUv+ete3bj1Sd2TSZ+b4C9WdfW+/+PffbBwz8tzwczft
-7Tdwms2TJm1ac2jGhV/WHtq6o/G5X9239medK+vsDXrGxJO0fPytdVP+sujBmVvu
-u7a+75p5P/nDw5cnH3D+ya5LVZOeH9c5csGxM3O3DGj0SzfMfX/8i/s+eHTViL37
-/tZvxld2krsurvj5L4aw6sdO7V7d/d/dp4+GsSMXPziid8uJCZeWdZulb5851eca
-Ofjyr78/ecCumne3X0M++8jMN678a1n7s8/Mu7/n/XcObm2/pde9/IMR/Z8cNC4f
-m/Pq4DlX7a25x84ZfOx/
-=zzCE
+owFFVntsVmcdLrBKYTDmMibCkG9myW4W3/sFFLkVWgstltaJyYD3ymCUlrYwMYNt
+MBe2dAzYQvhDiIJQFTZBYEwXhAWQ69ARFhQRVJgoSIIZMBMh+Jwmi23SpN855z3P
+77n9vpX9e5X17dHvoTkNN8/XlHq8VdHq+3jWvqB5eMf3OvyxVZ1Z+mSc54ISpVOU
+VkenjTTJBJdztsJ4p7ySniRKaBZUq6god9KlFKjzwTNqZVJCZq2TVtL46BL+Oq4D
+T8pFKoQyWSuRCT613Ikgk+VeCxuILJWcb1nQMbw59pWWCGlCkj5yGbjmIkadWJTR
+GcWUDZolk6MRUkupvZOaE5sptzHgYnBKMRKt59JILwxnkcWssnQZbzKJBxqFoj4F
+PKIpI1yEyH3iQqdseXC6VPJts11bNxRiJJfOBqmDMUlTS2TiiUvpPNMCw3IXBG5h
+wijOaYyBCm4cEzR6HSPNXoMZnwHCMiYT1dEYF7QIgitleAbAxK2LuoAcYjTMkSyz
+EyyqEEqlcdVj6iZWTaqfWMDhUiUjQIVmXqdg8MttDkKlHCCMTpZoIZUAuRSXWbA+
+a+MiIyIbEKiTk4z7zHMkVOWMGSLB85ZwR0IiUkSjnE3WWRZJIiDTR+2FdtxDWcAJ
+T7uOtpaW5vbKtgVzU3sBqjABIV5Shx/PrciCRCELmVhmMuCD6C0LRGByHOKc0l6m
+LAPelhyN4Ddxwo22GEJkn1RBm1SOFDNRLkGshg2DUpwScKoiYzpoRz0og1zj6sdX
+zaifMGNcfd34pnGN3cJJRhNV3lFBOFWWJUmEZY6SQDUJUWjmLKyqKIUfoJ4NKglK
+dWFQTWAw2MdGG3kUJOPOqKxRMQnNIyEYAgKLnCX0zhQ2F0YmbZ3EA9ZKZgpQdY0N
+NWObGmvqurUzWoJllRUGCzFBRKK4sypo2AY8eGOiJ8ZQJyELrvNgSE4iKpALnTWl
+xroQrBTAhSO44hH0ySSdEkJnr/Bi7ZPnWYOziBAXcyJKnFsPRLFlnuuY3TKvWzUE
+zzIVfVQaEaAhIYguqRiIIsyYzFmKwBeN94KlnB1Y17ZQDVgEy0HJZKKUyoA0+I0b
+AleLJDgLAQknhQ+18TTAx16pTGwwCQNJazRxsNKsBbNjKqAwm8CrpFIwbzCQwGCO
+wNNUGLSR4pbixKACd4bKwou4jO4Ak0iwYLCGScJrk5Bz+Afu5YgyVVTifSAgGxCd
+KIP7qUZ3RVcQTRgBWYSKUqm2atqMhvrGMY019XUFIiIUgpIkh9QWaCI3XHBJpHOC
+J0m9jFATUwIZcYzA0eCF4KWOSUG0huExuqSAKCBoRvA4D4HaTLhMzDnckVAcRMCF
+gTNfDEnRTdqBOVUqzU2zXFhUYMGZTiubudQMpRcoygSJD9kFi+RSWsjtDYUBZYou
+EhEQW0J4tvCqLgrRaXCEWSAHgukU8SgnFCKxAN+dA2STq2STI9o5eIeimwRFe1Nb
+Kk2qGVdVN7WqAJNgda608GCcpAI3qLRRklQgESj8lIWmAjsATwdCPcFmgKBKeJ8D
+RZq8dxmGtVkHgZ3BM1GxewgKVGgzAfPzYFNkOcXkBf5B2knCIJyCmNnznuk2MF6c
+0G8hOSitKZaOS9TAN7gxMy4F3ONtlhZVKkxEzQtYBm2WMyWFxURGZCNDJ8HOGaNg
+azgK4XXMODMzUACRFKA4B7u5ognQIYgGyhoaNbfE1DYvtC1q7Wj5fx1GCoJQOFpz
+7dGKHgaCa7nzFItAQLSYPcpXoXeSwY5QNFrquYfXUImYBasCjKBEuUjYmEl5qZVh
+eALlBPEVeoEGzEt1sJBJY5NFGNMkHMxLpYaqMeMnd8sVOU+ORYq6ssm7gntsPOxO
+p3lAcFzyWNWCeFQYCdZhQeJ4ZBnFoFVKKXqsZ1giSoYlB8s4rEqho3IFYhS7BsTE
+qYARghHCoWloSqh8lVix1Bemttm528ev9OR3lfXoWzb0gYfuGntH/mndpX3Ltww4
+1fXZd5LynsXXkLK+fe797JN/TxlwZ+57bf137qpuGvawXTZq79QDPyq/eqXt7ZHL
+O/9xdvHSHXW9O795u2zlkq4TI6uPrH31tRWnWm+e7j/i8fI1Z3bfeuOREaMrvxCP
+NY7Yfrnqn6vL/ni4vXzqlL+UvZurntvx06ujLu96bN3JhS+de6by/THz6Zlfj750
+cXrn6a4Tszb9ePcbR3vwrldXba9Yu/eLN164fnvr3aMqTt4zcNTrE5t3rTCfTu71
+zqqa8RNWNxx4+78rbprdB/ySra3N1RPL7xm8ccgn2w4eP/jys681jS0dP3hhyr7r
+oX3fnnWXH+m8MGG+HHP7/Z2Dzm94cfpXXu9xX+uyd+70Fo/vbRr95EdHFg3svdT2
+bnjw65u/8cGks88OPzznl08P2Vrftfjl26On7982c8m1rgnr73+ydv38tdsqW6or
+aqZd7dr6Xu2JXot3bJy5etP4v9995LHJnz76u4GVV/66+d37bjxx8IFhv2/6yZIL
+o88v+ejKoQPfOrdq7Vuz/jzsS8+3V4z4MFe/2Kt851fT7g/f3LCan2vc84uvfe6p
+ftMeHvm3xZU/237vpY939pu3fnFn/56bfrt9z5aLv5ryEpn+/aPxX+LEnDUzB9Ue
+qxx6q7ShofXQf34+8/qNOwe//Z0h4tr+Ph3LXth7+dZzx5d2HTv1fPmyc0f319xf
+9uiG5ae7Ptn0g4+/u/La4AHLKh40b5LaOyvPXM9D44DfDGreMrj5y+aDUZ+fsvWH
+Z9eMOjT28BObN068ebH25MLKPzz1Pw==
+=yWtS
-----END PGP MESSAGE-----
diff --git a/b2sum.txt.minisig b/b2sum.txt.minisig
index f825b13..149a542 100644
--- a/b2sum.txt.minisig
+++ b/b2sum.txt.minisig
@@ -1,4 +1,4 @@
untrusted comment: signature from minisign secret key
-RUSn9xivowlq/tWHek6oewspNawTSzW0I0kTP27ouSQ1gOK4BK0jo7qBqNRSXhVHvUkSt532K7xgZ4iA8RcrUNeNO6gtEk8eYQo=
-trusted comment: timestamp:1657492139 file:b2sum.txt hashed
-Ze8vrZb9NTKrLC3IOjZUiPmfZkErHXBUS03YAzwnRCa7sLveJmmT3VTdIlSmnbrxB/qxlVxtQGZfVfEUG5mdAA==
+RUSn9xivowlq/iiwh34VLR0MgRZx09vLhh7GQLucsRg352pDrCQHDOvrL3rJhLTx8PoqGrVB9lA52Sa/2kJ+CiDBsES6M+U4Gwg=
+trusted comment: timestamp:1657508240 file:b2sum.txt hashed
+lbu/FmlZb6i/HQu0KqTmrAEUKdDYu0WxHUjtWMad2lO7gXk7se2/rrz4ZrRQlbuOEHCr/QQ3+MAOXRB+Y+RXAA==
diff --git a/export/CHANGELOG.html b/export/CHANGELOG.html
index 39aefbc..b4bb7d2 100644
--- a/export/CHANGELOG.html
+++ b/export/CHANGELOG.html
@@ -18,7 +18,7 @@
The Hitchhiker's Guide to Online Anonymity
v1.1.5 - Various spelling and grammar fixes - Fixed several numbering errors in references - Updated and fixed many broken URLs and saved them in the Wayback Machine - Noted that https://mastodon.social/@anonypla is gone? added strike-through - Adapted Qubes OS hardware requirements that were too low for a decent experience (RAM) according to their recommendation - Put more incentive to use Tor Browser Safest mode as long as it doesn’t break anything and switch to Safer if necessary and with precautions linked in an appendix - Precision that Anti-Evil Maid on Qubes OS is only available on Intel CPUs - Removed dead link of Centry Fork project - Added Windows 11 support to the guide - Partial additions of partial Qubes 4.1.X support but needs completion and testing (coming soon) - Added link to official guide to upgrade from Qubes 4.0.X to 4.1.X (fresh or in-place) - Fixed issue in Qubes OS Tor over VPN and VPN over Tor Networking cases that were just plain wrong - Added guidance to run Windows 11 within Virtualbox + link to official guide from Oracle - Added recommendation to install/use Safing PortMaster and added a link for some compatibility issues between portmaster and some VPNs - Removed Windows AME completely from the guide - Replaced the “I would” by a “We would” since it’s now a group effort and project - Added a safest recommendation for more paranoid people in security level choices in Tor
+v1.1.5 - Various spelling and grammar fixes - Fixed several numbering errors in references - Updated and fixed many broken URLs and saved them in the Wayback Machine - Noted that https://mastodon.social/@anonypla is gone? added strike-through - Adapted Qubes OS hardware requirements that were too low for a decent experience (RAM) according to their recommendation - Put more incentive to use Tor Browser Safest mode as long as it does not break anything and switch to Safer if necessary and with precautions linked in an appendix - Precision that Anti-Evil Maid on Qubes OS is only available on Intel CPUs - Removed dead link of Centry Fork project - Added Windows 11 support to the guide - Partial additions of partial Qubes 4.1.X support but needs completion and testing (coming soon) - Added link to official guide to upgrade from Qubes 4.0.X to 4.1.X (fresh or in-place) - Fixed issue in Qubes OS Tor over VPN and VPN over Tor Networking cases that were just plain wrong - Added guidance to run Windows 11 within Virtualbox + link to official guide from Oracle - Added recommendation to install/use Safing PortMaster and added a link for some compatibility issues between Portmaster and some VPNs - Removed Windows AME completely from the guide - Replaced the “I would” by a “We would” since it is now a group effort and project - Added a safest recommendation for more paranoid people in security level choices in Tor
v1.1.4-pre2 - Fixed some spelling/grammar - Update to contributing guidelines - Update of modern-crypto room rules - Addition of chatroom-rules for the PSA community - Update of verification guide (removed outdated content, fixed links, updates) - Removal of CTemplar references since it was shutdown - Fixed links to Proton services, references, onion URL, and archives - Removal of BTC Wasabi recommedation in favor of Coinjoin alternative and wallet recommendations - Re-phrasing of some confusing sentences - LibRedirect extension is recommended again - Fixed many links formatting - Removal of removed content (dark pdf) - Fixed links to ODT file - Added recommendation to https://z0ccc.github.io/extension-fingerprints/# and https://www.deviceinfo.me/ - Removed links to non-existant mirrors - Updated some outdated references(old project)
v1.1.4-pre1 - Addition of a legacy resources page for the old archives - Changes in the about page to reflect the current situation - Changes in the donation page to reflect the current situation - Fix link to video “How to Hack a Turned-Off Computer, [..]” - Misspelling and grammar mistakes fixed - Fix formatting - Garbage removal - Inline linking fixes - Privacyguides changed their URL scheme - Almost all archive.org links fixed - Annotated some links to make them more descriptive - Got rid of dupes and empty refs - Renew links for researchgate articles that were removed - Removed mobile wikipedia links - Fix a couple patent links & Rubber-hose cryptanalysis wiki - Update PDF archivals so they are direct links but not downloaded - Some scientific articles were removed or replaced - IEEExplore, Spread-spectrum watermarking of audio signals - ScienceDirect, Robust audio watermarking using perceptual masking - SSRN, The Cryptocurrency Tumblers: Risks, Legality and Oversight - Property of the People, Lawful Access to Secure Messaging Apps Data - Arxiv url fixes - s/grayshirt/grayshift/gi - Trailing parentheses and commas removed - Fixed all broken links - Removed uMatrix from the guide (use uBlock Origin) - Removal of https://xchange.me/ (abandoned) - Removal of https://swap.lightning-network.ro/ (abandoned) - Removal of https://privacyguides.org/providers/hosting/ (category removed from website) - Added a warning about the privacy redirect extension stating it might be abandoned/unmaintained - Added Anonymouth for linguistic antiforensics & related links
v1.1.3 - Added dedicated section about gait recognition and other long-range biometric techniques - Updated PDF toolchain to allow embedding images in the PDF guide
diff --git a/export/CHANGELOG.html.asc b/export/CHANGELOG.html.asc index 70efe69..cb16c0d 100644 --- a/export/CHANGELOG.html.asc +++ b/export/CHANGELOG.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUcgACgkQDCFqUvbf -SSCTPxAAm0udKqRAZofZz8hg+NZu2CJ6v904fhBc4wXNJEZk896CMvFcOlO52XXi -DeWJ4fcYQ+BFKTTcGFJUjMuzSExE3ukRQsnnuUFVPVm65J1EXg1LRJ0J4XvJUAqE -1sD5ZCE333BMBE6hTKNc/evW4ZsyPI9cUrqT5kL0217jWCdV4I1SqGdxuQqEjJev -ZKDpN+LXUNzYmmr+z6CTi1FysYpDSXx0n6GlFZPJ43am+Z3I6NhEVASbHf0OgLUC -LE880L3x6da0kINRuIS0c6eYcG8aSnDloB5oujjxMdIcv+fpdF6R9NRdRJf2uBBN -dzeAV2P5Q9oPgeb0cCFJbw7AsvH0T92eP8e6qT73W2N+UCxxA3D2pUyi9MSxEZEp -sUyXklF/ShMpiqpA5dFDwFNQsQkGnnKh1frxmynTJcb1KIkrT+cdml07MuVDf2lW -J4jgYn5gY8oLK0v7EfDv9cGcd1f6kKaejrdDUBClbH8s4jEj6Wg2tZyk42yNFpgg -5qRhRjYYRWyySggl9yLPnl9NUAfYWztVZBeK+KN6vas75cunPqrjfWAAwBPzXzyA -npfXMYKsnj4J4uP/hYSntOe7UXgrp/u0VNiedBN7GXDa3yuGtlEIcRjkj/riCOvo -O4GDWCR+3/aX4x18WCAoD8jHymQuldgapnKKyHM8NpNf21oLeXU= -=gejx +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkN0ACgkQDCFqUvbf +SSBDbhAAqS7bcE2ZwGYPNr8qGeEKT8Hrfz4+kJ658qbhjtJ1PWOxeZHibvTeSDyf +M2AUhF7/77q+WgN4KNNjHQTnrmeLzcuAfB03jlhzz4IYYqNH3YZ3hePlH39K1Quk +Hpj4ka0qp9hb/5cggZTnDFHUFJ1t1Sx8lZ/5i/ysJHJqDH3QPo74S4T6HRpBpXcK +QEZ6ESR2D5yeQTLRwSy4IyoinG7tLDD2/vfHEuTS+UDSm1i9dqRsPxyZkmcXRy+d +u/9gPpwf2EgooLr8s1Xcux5Ei93rryju/yNGwgv4o1yvYkz6GMtc+f6ukLZJGzFY +e4jefZ+ENFbtAw/fjsiGYisLCTFmtUnz01Tm6Cb/mJ6yr+AjC7JkFo+v0hc3GeU7 +MywneOVXAay6pqHy9DVEKoAs/Z/eARpDV2VieZzGnyZzw17v862sNpfjcQe8OM+A +uP/gGycOwkcygrQh883iLnCjYRwZIGlbvXokLNFU+B+lp8Yy7KRE+jgMFMMjdufI +EK3OlYjB3cipqrJ0mdxcNF8/3WS7TjQesGY2aI+j+6ZFFMwNMeMiwbYmR946PuWv +5jmIXorZ+lpayVK74YpFNRv8hPvgEzb/zXZiNNGS577BbH9gCxGanGjGOk8Sso9/ +043aJ2ufWg4G/WsIwH4FyZkKwIVdGunZDBZb6vVYKzB/ODNg5/o= +=BtWq -----END PGP SIGNATURE----- diff --git a/export/CHANGELOG.html.minisig b/export/CHANGELOG.html.minisig index 7c0300e..e60854d 100644 --- a/export/CHANGELOG.html.minisig +++ b/export/CHANGELOG.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/t1tNVbJ58B4+3mz842pvonuaH09rr4xSa7arNtyL66cIY/GfL1U96vp9L9iUWBIQD6/bWtmruZqMetxE2CGPQ4= -trusted comment: timestamp:1657491917 file:CHANGELOG.html hashed -RL3yEBBIHRJBcgJSuptCzafi13WfhHpcaPoZIkpEp5KpIZT1X+AKVwCdWOSgE3x25o92Vxj/XtAcnDHaa7fPAg== +RUSn9xivowlq/qKwfo0rqrUHKJTx2Kmmw82sNdsI3qEDD4ZVkjlUdJsqEyqzY1t6BmDDd2TjRu214pv6LFKZ6lbpgIED9gqU/wc= +trusted comment: timestamp:1657508066 file:CHANGELOG.html hashed +MEWFMNo3kQnE6hMGKc8ULI/0+OcraF7HKMeHDZwxNiyLzNpTAXBAjP1gyaPOYLMoOlz67+NCVnCiTJk/QqqrDQ== diff --git a/export/CHANGELOG.odt b/export/CHANGELOG.odt index 4d98124..5eb7686 100644 Binary files a/export/CHANGELOG.odt and b/export/CHANGELOG.odt differ diff --git a/export/CHANGELOG.odt.asc b/export/CHANGELOG.odt.asc index e9a7161..c88d29f 100644 --- a/export/CHANGELOG.odt.asc +++ b/export/CHANGELOG.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUc0ACgkQDCFqUvbf -SSDAuQ/+PEroZeCjmg6FloS4gdUfer4ZKGH8Ja5oHwmImjLHC7VYURAL392prBFf -LCkB7JScrHdDzCo5LkM57+IW/M2VijiRwbpu93vEvbuIec+s4HAQYAIYn4auo4Nf -ZsTy/uS0jMziPqIkwGKPjFFHsWYtrxaV7heqTwHhpAViV9ok3E+JRIJd9U+7GL69 -Rs4Hl5wv4Ax2gIxfirSomjFWUDQk9xkfSo2kMzmbp5qtHOgjr55WXsXVdUeFWl/Y -RYaen2mwcpxNviEzNzPMveljtQd7xPexAJXY64d59LiaXQ1pN9ixJNqY9B4mBPs8 -azNvYenyOswsq/yg8RU1rwcE44W7hp0HywNIJbEsneoAA/kOU9kfCvoGoWf14SF2 -hCdD4uo8raNcl9SML4yDk36DFp5ne1thbL+cgd6KL9cpwb/BoGXoVlaFh+hiqa/U -1l5zu8qsSGLpznDdbL3mi0uWhU1nvQ/beGUnegKES4cKzN6k3OjobfPjIi+xBxsC -SxWu4v4cCe10pmxKzs8O7v7+Ye75YB7KGAOAmMHIBl2lJ2aoLO8IR4sd2Aq/J0sC -Zhnpdm1apy/YFqvI72xDzeYA8K0v3R8ucdAHoSGQyDkgv/1uiMqEeKDe04lGIHmz -Ju05h+/hKI/D06QJcJT6ut37o5r9u+UqdWiZVpFqOn34tPD4UKs= -=U8rw +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkOIACgkQDCFqUvbf +SSAYIw//eunPzjcNqvHNwaOsBfRnSmNhG6DEEaFrm2KVfepEZKb94AtA4o3BBsWc +siFcVYn7XT6/3POe/VAqirwl3+8Gw/TtUSrk9IxrAUbQDpH/N3HzcsePWu0BgBZ+ +uV7qnEmPqJrxkiddpXmLdgDT8UHhFaX7CftblafPiU3dfAmdislHNhsRm/P/+IJk +WrVhgXH+E5rgHJfx0s0qPI2mRwrOCnSBfV+6Y/2xgTl3p3xGul1tDJ+eKgTrW9xD +f21OYvxn6H2ul36Qs5A/UWeF6RORGYDr792FS1wCRcn6b8NsXLrvncIK5SeoGsZZ +adjGGDM/kUrhfAGOO/AAlTJQaUDCAmIjb8YQ0b+1FGOMImwLwR8rY8aWXtw65ou0 +BPkvmpVThajOj0AH609JpXyqdDJ3i3n6PliFfeXZ85MkyWFdeBPywxVvN7f9GA2y +ro5muq1CT4PYkoL4xFq7yCn9RN39bkzX0dvXNULVNoZkwxOik9AzDBabCYw5e0cn +alUks4YDNzoP6QvcS5K1UIFRfbwnx/YyrWndMRS0D9/jM3pWl/jBADuvJHy3KS5i +moQ1rYKpMRPlRbHvoRu1b1rlJlgg3VkKXrvXFF/BHSOZOEtExFY7/qeWAUnCdb9g +czNLlsKTNisgYh74a1v5+89MD8Ld/7DY9my//yzsM92caK6MvdQ= +=F2sd -----END PGP SIGNATURE----- diff --git a/export/CHANGELOG.odt.minisig b/export/CHANGELOG.odt.minisig index 4a382e1..01d1715 100644 --- a/export/CHANGELOG.odt.minisig +++ b/export/CHANGELOG.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/kSidMqbBGNQP2IE6oKOVM9gcyVFxoaYlZ400znKTyeEtWHo2NmcoU27WXd4Dtq8SZ/FevaByo4teaaTjlR4mgM= -trusted comment: timestamp:1657491922 file:CHANGELOG.odt hashed -ObudAs6c2ocUNvxmD0LzqMjTFWGqqO1tJ9p/u52B9bIvmeb1ZpJQIr/SNlxj413Lzossnkbj2CZ80SRW82+0CQ== +RUSn9xivowlq/sG7pRMNBRBF9iStJD/myus/DsSZy7/IR5OeVmMGd069TzLPAotbOvcDEnNf6hTWQ5F2UnsQjFL6b0ibUWBENAg= +trusted comment: timestamp:1657508071 file:CHANGELOG.odt hashed +KTNJNHW1emi6+a+G+i+Min7z/ZER1OQF0QicC5tTrmpQREFSm9WC3qC/b6O7GovUZFpVIPsY7w/Qu2P/6g6SAQ== diff --git a/export/CHANGELOG.pdf b/export/CHANGELOG.pdf index b210ab1..67da03c 100644 Binary files a/export/CHANGELOG.pdf and b/export/CHANGELOG.pdf differ diff --git a/export/CHANGELOG.pdf.asc b/export/CHANGELOG.pdf.asc index cf7bfd3..9e48e59 100644 --- a/export/CHANGELOG.pdf.asc +++ b/export/CHANGELOG.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUdIACgkQDCFqUvbf -SSC4AhAApS0/pDewmPAgWMswEBUVPxhNMgAUyKwUZ2hZc/KO7qmbEZraleXNqHKi -eROWPi9bGCbGQ5gzgBIxLQnOG6a4xJdzjwJo4w+H6rI7Fd6+Th51yEIH8hnq43XL -4vpx48mn6N0Uvf2MacYcsh5aZpJ7v0vQ9INI4ZAjlcjL9f/lWUitZtzKPdlnMm53 -PpLvfo/9akNnjkC5wUbq0eNseFAjIbZqaF8DAzt/HJqWGxh46gRkHSfQymihZMWN -Rurk9M1K8vV6xNXM1wIp8AMmvPLOymY/p2Z69DU2TE9a1MkmcLc8hbYDTkrWGH3E -aMEC2+fhrxsPc/NCPhZwZbeflzzuDiIFz6ySNx1lr6b0xzY4fWWMEqIr+hw/7OIb -w5XfjhOYGVcc0JJYDTCIW42vW5TZFz54jBaaIlcKZaX9MqPHJXiDK7M8Ga6qZe+2 -kAa2fIEq8VPKMM3PlxrlmdiTx0fc/4AlA+cbZ9IFhAKNmQZqY9nxGNzHKn2fXkiM -txHXJfB7Tu1+hz1hkbzNI5iyaHBcFOG7oxAsXBFpajwMvUzBm7gGTK0RCLb9x/Wh -Cn9rTSLWsNHLiNKRmpfKQPKNV5tulCZVgiSqxLyT01QBRjMrHF8R+Vv86qGHDdO7 -U38xqwyTwpjT3/MA2BwtGJKddd0xvlHqUYNePWCVoIfL++qtb6M= -=hOKR +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkOcACgkQDCFqUvbf +SSDvxA/+LqLEp94uq8GDwA3EAtQreb3m5COoM3K46WDLCTQoxuuAJ7n5gmfWXnCe +wmh6we3Q45XSBQlx1xvNbyNnQbqu8F7jVabwVFyG8A56jI6rXeAG1eZB4V/rVLdY +RAeFrqdVn5+e+SBPdOvJiwN1Ds0zyO29PnBnIZMOvj4QKNJIssj0JtE+1/esvzg7 +QW7n+x8dsnqdUg1HhmuZS7m/bKzhhhlg7I+QU0EahiMTL9R9HqtYg6kGLimrYjT+ +0yunuA0thnC617cQyrouYa2JSMMFz2EcajKcr6A+2g4Ms6X47NxPDDB9T2CqVS0U +AhM5j0ZxDRqAQXJyCCh4i/xI86qiBcV6UWMG+igGrbC5Y8j6Zsd5kV2hckd9CqFr +pAlON8pvvR5nevneCdWzoEZitxnfeOIR3JH+xh0MMFjFHRet4E0R8JhulYuLAeeZ +eEZ4wzb7S7kfTOn9zQNUfD/VXL7kr+pMSqBr4f0XffY9e2TECtB05c5NOzPM8KTf +8OMxwT/uZfzS2zrDClqE8DKNwFKuaVOgCJ6SSBl+3N1U1BswLodIJouetuDZjm13 +S0NdY+3joen6CIDbYPHQ3tjpZJjQ10AF0XUUtKuy7mtnn84Bp5qffJjNQuZJXWXa +hiHQyj7fAq8DxMY6anI6adWmLSKplEXnw/oPrEc5C1B4vKJiQxI= +=feAy -----END PGP SIGNATURE----- diff --git a/export/CHANGELOG.pdf.minisig b/export/CHANGELOG.pdf.minisig index 5d01ca5..290d107 100644 --- a/export/CHANGELOG.pdf.minisig +++ b/export/CHANGELOG.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/sN6X/Rin4oLAqlqxlNFnEdw2iU26EKoka/TOPN2e4sTlhKzGFstdYLLUFNQjehmkTxepSPx2B6BxRGDBXyH2wA= -trusted comment: timestamp:1657491927 file:CHANGELOG.pdf hashed -utn/SQQirgNqZgSPmBEm9bmY8M/SdGNNDj/n3hqU13SVLLTebzUKS1t7XWjD9l7EUwhTlOpkMD/6oaZMZJrAAQ== +RUSn9xivowlq/nWt73tL5M+kafs7EqpzTW6S5Md/j09yDhnJySivr7Xg+lOgXt3wPTlLxIWJZCX1YB7XkCmBYgD71FV0zT1uqw4= +trusted comment: timestamp:1657508075 file:CHANGELOG.pdf hashed +Se+UgOEKuMO58Zy0omnl0qvF0S2lsk7dhUHYGcgQjDWwYMZ1q24Y/zbwn20O/sPLQ0KsBxKyl+ozvVPe8QrlBA== diff --git a/export/CODE_OF_CONDUCT.html.asc b/export/CODE_OF_CONDUCT.html.asc index 2500dd2..7ca097f 100644 --- a/export/CODE_OF_CONDUCT.html.asc +++ b/export/CODE_OF_CONDUCT.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUekACgkQDCFqUvbf -SSAjZxAAgBErVvH60GlEvBrQ2gmkBBVTPhsBNLKDuxaB+RtEJ9erOqDib2o2kZQO -kzwOy701CFZqL+nc50siUHHVtYChUbbTJK3CDVyi+F7ZiLrV8epfRh7n9ZK1Sjps -8ZXvZfc2aRjHLmfzxY/Wj7c8g9xWXpgkqGafimgrnlyxZI1gaM76aRSbQ9FDQ4MR -7VkiggHqPnKD7WFj7mJ8OwY/+DzKV7u+VICTuwKyZsSJV+xR0AaTx8q5RltkSzIJ -/56tq3vAnk/EOfTmBNDMtojAgL0pnPJzKJhrisEatM3NX95t/WhLo3qywtH6A4Zy -LqW6Fqc0QZYuk5tgnwlFiQfxbKEhjC2IHGiseiWVM93T8sfKB06okZFGdTgGc7kv -i7lMRzC5KmpFh4FKLOV911Ttr+Ox1RJ4M5iLpujdJXXKtR3ZlZ475/6sqWpXEa5N -cIDMEqHvUmnUVg7zZa2f0TTIqG+KlBpaIWcrXg9mLIE/G0yl5lRIa9FGSxJIpR8T -MeQyWrC5AGljaAU1hO5JNp5IEm6rYt+LUQNvNrH4HcuP2Gp0ppe4ETfEW4RSnUUW -6nn8Ew9AgK7CkDWNWgHOPVMqr6HQLuppY6sYJiKLsW0C0+8vdAzmNGyMlwxvvDNs -Y23j+nQqGVa1BeiTJa2BHqion4GkBbtnNBJCxnJjL3fEXmcGTpI= -=u8SK +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkPkACgkQDCFqUvbf +SSDpsg//boMQ5RDJuGkV9soqKeh+zZL6HF+C0rxk9FjhtDKcfuzHxgh3bHkTPqqg +SdSZiUSwXMyc43KDtfcZPdAmAlNcCgJ9YNqdTsmTca9u26MedzQ32QR6yLvg5qZk +j/vX8zzWbeHjyCkNZbJkbkfm1P5eostw4TBxGjK0M0m+tJ2PxlesPS9+9+mKR/Ti +cPQHoPS7IBNi7i4lU/Mn8uFeYEwlhi1qhUR8aARhR+GrRyqe7Kh+taEP2/FSD09D +d4aGIz3JwxbVV3RHqLwR0ChTnog3eyR7a9/zB2mLaOyyJSUp2ncJoJnzdt8zdsIx +ugs+93Av5uGPaUuLiGnUsDCXi5t2rbtNMtKq9skwypoP1Fr1VmIQmIIbOj7aAsMI +p/ZMZWxHK5GsHaHxXm0T3rNoliHgNl8j4OQ4xZ6jPssM4rlowaRTAgjfmA7k+4e+ +WzVXO/fADqHRv2RnX8jXn7NaH8p9I9BMMzIYEZCUOWuaaiY3W3TxonzA07zc0t6+ +vp74TrGJu7yRYqeovXx+vVgEv198qj85dBTdtIFk79USgkJlAQ0gx+3j2c9RpKFN +1WABcW/Rdb8NinpwFfbe5E3vERFaqPVYI+CnN+/zucP6iNanbiL5KKvfOKne3iDV +Kyo9w0AOn6dYJ0waVZJ+gwCb8G1TErosz5Yoh5DGM75yg40CYyw= +=xr21 -----END PGP SIGNATURE----- diff --git a/export/CODE_OF_CONDUCT.html.minisig b/export/CODE_OF_CONDUCT.html.minisig index 6725bb6..120f861 100644 --- a/export/CODE_OF_CONDUCT.html.minisig +++ b/export/CODE_OF_CONDUCT.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/hG7oAcZkT42LDcGZ1Y+6+Lxjwi013h7VoTYeeYrlxF+Pk2qpv/a1I0QkvO6csOm4TCKBthPhIN7Z3oBtXrANgY= -trusted comment: timestamp:1657491950 file:CODE_OF_CONDUCT.html hashed -vRAbejOuk1/YvywbHp9kt/ytwLMKazWNC/l6hHllHDlVUQLAykO1rtDj5Tgoht57F2pjMnIrgAZPh1UF0OIeCw== +trusted comment: timestamp:1657508093 file:CODE_OF_CONDUCT.html hashed +W9AkAiv3Q0hAM7MXNC6PIdPG9whcSTjZPQEyDzp4UURco17Dm3K60sFrwrwps7MYKn4yHml+E3FgmLQHW5WCDA== diff --git a/export/CODE_OF_CONDUCT.odt b/export/CODE_OF_CONDUCT.odt index 648d7c2..7572adb 100644 Binary files a/export/CODE_OF_CONDUCT.odt and b/export/CODE_OF_CONDUCT.odt differ diff --git a/export/CODE_OF_CONDUCT.odt.asc b/export/CODE_OF_CONDUCT.odt.asc index d46360e..df946a6 100644 --- a/export/CODE_OF_CONDUCT.odt.asc +++ b/export/CODE_OF_CONDUCT.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUe4ACgkQDCFqUvbf -SSAxuBAAk2XZ1oZ68Uq/MydazUTkXKUf6/jmr6W0c0B1edqQSIB1MsbMRSGcBfwd -ldiFxEX+hOmc/du6MaPvoNC0pQCnZMC546pL3NgmqdFkX7wKWX0eD/NVdpceQKyr -95tS8jNwEBUBdBD+BUKXwXUCpk1nbqvuN38OrY5r3vtU+lMOIr814W93y8Uj9RFb -/VHyM7kfz6C3TeUZM9NNY3TqO1yxCOATC+NCbnwMKjHAvmMhtHEeIpIPRS2X4mt0 -tix5cK9Ctw7GGWWI6rvrbKMNyq8Y1nRCos1e8CZguSNazaatYy9qDDUwJDkGsh+R -i0qJ2NQDtc82/rC51w6BOaX09ODOUe38yqkzm5C8sJPQfTJpTuaOax2a4d4nZS2j -ac8rAIOPXaH/eMXMiyLm+osIEqJ2Gu/rXxqL2y2z4mcYi/OKr4IaX31ZoLc9fDj4 -EAE+0LX4bPlzXqSM3Ve4KlLTAgQIiG2bil6Yd82bjnNxt6zddgD2IPLy5bJxNtZ0 -3ql2WW4RWkkGRmzqVeqNQax9aSzmNyUKIxPzRVyYgWhtyWvNT8QJpHiVZcqvXT5V -c1xmKHCKubGJAQFLY+7ecbkeWKr4Mo/cdxhIDVIn15M6zJi/jDwUvO4DHKhzTrxx -j4/fLYEa95vYKvsDQb+kP8AoVqyljFVVTxRgrJDpNWycLJiISBE= -=gm5F +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkP0ACgkQDCFqUvbf +SSBPYQ/+J+zDV7n4Speq4uEyqi0ndU2NGcktY5NgusZbh9R1NbXez8ymJZy8USVQ +kjJUNgf3BSZaYG5Fy72zGB6lG5fxaZr2WKHyStOYIgrbR/bR+Fhttw3L+F8gBZdZ +E0QrF36zhT/g/O5kdmN5kjTOkewGe44L1DfuNh30iBifGTzc6jP6YTJcDGkgcSXe +YWf7Kkpe88zHSKXQWz3PA/38OEBEgfjdH7N2muWLvWdibbXZjw5bhRw4SS9FwRTl +Vq6VldMqShbsmLMWJqU/Xun36BUwukfuS6xniX1HyHldP8oRD6GaNh+5aGFnSLr2 +88acOpkwNQ30dNaXB4KOC/Z87tcG7EXM2xkeMFeVwQBgtknag83jBytbIwTVLvY/ +d2k1x0Y9R5qcgqVfH+TXjle/St7FTfqk70Nx+7apYQZ5yIFqyHg5dQK8RVY2URYB +4Jkct/hydvVHxMlY/RRteEThszG1Y3XFyfiJlBzE8Mv7NamrmElcBGP4/6pWWTNx ++hMo9UXMi7yd9myOfnniiJeGheVKsax2vecSOmr9UoVDKmglIfTJDXF2rbAJC4qm +Z0rXSjUHJhrqvFIVMrXFrYNzSix2XT1/yrUsUkFVeobsJv3a6l3ygUcV8Hh74M4k +9Y0BJKeIr2mI4TP9TMZgoPSnzdt+7dSxFPdMuvfvl8A4rgVSp1k= +=GtQu -----END PGP SIGNATURE----- diff --git a/export/CODE_OF_CONDUCT.odt.minisig b/export/CODE_OF_CONDUCT.odt.minisig index fb8d732..6f0c807 100644 --- a/export/CODE_OF_CONDUCT.odt.minisig +++ b/export/CODE_OF_CONDUCT.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/miurqmAVKeagRP4Gl+qaXPpyJ9a9vIk+l46KzHz8TW8I+T5UldbGtFMuyzXG5hHWtdMVhXjLDaIAPDALO2Shg8= -trusted comment: timestamp:1657491956 file:CODE_OF_CONDUCT.odt hashed -e49cPPjb867zXnRsGSkOL4beZlESeduJjVva5FzukIMNX3y6KDD5KT24JVqs8LF4ohlfaJMnxq9lcaaHiBJeDg== +RUSn9xivowlq/iBUJrpPK8jBIGw5cfZrcOa73PN4Isn1JH/+cONwUwVktNF812csNNSwXUqbcEBCRxQNO7AVc3MC59wphL6ldAQ= +trusted comment: timestamp:1657508098 file:CODE_OF_CONDUCT.odt hashed +LMn0s5kxLqSpxFQbY6TirbDtOYn3UTHniW1oYgxbIvnNvuBeBJMBDoo0pxtG4lRtxHz5KK/PY0ER94OFI442DA== diff --git a/export/CODE_OF_CONDUCT.pdf b/export/CODE_OF_CONDUCT.pdf index 2e45ccd..b0f5a60 100644 Binary files a/export/CODE_OF_CONDUCT.pdf and b/export/CODE_OF_CONDUCT.pdf differ diff --git a/export/CODE_OF_CONDUCT.pdf.asc b/export/CODE_OF_CONDUCT.pdf.asc index cdd9ba2..c0b7aae 100644 --- a/export/CODE_OF_CONDUCT.pdf.asc +++ b/export/CODE_OF_CONDUCT.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUfQACgkQDCFqUvbf -SSDTsRAAs4X441n2PZQ+3pbt12Ph7/jR/hroNq/Oh4MJjrciyTn2PnNXdLSDk9TX -OrJodMjFR7PgejTgM3Pokc3zYCCX26sTaBkVVVxPtI4shQMiSJrEAXL1jWyHqnb0 -LP8wsJxt8YDnzhFeJsQsAPyRQOI36TZrdnxANLt7B2W1a9fFVSv1P0MDjicAgMxV -Hr2uocdGM0pndkehYKefD9EFU4RV1S1aiBncKuS2vYwoLuMXQ6vh5iToELHIEjxl -RVNswXF2TAyQnCveBZKd1JmyXf3l2AXMwOqj4COjQlZ+yRXrI8ADK/GscBGav3b0 -nTcBMsf/64OVDYU2Nak9JViyvkj6UZ/WD6epTq2fdKejK07X0hoGUYLy7Up56bsQ -XhN0SgMkqfxRAdi7YMwOmv+R6ehN/87ymHrruq/5Eb/orqfIUC1xBUoiM5DA9T33 -3xw5MIyu1qMzLEPVax1sTUym85GADWAv9ezzCjdj2II/Jf6fyKHUU0lnLS8sHVi0 -0kPlvux6O4O68Esgyk+ZYgDUGhhS8flnRFQbvtpyxus2bCFu2BhykGqNCrha9WbO -PHwbCA9bZkSW4bQlFvje87xdhaGs61yoUnQ0xEqGqK3GrPRmuklZoH7T90YSUnh5 -ccFPfVxI011qbSTQMUnw6omKQJyNXcxCci/Cnpc2I+3SrSD5uCw= -=/W8b +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkQIACgkQDCFqUvbf +SSCPrhAAuOVzVyLEya0GUD8rcBMM5J/CJpirwPQx5MOeIw0PJdNk3APPtVcuzbi5 +dnyBTSi7sNaM9ADptouOznit4quGx2qFwNGO+yyWytFRZf3scrThu6kFt2KDDUe0 +ADmZniKNlxdtYCT6tOjnkGzfHyRFC/ufmenm+NAyy496Hw8ihyhjIRxYGHhPpa1U +l95yxDSP1vubJsfEbsPUp2soN+xLWrBNDwsRFBMtfqAZcBA+m80/HzT7YxtYvxhV +f0aYrTOEMMEImEKxrMyXoYQ/CEh/J5/KQCudjO4fMFKc64oyC25WwaPc+XQW+3o2 +ZC3YrVsCLeIMnNyoppfP0JWWM9PykcwPAhl59yLL/Cch19eNuzHyQeiJ8CS53+xZ +BWSLGiavwASExyuj/fznFwf2PPOdIAr+RK0Qps41GfAe3+rAO6Zf1n4aBc5nXS7s +6XkFtu4bfp/a+eCKYQMxpiaPakCwLebLudcrDonOrbrtJ+O1xcHaGnWTw5RIil2E +A3pjXhTs/7CKfWToAzozZU4XwL5ZNas3FlwH6mo/b8CTFUuTUb5lhztOxc5E6SpU +XHv/oj1yoI2DO0v1dyCzPWWPwtS5RkbPak5+GbagXqPSAfWfC7g8NjDPGrKJWkTA +mcHPuJHYcElE3cj2u7xKFHcjXQJwu45rqvEhGSjO286DtyqAbSU= +=udYX -----END PGP SIGNATURE----- diff --git a/export/CODE_OF_CONDUCT.pdf.minisig b/export/CODE_OF_CONDUCT.pdf.minisig index d9e509c..aa3e0f3 100644 --- a/export/CODE_OF_CONDUCT.pdf.minisig +++ b/export/CODE_OF_CONDUCT.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/hPbJ5kg4y920Ui679xI/9bGMAJublXpHmlbMGgbMLVLJNZiioZ8zuMhfBcwtlVJSDHHdviw7adUwvwnDeM/eQc= -trusted comment: timestamp:1657491961 file:CODE_OF_CONDUCT.pdf hashed -Lkrk90mFcPmoyJLtMammLczPMmnd2/v7or3ReZmgxE1FJ5wTQwX3V+XIB4H6Cv9h/q2MJrvHEMhynH1IPxMZCA== +RUSn9xivowlq/r1xd2/39+XfSTNVpibbcnkE5BVnm1u0VICA4ZKN0l8GqDkIgh/xuFjMwuJaWB/FY39Ngt8gKqv3qmIJrEbd/wE= +trusted comment: timestamp:1657508104 file:CODE_OF_CONDUCT.pdf hashed +t/c38k1ZTY76zJA2xx/Ma6lGLwg0zx6ig1DbyrkffJnwT1I5PLK2TANG+y+UnWUT555cBwGcEo9NXXbhzE9OCA== diff --git a/export/CONTRIBUTING.html.asc b/export/CONTRIBUTING.html.asc index 857f0e2..d36d619 100644 --- a/export/CONTRIBUTING.html.asc +++ b/export/CONTRIBUTING.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUfkACgkQDCFqUvbf -SSA60A//dxGKGJlir1vTFu8ipkppqk3UG/rcHV5DDxSzF0SULrgU74wDiCtjKXSI -fByEt28FCw+mks//noHPrhwwbH9V4EsMIqTqRz/JepBh9mzrENve+skYmFViJ7Ot -PAZsuZFZ8biALqDllt1W5FoUwFIRQfBi1pzv0Q49QfSWzmlYQfncjls4vUyQwITR -El4xzQjTK0RDnzvAS4PJ9M6O1v9q8I6G6BDJwwuQREST1u+JfiJ1wD2ftuk/X4HS -H2K3FljRayyLI2IxTWP/46z2KpZ615RUsGgB0Bpz9W8XL6S6ZAy/LSdntKfjwymi -Hw65uYsCmD5Rm3Ukg4hIIxlYZV+ND13UdLBE5xdmZI6PTaa39Okmguvr9mt2fnsd -bI91sBUq857KaDg9UNz8JRvYh+S75O+kf6cmXh7iJRgxRv5oj0nYZLXIyrHaFwbr -9R72ulVzWI90NwHjD3gCy83EXRwDmM7wFrM7UqbpLD0haRKX+/QoeyMgKPluc3Bd -e8CmH3ZBKn9aN7m28eOG3mDJf7rn1VD/bKSKSYQNotkFmXcE5avSsrqMqKB6Fn/I -ueF6eXxjG0Yz47Z2PSOkkdZNyIpDi0FQqJHf5j1S96hyPQ1LaTtfDquc8o3N8NHD -7eWF6AtNhHT8jP+0CttYYXDutVJ62S+l2aX2OI5JIFR8gl2VuIo= -=9Ud/ +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkQgACgkQDCFqUvbf +SSBP2RAAoijsLlijh6M5Gu1i/ylQna3EglfNw/crrAh4JeYRgMvZWHRGgKo0ynOv +gbGYT6W4ywtPnC3JiIEyMel1fOw6Q9m14F19BX8oobLWworqJ3QqLPeTdXO5JjHE +/Eyt3ul29+APyQzZKESShNEEL390oz6dPyDrYUZvyrPv+BYNkdcEjxfpMaCBF5hW +/ukI2TAWwhPrGdnHObx0Xgg4HdGYAMWUOTNKiecnYMxg3OxEMXPk7/lx0+9v7Iaz +7Ko/nA8Bd9Ap8v5gipWmrQTFcz4PB5UOpmoFzmVBNJCmFF5sgwjxP/5naL1h1URg +TVlVsQSSs8ariOOJ9LYbCi0xk0KGMfarEHZcWc5qDhTbU/K4q4wrtQKRZfDce6gr +ISm61WYyKWzwLce8rrLpnimQ95I9fAb4aUYz0wzSuJ6DIajVjrN1pLk1tK0W2rkd +f38K2sjssb8mhDsdgvfz/8bRlOnt5B58qaCCNPjyfq1oMet092VxokI3neOqOXSv +kHE1Bad9kMfpOiGRpCSIQKXFhybZnOf/e1yAlzTNQfGTjCEqJp2r6ZYGosgAu3Zo +xqRd60fK2fvFP72tOzFrheI+UaJ+rlSuueEuLOFflDXbMREcf0+qa+FHx5XhskhS +Uy3M7cgZ3Yby+pF5K00bL6t7R56l86K3Q96CmFx5CS7FF5aRVzg= +=aa3g -----END PGP SIGNATURE----- diff --git a/export/CONTRIBUTING.html.minisig b/export/CONTRIBUTING.html.minisig index 03405ab..8bb7a54 100644 --- a/export/CONTRIBUTING.html.minisig +++ b/export/CONTRIBUTING.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/shh3XzSTFtuSgYXcsX34vI26A2WhtIMX+tHYCqE1/hyFcdM1z3bA2ZY7ZINm07d0DRkas7jl7J/58VBkE0Eqgg= -trusted comment: timestamp:1657491966 file:CONTRIBUTING.html hashed -iDbICiWxwL7zEvd5ZTcdasCaHCAXXpcE3WH2pHjB42o3zrrarDohQzLLizuHzYAhebaHROT7R4LdXWYHb1+yDg== +trusted comment: timestamp:1657508109 file:CONTRIBUTING.html hashed +1EDdbMGMSz50rYQBxAmIUzN7DOj1H+ynuAxaka9wpFdAAVz+B8J5KJQtwr7zThcG7tiunZsfI6sgGo4/+wdoCA== diff --git a/export/CONTRIBUTING.odt b/export/CONTRIBUTING.odt index 0799c0e..3001e76 100644 Binary files a/export/CONTRIBUTING.odt and b/export/CONTRIBUTING.odt differ diff --git a/export/CONTRIBUTING.odt.asc b/export/CONTRIBUTING.odt.asc index 41dc3c3..eaf677e 100644 --- a/export/CONTRIBUTING.odt.asc +++ b/export/CONTRIBUTING.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUf4ACgkQDCFqUvbf -SSBzZhAAqL0LdypjGiKkbDpTRggAXxzbgdCWxxujSdftLs9Mki3PbtCUaHeB+eMG -cvLNOZBhLkpg5V2jzqgNJ7X0PY0gqMtfzev+ECm3zeZuPgzYF8lKYV0ZsajaDVTw -MDgo6wW7bvfTYh0OHF0mh0Kk86U423yS5V3eZnTtAzXLgW2LEcQUUpWff/Z8Dvoa -IxgNbhreHd6sAC4QUVr/zUS0Q0df/Azy78krEfUH9iprqj7jrPL+L7PNKuAdhoF8 -FF/FqgVcUXktvsUqimW2FsqBthWC8taAoSX5RQK4yJxTRedAfNbz6HvrC9PdZD3E -cPmu1d8krJmpBBuTmn6bOZZKbDKs+XOQFW9eW7YVmXDMRUCmrddnMVwFgJwjAHgc -MOBCq9JArpid/sfnqfBJWQyasQSYywBoqn8zNYToro2cQvNgQMqyFPW8F3ABX9Ye -SJRq6klkeV6zC/XuBGwvCr2BMkhPEOmcnCcdjbYzaNcGrxsMvwByvVWRbJzCiIlD -kBw8m65WFX8yKy5vEaNiwio9N9RaFhJhxKtr4uC1xOBrZoJzljaZotavR5TtTOvx -+HvwEmRm0/Op3MObj8LtyNFrUy6EZ0THvCa2LGxzxsLkZ/AUPKxlLqCYe6oH4SR5 -K+tR8Emvys/2FPst0IWWV5TOtpLyhArRi/Iiybo+65Ne2z9Qd1U= -=kHqg +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkQ0ACgkQDCFqUvbf +SSCO/A//YmJ6Fo7pTHxqVrSRTpW2j+GjlsIvfoUnSqjyHtvlfVDbvnybPK/nvKI2 +I0I64VuauxK78iE8QXTpcFmM8j5TWgq7NvRlIDGF4nurL9zA5aTnPr0f3kT+fb2R +5SoZ5ItBYb0L+GBIN5hC8PQYs3ik80k1/RGFwaap6e7y9iK3INzHI4AhD0BDYqZH ++5f1qjF4qd8giuO4m3LgqPdTpebGfb22gNVJTRdIZzNRkxlpVh1FaZGX/dC8KLJ4 +SG4oyq7b6EiG8gDzW7fP/VQZsLTysiMmy+jmbbEwyk1wiCRZsdMOrLhgl5cf58D5 +jLrzlkMbBPkIEynQsAAZC6Zsa5jFJImZvmUrY9x9y8JGX/LvDVzmmAdqjoIQGHky +InZyrJ8pm8rkfq8j0EYcUWklXYaRk1trz8eiSamJBZ1Bh14iX1LykAN2SDnk+At1 +WqKn1bIV1/IDK4KxAbjSzbTyvrdy+zICVDR/44EPCaFXmK8MUDY07UpvMgUMN3+e +g3I5DIn3m8cfQH9FVZX7OBxv7RfFfHcP8z7emcszuWLFRzUkim1XEAnwJD0j3VER +b7ybMgShvDbg8aCYAnUoguKHuCROLnICwidkVrwcpDNTIPouwzac19AGq5NrzF/s +SgcxQYuQygfweLsvu/goOj6kcifb+BSX5A5PMugFyqql1/9qnCU= +=3Wtf -----END PGP SIGNATURE----- diff --git a/export/CONTRIBUTING.odt.minisig b/export/CONTRIBUTING.odt.minisig index 3e5eb6a..15f6bbf 100644 --- a/export/CONTRIBUTING.odt.minisig +++ b/export/CONTRIBUTING.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/sE8sMwrIYqn42iBEtc1/X/sQ+CZJY7190gs/tGQPA73RPwyKjs2M+IVzR1Um1Mjj/MINfpPOl4hosiSnI37rAA= -trusted comment: timestamp:1657491972 file:CONTRIBUTING.odt hashed -mTqc01SqcJQ3EnDtUrDRcVV5LLbB2SVrHRnbmXlTeDyFlEo8pp9uhYVgi22h0+UNT0McnxEwWhRIAA++socLAw== +RUSn9xivowlq/tm5kSqxowB00MzJCrMf9CVymHn9oUYm40TUt0u318iJSG4tZKAWhfa9VmikfRQXcg9hLBWGyUrmEi+4JyRsYQE= +trusted comment: timestamp:1657508113 file:CONTRIBUTING.odt hashed +RF4T8UegurQM1Oub9kT/wEEJsb3CiPV9iEFa/A0t4LqD7VmthEb1IujQbF4PENxYRyxD0fdnnGDthNZIP14iBQ== diff --git a/export/CONTRIBUTING.pdf b/export/CONTRIBUTING.pdf index e26d569..15850b0 100644 Binary files a/export/CONTRIBUTING.pdf and b/export/CONTRIBUTING.pdf differ diff --git a/export/CONTRIBUTING.pdf.asc b/export/CONTRIBUTING.pdf.asc index 3382cdd..431a264 100644 --- a/export/CONTRIBUTING.pdf.asc +++ b/export/CONTRIBUTING.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUgQACgkQDCFqUvbf -SSBX0w//VGRgZSL/mHfkiqhVbJEbrIttCQ6383QNsRKOn0dwvYvyC8PIcf1FjwwU -iOtkud7OlcUBWVpuaSvb9WjQ/oiTBWYW3WFm/VyDaB3J0lqzyp0YHTMe5cKKoOuF -pQMBOPVxgeo6vAjsQaqQ9Zi8w+NnYXx1wgde6SRqrIhKSqaXkd8vPmk0aIVaI3i9 -R7IctY+aP6Nvz3jmyUIIu+LOAYq/2BCMKGHjq2rQR9TicHHnVgmuxUq7HgD98ZHh -RiwqwrqW11S1ay+5V7Wc0JsWoiiLtJhebME6FxmvvRJyzrW7PZkZxrMiamqeErHB -V/ZJxA4SGFUqNg+0xwnKyidGTYwRuhvX1PsNsGYOC/KJYNymjZp12Y+fCsD+tG37 -0Sc9r3JuDet86L5yCibnDnBc0gZ820ejdcLW7z/tCBmzXefJKNzJf2RatTSwDs8Q -NuB/RPp/QZU9vdLuMea4AwvFOJLQwOkFrjp6dPbzCIuyMNeKb2DxSAsKUhQ6jHWQ -Ho6xIDbK+GqsNhfwF/Dj5r7be26qi/uo6fC/8yK8DVfke3eEtENej8Zp2SWEWblW -HbLmfe55S5KSEyxJqB0sGy51KKPXWDCQp46nXOW5DrkT61Xw19VXqW91fdK6tPBd -TBpRQuhQS96ihEn6WBfjP0O36b+ujA7L3+LutIc9aB7LZvbB82M= -=fry7 +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkREACgkQDCFqUvbf +SSAJbA/7BifpA+0cDxu6L2G4b39bxCd5jCEAIMOsIKlGlSBIjob7OH1YmHeEoiaF +8grz31GFmZ4lBgSXXENK3xvr97w6bsK6Kx37PHpwArzzB5seKih0+2rf1zfj6/lM +SJdfMs2pOijeuIPjCUP5qTqFoOluZBZHYNkhwFRLqcRwgnhqeItPP+jmADo97Muf +vX4rbqJ4tJS8yqonZe1GyoZO6XH6Kh51bpYB5A0+BHtl5v+SaR25p6IwOoF+GdaO +ry3rVPOmV7hliZ5Y94wmJ4do1bmKe4FJDGq6ZngCsqmx4A+R4arIZgzJ8yXDUw/3 +RuJQqnYkNAViVPXVogr/wTtb6R9HUBq/JiclJeXe0r9dEHw/b3qDKI5f1GrGhId0 +GauWTquO3sFt3GZKIOyk+lcIKrertRcAt0OQkGURDxBbTMVXOXaQbdtooMU9s8ds +tkHBVrF89u9yFzDk/4+wJzIbYDtqw4yEJ7+O++pD+Sxji4wBgtByixtYHYoeLMlQ +EYNz7ZiWR/nE3K26iTS5ENoXbQYNw7Lv6el96uPmc+hcp3IXW8exsgS95X5dWt+I ++Ix2yFK1vExi7/tbFG5PG3YUr5QeprvjVR40GgzkerTkKGq755xLJkAjolz3MHIB +p5ePD5JNaq+Gvz7YhTtE5wu/9FaJagAduk+qwg5SIulAjtMqtKE= +=KPa4 -----END PGP SIGNATURE----- diff --git a/export/CONTRIBUTING.pdf.minisig b/export/CONTRIBUTING.pdf.minisig index 9b86748..216ccbe 100644 --- a/export/CONTRIBUTING.pdf.minisig +++ b/export/CONTRIBUTING.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/tJ+Os4HONfj/nAJQgs/xLYbwddbefekgsnyX8yyQAxgbmPQAQ2COwx9k0BJir/O/KG9WgWRZK83j4Cged/ZCQk= -trusted comment: timestamp:1657491977 file:CONTRIBUTING.pdf hashed -1IE7C+e5shui4INK2f3cg4ncwO3KLOHkPZFYmaSTIKaZ+/hI4Fua4xjSAcTal3eDxWoA/EP9vIWqZXXmMqGmCA== +RUSn9xivowlq/nGabUuN8yslqxRNeAcHv3VX9X+4+T1Bw4oTfmeEtd4mtyTMieJepwxIC4Pbyu0RDXr/1c94gist1oYvMN93ygA= +trusted comment: timestamp:1657508117 file:CONTRIBUTING.pdf hashed +YUReXyxhDt7Ndmmva1Y5LmwNbrATR/umu2+Kdst34abPkU2A0/LN6HVT/DkTtrDlKKhh4O0CP/RVyqL1Rk5EAw== diff --git a/export/KEY_ROTATION.html.asc b/export/KEY_ROTATION.html.asc index 26b902f..2553225 100644 --- a/export/KEY_ROTATION.html.asc +++ b/export/KEY_ROTATION.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUiYACgkQDCFqUvbf -SSAyQQ/+KN6RDkj2S3lmVRZ1PJ67o9E82XNzabv6Wg99EMJwhughwbn/6OyjUzRY -1MQEVsRBHXgiOXh9FgkohpvrgO1iN7jbTseMkqqso/pnLv/xh5wv5QDnFr/AkPPZ -YnItOTwCK8oMrq7xtlh/BlcIBo5ASlxBqiwCBOHuLjU8P8UNC9hj0vc4paslJ0vF -gd1I30BEl1JW5vYr2buLFa1PzuwdgavDiHeOLLOg9Jd05aIZkgYDBXxUtDw+qSCj -gBzPNFVz+fQIliICIdvTZn/pSa4ulC5uZJtvWN5lKAECwnpE4GcT4l13I6V6XuxB -wabSlTqw9UQE7N1NE1vIR20g2pzFnG2Lw0jJGKQIgEHVzlIgro604pKNaXkw/8Ov -bF4/k5dNyxRLUL+jqIH9YpYBX8GlvONXWYdSN1TRq9PbKdPg4uK+uprdHVFXV+IB -Tx3+YZYySd/p8ZVnd90i2uGpgkkm07XYeYuR0I3yan0trPo9rLcLWv5X2n3kf/91 -ItCN1PbKX7tvA+thppzCIemc8l2aRz2sjiAP080BuawEC0J1PcBzm4g6hEaO6Hho -WdJlLpCYSZYp0Qz7c566EHti4k+ckqr/bpmmviUt/03CPgamH2LGXC3kRmVnoags -vzMgAx2Z6ZaXFiSoEeDl5q654foIJrF5OIwCr7C6POekXLvNs7o= -=erjv +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkSsACgkQDCFqUvbf +SSAGnw//ew0MFrczNFKkVpYe5Uidx8IAPWt/6okRKEpu3OSVsKcFEEgkmt21hcZt +qYh4cH3Ni22QY+ooJaOOAdcD5pIeHnZSr6Ny1wnHjS0mcM4EM//fv1fckVbqOu3E +3czXZUaVNtSpqsaduSq+ZLiLhdGuCLpS5g1luN074FSmaDos3i8cjT+RHePUx7mB +r7yZboVTD4GukPfpuVM5UKDnq+2xu1CKzd3BfJjo5kYVzDNJyXdJ6dUBs7NoVtyv +vYxdZmZROpqrs0zLsXMnl9p0KuejT9cCSF1n3W4M0DV2jt9Sjb+g7Ij9hu5vfV/a +NDnTI0WY+o3VeZq3OS7Ub3B6X3e7sYQnNleNygYPiDu9MNysqiffw+4iA3KWYdBW +mW3t5CDGR1YVOKdKDeTR701ffrm03Klsia48d7wOsJKZ6gsTkpd4O4+sk8jEcrbS +ej1m96Hj8fuTHQIRnDpZssOav4THShr1S5fempyKbEEZfV4e5J/a3U9QJDnVzcOt +zbDKcIpdnmjYMwtTC1zJDK2anQxfFLiHjwd6nLTD4FSPuaN2R8dlWz21Dbu6j8Pd +HogaruzLsTio/vP8VIsVlxJ8cFyntSy5sTUY4FVKoMCR6umiCxaEeHj230sWouU6 +5K4FbRz9z8kPOqzu449miBM5Q60eaISU5i/tanX9ylu8gCH3OJc= +=YA4P -----END PGP SIGNATURE----- diff --git a/export/KEY_ROTATION.html.minisig b/export/KEY_ROTATION.html.minisig index a4760dc..72d7523 100644 --- a/export/KEY_ROTATION.html.minisig +++ b/export/KEY_ROTATION.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/hdbdUTO+cQ4sywbg0fFBZQan+5uDJXjVRvBcnmCFW32gugXBRD5kuT1JINjgI99diTJt6uBlItliaR6nXwPHAw= -trusted comment: timestamp:1657492011 file:KEY_ROTATION.html hashed -b9GJzTQg09kR/39z8jQCmUAmxtacEzcLbxHvRt2Zqk9kYqD9wDG9C7+QTkSKOepO35tqPOCVbuhP7QJO8gVWAw== +trusted comment: timestamp:1657508143 file:KEY_ROTATION.html hashed +FaApey3C8fjYlqf0uDjScJCIDumd6Xyh51SDzSLg3C/mqpMVtyN/ZJJchQyfyMIq5FemC8bML0ccIn6qGhQqDg== diff --git a/export/KEY_ROTATION.odt b/export/KEY_ROTATION.odt index 52e7348..39d6f17 100644 Binary files a/export/KEY_ROTATION.odt and b/export/KEY_ROTATION.odt differ diff --git a/export/KEY_ROTATION.odt.asc b/export/KEY_ROTATION.odt.asc index 4198958..6522fca 100644 --- a/export/KEY_ROTATION.odt.asc +++ b/export/KEY_ROTATION.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUisACgkQDCFqUvbf -SSBCTxAAniN/LBDh1gJfYNqSJ0Ij9ecaBXw3xjqgloDrmTq1dr5h/LV372wAy34X -F1K310sHW8Ci44KwRnywmREUv+R0SRfD59uBC6zNSccft/Yk9E6vp5CwQ2PFPhNk -/87G2avXN099vLWT3H0Uy9/AuzSw8c3PLsbDyY21SkLL7CGQj5i4R1fYd6Ux9e9t -UABkUlvqRFWjBwmvrigAYhEBJwx4KrkBasIZnODKRc+qymA1RhiTGTU/BuAHrj/3 -O6s1FcHcDbHNXUAGRJ8B5khdIZWIkDF51DwICHBZdHdJw/2x17Zta3qYriV0J2s8 -0jWrtX+TWDlR/Hh46HIQrvxpg2EQu1vegtEYiiX53WdFOCkh37R9wjvqXKXv0Ifd -zr6bJbS8UbNzoBsQYDsABwdjWLZn65Ch6s9/b9JB7EG1t7EZ56MjkrX22b97gMQk -WzdlGJjodpwd+KtESglxOOK71BeMvKNTwHMn6He7iz1byqnY29ZurSviy4JwREXU -CavzjcMraq27fprlWJDkhwPYvJQLMvbdTDG0EomPw/xlRAiqhiZ4utMpKpToq/Bm -HN1/DvV3NXmwRU+7gVtJiE8dkij+NCli4UgFXvW7eV1RBaKb/y8+dKUlJhrE3ns6 -q1mVkHViYnxzPcIUZ8xCC+s3kLJj+SLoy02JpscVEaahgd+8Q8A= -=6Snp +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkS8ACgkQDCFqUvbf +SSChRQ/+M6+bCxpydkncmVfykwYweCKm8WAGGAUsYdJGnYLcL52WqHhNcVPVaFiQ +gIiDp1b5lF6SCBDVfBiiiio24Fw3+isWsyY7cJ52T2ZAse9XZGLdVkfIR4uFc8D4 +deo0lixgn6nDjmbqbXPmpzE+oz/r5vuNoUCT8u+0cgbRrRE18eYzaimZOShFveIS +lJ/XKLK4hvhU3bq9Am2zm3l6TSB/mQWVEcP/ItPfXZQ90zZl/WzaT/HItzroEEWJ +EAIeoQk9kJ2kmuaYwsJwBonvHCkTnMAwa4fYvMDKRZdhA3SZB8FeL2rIQhHQXZNL +Khh2PYGHBQt59r3dv+jKxDu0HyLPz2CKJppY9veTfpvHYf5BJ5r6CR1Dn7lG74Pr +JF9UJkobZl6+z4O19tOk7hq4O9HetfHCA0i6i6PjPjoUsqQhDuUrC4DzwkhZgnDU +yJfMtQZDIceIZSs6mPs2+CgXrrHCPJtoRbXAHOTTvAOFsIqpdKa+aTVLgmIFsF8C +fmfjOgLOw4+84cAhGTFSIWfmTb3oZQEJzWZsYV/7MOTK+YGzVwkorvwJLSWmm0T+ +TvEPc3GjJNfVMOVl42Ss2Zef579mv3QjUAj6NJ6dykfMYvKu++/9ToENi6BBDk2p +QQhSujN4UsWQR8iHpyNij5sbn+zATQwf83mBqi+VPJd/Cs9sK1w= +=cmB8 -----END PGP SIGNATURE----- diff --git a/export/KEY_ROTATION.odt.minisig b/export/KEY_ROTATION.odt.minisig index 35e7823..8a4127f 100644 --- a/export/KEY_ROTATION.odt.minisig +++ b/export/KEY_ROTATION.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/vBHOCxhNOgQzxv/aJ2j2z7BqKh8u18x0VsHh+Hjxvhte/sN0hNZHfmvLW2xTGOea9BLeW+pRpGclIniq1NKzAk= -trusted comment: timestamp:1657492017 file:KEY_ROTATION.odt hashed -de1SlUzChegjKvgry8ZkKD/9wz9+N/fK7EsLop+lDHV4mbLTrzBx3OdY8YDDfm+v54P4LteqP1Y4GKCKXAq1Dg== +RUSn9xivowlq/grQBg95F5DuGHBHn53kIOnwNdCyYyzvt3in1BAdUwrkc567oJg1BF/xwfYQez9IObS5YQr5HZCt/IB27sbbHgo= +trusted comment: timestamp:1657508147 file:KEY_ROTATION.odt hashed +mRwt3b50XmKNpJQgoe9zd9ZNlEWUIfqHVg9xRspkZSmSLt6Th5fnpooCkTktAVvO/rHSJfE6KKN0t36tkm+ADA== diff --git a/export/KEY_ROTATION.pdf b/export/KEY_ROTATION.pdf index cd6ef5f..711683d 100644 Binary files a/export/KEY_ROTATION.pdf and b/export/KEY_ROTATION.pdf differ diff --git a/export/KEY_ROTATION.pdf.asc b/export/KEY_ROTATION.pdf.asc index 8163bc0..235ebd3 100644 --- a/export/KEY_ROTATION.pdf.asc +++ b/export/KEY_ROTATION.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUjEACgkQDCFqUvbf -SSAJZRAAs9isVdBvhRshh83aQMiqE061+WH36EQQKXOWKiVomEy4Hxl2lVkonBf8 -FqhqRll+THtEYcdFFk5ltwliDtmgj9r9U8IFl+6y1y0aWgxKXGbvbeL1RUN69qQ9 -FHqwmMpCMgJH+bNq4EQyn36B++5bdZmw/LAzQRxN9Iw59Jv4C+SeJtoe9VnBU89e -jRxmKUM6eJ1aOYPZIkZWoYgCbpqtXwtu2VJbWc1q3ev7S9G69Rox2ETtC0pbaGWQ -8Q1bLBVFsYB2AB3yq+LE6wy/zGraVeLiH69dQ+skfHc0FYnOP3f437rseeuTO6N0 -GhJpF+CApKb31WIuQbksHrkFIBPDj5/UiCMexfwMOdKUS6cFLDrzLeYZoH8w1ZCp -jfENeKdTgHo3WIeVD+7bMVPg/V8HLEzfP3s3ArajQIUaWAzNcJmlLtJ1CWIHv0H3 -6EfTrtuY8Cj3U+43vBcrAICrj3qvhdASyhsT0utttPR7RCVLyOSK0z4xiofLP5OK -ZYKl0RGVZM7iNSKrfSFA4lDu1lPzxUGoKZHvEXvMJMUbp/Z2THjH8ORSCr/xM0AP -Fs/xSLW/jITfxP++vjLvVjnXztRj5rKdrTqdbkorI1pkLhwbY9zD+buvhPdLeNWs -6ENxMsoU6L+FlK6dyBZJ2WKOfI3itQ1M36Vg+HKRASpS3TMuMVs= -=eVpn +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkTMACgkQDCFqUvbf +SSBQ0w/+OtqyKy9KuiMPlm/MPFzIv45AgabRwUaCbte+6vSxufJdaOv0Pf44Hbfk +L7dO77Gq59H2Je8/0664zFEy7EbwAYj9UhQ5S2v8es0M4PUKUr55lnZioSDkqjcA +jfL7HFpiBvmvP50UpMvYywMARuJN3RzVrvlPsADadMpvjqi1tuvAGt2HhMtc+i3K +8o4aVSyIgGAKv8OV+OFhYWHXQh8OG2QVUdqwWu5cd1IBiXRruizLMDP2kOvLUx3b +7Wjkf3B/4TAfwJhY21yvXxiUlfGaMof7wXrZjwDQUYcWQLDKuOBDLJ6uNaljZfpI +R5geOKFc7hJKTny82lDPYIyY8qqRZadYmN5ksUGE4v+qcn+1JJChrbo2YhPL2IW9 +aR/d1srqI53sE8cgXIW5Nwt6m6ESalCG8+HLUALGbrb28YpBhyMMzijhjjFqGDTr +GGEqz7sOFsHVZG+iARAOGEtixb+gI+pnFeLqSQuhNaV3M891f8FRylYhqViDb6I3 +shCzHVDRM008ir+tPRIUlWUne1J8y3uoSgJgQkQFAumIfvc6db4LbdbJ34KEetKK +kSOvJqN3Ky0mjNNFsdvSvcmU6s451TvoNbDgxz3kk7vT6uAQB7j3Nrx1+HCIdXpw +NH3pOej4mxAhHabPTcmMYmaX9+i/jTYr1dClbVjX1kCu6XtNB3U= +=18+e -----END PGP SIGNATURE----- diff --git a/export/KEY_ROTATION.pdf.minisig b/export/KEY_ROTATION.pdf.minisig index bb8add9..3471658 100644 --- a/export/KEY_ROTATION.pdf.minisig +++ b/export/KEY_ROTATION.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/nd0YgXtCKgjhSWHKKdhDOX36uIjuXpm1pNUSS3iu1DuHGL5f+iSTisy56glRbY5hNwAL/hV+J0xwDWuBYJfGAc= -trusted comment: timestamp:1657492023 file:KEY_ROTATION.pdf hashed -UhO5LZZzDglh98PtfiF2JZEOeDSJO/9Q5xMnpYlWg2DEoexmbxFAMqClP55jkKq1LmyxxQOAe3Uvfs5j+iOxAw== +RUSn9xivowlq/pyHTNFZKxsLtsksluClPTBQngalJZ+qTV41pxKnMxmfWPx1+XvjcLQSymac+4HjJ5e8LPbXOUfVwdUE2el2xA8= +trusted comment: timestamp:1657508151 file:KEY_ROTATION.pdf hashed +17FSOa9gUKLx6Rhr8ssujGdD8BLXYimQvlH30hKaBp5CbQhiKVQcSiDG8wDgGzpUwbi4i0ytjA3isCbiZUqpBg== diff --git a/export/LICENSE.html.asc b/export/LICENSE.html.asc index 340a83c..87943a9 100644 --- a/export/LICENSE.html.asc +++ b/export/LICENSE.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUkgACgkQDCFqUvbf -SSDk7RAAlVwqa+IC7fS3GM+bjm3p1y0qvcSpUP28t0wll3+fuRPPzuXftzD+kqkP -2zmNp6q00/qSfHEh72963CTmdwJAd7G4HmW7xMDBSTty8TzAMmirmWKPOZWtDl4B -a1CS8BW6H1/KXMtYREGy+Ce8xvQm7yIwcZiA5Bdb8miEPZEAHuZ7IW6hEErZfADH -AzoiEseAnQ+bpKniChN4u/lnTK4o0Fi6lhvfGjM/5yrlrolr2oIcc1aEO7m6jHsW -/GxbPS+AkPbEOon1tWwEoOlw+hCMf24Jbd7F3ZQ3Wu2v0mHmly+86oHtg14s41oD -Ta5T7PmzoG9szSOJo5gc8Lj5n7hFAaU6+ukgBwtCt+0Ma+XaIK4oQx9qx2p/XlWU -JhdYUKWGANOXAlAkvLDFKlanOpcr5YgmKF5fcTIpjaglhIo024popQkEeeclS1De -f5rNVpSsosHa2ohiObk5WUN0NSdrUTa6zd9FWdykZImmJAQ/6nb8X90HinBbGRXD -nA1Wl3Z3dAUTujscyHqYNaU23DI7atuNUr4SGLNyJL7rr4Ai3QBOz8LVIPaAAc+a -MfgvlhutsjjhXLXQ+3U42njJs7yHf+5C+yuDVD+H3k8DbKtqQBpSXCsbIuCYJ7uE -5EZgU5fHDpgGycXrKpLXZR0LU8aXR5cnVi5Li14FMhalDyVPHRk= -=ZxgL +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkUMACgkQDCFqUvbf +SSAlgRAAjMOgbWaE1hVSjQdlS4ARTdR8/7Rbt8OMcNvo/CgmQP1vLmkNbiqX1SS1 +N8bCp5yCZIIWew5mA5EIIF8vmBNZkd1Jqncolo1fNYTW+bd77RIzFj0u4jnAIaH2 +9asZU8GWbIaLpQPMny/PazxLTsSKJzjz1FWiQhtku1sQyOTcrd2c+q5mva4+PADU +5xOxxxBLZ/SK0URvpuQKqCY5BPx/qzRhxRK5upEYzvY5Zd0Iqd/BC3f85BBsmics +dHI6Y8+7ZomrhCFxKrxTQOCVrgmxjVyDkx8PO87eS+EARzaiAq/SE5QeJeLJMFmN +hwvU+gB8j3T+adW0M8hqBMPfey969uVepsJgRSagb2TdMJLMYJR8x/mbOsppy9vo +2b6Ys03OnSnvegIaPC5ERhJIl7g+UwukqGWas68PXlyJzZFE6eYLscbxBbgdOL4u +pHzCC2RLiu93P2V6zAyihekrRXTZGAsQvZVd9Pok84/aA9ohcLfD3tBz3tUmDHma +1CcZcKIl0MQZzbye4zIDxv4XIssVdZM63Zcn25KQlESePep45GNj3wn7ykaOoR9V +ictL+VKnTVhtq6pi77iV81O379b1XTWxqGiIftoNCQtlvsmqmWkQKWo4zYtSrD6z +5xebA0zBXJGE9TTqGVMREE57UPXXbchQcKAMFQ65iQOBXz7DPjo= +=BYKb -----END PGP SIGNATURE----- diff --git a/export/LICENSE.html.minisig b/export/LICENSE.html.minisig index 3e6c6b0..fbe3358 100644 --- a/export/LICENSE.html.minisig +++ b/export/LICENSE.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/otg/O3CzoZSemSJHsVv1Kyjda6dpCyVIEH94VWlH/noPmqA0pS89agKX52H9H9ZKfQaNIEPneyqKbswvhVxtQA= -trusted comment: timestamp:1657492045 file:LICENSE.html hashed -HbT8LPkCofR+rBFrhOdwG+HMeq3TYCgBxq9Q4yYfrPjdDViV05lL+garkUZ4jKvVojmEfZ28IA/TrqwujOOjAg== +trusted comment: timestamp:1657508168 file:LICENSE.html hashed +1rLWbt+k01J7ATqxhOzNs7cl5SUuhbO3sG2cqZ98e1sIyeFWWLiFHLNKwDk2MKF64Afvv4IUGhhXBvZqbqp6DQ== diff --git a/export/LICENSE.odt b/export/LICENSE.odt index bede032..eed4d4d 100644 Binary files a/export/LICENSE.odt and b/export/LICENSE.odt differ diff --git a/export/LICENSE.odt.asc b/export/LICENSE.odt.asc index 7b0c0db..f5748cd 100644 --- a/export/LICENSE.odt.asc +++ b/export/LICENSE.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUk0ACgkQDCFqUvbf -SSCeNA/+IwBemyHNx8+MrcB7WU8YEZP95oSIQFAYTRyvU00Ulm3VmbLGx9aiUMtl -6AOPA+aP9h2j+OFypm7T6tJLCj+vRurkZGHcVjT7BQ78NDRUM3yMBlGwD5TENOM7 -n+KHcqW3pGGqdGh1qE4k02WsBnzVUXCcC7zkxP5ySAPnAlA+c1MaooDVaEGMwEVr -JTYYsDxfxapA87OBCR5VMBPMKLGVMuNTe9lVC1+E/si4iN0yCWLwJnyYJTdMkaNl -iwWueN9hOiaI0GoGoMQtjm7XpUCTqGeMa7dx/oj9hvIHkSwiKP3Zj+AqaKOG04VZ -l5Gy2VQNhE9Y151BSYuw198PNyRAgI4gNksrVKyxroXb2g+BbQjpW1HjrjqMOVaS -KxTHoh+wMpCTvz/uq94oGLfCTzDjg1UyKJLrYWorD71HSCSEcm4i/76kwWZLgNqU -q4ES1NmcLHG5kUG5cWVQTWuFTIJfS9dikGhXPP+520ZRwx602810IVhniAhNRFai -Hie0r0jkp58Dy7so/mFfnPOLiXi2YATfu/FMzXEbMksYeq9tqR2wJZhHDhwe3+7R -AgttNi5SREoTIcs6XR7JtQ9rEwDsp9k+u6xu9ffZgVbOfbNfbpTUOI9M6oRKbkKh -Fw6fczd3yf8E+gT/2jCdkvUxy13y8zJneBVGSj9oy1LV3dE6gpE= -=uD51 +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkUgACgkQDCFqUvbf +SSDn2w/9E86Bu020qHAR/x+xsUZvKUzBrfDvVqD0klDys/WBlruAqIfvmn5KwBdx +JXK9jqiC77ON+w6mOLkvEkLKFoeRf7uFMEzIGWIAlKsNBggcDqUVjTJ/rCuDI5K8 +3CyhnNbBn0ygyqR+APjky+T5wm5mnzy7bhq/0xtsVO7oqyq/P5foPHj7Hbumbw7R +TCJp6uRvVf+E1+SUPtl4kLsug/HKcrEahj7zdwy2POV4kYRilSyaxf6/b1zo2oQQ +Mh48+9FCh3UCwP73oJqCAJeVpJfFSP9OBx/8Crrho8Autrk46eJrtk+2geVJ81mV +gQaE307PLIG0ZBcXcfF1K5GqEob3V0zLUVDO06WN9CfyTBbK/aCeSlFUZgPMxBD+ +fhF5pq1akW/tr+86hfhQ+ExUU9lWvUGbnGxKE2X61uzOR4Ny8kKKD0DawPUb3DA3 +XArz4UNhb5lsRhONRWHf5uGrMQ4jdMSVauZ6lYPQ18vmvmgm35gD3wyzWYljF3g/ +PBZo/Zy2FHAMt6TYlYHCybntStpLM8YdhMcw6LTzq0hxWej6lwdYa+Bdm/XnwMyg +VzUVmFUxUJDz19fQF4G0OM9DfEqpU9OClXg43hjl5uliRvufPN6+uhaauZd/ri4/ +PY0QjY2sia/KiCWzf+g7X6ybz2Wi4B0FMFT+gYaX+k2MZgH1W+w= +=TmGh -----END PGP SIGNATURE----- diff --git a/export/LICENSE.odt.minisig b/export/LICENSE.odt.minisig index cd6fc95..ae71630 100644 --- a/export/LICENSE.odt.minisig +++ b/export/LICENSE.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/mgrWKAFsRQVaPxyYJ+4F2Eqvjq2+URKg8Jaq6X6KF614r9FbkMG8Axj2WHlR+yQGMFD8BexmZRMx7XlBWBDGAc= -trusted comment: timestamp:1657492050 file:LICENSE.odt hashed -4lldS2wAyMYzxTPwpJ4CON2tkvkdTZ0JGopcvAzouiC5AuxIYS/xBXipO/rQC5dqx/MBLXq1xvXizhsp9OpPCA== +RUSn9xivowlq/qf3wyMx4+Uyj9g5cUkVS4S9snO+EU6broiAIHWCnwVgLhy/vRdNSJHTs5ouyu4s75Mu4tQS5SiaRGziyJLZCgQ= +trusted comment: timestamp:1657508172 file:LICENSE.odt hashed +PyHqV4iGx/AfMIJWtDTiabycs1fwOgN9lvU+04PU5dAYkef0Wakq8EsVvWDybCKF+rd0+i/wvzfXhCK2i8cXBQ== diff --git a/export/LICENSE.pdf b/export/LICENSE.pdf index 1c241a3..d17fa23 100644 Binary files a/export/LICENSE.pdf and b/export/LICENSE.pdf differ diff --git a/export/LICENSE.pdf.asc b/export/LICENSE.pdf.asc index 9dd1974..4938531 100644 --- a/export/LICENSE.pdf.asc +++ b/export/LICENSE.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUlIACgkQDCFqUvbf -SSDqvg/+KHtWh4UCo6th7dYyJ/jR+mcOBXB/WQdKKvhA/2Ae+aq/Bp0ZsvFGmJ7u -fRiVEchG9fHHFFDGmntfOJVjLOycux28j9NriSs4sNwGNEkjdnUHNJjPgSWJSnck -Q+Q8souFKxWvJbJw6nrIeLybBIK7w7KL/nMZkt4HbkhMaris/oIed3r8gQllxkPU -7Bm0hZ2h0yh1w4lxddB61qmibdEQ3ylpb7JusDyTd1vlJCtl/Nr1eep8SeFRCvwj -cHOZKpPRgVPZf/u278jEs1DBJZ7ZZqvI9pFuewJHqa/hB2oWod/uhri0YuycX7Dd -MoiHQXshsqZCIJZjdQRRZd8S0/IVm8kVw+F3ut83eC1QxL2+g9W6nwv/ACNpDRqv -ilETpDPqYWeFXGIfvhEtadOUJY6kCxLhFKQ8/Uiq9uv9viI0vNHcENsJlTGUVCkm -EJJaRAOnlFwODChcC69BHutV5kejWU7U4xKf9Fws0zHR52SH0Gu/j+d+o3ndFrCT -tnrB8kjk00z0tB2zPZRQmeghq8NL44YKJajj3035T0AJ8CBF+opqWjB+qH/qLm1E -UrXwrc5PtkNkHsHbM2XW9acJ4OsXiuDuJDsTwFdTzbj/5WvIbCofJAJFf35l7y/Q -QbDhQfPAdUqmOeLm0L2vW6QxXAQXOyMAzqR4RUOV2HaBimTRWkA= -=RKue +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkUwACgkQDCFqUvbf +SSCe5A//VaxExzF+LOkwhL6BvM/lWMCKHiJeto/XX+IvqZigylHybfl0rL7Y+pQT +fKuwk9TcZqvd49jq6oB8rtwFg89hab/ZK9U7GivtB8Xch12X7KF4AaKZ6sqwB73C +o9YCQgZhjYRs8FxkNZrkURuhmAZIBTLwzm+Z+E8swnGMtmUb+Fn6d0J/DgZvSYrv +E59dVo6ahHNz5A+GcSJS9A3CT7Pse+a+Gwvs4t+S6Q68QKE53kx6Ph12/KVEx4zi +ByFA4SfxHVLFsq9KuHO8JEmSaPJ8Ym00jzRMPOxWrIhnKxbRkyKcmX3smKeTNEnm +AiKJseMhnS49jUVv4/1n6KunntSXHSOTqL5eE19MKA0OaI6ZdGQXpoq3MOW4Tuvn +fqxdd01PvrF8WAhwwJ7Y4PMY9NSIcNPGXGOjiEebXOjLMHBluVgYy67cCjClBHhG +e4yT7k3ANs5oS5wWWswK2SKktUqXO19DxdxDBpTN7mcp/jhvpg/SKuYFKVS4Z2NR +5gei4W3gcrTygiq4JtCkFxbwt6AT48tsK4pXoXIPg3tYx5mWPa6MUZGGaBODtsRE +/ltiQEOt4RsGBkoep++t7T12QGpDNYXUyvYcUm72DopmIKJmlvljF8nYrJ6KdAbJ +C/gvjrVFNOk2K8OFFmhvVjDQE4wOhZkmoKfiKi9L01iQ1m63noY= +=bf7c -----END PGP SIGNATURE----- diff --git a/export/LICENSE.pdf.minisig b/export/LICENSE.pdf.minisig index 6f7135b..ffb1a9e 100644 --- a/export/LICENSE.pdf.minisig +++ b/export/LICENSE.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/rkUE0CvyIuE/vXkv26q6NeGnOZgR/RdR0+Jv3RlChN0OTl1D3/EkXS2Vn69SRIBrSSSUzIdSBS9Bb+uc2kdBAY= -trusted comment: timestamp:1657492056 file:LICENSE.pdf hashed -N3Lrxs74r7kEw0FJeyVu5FRgTZJenzb88zL1L0BbkpuyOHmlJNVgUEAzVOO2HdckUYHyWePZW/56PlqgXeIcAw== +RUSn9xivowlq/hpYKI6wKKEyBL6oZ1HO7QJ/nYIj6J4Aiz7/GW3PLKuYgq8Tc8C5KoAU0b0GG9XFP1qX4x8wm72XFkGP/SUkwQI= +trusted comment: timestamp:1657508177 file:LICENSE.pdf hashed +MaSjDTWt3mZhOZvUdFdTv06LAyb27daJoRTmpX6QuszLmvdNczg2dCszfa9JoYRlLwlEBau6XQx9XBGW115rAg== diff --git a/export/README.html.asc b/export/README.html.asc index 503f595..58ccc93 100644 --- a/export/README.html.asc +++ b/export/README.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUngACgkQDCFqUvbf -SSCkNQ/+Mnh4jaiHe7uJqOWkSqPIGWnpLhJCT0K9ewPG+XRLp/wGKn4hw5ZeOQS5 -0uR7cIB3wjXykEX77JK71f6pJHRu1tjy7CnmBRsF2fO2FBqzXj+Lksv6sF8+JH5W -fvT9001SHLj2XAVr6E0+oRJSEhdAm+0ZHU31ACn9MosvsKeHLVzGTEVYNthscBCg -EIPuV0WGRu447jPZsh5obULe5QvhU70h83GiaBF7CRbeKqxp/bvophBMHRPHaHda -/vXcbok2tj+gS8ZCdez1uGmE39u5E75cUk119tu3iCDu1eGNr/vDnEGYjXxlOPSh -BF8ja0lUpk5rV6GUAMy9dQBw0UW5dLKTLFk+8FH7yRHY4PmOIKl+GLIhUgIa1+X7 -34RX1jIeTg3IWRpKP8kRAXTdOUMQ/a3ui33Xx5AeKzRJSlP4Cr4R3xG7OglOmQNs -hT2W9vFfez0mBefmGE6EQb3iJWrDSm8xEa9T0JVfFVxxIdx6kVQVKA4oxseJzi2x -Ln+eChamLIGUafANGVUn0O7v1ainIbEEcWHThQK+Y2i06CA6cCHm2hkFyvCpT9ph -S5nrLNE+Fx6qRmkNwGNk5GG+hTqxbDY0Pj4Yj1AJuiDAVpaECTHqYzD5zoE7mI79 -ptUYHkhgYvE3RAbNhC3f7AzTBR7lRies7yrxC4FyL+pa3NLcbUo= -=AXaO +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkWkACgkQDCFqUvbf +SSAtwRAAqmWUTpQaBSP7ZgL8LHKNUCCEsHZTlNNMiHEnGzSj6yCGg29k7eHzWhkD ++9+3iHMatFTysqxRFDClywLHdH4mK48li0l9Lrc1YZ2oWgTMY9YzeQ86kPN54vsb +wZLbf+9BRCCtQmXWf8hEoX2XODccfCkc2du5gEETKLtGiDiAoDdylas3Mj0YWuFt +RMZyOxeCw2kZD54mSPgpM1V2ZoQsu8ASaLttXfZfyXO6yOJBc5iOBnkGFklEqmXk +O/b3z2E21/hKmmOe0vW4136rmMxs7/cP8CGmyke9ioM6k937k22jNhATouue9cGL +HfaVyVk+GFWz8TosW5+AVlRutc6tCRUS5IoiP7PTdKZP327CErjHl4i4HucvaSpp +8jdp+Ptee4T9KpCqVq7w70mOnMld9c329JMt3oH3EB2GKYQHuwfhvU7gZtc2HyXN +RBOkGV7PcqoXX0N+MEXw6vKYCaPD4CNucdWrmdmroAParY7qqq7i+b3AQTP/3aUC +K9LXZ2UXhK/i3iOO8cw9mSrrVkmmOHeIdsPneqaheoqkDrnxpWWaUMt56foiW9IH +Uo+mqvXpeiHzEiwZRWb0yPhlFhpGu7j7gxJ4tk1byy9Twj7WpW6bFlw820NtH0YY +zIvd39IbVmRqbMoeD28AkHGwXGHUWI/8HDg0MzVQz0BusjD+8Dk= +=L7od -----END PGP SIGNATURE----- diff --git a/export/README.html.minisig b/export/README.html.minisig index 9bec356..f268582 100644 --- a/export/README.html.minisig +++ b/export/README.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/jCh8xaRRMKHcM/f+ZXrMj20HNZqDgB3XigfRScqV7yRNJl6i090VBu9jsbHiV01DIn1LiEp+++jGtNi2EV1BwA= -trusted comment: timestamp:1657492094 file:README.html hashed -fzFBD4+b7WCXbq57sdBzt25PEi7sBrD4BuvtXbmZhX0GB3FOMTA5LJaSWvSDO4DJhAaEl1c5YJZhnMMLE8WTBA== +trusted comment: timestamp:1657508205 file:README.html hashed +lqWHrd7xdwpwtAPx9jJwoTzKoMT1TrfWHM8fxlKZNmpEnpmLCklqSXrqHmBRrDSKPfo1wrvJqDAForPeMyuLBQ== diff --git a/export/README.odt b/export/README.odt index b7a4573..a9f6833 100644 Binary files a/export/README.odt and b/export/README.odt differ diff --git a/export/README.odt.asc b/export/README.odt.asc index bbf6653..fd0a64a 100644 --- a/export/README.odt.asc +++ b/export/README.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUn4ACgkQDCFqUvbf -SSAeNxAAsbRwbZk92ZVr47+C5IRqJ71QemownmF1kkh5P+cUlzxHjVzSNrwv7x2G -eLFOeks4zHF0e1vHRnaHp48lXgE1i6CS5iFgZoyqjSceJDXlcAzbGETsJ4kqjBji -oA9BvdQVIDh/USD8hdG8FBByEdGk2GJbN5JQxkQNQGmxsds7z3VTg+UB9H8M09qO -KQ6Q4zCjMtkdmQk05H/S+JS4EiJRTjg/ajaRSkHZpbzjZ/k47RmTRXbQ2gg1v2n9 -0GaCAprZPcKeRM197k+sSm+ubCC/jur31R2nH7Z8gW5QgxQ1oASi07jNX/LPkNQu -gG3HTX3/SAPyinyYGzMRqR9Jy3OOtN+KZTFOqaWpw9K9ADN7Ei+ZrcyUpI0rZ5lg -Dh2CblQLkddGADPsYvpuNYUBbeu+X9O/FdwT/M1IwqG2Fbm3+2fgXfnXkKDAHA1n -Cm6t/XlQmYmsbRclnrxFbXJDuZQHTnmBm57m8J17KVwG6RhULbyQ3JtUUzkZdeEf -miE8mcVDkLhPbcFsymYUhkyFTZLGNVs8cp/MSZfSsak5QmzP5iFDzFJFgMosW6O8 -S8woCs8x5XG00PAum5/EfS0Oks125YZaWDLA2DLQqD9ckoFzdhrrG4JeWY9HDAGg -/ojBgh/ISLo6tIW3UP444bF1SSFHEH8DB3XS+EpTFucL+qpDvaY= -=fR8e +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkW0ACgkQDCFqUvbf +SSBKJQ//WhqPIuNjLcZSIQSjZbqMtZxn170kNFTvFx6t2LW/KMNZ5u0FbhJtAaJj +LWL+SlcBoB0dtJs1J+nC6bbTj2JUJqhok1AdvqPMcxSJJp8aB/RQ/+Vz6QVJx2ly +/Es6/PjObR2wtyLOC4iFQw5B+M+lk4QV3mQq7WQntLXbrAPoZVtoyIsfDaGsSzXu +7cn0Qv79gMdJqcprDIhttk7rxKmz2yMdAEZm0zS+ab6udcgAtOTPsncv7HTGe3zg +gWpVs6+7XTCRPqgsZhVQoP2Ndj86ve74rgIkKtPLE83Qbg+8FV6DSIFtSkxIcBts +nog2ZjSNAqxubCRrJ6p47+4b7AEnXXaBVhN6WLraoJJfxXyg12a86CGAep3R375Y +HzqUVAQVUXDFCchf7ki+agaBl7mxe3PLKeuAql7SHvHL0ls297lgV7i2mPPAdMsB +HFvcMk/JXPP8fkniqy3f2yweUrwOILG6rkc9yWnUSBp4np4VU6LXvrgh/IX17OBf +4HiegLj2ReJ9vH3lVoBJyKmSP/tD0pk6rqNNCtCm2s4LQv+1RPX/8jNX3swLr2lb +vrFPZ4WwDabeeombTSHJLF4lRf2NPakH3/WNAIIvT49MbNgOmAAFziaihU+LeGZC +3vsZgy2HpSI16jvv0uUaoplVXAWQV1ue4M/xmns2savKyqvTGLw= +=gUZP -----END PGP SIGNATURE----- diff --git a/export/README.odt.minisig b/export/README.odt.minisig index e6ba821..cc869fb 100644 --- a/export/README.odt.minisig +++ b/export/README.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/k7nZ7rjXSdxg1Tcpk1Bgc9KiB43X1UHggA0+RSLMPKje+KQs0x3JUnhAU8mAo7potYnL9Z61JWW0uM1KmrSiws= -trusted comment: timestamp:1657492101 file:README.odt hashed -Q+5pNGo/H0U8evCR5EocxC+2dEbAkSIslITiYzc0BptBPw7Ule89bYYGSjKyneNJWkm9L64cAofSmn5ze1vEBQ== +RUSn9xivowlq/rspS1l4K4nnguVYI2ThIB0evrAGB5LavTtf7Jmx322M1yNA0ArbgI0im1ZH6Jymic+19Y8HRE0kY04KaDu9zAc= +trusted comment: timestamp:1657508210 file:README.odt hashed +vczu8loJuG41jaNIpyuWhbd+rE+eP3x/O/5RY5+/QxuiKz6FUhb1m/MFQJXXtWafDWBo8T9ugpTkXZJxh+f1Dw== diff --git a/export/README.pdf b/export/README.pdf index ed73669..c28e879 100644 Binary files a/export/README.pdf and b/export/README.pdf differ diff --git a/export/README.pdf.asc b/export/README.pdf.asc index c1690af..eef59e5 100644 --- a/export/README.pdf.asc +++ b/export/README.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUoUACgkQDCFqUvbf -SSBEFw//eGXVoSMjMjx6CbJ+V9wT5C2UbLCzlh22XcVjjI0t/jaIfyRvxus2qR1/ -BMvKodTzMb4yHZd11kdYPNR4/MsFwgf6iavwm6IEOqX1/XTjBCU7c69VZ5jsvWAy -DxnShamyyDm0RxW8TJdylMuArUCqq51pngnIZNAluOLDmt1uZHWfLqRBjvpm85iu -8dxBsjcCoYkSXk2oiupB19RinUlh5lfJregIh0L0Eux7ej3pgfm1GehDLIxVzmFi -ydSDqizOetN57CaR41LI9tGkboxrAVLdnBPwk0sg3X2jhRcARkQlFVOIp9uLMGl8 -uMXsqEe1tp2KTDVMJPcY+Dtnr9rtTz+4lG55PpqjpuMyWrfrWrzMPKIKVpR3JCGQ -Egdvne+vjuYDqvaaMYZToKPEJVEZ7M3GvWXstzrhzVXQ68VevR+S+JkDpdu/vGBo -CLAmVK/eEK24yaiBTQkt+gbQIvU30hVFKDPZS57Uw4vuDNOMXxdDXRJKoQ2X8wdd -3XeQjTlmZIgb2M001+OJfpMbIU+NBcyKENaZc8HkGBU248jE3Mj2QpC4gFalZB15 -dzzMaaa54jIpiYJcfwjfXMNnfugBPyDvUABWdgP1LPtX3SX0IDLMbRc0jHHrmC1U -ipwjUC+UhDAiK00m7NGvpGIOb9pUE3bwGxvN8EHh/kPkLJDK77M= -=tNt6 +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkXIACgkQDCFqUvbf +SSDQPRAAlXsBngoMGtDL6OizeR/4ENhZ3AI4Fg14GaVjc8xORYTmu7qz6H8jOWRP +xxU6OYGadUBdXteWEzA2NSZo4FIiGr4cYae0lEmgVLYvCVRkHEbARFkRLqlzUDcb +dsvQ7tQX2JhtjQpV9+Prn3oOKlDxaxTTURBjduaakeV1F6VnfYYnIc6OIK0cmxpf +pWIgzpr53eoegh0uykaZVWzCc7fOe3t9hb9j0n7ZZYwGY1sbxURGtfJJWJ/pNcDQ +G8W3Q3oAfVqhJyUyffmJs/h+kkmzrlxMf5eYKELRbqzh5OTb/ZCmvaTOwBe+6QL5 +MPEFRZcyqWNUHX15KJSQPLUvt26ZBy9gWtJSiL0++pNaiPs2ZEEjtZSLKfuCe8s8 +jJEB7mTKH7HtK/++rfxNJBMXQXcstIm+VX9KjpZ50O0kjS9EfoPKRJlGxKm/Nah9 +kKY4sJKNIRAMNtZ9jZffXNX4v1nfEPgcvWRkGVpNz5UpolL5YVZRgmCrg5wKzMfQ +rWNUXV2vKiMFxYvIqg+sfXldZQJgzwetZMW3JfX1iHoBPl4RlYgePU4TIaz2w17a +sbNvmvG2lcIjcUWDPiVzW8R77S1tenEkfSM1UgtigiYmt05JWsQ6xDR2u0jHWD5q +C/WSgjkXa67w4v1FCEVEq7gJnOa9nnH2P20AnB2h7aQ/j6Aa0n4= +=iDlr -----END PGP SIGNATURE----- diff --git a/export/README.pdf.minisig b/export/README.pdf.minisig index 42ab06f..c1fd228 100644 --- a/export/README.pdf.minisig +++ b/export/README.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/qEODSPrRrp+Dcs5hmQXp2HdDWU4l+hdpAcArWKQH286eqTo331DiujU5EJw4vU6P6b6tvgq4XE/MK97u3f4WAQ= -trusted comment: timestamp:1657492107 file:README.pdf hashed -voHY4oEvLDsFWUSahflIY87ieWnwpkI9cSaYW5b1cfMUM83rfAl1svWan01J1JapCQCA8odcihncPyeZ0NqrBg== +RUSn9xivowlq/u0uJcCFnwMXP/MWh0qSVO3SCXwbileBmgr8FquL5dPucQ3ay5Z4oBvtBbBtDaViorDtGfxrng/fCxWE+TYYIws= +trusted comment: timestamp:1657508215 file:README.pdf hashed +w75v6mMi2YqQDQCrNlJCH5RYDHUCbyPmGEabbt4TUpGApE3zjZcj5NG/U+0POwNdMKYWql0cyGwhLKD6nHoUAw== diff --git a/export/about.html.asc b/export/about.html.asc index f2b9dca..bc8eb4d 100644 --- a/export/about.html.asc +++ b/export/about.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUZ8ACgkQDCFqUvbf -SSBazQ/7BYqiOgIjVErd5APQpvE4Ya3zMoh6RY/v7M5KzSJESGtTFQubL1zyqgjK -AMGspu03ZhhlsS0wkmmpvQYx/T/WHAurEgFkyWzv9O7fk0TfGf6e44kMdjLriyCL -kBfxtbRXL14jZbQ7MTTiWjI7GREI+i2y/dzlGBxN/nx/tFsvW+Q0Zbr83UuZNteh -bIv45S6GMqJ3d+CB/X3iKBIxNLSfjU5E/goRSeGHCvhhqR+AoHySKPosYhNHz2Hg -gJrkavrLcHcnr+OfqATbrvp/MlazrDemMqlnsWmKje0tyePpLHgUsx80AZqsWw/f -lnV9eeqa+zODjehzsQv1SVR6+pBTYYBERgO9Z/6tmFz8NQ7w7TR2AqTGB19fs5+J -apzm7HKVaCZQ+8NDbkNAXAJlhlSR7ZOFnoxyhpqMCBklXzyiQ+Xr8cmT4jstG50M -/nPw1ctXpL+ZuB00w79JFDL03W5x9mHxHkagr8e0MlvIPfIxRhJwIqa9GyB+Cwed -5TaHLzIaqoU+RJlzqJnpnSGEm7piLVPxprF+3V46J0nN9tlDrCH355DTvGKhSkoy -V306H8Ai2dLTPfiFwIlJCjhuiPer6uRPLLekIhfqLrws3JOd7vTwLIWgh+V2aYGn -/fnnlj1qLFS9Gt0pOrJNPLJRpJdePezZk/9FZd+uTGufQn6f5eA= -=vkOB +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkMAACgkQDCFqUvbf +SSAuvQ//f+8CaHSGak280cdUQ2vNdEQXLjMG0Yccds2Aa0uTjxhStsaLJk++EM5u +4dzz+biWPf4+JOgkmLOHw1IsvKku/ToKU46X18zQK+c3B+GgpNzieBTGYM9WMZHq ++Kv5XrJMUnZQTWOgOERmZx61mlOFmqxM3d1fysRQ8CFN0hf4Twd9V3si7iVDRrpL +fAa3F8SuVz9/mRHOTeZlVvNWG44bzafGkGqHaaStynru9rMA+Yne+fvOK1Edf7/K +d4Z2i8maoCnD8criIOgXqUHQjHIZEiZeF8NIb6YPrX4rFz2d+NZispDeEoHl02Oh +AbFrpNDFlRKAQkrJHdmybGxbAquAFqrhHk54i6O8JWcheSvQedjkp0TAhj/6Eot2 +6+bi7WMYaO470I0LBPTJwz/DW/qtoua9b6kp3ZsGrgFPwYUmYKd4Y8/vyt8oqfdQ +wfsPrO2ITbZiBSluJeiewbeIrHbc5kZZ88MQ3klPaUFwMz5t87NRXQnqhvg0ii5F +1BBO1xIKYWF5fn0xFSzi07AYakbbwfixLxqtIoiAGuU0BEuUGUSebEVFodkdFurc +yBfwQMUJrC3AtT9jFphDdkf7nulQqwlXJDAZKuPddfwhlfCm3DNMy3T+lpY3NQop +E2B6up4Ss/6Ufaii25tjULo+W7DP/UtLnYCPK3lX7EifnC2w7f8= +=WV/5 -----END PGP SIGNATURE----- diff --git a/export/about.html.minisig b/export/about.html.minisig index 08b1aee..86c7e3a 100644 --- a/export/about.html.minisig +++ b/export/about.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/st5E+fD5cIaimp1t6SDlKkdz7nAH6dw/0u1NhNJGsMCC7eq9EL+SMqpEstSlJk22HUL+emOeDI/ABZyA/9DpQw= -trusted comment: timestamp:1657491878 file:about.html hashed -UkCeuNrNX7RbZViEEneHeZiBIa9903KsWDsgVHJQFGj9vRwE/jB+10DZ5aK8OnUzJ/qay82xu4mmdkSvEDBrBA== +trusted comment: timestamp:1657508037 file:about.html hashed +QK7Ug6H7VWomGD922Q8a/wKTjplMfSKqyXHuUr7BkMg6bhlSSIbVVT0g/7sSBCbtjKSAb9kyCxZk+2DVHyCKDQ== diff --git a/export/about.odt b/export/about.odt index ffca8e1..8c78711 100644 Binary files a/export/about.odt and b/export/about.odt differ diff --git a/export/about.odt.asc b/export/about.odt.asc index 31610d8..fc7d690 100644 --- a/export/about.odt.asc +++ b/export/about.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUacACgkQDCFqUvbf -SSDS2xAAhIvfayviwtX7x8RgmNsmTMwY6DlHp2fRgO+MiDsOPMxOdqYVyzPT++rJ -x6txDGunHMLGtSL9d9nObDapjWpqslpSLJffLF3i7VVQDxKtr8e6SbaiqP8EZW0v -fLHu144PCFEPX86Gt0uG0jIHx95ks8v/lTepTd4eYQZKgzYZ9ePoIP7js7VruJkU -pJdKIffFrg8VilMltFBy1ayvwUwWDGYXj/csQ2H+CZk2sloAfx+KUj8QY03w+ztO -NZBN+MsqP7eHiIIBDcwpCLEQ5pTVb8B586ryQF5IKUsOQwgnc5ULpZds3kf1la0N -hTqiT6BNA8n/S7JDkz9vP0WuZHobNYqoRpyz7XfPfpur47GKlRzgbVn3jdx3Ijfs -GoW5KcMTP1gST8niB/6zG6CUnY+6uc8pcK1ksNQ1K92ZkBG39QfmUHlfYGVwm2Cr -jhwX3q9goy1MhRCZXVm3WJRBho0kR9/eLSqhmpTDSm7Qtdcu+dTesF87dEsKFBPz -Pkszdhx2UFATbuEWens7R54k2Mi4ftCfg5jE+5UDNvQHXcOzvc33ftLAbytS9Aqj -oNcx5JtaH/krJmhWaOmL2P+HRPI+mCnvZFevPxF2bq9w9/BCf30D44uJdjyDPJza -YDsJfZOt9kud6woNcumod//n5/FhM5lw3GABXQA/ZVmJOPMoCd8= -=VRU1 +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkMUACgkQDCFqUvbf +SSA3oRAAuFvZopgtdWmFYTpilV+UilV2vGq07pyctqmk0Uvz5Dq8xJigsp2bZbxx +mGBfgXSspMdEutKSQuZgXVvyqZnhhyQIF09qGRq2+nx73pKHyUH4A7sMuH1QtCgD +NQ169qRXB1Yj00A+aqm3VxijnAlQl5XXUw74eLGUZecGuLtU7mfX2OrLQXboP0JB +gHd1Mrp2YT70uVY5uFwkC414FJjoNEoMci1a69OqT08FzQp2VFuxb3f6Ny5OMwYD +enO5Lfwi4LZOu727mmEFix7Ob3A+C3SDj36U/i8wXTsyfizTHyjWUwS57eFgQ5fH +JjTVYe7ltXJ79JaKCiGC4lx7q0CcjP/kHEBhgbdcjDNEMJJwPSKrcSulDxiPWGw3 +12wzVC6r8QeyoeNV1zipeZKOilqx8MjlSgufHYdFnYXgvU9S6C1D8EriP3PQxObN +8Dme99WnjghqTcB+6ajqJq3OmdGcD+BS6rJef/3emX4JtjeP5ePd70yLaOiyRz2Z +gGSc7/8RfabwjQKDHpXPguMUSI9w8oIuWndpgrpYiypkxVvSWUAHJLPzSmyuOwAA +eO52N+Cvn34W79T17QjA+t3IeB1YAXM/O4nuJ0qwqYjg3iljMC2O3My/VkLgeR9S +YqzKmriaE4yIGX3qJO51enbS8QVcLRNLvnQyDXiFudn7O1kLIgY= +=5ZMk -----END PGP SIGNATURE----- diff --git a/export/about.odt.minisig b/export/about.odt.minisig index 3905761..0f2e540 100644 --- a/export/about.odt.minisig +++ b/export/about.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/qPxRZTEgGNaJhLvOeR3R/HQ9xhz3xDc77Yf525Hx0B5GrEt9/I/i05lVBWhO9jD0TL8mAYzoGbu87z/zlO4WQc= -trusted comment: timestamp:1657491885 file:about.odt hashed -lZp1zHiGGIXcE10YN1wOCDCGDgnIrqaNLIEwg/vhEdsX2OBRq/o8w298CFlkqfKluu9gG1V5d014zcjJyG5mAg== +RUSn9xivowlq/molYn0R8PisvlYkpyXeF1/uEL6XTQDtUcULoERGbh7uoHnNuCGzx0yucrh1eMuqqAMclkJnbjKvOSp0QmH7Kw8= +trusted comment: timestamp:1657508041 file:about.odt hashed +Pr8Fo/PN7DBhKSl215ALAsXhykgjpSG77L/Y51e2zUNqIgjhzB1Yyxwnsjq5Kf3dkgI/YBJguR2KvWkusqCGBg== diff --git a/export/about.pdf b/export/about.pdf index 7f758c9..8b80be5 100644 Binary files a/export/about.pdf and b/export/about.pdf differ diff --git a/export/about.pdf.asc b/export/about.pdf.asc index 93f3169..4243810 100644 --- a/export/about.pdf.asc +++ b/export/about.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUa0ACgkQDCFqUvbf -SSAMdxAAgPrtitjoqZ7dfW3FtJMONK+jxWq+07nWUQju0y5vXF+PbKxGg9hBabKV -bxTHk0ogX6VXpfhc5LEkDIjyD7JkhFKwhK9Jxs69+wTNRZjNqIbzVvNFW/ixEMJN -3vs9v0aOyUQAPDCpieD6M5tNjeZBe6nSSjtynH0c51T2of7uVZotxKgRCR30GjKG -KjZEhP5lcmZA7DcgXjKK5+MLx+SIoY3k5oXcJzIgVL70GOZ5cYkUNP8N0IBf03Aa -nxb8vMJN6EAbbTsF7XYO/alTYcInJAu4uIIvWKWDwfXWmGcdjGKAvOThWWSvpaja -9RMoDglkO0Fp3QVcr7UlwxuMiISo7KFO2S74PRzY5j2NStpDo547NmxOmRfD6H0d -nUYGDbiq12Hrp1zF1lL3762CFf0W1B4dieOgaPA8nXWwURZYUjjH5s0UtNC24UVY -LUn1bHBHVIbhrZxTGOKNqCoLn5do8E9MkhVPaL+YC2whWFWlT2xHlaaW3fhfqsuw -0jJpdyJ+0gBr2YSX/rL6jiUmuJLGHjZwyUlhtHApH/b5dHRSX3gYG3GikyQYTkQU -fXVSZA6VTS5LmV5gdb2rmr5AHVPvFNq6MeTV74lrhnz+BYaQM425h9nkEaHP8grY -UDKnlAPW7TELuDLBZsw6V1jNPlJqMd2CYa7Gd8q4l2vFI8VCbEw= -=jBOD +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkMkACgkQDCFqUvbf +SSBOaRAAtvqCzA5LNvHIWXhotE3lyXAtnsPnLArZaWsyxDdQG5WhIROvea36i6EQ +DgeIwWlyvcDVrlKaQpWBarFpIQRDsyuu3E2Mk++UTfPIyBkRxw5w/h09eo5Hv0fe +IwIYHoJ8LaKxG2m0V+1Kv2mPGytIhK7g01pNtfQ+9X/AwTVE7w/m4+a9b9pqo5Ad +FOPrQBk0WLPKIUBbc28/ir7AGzjgMf0IjubdDYSNvqPgFYEvPbHgIuwRfK/8iCgz +3ubIOELSOjqqxndgDokPS7TTBVnk+BNGGyTXZm44fHkG4vuoQbvPewYLqbvWGXc+ +PoCX4b5NF99+F75oHcXOzyI66LD8emPlTBe/gIVQJ1XjIqu3YvJwh23uRd+MowyL +0ALR10LagwP4azdRDTen0HrgU7gX0L6qXrmgW0ZZETwEmRbNgoogi71L3eksXBYY +Ti54lEzltR12c/h9+CfjNFxexSXdZrWzkZGCj+UDX6EeP7Wxty3LWYKVQO9YpMoB +rvdXxUwzJ5xhX8CXXUGf+5f3tlvChEgXc1VG8QVY6CRO6UNgvZsaUTWwTTFAaCUM +smoHVBwdLkg+F+8048UAEPY/my0InHKDKSI0eOP7FuUkU44xm2tFfJfoKHnOR8I7 +Uf9+hhR9CV9qnJQsGAYZzcE9mQM0VAps731QjiWfoEfRb3KLPjc= +=TyBn -----END PGP SIGNATURE----- diff --git a/export/about.pdf.minisig b/export/about.pdf.minisig index f064f2c..ce90742 100644 --- a/export/about.pdf.minisig +++ b/export/about.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/t9WHQpk8XrBt9879pNraqTTZGAxszDsu6XPltvLjxlejGrSu90+Vm8mr+gL4dfoIXjUjMwq8+k0Uxz8irdPzQs= -trusted comment: timestamp:1657491890 file:about.pdf hashed -l73nA9bsVLUrM7CZ/5tDt5Y0DZakCK82VZq9zfURwWxF9mTdSu2vSGLJVBFozWAejcr2djl19eJ8AM+64AudCg== +RUSn9xivowlq/uoPiq/hFV6lqaFjuSr5TvK6XO7BQN4u+b2SCSzD1Gbk1qUAf2qheyu8nGGGhI3p1xQGl4q49UluqiQ1dUYKYQA= +trusted comment: timestamp:1657508045 file:about.pdf hashed +DLOwd3H/Is31MP9GfXIFY8x1zT2BckNdAndUH8ez0t6BMM7A8ionVK/SMLOHHejzOSFn/VFowNnCPL939efvBw== diff --git a/export/b2sum.txt b/export/b2sum.txt index b21d917..89d9c48 100644 --- a/export/b2sum.txt +++ b/export/b2sum.txt @@ -1,45 +1,45 @@ 4e653f564919d29a80e3a4fdbb2859d047aef9d84c906ce6b9e9a1c94bee86b2e83bf13ff1816642e8f29e2d4bb49db99690ddde7e916aaf574cdb189ea05367 ./about.html -d8c6cb3aa8007d18198123832ece2c4a88037cf0cbd5362684e954471ddc4adc53299640ea487af77fe44fd5364d2c522350c45218465975dcc3ef6153d410f0 ./about.odt -d983fd140d8c94b8d75e5668939d99b60c61bc03322cfaafe46db7d8e2008dfb04c7450d6b67a5290dece1c9ee5a90e95b6bc70cd4a272dc554216f20ebbfecb ./about.pdf +f810c9ae4393c2219098b2c48fefb644a99eb0ad8c59bf433396fc8d1b9752d16216949ba5a6dfdef2b1fe97edf73dd7d4a602efb0ed4ed9d7611ef0e4053060 ./about.odt +964739e48926fe74cd6be4ae5e78c4551215156e69197d440c3a6a1d2ca88a8c7d4dcfa7df8e32d8293bd43c9fcfc2954521c040ff92a5fbebc647a48ea352e5 ./about.pdf fa2022dde3473c7b6d20d3929f3ca94940b7378b3fa9f46d3f6faf2516232ab9edde4617eeb1c9e54c53d2b9bc7d20991da89714c1c4a68b4a48e93cb6927ea7 ./briar.html -7ce46e121004814383e32dcb14053543da28a81586539454458e9a0ab0406e36b6ca6779d370dae799917ddba5f920e9d0203adb0bfd1b99a38f4c80632b2af8 ./briar.odt -5879eac9bf98b064f0b16b38735d5d7d036b67cd85ce6bcc9222030af1ae981a9386de02561b764fbb5feb67b9f13bec49619dc223bcc499a205dfff1ce0d770 ./briar.pdf -fcc5345f38ee1e06f352c26244a9a9e613557946c801ed30ce1d71b1c746af6d675ccc9af23559a39cb058a1d88626ef83be4532dada878585ca88d852f09fe2 ./CHANGELOG.html -07e42cf635324bf9c46f99404f5d0c3f32f7eeda8830b339834146bbd0c865cce3d23e5f22d32a3acc7736aa3f71e5d9b39ffeb8b574c4ed411d7a8e3d4a2dfe ./CHANGELOG.odt -8554a82eb1f9a8c6107d03fe9fad79c8649909a8d9a536f9747ef399b2e983c19077d40c974f2413d28949a533fc77e467f93bd9cf91a2adc673e07ec8ebb8b1 ./CHANGELOG.pdf +b8f1f2b494c7a7a297ee2be7e8f0084dfe90619070b611d1b8f9ddcceea9af4cdc1fa64705475fd7ce14ae242e852e5fb3e52f44d8852bf661928c131462e39c ./briar.odt +0cf1b164f1dc9467fec43d1eafa61998759bebb9c12afce4f83b348bea9528edc6e1dcdba1e9ff5496035901d4b15cc5deafd8f744ea018dc9fce641ba580b53 ./briar.pdf +d3739beda05b61737738ae8826d5f3c085caad01e33362d0b9b929043de7b7ddacc0ea610c3466376488484e91501eb92f816928d0acda2a40bd0d96748684ba ./CHANGELOG.html +a710c48554ee5f4bfb82371a781b506e6381f342b9e9846102b32854e35736bd6644c844f32e2f464fc9fe3ec79f46ee7b19df683e094fc67c002c8274e5f99d ./CHANGELOG.odt +8ce42f8ea691722710c7dad1136bc85a75237a08e0ee2881a40d632aea8bd24e0e61a38766a3f5665784c4622332da12c331354fe213823824b935cb8b922730 ./CHANGELOG.pdf 87e0372e634065c298145866d16d41d4dac173ece6c47963c6891de00284a8939c7089cb3985afede4ba46991a6d8f3a8e9b5f9ec2cfbf0231c706b0dca0dc2c ./chatrooms-rules.html -5fa3ef25718979972635e32212a7e855f785e40adf0825fd46e12cf5d8f3478ba6047fc7578e7aefdbfe22015d4e013cc4f015964defbe4ee435c1c8c367ec47 ./chatrooms-rules.odt -b73130f1b208813d7c232dd3eaf0b200f58a96bac7cf551ee73e419ebf4340ed7d711ba1fd55edfa0da3941c408731b6f9e29366ccf1c80c6c1b2f6ecd0a0575 ./chatrooms-rules.pdf +292034ee4c01a7f7be885653994a69a279865bc0758281f6ad861d93451a66fcce530e6a983cf30bdaab7d50d8b44ef127bbdf387444bafd642ab7b782df1b2f ./chatrooms-rules.odt +d8ff38ed0651c3d4e8abd187ed56c8eb6ee9996e62bf6da138ae921e6c20c7c30f02a23bf8dd8eb52f89b2b4f82383a1cee07a74b297f1070abccb0af5371d47 ./chatrooms-rules.pdf 90a74796dc39409d56462e6e5d16c1d26602e1c01bf95525317b192310bdf311fb93cc94256b450a18da8d412b02d57a3b1b48089deecc4ae62186b160de6047 ./CODE_OF_CONDUCT.html -b5deedf13875f22e0f51578b3fd3d73dbe8aa76b630e5cd9c3ff8b04080ba125b74df988522bc367761bb12f248f67809b1f823da336e88d9e5d6e1f94c5f9cf ./CODE_OF_CONDUCT.odt -ac525543abd25f4be1c8f2708ee43296ceb8958630030e3139db182b127a6001577572177f7a63e6281183d47db0b7b9d5583934b6d6fcb3b93524da3140f5cc ./CODE_OF_CONDUCT.pdf +f972db42d49a7bef5e7dabd6446048d4bbc2c548cf021432bf6a5bfd698ae3ebf3161a71f04d778af89f7fd3c2b665b5f01890556bf866f1e211e8e4e4e59e0f ./CODE_OF_CONDUCT.odt +167b274c2af09cf20d75a28795d9f323081a7a0fb02723ec52e8ff9044679995ffd54407a1df8a30d4a2d5e730333308adbe7a30c17394c266eed77f2de67f50 ./CODE_OF_CONDUCT.pdf 0bec3cfa1511e10380507101d2d5958911716802ac1b4022a1027b3b859d4b4633a7878a96da09043d12fefb825a198e183deca97e2109f1b0bd2c4d162aae19 ./CONTRIBUTING.html -20f729dea8ef6540aaaf682009c887aeababed07cfe2d1c6d855d5a6d13c51ccecc85b3fc5ccaae5e85d0f90b0914a0cae99ee2da5f669bd5cf405b55f747aff ./CONTRIBUTING.odt -9227486926140f2fa3169fae3897cc5b7fa9281e8bdefc97a45f9e24046a82795dfef453d06baff9cd5c121bec10c11be3bc5276b9f16406798403e2933846fa ./CONTRIBUTING.pdf -140ec5d4c4c0c0f7deaf7a096d12956ea16ceb3f65bfa2218348929a458f5821353d5c63f77d259641e1d2054f20b385e18348380ff526dcda8ce0d3ed11df10 ./donations.html -c81c042a437c93008488df57b3bb7bb35e92f7316515d518b586f67fba9fc41e0e8200e3209e241f624298020c62ac65fe0860f684ac077fb028790214e456a1 ./donations.odt -e73402daad8f2d934cd38279e9991403dee5392f75a8ff27d1a7c8c4f621d9e0b7311e78ccf7058bb5f1b6799e000f22b2da75f1d82d8e7920e1ad725575e249 ./donations.pdf -fa85f702771ab37387af3ba123eea90ee97f70a05f0f4b9c63c781b85569df00d1a53cf1a2ad7ca418dc03a20d3842a46e428a1a743cec9d46eccb61e3d1f3c4 ./guide.html -f485fc66596b3cd82bd5086a6f98716f6feaa6a30f3478c30176eebc08cb61ced3d72456532d406c504b7e8d522f72f8476ae10a12b2795542d973dc225a711a ./guide.odt +8f5eb7a6727260aeb152cfbcb536d5b46e590f606a43dd8735390e41a0e633b64e4639066976b685f731427b919ae97dd3b4e30759e8aa63b8da00a7da211fcd ./CONTRIBUTING.odt +49cc89932cf472abb6943c3ef76a0fef5a8de25dea0c8f4cd2b6222e17512ba21dc510c8de5e3088291333726cdab57ad0b12f5e92329a4a22129cc3a18aa0f3 ./CONTRIBUTING.pdf +a3add9e42e8cb69c52468d751e6ff03c68dcd2bebec67475a9c3fe726ff634d2775b122aaeee8ed4c625c5f066ce5eb861d39ce046dcebf54fd35ff5b7267ccf ./donations.html +f9994070d862166b95b14b7884c43e715a1a161971a304deb2af25ad2b992ef1416e7093e46f6875d897e4a185cbba0c5d00bfd62971d5958698a2515509f3b6 ./donations.odt +e486292a414771835690993a3b460d05822eb3293a3302e32e6dd92367a6eb1fb46cb5b9cfccb4b93f122572da3ff07550c50ca1e23dd5d70f410c4b7c2c6909 ./donations.pdf +a1fe771d59bfc4bc6a789f9e73c1f11b78c8d0eac303798c605c3054b7fe1e0249c49cd6377869eb10de330b2bbb53a42687d2317582fd810fee9d755b876168 ./guide.html +aa85ce80ff6a968cdae0d360b2464a02a5e7aa9ee0dd0f851fa200c0d6041155e7dec7de10fd52c73a61de27208453b94e7c9627924ae9d31b02c04003db5bda ./guide.odt 77f8a28d871a0b7b6426acd27d3c03ce23ac15b4b16a50f533cc809ed2aedb676cfd03e3e28621a30a978306cd6498fa6ffdef23017f47d820a53f66a519ee2a ./KEY_ROTATION.html -b30e2ecab2afb87ae6c5485558e7ee83500f09d74764b60a5d1d7d2ed1cde30ac66ef8d6e4dfbc9f7d2d2e7da3af18c65d35b254d6a8814f17c913fdc9a1d096 ./KEY_ROTATION.odt -599a2c0f849d0b2440581518263e56a496c87cf59c610c2d8610a1fa058d84456e21a73602f5fde2acdb16be0784b6a162a591bd07c99f0af99c3831cd742ca0 ./KEY_ROTATION.pdf +e47de4a84801eab46f71b1ebb72c109c16d7b611e1514145c874eb30a2640f0a4d7bd15a96b65a23dc4cb3776210190fba223ee767035fb33824cc3d62ddf3db ./KEY_ROTATION.odt +2e17fa5d9e7f68ab725dd864f745d2892618439bc8d0f6a3867ce8899f3788ad07ec05558a73c686dbe6f75047c810b8c446326038c3efbb8aeeb391dd339b39 ./KEY_ROTATION.pdf 76bf644b19719413ab1ab5160add8ab39977b858a2901ff15f932d35b477422ca9adb5660c1fff3655fc39bde8dc1130de93a8c6ccda45596ef96417d6bcd824 ./legacy.html -380737a8edb92392ec1920e0584881bfdb2d4627740a05a31529234124b3a24158c188d1b03e251d49fe7396529ac750368605342a05b36d0367af2fa08e3cda ./legacy.odt -fbcc79120c93487fb8d827cdc38922a795a7bfb1709edb7a4ba6fa173ab04bef07ba4cd000a828765f31ddd1a6d82f5fc5b03d9312190bd2e517710344fa818a ./legacy.pdf +ed68bf31b318a561ae43dbfd03982ee2282b9bc2faedaa78bf65ae3c1ed3f36c69538576a0ad34476912ffa097875319bed92e158dd226e06167b441a933810e ./legacy.odt +6379310c5088aee11e36a9ef1e65b46f771b5f5e385655835199f1c8fa9b475372e45c4f703f714cdb3b7d3b7a678e882868b012e57541ed35424dc48048bcc4 ./legacy.pdf 1974396da631c1ad9f25b5981b648cc6b981387fa9495c725f93ae1ff3d55198f46fe70f1021e1957e370344b882d08c4ca00eb8bad26a9aac646d19122f1376 ./LICENSE.html -f7c8e1c457fd45a0011609ddbefc9f520bf53fc29e5b227c78f6046e22b8b99081b398d3f99f61a9499c84e05e58619847b9949f4241da191a2991aaf4235d40 ./LICENSE.odt -746dd90375a5d940d5a5021e98ebfef870101f12c1c1a605d2f996ee9d7d5e2e3694ae4bca742c4366b75e3a40c293518ed5677be0d121313ff0f7f5259d9e06 ./LICENSE.pdf +be90e5e55ea967cd149654b4d6a96510e4dd80b21fcd16646668f81f5911da8cbc2088768b6e67d99ac8f451dca99e07ed1aed628aee4150ff3f632f48f3df77 ./LICENSE.odt +ecb4bbca6358403ca68c7be011386d8d9a0989ce87139652c39906f7e35b1fbceb59b666621aac5caf9335881f603850f811c41902447f2de00a90af76245734 ./LICENSE.pdf c3c5fc8d11905b9cb618013a28b32d207cb97adb468f4214b7f6aa562845b47c8a9c23594e41f9713adb438ce13bb5e9b04cc93fd318ee5ea2b4022f5b0269d6 ./links.html -e10207fc556e28b5de95fc5779fec9de35e9d5e590614bf02fdaed00b6ac51b5fad2f274940b9117ac06e3b496f186c12b9d77ed91308a18d3c59e001e095606 ./links.odt -82df9bce8a1db444b01f9b10183e7fb2203b7aa1910fd63266007d279dbac39c46a1b47fdf8fb9533d197d1a6743e3a7f1a8b1d87030bdb747353a9f23d73fd3 ./links.pdf +2b97996379cb4898d94c482c8cb392d4fed1fbc1dd9d9adecf482eaeac1474e51b41c30a9dbaaa9d982c1560f17804ba81bbb1e559041809ebbfdc311cacd7e4 ./links.odt +417a0aa05e95a0896f6d29a1deddaccdff81626fdaa781bf93372cd10bb254f856e440fe86e669217b4f473015e5ecb16eac8659c83c6ee8db9b69e81233c01f ./links.pdf d30df9b287378783fd8acf78a5c7745f993a1426df43e4fe2ffc165592bb6e45732fd77d5e39b84074736c746c6052cf74ed6e758d7af9df212c1ebf698246a6 ./moderncrypto-rules.html -978b0a472195e461825e51ece7a12d2153c7c5d7491e76e167f0306094657c7225dd8f280fe8fc45cfbdbbc012a16f3d720700d91a9b8ebf98bfa1d0d37d98af ./moderncrypto-rules.odt -f0597f903832254aa8ba35c880f3e5f2c5d227b02679d8d93146e34c093374d603050974d7e2e2ceacc6895116970bef4bfb4d647b0b5581be42e1eb9c58f668 ./moderncrypto-rules.pdf +bdd616b36d6146c0c290437f2cb288de828649620349a28925cedb389a9fde27d330393ce9e83971aa41c31242dc9f577d3ecb0a7feb64734c7bc188aabfe540 ./moderncrypto-rules.odt +6f3e0f6d1429545e6c3371cc44d5cf5d58eca2ee6005f0d003667144b6a76f48b06d55b63587c9895b48637a7ec82f191b0de394e98c7e623c587824add57c7d ./moderncrypto-rules.pdf 2c84e3c12da38ec3192993921b587fd1e91fba08fba296e3e080862881caa288b2e01aadee5d4d5ac847210be1e62040e7dbc7e1edee63b73e121fddee400b8f ./README.html -fa4e18717cfcab591c8f8e741cdd31df67f5c7df244821bb1b3ad88758a3afbc0547d37ee3cf4a0d6f45c04d8e8ef0cc186f48c2a383278f1c06ff982fb41fee ./README.odt -42e5cddd4ae615179906abec5838ed61cf8dbb1f0eb88c69c2104cb536ef714ffeee4ee3b169718aa98ed23bd6f60dcc1442e688de7029fc6a1c42ec37f9ccf5 ./README.pdf -0f41d89019f9368c26741a4cec9e3835c61c8249fbed60b7d407d262ff07d230e5127784a7c3d13968981192f0f38ebff326396f224fd27266a612797ad4a5ae ./sha256sum.txt +be371bdb50d7612697172a4c4c9502e59830b6d90b9867ec8a0dd45789c9f715d36edabb44fce8177172354b0ac5ee298dcabe35c92cd30f61392c37ea63f09a ./README.odt +c6a143990bef302c87ba8ea92e2c4618938f31846fa4281266ab54c580824e9f437332197caaaa0a2f85bea718c6a863bcca362c2a5c678e247e5c88b521fa43 ./README.pdf +88ce489bd6e211f88b8c586a9104873a8e478240fadbf857ea8a6e9b860577d4b5034ed85cd08b83f4b630bf44033d341f25696cabea365969b7a6c14e0b7291 ./sha256sum.txt 5dc62f39756c0cb0f438ceee5c065d2d448e139acfb89821319dca07bf98258b8d9ec532b4691af5ceed352928d1125a01f9d5f5968eb17a1226f6d5a85bd677 ./verify.html -11d2821c1b1efb6fdf60905ec823c28faa602d439dfec5772b2d7e73628744e2ce5d3a109f1941bc6b0b9a36e631c9bc0df480cdd1bdecd8fb8e0b4543d0a78a ./verify.odt -4a1077e791fb35ddfb0c1bf03331a456aa9f63560ba63a6323b523792db0ebfb35cbe4cbec19291aa2d288f9a090278b7ef1eff98e9d2da290df3a7001f234a7 ./verify.pdf +f54e9ef1829fbfa2ac048ae1fe6cc7357f92a5354a2128246cd4736876dc2f44e510f7f8e647be709bd33a42c38ca94b304b3338b7a1d4f1999e50561391386a ./verify.odt +3d2af9bfed39ba1ee3779a727b78417c12a3974f3549f335ae1ef84c36be04a01beb550197893efc52073ba96b0a8451580bfdb306ff6bcb1a771b6af0d6250b ./verify.pdf diff --git a/export/b2sum.txt.asc b/export/b2sum.txt.asc index 4cd1e7a..58ed7fd 100644 --- a/export/b2sum.txt.asc +++ b/export/b2sum.txt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUbIACgkQDCFqUvbf -SSCYoBAAtAy+bflAOkMzXQ9BXTXkm1lmccGPKkL/qWkFNsEjY9sk+jzwQd39TUSd -3a2z7QiGRR9H5I9/mXPuG7UEBt4D4VMA3jtfF7NYaTAF9a8j6E29S/5Yj7DEfp2a -mDRHkYWW/HMH+X4lJF3VWMTgdML/jyL04SVad6ZuQZevXcwX+Qq46GZpCP1mCwpK -rELpGxEY0g2BTHrLC2Ap0Mobo3Rhd2H8uiy2dWobDG5PSCj+/aZSJ7mZtZaqePQc -Rsc53XwcBxN3LPtZWSscjC9R045JuTvygKRqeWP9xzATpix2ZZW6vi1Q6KO1p00l -w6A2/5NqBK5j5FcqUDWp+2JNSijx/qWeddXVmybHc65eKJo4KxAXDDMxCftn7oik -O4JRa8/0NlO3fPOGjjtfMBAW3H/wy5z/RnpfbMBwieoKo9AcPq9lszkQRlOeN140 -QwsCJYMJEGC29YvXe05stzmNdZ4mHMjKfhmEFomVWU7+uGpO3nOe0ujrklPUcLD5 -jwTTHMh7Vn8x/vvyEE6XukapVp3SorIndISXxDP+p4Zl792Z/KvdksENexpczlhA -0iukwmwt77zD+Y3+/gIrIl49Mp3Bk9ChQylcDmfR4LzdpOONGDSPkigNCA8UPZCA -q6woPJbEcbANpVVyJ0MQrjFoAgHsX2Sc2jXHBa9MY651p++OpC4= -=/41O +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkM0ACgkQDCFqUvbf +SSC9ew/+J0SnOWkHi1b34DvK0n/Fr3AQQtDACfFh2Pm4X1keySLrjiU5j0GOYVFT +Ur2IaAmuMm6i6X12Ol8ymcgtFtwyNIZSzbSA0cP6B6SY7evhdnH4yvjKoftShKGi +d+JTOmUpLaU3u2lCsoV0JIqf7wa6R0KDSBOnQQAbizDeOvYsBNz7q+XIVGEqH1as +Dosu4pfu4sgj2+XsIg+LZf/3Rs4f/XELrNs4V6m0dKay3q6ITiNcGakyzWiNk/K6 +wkD2HmnPC0QlD0CQOf5pl7Kv3ZbqfVB3R6/u6IZqBknweDW5c3udDbvth9aiVGR+ +kdllIphSKCOMsPlY03v5uyqaM8yYMstYANcLjJz7w43JgEeKWJq1Wkq9A/1wQh45 +t6hNrbP1DtGHWayg49PhN4tmhGlnT9yXVACJ8jb5FGf9N95tMNAe0+oiCgHc2Uv7 +liedy+GxAkXM1Q1qEsGdBUGXvIh3oXSme14IcGgHGMtsS13TV6d6lvCFUKspeDhv +iZfXkZgf3X+y2Relj9uN1Z+CsWU+txZWfMANCUBAh7glGXs07SoI0J235D/ibkg7 +WjEg2qOqjHKfpAd/zx6qmsDDYdun3mR+TrzjpWUUzEMNihwxj7tQgrHhcxzPsf3p +iLQP5ue8Dees6MPnuCBMKXeivA9UG7Qq7Nb+qgE9CNfDpfy1H2o= +=ALGT -----END PGP SIGNATURE----- diff --git a/export/b2sum.txt.minisig b/export/b2sum.txt.minisig index 61c38b4..79ac008 100644 --- a/export/b2sum.txt.minisig +++ b/export/b2sum.txt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/rjS7jppSYc40GcWYrgXHPtyjJI3WaVGOL6CP76I2JCOm0nIrGudFC1LhSiCp6W6nNZKEQygZiYN3lp8YW285A4= -trusted comment: timestamp:1657491896 file:b2sum.txt hashed -+GsdV1Q2nzSPmywK4dqSZ5wiJalh3OmghEAKgLfpfalfxSqqxC//y8EV9ZXGrdeCYq6tZ1zquVvn66qZDjoLBw== +RUSn9xivowlq/vU3EBdkiRnFgOZfnZCqA1cjcbpd14iEz6IEotAormcC0mYVDDT+SJ//fQwbn0Simk0DDhA1VIm5uh7H4ypUVgo= +trusted comment: timestamp:1657508049 file:b2sum.txt hashed +gRTlu4ghNhs8brkIS0V2bHRS/mWIBrie4ihhF4NCvrT153d9U0UdCHShbf64TLjbDJhvYnJ099hZd/MW6DlZDQ== diff --git a/export/briar.html.asc b/export/briar.html.asc index 93e3f94..3e410e0 100644 --- a/export/briar.html.asc +++ b/export/briar.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUbgACgkQDCFqUvbf -SSAw9A/9FIcMgHbtNiYoa9UhKna86gDwWOgw2CkF8v5s8PrnRAbcCC+tg8OlwVQi -W/NYgmTe4zqmJOZ4hhXLia2aTh8OeguGjwEcL6BwKZG6SOCGXR7oTteFTp1wsMAP -Eh9RN7ux8rZDEZ5PO8oBe57tmFfo7Hnh4Xb9UjFGCFuGKmlVdc1DZ7yis6Pcu4Pd -4q+joyAVOx054jM6nugZ2BBe6oKVrcIuX8cJZuQL5UTJ5sMN9i/pZYVUCLeO5LWd -RXEK3VDdq+JLT9OjqgtmkYAYtTUZf7D/NUkqwLAAb7247hG1Vrx2WeJZsFm/6goz -dxIA+Vv5LVDfyEfuE5xqEnLnbSPei9OIKWz9BHmQN4m+9yITq+VmfQgAabknmVlE -7oZfhCcB1rPAe6Hld1mI+Det+S10f8rX/jLJA6oaqjjBQg4X8cwgOvV6oqBvWDWy -fIL8YEA/TPWUrfuhdH/o1tk9Nc8xoiYLkZ37XEJ9rpOGnVjGxnYbttM5WPcWH/tZ -2ed2wbS1a2u8UF7/Lmhve1NygPY/a3/h6KSdnrNzmg7sMQNEXo0nzm5QeSVtrnf6 -NndlCOmagHPx2pEoJKRWLw5QMMEsVvjceRf0PgM/1cCWDdfUNoG8Eyoyu401sRhs -0g3R7Vt6QioEejQckWF6xktoP1hBxmkAdJR9ICo0VFH8SwuA1tg= -=J3b6 +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkNEACgkQDCFqUvbf +SSBwKhAAirjJIdSjdALFNubK7TYj4EdeK8FQo6WCdHxBlaQDwz4nW5cUvCuqT9zg +TH6Gchu1Vrz6YER1Dyk95he0DnNw3T3jjGNrXyCjtt/EdCRedHupe89Ji9imwT0K +xDyxpvwHOXkZANpJxUFrOcawUi2z5DsGz2osO/lJKw4IsS8CXuW05Gm4v/NNsYpx +uCiu/9bavcoVeqHp2eo2iA3U3GDcssE4MiWXepLNFC5F8hYgo0XnPJPYu2xH3gfp +B/Q61CDqVCY2Fe/Xyfoo9WOlxHoCWUJc/A+Z3EqiUndjcvhNYgNMgvqoQ7lVQquF +T+5nwqdNleEvpuf6/hy5xIn8vf2ErYD0dALotbFzb+mXLmN5cyoDu02a1VHrEKYx +W2vGczadMUq4+Zm2E0nOCE2pWxdZqwm3HW3hd1KbxF986fVUp5KaCJBVtGrgXujG +vl3MSqenEqvpVmrWoxhmIW/6hqfzahJCXDDfKQo6r2XjnKvs2HKRGZ1hgvOxIoNb ++EDHcmmY3VHTCw+Q753R7ezraX0jLPAWKm7XDl/16kWysozvitnHCHLID0wZ3q2A +AtQMPQtxWfiOH32k4uYtxS9Oi6c1lS2b8e0q/QLnQ5ZEpsXEhKcJsEAbygzklQbj +6XwCFxu9AbXJ4gKjt9jVl988vtfdjTSL2nYZKr42jAvbAHAJSIc= +=gijF -----END PGP SIGNATURE----- diff --git a/export/briar.html.minisig b/export/briar.html.minisig index 9530450..0a17b0b 100644 --- a/export/briar.html.minisig +++ b/export/briar.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/vk6JFjd+ZnXw4lxk8Har+d8pJ2uPLBo8oZJC9OAUkXzj3aW/eXQmQPObDlhNbFOJjz/xW5GLUbM5lO37mTJFAU= -trusted comment: timestamp:1657491900 file:briar.html hashed -4Q6CkyK4jiJxIMc+uHGrOalJwaCN7rOmBpjlik1jyjqS0qx4mhnqyFF/ZiOxQYJo3QYV4HMgrUz963bqbWYjAw== +trusted comment: timestamp:1657508053 file:briar.html hashed +7jkAi/mdE9DBSidmkaxrK+gnP/mH0yjTivp/2FgCCjldqqeeHLbjT47LceX8r2PMJdMckQL8DbjDpj18DvBIAg== diff --git a/export/briar.odt b/export/briar.odt index 9e03614..9118e75 100644 Binary files a/export/briar.odt and b/export/briar.odt differ diff --git a/export/briar.odt.asc b/export/briar.odt.asc index 174db6e..5dad208 100644 --- a/export/briar.odt.asc +++ b/export/briar.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUbwACgkQDCFqUvbf -SSCLTg//SgdTgZlwRZdleQjJ9KckVdZSBWf+SkGMwYC21FCcyHNe6aPQOcMaR0N5 -lmcEyDCoYUmU953uZhBAq3GMtjrW2vDXcYw4r0Ul8nyOkEWZX6eT5q6pHRkGVc5D -4RERx2ZfHkeosfi07t4JUCUNfC53eceWLSK51bppRQpyvBTLkglkqHvXdDgWaNJc -Lf/BfSuOuBYXO+dC19GpZuK5gUjndGtmhZPgl2Agg2dOEKAPSUXS4qd+Jvr6Rh3G -A40aVYRVimzMlcnkjaGUG6O14Qf6clb1T/87lkGs4JF9YX7eUTqw2XXeC/AUDG3U -3UNtWSckH6ClemuiUkzFv+mFWyuOE6TozxI/LLKAUwgRV+ZlUBb9Pdx6XjBm367n -97UVh9zjdTQ4h8O+Hf8tSN6tWuWqZVDD7eBucCQSHpAaFNrSNJ7R0VreINvUfsA0 -DIew0mJ6GR9mSWeKz81hNqVYxSPC9S1UDNQXBgbemAkdlH+VX23STGBezK8qKKJn -ZXlPpz4fpFV1q2lX7MKahOkzPj5dLZRreN4RJPx3LGdvQmx3WeVnFuVz3nVx8AbW -NziKbrKF904QoOE7ldxQ1EsLBEszd0y/jdHVXJwOiad+Y3YZOjwD2mdy3mYByobM -0AzmCfzM3cHoirk552xfV9dBahyoGvtwezOGAdBv6lDyFiM+Nz0= -=ETBo +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkNUACgkQDCFqUvbf +SSBSWxAAqOZmGd8X5b02GG5K9HvozONfyeav48OrxqWNXl+6JBpVbvvbDfgwtiqG +d83pALbzBXkY7gVhUevUKxpOJqfPsQSrn7qoLkXSvZR+N2cTNE309PhQL8DBdQ8a +lPDBHXX/b+qgUinlLBIQE9Z0NjVytEbzpXHrmF2NQde8K7rY1+onhmt6X0+wSoDP +KLFX0vgL+vsVxk74cpqf7PY8d1kaNVNJAbnQljPGZx1TK1ez4ryXJWyDRVERV07F +tnRZhFe8LzmBhHuTuzKb6SyGzOrMJS2pbHtEGulbzv0qj2WPUO6U0aUZ12o76LZp +9VJqvW9eGPxAli0QYluEdG+mZGt3v2Ggan0xAEF8YyKS8JzcHlRgDcOGw8FRS6yX +dlIcTL/+5q4jk9bqVdHZyT3Yqx09LLKmflc/vO3PxyCCZI9gPCx4GnqUscAWBjnt +DsiDeK1JDtw4nwe44MlxEMwzQOI7PYCS7LQ1P5SrWdTLv4QkBXe0buEdvV9gT2Ik +WEhaVAowfv6JN9lzIhrv8MTm1U4Unfgq/fpRFoLzucIUIwqRTEmruVwccj2sotxg +LUFIvAUKjh0ENEQQlfSWD+m1hPaEXoLS+UQdf5IjbYGv+LoGUNyuWFm7ozaJ6yDn +l0GB28NkZZ/rM7/qoupCOhcoI1T6Or2pEoJU6J+Fs5HWIuCXB6g= +=aEAc -----END PGP SIGNATURE----- diff --git a/export/briar.odt.minisig b/export/briar.odt.minisig index a47c90d..116fc74 100644 --- a/export/briar.odt.minisig +++ b/export/briar.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/plJpvvAB6FP8gdMmZDe25wdZCrVrV20m76Ek6GO0UFdRdoxV22n8AVHlGgzA0LZyrxdLtrGF51k+VIA8l4D5wc= -trusted comment: timestamp:1657491906 file:briar.odt hashed -oj1h6HTN7ii94ORQtiWnb+sPP79b4G2my6Q26FC1LBLr1jNBF7f+326yxBctmY6+lGm95YcgSEvDwp5BhCsrAQ== +RUSn9xivowlq/uJ0fmghA6Oq/jwQIslF+PR2VHErmkKJHKfLHyU8zpyX4dR4sbtI2Xznip8mBtblVLjkcVhWD2k1xBhAT9IRCA4= +trusted comment: timestamp:1657508057 file:briar.odt hashed +putd4nboGTygUFL7ML6aTc/X2jDXX4EWemnxibHEXgEjIjW+8bdbIkdW9ZkjmnfjodXj28vbh2TewOXAtfMjDg== diff --git a/export/briar.pdf b/export/briar.pdf index 96f7898..501cd48 100644 Binary files a/export/briar.pdf and b/export/briar.pdf differ diff --git a/export/briar.pdf.asc b/export/briar.pdf.asc index 890a072..d0bbbb4 100644 --- a/export/briar.pdf.asc +++ b/export/briar.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUcIACgkQDCFqUvbf -SSCh9xAApWgWfI+5LlKXcuBMmhmA0pFTvMY9wAm9nK/0F0KanuiXwtEsHtAFGQDB -sdGEEcS7ZaUsdUPN8JvL0LWwAshDPUrDSkyBHjJ5qcSTo4qIt9pqW+bsBGKJi61+ -7XLLgWL/xPLjgMpDCPKFf/3ZmSa8MkytK8hohwvqg63XPac0WgcW682zxJljtlaP -bv9cNm8BJBdqCYlTarRmcCI9RYVDu6B2sph1ttEYMp3eU3JQLzZv4LsZ4Q1FLSms -Fc0YJ+VASDv8lLpWVTfdYi8uGCrd0LWiqgZNR7HKr1qizQy5TJOmFGch/xQ3wXqT -pJV9GSuupaURbv+4ECm6d+TVPQv25lRVcAtXadLlGcST/7YlvuY/5NPKYJL4zcK6 -spHS6FiM4MyOqo0OO7vIE3X2Z8mostOoP7jd99v59DG/H5GqqEgdNjhdAriYuacx -fi0031X66AUX+Nj0URv3+C8nqGY6H+3slQoZPlTOwsetp8N/xILxlYOQaNyZ3vWq -zt4KJh9Id2925sRfoT0CndkYan624am+lAAUzCfgNn5z5X/s+BsAa0Le+hxSYCoy -8M+VmrEA1TsxsoOj2FkmaOFYkD/DEmxFZ1O6+fsee7Uoet9K0DOP8425+J4jy3/1 -lNTHv0DazIXy8UJhEVyWxRo28fML46Eo0BjK6jU5Qss3DJJkbQM= -=MfH8 +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkNkACgkQDCFqUvbf +SSAwLhAAonk3S+/NhFJFAvcCbYDGr1Y5l+fv9xrCoIcCggAY18oI81JOW/KxLTLv +/sNsj3JyEZbEJKjJttLsPP4UWmNyxcGDMbFGLo9MYdCohKE7FVhoIKD4B6WrqtNv +PGrBPJcZhd2aESuL5ZE9ZxXU9ChcWVeqkwIPn3e3/rVBWqafZZ8VbPmO1L/RTHg0 +4tCvV5HA/HROnbZKH47YbmIGzeLTbstSKJC/Q2nPQQArAeXJ167gWAN9fHEG68PN +W2S5iMNdcalSfqbXlXc52Dh88LqjLk6q1WqzeJgXCoRQhL0t/reGdRSwKI0zRNRZ ++XlDqjL2wjGLFc6ymZNSYmPBg/kwhfQp4rLy//rPaQw4lNhsVFTiaOB7yrzfMaKa +q9mBuwsT9crZyvXnsOHYdowYNQNWmxf1mKyWKPX5/bgd91wSssE1ksR8oGx3UFzu +AgqIifw48k9ZhVcxmyGmmuP1Dm07Uh5o7XflukEIUxKw1sIiOJECeGhOPIN8/gsb +aOfBJcJY92mNz9eiCe5DSePE4Z1SfokVCZQ7q6N2wPiqxN8y3bxnDv+S1+BMqEmX +RkeVZjHp2jpLe3jP1sPuaWRPjF2SlwnBXzQvZnPo3uOq3n3WClyGIaV+4dUVRJqq +G2KR2NrkgiKDp8TTDdxNi/wDmhVzcBA+WSlja8TrMoDUIQAlH+U= +=bLJY -----END PGP SIGNATURE----- diff --git a/export/briar.pdf.minisig b/export/briar.pdf.minisig index 967544a..8e22481 100644 --- a/export/briar.pdf.minisig +++ b/export/briar.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/uMD8iZnuHPQr0OhwUxSLnyubADFvnwG8vrjHVfXlVz4whpsgiAJfU8xP+NAue6yOHhtABFdgEt1Sbnb/OSdOAg= -trusted comment: timestamp:1657491912 file:briar.pdf hashed -MBRgmOrpL3tQytCqgo/n4U5R7i94OB/F8dliPUH6lrajqOHt/B7J7SUfr9ZbuJBcSsdbL891n/QzTvThYKvzAA== +RUSn9xivowlq/ha/a91zR5Zxvuy6g2hc89HPeWppx4wwGC9EnrLziENycc6eySRYqWkbaRJ5fw6YW33fSSqIEFXOlCwc2ASPIAY= +trusted comment: timestamp:1657508061 file:briar.pdf hashed +i3Xz/ZFhoBe/5HOaWB7Q1GcsUHEXemWJR9/R9FiV1cajxFDahV9aVjNaCn2MSWd+5wDO4BzvefSV4JJWf+PJBg== diff --git a/export/chatrooms-rules.html.asc b/export/chatrooms-rules.html.asc index c317edd..6dc17c6 100644 --- a/export/chatrooms-rules.html.asc +++ b/export/chatrooms-rules.html.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUdcACgkQDCFqUvbf -SSCUqRAAuNCIEXksL4muJ5uMCFt6h9/pNXMkRPyKSG+2/JAkNvHcsg3ZyGEimEB+ -DrDd+NEHLIQQsgL1p1L2Bw5YOekv848LOB+rI9jZIyJ5DbDH8w4ZQGsLnVu4G+F8 -Fh6K7IFJ8TaHfZCM8lnciaAXEpERuP1zaixfdW8JEmvYyUCjww6lT9oWl/JsjajH -V2r03nyX2CKoDvZ7JuoKxL6llLGLqqHFvNLWRn8Cs66RBpe/WuXpAvx6X/zekyWC -Nei/MzZDQqBQrERWq9uQUqbw9Lsrq9GjV3yvxPhjGQn/xbXyzremPMtbAlCfwW3b -v5MoJr0kYgdkwqlrx+h5N/s6n+keZxEZ3xrX7fuMTy+uN5jQaK5CDQ1by0MsJQXw -qwxSxPQkKaT44y1M2PvoVUiFNmSFOFjCwm6inaNg+nJFEaq3Q20Lc+fTd5XTFQEi -dkj3P5QNyX91O9ump7kQ2X+RB1vU6PH/pGXntU7lGnJVfeUl6+TARc1jOh/OYNM8 -9mOpWgazvDmYZKK/2a6CvenBT6OG42R9M95pPSkOClWnw+iAsuoVlBjV13iQ1oGM -rOKgE+BjXjXJymDRuwsOu+yAcXY5taMhcVS3Gb3KttqIyJQ0Sn2A0Vq5mcul4YAZ -i4hrlmNn2uAkUpQoccvnaI7lr6zwPlT1DswV0JwmKY3H6RIExbU= -=wyxZ +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkOsACgkQDCFqUvbf +SSCShw//Y7Zl9fOQoXtmVDogZc9Ai89ieb1lHXYiDwVZsNwzaB+Yn1a1Bz80uQcj +e0dAOtokgLcs97OtGb44a4Ud/vRk9+FtZpUYeKm1hAlIdpKTvL7RtXc6ff5Eb8nJ +qk9NMI8evLIQn3cLs1d76QSGIIL4mzAXBNeW54QhnY1py47fpOMkacShy8x4Olpr +UVEjyC9T0aDNgefr1Q+e8On8eHVN2CSx3J6DjYG+YcZiFELSNVAmy4ZsdUxPw+jG +UBGHuUES2MHIBi2SVSQjBdEZKpQQBR5yfHGc4Y7z8xlYvCqxCO5FB40zdUVR/hQJ +uWK0VIUvQBF9P8Nd+27YF8SgBNIRr/n6Cr77v9+bsw8u/Aa1FDD/mMXPhQbX2qp9 +etjRAmqj9bWn950JZ0SZynrdOfK6jQeQZCjcEHUHKe6ok2aTUYmy5kfEAw4v37XO +HxsHKFa6SGXnfn+peVs9MZjXi+xIXBI1bBGVgdc0xgHw06CIz75zBjy3f9hnGoSb +YdTrSihXaiMJeRfbb2i+EhYvPLRdILUBmEDH0J+Xqj83MmBmzXbyH5+UDE5J22Ol +tYhhnRz5usDWK6rO41jj3LDsqxTrhA0mxkUyNM00IGETCDQhc0sIWRg4bGcPCeZJ +2jsLVa7SiiAo/4KgOjzT6d/+hxA/TDZxXFZRuMLTSlEnNl5zXYI= +=wnaW -----END PGP SIGNATURE----- diff --git a/export/chatrooms-rules.html.minisig b/export/chatrooms-rules.html.minisig index 0bec723..189e97d 100644 --- a/export/chatrooms-rules.html.minisig +++ b/export/chatrooms-rules.html.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key RUSn9xivowlq/igPyOURAm/g9H7JtSVlrntzMfQEZUGblHiD+QFYEdIKwVk/45zJp41F30MhqQZxO8xEEMQz5x7GEdeojio6cwY= -trusted comment: timestamp:1657491933 file:chatrooms-rules.html hashed -Pov/BgFpxejHIyK+94VfPAU6mh0zhsChNnQzSeDdFA/7aXKBA/hymejGJ0qjRyrJOmyRNN5XhTL3tJ86Q6rdCg== +trusted comment: timestamp:1657508080 file:chatrooms-rules.html hashed +UeTj4oZeLMD2vqPbt2lw4NnZt+v1RZCrzyvsJAZ29jRfUi8iwlOyOEN5Ll3XOoxAZZPgAguRRSfIkYQl7ceVCA== diff --git a/export/chatrooms-rules.odt b/export/chatrooms-rules.odt index d1a8be2..7426358 100644 Binary files a/export/chatrooms-rules.odt and b/export/chatrooms-rules.odt differ diff --git a/export/chatrooms-rules.odt.asc b/export/chatrooms-rules.odt.asc index b63c83f..99acaf6 100644 --- a/export/chatrooms-rules.odt.asc +++ b/export/chatrooms-rules.odt.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUd0ACgkQDCFqUvbf -SSBvrw/9Hh5AIXmC8d2G6Lti/P6o1Tjct9wX/gN7jun5lV97RHHPR66bY6tVmPUw -EqOHSEVXvwj5iSPgIdnRA+0P9TlWAnuUP645v0uqYTv/EtP3FERg7PLU/Rc6M/i+ -iv5ndOq1AucmOUcmeq3yg9j/MP3mCm5T8UvTaj4c2YAj0hJP1vnZWr/r+MNzXpw8 -zV4BfTlG9IqgUm8IxaVgIV2lq8x7tbpHMCh4WO8xbvExtGuvV6d8p9NDeFE6+59r -VvOCMh7Ms74AVP8RaAzIn1XkWrtcG7iheRF4OWRdtPU8wgFitcSGkq/PLWGLF/fE -YlABqOfkX4/ZEMgfhWgMXAJcSPmI07IYMGBmCnQSJUoqzxvz4qLg+CHu76mhRHcg -Aa621zJCXxzligd3xv88/C165JNI0STrzpbxIg96FQhrXqx9yHF4Fukn2ZmaR/ch -WxzXDXKkPPjl2aMt7EevQnBuJSXC99cEd27JIXjOl9/xSfniiBqTxwQS9svr1C0I -tfckjIWls42fVtg/2AGc+15yc0UAtcHrVQ5UJheiBIE1tPQcY1QrH/HoKeWKvMJl -DR/cmQAtB+4Gw7sNgSgm+lX9Yk9Aym1yGkCwD7jQdmBrZmT0w+4Td/07sCoRJ0SG -Z8q5Vc8VIgfPiKHIRRcmIMdrbt+a+dxqZ30BC7dl6jGGt8qKWcw= -=LMRe +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkPAACgkQDCFqUvbf +SSBsvA/9H/9SbGgTm1uCP3xLYQzRWnID+v9/uRPquG9FT3GdEIUGrk9Nzq2ztl2c +Vubf6+/9Px9Ya2KNhT8MIeKS1mu1HV0YV8OFlmdL/+a0cZ070HgQm2xJ2jS9dwzA +hihV72UlfIyzS8fdubFlEMi/Xmjot4jZPYH2t7OVlbGS92AZYWC4FncL80NvHSXP +k8wXxo2eVxyCTbcUmCjTYBJE07sjQcZ+nHIMELWtk2OhE+wDsTW9QLjQ81jTvpSm +KGtJQPxqNVhyqi9HpM9pMPzujBeHklfrdZjNl5A+YGilDg/BHUP1o/aAglgciY7P +cxXD5aySyWQlsOQ7YycnfGpxUOf7qX9/dDC2wOlKT99I1k4APISIofTmTvZyQ2Pj +BXvJZc1U14j8pojmA/B1Tx3KhU9YVSpCb45/51l21FY+4HmtUP8N3W6HdfdePE5E +EzAJbp1AvgtEDI1zVpajHVAfqwmupUjX00pVP7yPMzFL2xKSxrw2SVAZC72h+vXu +Q2rXFMAcjOusl7uOuTqqR3ohOsBRpl3gaPg8BCIjkNw1VDdkNMEt9eJYxDYKcqN3 +j08HgoXj2zO5ZJeaiwASxB6Q/42ZJyQgjg8XtcMM4xR+ZzLzvm17OEH4xOxyT9Be +0cfpTi5iwKZWBSPGUaEnlYR5Tl6n7wijw07DYYVfg1vmadOSSBo= +=OIMd -----END PGP SIGNATURE----- diff --git a/export/chatrooms-rules.odt.minisig b/export/chatrooms-rules.odt.minisig index 9587c78..c1e620c 100644 --- a/export/chatrooms-rules.odt.minisig +++ b/export/chatrooms-rules.odt.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/l1jpGx+8Ut6/RSYG4geOOiqc5qRzX52ct1+N6fwQbSFwIL3bKIUAfASBIyifPClZ67IBVPb+bN1b7VyymA8Tws= -trusted comment: timestamp:1657491939 file:chatrooms-rules.odt hashed -l0ntF6kgliVt2wILr8SsPgRcKMHI3QYI7v/yH+4wpn/es8tsQ/cFGbA2s3YkPYNfKqW9KU1Wev9rE60hJpK5BQ== +RUSn9xivowlq/gW5NC+6JZI+iZpwhSAUg7jsi7GyrOiOoxJ2Ah49DsVQvGkmwIjNUIuqnCNgfK4IddZBE308HVYsVJNCKz9CxAY= +trusted comment: timestamp:1657508084 file:chatrooms-rules.odt hashed +ayy10hy/jai+e2X/9SVJ3J1rn/zf/7Tzr1Ip/JiVmTMN9/A7Ypp55ZHFJqw7v21DdP2LNLBy2TmtmBwphONDDw== diff --git a/export/chatrooms-rules.pdf b/export/chatrooms-rules.pdf index b8cc0e2..430c0c4 100644 Binary files a/export/chatrooms-rules.pdf and b/export/chatrooms-rules.pdf differ diff --git a/export/chatrooms-rules.pdf.asc b/export/chatrooms-rules.pdf.asc index 34779a2..9a05cfb 100644 --- a/export/chatrooms-rules.pdf.asc +++ b/export/chatrooms-rules.pdf.asc @@ -1,16 +1,16 @@ -----BEGIN PGP SIGNATURE----- -iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLUeMACgkQDCFqUvbf -SSDFkw/8C8lqeHnPJXl2yl8/WehJ9I4D9kWIvk7vdFt4QSDlju7If3d7MSdYfJG1 -dXLzA6+rgtYvQjQnpW+7jYW7XCKhgdKgsze1Phh420Rs+iGGNtcMwNbh5B/UPGa7 -bTTHccAguTHAGbcp4FxR2f+/oWMVMI9ed2xm7V7Fcs9Gvc9MA5QJ6oq+5T0VvSES -Byeg5dn6HpXF3e9SoSuQI7JBR12ndb7aoZuICDke5OmOgCEx8TBoPuNnU3KSRwqy -zXdvdF2+CkW+ISfqIVpEqKwvAue+w4ChgKCMBCBst6LjsmVOniV+wM/octoxXcjD -cTyJ3n62sBc3gV5emfzKtR0zgk1LsehOZf8iitRbAuqADsT3v2FYnbdbf2Va/f0H -KdsVyfOG33CjjOuIqwpvGH6wrhh/d2G2caf5cp/NDXH77TH+HqQvr17fzUllb1Jb -rfqJz9HalZx7mj7LLPssm/svo8BO3wzzh6XXFh90PFc9aVaq5CGZNjf3axeV2tVK -8guHG/tAehDvmE09ZIciKOO+E29c4IRkyvY/JOqAkL4jtfXsGFGBcaLcAz/Exi42 -eJNwcmo7El2vXpebjA5HEaXD5DENJbazkpeRBadglkvwIbOrCus+fqTLBlUMqf65 -WVWSYcwuX63+jeqYvnhzDdb9dumcQJ9vwugo2iMq2e1nuzGravw= -=AxMY +iQIzBAABCgAdFiEEQv81253nwIirD9SnDCFqUvbfSSAFAmLLkPQACgkQDCFqUvbf +SSCw5w//b4YApTvUWtyZ/NdvUmMZQD9kOpQL4NEPeNtuQHgUOPW5tNQDjwsXUc1F +0bViawHtyhVfZWwMUsPVwPrxMBcfIh4Ho0tOwoLTWrzOKxnOMyTKg8UyUJaZvl6n +A/cifX771783FEekR3M34CzzhSPLhw/YXac/AcOiGNVVspmYRlneGjT86dmQJ/Lf +oOVgRFXPdoJ1xQIzG2TfJvqKUj0iQVdJjH8qaXwQjUCJ97IP8149jiGtNtXFwEYu +nA+U0KxHHKRO8k43sOD7VMnbXE0btb2Bn/GfAmDZUeL4sSEnI5ogWyFb2iBCYEdv +FpcLz1bNAyAJs1mBvCIcAiBEzc1zcLWA7xOXz0Q7gIcdIDBXTfN/Ji6m3rlzst2m +3tnYK85Cc8i3Wq4dPKUJP8hY6NwPnUKeiRheMu4d7hSmWBVCjjy4Eco9DxzhTkz6 +La7eUIWQWx1OCKZFSPbfeoZ98UN+PlcZscXoAAyi4FkzY7Y+eF7OwbnMNEJhIVNF +ItJOYyZwqTNaxfQRz3mkLb1567MMeqKjKsufapAqnWr+JKrRx4BIU790+qkgNHbC +tZCW1ePxWHWnsdtOzqSRqvoBaReitPpZLGBu9Uk1udDwyRSxbA73ffv/jw3oc/fL +whVpVuRS7sU20v1OmR2Qt20UoIluMfpsiTOCn+918z6rZ9xJ8Ss= +=ULcr -----END PGP SIGNATURE----- diff --git a/export/chatrooms-rules.pdf.minisig b/export/chatrooms-rules.pdf.minisig index 9e5f9be..222b64e 100644 --- a/export/chatrooms-rules.pdf.minisig +++ b/export/chatrooms-rules.pdf.minisig @@ -1,4 +1,4 @@ untrusted comment: signature from minisign secret key -RUSn9xivowlq/q8PXFSz0oTgAK0H6X2LPQyrLgT27I4+HAV8xGlu8PkL09Vka0BAMd74Von9QLa24ap+wL6AbRlEuOwhyLPH9wU= -trusted comment: timestamp:1657491945 file:chatrooms-rules.pdf hashed -zKIX5So/ls7KcxqBpoZhqobqjNmRSO1l5nDl1Kzyc+baRiTjUW2fkh517T+0iC5a/e+64c568OFju5g9kpwRAw== +RUSn9xivowlq/okTf5jH+y03Gslyh6YfST5u4Ag6D9ZMhGrZWeTd9ymFd1iBeuqMfsHV+DcDDXzBetG57bHhjsVXbhLH+w2g7gg= +trusted comment: timestamp:1657508089 file:chatrooms-rules.pdf hashed +UOgSkdyJYOknAqWqgthoApV5PL7kB24id3kEzywxvGxVvexaer/dZ5IBYcQ6J7b8bbkBU7TWvNv9G9LPVhKDDA== diff --git a/export/donations.html b/export/donations.html index f9e509b..9c06d20 100644 --- a/export/donations.html +++ b/export/donations.html @@ -21,22 +21,10 @@Donations to support this project are welcome as the funding of this project is limited. Those donations are mainly used to pay for Tor onion hosting (VPS), mail hosting, domain name registration, and to maintain/run Tor exit nodes. No profit is ever being made. All donations and spendings are being logged here below for transparency.
Current project donation goals:
Additional goals:
-Donate anonymously using Monero (XMR):
Here is the address for the main project:
@@ -44,10 +32,6 @@ Set-up more Tor Exit nodes if funding allows it.46crzj54eL493BA68pPT4A1MZyKQxrpZu9tVNsfsoa5nT85QqCt8cDTfy1fcTH1oyjdtUbhmpZ4QcVtfEXB337Ng6PS21ML
Here is the address for additional goals:
-coming soon
Donate using Bitcoin (BTC):
Here are the addresses for the main project:
1BBgBSVe6w4DWq2BewUQhDEjsNovhfPswD
____________________
-Here are the addresses for additional goals:
-coming soon
coming soon
Thank you for any contribution. All donations will be mentioned within this file.
Donations log (UTC date/time):
2011, HideMyAss user was de-anonymized, and logs were provided to the FBI288.
Some providers have implemented the use of a Warrant Canary289 that would allow their users to find out if they have been compromised by such orders, but this has not been tested yet as far as we know.
-Finally, it is now well known that some companies might be sponsored front ends for some state adversaries (see the Crypto AG story[^284] and Omnisec story290).
+Finally, it is now well known that some companies might be sponsored front ends for some state adversaries (see the Crypto AG story290 and Omnisec story291).
For these reasons, you mustn’t trust such providers for your privacy despite all their claims. In most cases, you will be the last person to know if any of your accounts were targeted by such orders and you might never know at all.
To mitigate this, in cases where you want to use a VPN, we will recommend the use of a cash/Monero-paid VPN provider over Tor to prevent the VPN service from knowing any identifiable information about you.
If the VPN provider knows nothing about you, it should mitigate any issue due to them not logging but logging anyway.
(Illustration: an excellent movie we highly recommend: Das Leben der Anderen291)
-Many advanced techniques can be used by skilled adversaries292 to bypass your security measures provided they already know where your devices are. Many of those techniques are detailed here https://cyber.bgu.ac.il/advanced-cyber/airgap [Archive.org] (Air-Gap Research Page, Cyber-Security Research Center, Ben-Gurion University of the Negev, Israel) but also in this report https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf [Archive.org] (ESET, JUMPING
+(Illustration: an excellent movie we highly recommend: Das Leben der Anderen292)
+Many advanced techniques can be used by skilled adversaries293 to bypass your security measures provided they already know where your devices are. Many of those techniques are detailed here https://cyber.bgu.ac.il/advanced-cyber/airgap [Archive.org] (Air-Gap Research Page, Cyber-Security Research Center, Ben-Gurion University of the Negev, Israel) but also in this report https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf [Archive.org] (ESET, JUMPING
THE AIR GAP: 15 years of nation-state effort) and include:
Attacks requiring malware implants:
@@ -1227,14 +1227,14 @@Attacks not requiring malware:
Observing a blank wall in a room from a distance to figure how many people are in a room and what they are doing293. Publication with demonstration: http://wallcamera.csail.mit.edu/ [Archive.org]
Observing a reflective bag of snacks in a room from a distance to reconstruct the entire room294. Publication with photographic examples: https://arxiv.org/pdf/2001.04642.pdf [Archive.org]
Measuring floor vibrations to identify individuals and determine their health condition and mood295. Publication with demonstration: https://engineering.cmu.edu/news-events/news/2020/02/17-mauraders-map.html [Archive.org]
Observing a light bulb from a distance to listen to the sound in the room296 without any malware: Demonstration: https://www.youtube.com/watch?v=t32QvpfOHqw [Invidious]. It should be noted that this type of attack is not new at all and there have been articles about such techniques as far back as 2013297 and that you can even buy devices to perform this yourself such as here: http://www.gcomtech.com/ccp0-prodshow/laser-surveillance-laser-listening.html [Archive.org]
Observing a blank wall in a room from a distance to figure how many people are in a room and what they are doing294. Publication with demonstration: http://wallcamera.csail.mit.edu/ [Archive.org]
Observing a reflective bag of snacks in a room from a distance to reconstruct the entire room295. Publication with photographic examples: https://arxiv.org/pdf/2001.04642.pdf [Archive.org]
Measuring floor vibrations to identify individuals and determine their health condition and mood296. Publication with demonstration: https://engineering.cmu.edu/news-events/news/2020/02/17-mauraders-map.html [Archive.org]
Observing a light bulb from a distance to listen to the sound in the room297 without any malware: Demonstration: https://www.youtube.com/watch?v=t32QvpfOHqw [Invidious]. It should be noted that this type of attack is not new at all and there have been articles about such techniques as far back as 2013298 and that you can even buy devices to perform this yourself such as here: http://www.gcomtech.com/ccp0-prodshow/laser-surveillance-laser-listening.html [Archive.org]
Here is also a good video from the same authors to explain those topics: Black Hat, The Air-Gap Jumpers https://www.youtube.com/watch?v=YKRtFgunyj4 [Invidious]
-Realistically, this guide will be of little help against such adversaries as such malware could be implanted on the devices by a manufacturer, anyone in the middle298, or by anyone with physical access to the air-gapped computer but there are still some ways to mitigate such techniques:
+Realistically, this guide will be of little help against such adversaries as such malware could be implanted on the devices by a manufacturer, anyone in the middle299, or by anyone with physical access to the air-gapped computer but there are still some ways to mitigate such techniques:
Do not conduct sensitive activity while connected to an untrusted/unsecured power line to prevent power line leaks.
Do not use your devices in front of a camera that could be compromised.
Personally, in the context of this guide, it is also interesting to have a look at your security model. And in this context,we only have one to recommend:
-Zero-Trust Security299 (“Never trust, always verify”).
+Zero-Trust Security300 (“Never trust, always verify”).
Here are some various resources about what Zero-Trust Security is:
DEFCON, Zero Trust a Vision for Securing Cloud, https://www.youtube.com/watch?v=euSsqXO53GY [Invidious]
The Whonix route.
The Qubes OS route (best but requires budget/time and some skills).
If you want system-wide plausible deniability300‘301 despite the risks302’303, consider:
+If you want system-wide plausible deniability301‘302 despite the risks303’304, consider:
The Tails Route including the persistent plausible deniability section (see Persistent Plausible Deniability using Whonix within Tails).
The Whonix Route (This is possible on both Windows and Linux but will require more skills to achieve on Linux).
You might be asking yourself: “How do I know if I’m in a hostile online environment where activities are actively monitored and blocked?”
First read more about it at the EFF here: https://ssd.eff.org/en/module/understanding-and-circumventing-network-censorship [Archive.org]
Check some data yourself here on the Tor Project OONI304 (Open Observatory of Network Interference) website: https://explorer.ooni.org/
Check some data yourself here on the Tor Project OONI305 (Open Observatory of Network Interference) website: https://explorer.ooni.org/
Have a look at https://censoredplanet.org/ and see if they have data about your country.
Specific to China, look at https://gfwatch.org/ and https://www.usenix.org/system/files/sec21-hoang.pdf [Archive.org]
Test for yourself using OONI (this can be risky in a hostile environment).
You should test that the phone is in working order before going to the next step. But we will repeat ourselves and state that it is important to leave your smartphone at home when going (or turn it off before leaving if you must keep it) and that you test the phone at a random location that cannot be tracked back to you (and again, do not do that in front of a CCTV, avoid cameras, be aware of your surroundings). No need for Wi-Fi at this place either.
When you are certain the phone is in working order, disable Bluetooth then power it off (remove the battery if you can) and go back home and resume your normal activities. Go to the next step.
This is the hardest part of the whole guide. It is a SPOF (Single Point of Failure). The places where you can still buy prepaid SIM cards without ID registration are getting increasingly limited due to various KYC type regulations305.
+This is the hardest part of the whole guide. It is a SPOF (Single Point of Failure). The places where you can still buy prepaid SIM cards without ID registration are getting increasingly limited due to various KYC type regulations306.
So here is a list of places where you can still get them now: https://prepaid-data-sim-card.fandom.com/wiki/Registration_Policies_Per_Country [Archive.org]
You should be able to find a place that is “not too far” and just go there physically to buy some pre-paid cards and top-up vouchers with cash. Do verify that no law was passed before going that would make registration mandatory (in case the above wiki was not updated). Try to avoid CCTV and cameras and do not forget to buy a Top-Up voucher with the SIM card (if it is not a package) as most pre-paid cards will require a top-up before use.
See Appendix N: Warning about smartphones and smart devices
@@ -1506,7 +1506,7 @@Skip this step if you have no intention of creating anonymous accounts on most mainstream platforms but just want anonymous browsing or if the platforms you will use allow registration without a phone number.
Get at least one or two decent size generic USB keys (at least 16GB but we would recommend 32GB).
Please do not buy or use gimmicky self-encrypting devices such as these: https://syscall.eu/blog/2018/03/12/aigo_part1/ [Archive.org]
-Some might be very efficient306 but many are gimmicky gadgets that offer no real protection307.
+Some might be very efficient307 but many are gimmicky gadgets that offer no real protection308.
You need to find safe places where you will be able to do your sensitive activities using some publicly accessible Wi-Fi (without any account/ID registration, avoid CCTVs).
This can be anywhere that will not be tied to you directly (your home/work) and where you can use the Wi-Fi for a while without being bothered. But also, a place where you can do this without being “noticed” by anyone.
@@ -1579,7 +1579,7 @@However, the Safer level should be used with some extra precautions while using some websites: see Appendix A5: Additional browser precautions with JavaScript enabled.
Now, you are really done, and you can now surf the web anonymously from your Android device.
While the official Tor Browser is not yet available for iOS, there is an alternative called Onion Browser endorsed by the Tor Project308.
+While the official Tor Browser is not yet available for iOS, there is an alternative called Onion Browser endorsed by the Tor Project309.
Head over to https://apps.apple.com/us/app/onion-browser/id519296448
Install
You have very low IT skills
You decide to go with Tails anyway
Tails309 stands for The Amnesic Incognito Live System. It is a bootable Live Operating System running from a USB key that is designed for leaving no traces and forcing all connections through the Tor network.
+Tails310 stands for The Amnesic Incognito Live System. It is a bootable Live Operating System running from a USB key that is designed for leaving no traces and forcing all connections through the Tor network.
You insert the Tails USB key into your laptop, boot from it and you have a full operating system running with privacy and anonymity in mind. As soon as you shut down the computer, everything will be gone unless you saved it somewhere.
Tails is an amazingly straightforward way to get going in no time with what you have and without much learning. It has extensive documentation and tutorials.
-WARNING: Tails is not always up to date with their bundled software. And not always up to date with the Tor Browser updates either. You should always make sure you are using the latest version of Tails and you should use extreme caution when using bundled apps within Tails that might be vulnerable to exploits and reveal your location310.
+WARNING: Tails is not always up to date with their bundled software. And not always up to date with the Tor Browser updates either. You should always make sure you are using the latest version of Tails and you should use extreme caution when using bundled apps within Tails that might be vulnerable to exploits and reveal your location311.
It does however have some drawbacks:
Tails uses Tor and therefore you will be using Tor to access any resource on the internet. This alone will make you suspicious to most platforms where you want to create anonymous accounts (this will be explained in more detail later).
Your ISP (whether it is yours or some public Wi-Fi) will also see that you are using Tor, and this could make you suspicious in itself.
Tails does not include (natively) some of the software you might want to use later which will complicate things quite a bit if you want to run some specific things (Android Emulators for instance).
Tails uses Tor Browser which while it is very secure will be detected as well by most platforms and will hinder you in creating anonymous identities on many platforms.
Tails will not protect you more from the 5$ wrench311.
Tails will not protect you more from the 5$ wrench312.
Tor in itself might not be enough to protect you from an adversary with enough resources as explained earlier.
Important Note: If your laptop is monitored/supervised and some local restrictions are in place, please read Appendix U: How to bypass (some) local restrictions on supervised computers.
@@ -1699,7 +1699,7 @@When you are done and have a working Tails on your laptop, go to the Creating your anonymous online identities step much further in this guide or if you want persistence and plausible deniability, continue with the next section.
Consider checking the https://github.com/aforensics/HiddenVM [Archive.org] project for Tails.
-This project is a clever idea of a one-click self-contained VM solution that you could store on an encrypted disk using plausible deniability312 (see The Whonix route: first chapters and also for some explanations about Plausible deniability, as well as the How to securely delete specific files/folders/data on your HDD/SSD and Thumb drives: section at the end of this guide for more understanding).
+This project is a clever idea of a one-click self-contained VM solution that you could store on an encrypted disk using plausible deniability313 (see The Whonix route: first chapters and also for some explanations about Plausible deniability, as well as the How to securely delete specific files/folders/data on your HDD/SSD and Thumb drives: section at the end of this guide for more understanding).
This would allow the creation of a hybrid system mixing Tails with the Virtualization options of the Whonix route in this guide.
Note: See Pick your connectivity method in the Whonix Route for more explanations about Stream Isolation
@@ -1718,7 +1718,7 @@See https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis [Wikiless] [Archive.org]
CAUTION: Please see Appendix K: Considerations for using external SSD drives and Understanding HDD vs SSD sections if you consider storing such hidden VMs on an external SSD drive:
Do not use hidden volumes on SSD drives as this is not supported/recommended by Veracrypt313.
Do not use hidden volumes on SSD drives as this is not supported/recommended by Veracrypt314.
Use instead file containers instead of encrypted volumes.
Make sure you do know how to clean data from an external SSD drive properly.
Better custom Secure Boot settings (where you can selectively manage all the keys and not just use the Standard ones)
HDD/SSD passwords in addition to just BIOS/UEFI passwords.
AMD laptops could be more interesting as some provide the ability to disable AMD PSP (the AMD equivalent of Intel IME) from the BIOS/UEFI settings by default. And, because AFAIK, AMD PSP was audited and contrary to IME was not found to have any “evil” functionalities314. However, if you are going for the Qubes OS Route consider Intel CPUs as Qubes OS does not support AMD with their anti-evil-maid system315.
AMD laptops could be more interesting as some provide the ability to disable AMD PSP (the AMD equivalent of Intel IME) from the BIOS/UEFI settings by default. And, because AFAIK, AMD PSP was audited and contrary to IME was not found to have any “evil” functionalities315. However, if you are going for the Qubes OS Route consider Intel CPUs as Qubes OS does not support AMD with their anti-evil-maid system316.
Secure Wipe tools from the BIOS (especially useful for SSD/NVMe drives, see Appendix M: BIOS/UEFI options to wipe disks in various Brands).
Better control over the disabling/enabling of select peripherals (USB ports, Wi-Fis, Bluetooth, Camera, Microphone …).
Better security features with Virtualization.
Disable USB/HDMI or any other port (Ethernet, Firewire, SD card …) if you can.
Disable Intel ME if you can (odds are very high you can’t).
Disable AMD PSP if you can (AMD’s equivalent to IME, see Your CPU)
Disable Secure Boot if you intend to use Qubes OS as they do not support it out of the box316. Keep it on if you intend to use Linux/Windows.
Disable Secure Boot if you intend to use Qubes OS as they do not support it out of the box317. Keep it on if you intend to use Linux/Windows.
Check if your laptop BIOS has a secure erase option for your HDD/SSD that could be convenient in case of need.
Only enable those on a “need to use” basis and disable them again after use. This can help mitigate some attacks in case your laptop is seized while locked but still on OR if you had to shut it down rather quickly and someone took possession of it (this topic will be explained later in this guide).
So, what is Secure Boot317? In short, it is a UEFI security feature designed to prevent your computer from booting an operating system from which the bootloader was not signed by specific keys stored in the UEFI firmware of your laptop.
-When the operating system (or the Bootloader318) supports it, you can store the keys of your bootloader in your UEFI firmware, and this will prevent booting up any unauthorized Operating System (such as a live OS USB or anything similar).
+So, what is Secure Boot318? In short, it is a UEFI security feature designed to prevent your computer from booting an operating system from which the bootloader was not signed by specific keys stored in the UEFI firmware of your laptop.
+When the operating system (or the Bootloader319) supports it, you can store the keys of your bootloader in your UEFI firmware, and this will prevent booting up any unauthorized Operating System (such as a live OS USB or anything similar).
Secure Boot settings are protected by the password you set up to access the BIOS/UEFI settings. If you have that password, you can disable Secure Boot and allow unsigned OSes to boot on your system. This can help mitigate some Evil-Maid attacks (explained later in this guide).
In most cases, Secure Boot is disabled by default or is enabled but in “setup” mode which will allow any system to boot. For Secure Boot to work, your Operating System will have to support it and then sign its bootloader and push those signing keys to your UEFI firmware. After that, you will have to go to your BIOS/UEFI settings and save those pushed keys from your OS and change the Secure Boot from setup to user mode (or custom mode in some cases).
After doing that step, only the Operating Systems from which your UEFI firmware can verify the integrity of the bootloader will be able to boot.
@@ -1829,29 +1829,29 @@You should also enable firmware password reset protection (available from Catalina) according to the documentation here: https://support.apple.com/en-gb/guide/security/sec28382c9ca/web [Archive.org]
This feature will mitigate the possibility for some adversaries to use hardware hacks to disable/bypass your firmware password. Note that this will also prevent Apple themselves from accessing the firmware in case of repair.
At some point, you will inevitably leave this laptop alone somewhere. You will not sleep with it and take it everywhere every single day. You should make it as hard as possible for anyone to tamper with it without you noticing it. This is mostly useful against some limited adversaries that will not use a 5$ wrench against you319.
+At some point, you will inevitably leave this laptop alone somewhere. You will not sleep with it and take it everywhere every single day. You should make it as hard as possible for anyone to tamper with it without you noticing it. This is mostly useful against some limited adversaries that will not use a 5$ wrench against you320.
It is important to know that it is trivially easy for some specialists to install a key logger in your laptop, or to just make a clone copy of your hard drive that could later allow them to detect the presence of encrypted data in it using forensic techniques (more on that later).
-Here is a good cheap method to make your laptop tamper-proof using Nail Polish (with glitter) https://mullvad.net/en/help/how-tamper-protect-laptop/ [Archive.org] 320 (with pictures).
+Here is a good cheap method to make your laptop tamper-proof using Nail Polish (with glitter) https://mullvad.net/en/help/how-tamper-protect-laptop/ [Archive.org] 321 (with pictures).
While this is a good cheap method, it could also raise suspicions as it is quite “noticeable” and might just reveal that you “have something to hide”. So, there are more subtle ways of achieving the same result. You could also for instance make a close-up macro photography of the back screws of your laptop or just use a small amount of candle wax within one of the screws that could just look like usual dirt. You could then check for tampering by comparing the photographs of the screws with new ones. Their orientation might have changed a bit if your adversary was not careful enough (Tightening them exactly the same way they were before). Or the wax within the bottom of a screw head might have been damaged compared to before.
The same techniques can be used with USB ports where you could just put a tiny amount of candle wax within the plug that would be damaged by inserting a USB key in it.
In riskier environments, check your laptop for tampering before using it regularly.
This route will make extensive use of Virtual Machines321, they will require a host OS to run the Virtualization software. You have three recommended choices in this part of the guide:
+This route will make extensive use of Virtual Machines322, they will require a host OS to run the Virtualization software. You have three recommended choices in this part of the guide:
Your Linux distribution of choice (excluding Qubes OS)
Windows 10/11 (preferably Home edition due to the absence of Bitlocker)
macOS (Catalina or higher up to Monterey)
In addition, chances are high that your Mac is or has been tied to an Apple account (at the time of purchase or after signing-in) and therefore its unique hardware identifiers could lead back to you in case of hardware identifiers leak.
-Linux is also not necessarily the best choice for anonymity depending on your threat model. This is because using Windows will allow us to conveniently use Plausible Deniability322 (aka Deniable Encryption323) easily at the OS level. Windows is also unfortunately at the same time a privacy nightmare324 but is the only easy to set up option for using OS-wide plausible deniability. Windows telemetry and telemetry blocking are also widely documented which should mitigate many issues.
-So, what is Plausible Deniability? You can cooperate with an adversary requesting access to your device/data without revealing your true secret. All this using Deniable Encryption325.
-A soft lawful adversary could ask for your encrypted laptop password. At first, you could refuse to give out any password (using your “right to remain silent”, “right not to incriminate yourself”) but some countries are implementing laws326’327 to exempt this from such rights (because terrorists and “think of the children”). In that case, you might have to reveal the password or face jail time in contempt of court. This is where plausible deniability will come into play.
+Linux is also not necessarily the best choice for anonymity depending on your threat model. This is because using Windows will allow us to conveniently use Plausible Deniability323 (aka Deniable Encryption324) easily at the OS level. Windows is also unfortunately at the same time a privacy nightmare325 but is the only easy to set up option for using OS-wide plausible deniability. Windows telemetry and telemetry blocking are also widely documented which should mitigate many issues.
+So, what is Plausible Deniability? You can cooperate with an adversary requesting access to your device/data without revealing your true secret. All this using Deniable Encryption326.
+A soft lawful adversary could ask for your encrypted laptop password. At first, you could refuse to give out any password (using your “right to remain silent”, “right not to incriminate yourself”) but some countries are implementing laws327’328 to exempt this from such rights (because terrorists and “think of the children”). In that case, you might have to reveal the password or face jail time in contempt of court. This is where plausible deniability will come into play.
You could then reveal a password, but that password will only give access to “plausible data” (a decoy OS). The forensics will be well aware that it is possible for you to have hidden data but should not be able to prove this (if you do this right). You will have cooperated, and the investigators will have access to something but not what you actually want to hide. Since the burden of proof should lie on their side, they will have no options but to believe you unless they have proof that you have hidden data.
This feature can be used at the OS level (a plausible OS and a hidden OS) or at the files level where you will have an encrypted file container (similar to a zip file) where different files will be shown depending on the encryption password you use.
This also means you could set up your own advanced “plausible deniability” setup using any Host OS by storing for instance Virtual Machines on a Veracrypt hidden volume container (be careful of traces in the Host OS tho that would need to be cleaned if the host OS is persistent, see Some additional measures against forensics section later). There is a project for achieving this within Tails (https://github.com/aforensics/HiddenVM [Archive.org]) which would make your Host OS non-persistent and use plausible deniability within Tails.
-In the case of Windows, plausible deniability is also the reason you should ideally have Windows 10/11 Home (and not Pro). This is because Windows 10/11 Pro natively offers a full-disk encryption system (Bitlocker328) where Windows 10/11 Home offers no full-disk encryption at all. You will later use third-party open-source software for encryption that will allow full-disk encryption on Windows 10/11 Home. This will give you a good (plausible) excuse to use this software. While using this software on Windows 10/11 Pro would be suspicious.
+In the case of Windows, plausible deniability is also the reason you should ideally have Windows 10/11 Home (and not Pro). This is because Windows 10/11 Pro natively offers a full-disk encryption system (Bitlocker329) where Windows 10/11 Home offers no full-disk encryption at all. You will later use third-party open-source software for encryption that will allow full-disk encryption on Windows 10/11 Home. This will give you a good (plausible) excuse to use this software. While using this software on Windows 10/11 Pro would be suspicious.
Note about Linux: So, what about Linux and plausible deniability? Yes, it is possible to achieve plausible deniability with Linux too. More information within the Linux Host OS section later.
Unfortunately, encryption is not magic and there are some risks involved:
Plausible deniability is only effective against soft lawful adversaries that will not resort to physical means. Avoid, if possible, the use of plausible deniability-capable software (such as Veracrypt) if your threat model includes hard adversaries. So, Windows users should in that case install Windows Pro as a Host OS and use Bitlocker instead.
See https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis [Wikiless] [Archive.org]
Evil Maid Attacks329 are conducted when someone tampers with your laptop while you are away. To install to clone your hard drive, install malware or a key logger. If they can clone your hard drive, they can compare one image of your hard drive at the time they took it while you were away with the hard drive when they seize it from you. If you used the laptop again in between, forensics examiners might be able to prove the existence of the hidden data by looking at the variations between the two images in what should be an empty/unused space. This could lead to compelling evidence of the existence of hidden data. If they install a key logger or malware within your laptop (software or hardware), they will be able to simply get the password from you for later use when they seize it. Such attacks can be done at your home, your hotel, a border crossing, or anywhere you leave your devices unattended.
+Evil Maid Attacks330 are conducted when someone tampers with your laptop while you are away. To install to clone your hard drive, install malware or a key logger. If they can clone your hard drive, they can compare one image of your hard drive at the time they took it while you were away with the hard drive when they seize it from you. If you used the laptop again in between, forensics examiners might be able to prove the existence of the hidden data by looking at the variations between the two images in what should be an empty/unused space. This could lead to compelling evidence of the existence of hidden data. If they install a key logger or malware within your laptop (software or hardware), they will be able to simply get the password from you for later use when they seize it. Such attacks can be done at your home, your hotel, a border crossing, or anywhere you leave your devices unattended.
You can mitigate this attack by doing the following (as recommended earlier):
Have basic tamper protection (as explained previously) to prevent physical access to the internals of the laptop without your knowing. This will prevent them from cloning your disks and installing a physical key logger without your knowledge.
Some OSes and Encryption software have anti-EvilMaid protection that can be enabled. This is the case with Windows/Veracrypt and QubeOS (only on Intel CPUs).
Cold Boot attacks330 are trickier than the Evil Maid Attack but can be part of an Evil Maid attack as it requires an adversary to come into possession of your laptop while you are actively using your device or shortly afterward.
-The idea is rather simple, as shown in this video331, an adversary could theoretically quickly boot your device on a special USB key that would copy the content of the RAM (the memory) of the device after you shut it down. If the USB ports are disabled or if they feel like they need more time, they could open it and “cool down” the memory using a spray or other chemicals (liquid nitrogen for instance) preventing the memory from decaying. They could then be able to copy its content for analysis. This memory dump could contain the key to decrypt your device. You will later apply a few principles to mitigate these.
-In the case of Plausible Deniability, there have been some forensics studies332 about technically proving the presence of the hidden data with a simple forensic examination (without a Cold Boot/Evil Maid Attack) but these have been contested by other studies333 and by the maintainer of Veracrypt334 so we would not worry too much about those yet.
+Cold Boot attacks331 are trickier than the Evil Maid Attack but can be part of an Evil Maid attack as it requires an adversary to come into possession of your laptop while you are actively using your device or shortly afterward.
+The idea is rather simple, as shown in this video332, an adversary could theoretically quickly boot your device on a special USB key that would copy the content of the RAM (the memory) of the device after you shut it down. If the USB ports are disabled or if they feel like they need more time, they could open it and “cool down” the memory using a spray or other chemicals (liquid nitrogen for instance) preventing the memory from decaying. They could then be able to copy its content for analysis. This memory dump could contain the key to decrypt your device. You will later apply a few principles to mitigate these.
+In the case of Plausible Deniability, there have been some forensics studies333 about technically proving the presence of the hidden data with a simple forensic examination (without a Cold Boot/Evil Maid Attack) but these have been contested by other studies334 and by the maintainer of Veracrypt335 so we would not worry too much about those yet.
The same measures used to mitigate Evil Maid attacks should be in place for Cold Boot attacks with some added ones:
If your OS or Encryption software allows it, you should consider encrypting the keys within RAM too (this is possible with Windows/Veracrypt and will be explained later). Again see https://sourceforge.net/p/veracrypt/discussion/technical/thread/3961542951/ [Archive.org]
Do enable the option to Wipe keys from memory if a device is inserted in Veracrypt.
You should limit the use of Sleep stand-by and instead use Shutdown or Hibernate to prevent the encryption keys from staying in RAM when your computer goes to sleep. This is because sleep will maintain power in your memory for resuming your activity faster. Only hibernation and shutdown will actually clear the key from the memory335.
You should limit the use of Sleep stand-by and instead use Shutdown or Hibernate to prevent the encryption keys from staying in RAM when your computer goes to sleep. This is because sleep will maintain power in your memory for resuming your activity faster. Only hibernation and shutdown will actually clear the key from the memory336.
See also https://www.whonix.org/wiki/Cold_Boot_Attack_Defense [Archive.org] and https://www.whonix.org/wiki/Protection_Against_Physical_Attacks [Archive.org]
Here are also some interesting tools to consider for Linux users to defend against these:
@@ -1898,14 +1898,14 @@Here are some examples of such leaks:
Windows ShellBags that are stored within the Windows Registry silently storing various histories of accessed volumes/files/folders336.
Windows Indexing keeping traces of the files present in your user folder by default337.
Recent lists (aka Jump Lists) in Windows and various apps keeping traces of recently accessed documents338.
Windows ShellBags that are stored within the Windows Registry silently storing various histories of accessed volumes/files/folders337.
Windows Indexing keeping traces of the files present in your user folder by default338.
Recent lists (aka Jump Lists) in Windows and various apps keeping traces of recently accessed documents339.
Many more traces in various logs, please see this convenient interesting poster for more insight: https://www.sans.org/security-resources/posters/windows-forensic-analysis/170/download [Archive.org]
Gatekeeper339 and XProtect keeping track of your download history in a local database and file attributes.
Gatekeeper340 and XProtect keeping track of your download history in a local database and file attributes.
Spotlight Indexing
Recent lists in various apps keeping traces of recently accessed documents.
Temporary folders keeping various traces of App usage and Document usage.
For other distros, you will have to document yourself, but it will likely be similar. Encryption during install is just much easier in the context of this guide.
There are several ways to achieve plausible deniability on Linux340 and it is possible to achieve. Here are some more details about some of the ways we would recommend. All these options require some higher level of skills at using Linux.
+There are several ways to achieve plausible deniability on Linux341 and it is possible to achieve. Here are some more details about some of the ways we would recommend. All these options require some higher level of skills at using Linux.
While not supported yet by this guide, it is possible to achieve a form of deniability on Linux using LUKS by using detached LUKS headers. For now, we will redirect you toward this page for more information: https://wiki.archlinux.org/title/Dm-crypt/Specialties#Encrypted_system_using_a_detached_LUKS_header [Archive.org]
See Appendix B: Windows Additional Privacy Settings
Veracrypt341 is the software we will recommend for full-disk encryption, file encryption, and plausible deniability. It is a fork of the well-known but deprecated and unmaintained TrueCrypt. It can be used for:
+Veracrypt342 is the software we will recommend for full-disk encryption, file encryption, and plausible deniability. It is a fork of the well-known but deprecated and unmaintained TrueCrypt. It can be used for:
Full Disk simple encryption (your hard drive is encrypted with one passphrase).
Full Disk encryption with plausible deniability (this means that depending on the passphrase entered at boot, you will either boot a decoy OS or a hidden OS).
File container simple encryption (it is a large file that you will be able to mount within Veracrypt as if it were an external drive to store encrypted files within).
File container with plausible deniability (it is the same large file but depending on the passphrase you use when mounting it, you will either mount a “hidden volume” or the “decoy volume”).
It is to my knowledge the only (convenient and usable by anyone) free, open-source, and openly audited342 encryption software that also provides plausible deniability for widespread use and it works with Windows Home Edition.
+It is to my knowledge the only (convenient and usable by anyone) free, open-source, and openly audited343 encryption software that also provides plausible deniability for widespread use and it works with Windows Home Edition.
Go ahead and download and install Veracrypt from: https://www.veracrypt.fr/en/Downloads.html [Archive.org]
After installation, please take a moment to review the following options that will help mitigate some attacks:
Encrypt the memory with a Veracrypt option343 (settings > performance/driver options > encrypt RAM) at a cost of 5-15% performance. This setting will also disable hibernation (which does not actively clear the key when hibernating) and instead encrypt the memory altogether to mitigate some cold-boot attacks. More details about this feature here: https://sourceforge.net/p/veracrypt/discussion/technical/thread/3961542951/ [Archive.org]
Encrypt the memory with a Veracrypt option344 (settings > performance/driver options > encrypt RAM) at a cost of 5-15% performance. This setting will also disable hibernation (which does not actively clear the key when hibernating) and instead encrypt the memory altogether to mitigate some cold-boot attacks. More details about this feature here: https://sourceforge.net/p/veracrypt/discussion/technical/thread/3961542951/ [Archive.org]
Enable the Veracrypt option to wipe the keys from memory if a new device is inserted (system > settings > security > clear keys from memory if a new device is inserted). This could help in case your system is seized while still on (but locked).
Enable the Veracrypt option to mount volumes as removable volumes (Settings > Preferences > Mount volume as removable media). This will prevent Windows from writing some logs about your mounts in the Event logs344 and prevent some local data leaks.
Enable the Veracrypt option to mount volumes as removable volumes (Settings > Preferences > Mount volume as removable media). This will prevent Windows from writing some logs about your mounts in the Event logs345 and prevent some local data leaks.
Be careful and have a good situational awareness if you sense something weird. Shut your laptop down as fast as possible.
If you do not want to use encrypted memory (because performance might be an issue), you should at least enable hibernation instead of sleep. This will not clear the keys from memory (you are still vulnerable to cold boot attacks) but at least should mitigate them if your memory has enough time to decay.
@@ -2142,8 +2142,8 @@Encryption should now be started in the background (you can check by clicking the Bitlocker icon on the lower right side of the taskbar).
Unfortunately, this is not enough. With this setup, your Bitlocker key can just be stored as-is in the TPM chip of your computer. This is rather problematic as the key can be extracted in some cases with ease345‘346’347’348.
-To mitigate this, you will have to enable a few more options as per the recommendations of Microsoft349:
+Unfortunately, this is not enough. With this setup, your Bitlocker key can just be stored as-is in the TPM chip of your computer. This is rather problematic as the key can be extracted in some cases with ease346‘347’348’349.
+To mitigate this, you will have to enable a few more options as per the recommendations of Microsoft350:
Click the Windows icon
Type Run
Requires Windows (this feature is not “easily” supported on Linux).
The danger of online Data leaks
Requires full wipe of your laptop
No use with an SSD drive due to the requirement of disabling Trim350 Operations351. This will severely degrade the performance/health of your SSD drive over time.
No use with an SSD drive due to the requirement of disabling Trim351 Operations352. This will severely degrade the performance/health of your SSD drive over time.
Enter a strong passphrase (longer the better, remember Appendix A2: Guidelines for passwords and passphrases)
Collect some entropy by randomly moving your cursor around until the bar is full
Click Next as the Generated Keys screen
To rescue disk352 or not rescue disk, well that is up to you. We recommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it.
To rescue disk353 or not rescue disk, well that is up to you. We recommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it.
Wipe mode:
If you have no sensitive data yet on this laptop, select None
If you have sensitive data on an SSD, Trim alone should take care of it353 but we would recommend one pass (random data) just to be sure.
If you have sensitive data on an SSD, Trim alone should take care of it354 but we would recommend one pass (random data) just to be sure.
If you have sensitive data on an HDD, there is no Trim, and we Swould recommend at least 1-pass.
Test your setup. Veracrypt will now reboot your system to test the bootloader before encryption. This test must pass for encryption to go forward.
Wipe your currently running Windows 10/11.
This means that your current Windows 10/11 will become the hidden Windows 10/11 and that you will need to reinstall a fresh decoy Windows 10/11 OS.
Mandatory if you have an SSD drive and you still want to do this against the recommendation: Disable SSD Trim in Windows354 (again this is NOT recommended at all as disabling Trim in itself is highly suspicious). Also as mentioned earlier, disabling Trim will reduce the lifetime of your SSD drive and will significantly impact its performance over time (your laptop will become slower and slower over several months of use until it becomes almost unusable, you will then have to clean the drive and re-install everything). But you must do it to prevent data leaks355 that could allow forensics to defeat your plausible deniability356357. The only way around this at the moment is to have a laptop with a classic HDD drive instead.
+Mandatory if you have an SSD drive and you still want to do this against the recommendation: Disable SSD Trim in Windows355 (again this is NOT recommended at all as disabling Trim in itself is highly suspicious). Also as mentioned earlier, disabling Trim will reduce the lifetime of your SSD drive and will significantly impact its performance over time (your laptop will become slower and slower over several months of use until it becomes almost unusable, you will then have to clean the drive and re-install everything). But you must do it to prevent data leaks356 that could allow forensics to defeat your plausible deniability357358. The only way around this at the moment is to have a laptop with a classic HDD drive instead.
See Appendix C: Windows Installation Media Creation and go with the USB key route.
Enter a short weak password (yes this is serious, do it, it will be explained later).
Collect some entropy by randomly moving your cursor around until the bar is full
Click Next as the Generated Keys screen
To rescue disk358 or not rescue disk, well that is up to you. We recommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it.
To rescue disk359 or not rescue disk, well that is up to you. We recommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it.
Wipe mode: Select 1-Pass just to be safe
Pre-Test your setup. Veracrypt will now reboot your system to test the bootloader before encryption. This test must pass for encryption to go forward.
After your computer rebooted and the test is passed. You will be prompted by Veracrypt to start the encryption process.
Remember Appendix W: Virtualization.
This step and the following steps should be done from within the Host OS. This can either be your Host OS with simple encryption (Windows/Linux/macOS) or your Hidden OS with plausible deniability (Windows only).
-In this route, you will make extensive use of the free Oracle Virtualbox359 software. This is a virtualization software in which you can create Virtual Machines that emulate a computer running a specific OS (if you want to use something else like Xen, Qemu, KVM, or VMWARE, feel free to do so but this part of the guide covers Virtualbox only for convenience).
-So, you should be aware that Virtualbox is not the virtualization software with the best track record in terms of security and some of the reported issues360 have not been completely fixed to this date361 and if you are using Linux with a bit more technical skills, you should consider using KVM instead by following the guide available at Whonix here https://www.whonix.org/wiki/KVM [Archive.org] and here https://www.whonix.org/wiki/KVM#Why_Use_KVM_Over_VirtualBox.3F [Archive.org]
+In this route, you will make extensive use of the free Oracle Virtualbox360 software. This is a virtualization software in which you can create Virtual Machines that emulate a computer running a specific OS (if you want to use something else like Xen, Qemu, KVM, or VMWARE, feel free to do so but this part of the guide covers Virtualbox only for convenience).
+So, you should be aware that Virtualbox is not the virtualization software with the best track record in terms of security and some of the reported issues361 have not been completely fixed to this date362 and if you are using Linux with a bit more technical skills, you should consider using KVM instead by following the guide available at Whonix here https://www.whonix.org/wiki/KVM [Archive.org] and here https://www.whonix.org/wiki/KVM#Why_Use_KVM_Over_VirtualBox.3F [Archive.org]
Some steps should be taken in all cases:
All your sensitive activities will be done from within a guest Virtual Machine running Windows 10/11 Pro (not Home this time), Linux, or macOS.
This has a few advantages that will help you remain anonymous:
@@ -2511,11 +2511,11 @@If an adversary somehow manages to compromise the Tor network too, they will only reveal the IP of a random public Wi-Fi that is not tied to your identity.
If an adversary somehow compromises your VM OS (with malware or an exploit for instance), they will be trapped within the internal Network of Whonix and should be unable to reveal the IP of the public Wi-Fi.
-This solution however has one main drawback to consider: Interference with Tor Stream Isolation362.
+This solution however has one main drawback to consider: Interference with Tor Stream Isolation363.
Stream isolation is a mitigation technique used to prevent some correlation attacks by having different Tor Circuits for each application. Here is an illustration to show what stream isolation is:
(Illustration from Marcelo Martins, https://stakey.club/en/decred-via-tor-network/ [Archive.org])
-VPN/Proxy over Tor falls on the right-side363 meaning using a VPN/Proxy over Tor forces Tor to use one circuit for all activities instead of multiple circuits for each. This means that using a VPN/Proxy over Tor can reduce the effectiveness of Tor in some cases and should therefore be used only for some specific cases:
+VPN/Proxy over Tor falls on the right-side364 meaning using a VPN/Proxy over Tor forces Tor to use one circuit for all activities instead of multiple circuits for each. This means that using a VPN/Proxy over Tor can reduce the effectiveness of Tor in some cases and should therefore be used only for some specific cases:
When your destination service does not allow Tor Exit nodes.
When you do not mind using a shared Tor circuit for various services. For instance, when using various authenticated services.
See Appendix O: Getting an anonymous VPN/Proxy
Skip this step if you cannot use Tor.
-This route will use Virtualization and Whonix364 as part of the anonymization process. Whonix is a Linux distribution composed of two Virtual Machines:
+This route will use Virtualization and Whonix365 as part of the anonymization process. Whonix is a Linux distribution composed of two Virtual Machines:
The Whonix Workstation (this is a VM where you can conduct sensitive activities)
The Whonix Gateway (this VM will establish a connection to the Tor network and route all the network traffic from the Workstation through the Tor network).
You will be able to decide which flavor to use based on my recommendations. We recommend the second one as explained before.
Whonix is well maintained and has extensive and incredibly detailed documentation.
Later, you will create and run several Virtual Machines within Virtualbox for your sensitive activities. Virtualbox provides a feature called “Snapshots”365 that allow for saving the state of a VM at any point in time. If for any reason later you want to go back to that state, you can restore that snapshot at any moment.
+Later, you will create and run several Virtual Machines within Virtualbox for your sensitive activities. Virtualbox provides a feature called “Snapshots”366 that allow for saving the state of a VM at any point in time. If for any reason later you want to go back to that state, you can restore that snapshot at any moment.
I strongly recommend that you do make use of this feature by creating a snapshot after the initial installation/update of each VM. This snapshot should be done before its use for any sensitive/anonymous activity.
-This will allow you to turn your VMs into a kind of disposable “Live Operating Systems” (like Tails discussed earlier). Meaning that you will be able to erase all the traces of your activities within a VM by restoring a Snapshot to an earlier state. Of course, this will not be “as good” as Tails (where everything is stored in memory) as there might be traces of this activity left on your hard disk. Forensics studies have shown the ability to recover data from a reverted VM366. Fortunately, there will be ways to remove those traces after the deletion or reverting to an earlier snapshot. Such techniques will be discussed in the Some additional measures against forensics section of this guide.
+This will allow you to turn your VMs into a kind of disposable “Live Operating Systems” (like Tails discussed earlier). Meaning that you will be able to erase all the traces of your activities within a VM by restoring a Snapshot to an earlier state. Of course, this will not be “as good” as Tails (where everything is stored in memory) as there might be traces of this activity left on your hard disk. Forensics studies have shown the ability to recover data from a reverted VM367. Fortunately, there will be ways to remove those traces after the deletion or reverting to an earlier snapshot. Such techniques will be discussed in the Some additional measures against forensics section of this guide.
You should download a few things within the host OS:
VBoxManage modifyvm "Whonix-Workstation-XFCE" --biossystemtimeoffset -35017
VBoxManage modifyvm "Whonix-Workstation-XFCE" --biossystemtimeoffset +27931
Also, consider applying these mitigations from VirtualBox to mitigate Spectre367/Meltdown368 vulnerabilities by running this command from the VirtualBox Program Directory. All of these are described here: https://www.whonix.org/wiki/Spectre_Meltdown [Archive.org] (be aware these can impact severely the performance of your VMs but should be done for best security).
+Also, consider applying these mitigations from VirtualBox to mitigate Spectre368/Meltdown369 vulnerabilities by running this command from the VirtualBox Program Directory. All of these are described here: https://www.whonix.org/wiki/Spectre_Meltdown [Archive.org] (be aware these can impact severely the performance of your VMs but should be done for best security).
Finally, consider the security advice from Virtualbox themselves here https://www.virtualbox.org/manual/ch13.html [Archive.org]
Skip this step if you do not intend to use Tor over VPN and only intend to use Tor or cannot.
@@ -2792,7 +2792,7 @@Skip this step if you cannot use Tor.
Just use the provided Whonix Workstation VM. It is the safest and most secure way to go on this route.
-It is also the only VM that will provide Stream Isolation pre-configured for most apps by default369.
+It is also the only VM that will provide Stream Isolation pre-configured for most apps by default370.
If you want additional software on the Workstation (such as another Browser), follow their guide here https://www.whonix.org/wiki/Install_Software [Archive.org]
Consider running Whonix in Live Mode if for extra malware protection, See https://www.whonix.org/wiki/Anti-Forensics_Precautions [Archive.org]
Do not forget to apply the VM hardening recommendations here: Virtualbox Hardening recommendations.
@@ -2980,8 +2980,8 @@See why here: Appendix V: What browser to use in your Guest VM/Disposable VM
See Appendix V1: Hardening your Browsers as well.
You will need something to store your data (logins/passwords, identities, and TOTP370 information).
-For this purpose, we strongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA371 authentication with the authenticator feature.
+You will need something to store your data (logins/passwords, identities, and TOTP371 information).
+For this purpose, we strongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA372 authentication with the authenticator feature.
Remember this should ideally be installed on your Guest VM and not on your Host OS. You should never do any sensitive activities from your Host OS.
Here are the tutorials:
The Best Way: Using an external USB Wi-Fi dongle and just disabling Wi-Fi on the Host OS/Computer.
This way is not supported by the Whonix project372 but we will go ahead and give this option anyway. IMHO this is helpful to prevent your Host OS from leaking any information while you are using the Whonix VMs.
+This way is not supported by the Whonix project373 but we will go ahead and give this option anyway. IMHO this is helpful to prevent your Host OS from leaking any information while you are using the Whonix VMs.
Note that this option as-is will only work on Wi-Fis without a captive portal (where you must enter some information to unlock access).
The illustration below shows the result of this step:
@@ -3332,7 +3332,7 @@Note that while this route is written for Qubes OS 4.0.x, it should also work with Qubes OS 4.1.x but it hasn’t been tested yet. The guide will be updated and tested for Qubes OS 4.1 soon. In the mean time, you can see the changelog here: https://www.qubes-os.org/doc/releases/4.1/release-notes/
As they say on their website, Qubes OS is a reasonably secure, free, open-source, and security-oriented operating system for single-user desktop computing. Qubes OS leverages and extensively uses Xen-based virtualization to allow for the creation and management of isolated compartments called Qubes.
-Qubes OS is not a Linux distribution373 but a Xen distribution. It is different from Linux distributions because it will make extensive use of Virtualization and Compartmentalization so that any app will run in a different VM (Qube). As a bonus, Qubes OS integrates Whonix by default and allows for increased privacy and anonymity. It is highly recommended that you document yourself over Qubes OS principles before going this route. Here are some recommended resources:
+Qubes OS is not a Linux distribution374 but a Xen distribution. It is different from Linux distributions because it will make extensive use of Virtualization and Compartmentalization so that any app will run in a different VM (Qube). As a bonus, Qubes OS integrates Whonix by default and allows for increased privacy and anonymity. It is highly recommended that you document yourself over Qubes OS principles before going this route. Here are some recommended resources:
Qubes OS Introduction, https://www.qubes-os.org/intro/ [Archive.org]
Qubes OS Video Tours, https://www.qubes-os.org/video-tours/ [Archive.org]
If an adversary somehow manages to compromise the Tor network too, they will only reveal the IP of a random public Wi-Fi that is not tied to your identity.
If an adversary somehow compromises your VM OS (with malware or an exploit for instance), they will be trapped within the internal Network of Whonix and should be unable to reveal the IP of the public Wi-Fi.
-This solution however has one main drawback to consider: Interference with Tor Stream Isolation374.
+This solution however has one main drawback to consider: Interference with Tor Stream Isolation375.
Stream isolation is a mitigation technique used to prevent some correlation attacks by having different Tor Circuits for each application. Here is an illustration to show what stream isolation is:
(Illustration from Marcelo Martins, https://stakey.club/en/decred-via-tor-network/ [Archive.org])
-VPN/Proxy over Tor falls on the right-side375 meaning using a VPN/Proxy over Tor forces Tor to use one circuit for all activities instead of multiple circuits for each. This means that using a VPN/Proxy over Tor can reduce the effectiveness of Tor in some cases and should therefore be used only for some specific cases:
+VPN/Proxy over Tor falls on the right-side376 meaning using a VPN/Proxy over Tor forces Tor to use one circuit for all activities instead of multiple circuits for each. This means that using a VPN/Proxy over Tor can reduce the effectiveness of Tor in some cases and should therefore be used only for some specific cases:
When your destination service does not allow Tor Exit nodes.
When you do not mind using a shared Tor circuit for various services. For instance for using various authenticated services.
The Qubes master signing key fingerprint should match 427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494
.
Remember to read the guide to verifying signatures on the Qubes website: https://www.qubes-os.org/security/verifying-signatures/ [Archive.org].
Unfortunately, Qubes OS does not support hibernation376 which is IMHO an issue regarding cold-boot attacks. To mitigate those, we highly recommend that you configure Qubes OS to shut down on any power action (power button, lid closure). You can do set this from the XFCE Power Manager. Do not use the sleep features.
+Unfortunately, Qubes OS does not support hibernation377 which is IMHO an issue regarding cold-boot attacks. To mitigate those, we highly recommend that you configure Qubes OS to shut down on any power action (power button, lid closure). You can do set this from the XFCE Power Manager. Do not use the sleep features.
Remember this should be done from a safe place (see Find some safe places with decent public Wi-Fi and Appendix Q: Using long-range Antenna to connect to Public Wi-Fis from a safe distance):
While Qubes OS is already sandboxing everything by design, it is also useful to consider sandboxing apps themselves using AppArmor or SELinux.
“AppArmor is a Mandatory Access Control framework. When enabled, AppArmor confines programs according to a set of rules that specify what files a given program can access. This initiative-taking approach helps protect the system against both known and unknown vulnerabilities” (Debian.org).
-Basically, AppArmor377 is an application sandboxing system. By default, it is not enabled but supported by Qubes OS.
+Basically, AppArmor378 is an application sandboxing system. By default, it is not enabled but supported by Qubes OS.
About the Fedora VMs:
SELinux378 is similar to AppArmor. The differences between SELinux and AppArmor are technical details into which we will not get.
+SELinux379 is similar to AppArmor. The differences between SELinux and AppArmor are technical details into which we will not get.
Here is a good explanation of what it is: https://www.youtube.com/watch?v=_WOKRaM-HI4 [Invidious]
In this guide and the context of Qubes OS, it is important to mention it as it is the recommended method by Fedora which is one of the default systems on Qubes OS.
So, head out and read https://docs.fedoraproject.org/en-US/quick-docs/getting-started-with-selinux/ [Archive.org]
@@ -3925,8 +3925,8 @@That’s it, you should now have an Android Qube over Tor (or anything else) capable of running pretty much any App you can sideload with ADB. This is, for now, and IMHO, the easiest way to get Android emulation on Qubes OS.
You will need something to store your data (logins/passwords, identities, and TOTP379 information).
-For this purpose, we strongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA380 authentication with the authenticator feature.
+You will need something to store your data (logins/passwords, identities, and TOTP380 information).
+For this purpose, we strongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA381 authentication with the authenticator feature.
In the context of Qubes OS you should store your sensitive information within the Domain-vault Qube:
First, click the Applications icon (upper left) and select the Domain: Vault Qube.
(Illustrations by Randall Munroe, xkcd.com, licensed under CC BY-NC 2.5)
-Captcha381 stands for “Completely Automated Public Turing test to tell Computers and Humans Apart” are Turing tests382 puzzles you need to complete before accessing a form/website. You will mostly encounter those provided by Google (reCAPTCHA service383) and Cloudflare (hCaptcha384). hCaptcha is used on 15% of the internet by their own metrics385.
+Captcha382 stands for “Completely Automated Public Turing test to tell Computers and Humans Apart” are Turing tests383 puzzles you need to complete before accessing a form/website. You will mostly encounter those provided by Google (reCAPTCHA service384) and Cloudflare (hCaptcha385). hCaptcha is used on 15% of the internet by their own metrics386.
They are designed to separate bots from humans but are also clearly used to deter anonymous and private users from accessing services.
-If you often use VPNs or Tor, you will quickly encounter many captchas everywhere386. Quite often when using Tor, even if you succeed in solving all the puzzles (sometimes dozens in a row), you will still be denied after solving the puzzles.
+If you often use VPNs or Tor, you will quickly encounter many captchas everywhere387. Quite often when using Tor, even if you succeed in solving all the puzzles (sometimes dozens in a row), you will still be denied after solving the puzzles.
See https://gitlab.torproject.org/legacy/trac/-/wikis/org/doc/ListOfServicesBlockingTor [Archive.org]
-While most people think those puzzles are only about solving a little puzzle, it is important to understand that it is much more complex, and that modern Captchas uses advanced machine learning and risk analysis algorithms to check if you are human387:
+While most people think those puzzles are only about solving a little puzzle, it is important to understand that it is much more complex, and that modern Captchas uses advanced machine learning and risk analysis algorithms to check if you are human388:
They check your browser, cookies, and browsing history using Browser fingerprinting388.
They check your browser, cookies, and browsing history using Browser fingerprinting389.
They track your cursor movements (speed, accuracy) and use algorithms to decide if it is “human/organic”.
They track your behavior before/during/after the tests to ensure you are “human”389.
They track your behavior before/during/after the tests to ensure you are “human”390.
It is also highly likely that those platforms could already reliably identify you based on the unique way you interact with those puzzles. This could work despite obfuscation of your IP address / Browser and clearing all cookies.
You will often experience several in a row (sometimes endlessly) and sometimes exceedingly difficult ones involving reading undecipherable characters or identifying various objects on endless pictures sets. You will also have more captchas if you use an ad-blocking system (uBlock for example) or if your account was flagged for any reason for using VPNs or Tor previously.
You will also have (in my experience) more Captchas (Google’s reCAPTCHA) if you do not use a Chromium-based browser. But this can be mitigated by using a Chromium-based browsers such as Brave. There is also a Browser extension called Buster that could help you those https://github.com/dessant/buster [Archive.org].
-As for Cloudflare (hCaptcha), you could also use their Accessibility solution here (https://www.hcaptcha.com/accessibility [Archive.org]) which would allow you to sign-up (with your anonymous identity created later) and set a cookie within your Browser that would allow you to bypass their captchas. Another solution to mitigate hCaptcha would be to use their own solution called “Privacy Pass”390 https://privacypass.github.io/ [Archive.org] in the form of a Browser extension you could install in your VM Browser.
+As for Cloudflare (hCaptcha), you could also use their Accessibility solution here (https://www.hcaptcha.com/accessibility [Archive.org]) which would allow you to sign-up (with your anonymous identity created later) and set a cookie within your Browser that would allow you to bypass their captchas. Another solution to mitigate hCaptcha would be to use their own solution called “Privacy Pass”391 https://privacypass.github.io/ [Archive.org] in the form of a Browser extension you could install in your VM Browser.
You should therefore deal with those carefully and force yourself to alter the way you are solving them (speed/movement/accuracy/…) to prevent “Captcha Fingerprinting”.
Fortunately, as far as we are aware, these are not yet officially/publicly used to de-anonymize users for third parties.
To not have those issues, you should consider using a VPN over Tor. And the best option to avoid those is likely to use a self-hosted VPN/Proxy over Tor on a cash/Monero paid VPS server.
Phone verification is advertised by most platforms to verify you are human. But do not be fooled, the main reason for phone verification is not only to check if you are human but also to be able to de-anonymize you if needed.
-Most platforms (including the privacy-oriented ones such as Signal/Telegram/Proton will require a phone number to register, and most countries now make it mandatory to submit a proof of ID to register391.
+Most platforms (including the privacy-oriented ones such as Signal/Telegram/Proton will require a phone number to register, and most countries now make it mandatory to submit a proof of ID to register392.
Fortunately, this guide explained earlier how to get a number for these cases: Getting an anonymous Phone number.
E-Mail verification is what used to be enough but is not anymore in most cases. What is important to know is that open e-mail providers (disposable e-mail providers for instance) are flagged as much as open proxies (like Tor).
@@ -4020,8 +4020,8 @@The tolerance is much higher with VPNs as they are not considered “open proxies” but that will not stop many platforms from making them hard to use by forcing increasingly difficult captchas on most VPN users.
For this reason, this guide does recommend the use of VPN over Tor (and not Tor over VPN) in certain use cases. Remember that the best option to avoid those is to use a self-hosted VPN/Proxy over Tor on a cash/Monero paid VPS server.
Browser and Device392 Fingerprinting are usually integrated into the Captcha services but also in other various services.
-Many platforms (like Google393) will check your browser for various capabilities and settings and block Browsers they do not like. This is one of the reasons we recommend using Chromium-based Browsers such as Brave Browser over Tor Browser within this VM.
+Browser and Device393 Fingerprinting are usually integrated into the Captcha services but also in other various services.
+Many platforms (like Google394) will check your browser for various capabilities and settings and block Browsers they do not like. This is one of the reasons we recommend using Chromium-based Browsers such as Brave Browser over Tor Browser within this VM.
Here are some of the things they check within recent browsers:
User-Agent: This is your Browser name and Version.
See Your Digital Fingerprint, Footprint, and Online Behavior.
Simple and efficient, some platforms will require you to perform a financial transaction to verify your account sometimes under the pretext of verifying your age. This could be a credit card verification or an exceedingly small amount bank wire. Some will accept a donation in a main cryptocurrency like Bitcoin or Ethereum.
-While this might seem innocent, this is obviously an ID verification and de-anonymization method. This is just indirectly relying on third-party financial KYC394 regulations.
-This is for instance now the case on YouTube for some European Users395 but also used by services like Amazon that requires a valid payment method for creating an account.
+While this might seem innocent, this is obviously an ID verification and de-anonymization method. This is just indirectly relying on third-party financial KYC395 regulations.
+This is for instance now the case on YouTube for some European Users396 but also used by services like Amazon that requires a valid payment method for creating an account.
“Why do this user-verification ourselves when we can just ask others to deal with it?”
You will notice this, and you probably already encountered this. Some apps/platforms will ask/require you to sign in with a well-known and well-used reputable platform instead of their own system (Sign-in with Google/Facebook/Apple/Twitter).
-This option is often presented as the “default one”, hiding away the “Sign-in with e-mail and password” with clever Dark Patterns396 and unfortunately sometimes needed.
+This option is often presented as the “default one”, hiding away the “Sign-in with e-mail and password” with clever Dark Patterns397 and unfortunately sometimes needed.
This method will delegate the verification process on those platforms instead of assuming that you will not be able to create an anonymous Google/Facebook/Apple/Twitter account with ease.
Fortunately, it is still possible to this day to create those.
This is a common method used on some Crypto trading platforms and some dating Apps.
Some platforms/apps will require you to take a live picture of yourself either doing something (a wink, holding an arm up …) or showing a custom piece of information (a handwritten text, a passport, or ID) within the picture. Sometimes the platform/app will require several pictures to increase their certainty.
-This guide will not cover this one (yet) as it is mainly used on financial platforms (that will be able to identify you with other means anyway) and some dating apps like Tinder397. Unfortunately, this method is now also sometimes being used on Facebook398 and Instagram as part of their verification methods (tho we did not face it yet so far).
+This guide will not cover this one (yet) as it is mainly used on financial platforms (that will be able to identify you with other means anyway) and some dating apps like Tinder398. Unfortunately, this method is now also sometimes being used on Facebook399 and Instagram as part of their verification methods (tho we did not face it yet so far).
In some cases, these verifications must be done from your Smartphone and with an “in-app” camera to prevent you from sending a previously saved (edited) image.
-Recently even platforms such as PornHub decided to implement similar measures in the future399.
+Recently even platforms such as PornHub decided to implement similar measures in the future400.
This verification is extremely hard to defeat but possible. A method to possibly defeat those would be to use “deep fake” technology software such as the open-source FaceSwap https://github.com/deepfakes/faceswap [Archive.org] to generate the required verification pictures using a randomly computer-generated face that would be swapped over the picture of a complicit model (or a stock photo).
Unfortunately, some apps require direct access to a smartphone camera to process the verification. In that case, you will need to find a way to do such “face swaps” on the fly using a filter and another way to feed this into the camera used by the app. A possible approach would be similar to this impressive project https://github.com/iperov/DeepFaceLive [Archive.org].
These can be triggered by any of the above and just means someone (usually specialized employees) will review your profile manually and decide whether it is real or not based on their subjective opinion.
-Some countries have even developed hotlines where you can report any subversive content400.
+Some countries have even developed hotlines where you can report any subversive content401.
Pros: Usually that verdict is “final”, and you will probably avoid further issues if you are good.
Cons: Usually that verdict is “final”, and you will probably be banned without any appeal possibility if you are not good. Sometimes those reviews end up on the platform just ghosting you and cancel you without any reason whatsoever. Any appeal will be left unanswered, ignored, or will generate some random dark pattern bug when trying to appeal that specific identity (this happens on Instagram for instance where if your account gets “suspended” obviously by some manual review, trying to complete the appeal form will just throw an error and tell you to try again later (We have been trying this same appeal for that identity for the past 6 months at least).
You cannot trust your Smart devices
Above all, you cannot trust people
So what? Well instead of not trusting anyone or anything, we would advise to “Trust but verify”401 (or “Never trust, always verify” if you are more hardcore about it and want to apply Zero-Trust Security402) instead.
+So what? Well instead of not trusting anyone or anything, we would advise to “Trust but verify”402 (or “Never trust, always verify” if you are more hardcore about it and want to apply Zero-Trust Security403) instead.
Do not start this process unless:
You consulted your local law for compliance and the legality of your actions.
Remember to see Appendix N: Warning about smartphones and smart devices
This is the fun part where you will now create your identities from thin air. These identities do not exist but should be plausible and look “organic”. They should ideally have a story, a “legend” (yes this is the real term for this403).
+This is the fun part where you will now create your identities from thin air. These identities do not exist but should be plausible and look “organic”. They should ideally have a story, a “legend” (yes this is the real term for this404).
What is a legend? Well, it is a full back-story for your character:
Age
Identities that are “EU residents” with an “EU IP” (VPN/Tor Exit IP) will benefit from GDPR protections on many platforms. Others will not. GDPR is your friend in most cases, and you should take this into account.
Similarly, origin IP geolocation (your IP/location when you go to “whatsmyipaddress.com”) should match your identity location as much as possible (When using a VPN over Tor, you can pick this in the VPN client if you use the VPN over Tor approach or just create a new identity in Tor Browser or Brave Tor Tab until you get an appropriate Exit node, or configure Tor to restrict your Exit Nodes). Consider excluding any exit IP that is not located in Western Europe/US/Canada/Japan/South Korea/Australia/New Zealand as you will have fewer issues. Ideally, you should get a European Union IP to get additional GDPR protection and if possible, a German exit IP due to their legal stance on using anonymous accounts on online platforms.
Brave Browser (Chromium-based) with a Private Tor Tab has (IMHO) a better acceptance level than Tor Browser (Firefox based). You will experience fewer issues with captchas and online platforms404 if you use Brave than if you use Tor Browser (feel free to try this yourself).
For every identity, you should have a matching profile picture associated with it. For this purpose, we recommend you just go to https://thispersondoesnotexist.com/ [Archive.org] and generate a computer-generated profile picture (Do note that algorithms have been developed405’406 to detect these and it might not work 100% of the time). You can also generate such pictures yourself from your computer if you prefer by using the open-source StyleGan project here https://github.com/NVlabs/stylegan2 [Archive.org]. Just refresh the page until you find a picture that matches your identity in all aspects (age, sex, and ethnicity) and save that picture. It would be even better to have several pictures associated with that identity, butWedo not have an “easy way” of doing that yet.
+Brave Browser (Chromium-based) with a Private Tor Tab has (IMHO) a better acceptance level than Tor Browser (Firefox based). You will experience fewer issues with captchas and online platforms405 if you use Brave than if you use Tor Browser (feel free to try this yourself).
For every identity, you should have a matching profile picture associated with it. For this purpose, we recommend you just go to https://thispersondoesnotexist.com/ [Archive.org] and generate a computer-generated profile picture (Do note that algorithms have been developed406’407 to detect these and it might not work 100% of the time). You can also generate such pictures yourself from your computer if you prefer by using the open-source StyleGan project here https://github.com/NVlabs/stylegan2 [Archive.org]. Just refresh the page until you find a picture that matches your identity in all aspects (age, sex, and ethnicity) and save that picture. It would be even better to have several pictures associated with that identity, butWedo not have an “easy way” of doing that yet.
Bonus, you could also make it more real by using this service (with an anonymous identity) https://www.myheritage.com/deep-nostalgia [Archive.org] to make a picture more lifelike. Here is an example:
Keep track (write down) of the background stories of your Identities. You should always use the same dates and answers everywhere. Everything should always match up. Even the stories you tell about your imaginary life should always match. If you say you work as an intern at the Department of Health one day and later on another platform, say you work as an intern at the Department of Transportation, people might question your identity. Be consistent.
Use a different phone number for each identity. Online platforms do keep track of phone number usage and if one identity/number gets flagged for violating Community Guidelines or Terms of Services, it might also get the other identities using the same number flagged/banned as well.
Adapt your language/writing to the identity to not raise suspicions and lower your chances of being fingerprinted by online platforms. Be especially careful with using pedantic words and figures of speech/quotes that could allow some people to guess your writing is very similar to that person with this Twitter handle or this Reddit user. See Appendix A4: Counteracting Forensic Linguistics.
Always use TOTP 2FA (not SMS to prevent Sim Swapping attacks407 and to keep your identity working when your pre-paid card expires) using KeePassXC when available to secure your logins to various platforms.
Always use TOTP 2FA (not SMS to prevent Sim Swapping attacks408 and to keep your identity working when your pre-paid card expires) using KeePassXC when available to secure your logins to various platforms.
Remember Appendix A2: Guidelines for passwords and passphrases.
Here is also a good guide on this specific topic: https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual#.22Real.22_names [Archive.org]
Note: If you are having trouble finding an exit node in the country of your choice you can force using specific countries for Exit Nodes (and therefore exit countries) on Tor by editing the torrc file on the Whonix Gateway or even the Tor Browser:
Whonix/Tails: Create/Edit a file /usr/local/etc/torrc.d/50_user.conf
408.
On Tor Browser: Edit the torrc file located at Browser/TorBrowser/Data/Tor
409.
Whonix/Tails: Create/Edit a file /usr/local/etc/torrc.d/50_user.conf
409.
On Tor Browser: Edit the torrc file located at Browser/TorBrowser/Data/Tor
410.
Once you are in the file, you can do the following:
If the Exit Node is “clean” (in few lists), proceed to go back to the first tab and open the site you want to try a sign-up for.
Unfortunately, not using your real identity is against the ToS (Terms of Services) of many services (especially those owned by Microsoft and Facebook). But don’t despair, as explained in the Requirements, it’s still legal in Germany where the courts have upheld up the legality of not using real names on online platforms (§13 VI of the German Telemedia Act of 2007410’411). Fortunately, ToS cannot override laws (yet).
+Unfortunately, not using your real identity is against the ToS (Terms of Services) of many services (especially those owned by Microsoft and Facebook). But don’t despair, as explained in the Requirements, it’s still legal in Germany where the courts have upheld up the legality of not using real names on online platforms (§13 VI of the German Telemedia Act of 2007411’412). Fortunately, ToS cannot override laws (yet).
This does not mean that it is illegal in other places but that it might be a breach of their Terms of Services if you do not have the law on your side. Remember this guide only endorses this for German users residing in Germany.
On my side, we strongly condemn this type of real-name policy. See for instance this Wikipedia article giving some examples: https://en.wikipedia.org/wiki/Facebook_real-name_policy_controversy [Wikiless] [Archive.org]
Here are some more references about the German case for reference:
@@ -4270,7 +4270,7 @@South Korea (see https://en.wikipedia.org/wiki/Real-name_system#South_Korea [Wikiless] [Archive.org])
If you know any other, please let me know with references in the GitHub issues.
Some platforms are bypassing this requirement altogether by requiring a valid payment method instead (see Financial transactions:). While this does not directly require a real name through their ToS, this has the same results as they usually only accept mainstream (not Monero/Cash) payment methods (such as Visa/MasterCard/Maestro or PayPal) which do require a real-name legally as part of their KYC412 regulations. The result is the same and even better than a simple real-name policy you could ignore in some countries such as Germany.
+Some platforms are bypassing this requirement altogether by requiring a valid payment method instead (see Financial transactions:). While this does not directly require a real name through their ToS, this has the same results as they usually only accept mainstream (not Monero/Cash) payment methods (such as Visa/MasterCard/Maestro or PayPal) which do require a real-name legally as part of their KYC413 regulations. The result is the same and even better than a simple real-name policy you could ignore in some countries such as Germany.
If you intend to use paid services, privilege those accepting cash payments or Monero payments which you can do directly and safely while keeping your anonymity.
If the service you intend to buy does not accept those but accepts Bitcoin (BTC), consider the following appendix: Appendix Z: Paying anonymously online with BTC (or any other cryptocurrency).
@@ -5567,7 +5567,7 @@ HardUse the same name that you use in everyday life.
Provide accurate information about yourself.
Will they require a phone number? Yes, and probably more later
Can you create accounts through Tor? Yes, but it is very difficult and their onion address413 will not help. In most cases, you’ll just have a random error at sign-up and your account suspended after sign-in."
Can you create accounts through Tor? Yes, but it is very difficult and their onion address414 will not help. In most cases, you’ll just have a random error at sign-up and your account suspended after sign-in."
But this clause of their ToS is illegal in Germany (see Requirements).
Facebook is one of the most aggressive platforms with identity verification and is pushing hard their “real name policy”. It is why this guide is only advised to German residents.
@@ -5613,7 +5613,7 @@ HardCan you create accounts through Tor? Yes, but expect some captchas and your phone number will be required
Proton is good … but to appear less suspicious, it is simply better to also have a mainstream Google Mail account.
-As Proton, Google will also most likely require a phone number during sign-up as part of their verification process. However contrary to Proton, Google will store that phone number during the sign-up process and will also limit the number of accounts that can be created during the sign-up414’415.
+As Proton, Google will also most likely require a phone number during sign-up as part of their verification process. However contrary to Proton, Google will store that phone number during the sign-up process and will also limit the number of accounts that can be created during the sign-up415’416.
From my experience during my research, this count is limited to three accounts/phone numbers. If you are unlucky with your number (if it was previously used by another mobile user), it might be less.
You should therefore use again your online phone number OR your burner phone and pre-paid SIM card to create the account. Do not forget to use the identity details you made up earlier (birthdate). When the account is created, please do take some time to do the following:
Keep in mind that there are different algorithms in place to check for weird activity. If you receive any mail (on Proton) prompting about a Google Security Warning. Click it and click the button to say, “Yes it was me”. It helps.
Do not use that account for “sign-up with Google” anywhere unless necessary.
Be extremely careful if you decide to use the account for Google activities (such as Google Maps reviews or YouTube Comments) as those can easily trigger some checks (Negative reviews, Comments breaking Community Guidelines on YouTube).
-If your account gets suspended 416 (this can happen on sign-up, after signing-up or after using it in some Google services), you can still get it unsuspended by submitting417 an appeal/verification (which will again require your Phone number and possibly an e-mail contact with Google support with the reason). Suspension of the account does not disable the e-mail forwarding, but the suspended account will be deleted after a while.
+If your account gets suspended 417 (this can happen on sign-up, after signing-up or after using it in some Google services), you can still get it unsuspended by submitting418 an appeal/verification (which will again require your Phone number and possibly an e-mail contact with Google support with the reason). Suspension of the account does not disable the e-mail forwarding, but the suspended account will be deleted after a while.
After suspension, if your Google account is restored, you should be fine.
If your account gets banned, you will have no appeal and the forwarding will be disabled. Your phone number will be flagged, and you will not be able to use it to sign-up on a different account. Be careful when using those to avoid losing them. They are precious.
-It is also possible that Google will require an ID check through indirect financial KYC or ID picture check if you try to access/publish mature content on their platform418.
+It is also possible that Google will require an ID check through indirect financial KYC or ID picture check if you try to access/publish mature content on their platform419.
LinkedIn is far less aggressive than twitter but will nonetheless require a valid e-mail (preferably again your Gmail) and a phone number in most cases (tho not always).
LinkedIn however is relying a lot on reports and user/customer moderation. You should not create a profile with an occupation inside a private corporation or a small startup company. The company employees are monitoring LinkedIn activity and receive notifications when new people join. They can then report your profile as fake, and your profile will then be suspended or banned pending appeal.
-LinkedIn will then require you to go through a verification process that will, unfortunately, require you to send an ID proof (identity card, passport, driver’s license). This ID verification is processed by a company called Jumio419 that specializes in ID proofing. This is most likely a dead end as this would force you to develop some strong Photoshop skills.
+LinkedIn will then require you to go through a verification process that will, unfortunately, require you to send an ID proof (identity card, passport, driver’s license). This ID verification is processed by a company called Jumio420 that specializes in ID proofing. This is most likely a dead end as this would force you to develop some strong Photoshop skills.
Instead, you are far less likely to be reported if you just stay vague (say you are a student/intern/freelance) or pretend you work for a large public institution that is too large for anyone to care or check.
As with Twitter and Google, you should do the following after signing up:
You obviously need an e-mail for your online identity and disposable e-mails are pretty much banned everywhere.
Proton is a free e-mail provider based in Switzerland that advocates security and privacy.
-They are recommended by Privacyguides.org420. Their only apparent issue is that they do require (in most cases) a phone number or another e-mail address for registration (when you try to register from a VPN or Tor at least).
-They claim they do not store/link the phone/e-mail associated with the registration but only store a hash that is not linked to the account421. If their claim is true and the hash is not linked to your account, and that you followed my guide about the phone number, you should be reasonably safe from tracking.
+They are recommended by Privacyguides.org421. Their only apparent issue is that they do require (in most cases) a phone number or another e-mail address for registration (when you try to register from a VPN or Tor at least).
+They claim they do not store/link the phone/e-mail associated with the registration but only store a hash that is not linked to the account422. If their claim is true and the hash is not linked to your account, and that you followed my guide about the phone number, you should be reasonably safe from tracking.
This e-mail account can be used for creating a Google/Gmail account.
Log out and leave it be.
After about a week, you should check Twitter again and the chances are quite high that it will be suspended again for “suspicious activity” or “violating community guidelines” despite you not using it at all (not even a single tweet/follow/like/retweet or DM) but this time by another system. We call this the “Double-tap”.
-This time you will need to submit an appeal using a form422, provide a good reason and wait for the appeal to be processed by Twitter. During that process, you may receive an e-mail (on Proton) asking you to reply to a customer service ticket to prove that you do have access to your e-mail and that it is you. This will be directed toward your Gmail address but will arrive on your Proton.
+This time you will need to submit an appeal using a form423, provide a good reason and wait for the appeal to be processed by Twitter. During that process, you may receive an e-mail (on Proton) asking you to reply to a customer service ticket to prove that you do have access to your e-mail and that it is you. This will be directed toward your Gmail address but will arrive on your Proton.
Do not reply from Proton as this will raise suspicions, you must sign in to Gmail (unfortunately) and compose a new mail from there copy-pasting the E-Mail, Subject, and Content from Proton. As well as a reply confirming you have access to that e-mail.
After a few days, your account should get unsuspended “for good”. No issues after that but keep in mind they can still ban your account for any reason if you violate the community guidelines. The phone number and e-mail will then be flagged, and you will have no other option but to get a new identity with a new number to sign-up again. Do not use this account for trolling.
Can you post there with Tor or VPN? Not likely.
4chan is 4chan … This guide will not explain 4chan to you. They block Tor exit nodes and known VPN IP ranges.
-You are going to have to find a separate way to post there using at least seven proxies423 that are not known by 4chan blocking system (hint: Anonymous VPS using Monero is probably your best option).
+You are going to have to find a separate way to post there using at least seven proxies424 that are not known by 4chan blocking system (hint: Anonymous VPS using Monero is probably your best option).
Use any crypto wallet app within the Windows Virtual Machine. But be careful not to transfer anything toward an Exchange or a known Wallet. Crypto is in most cases NOT anonymous and can be traced back to you when you buy/sell any (remember the Your Cryptocurrencies transactions section).
@@ -5858,7 +5858,7 @@ HardThere are plenty of messaging apps everywhere. Some have excellent UI and UX and terrible Security/Privacy. Some have excellent Security/Privacy but terrible UI and UX. It is not easy to pick the ones that you should use for sensitive activities. So, this section will help you do that.
Before going further, there are also some key basic concepts you should understand:
End-to-end Encryption424 (aka e2ee) is a rather simple concept. It just means only you and your destination know each-others public encryption keys and no one in between that would be eavesdropping would be able to decrypt the communication.
+End-to-end Encryption425 (aka e2ee) is a rather simple concept. It just means only you and your destination know each-others public encryption keys and no one in between that would be eavesdropping would be able to decrypt the communication.
However, the term is often used differently depending on the provider:
Some providers will claim e2ee but forget to mention what is covered by their protocols. For instance, is metadata also protected within their e2ee protocol? Or is it just the content of the messages?
Always be cautious of apps rolling their own crypto until it has been reviewed by many in the crypto community (or even better published and peer-reviewed academically). Again, this is harder to verify with closed-source proprietary apps.
It is not that rolling your own crypto is bad in essence, it is that good cryptography needs real peer-reviewing, auditing, testing… And since you are probably not a cryptanalyst (and we are not either), chances are high we are not competent to assess the cryptography of some apps.
Forward Secrecy425 (FS aka PFS for Perfect Forward Secrecy) is a property of the key agreement protocol of some of those messaging apps and is a companion feature of e2ee. This happens before you establish communication with the destination. The “Forward” refers to the future in time and means that every time you establish a new e2ee communication, a new set of keys will be generated for that specific session. The goal of forward secrecy is to maintain the secrecy of past communications (sessions) even if the current one is compromised. If an adversary manages to get hold of your current e2ee keys, that adversary will then be limited to the content of the single session and will not be able to easily decrypt past ones.
+Forward Secrecy426 (FS aka PFS for Perfect Forward Secrecy) is a property of the key agreement protocol of some of those messaging apps and is a companion feature of e2ee. This happens before you establish communication with the destination. The “Forward” refers to the future in time and means that every time you establish a new e2ee communication, a new set of keys will be generated for that specific session. The goal of forward secrecy is to maintain the secrecy of past communications (sessions) even if the current one is compromised. If an adversary manages to get hold of your current e2ee keys, that adversary will then be limited to the content of the single session and will not be able to easily decrypt past ones.
This has some user experience drawbacks like for instance, a new device could not be able to conveniently access the remotely stored chat history without additional steps.
So, in short, Forward Secrecy protects past sessions against future compromises of keys or passwords.
More on this topic on this YouTube video: https://www.youtube.com/watch?v=zSQtyW_ywZc [Invidious]
Some providers and apps claiming to offer e2ee do not offer FS/PFS sometimes for usability reasons (group messaging for instance is more complex with PFS). It is therefore important to prefer open-source apps providing forward secrecy to those that do not.
Zero-Access Encryption426 at rest is used when you store data at some provider (let us say your chat history or chat backups) but this history or backup is encrypted on your side and cannot be read or decrypted by the provider hosting it.
+Zero-Access Encryption427 at rest is used when you store data at some provider (let us say your chat history or chat backups) but this history or backup is encrypted on your side and cannot be read or decrypted by the provider hosting it.
Zero-Access encryption is an added feature/companion to e2ee but is applied mainly to data at rest and not communications.
Examples of this issue would be iMessage and WhatsApp, see the Your Cloud backups/sync services at the start of this guide.
So again, it is best to prefer Apps/Providers that do offer Zero-Access Encryption at rest and cannot read/access any of your data/metadata even at rest and not only limited to communications.
-Such a feature would have prevented important hacks such as the Cambridge Analytica scandal427 if it were implemented.
+Such a feature would have prevented important hacks such as the Cambridge Analytica scandal428 if it were implemented.
Remember the Your Metadata including your Geo-Location section. End-to-end Encryption is one thing, but it does not necessarily protect your metadata.
For Instance, WhatsApp might not know what you are saying but they might know who you are talking to, how long and when you have been talking to someone, who else is in groups with you, and if you transferred data with them (such as large files).
End-to-end Encryption does not in itself protect an eavesdropper from harvesting your metadata.
This data can also be protected/obfuscated by some protocols to make metadata harvesting substantially harder for eavesdroppers. This is the case for instance with the Signal Protocol which does offer some added protection with features like:
The Sealed Sender option428.
The Private Contact Discovery429.
The Private Group System430.
The Sealed Sender option429.
The Private Contact Discovery430.
The Private Group System431.
Other Apps like Briar or OnionShare will protect metadata by using the Tor Network as a shield and storing everything locally on-device. Nothing is stored remotely, and all communications are either direct using proximity wi-fi/Bluetooth or remotely through the Tor network.
Most apps however and especially closed-source proprietary commercial apps will collect and retain your metadata for various purposes. And such metadata alone is enough to figure out a lot of things about your communications.
@@ -7221,7 +7221,7 @@ The Guardian, ‘Zoom is malware’: why experts worry about the video conferencSome apps like Threema and Wire were excluded from this comparison due to not being free and not accepting anonymous cash methods such as Cash/Monero.
Remember: Appendix B1: Checklist of things to verify before sharing information.
-We will recommend these options in that order (as also recommend by Privacyguides.org431’432 except for Session and Cwtch):
+We will recommend these options in that order (as also recommend by Privacyguides.org432’433 except for Session and Cwtch):
macOS:
iOS:
Note that all the non-native Tor options must be used over Tor for safety (from Tails or a guest OS running behind the Whonix Gateway such as the Whonix Workstation or an Android-x86 VM).
@@ -7306,7 +7306,7 @@ The Guardian, ‘Zoom is malware’: why experts worry about the video conferencFilen (https://filen.io/): free tier limited to 10GB total
Consider the use of IPFS436:
+Consider the use of IPFS437:
In all cases, we strongly recommend only using such applications from within a VM or Tails to prevent as much leaking as possible. If you do not, you will have to sanitize those documents carefully before publishing (See Removing Metadata from Files/Documents/Pictures).
You might be interested in communicating information to some organization such as the press anonymously.
-If you must do so, you should take some steps because you cannot trust any organization to protect your anonymity437. See Appendix B1: Checklist of things to verify before sharing information.
-For this, we strongly recommend the use of SecureDrop438 (https://securedrop.org/ [Archive.org]) which is an open-source project from the Freedom of the Press Foundation.
+If you must do so, you should take some steps because you cannot trust any organization to protect your anonymity438. See Appendix B1: Checklist of things to verify before sharing information.
+For this, we strongly recommend the use of SecureDrop439 (https://securedrop.org/ [Archive.org]) which is an open-source project from the Freedom of the Press Foundation.
Do take a moment to their read their “source guide” here: https://docs.securedrop.org/en/stable/source.html [Archive.org]
Ideally, you should use SecureDrop over Tor and you will find a curated list of those here https://github.com/alecmuffett/real-world-onion-sites#securedrop [Archive.org]
We will only recommend the use of the open-source and free Clonezilla utility for this purpose. There are commercial utilities that offer the same functionality, but we do not see any advantage in using any of them vs Clonezilla.
Some warnings:
If you use Bitlocker for encryption with TPM439 enabled, you might need to save your Bitlocker Key (safely) somewhere as well as this might be needed to restore your drive if your HDD/SSD or other hardware parts changed. Another option would be to use Bitlocker without the use of TPM which would not require this option. But again, we do not recommend using Bitlocker at all.
If you use Bitlocker for encryption with TPM440 enabled, you might need to save your Bitlocker Key (safely) somewhere as well as this might be needed to restore your drive if your HDD/SSD or other hardware parts changed. Another option would be to use Bitlocker without the use of TPM which would not require this option. But again, we do not recommend using Bitlocker at all.
You should always have a backup of your Veracrypt rescue disk at hand somewhere to be able to resolve some issues that might still appear after a restore. Remember this rescue disk does not contain your passphrase or any sensitive information. You can store it as is.
If you changed the HDD/SSD after a failure, Windows 10/11 may refuse to boot if your hard drive ID is changed. You should also save this ID before backing up as you might need to change the ID of the new drive as Windows 10/11 might require a matching ID before booting. See Appendix F: Diskpart
In case you are using Plausible Deniability on Windows. DO NOT back up the hidden OS partition as this image could be used by Forensics to prove the existence of the hidden volume as explained earlier. It is okay to back up the Decoy OS partition without issues, but you should never back up the partition containing the Hidden OS.
We are currently not aware of any online storage/hosting platform accepting cash payments unlike providers mentioned before.
If you do intend to store sensitive data on “mainstream platforms” (Dropbox, Google Drive, OneDrive…), remember not to ever store plausible deniability containers on those and remember to encrypt and check (for metadata…) anything locally before uploading there. Either with software like Veracrypt or with a software like Cryptomator (https://cryptomator.org/). Do not ever upload non-encrypted files on those platforms and repeating myself, only access them from a secure shielded VM.
If you just want to save information (text), we will recommend the use of secure and private pastebins440. Mostly we will stick to the ones recommended by PrivacyGuides.org (https://www.privacyguides.org/productivity/#paste-services [Archive.org] ) :
+If you just want to save information (text), we will recommend the use of secure and private pastebins441. Mostly we will stick to the ones recommended by PrivacyGuides.org (https://www.privacyguides.org/productivity/#paste-services [Archive.org] ) :
The methods and utilities to manage/wipe them will vary depending on the type of drive you are using. So, it is important you know which one you have inside your laptop.
On most recent laptops, chances are high that it will be one of the middle options (M.2 SATA or M.2 NVMe).
These drives use a technique called wear leveling441. At a high level, wear leveling works as follows. The space on every disk is divided into blocks that are themselves divided into pages, like the chapters in a book are made of pages. When a file is written to disk, it is assigned to a certain set of pages and blocks. If you wanted to overwrite the file in an HDD, then all you would have to do is tell the disk to overwrite those blocks. But in SSDs and USB drives, erasing and re-writing the same block can wear it out. Each block can only be erased and rewritten a limited number of times before that block just will not work anymore (the same way if you keep writing and erasing with a pencil and paper, eventually the paper might rip and be useless). To counteract this, SSDs and USB drives will try to make sure that the number of times each block has been erased and rewritten is about the same so that the drive will last as long as possible (thus the term wear leveling). As a side effect, sometimes instead of erasing and writing the block, a file was originally stored on, the drive will instead leave that block alone, mark it as invalid, and just write the modified file to a different block. This is like leaving the chapter in the book unchanged, writing the modified file on a different page, and then just updating the book’s table of contents to point to the new location. All of this occurs at a very low level in the electronics of the disk, so the operating system does not even realize it has happened. This means, however, that even if you try to overwrite a file, there is no guarantee the drive will actually overwrite it, and that’s why secure deletion with SSDs is so much harder.
+These drives use a technique called wear leveling442. At a high level, wear leveling works as follows. The space on every disk is divided into blocks that are themselves divided into pages, like the chapters in a book are made of pages. When a file is written to disk, it is assigned to a certain set of pages and blocks. If you wanted to overwrite the file in an HDD, then all you would have to do is tell the disk to overwrite those blocks. But in SSDs and USB drives, erasing and re-writing the same block can wear it out. Each block can only be erased and rewritten a limited number of times before that block just will not work anymore (the same way if you keep writing and erasing with a pencil and paper, eventually the paper might rip and be useless). To counteract this, SSDs and USB drives will try to make sure that the number of times each block has been erased and rewritten is about the same so that the drive will last as long as possible (thus the term wear leveling). As a side effect, sometimes instead of erasing and writing the block, a file was originally stored on, the drive will instead leave that block alone, mark it as invalid, and just write the modified file to a different block. This is like leaving the chapter in the book unchanged, writing the modified file on a different page, and then just updating the book’s table of contents to point to the new location. All of this occurs at a very low level in the electronics of the disk, so the operating system does not even realize it has happened. This means, however, that even if you try to overwrite a file, there is no guarantee the drive will actually overwrite it, and that’s why secure deletion with SSDs is so much harder.
Wear-leveling alone can therefore be a disadvantage for security and an advantage for adversaries such as forensics examiners. This feature makes classic “secure deletion” counter-productive and useless and is why this feature was removed on some Operating Systems like macOS (as from version 10.11 El Capitan) where you could enable it before on the Recycle Bin.
Most of those old secure deletion utilities were written with HDD in mind and have no control over wear-leveling and are completely pointless when using an SSD. Avoid them on an SSD drive.
So, what now? Well here comes the Trim442 operation. When you delete data on your SSD, your OS should support what is called a Trim operation command and could (should) issue this Trim command to the SSD drive periodically (daily, weekly, monthly…). This Trim command will then let know the SSD drive controller that there are pages within blocks containing data that are now free to be really deleted without deleting anything itself.
+So, what now? Well here comes the Trim443 operation. When you delete data on your SSD, your OS should support what is called a Trim operation command and could (should) issue this Trim command to the SSD drive periodically (daily, weekly, monthly…). This Trim command will then let know the SSD drive controller that there are pages within blocks containing data that are now free to be really deleted without deleting anything itself.
Trim should be enabled by default on all modern Operating Systems detecting an SSD drive covered in this guide (macOS, Windows 10/11, Ubuntu, Qubes OS 4.1.x …).
-If Trim operations are not done regularly (or at all), then the data is never deleted pro-actively and at some point, all the blocks and pages will be occupied by data. Your OS will not see this and will just see free space as you delete files, but your SSD controller will not (this is called Write Amplification443). This will then force the SSD controller to erase those pages and blocks on the fly which will reduce the write performance. This is because while your OS/SSD can write data to any free page in any bock, erasure is only possible on entire blocks, therefore, forcing your SSD to perform many operations to write new data. Overwriting is just not possible. This will defeat the wear-leveling system and cause performance degradation of your SSD over time. Every time you delete a file on an SSD, your OS should issue a Trim command along with the deletion to let the SSD controller know the pages containing the file data are now free for deletion.
+If Trim operations are not done regularly (or at all), then the data is never deleted pro-actively and at some point, all the blocks and pages will be occupied by data. Your OS will not see this and will just see free space as you delete files, but your SSD controller will not (this is called Write Amplification444). This will then force the SSD controller to erase those pages and blocks on the fly which will reduce the write performance. This is because while your OS/SSD can write data to any free page in any bock, erasure is only possible on entire blocks, therefore, forcing your SSD to perform many operations to write new data. Overwriting is just not possible. This will defeat the wear-leveling system and cause performance degradation of your SSD over time. Every time you delete a file on an SSD, your OS should issue a Trim command along with the deletion to let the SSD controller know the pages containing the file data are now free for deletion.
So, Trim itself does not delete any data but just marks it for deletion. Data deleted without using Trim (if Trim has been disabled/blocked/delayed for instance) will still be deleted at some point by the SSD garbage collection or if you want to overwrite what the OS sees at free space. But it might stick around for a bit longer than if you use Trim.
Here is an illustration from Wikipedia showing how it works on an SSD drive:
As you can see in the above illustration, data (from a file) will be written to the four first pages of Block X. Later new data will be written to the remaining pages and the data from the first files will be marked as invalid (for instance by a Trim operation when deleting a file). As explained on https://en.wikipedia.org/wiki/Trim_(computing) [Wikiless] [Archive.org]; the erase operation can only be done on entire blocks (and not on single pages).
In addition to marking files for deletion (on reputable SSD drives), Trim usually makes those unreadable using a method called “Deterministic Read After Trim” or “Deterministic Zeroes After Trim”. This means that if an adversary tries to read data from a trimmed page/block and somehow manages to disable garbage collection, the controller will not return any meaningful data.
-Trim is your ally and should always be enabled when using an SSD drive and should offer sufficient reasonable protection. And this is also the reason you should not use Veracrypt Plausible deniability on a Trim enabled SSD as this feature is incompatible with Trim444.
+Trim is your ally and should always be enabled when using an SSD drive and should offer sufficient reasonable protection. And this is also the reason you should not use Veracrypt Plausible deniability on a Trim enabled SSD as this feature is incompatible with Trim445.
Garbage collection445 is an internal process running within your SSD drive that looks for data marked for erasure. This process is done by the SSD controller, and you have no control over it. If you go back to the illustration above, you will see that Garbage collection is the last step and will notice that some pages are marked for deletion in a specific block, then copy the valid pages (not marked for deletion) to a different free destination block and then will be able to erase the source block entirely.
+Garbage collection446 is an internal process running within your SSD drive that looks for data marked for erasure. This process is done by the SSD controller, and you have no control over it. If you go back to the illustration above, you will see that Garbage collection is the last step and will notice that some pages are marked for deletion in a specific block, then copy the valid pages (not marked for deletion) to a different free destination block and then will be able to erase the source block entirely.
Garbage collection in itself does NOT require Trim to function, but it will be much faster and more efficient if Trim is performed. Garbage collection is one of the processes that will actually erase data from your SSD drive permanently.
So, the fact is that it is very unlikely446‘447 and difficult for a forensic examiner to be able to recover data from a Trimmed SSD but it is not completely impossible either448’449’450 if they are fast enough and have access to extensive equipment, skills, and motivation451.
+So, the fact is that it is very unlikely447‘448 and difficult for a forensic examiner to be able to recover data from a Trimmed SSD but it is not completely impossible either449’450’451 if they are fast enough and have access to extensive equipment, skills, and motivation452.
Within the context of this guide which also uses full disk encryption. Deletion and Trim should be reasonably secure enough on any SSD drive and will be recommended as the standard method of deletion.
Just re-install a fresh operating system (delete/quick format the drive) and re-encrypt it. The full disk encryption process should erase all previous data from the disk.
Buy PartedMagic452 for 11$ and use it to erase any disk.
Buy PartedMagic453 for 11$ and use it to erase any disk.
Technical options for more advanced users:
Bonus: See https://www.youtube.com/watch?v=-bpX8YvNg6Y [Invidious]
For maximum overkill paranoia security, Sanitize Block Erase option should be preferred but Secure Erase is probably more than enough when considering your drive is already encrypted. Unfortunately, are no free easy (bootable with a graphical menu) all-in-one tools available and you will be left with either going with drive manufacturers provided tools, the free manual hdparm453 , and nvme-cli454 utilities or going with a commercial tool such as PartedMagic.
+For maximum overkill paranoia security, Sanitize Block Erase option should be preferred but Secure Erase is probably more than enough when considering your drive is already encrypted. Unfortunately, are no free easy (bootable with a graphical menu) all-in-one tools available and you will be left with either going with drive manufacturers provided tools, the free manual hdparm454 , and nvme-cli455 utilities or going with a commercial tool such as PartedMagic.
This guide will therefore recommend the use of the free utilities hdparm and nvme-cli using a Live System Rescue system.
-If you can afford it, just buy Parted Magic for 11$ which provides an easy-to-use graphical tool for wiping SSD drives using the option of your choice455’456.
+If you can afford it, just buy Parted Magic for 11$ which provides an easy-to-use graphical tool for wiping SSD drives using the option of your choice456’457.
Note: Again, before proceeding, you should check your BIOS as some will offer a built-in tool to securely erase your drive (ATA/NVMe Secure Erase or ATA/NVMe Sanitize). If this is available, you should use that, and the following steps will not be necessary. Check this before going ahead to avoid the hassle, see Appendix M: BIOS/UEFI options to wipe disks in various Brands).
The same principles from the earlier chapters apply to this one. The same issues arise too.
With an HDD drive, you can securely delete files by just deleting them and then apply one or more “passes” to overwrite the data in question. This can be done with many utilities on all OSes.
-With an SSD drive, however, again everything becomes a bit complicated because you are never sure anything is really deleted due to wear leveling, reliance on the Trim operation, and garbage collection of the drive. An adversary that has the decryption key of your SSD (whether it is LUKS, Filevault 2, Veracrypt, or Bitlocker) could unlock your drive and then attempt a recovery using classic recovery utilities457 and could succeed if the data were not trimmed properly. But this is again highly unlikely.
+With an SSD drive, however, again everything becomes a bit complicated because you are never sure anything is really deleted due to wear leveling, reliance on the Trim operation, and garbage collection of the drive. An adversary that has the decryption key of your SSD (whether it is LUKS, Filevault 2, Veracrypt, or Bitlocker) could unlock your drive and then attempt a recovery using classic recovery utilities458 and could succeed if the data were not trimmed properly. But this is again highly unlikely.
Since the Trim operation is not continuous on most recent hard drives but scheduled, simply forcing a Trim operation should be enough. But again, the only way to be 100% sure a file is securely deleted from your unlocked encrypted SSD is to again overwrite all the free space after deletion of the files in question or to decrypt/re-encrypt the drive. But this is overkill and not necessary. A simple disk-wide Trim should be sufficient.
Remember tho that no matter the deletion method you use for any file on any medium (HDD drive, SSD, USB Thumb drive). It will probably leave other traces (logs, indexing, shellbags …) within your system and those traces will also need to be cleaned. Also, remember that your drives should be fully encrypted and so this is most likely an extra measure. More on that later in the Some additional measures against forensics section.
Just permanently delete the file (and empty recycle bin) and it should be unrecoverable due to trim operations and garbage collection.
"Does Apple File System support TRIM operations?
Yes. TRIM operations are issued asynchronously from when files are deleted or free space is reclaimed, which ensures that these operations are performed only after metadata changes are persisted to stable storage".
@@ -8098,7 +8098,7 @@ PDF-Redact Tools (L)Unfortunately, Apple has removed the secure erase options from the trash bin even for HDD drives459. So, you are left with using other tools:
+Unfortunately, Apple has removed the secure erase options from the trash bin even for HDD drives460. So, you are left with using other tools:
Permanent Eraser http://www.edenwaith.com/products/permanent%20eraser/ [Archive.org]
From the terminal, you can use the “rm –P filename” command which should erase the file and overwrite it as explained in this EFF tutorial https://ssd.eff.org/en/module/how-delete-your-data-securely-macos [Archive.org].
To remove all metadata: exiftool -All= filename.odt
Another option good tool IMHO to remove metadata from various documents is the open-source mat2 recommended by privacyguides.org460 (https://0xacab.org/jvoisin/mat2 [Archive.org]) which you can use on Linux quite easily. We never managed to make it work properly within Windows due to various dependencies issues despite the provided instructions. It is however very straightforward to install and use on Linux.
+Another option good tool IMHO to remove metadata from various documents is the open-source mat2 recommended by privacyguides.org461 (https://0xacab.org/jvoisin/mat2 [Archive.org]) which you can use on Linux quite easily. We never managed to make it work properly within Windows due to various dependencies issues despite the provided instructions. It is however very straightforward to install and use on Linux.
So, we would suggest creating a small Debian VM within Virtualbox (behind your Whonix Gateway) which you can then use from your other VMs to analyze various files from a convenient web interface. For this see Appendix L: Creating a mat2-web guest VM for removing metadata from files
-Mat2 is also pre-installed on the Whonix Workstation VM461 and available on Tails by default462.
+Mat2 is also pre-installed on the Whonix Workstation VM462 and available on Tails by default463.
Tails is great for this; you have nothing to worry about even if you use an SSD drive. Shut it down and it is all gone as soon as the memory decays.
Run the following command to clear the database completely: :>~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2
Run the following command to lock the file and prevent further download history from being written there: sudo chflags schg ~/Library/Preferences/com.apple.LaunchServices.QuarantineEventsV2
Lastly, you can also disable Gatekeeper altogether by issuing the following command in the terminal463:
+Lastly, you can also disable Gatekeeper altogether by issuing the following command in the terminal464:
sudo spctl --master-disable
After each use of your Host OS Windows (your VM should not have Bluetooth at all), Go into the Device Manager, Select Bluetooth, Disable the Device and Re-Enable the device (this will force a randomization of the Bluetooth Address).
Windows Event logs will keep many various pieces of information that could contain traces of your activities such as the devices that were mounted (including Veracrypt NTFS volumes for instance464), your network connections, app crash information, and various errors. It is always best to clean those up regularly. Do not do this on the Decoy OS.
+Windows Event logs will keep many various pieces of information that could contain traces of your activities such as the devices that were mounted (including Veracrypt NTFS volumes for instance465), your network connections, app crash information, and various errors. It is always best to clean those up regularly. Do not do this on the Decoy OS.
Start, search for Event Viewer, and launch Event Viewer:
Delete all those keys.
As explained earlier, Shellbags are basically histories of accessed volumes/files on your computer. Remember that shellbags are exceptionally useful sources of information for forensics465 and you need to clean those. Especially if you mounted any “hidden volume” anywhere. Again, you should not do this on the Decoy OS:
+As explained earlier, Shellbags are basically histories of accessed volumes/files on your computer. Remember that shellbags are exceptionally useful sources of information for forensics466 and you need to clean those. Especially if you mounted any “hidden volume” anywhere. Again, you should not do this on the Decoy OS:
Download Shellbag Analyzer & Cleaner from https://privazer.com/en/download-shellbag-analyzer-shellbag-cleaner.php [Archive.org]
If you have an SSD drive:
Secure Overwriting Tab: We would just pick Normal Deletion + Trim (Trim itself should be enough466). Secure Deletion with Trim467 (1 pass) might be redundant and overkill here if you intend to overwrite the free space anyway.
Secure Overwriting Tab: We would just pick Normal Deletion + Trim (Trim itself should be enough467). Secure Deletion with Trim468 (1 pass) might be redundant and overkill here if you intend to overwrite the free space anyway.
Free Space Tab: Personally, and again “just to be sure”, we would select Normal Cleanup which will fill the entire free space with Data. We do not really trust Smart Cleanup as it does not actually fill all the free space of the SSD with Data. But again, this is probably not needed and overkill in most cases.
If you have an HDD drive:
@@ -8503,8 +8503,8 @@ PDF-Redact Tools (L)If your profile/username was deleted/changed, they should re-index the content and update accordingly, and remove these traces.
This might take several days to process. Be patient.
DuckDuckGo does not store a cached version of pages468 and will instead forward you to a Google/Bing cached version if available.
-In addition, DuckDuckGo source most of their searches from Bing (and not Google)469 and therefore removing the content from Bing should in time have it removed it from DuckDuckGo too.
+DuckDuckGo does not store a cached version of pages469 and will instead forward you to a Google/Bing cached version if available.
+In addition, DuckDuckGo source most of their searches from Bing (and not Google)470 and therefore removing the content from Bing should in time have it removed it from DuckDuckGo too.
Unfortunately, this will require you to have a Yandex account to request removals (however this can be done with any Yandex account from any identity). There is no way around this except waiting.
Once have your Yandex account, head to the Yandex Webmaster tools https://webmaster.yandex.com [Archive.org] and then select Tools and Delete URL https://webmaster.yandex.com/tools/del-url/ [Archive.org]
@@ -8538,7 +8538,7 @@ PDF-Redact Tools (L)You must keep in mind that using all those security measures (encryption, plausible deniability, VPN, tor, secure operating systems …) can make you suspicious just by using them. Using could be the equivalent of stating openly “I something to hide” to an observer which could then motivate some adversaries to investigate/survey you further.
So, there are other ways you could exchange or send messages online to others in case of need without disclosing your identity or establishing direct communication with them. These have been in use by various organizations for decades and can be of help if you do not want to attract attention by using secure tech while still communicating some sensitive information without attracting attention.
-A commonly used technique that combines the idea of a Dead Drop470 and Secure Communication Obfuscation471 through Steganography472 and/or Kleptography473 and has many names such as Koalang474 or “Talking Around” or even “Social Steganography”. This technique is very old and still widely used nowadays by teenagers to bypass parental control. It is hiding in plain sight.
+A commonly used technique that combines the idea of a Dead Drop471 and Secure Communication Obfuscation472 through Steganography473 and/or Kleptography474 and has many names such as Koalang475 or “Talking Around” or even “Social Steganography”. This technique is very old and still widely used nowadays by teenagers to bypass parental control. It is hiding in plain sight.
Here is one example if you want to let someone know something is wrong and they should go dark? That they should immediately wipe all their data, get rid of their burner phones and sensitive information?
What if you want to let someone you trust (friends, family, lawyers, journalists …) know that you are in trouble, and they should look out for you?
All this without revealing the identity of the person you are sending the message to nor disclosing the content of that message to any third party and without raising suspicions and without using any of the secure methods mentioned above.
@@ -8554,7 +8554,7 @@ PDF-Redact Tools (L)What if it is a printed document or book and you want to know if someone read it? Even simpler. Just carefully make a note within the document with a pencil. And then erase it with any pencil eraser as if you wanted to correct it. The trick is to carefully leave the eraser traces/residues on the area you erased/pencil written areas and close the document. You could also take a picture of the residues before closing the document.
Most likely if someone went through your document to read it and re-placed it carefully, this residue will fall off or be moved significantly. It is a simple old-school trick that could tell you someone searched a document you had.
Wait, what is OPSEC? Well, OPSEC means Operations Security475. The basic definition is: “OPSEC is the process of protecting individual pieces of data that could be grouped together to give the bigger picture”.
+Wait, what is OPSEC? Well, OPSEC means Operations Security476. The basic definition is: “OPSEC is the process of protecting individual pieces of data that could be grouped together to give the bigger picture”.
OPSEC is often just applying common sense and being cautious about your activities including in the physical world:
Remember to use passphrases instead of passwords and use a different one for each service (Appendix A2: Guidelines for passwords and passphrases).
Digital Evidence (Pictures, Videos, Voice Recordings, E-Mails, Documents…) be crafted, placed, removed, or destroyed with ease without leaving traces.
You should not hesitate to question this type of information from any source in this age of disinformation.
-“A lie can travel halfway around the world while the truth is putting on its shoes”476
+“A lie can travel halfway around the world while the truth is putting on its shoes”477
Please keep thinking for yourself, use critical thinking, and keep an open mind. “Sapere Aude” (Dare to know!).
“In the end the Party would announce that two and two made five, and you would have to believe it” – George Orwell, 1984, Book One, Chapter Seven.
Consider helping others (see Helping others staying anonymous)
@@ -8893,7 +8893,7 @@ PDF-Redact Tools (L)(Host OS Only) Go into Settings > Network & Internet > Wi-Fi and Enable Random Hardware Address.
As written earlier in this guide and as noted by PrivacyGuides.org477, Windows 10/11 is a privacy nightmare. And disabling everything during and after the installation using the settings available to you is not enough. The amount of telemetry data collected by Microsoft is staggering and could defeat your attempts at keeping secrets. You will need to download and use a couple of utilities to (hopefully) force Windows 10/11 into not sending data back to Microsoft.
+As written earlier in this guide and as noted by PrivacyGuides.org478, Windows 10/11 is a privacy nightmare. And disabling everything during and after the installation using the settings available to you is not enough. The amount of telemetry data collected by Microsoft is staggering and could defeat your attempts at keeping secrets. You will need to download and use a couple of utilities to (hopefully) force Windows 10/11 into not sending data back to Microsoft.
Here are the steps in detail:
Both these tools can be used for cleaning many things such as:
The Windows USN journal which stores plenty of information.
The Windows System Resource Usage Monitor (SRUM)478.
The Windows System Resource Usage Monitor (SRUM)479.
Various histories of various programs (such as the recent lists).
Various logs
The free (unallocated) space of your hard drive]479.
The free (unallocated) space of your hard drive]480.
Secure deletion of files
Secure wiping of USB drives
Both these utilities can delete files and can overwrite the free space after deletion to improve secure deletion even on SSD drives. Remember this can reduce the lifespan of your SSD drives a bit.
Several utilities are recommended (like the old unmaintained DBAN480 or System Rescue CD (https://www.system-rescue.org/ [Archive.org])) for this but we will recommend the use of ShredOS.
+Several utilities are recommended (like the old unmaintained DBAN481 or System Rescue CD (https://www.system-rescue.org/ [Archive.org])) for this but we will recommend the use of ShredOS.
Feel free to go with DBAN instead if you want (using this tutorial: https://www.lifewire.com/how-to-erase-a-hard-drive-using-dban-2619148 [Archive.org]), the process is basically the same but will not work out of the box with UEFI laptops.
If you want to go with System-Rescue, just head to their website and follow the instructions.
I do not recommend using external SSDs due to the uncertainty about their support for Trim, ATA Secure Erase, and Sanitize options through USB controllers. Instead, we recommend using external HDD disks which can be cleaned/wiped safely and securely without hassle (albeit much slower than SSD drives).
Please do not buy or use gimmicky self-encrypting devices such as these: https://syscall.eu/blog/2018/03/12/aigo_part1/ [Archive.org]
-Some might be very efficient481 but many are gimmicky gadgets.
+Some might be very efficient482 but many are gimmicky gadgets.
If you want to use an external SSD drive for sensitive storage:
Please consider the support for:
@@ -9146,7 +9146,7 @@ PDF-Redact Tools (L)Your mileage may vary. Use at your own risk.
According to Apple Documentation482, Trim is supported on APFS (asynchronously) and HFS+ (through period trim or first-aid).
+According to Apple Documentation483, Trim is supported on APFS (asynchronously) and HFS+ (through period trim or first-aid).
So, if it is supported (and enabled on your external SSD), you should be able to issue a Trim on a non-APFS drive using Disk Utility and First Aid which should issue a Trim.
If your disk supports it but it is not enabled in macOS. You could try issuing a “sudo trimforce enable” command from the Terminal and see if it enables Trim on your external SSD. And then again check the first aid command if it is not APFS (see this Tutorial for info https://www.lifewire.com/enable-trim-for-ssd-in-os-x-yosemite-2260789 [Archive.org])
If it does not work, we are not aware of any reliable method to enable TRIM besides the commercial utility Trim Enabler here https://cindori.org/trimenabler/ [Archive.org] which claims support for external drives.
@@ -9250,9 +9250,9 @@ PDF-Redact Tools (L)When conducting sensitive activities, remember that:
You should not bring your real smartphone or smart devices with you (even turned off). Correlation attacks are possible on the Cell Networks to find which phone “turned off” before your burner phone “turned on”. While this might not work the first time, after a few times, the net will tighten, and you will get compromised. It is better to leave your main smartphone at home online (see this article (Russian, use Google Translate link): https://biboroda.livejournal.com/4894724.html [Google Translate] [Archive.org])
Again, do not take them with you unless it is absolutely necessary. If you really must, you could consider powering it off and removing the battery or, if not possible, the use of a faraday cage483 bag to store your devices. There are many such faraday “signal blocking” bags available for sale and some of these have been studied484 for their effectiveness. If you cannot afford such bags, you can probably achieve a “decent result” with one or several sheets of aluminum foil (as shown in the previously linked study).
+Again, do not take them with you unless it is absolutely necessary. If you really must, you could consider powering it off and removing the battery or, if not possible, the use of a faraday cage484 bag to store your devices. There are many such faraday “signal blocking” bags available for sale and some of these have been studied485 for their effectiveness. If you cannot afford such bags, you can probably achieve a “decent result” with one or several sheets of aluminum foil (as shown in the previously linked study).
Consider leaving your smart devices at home online and doing something (watching YouTube/Netflix or something similar) instead of taking them with you powered off. This will mitigate tracking efforts but also create digital traces that could indicate you were at home.
For extra-security consider:
Wearing gloves while manipulating anything to avoid leaving fingerprints487 and touch DNA488.
Wearing gloves while manipulating anything to avoid leaving fingerprints488 and touch DNA489.
A less-obvious alternative could be to put super glue on your fingertips, to avoid making it obvious you’re wearing gloves. However, this can prevent effective use of touchscreens, as well as failing to as effectively prevent you from touch DNA. Also, if spotted, it can be quite suspicious to be caught with super glue on your fingers.
Do not use any material/currency that was manipulated by someone that can be related to you in any way.
Do not use the currency you just got from an ATM that could record dispensed bills serial numbers.
Be careful if you print anything that it is not watermarked by your printer (See Printing Watermarking).
Do not lick the envelope or the stamps489 if you use them to avoid leaving DNA traces.
Do not lick the envelope or the stamps490 if you use them to avoid leaving DNA traces.
Make sure there are no obvious DNA traces in or on the materials (like hairs).
Consider doing the whole operation outdoor to reduce the risks of residual DNA traces from your environment or you contaminating the materials.
The more people frequent a space, the lower the risk, as your DNA will be obscured by the DNA of other people as they pass through
So, what is OONI? OONI stands for Open Observatory of Network Interference and is a sub-project of the Tor Project490.
+So, what is OONI? OONI stands for Open Observatory of Network Interference and is a sub-project of the Tor Project491.
First OONI will allow you to check online for surveillance/censorship in your country just by looking at their Explorer that features test results from other people. This can be done here: https://explorer.ooni.org/
But these tests are limited and could not apply to your personal situation. If that is the case, you could consider running the OONI Probe yourself and running the tests yourself.
-The problem is that your network providers will be able to see those tests and your attempts at connecting to various services if the network is monitored. The other issue is that there are solutions to prevent OONI from working properly491.
+The problem is that your network providers will be able to see those tests and your attempts at connecting to various services if the network is monitored. The other issue is that there are solutions to prevent OONI from working properly492.
While this might not be important in a normal environment, this could put you at risk in a hostile environment. So, running these tests can be risky.
If you are in such a hostile environment where you suspect network activity is actively monitored and the simple fact of trying to access some resources can put you at risk, you should take some precautions before even attempting this:
The probe can be found here: https://ooni.org/install/ [Archive.org] for various platforms (iOS, Android, Windows, macOS, and Linux).
Usually, integrity checks492 are done using hashes of files (usually stored within checksum files). Older files could use CRC493, more recently MD5494 but those present several weaknesses (CRC, MD5 495 that make them unreliable for file integrity checks (which does not mean they are not still widely used in other contexts).
-This is because they do not prevent Collision496 well enough and could allow an adversary to create a similar but malicious file that would still produce in the same CRC or MD5 hash despite having different content.
-For this reason, it is usually recommended to use SHA-based 497 hashes and the most used is probably the SHA-2498 based SHA-256 for verifying file integrity. SHA is much more resistant to collisions499 than CRC and MD5. And collisions with SHA-256 or SHA-512 are rare and hard to compute for an adversary.
+Usually, integrity checks493 are done using hashes of files (usually stored within checksum files). Older files could use CRC494, more recently MD5495 but those present several weaknesses (CRC, MD5 496 that make them unreliable for file integrity checks (which does not mean they are not still widely used in other contexts).
+This is because they do not prevent Collision497 well enough and could allow an adversary to create a similar but malicious file that would still produce in the same CRC or MD5 hash despite having different content.
+For this reason, it is usually recommended to use SHA-based 498 hashes and the most used is probably the SHA-2499 based SHA-256 for verifying file integrity. SHA is much more resistant to collisions500 than CRC and MD5. And collisions with SHA-256 or SHA-512 are rare and hard to compute for an adversary.
If a SHA-256 checksum is available from the source of the file, you should not hesitate to use it to confirm the integrity of the file. Note that SHA-1 is not recommended, but is better than not having a hash to compare.
This checksum should itself be authenticated/trusted and should be available from an authenticated/trusted source (obviously you should not trust a file just because it has a checksum attached to it alone).
In the case of this guide, the SHA-256 checksums are available for each file including the PDFs but are also authenticated using a GPG signature allowing you to verify the authenticity of the checksum. This will bring us to the next section about authenticity.
So how to check checksums? (In this case SHA-256 but you could change to SHA-512
Windows500:
+Windows501:
Open a Command Prompt
Run certutil -hashfile filename.txt sha256
(replace sha256 by sha1 or sha512 or md5)
Remember that checksums are just checksums. Having a matching checksum does not mean the file is safe.
Integrity is one thing. Authenticity is another thing. This is a process where you can verify some information is authentic and from the expected source. This is usually done by signing information (using GPG501 for instance) using public-key cryptography502.
+Integrity is one thing. Authenticity is another thing. This is a process where you can verify some information is authentic and from the expected source. This is usually done by signing information (using GPG502 for instance) using public-key cryptography503.
Signing can serve both purposes and allow you to check for both integrity and authenticity.
If available, you should always verify the signatures of files to confirm their authenticity.
In essence:
@@ -9548,13 +9548,13 @@ PDF-Redact Tools (L)Every check should ideally happen in sandboxed/hardened Virtual Machines. This is to mitigate the possibilities for malware to access your Host computer.
You might be asking yourself, what about Anti-Virus solutions? Well, no … these are not perfect solutions against many modern malware and viruses using polymorphic code503. But it does not mean they cannot help against less sophisticated and known attacks. It depends on how to use them as AV software can become an attack vector in itself.
+You might be asking yourself, what about Anti-Virus solutions? Well, no … these are not perfect solutions against many modern malware and viruses using polymorphic code504. But it does not mean they cannot help against less sophisticated and known attacks. It depends on how to use them as AV software can become an attack vector in itself.
Again, this is all a matter of threat modeling. Can AV software help you against the NSA? Probably not. Can it help you against less resourceful adversaries using known malware? Probably.
-Some will just argue against them broadly like Whonix504 but this topic is being discussed and disputed even at Whonix505 by other members of their community.
+Some will just argue against them broadly like Whonix505 but this topic is being discussed and disputed even at Whonix506 by other members of their community.
Contrary to popular myths perpetuating the idea that only Windows is subject to malware and that detection tools are useless on Linux and macOS:
Yes, there are viruses and malware for Linux506‘507’508‘509’510
Yes, there are viruses and malware for macOS511‘512513’514515
Yes, there are viruses and malware for Linux507‘508’509‘510’511
Yes, there are viruses and malware for macOS512‘513514’515516
My take on the matter is on the pragmatic side. There is still room for some AV software for some selective and limited use. But it depends on which one and how you use them:
Now, what if you think the PDF is still suspicious? Fear not … there are more things you can do to ensure it is not malicious:
Qubes OS: Consider using https://github.com/QubesOS/qubes-app-linux-pdf-converter [Archive.org] which will convert your PDF into a flattened image file. This should theoretically remove any malicious code in it. Note that this will also render the PDF formatting useless (such as links, headings, bookmarks, and references).
(Deprecated) Linux/Qubes OS (or possibly macOS through Homebrew or Windows through Cygwin): Consider not using https://github.com/firstlookmedia/pdf-redact-tools [Archive.org] which will also turn your PDF into a flattened image file. Again, this should theoretically remove any malicious code in it. Again, this will also render the PDF formatting useless (such as links, headings, bookmarks, and references). Note that this tool is deprecated and relies on a library called “ImageMagick” which is known for several security issues516. You should not use this tool even if it is recommended in some other guides.
Windows/Linux/Qubes/OS/macOS: Consider using https://github.com/firstlookmedia/dangerzone [Archive.org] which was inspired by Qubes PDF Converted above and does the same but is well maintained and works on all OSes. This tool also works with Images, ODF files, and Office files (Warning: On Windows, this tool requires Docker-Desktop installed and this might (will) interfere with Virtualbox and other Virtualization software because it requires enabling Hyper-V. VirtualBox and Hyper-V do not play nice together517. Consider installing this within a Linux VM for convenience instead of a Windows OS).
(Deprecated) Linux/Qubes OS (or possibly macOS through Homebrew or Windows through Cygwin): Consider not using https://github.com/firstlookmedia/pdf-redact-tools [Archive.org] which will also turn your PDF into a flattened image file. Again, this should theoretically remove any malicious code in it. Again, this will also render the PDF formatting useless (such as links, headings, bookmarks, and references). Note that this tool is deprecated and relies on a library called “ImageMagick” which is known for several security issues517. You should not use this tool even if it is recommended in some other guides.
Windows/Linux/Qubes/OS/macOS: Consider using https://github.com/firstlookmedia/dangerzone [Archive.org] which was inspired by Qubes PDF Converted above and does the same but is well maintained and works on all OSes. This tool also works with Images, ODF files, and Office files (Warning: On Windows, this tool requires Docker-Desktop installed and this might (will) interfere with Virtualbox and other Virtualization software because it requires enabling Hyper-V. VirtualBox and Hyper-V do not play nice together518. Consider installing this within a Linux VM for convenience instead of a Windows OS).
Here are some various resources for this purpose where you will find what tool to use for what type:
For Documents/Pictures: Consider using https://github.com/firstlookmedia/dangerzone [Archive.org] which was inspired by Qubes PDF Converted above and does the same but is well maintained and works on all OSes. This tool also works with Images, ODF files, and Office files (Warning: On Windows, this tool requires Docker-Desktop installed and this might (will) interfere with Virtualbox and other Virtualization software because it requires enabling Hyper-V. VirtualBox and Hyper-V do not play nice together518. Consider installing this within a Linux VM for convenience instead of a Windows OS).
For Documents/Pictures: Consider using https://github.com/firstlookmedia/dangerzone [Archive.org] which was inspired by Qubes PDF Converted above and does the same but is well maintained and works on all OSes. This tool also works with Images, ODF files, and Office files (Warning: On Windows, this tool requires Docker-Desktop installed and this might (will) interfere with Virtualbox and other Virtualization software because it requires enabling Hyper-V. VirtualBox and Hyper-V do not play nice together519. Consider installing this within a Linux VM for convenience instead of a Windows OS).
For Videos: Be extremely careful, use an up-to-date player in a sandboxed environment. Remember https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez [Archive.org]
This practical cheat sheet from SANS: https://digital-forensics.sans.org/media/analyzing-malicious-document-files.pdf [Archive.org] (warning, many of those tools might be harder to use on Windows and you might consider using them from a Linux OS such as Tails, Whonix Workstation, or a Linux distribution of your choice as explained later in this guide. There are also other guides out there519 that might be of use).
This practical cheat sheet from SANS: https://digital-forensics.sans.org/media/analyzing-malicious-document-files.pdf [Archive.org] (warning, many of those tools might be harder to use on Windows and you might consider using them from a Linux OS such as Tails, Whonix Workstation, or a Linux distribution of your choice as explained later in this guide. There are also other guides out there520 that might be of use).
This GitHub repository with various resources on malware analysis: https://github.com/rshipp/awesome-malware-analysis [Archive.org]
This interesting PDF detailing which tool to use for which file type https://www.winitor.com/pdf/Malware-Analysis-Fundamentals-Files-Tools.pdf [Archive.org]
The situation might look desperate, but it is not necessarily the case as there are some safe ways to bypass these depending on how well your adversaries did their job securing your computer.
There are plenty of methods you could use to bypass those restrictions locally. One of them would be to use portable apps520. Those apps do not require installation on your system and can be run from a USB key or anywhere else.
+There are plenty of methods you could use to bypass those restrictions locally. One of them would be to use portable apps521. Those apps do not require installation on your system and can be run from a USB key or anywhere else.
But this is not a method we would recommend.
This is because those portable apps will not necessarily hide themselves (or be able to hide themselves) from the usage reports and forensic examination. This method is just too risky and will probably arise issues if noticed if you are in such a hostile environment.
Even the most basic controls (supervision or parental) will send out detailed app usage to your adversary.
@@ -9817,30 +9817,30 @@ PDF-Redact Tools (L)Another useful resource to be considered for comparing browsers is: https://privacytests.org/ [Archive.org]
This is my recommended/preferred choice for a Browser within your guest VMs. This is not my recommended choice for a Browser within your Host OS where we strictly recommend Tor Browser as they recommend it themselves521.
-Why Brave despite the controversies522?
+This is my recommended/preferred choice for a Browser within your guest VMs. This is not my recommended choice for a Browser within your Host OS where we strictly recommend Tor Browser as they recommend it themselves522.
+Why Brave despite the controversies523?
You will encounter fewer issues later with account creations (captchas …). This is based on my experiences trying to create plenty of online identities using various browsers. You will have to trust me on that.
You will enjoy native ad-blocking where none is available in others by default without adding extensions523.
Performance is arguably better than Firefox524.
Brave is arguably better at fingerprinting resistance than others525.
Security of Chromium-based Browser is arguably better and more secure than Firefox526’527. Within the context of this guide, security should be privileged to prevent any vulnerability or exploit from gaining access to the VM.
You will enjoy native ad-blocking where none is available in others by default without adding extensions524.
Performance is arguably better than Firefox525.
Brave is arguably better at fingerprinting resistance than others526.
Security of Chromium-based Browser is arguably better and more secure than Firefox527’528. Within the context of this guide, security should be privileged to prevent any vulnerability or exploit from gaining access to the VM.
Comparison of both by Mozilla: https://www.mozilla.org/en-US/firefox/browsers/compare/brave/ [Archive.org]
Comparison of both by Techlore: https://www.youtube.com/watch?v=qkJGF3syQy4 [Invidious]
The whole traffic will be routed over a VPN over Tor anyway. So even if you mistakenly opt-in for some telemetry, it is not so important. Remember that in this anonymity threat model, we are mostly after anonymity and security. The privacy of our online identities does not matter that much unless the privacy issue is also a security issue that could help deanonymize you.
Brave was found to be sending no identifiable telemetry compared to other browsers528.
Brave was found to be sending no identifiable telemetry compared to other browsers529.
This browser is considered a security liability due to their systemic lagging on security patches529.
+This browser is considered a security liability due to their systemic lagging on security patches530.
It is strongly advised not to use Ungoogled-Chromium.
This is for Windows users only. Edge is a solid choice too.
You will encounter fewer issues later with account creations (captchas …). This is based on my experiences trying to create plenty of online identities using various browsers. You will have to trust me on that.
Better Security than Firefox as it is Chromium-based530’531.
Better Security than Firefox as it is Chromium-based531’532.
Better Performance than Firefox.
The whole traffic will be router through Tor anyway.
Can benefit from additional security using Microsoft Defender Application Guard (MDAG)532. Note that this feature cannot be enabled in a Virtualbox VM unfortunately.
Can benefit from additional security using Microsoft Defender Application Guard (MDAG)533. Note that this feature cannot be enabled in a Virtualbox VM unfortunately.
Native tracker blocking (Similar to Brave Shields).
Cons:
@@ -9865,7 +9865,7 @@ PDF-Redact Tools (L)Pros:
Well, it is out of the “Chromium” world and not taking part in expanding Chromium market share
In addition to being out of the Chromium world, it is also completely out of the Google world (despite the Mozilla Foundation being almost entirely funded by Google533).
In addition to being out of the Chromium world, it is also completely out of the Google world (despite the Mozilla Foundation being almost entirely funded by Google534).
An impressive amount of customization through extensions for every possible need.
Firefox can be severely hardened to almost match the security of Chromium-based browsers.
Security (especially sandboxing) of Firefox is arguably weaker than Chromium-based browsers534.
+Security (especially sandboxing) of Firefox is arguably weaker than Chromium-based browsers535.
ClearURLs (https://chrome.google.com/webstore/detail/clearurls/lckanjgmijmafbedllaakclkaicjfmnk)
LibRedirect (https://libredirect.github.io/)
That’s it and you should be pretty much covered. For full paranoia, you can also just “Block Scripts” to disable Javascript. Note that even disabling Javascript might not protect you fully535.
+That’s it and you should be pretty much covered. For full paranoia, you can also just “Block Scripts” to disable Javascript. Note that even disabling Javascript might not protect you fully536.
This browser is considered a security liability due to their systemic lagging on security patches536.
+This browser is considered a security liability due to their systemic lagging on security patches537.
It is strongly advised not to use Ungoogled-Chromium.
Windows only:
@@ -10263,7 +10263,7 @@ PDF-Redact Tools (L)https://ebin.city/~werwolf/posts/firefox-hardening-guide/ [Archive.org]
So, you might ask yourself, what is Virtualization537?
+So, you might ask yourself, what is Virtualization538?
Basically, it is like the Inception movie with computers. You have emulated software computers called Virtual Machines running on a physical computer. And you can even have Virtual Machines running within Virtual machines if you want to (but this will require a more powerful laptop in some cases).
Here is a little basic illustration of what Virtualization is:
@@ -10276,10 +10276,10 @@ PDF-Redact Tools (L)In some environments, your ISPs might be trying to prevent you from accessing Tor. Or accessing Tor openly might be a safety risk.
In those cases, it might be necessary to use Tor bridges to connect to the Tor network (see Tor Documentation https://2019.www.torproject.org/docs/bridges [Archive.org] and Whonix Documentation https://www.whonix.org/wiki/Bridges [Archive.org]).
-Bridges are special Tor entry nodes that are not listed on the Tor public directory. Some of those are running on people running the Snowflake Browser extension538 while others are running on various servers around the world. Most of those bridges are running some type of obfuscation method called obfs4539.
-Here is the definition from the Tor Browser Manual540: “obfs4 makes Tor traffic look random and prevents censors from finding bridges by Internet scanning. obfs4 bridges are less likely to be blocked than its predecessor, obfs3 bridges”.
+Bridges are special Tor entry nodes that are not listed on the Tor public directory. Some of those are running on people running the Snowflake Browser extension539 while others are running on various servers around the world. Most of those bridges are running some type of obfuscation method called obfs4540.
+Here is the definition from the Tor Browser Manual541: “obfs4 makes Tor traffic look random and prevents censors from finding bridges by Internet scanning. obfs4 bridges are less likely to be blocked than its predecessor, obfs3 bridges”.
Some of those are called “Meek” bridges and are using a technique called “Domain Fronting” where your Tor client (Tails, Tor Browser, Whonix Gateway) will connect to a common CDN used by other services. To a censor, it would appear you are connecting to a normal website such as Microsoft.com. See https://gitlab.torproject.org/legacy/trac/-/wikis/doc/meek for more information.
-As per their definition from their manual541: “meek transports make it look like you are browsing a major web site instead of using Tor. meek-azure makes it look like you are using a Microsoft web site”. This is a type of “domain fronting” 542.
+As per their definition from their manual542: “meek transports make it look like you are browsing a major web site instead of using Tor. meek-azure makes it look like you are using a Microsoft web site”. This is a type of “domain fronting” 543.
Lastly, there are also bridges called Snowflake bridges that rely on users running the snowflake extension in their browser to become themselves entry nodes. See https://snowflake.torproject.org/ [Archive.org].
First, you should proceed with the following checklist to make sure you cannot circumvent Tor Blocking (double-check) and try to use Tor Bridges (https://bridges.torproject.org/ [Archive.org]):
We would recommend the “Safest” level by default. The “Safer” level should be enabled if you think you need access to a website not working without JavaScript. The Safest mode will most likely break many websites that rely actively on JavaScript.
If you are extra paranoid, use the “Safest” level by default and consider downgrading to Safer is the website is unusable because of Javascript blocking.
-Optional and not recommended by the Tor Project: If you are not using the “Safest” level, we will diverge from some but agree with others (for instance the Tails project and others543) and will actually recommend some modifications of the default Tor Browser in the addition of two extensions:
+Optional and not recommended by the Tor Project: If you are not using the “Safest” level, we will diverge from some but agree with others (for instance the Tails project and others544) and will actually recommend some modifications of the default Tor Browser in the addition of two extensions:
uBlock Origin (as it is the case on Tails) while leaving the extension on the default settings:
Let’s keep in mind that even 3 letters agencies recommend blocking ads for their internal users in order to improve security544.
+Let’s keep in mind that even 3 letters agencies recommend blocking ads for their internal users in order to improve security545.
If you did not go for the above personal and not officially recommended options, the Safer level should still be used with some extra precautions while using some websites: see Appendix A5: Additional browser precautions with JavaScript enabled.
Now, you are really done, and you can now surf the web anonymously from your desktop device.
These steps should upgrade from “reasonably anonymous” to “extra-paranoid anonymous”. Even if Monero is broken in the future. Zcash will have to be broken as well. Quite unlikely.
You might want to consider the use of Samourai for Android (https://samouraiwallet.com). This wallet uses an implementation of CoinJoin545 called Whirlpool546.
+You might want to consider the use of Samourai for Android (https://samouraiwallet.com). This wallet uses an implementation of CoinJoin546 called Whirlpool547.
<!-- Unverified recommendation: Sparrow for desktop (https://sparrowwallet.com). WARNING: Sparrow has not been thoroughly reviewed by this guide's maintainers and cannot at this point be considered a serious recommendation -->
Mixing BTC in this way should prevent any chain analysis on future transactions. This will not hide any past transactions or the fact you purchased BTC from a KYC exchange. Both wallets support Tor and running your own Bitcoin full node.
-Wasabi wallet is not recommended due to censorship of transactions547 and vulnerabilities in its CoinJoin implementation548.
+Wasabi wallet is not recommended due to censorship of transactions548 and vulnerabilities in its CoinJoin implementation549.
Now, as part of any process above, if you want to convert BTC back to Monero, we recommend not using a swapping service but instead recommend using the new Monero Atomic Swap Tool: https://unstoppableswap.net/. This will prevent unnecessary fees and intermediates when using a commercial swapping service. The website is self-explanatory with detailed instructions for all OSes.
Please do read Appendix B2: Monero Disclaimer.
If the service does not accept Monero but does accept BTC, consider the following appendix: Appendix Z: Paying anonymously online with BTC.
My opinion (and the one of many549‘550’551‘552’553’554) is that passphrases are generally better than passwords. So instead of thinking of better passwords, forget them altogether and use passphrases instead (when possible). Or just use a password manager with very long passwords (such as KeePassXC, the preferred password manager in this guide).
+My opinion (and the one of many550‘551’552‘553’554’555) is that passphrases are generally better than passwords. So instead of thinking of better passwords, forget them altogether and use passphrases instead (when possible). Or just use a password manager with very long passwords (such as KeePassXC, the preferred password manager in this guide).
The well-known shown-below XKCD https://xkcd.com/936/ [Archive.org] is still valid despite some people disputing it (See https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength [Archive.org]). Yes, it is quite old now and is a little bit outdated and might be misinterpreted. But generally, it is still valid and a good argument for using passphrases instead of passwords.
(Illustration by Randall Munroe, xkcd.com, licensed under CC BY-NC 2.5)
-Here are some recommendations (based on Wikipedia555):
+Here are some recommendations (based on Wikipedia556):
Long enough to be hard to guess (typically four words is a minimum, five or more is better).
Not a famous quotation from literature, holy books, et cetera.
After curating the files for anything you want to leave out. Double-check and even Triple check them. Then you could consider sending them to an organization such as a press organization or others.
First, please read this small introduction video to Monero: https://www.youtube.com/watch?v=H33ggs7bh8M [Invidious]
-The anonymity of Monero depends on its crypto algorithms. If you do use Monero from a KYC Exchange. You can be almost certain that you are safe today. But you might not be in the long-term future if Monero algorithms are ever broken556 (think Quantum Computing). Do keep in mind that KYC regulations might force operators (such as Crypto Exchanges) to keep your financial records for up to 10 years and that you, therefore, need Monero algorithms to not be broken for the next 10 years as well.
+The anonymity of Monero depends on its crypto algorithms. If you do use Monero from a KYC Exchange. You can be almost certain that you are safe today. But you might not be in the long-term future if Monero algorithms are ever broken557 (think Quantum Computing). Do keep in mind that KYC regulations might force operators (such as Crypto Exchanges) to keep your financial records for up to 10 years and that you, therefore, need Monero algorithms to not be broken for the next 10 years as well.
You may want to watch this insightful video for more details: https://www.youtube.com/watch?v=j02QoI4ZlnU [Invidious]
Also please consider reading: https://github.com/monero-project/monero/blob/master/docs/ANONYMITY_NETWORKS.md#privacy-limitations [Archive.org]
If you feel extra paranoid and want the highest safety level possible, see the Extra-Paranoid anonymous option.
@@ -11012,273 +11012,274 @@ PDF-Redact Tools (L)Wikipedia, Lavabit Suspension and Gag order, https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order [Wikiless] [Archive.org]↩︎
Internet Archive, Invisibler, What Everybody Ought to Know About HideMyAss https://archive.is/ag9w4#selection-136.0-136.1↩︎
Wikipedia, Warrant Canary https://en.wikipedia.org/wiki/Warrant_canary [Wikiless] [Archive.org]↩︎
Swissinfo.ch, Second Swiss firm allegedly sold encrypted spying devices https://www.swissinfo.ch/eng/second-swiss-firm-allegedly-sold-encrypted-spying-devices/46186432 [Archive.org]↩︎
Wikipedia, Das Leben der Anderen https://en.wikipedia.org/wiki/The_Lives_of_Others [Wikiless] [Archive.org]↩︎
Wired, Mind the Gap: This Researcher Steals Data With Noise, Light, and Magnets https://www.wired.com/story/air-gap-researcher-mordechai-guri/ [Archive.org]↩︎
Scientific American, A Blank Wall Can Show How Many People Are in a Room and What They’re Doing https://www.scientificamerican.com/article/a-blank-wall-can-show-how-many-people-are-in-a-room-and-what-theyre-doing/ [Archive.org]↩︎
Scientific American, A Shiny Snack Bag’s Reflections Can Reconstruct the Room around It https://www.scientificamerican.com/article/a-shiny-snack-bags-reflections-can-reconstruct-the-room-around-it/ [Archive.org]↩︎
Scientific American, Footstep Sensors Identify People by Gait https://www.scientificamerican.com/article/footstep-sensors-identify-people-by-gait/ [Archive.org]↩︎
Ben Nassi, Lamphone https://www.nassiben.com/lamphone [Archive.org]↩︎
The Guardian, Laser spying: is it really practical? https://www.theguardian.com/world/2013/aug/22/gchq-warned-laser-spying-guardian-offices [Archive.org]↩︎
ArsTechnica, Photos of an NSA “upgrade” factory show Cisco router getting implant https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ [Archive.org]↩︎
Wikipedia, Zero-trust Security Model https://en.wikipedia.org/wiki/Zero_trust_security_model [Wikiless] [Archive.org]↩︎
Wikipedia, Plausible Deniability https://en.wikipedia.org/wiki/Plausible_deniability [Wikiless] [Archive.org]↩︎
Wikipedia, Rubber-hose Cryptanalysis https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis [Archive.org]↩︎
Defuse.ca, TrueCrypt’s Plausible Deniability is Theoretically Useless https://defuse.ca/truecrypt-plausible-deniability-useless-by-game-theory.htm [Archive.org]↩︎
Wikipedia, Deniable Encryption https://en.wikipedia.org/wiki/Deniable_encryption [Wikiless] [Archive.org]↩︎
Wikipedia, OONI, https://en.wikipedia.org/wiki/OONI [Wikiless] [Archive.org]↩︎
Privacy International, Timeline of SIM Card Registration Laws https://privacyinternational.org/long-read/3018/timeline-sim-card-registration-laws [Archive.org]↩︎
NYTimes, Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes https://www.nytimes.com/2021/01/12/technology/bitcoin-passwords-wallets-fortunes.html [Archive.org]↩︎
Usenix.org, Shedding too much Light on a Microcontroller’s Firmware Protection https://www.usenix.org/system/files/conference/woot17/woot17-paper-obermaier.pdf [Archive.org]↩︎
TorProject.org, Can I run Tor Browser on an iOS device? https://support.torproject.org/tormobile/tormobile-3/ [Archive.org]↩︎
Wikipedia, Tails https://en.wikipedia.org/wiki/Tails_(operating_system) [Wikiless] [Archive.org]↩︎
Vice.com, Facebook Helped the FBI Hack a Child Predator https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez [Archive.org]↩︎
XKCD, Security https://xkcd.com/538/ [Archive.org]↩︎
Wikipedia, Plausible Deniability https://en.wikipedia.org/wiki/Plausible_deniability [Wikiless] [Archive.org]↩︎
Veracrypt Documentation, Trim Operations https://www.veracrypt.fr/en/Trim%20Operation.html [Archive.org]↩︎
YouTube, 36C3 - Uncover, Understand, Own - Regaining Control Over Your AMD CPU https://www.youtube.com/watch?v=bKH5nGLgi08&t=2834s [Invidious]↩︎
Qubes OS, Anti-Evil Maid, https://github.com/QubesOS/qubes-antievilmaid [Archive.org]↩︎
QubesOS FAQ, https://www.qubes-os.org/faq/#is-secure-boot-supported [Archive.org]↩︎
Wikipedia, Secure Boot https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_boot [Wikiless] [Archive.org]↩︎
Wikipedia, Booting https://en.wikipedia.org/wiki/Booting [Wikiless] [Archive.org]↩︎
XKCD, Security https://xkcd.com/538/ [Archive.org]↩︎
Wired, Don’t Want Your Laptop Tampered With? Just Add Glitter Nail Polish https://www.wired.com/2013/12/better-data-security-nail-polish/ [Archive.org]↩︎
Wikipedia, Virtual Machine https://en.wikipedia.org/wiki/Virtual_machine [Wikiless] [Archive.org]↩︎
Wikipedia, Plausible Deniability https://en.wikipedia.org/wiki/Plausible_deniability [Wikiless] [Archive.org]↩︎
Wikipedia, Deniable Encryption https://en.wikipedia.org/wiki/Deniable_encryption [Wikiless] [Archive.org]↩︎
PrivacyGuides.org, Don’t use Windows 10 - It’s a privacy nightmare https://web.archive.org/web/20220313023015/https://www.privacyguides.org/tools/#operating-systems#win10 [Archive.org]↩︎
Wikipedia, Deniable Encryption https://en.wikipedia.org/wiki/Deniable_encryption [Wikiless] [Archive.org]↩︎
Wikipedia, Key Disclosure Laws https://en.wikipedia.org/wiki/Key_disclosure_law [Wikiless] [Archive.org]↩︎
GP Digital, World map of encryption laws and policies https://www.gp-digital.org/world-map-of-encryption/ [Archive.org]↩︎
Wikipedia, Bitlocker https://en.wikipedia.org/wiki/BitLocker [Wikiless] [Archive.org]↩︎
Wikipedia, Evil Maid Attack https://en.wikipedia.org/wiki/Evil_maid_attack [Wikiless] [Archive.org]↩︎
Wikipedia, Cold Boot Attack https://en.wikipedia.org/wiki/Cold_boot_attack [Wikiless] [Archive.org]↩︎
CITP 2008 (https://www.youtube.com/watch?v=JDaicPIgn9U) [Invidious]↩︎
ResearchGate, Defeating Plausible Deniability of VeraCrypt Hidden Operating Systems https://www.researchgate.net/publication/318155607_Defeating_Plausible_Deniability_of_VeraCrypt_Hidden_Operating_Systems [Archive.org]↩︎
SANS.org, Mission Implausible: Defeating Plausible Deniability with Digital Forensics https://www.sans.org/reading-room/whitepapers/forensics/mission-implausible-defeating-plausible-deniability-digital-forensics-39500 [Archive.org]↩︎
SourceForge, Veracrypt Forum https://sourceforge.net/p/veracrypt/discussion/technical/thread/53f33faf/ [Archive.org]↩︎
Microsoft, BitLocker Countermeasures https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-countermeasures [Archive.org]↩︎
SANS, Windows ShellBag Forensics in-depth https://www.sans.org/reading-room/whitepapers/forensics/windows-shellbag-forensics-in-depth-34545 [Archive.org]↩︎
University of York, Forensic data recovery from the Windows Search Database https://eprints.whiterose.ac.uk/75046/1/Forensic_Data_Recovery_From_The_Windows_Search_Database_preprint_DIIN328.pdf [Archive.org]↩︎
A forensic insight into Windows 10 Jump Lists https://web.archive.org/web/https://cyberforensicator.com/wp-content/uploads/2017/01/1-s2.0-S1742287616300202-main.2-14.pdf [Archive.org]↩︎
Wikipedia, Gatekeeper https://en.wikipedia.org/wiki/Gatekeeper_(macOS) [Wikiless] [Archive.org]↩︎
Alpine Linux Wiki, Setting up a laptop https://wiki.alpinelinux.org/wiki/Setting_up_a_laptop [Archive.org]↩︎
Wikipedia Veracrypt https://en.wikipedia.org/wiki/VeraCrypt [Wikiless] [Archive.org]↩︎
OSTIF Veracrypt Audit, 2016 https://web.archive.org/web/https://ostif.org/the-veracrypt-audit-results/↩︎
Veracrypt Documentation, Unencrypted Data in RAM https://www.veracrypt.fr/en/Unencrypted%20Data%20in%20RAM.html [Archive.org]↩︎
Veracrypt Documentation, Data Leaks https://www.veracrypt.fr/code/VeraCrypt/plain/doc/html/Data%20Leaks.html [Archive.org]↩︎
Dolos Group, From Stolen Laptop to Inside the Company Network https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network [Archive.org]↩︎
Trammell Hudson’s Projects, Understanding TPM Sniffing Attacks https://trmm.net/tpm-sniffing/ [Archive.org]↩︎
Jon Aubrey, attacking laptops that are protected by Microsoft Bitlocker drive encryption https://twitter.com/SecurityJon/status/1445020885472235524 [Nitter]↩︎
F-Secure Labs, Sniff, there leaks my BitLocker key https://labs.f-secure.com/blog/sniff-there-leaks-my-bitlocker-key/ [Archive.org]↩︎
Microsoft, BitLocker Countermeasures, Attacker countermeasures https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-countermeasures [Archive.org]↩︎
Wikipedia, Trim https://en.wikipedia.org/wiki/Trim_(computing) [Wikiless] [Archive.org]↩︎
Veracrypt Documentation, Trim Operations https://www.veracrypt.fr/en/Trim%20Operation.html [Archive.org]↩︎
Veracrypt Documentation, Rescue Disk https://www.veracrypt.fr/en/VeraCrypt%20Rescue%20Disk.html [Archive.org]↩︎
St Cloud State University, Forensic Research on Solid State Drives using Trim Analysis https://web.archive.org//web/20220612095503/https://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1141&context=msia_etds [Archive.org]↩︎
WindowsCentral, Trim Tutorial https://www.windowscentral.com/how-ensure-trim-enabled-windows-10-speed-ssd-performance [Archive.org]↩︎
Veracrypt Documentation, Trim Operation https://veracrypt.eu/en/docs/trim-operation/ [Archive.org]↩︎
Black Hat 2018, Perfectly Deniable Steganographic Disk Encryption https://i.blackhat.com/eu-18/Thu-Dec-6/eu-18-Schaub-Perfectly-Deniable-Steganographic-Disk-Encryption.pdf [Archive.org]↩︎
Milan Broz’s Blog, TRIM & dm-crypt … problems? http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html [Archive.org]↩︎
Veracrypt Documentation, Rescue Disk https://www.veracrypt.fr/en/VeraCrypt%20Rescue%20Disk.html [Archive.org]↩︎
Wikipedia, Virtualbox https://en.wikipedia.org/wiki/VirtualBox [Wikiless] [Archive.org]↩︎
VirtualBox Ticket 17987 https://www.virtualbox.org/ticket/17987 [Archive.org]↩︎
Whonix Documentation, Spectre Meltdown https://www.whonix.org/wiki/Spectre_Meltdown#VirtualBox [Archive.org]↩︎
Whonix Documentation, Stream Isolation https://www.whonix.org/wiki/Stream_Isolation [Archive.org]↩︎
Whonix Documentation, Tunnels Comparison Table https://www.whonix.org/wiki/Tunnels/Introduction#Comparison_Table [Archive.org]↩︎
Wikipedia, Whonix https://en.wikipedia.org/wiki/Whonix [Wikiless] [Archive.org]↩︎
Oracle Virtualbox Manual, Snapshots https://docs.oracle.com/en/virtualization/virtualbox/6.0/user/snapshots.html [Archive.org]↩︎
Utica College, Forensic Recovery Of Evidence From Deleted Oracle Virtualbox Virtual Machines https://web.archive.org/web/https://programs.online.utica.edu/sites/default/files/Neal_6_Gonnella_Forensic_Recovery_of_Evidence_from_Deleted_Oracle_VirtualBox_Virtual_Machine.pdf↩︎
Wikipedia, Spectre https://en.wikipedia.org/wiki/Spectre_(security_vulnerability) [Wikiless] [Archive.org]↩︎
Wikipedia, Meltdown https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability) [Wikiless] [Archive.org]↩︎
Whonix Documentation, Stream Isolation, By Settings https://www.whonix.org/wiki/Stream_Isolation#By_Settings [Archive.org]↩︎
Wikipedia, TOTP https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm [Wikiless] [Archive.org]↩︎
Wikipedia, Multi-Factor Authentication https://en.wikipedia.org/wiki/Multi-factor_authentication [Wikiless] [Archive.org]↩︎
Whonix Documentation, Bridged Adapters Warning https://www.whonix.org/wiki/Whonix-Gateway_Security#Warning:_Bridged_Networking [Archive.org]↩︎
Qubes OS, FAQ, https://www.qubes-os.org/faq/#is-qubes-just-another-linux-distribution [Archive.org]↩︎
Whonix Documentation, Stream Isolation https://www.whonix.org/wiki/Stream_Isolation [Archive.org]↩︎
Whonix Documentation, Tunnels Comparison Table https://www.whonix.org/wiki/Tunnels/Introduction#Comparison_Table [Archive.org]↩︎
Qubes OS Issues, Simulate Hibernation / Suspend-To-Disk (Issue #2414) https://github.com/QubesOS/qubes-issues/issues/2414 [Archive.org]↩︎
Wikipedia, AppArmor https://en.wikipedia.org/wiki/AppArmor [Wikiless] [Archive.org]↩︎
Wikipedia, SELinux https://en.wikipedia.org/wiki/Security-Enhanced_Linux [Wikiless] [Archive.org]↩︎
Wikipedia, TOTP https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm [Wikiless] [Archive.org]↩︎
Wikipedia, Multi-Factor Authentication https://en.wikipedia.org/wiki/Multi-factor_authentication [Wikiless] [Archive.org]↩︎
Wikipedia, Captcha https://en.wikipedia.org/wiki/CAPTCHA [Wikiless] [Archive.org]↩︎
Wikipedia, Turing Test https://en.wikipedia.org/wiki/Turing_test [Wikiless] [Archive.org]↩︎
Google reCAPTCHA https://www.google.com/recaptcha/about/ [Archive.org]↩︎
hCaptcha https://www.hcaptcha.com/ [Archive.org]↩︎
hCaptcha, hCaptcha Is Now the Largest Independent CAPTCHA Service, Runs on 15% Of The Internet https://www.hcaptcha.com/post/hcaptcha-now-the-largest-independent-captcha-service [Archive.org]↩︎
Nearcyan.com, You (probably) don’t need ReCAPTCHA https://nearcyan.com/you-probably-dont-need-recaptcha/ [Archive.org]↩︎
ArsTechnica, “Google’s reCAPTCHA turns”invisible," will separate bots from people without challenges" https://arstechnica.com/gadgets/2017/03/googles-recaptcha-announces-invisible-background-captchas/ [Archive.org]↩︎
BlackHat Asia 2016, “I’m not a human: Breaking the Google reCAPTCHA” https://www.blackhat.com/docs/asia-16/materials/asia-16-Sivakorn-Im-Not-a-Human-Breaking-the-Google-reCAPTCHA-wp.pdf [Archive.org]↩︎
Google Blog https://security.googleblog.com/2014/12/are-you-robot-introducing-no-captcha.html [Archive.org]↩︎
Cloudflare Blog, Cloudflare supports Privacy Pass https://blog.cloudflare.com/cloudflare-supports-privacy-pass/ [Archive.org]↩︎
Privacy International, Timeline of SIM Card Registration Laws https://privacyinternational.org/long-read/3018/timeline-sim-card-registration-laws [Archive.org]↩︎
Wikipedia, Device Fingerprinting https://en.wikipedia.org/wiki/Device_fingerprint [Wikiless] [Archive.org]↩︎
Developers Google Blog, Guidance to developers affected by our effort to block less secure browsers and applications https://developers.googleblog.com/2020/08/guidance-for-our-effort-to-block-less-secure-browser-and-apps.html [Archive.org]↩︎
Wikipedia, KYC https://en.wikipedia.org/wiki/Know_your_customer [Wikiless] [Archive.org]↩︎
Google Help, Access age-restricted content & features https://support.google.com/accounts/answer/10071085 [Archive.org]↩︎
Wikipedia, Dark Pattern https://en.wikipedia.org/wiki/Dark_pattern [Wikiless] [Archive.org]↩︎
The Verge, Tinder will give you a verified blue check mark if you pass its catfishing test https://www.theverge.com/2020/1/23/21077423/tinder-photo-verification-blue-checkmark-safety-center-launch-noonlight [Archive.org]↩︎
DigitalInformationWorld, Facebook will now require you to Create a Video Selfie for Identity Verification https://www.digitalinformationworld.com/2020/03/facebook-is-now-demanding-some-users-to-create-a-video-selfie-for-identity-verification.html [Archive.org]↩︎
Vice.com, PornHub Announces ‘Biometric Technology’ to Verify Users https://www.vice.com/en/article/m7a4eq/pornhub-new-verification-policy-biometric-id [Archive.org]↩︎
Variety, China Launches Hotline to Report Online Comments That ‘Distort’ History or ‘Deny’ Its Cultural Excellence https://variety.com/2021/digital/news/china-censorship-hotline-historical-nihilism-1234950554/ [Archive.org]↩︎
Wikipedia, Trust but verify https://en.wikipedia.org/wiki/Trust,_but_verify [Wikiless] [Archive.org]↩︎
Wikipedia, Zero-trust Security Model https://en.wikipedia.org/wiki/Zero_trust_security_model [Wikiless] [Archive.org]↩︎
Wikipedia, Espionage, Organization https://en.wikipedia.org/wiki/Espionage#Organization [Wikiless] [Archive.org]↩︎
Developers Google Blog, Guidance to developers affected by our effort to block less secure browsers and applications https://developers.googleblog.com/2020/08/guidance-for-our-effort-to-block-less-secure-browser-and-apps.html [Archive.org]↩︎
Medium.com, Kyle McDonald, How to recognize fake AI-generated images https://kcimc.medium.com/how-to-recognize-fake-ai-generated-images-4d1f6f9a2842[Scribe.rip] [Archive.org]↩︎
Jayway Blog, Using ML to detect fake face images created by AI https://blog.jayway.com/2020/03/06/using-ml-to-detect-fake-face-images-created-by-ai/ [Archive.org]↩︎
Wikipedia, Sim Swapping https://en.wikipedia.org/wiki/SIM_swap_scam [Wikiless] [Archive.org]↩︎
Whonix Documentation, Tor Configuration https://www.whonix.org/wiki/Tor#Edit_Tor_Configuration [Archive.org]↩︎
Tor Browser Documentation, Editing Torrc https://support.torproject.org/tbb/tbb-editing-torrc/ [Archive.org]↩︎
English translation of German Telemedia Act https://www.huntonprivacyblog.com/wp-content/uploads/sites/28/2016/02/Telemedia_Act__TMA_.pdf [Archive.org]. Section 13, Article 6, “The service provider must enable the use of Telemedia and payment for them to occur anonymously or via a pseudonym where this is technically possible and reasonable. The recipient of the service is to be informed about this possibility.”.↩︎
Wikipedia, Real-Name System Germany https://en.wikipedia.org/wiki/Real-name_system#Germany [Wikiless] [Archive.org]↩︎
Wikipedia, KYC https://en.wikipedia.org/wiki/Know_your_customer [Wikiless] [Archive.org]↩︎
Facebook Onion Website http://facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion/↩︎
Google Help https://support.google.com/accounts/answer/114129?hl=en [Archive.org]↩︎
Google Help, Customer Matching Process https://support.google.com/google-ads/answer/7474263?hl=en [Archive.org]↩︎
Google, Your account is disabled https://support.google.com/accounts/answer/40695 [Archive.org]↩︎
Google, Request to restore the account https://support.google.com/accounts/contact/disabled2 [Archive.org]↩︎
Google Help, Update your account to meet age requirements https://support.google.com/accounts/answer/1333913?hl=en [Archive.org]↩︎
Jumio, ID verification features https://www.jumio.com/features/ [Archive.org]↩︎
Privacyguides.org recommended E-mail Providers https://www.privacyguides.org/email/ [Archive.org]↩︎
Proton Registration Human Verification https://proton.me/support/human-verification/ [Archive.org]↩︎
Twitter Appeal Form https://help.twitter.com/forms/general↩︎
KnowYourMeme, Good Luck, I’m Behind 7 Proxies https://knowyourmeme.com/memes/good-luck-im-behind-7-proxies [Archive.org]↩︎
Wikipedia, end-to-end encryption https://en.wikipedia.org/wiki/End-to-end_encryption [Wikiless] [Archive.org]↩︎
Wikipedia, Forward Secrecy https://en.wikipedia.org/wiki/Forward_secrecy [Wikiless] [Archive.org]↩︎
Proton Blog, What is zero-access encryption? https://proton.me/blog/zero-access-encryption/ [Archive.org]↩︎
Wikipedia, Cambridge Analytica Scandal https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal [Wikiless] [Archive.org]↩︎
Signal Blog, Technology preview: Sealed sender for Signal https://signal.org/blog/sealed-sender/ [Archive.org]↩︎
Signal Blog, Private Contact Discovery https://signal.org/blog/private-contact-discovery/ [Archive.org]↩︎
Signal Blog, Private Group System https://signal.org/blog/signal-private-group-system/ [Archive.org]↩︎
Privacyguides.org, File-Sharing https://www.privacyguides.org/file-sharing/ [Archive.org]↩︎
Privacyguides.org, Real-Time Communication https://www.privacyguides.org/real-time-communication/ [Archive.org]↩︎
GetSession.org, The Session Protocol: What’s changing — and why https://getsession.org/session-protocol-explained/ [Archive.org]↩︎
Quarkslab, Audit of Session Secure Messaging Application https://blog.quarkslab.com/audit-of-session-secure-messaging-application.html [Archive.org]↩︎
Techlore, Top 5 BEST Messengers For Privacy https://www.youtube.com/watch?v=aVwl892hqb4 [Invidious]↩︎
Wikipedia, IPFS https://en.wikipedia.org/wiki/InterPlanetary_File_System [Wikiless] [Archive.org]↩︎
Praxis Films, Open Letter from Laura Poitras https://www.praxisfilms.org/open-letter-from-laura-poitras/ [Archive.org]↩︎
Wikipedia, SecureDrop https://en.wikipedia.org/wiki/SecureDrop [Wikiless] [Archive.org]↩︎
Wikipedia, TPM https://en.wikipedia.org/wiki/Trusted_Platform_Module [Wikiless] [Archive.org]↩︎
Wikipedia, Pastebin https://en.wikipedia.org/wiki/Pastebin [Wikiless] [Archive.org]↩︎
Wikipedia, Wear Leveling https://en.wikipedia.org/wiki/Wear_leveling [Wikiless] [Archive.org]↩︎
Wikipedia, Trim https://en.wikipedia.org/wiki/Write_amplification#TRIM [Wikiless] [Archive.org]↩︎
Wikipedia, Write Amplification https://en.wikipedia.org/wiki/Write_amplification [Wikiless] [Archive.org]↩︎
Wikipedia, Trim Disadvantages https://en.wikipedia.org/wiki/Trim_(computing)#Disadvantages [Wikiless] [Archive.org]↩︎
Wikipedia, Garbage Collection https://en.wikipedia.org/wiki/Write_amplification#Garbage_collection [Wikiless] [Archive.org]↩︎
Techgage, Too TRIM? When SSD Data Recovery is Impossible https://techgage.com/article/too_trim_when_ssd_data_recovery_is_impossible/ [Archive.org]↩︎
ResearchGate, Live forensics method for acquisition on the Solid-State Drive (SSD) NVMe TRIM function https://www.researchgate.net/publication/341761017_Live_forensics_method_for_acquisition_on_the_Solid_State_Drive_SSD_NVMe_TRIM_function [Archive.org]↩︎
ElcomSoft, Life after Trim: Using Factory Access Mode for Imaging SSD Drives https://blog.elcomsoft.com/2019/01/life-after-trim-using-factory-access-mode-for-imaging-ssd-drives/ [Archive.org]↩︎
Forensic Focus, Forensic Acquisition Of Solid State Drives With Open Source Tools https://www.forensicfocus.com/articles/forensic-acquisition-of-solid-state-drives-with-open-source-tools/ [Archive.org]↩︎
ResearchGate, Solid State Drive Forensics: Where Do We Stand? https://www.researchgate.net/publication/325976653_Solid_State_Drive_Forensics_Where_Do_We_Stand [Archive.org]↩︎
BleepingComputer, Firmware attack can drop persistent malware in hidden SSD area https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/ [Archive.org]↩︎
Wikipedia, Parted Magic https://en.wikipedia.org/wiki/Parted_Magic [Wikiless] [Archive.org]↩︎
Wikipedia, hdparm https://en.wikipedia.org/wiki/Hdparm [Wikiless] [Archive.org]↩︎
GitHub, nvme-cli https://github.com/linux-nvme/nvme-cli [Archive.org]↩︎
PartedMagic Secure Erase https://partedmagic.com/secure-erase/ [Archive.org]↩︎
Partedmagic NVMe Secure Erase https://partedmagic.com/nvme-secure-erase/ [Archive.org]↩︎
UFSExplorer, Can I recover data from an encrypted storage? https://www.ufsexplorer.com/solutions/data-recovery-on-encrypted-storage.php [Archive.org]↩︎
Apple Developer Documentation https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/APFS_Guide/FAQ/FAQ.html [Archive.org]↩︎
EFF, How to: Delete Your Data Securely on macOS https://ssd.eff.org/en/module/how-delete-your-data-securely-macos [Archive.org]↩︎
Privacyguides.org, Productivity tools https://privacyguides.org/productivity/ [Archive.org]↩︎
Whonix Documentation, Scrubbing Metadata https://www.whonix.org/wiki/Metadata [Archive.org]↩︎
Tails documentation, MAT https://gitlab.tails.boum.org/tails/blueprints/-/wikis/doc/mat/ [Archive.org]↩︎
GitHub, Disable Gatekeeper on macOS Big Sur (11.x) https://disable-gatekeeper.github.io/ [Archive.org]↩︎
Veracrypt Documentation, Data Leaks https://www.veracrypt.fr/code/VeraCrypt/plain/doc/html/Data%20Leaks.html [Archive.org]↩︎
SANS, Windows ShellBag Forensics in-depth https://www.sans.org/reading-room/whitepapers/forensics/windows-shellbag-forensics-in-depth-34545 [Archive.org]↩︎
St Cloud State University, Forensic Research on Solid State Drives using Trim Analysis https://web.archive.org//web/20220612095503/https://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1141&context=msia_etds [Archive.org]↩︎
Wikipedia, Trim https://en.wikipedia.org/wiki/Trim_(computing) [Wikiless] [Archive.org]↩︎
DuckDuckGo help, Cache https://help.duckduckgo.com/duckduckgo-help-pages/features/cache/ [Archive.org]↩︎
DuckDuckGo help, Sources https://help.duckduckgo.com/duckduckgo-help-pages/results/sources/ [Archive.org]↩︎
Wikipedia, Dead Drop https://en.wikipedia.org/wiki/Dead_drop [Wikiless] [Archive.org]↩︎
Wikipedia, Secure Communication Obfuscation https://en.wikipedia.org/wiki/Obfuscation#Secure_communication [Wikiless] [Archive.org]↩︎
Wikipedia, Steganography https://en.wikipedia.org/wiki/Steganography [Wikiless] [Archive.org]↩︎
Wikipedia, Kleptography https://en.wikipedia.org/wiki/Kleptography [Wikiless] [Archive.org]↩︎
Wikipedia, Koalang https://en.wikipedia.org/wiki/Koalang [Wikiless] [Archive.org]↩︎
Wikipedia, OPSEC https://en.wikipedia.org/wiki/Operations_security [Wikiless] [Archive.org]↩︎
Quote Investigator, A Lie Can Travel Halfway Around the World While the Truth Is Putting On Its Shoes https://quoteinvestigator.com/2014/07/13/truth/ [Archive.org]↩︎
Privacyguides.org, Operating Systems https://www.privacyguides.org/tools/#operating-systems [Archive.org]↩︎
Medium.com, Digging into the System Resource Usage Monitor (SRUM) https://medium.com/velociraptor-ir/digging-into-the-system-resource-usage-monitor-srum-afbadb1a375 [Scribe.rip] [Archive.org]↩︎
SANS, Timestamped Registry & NTFS Artifacts from Unallocated Space https://www.sans.org/blog/timestamped-registry-ntfs-artifacts-from-unallocated-space/ [Archive.org]↩︎
NYTimes, Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes https://www.nytimes.com/2021/01/12/technology/bitcoin-passwords-wallets-fortunes.html [Archive.org]↩︎
Wikipedia, Koalang https://en.wikipedia.org/wiki/Koalang [Wikiless] [Archive.org]↩︎
Wikipedia, Faraday Cage, https://en.wikipedia.org/wiki/Faraday_cage [Wikiless] [Archive.org]↩︎
Edith Cowan University, A forensic examination of several mobile device Faraday bags & materials to test their effectiveness materials to test their effectiveness https://web.archive.org/web/https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1165&context=adf [Archive.org]↩︎
arXiv, Deep-Spying: Spying using Smartwatch and Deep Learning https://arxiv.org/pdf/1512.05616.pdf [Archive.org]↩︎
Acm.org, Privacy Implications of Accelerometer Data: A Review of Possible Inferences https://dl.acm.org/doi/pdf/10.1145/3309074.3309076 [Archive.org]↩︎
YouTube, Fingerprinting Paper - Forensic Education https://www.youtube.com/watch?v=sO98kDLkh-M [Invidious]↩︎
Wikipedia, Touch DNA, https://en.wikipedia.org/wiki/Touch_DNA [Wikiless] [Archive.org]↩︎
TheDNAGuide, DNA from Postage Stamps or Hair Samples? Yeeesssss….. https://www.yourdnaguide.com/ydgblog/dna-hair-samples-postage-stamps [Archive.org]↩︎
Wikipedia, OONI, https://en.wikipedia.org/wiki/OONI [Wikiless] [Archive.org]↩︎
GitHub, Mhinkie, OONI-Detection https://github.com/mhinkie/ooni-detection [Archive.org]↩︎
Wikipedia, File Verification https://en.wikipedia.org/wiki/File_verification [Wikiless] [Archive.org]↩︎
Wikipedia, CRC https://en.wikipedia.org/wiki/Cyclic_redundancy_check [Wikiless] [Archive.org]↩︎
Wikipedia, MD5 https://en.wikipedia.org/wiki/MD5 [Wikiless] [Archive.org]↩︎
Wikipedia, MD5 Security https://en.wikipedia.org/wiki/MD5#Security [Wikiless] [Archive.org]↩︎
Wikipedia, Collisions https://en.wikipedia.org/wiki/Collision_(computer_science) [Wikiless] [Archive.org]↩︎
Wikipedia, SHA https://en.wikipedia.org/wiki/Secure_Hash_Algorithms [Wikiless] [Archive.org]↩︎
Wikipedia, SHA-2 https://en.wikipedia.org/wiki/SHA-2 [Wikiless] [Archive.org]↩︎
Wikipedia, Collision Resistance https://en.wikipedia.org/wiki/Collision_resistance [Wikiless] [Archive.org]↩︎
GnuPG Gpg4win Wiki, Check integrity of Gpg4win packages https://wiki.gnupg.org/Gpg4win/CheckIntegrity [Archive.org]↩︎
Wikipedia, GPG https://en.wikipedia.org/wiki/GNU_Privacy_Guard [Wikiless] [Archive.org]↩︎
Wikipedia, Public-Key Cryptography https://en.wikipedia.org/wiki/Public-key_cryptography [Wikiless] [Archive.org]↩︎
Wikipedia, Polymorphic Code https://en.wikipedia.org/wiki/Polymorphic_code [Wikiless] [Archive.org]↩︎
Whonix Documentation, Use of AV, https://www.whonix.org/wiki/Malware_and_Firmware_Trojans#The_Utility_of_Antivirus_Tools [Archive.org]↩︎
Whonix Forums, https://forums.whonix.org/t/installation-of-antivirus-scanners-by-default/9755/8 [Archive.org]↩︎
AV-Test Security Report 2018-2019, https://www.av-test.org/fileadmin/pdf/security_report/AV-TEST_Security_Report_2018-2019.pdf [Archive.org]↩︎
ZDNet, ESET discovers 21 new Linux malware families https://www.zdnet.com/article/eset-discovers-21-new-linux-malware-families/ [Archive.org]↩︎
NakeSecurity, EvilGnome – Linux malware aimed at your desktop, not your servers https://nakedsecurity.sophos.com/2019/07/25/evilgnome-linux-malware-aimed-at-your-laptop-not-your-servers/ [Archive.org]↩︎
Immunify, HiddenWasp: How to detect malware hidden on Linux & IoT https://blog.imunify360.com/hiddenwasp-how-to-detect-malware-hidden-on-linux-iot [Archive.org]↩︎
Wikipedia, Linux Malware https://en.wikipedia.org/wiki/Linux_malware [Wikiless] [Archive.org]↩︎
Lenny Zeltser, Analyzing Malicious Documents Cheat Sheet https://zeltser.com/analyzing-malicious-documents/ [Archive.org]↩︎
Wikipedia, macOS Malware https://en.wikipedia.org/wiki/macOS_malware [Wikiless] [Archive.org]↩︎
MacWorld, List of Mac viruses, malware and security flaws https://www.macworld.co.uk/feature/mac-viruses-list-3668354/ [Archive.org]↩︎
JAMF, The Mac Malware of 2020 https://resources.jamf.com/documents/macmalware-2020.pdf [Archive.org]↩︎
macOS Security and Privacy Guide, https://github.com/drduh/macOS-Security-and-Privacy-Guide#viruses-and-malware [Archive.org]↩︎
ImageTragick.com, https://imagetragick.com/ [Archive.org]↩︎
Oracle Virtualbox Documentation, https://docs.oracle.com/en/virtualization/virtualbox/6.0/admin/hyperv-support.html [Archive.org]↩︎
Washington Post, The intelligence coup of the century https://www.washingtonpost.com/graphics/2020/world/national-security/cia-crypto-encryption-machines-espionage/ [Archive.org]↩︎
Swissinfo.ch, Second Swiss firm allegedly sold encrypted spying devices https://www.swissinfo.ch/eng/second-swiss-firm-allegedly-sold-encrypted-spying-devices/46186432 [Archive.org]↩︎
Wikipedia, Das Leben der Anderen https://en.wikipedia.org/wiki/The_Lives_of_Others [Wikiless] [Archive.org]↩︎
Wired, Mind the Gap: This Researcher Steals Data With Noise, Light, and Magnets https://www.wired.com/story/air-gap-researcher-mordechai-guri/ [Archive.org]↩︎
Scientific American, A Blank Wall Can Show How Many People Are in a Room and What They’re Doing https://www.scientificamerican.com/article/a-blank-wall-can-show-how-many-people-are-in-a-room-and-what-theyre-doing/ [Archive.org]↩︎
Scientific American, A Shiny Snack Bag’s Reflections Can Reconstruct the Room around It https://www.scientificamerican.com/article/a-shiny-snack-bags-reflections-can-reconstruct-the-room-around-it/ [Archive.org]↩︎
Scientific American, Footstep Sensors Identify People by Gait https://www.scientificamerican.com/article/footstep-sensors-identify-people-by-gait/ [Archive.org]↩︎
Ben Nassi, Lamphone https://www.nassiben.com/lamphone [Archive.org]↩︎
The Guardian, Laser spying: is it really practical? https://www.theguardian.com/world/2013/aug/22/gchq-warned-laser-spying-guardian-offices [Archive.org]↩︎
ArsTechnica, Photos of an NSA “upgrade” factory show Cisco router getting implant https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/ [Archive.org]↩︎
Wikipedia, Zero-trust Security Model https://en.wikipedia.org/wiki/Zero_trust_security_model [Wikiless] [Archive.org]↩︎
Wikipedia, Plausible Deniability https://en.wikipedia.org/wiki/Plausible_deniability [Wikiless] [Archive.org]↩︎
Wikipedia, Rubber-hose Cryptanalysis https://en.wikipedia.org/wiki/Rubber-hose_cryptanalysis [Archive.org]↩︎
Defuse.ca, TrueCrypt’s Plausible Deniability is Theoretically Useless https://defuse.ca/truecrypt-plausible-deniability-useless-by-game-theory.htm [Archive.org]↩︎
Wikipedia, Deniable Encryption https://en.wikipedia.org/wiki/Deniable_encryption [Wikiless] [Archive.org]↩︎
Wikipedia, OONI, https://en.wikipedia.org/wiki/OONI [Wikiless] [Archive.org]↩︎
Privacy International, Timeline of SIM Card Registration Laws https://privacyinternational.org/long-read/3018/timeline-sim-card-registration-laws [Archive.org]↩︎
NYTimes, Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes https://www.nytimes.com/2021/01/12/technology/bitcoin-passwords-wallets-fortunes.html [Archive.org]↩︎
Usenix.org, Shedding too much Light on a Microcontroller’s Firmware Protection https://www.usenix.org/system/files/conference/woot17/woot17-paper-obermaier.pdf [Archive.org]↩︎
TorProject.org, Can I run Tor Browser on an iOS device? https://support.torproject.org/tormobile/tormobile-3/ [Archive.org]↩︎
Wikipedia, Tails https://en.wikipedia.org/wiki/Tails_(operating_system) [Wikiless] [Archive.org]↩︎
Vice.com, Facebook Helped the FBI Hack a Child Predator https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez [Archive.org]↩︎
XKCD, Security https://xkcd.com/538/ [Archive.org]↩︎
Wikipedia, Plausible Deniability https://en.wikipedia.org/wiki/Plausible_deniability [Wikiless] [Archive.org]↩︎
Veracrypt Documentation, Trim Operations https://www.veracrypt.fr/en/Trim%20Operation.html [Archive.org]↩︎
YouTube, 36C3 - Uncover, Understand, Own - Regaining Control Over Your AMD CPU https://www.youtube.com/watch?v=bKH5nGLgi08&t=2834s [Invidious]↩︎
Qubes OS, Anti-Evil Maid, https://github.com/QubesOS/qubes-antievilmaid [Archive.org]↩︎
QubesOS FAQ, https://www.qubes-os.org/faq/#is-secure-boot-supported [Archive.org]↩︎
Wikipedia, Secure Boot https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface#Secure_boot [Wikiless] [Archive.org]↩︎
Wikipedia, Booting https://en.wikipedia.org/wiki/Booting [Wikiless] [Archive.org]↩︎
XKCD, Security https://xkcd.com/538/ [Archive.org]↩︎
Wired, Don’t Want Your Laptop Tampered With? Just Add Glitter Nail Polish https://www.wired.com/2013/12/better-data-security-nail-polish/ [Archive.org]↩︎
Wikipedia, Virtual Machine https://en.wikipedia.org/wiki/Virtual_machine [Wikiless] [Archive.org]↩︎
Wikipedia, Plausible Deniability https://en.wikipedia.org/wiki/Plausible_deniability [Wikiless] [Archive.org]↩︎
Wikipedia, Deniable Encryption https://en.wikipedia.org/wiki/Deniable_encryption [Wikiless] [Archive.org]↩︎
PrivacyGuides.org, Don’t use Windows 10 - It’s a privacy nightmare https://web.archive.org/web/20220313023015/https://www.privacyguides.org/tools/#operating-systems#win10 [Archive.org]↩︎
Wikipedia, Deniable Encryption https://en.wikipedia.org/wiki/Deniable_encryption [Wikiless] [Archive.org]↩︎
Wikipedia, Key Disclosure Laws https://en.wikipedia.org/wiki/Key_disclosure_law [Wikiless] [Archive.org]↩︎
GP Digital, World map of encryption laws and policies https://www.gp-digital.org/world-map-of-encryption/ [Archive.org]↩︎
Wikipedia, Bitlocker https://en.wikipedia.org/wiki/BitLocker [Wikiless] [Archive.org]↩︎
Wikipedia, Evil Maid Attack https://en.wikipedia.org/wiki/Evil_maid_attack [Wikiless] [Archive.org]↩︎
Wikipedia, Cold Boot Attack https://en.wikipedia.org/wiki/Cold_boot_attack [Wikiless] [Archive.org]↩︎
CITP 2008 (https://www.youtube.com/watch?v=JDaicPIgn9U) [Invidious]↩︎
ResearchGate, Defeating Plausible Deniability of VeraCrypt Hidden Operating Systems https://www.researchgate.net/publication/318155607_Defeating_Plausible_Deniability_of_VeraCrypt_Hidden_Operating_Systems [Archive.org]↩︎
SANS.org, Mission Implausible: Defeating Plausible Deniability with Digital Forensics https://www.sans.org/reading-room/whitepapers/forensics/mission-implausible-defeating-plausible-deniability-digital-forensics-39500 [Archive.org]↩︎
SourceForge, Veracrypt Forum https://sourceforge.net/p/veracrypt/discussion/technical/thread/53f33faf/ [Archive.org]↩︎
Microsoft, BitLocker Countermeasures https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-countermeasures [Archive.org]↩︎
SANS, Windows ShellBag Forensics in-depth https://www.sans.org/reading-room/whitepapers/forensics/windows-shellbag-forensics-in-depth-34545 [Archive.org]↩︎
University of York, Forensic data recovery from the Windows Search Database https://eprints.whiterose.ac.uk/75046/1/Forensic_Data_Recovery_From_The_Windows_Search_Database_preprint_DIIN328.pdf [Archive.org]↩︎
A forensic insight into Windows 10 Jump Lists https://web.archive.org/web/https://cyberforensicator.com/wp-content/uploads/2017/01/1-s2.0-S1742287616300202-main.2-14.pdf [Archive.org]↩︎
Wikipedia, Gatekeeper https://en.wikipedia.org/wiki/Gatekeeper_(macOS) [Wikiless] [Archive.org]↩︎
Alpine Linux Wiki, Setting up a laptop https://wiki.alpinelinux.org/wiki/Setting_up_a_laptop [Archive.org]↩︎
Wikipedia Veracrypt https://en.wikipedia.org/wiki/VeraCrypt [Wikiless] [Archive.org]↩︎
OSTIF Veracrypt Audit, 2016 https://web.archive.org/web/https://ostif.org/the-veracrypt-audit-results/↩︎
Veracrypt Documentation, Unencrypted Data in RAM https://www.veracrypt.fr/en/Unencrypted%20Data%20in%20RAM.html [Archive.org]↩︎
Veracrypt Documentation, Data Leaks https://www.veracrypt.fr/code/VeraCrypt/plain/doc/html/Data%20Leaks.html [Archive.org]↩︎
Dolos Group, From Stolen Laptop to Inside the Company Network https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network [Archive.org]↩︎
Trammell Hudson’s Projects, Understanding TPM Sniffing Attacks https://trmm.net/tpm-sniffing/ [Archive.org]↩︎
Jon Aubrey, attacking laptops that are protected by Microsoft Bitlocker drive encryption https://twitter.com/SecurityJon/status/1445020885472235524 [Nitter]↩︎
F-Secure Labs, Sniff, there leaks my BitLocker key https://labs.f-secure.com/blog/sniff-there-leaks-my-bitlocker-key/ [Archive.org]↩︎
Microsoft, BitLocker Countermeasures, Attacker countermeasures https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-countermeasures [Archive.org]↩︎
Wikipedia, Trim https://en.wikipedia.org/wiki/Trim_(computing) [Wikiless] [Archive.org]↩︎
Veracrypt Documentation, Trim Operations https://www.veracrypt.fr/en/Trim%20Operation.html [Archive.org]↩︎
Veracrypt Documentation, Rescue Disk https://www.veracrypt.fr/en/VeraCrypt%20Rescue%20Disk.html [Archive.org]↩︎
St Cloud State University, Forensic Research on Solid State Drives using Trim Analysis https://web.archive.org//web/20220612095503/https://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1141&context=msia_etds [Archive.org]↩︎
WindowsCentral, Trim Tutorial https://www.windowscentral.com/how-ensure-trim-enabled-windows-10-speed-ssd-performance [Archive.org]↩︎
Veracrypt Documentation, Trim Operation https://veracrypt.eu/en/docs/trim-operation/ [Archive.org]↩︎
Black Hat 2018, Perfectly Deniable Steganographic Disk Encryption https://i.blackhat.com/eu-18/Thu-Dec-6/eu-18-Schaub-Perfectly-Deniable-Steganographic-Disk-Encryption.pdf [Archive.org]↩︎
Milan Broz’s Blog, TRIM & dm-crypt … problems? http://asalor.blogspot.com/2011/08/trim-dm-crypt-problems.html [Archive.org]↩︎
Veracrypt Documentation, Rescue Disk https://www.veracrypt.fr/en/VeraCrypt%20Rescue%20Disk.html [Archive.org]↩︎
Wikipedia, Virtualbox https://en.wikipedia.org/wiki/VirtualBox [Wikiless] [Archive.org]↩︎
VirtualBox Ticket 17987 https://www.virtualbox.org/ticket/17987 [Archive.org]↩︎
Whonix Documentation, Spectre Meltdown https://www.whonix.org/wiki/Spectre_Meltdown#VirtualBox [Archive.org]↩︎
Whonix Documentation, Stream Isolation https://www.whonix.org/wiki/Stream_Isolation [Archive.org]↩︎
Whonix Documentation, Tunnels Comparison Table https://www.whonix.org/wiki/Tunnels/Introduction#Comparison_Table [Archive.org]↩︎
Wikipedia, Whonix https://en.wikipedia.org/wiki/Whonix [Wikiless] [Archive.org]↩︎
Oracle Virtualbox Manual, Snapshots https://docs.oracle.com/en/virtualization/virtualbox/6.0/user/snapshots.html [Archive.org]↩︎
Utica College, Forensic Recovery Of Evidence From Deleted Oracle Virtualbox Virtual Machines https://web.archive.org/web/https://programs.online.utica.edu/sites/default/files/Neal_6_Gonnella_Forensic_Recovery_of_Evidence_from_Deleted_Oracle_VirtualBox_Virtual_Machine.pdf↩︎
Wikipedia, Spectre https://en.wikipedia.org/wiki/Spectre_(security_vulnerability) [Wikiless] [Archive.org]↩︎
Wikipedia, Meltdown https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability) [Wikiless] [Archive.org]↩︎
Whonix Documentation, Stream Isolation, By Settings https://www.whonix.org/wiki/Stream_Isolation#By_Settings [Archive.org]↩︎
Wikipedia, TOTP https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm [Wikiless] [Archive.org]↩︎
Wikipedia, Multi-Factor Authentication https://en.wikipedia.org/wiki/Multi-factor_authentication [Wikiless] [Archive.org]↩︎
Whonix Documentation, Bridged Adapters Warning https://www.whonix.org/wiki/Whonix-Gateway_Security#Warning:_Bridged_Networking [Archive.org]↩︎
Qubes OS, FAQ, https://www.qubes-os.org/faq/#is-qubes-just-another-linux-distribution [Archive.org]↩︎
Whonix Documentation, Stream Isolation https://www.whonix.org/wiki/Stream_Isolation [Archive.org]↩︎
Whonix Documentation, Tunnels Comparison Table https://www.whonix.org/wiki/Tunnels/Introduction#Comparison_Table [Archive.org]↩︎
Qubes OS Issues, Simulate Hibernation / Suspend-To-Disk (Issue #2414) https://github.com/QubesOS/qubes-issues/issues/2414 [Archive.org]↩︎
Wikipedia, AppArmor https://en.wikipedia.org/wiki/AppArmor [Wikiless] [Archive.org]↩︎
Wikipedia, SELinux https://en.wikipedia.org/wiki/Security-Enhanced_Linux [Wikiless] [Archive.org]↩︎
Wikipedia, TOTP https://en.wikipedia.org/wiki/Time-based_One-time_Password_algorithm [Wikiless] [Archive.org]↩︎
Wikipedia, Multi-Factor Authentication https://en.wikipedia.org/wiki/Multi-factor_authentication [Wikiless] [Archive.org]↩︎
Wikipedia, Captcha https://en.wikipedia.org/wiki/CAPTCHA [Wikiless] [Archive.org]↩︎
Wikipedia, Turing Test https://en.wikipedia.org/wiki/Turing_test [Wikiless] [Archive.org]↩︎
Google reCAPTCHA https://www.google.com/recaptcha/about/ [Archive.org]↩︎
hCaptcha https://www.hcaptcha.com/ [Archive.org]↩︎
hCaptcha, hCaptcha Is Now the Largest Independent CAPTCHA Service, Runs on 15% Of The Internet https://www.hcaptcha.com/post/hcaptcha-now-the-largest-independent-captcha-service [Archive.org]↩︎
Nearcyan.com, You (probably) don’t need ReCAPTCHA https://nearcyan.com/you-probably-dont-need-recaptcha/ [Archive.org]↩︎
ArsTechnica, “Google’s reCAPTCHA turns”invisible," will separate bots from people without challenges" https://arstechnica.com/gadgets/2017/03/googles-recaptcha-announces-invisible-background-captchas/ [Archive.org]↩︎
BlackHat Asia 2016, “I’m not a human: Breaking the Google reCAPTCHA” https://www.blackhat.com/docs/asia-16/materials/asia-16-Sivakorn-Im-Not-a-Human-Breaking-the-Google-reCAPTCHA-wp.pdf [Archive.org]↩︎
Google Blog https://security.googleblog.com/2014/12/are-you-robot-introducing-no-captcha.html [Archive.org]↩︎
Cloudflare Blog, Cloudflare supports Privacy Pass https://blog.cloudflare.com/cloudflare-supports-privacy-pass/ [Archive.org]↩︎
Privacy International, Timeline of SIM Card Registration Laws https://privacyinternational.org/long-read/3018/timeline-sim-card-registration-laws [Archive.org]↩︎
Wikipedia, Device Fingerprinting https://en.wikipedia.org/wiki/Device_fingerprint [Wikiless] [Archive.org]↩︎
Developers Google Blog, Guidance to developers affected by our effort to block less secure browsers and applications https://developers.googleblog.com/2020/08/guidance-for-our-effort-to-block-less-secure-browser-and-apps.html [Archive.org]↩︎
Wikipedia, KYC https://en.wikipedia.org/wiki/Know_your_customer [Wikiless] [Archive.org]↩︎
Google Help, Access age-restricted content & features https://support.google.com/accounts/answer/10071085 [Archive.org]↩︎
Wikipedia, Dark Pattern https://en.wikipedia.org/wiki/Dark_pattern [Wikiless] [Archive.org]↩︎
The Verge, Tinder will give you a verified blue check mark if you pass its catfishing test https://www.theverge.com/2020/1/23/21077423/tinder-photo-verification-blue-checkmark-safety-center-launch-noonlight [Archive.org]↩︎
DigitalInformationWorld, Facebook will now require you to Create a Video Selfie for Identity Verification https://www.digitalinformationworld.com/2020/03/facebook-is-now-demanding-some-users-to-create-a-video-selfie-for-identity-verification.html [Archive.org]↩︎
Vice.com, PornHub Announces ‘Biometric Technology’ to Verify Users https://www.vice.com/en/article/m7a4eq/pornhub-new-verification-policy-biometric-id [Archive.org]↩︎
Variety, China Launches Hotline to Report Online Comments That ‘Distort’ History or ‘Deny’ Its Cultural Excellence https://variety.com/2021/digital/news/china-censorship-hotline-historical-nihilism-1234950554/ [Archive.org]↩︎
Wikipedia, Trust but verify https://en.wikipedia.org/wiki/Trust,_but_verify [Wikiless] [Archive.org]↩︎
Wikipedia, Zero-trust Security Model https://en.wikipedia.org/wiki/Zero_trust_security_model [Wikiless] [Archive.org]↩︎
Wikipedia, Espionage, Organization https://en.wikipedia.org/wiki/Espionage#Organization [Wikiless] [Archive.org]↩︎
Developers Google Blog, Guidance to developers affected by our effort to block less secure browsers and applications https://developers.googleblog.com/2020/08/guidance-for-our-effort-to-block-less-secure-browser-and-apps.html [Archive.org]↩︎
Medium.com, Kyle McDonald, How to recognize fake AI-generated images https://kcimc.medium.com/how-to-recognize-fake-ai-generated-images-4d1f6f9a2842[Scribe.rip] [Archive.org]↩︎
Jayway Blog, Using ML to detect fake face images created by AI https://blog.jayway.com/2020/03/06/using-ml-to-detect-fake-face-images-created-by-ai/ [Archive.org]↩︎
Wikipedia, Sim Swapping https://en.wikipedia.org/wiki/SIM_swap_scam [Wikiless] [Archive.org]↩︎
Whonix Documentation, Tor Configuration https://www.whonix.org/wiki/Tor#Edit_Tor_Configuration [Archive.org]↩︎
Tor Browser Documentation, Editing Torrc https://support.torproject.org/tbb/tbb-editing-torrc/ [Archive.org]↩︎
English translation of German Telemedia Act https://www.huntonprivacyblog.com/wp-content/uploads/sites/28/2016/02/Telemedia_Act__TMA_.pdf [Archive.org]. Section 13, Article 6, “The service provider must enable the use of Telemedia and payment for them to occur anonymously or via a pseudonym where this is technically possible and reasonable. The recipient of the service is to be informed about this possibility.”.↩︎
Wikipedia, Real-Name System Germany https://en.wikipedia.org/wiki/Real-name_system#Germany [Wikiless] [Archive.org]↩︎
Wikipedia, KYC https://en.wikipedia.org/wiki/Know_your_customer [Wikiless] [Archive.org]↩︎
Facebook Onion Website http://facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion/↩︎
Google Help https://support.google.com/accounts/answer/114129?hl=en [Archive.org]↩︎
Google Help, Customer Matching Process https://support.google.com/google-ads/answer/7474263?hl=en [Archive.org]↩︎
Google, Your account is disabled https://support.google.com/accounts/answer/40695 [Archive.org]↩︎
Google, Request to restore the account https://support.google.com/accounts/contact/disabled2 [Archive.org]↩︎
Google Help, Update your account to meet age requirements https://support.google.com/accounts/answer/1333913?hl=en [Archive.org]↩︎
Jumio, ID verification features https://www.jumio.com/features/ [Archive.org]↩︎
Privacyguides.org recommended E-mail Providers https://www.privacyguides.org/email/ [Archive.org]↩︎
Proton Registration Human Verification https://proton.me/support/human-verification/ [Archive.org]↩︎
Twitter Appeal Form https://help.twitter.com/forms/general↩︎
KnowYourMeme, Good Luck, I’m Behind 7 Proxies https://knowyourmeme.com/memes/good-luck-im-behind-7-proxies [Archive.org]↩︎
Wikipedia, end-to-end encryption https://en.wikipedia.org/wiki/End-to-end_encryption [Wikiless] [Archive.org]↩︎
Wikipedia, Forward Secrecy https://en.wikipedia.org/wiki/Forward_secrecy [Wikiless] [Archive.org]↩︎
Proton Blog, What is zero-access encryption? https://proton.me/blog/zero-access-encryption/ [Archive.org]↩︎
Wikipedia, Cambridge Analytica Scandal https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal [Wikiless] [Archive.org]↩︎
Signal Blog, Technology preview: Sealed sender for Signal https://signal.org/blog/sealed-sender/ [Archive.org]↩︎
Signal Blog, Private Contact Discovery https://signal.org/blog/private-contact-discovery/ [Archive.org]↩︎
Signal Blog, Private Group System https://signal.org/blog/signal-private-group-system/ [Archive.org]↩︎
Privacyguides.org, File-Sharing https://www.privacyguides.org/file-sharing/ [Archive.org]↩︎
Privacyguides.org, Real-Time Communication https://www.privacyguides.org/real-time-communication/ [Archive.org]↩︎
GetSession.org, The Session Protocol: What’s changing — and why https://getsession.org/session-protocol-explained/ [Archive.org]↩︎
Quarkslab, Audit of Session Secure Messaging Application https://blog.quarkslab.com/audit-of-session-secure-messaging-application.html [Archive.org]↩︎
Techlore, Top 5 BEST Messengers For Privacy https://www.youtube.com/watch?v=aVwl892hqb4 [Invidious]↩︎
Wikipedia, IPFS https://en.wikipedia.org/wiki/InterPlanetary_File_System [Wikiless] [Archive.org]↩︎
Praxis Films, Open Letter from Laura Poitras https://www.praxisfilms.org/open-letter-from-laura-poitras/ [Archive.org]↩︎
Wikipedia, SecureDrop https://en.wikipedia.org/wiki/SecureDrop [Wikiless] [Archive.org]↩︎
Wikipedia, TPM https://en.wikipedia.org/wiki/Trusted_Platform_Module [Wikiless] [Archive.org]↩︎
Wikipedia, Pastebin https://en.wikipedia.org/wiki/Pastebin [Wikiless] [Archive.org]↩︎
Wikipedia, Wear Leveling https://en.wikipedia.org/wiki/Wear_leveling [Wikiless] [Archive.org]↩︎
Wikipedia, Trim https://en.wikipedia.org/wiki/Write_amplification#TRIM [Wikiless] [Archive.org]↩︎
Wikipedia, Write Amplification https://en.wikipedia.org/wiki/Write_amplification [Wikiless] [Archive.org]↩︎
Wikipedia, Trim Disadvantages https://en.wikipedia.org/wiki/Trim_(computing)#Disadvantages [Wikiless] [Archive.org]↩︎
Wikipedia, Garbage Collection https://en.wikipedia.org/wiki/Write_amplification#Garbage_collection [Wikiless] [Archive.org]↩︎
Techgage, Too TRIM? When SSD Data Recovery is Impossible https://techgage.com/article/too_trim_when_ssd_data_recovery_is_impossible/ [Archive.org]↩︎
ResearchGate, Live forensics method for acquisition on the Solid-State Drive (SSD) NVMe TRIM function https://www.researchgate.net/publication/341761017_Live_forensics_method_for_acquisition_on_the_Solid_State_Drive_SSD_NVMe_TRIM_function [Archive.org]↩︎
ElcomSoft, Life after Trim: Using Factory Access Mode for Imaging SSD Drives https://blog.elcomsoft.com/2019/01/life-after-trim-using-factory-access-mode-for-imaging-ssd-drives/ [Archive.org]↩︎
Forensic Focus, Forensic Acquisition Of Solid State Drives With Open Source Tools https://www.forensicfocus.com/articles/forensic-acquisition-of-solid-state-drives-with-open-source-tools/ [Archive.org]↩︎
ResearchGate, Solid State Drive Forensics: Where Do We Stand? https://www.researchgate.net/publication/325976653_Solid_State_Drive_Forensics_Where_Do_We_Stand [Archive.org]↩︎
BleepingComputer, Firmware attack can drop persistent malware in hidden SSD area https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/ [Archive.org]↩︎
Wikipedia, Parted Magic https://en.wikipedia.org/wiki/Parted_Magic [Wikiless] [Archive.org]↩︎
Wikipedia, hdparm https://en.wikipedia.org/wiki/Hdparm [Wikiless] [Archive.org]↩︎
GitHub, nvme-cli https://github.com/linux-nvme/nvme-cli [Archive.org]↩︎
PartedMagic Secure Erase https://partedmagic.com/secure-erase/ [Archive.org]↩︎
Partedmagic NVMe Secure Erase https://partedmagic.com/nvme-secure-erase/ [Archive.org]↩︎
UFSExplorer, Can I recover data from an encrypted storage? https://www.ufsexplorer.com/solutions/data-recovery-on-encrypted-storage.php [Archive.org]↩︎
Apple Developer Documentation https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/APFS_Guide/FAQ/FAQ.html [Archive.org]↩︎
EFF, How to: Delete Your Data Securely on macOS https://ssd.eff.org/en/module/how-delete-your-data-securely-macos [Archive.org]↩︎
Privacyguides.org, Productivity tools https://privacyguides.org/productivity/ [Archive.org]↩︎
Whonix Documentation, Scrubbing Metadata https://www.whonix.org/wiki/Metadata [Archive.org]↩︎
Tails documentation, MAT https://gitlab.tails.boum.org/tails/blueprints/-/wikis/doc/mat/ [Archive.org]↩︎
GitHub, Disable Gatekeeper on macOS Big Sur (11.x) https://disable-gatekeeper.github.io/ [Archive.org]↩︎
Veracrypt Documentation, Data Leaks https://www.veracrypt.fr/code/VeraCrypt/plain/doc/html/Data%20Leaks.html [Archive.org]↩︎
SANS, Windows ShellBag Forensics in-depth https://www.sans.org/reading-room/whitepapers/forensics/windows-shellbag-forensics-in-depth-34545 [Archive.org]↩︎
St Cloud State University, Forensic Research on Solid State Drives using Trim Analysis https://web.archive.org//web/20220612095503/https://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1141&context=msia_etds [Archive.org]↩︎
Wikipedia, Trim https://en.wikipedia.org/wiki/Trim_(computing) [Wikiless] [Archive.org]↩︎
DuckDuckGo help, Cache https://help.duckduckgo.com/duckduckgo-help-pages/features/cache/ [Archive.org]↩︎
DuckDuckGo help, Sources https://help.duckduckgo.com/duckduckgo-help-pages/results/sources/ [Archive.org]↩︎
Wikipedia, Dead Drop https://en.wikipedia.org/wiki/Dead_drop [Wikiless] [Archive.org]↩︎
Wikipedia, Secure Communication Obfuscation https://en.wikipedia.org/wiki/Obfuscation#Secure_communication [Wikiless] [Archive.org]↩︎
Wikipedia, Steganography https://en.wikipedia.org/wiki/Steganography [Wikiless] [Archive.org]↩︎
Wikipedia, Kleptography https://en.wikipedia.org/wiki/Kleptography [Wikiless] [Archive.org]↩︎
Wikipedia, Koalang https://en.wikipedia.org/wiki/Koalang [Wikiless] [Archive.org]↩︎
Wikipedia, OPSEC https://en.wikipedia.org/wiki/Operations_security [Wikiless] [Archive.org]↩︎
Quote Investigator, A Lie Can Travel Halfway Around the World While the Truth Is Putting On Its Shoes https://quoteinvestigator.com/2014/07/13/truth/ [Archive.org]↩︎
Privacyguides.org, Operating Systems https://www.privacyguides.org/tools/#operating-systems [Archive.org]↩︎
Medium.com, Digging into the System Resource Usage Monitor (SRUM) https://medium.com/velociraptor-ir/digging-into-the-system-resource-usage-monitor-srum-afbadb1a375 [Scribe.rip] [Archive.org]↩︎
SANS, Timestamped Registry & NTFS Artifacts from Unallocated Space https://www.sans.org/blog/timestamped-registry-ntfs-artifacts-from-unallocated-space/ [Archive.org]↩︎
NYTimes, Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes https://www.nytimes.com/2021/01/12/technology/bitcoin-passwords-wallets-fortunes.html [Archive.org]↩︎
Wikipedia, Koalang https://en.wikipedia.org/wiki/Koalang [Wikiless] [Archive.org]↩︎
Wikipedia, Faraday Cage, https://en.wikipedia.org/wiki/Faraday_cage [Wikiless] [Archive.org]↩︎
Edith Cowan University, A forensic examination of several mobile device Faraday bags & materials to test their effectiveness materials to test their effectiveness https://web.archive.org/web/https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1165&context=adf [Archive.org]↩︎
arXiv, Deep-Spying: Spying using Smartwatch and Deep Learning https://arxiv.org/pdf/1512.05616.pdf [Archive.org]↩︎
Acm.org, Privacy Implications of Accelerometer Data: A Review of Possible Inferences https://dl.acm.org/doi/pdf/10.1145/3309074.3309076 [Archive.org]↩︎
YouTube, Fingerprinting Paper - Forensic Education https://www.youtube.com/watch?v=sO98kDLkh-M [Invidious]↩︎
Wikipedia, Touch DNA, https://en.wikipedia.org/wiki/Touch_DNA [Wikiless] [Archive.org]↩︎
TheDNAGuide, DNA from Postage Stamps or Hair Samples? Yeeesssss….. https://www.yourdnaguide.com/ydgblog/dna-hair-samples-postage-stamps [Archive.org]↩︎
Wikipedia, OONI, https://en.wikipedia.org/wiki/OONI [Wikiless] [Archive.org]↩︎
GitHub, Mhinkie, OONI-Detection https://github.com/mhinkie/ooni-detection [Archive.org]↩︎
Wikipedia, File Verification https://en.wikipedia.org/wiki/File_verification [Wikiless] [Archive.org]↩︎
Wikipedia, CRC https://en.wikipedia.org/wiki/Cyclic_redundancy_check [Wikiless] [Archive.org]↩︎
Wikipedia, MD5 https://en.wikipedia.org/wiki/MD5 [Wikiless] [Archive.org]↩︎
Wikipedia, MD5 Security https://en.wikipedia.org/wiki/MD5#Security [Wikiless] [Archive.org]↩︎
Wikipedia, Collisions https://en.wikipedia.org/wiki/Collision_(computer_science) [Wikiless] [Archive.org]↩︎
Wikipedia, SHA https://en.wikipedia.org/wiki/Secure_Hash_Algorithms [Wikiless] [Archive.org]↩︎
Wikipedia, SHA-2 https://en.wikipedia.org/wiki/SHA-2 [Wikiless] [Archive.org]↩︎
Wikipedia, Collision Resistance https://en.wikipedia.org/wiki/Collision_resistance [Wikiless] [Archive.org]↩︎
GnuPG Gpg4win Wiki, Check integrity of Gpg4win packages https://wiki.gnupg.org/Gpg4win/CheckIntegrity [Archive.org]↩︎
Wikipedia, GPG https://en.wikipedia.org/wiki/GNU_Privacy_Guard [Wikiless] [Archive.org]↩︎
Wikipedia, Public-Key Cryptography https://en.wikipedia.org/wiki/Public-key_cryptography [Wikiless] [Archive.org]↩︎
Wikipedia, Polymorphic Code https://en.wikipedia.org/wiki/Polymorphic_code [Wikiless] [Archive.org]↩︎
Whonix Documentation, Use of AV, https://www.whonix.org/wiki/Malware_and_Firmware_Trojans#The_Utility_of_Antivirus_Tools [Archive.org]↩︎
Whonix Forums, https://forums.whonix.org/t/installation-of-antivirus-scanners-by-default/9755/8 [Archive.org]↩︎
AV-Test Security Report 2018-2019, https://www.av-test.org/fileadmin/pdf/security_report/AV-TEST_Security_Report_2018-2019.pdf [Archive.org]↩︎
ZDNet, ESET discovers 21 new Linux malware families https://www.zdnet.com/article/eset-discovers-21-new-linux-malware-families/ [Archive.org]↩︎
NakeSecurity, EvilGnome – Linux malware aimed at your desktop, not your servers https://nakedsecurity.sophos.com/2019/07/25/evilgnome-linux-malware-aimed-at-your-laptop-not-your-servers/ [Archive.org]↩︎
Immunify, HiddenWasp: How to detect malware hidden on Linux & IoT https://blog.imunify360.com/hiddenwasp-how-to-detect-malware-hidden-on-linux-iot [Archive.org]↩︎
Wikipedia, Linux Malware https://en.wikipedia.org/wiki/Linux_malware [Wikiless] [Archive.org]↩︎
Lenny Zeltser, Analyzing Malicious Documents Cheat Sheet https://zeltser.com/analyzing-malicious-documents/ [Archive.org]↩︎
Wikipedia, macOS Malware https://en.wikipedia.org/wiki/macOS_malware [Wikiless] [Archive.org]↩︎
MacWorld, List of Mac viruses, malware and security flaws https://www.macworld.co.uk/feature/mac-viruses-list-3668354/ [Archive.org]↩︎
JAMF, The Mac Malware of 2020 https://resources.jamf.com/documents/macmalware-2020.pdf [Archive.org]↩︎
macOS Security and Privacy Guide, https://github.com/drduh/macOS-Security-and-Privacy-Guide#viruses-and-malware [Archive.org]↩︎
ImageTragick.com, https://imagetragick.com/ [Archive.org]↩︎
Oracle Virtualbox Documentation, https://docs.oracle.com/en/virtualization/virtualbox/6.0/admin/hyperv-support.html [Archive.org]↩︎
Lenny Zeltser, Analyzing Malicious Documents Cheat Sheet https://zeltser.com/analyzing-malicious-documents/ [Archive.org]↩︎
Wikipedia, Portable Applications https://en.wikipedia.org/wiki/Portable_application [Wikiless] [Archive.org]↩︎
Brave Help, What is a Private Window with Tor Connectivity? https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor [Archive.org]↩︎
BlackGNU, Brave, the false sensation of privacy https://blackgnu.net/brave-is-shit.html [Archive.org]↩︎
Brave Help Center, What is “Shields”? https://support.brave.com/hc/en-us/articles/360022973471-What-is-Shields [Archive.org]↩︎
VentureBeat, Browser benchmark battle January 2020: Chrome vs. Firefox vs. Edge vs. Brave https://venturebeat.com/2020/01/15/browser-benchmark-battle-january-2020-chrome-firefox-edge-brave/view-all/ [Archive.org]↩︎
Brave.com, Brave, Fingerprinting, and Privacy Budgets https://brave.com/brave-fingerprinting-and-privacy-budgets/ [Archive.org]↩︎
Madaidan’s Insecurities, Firefox and Chromium https://madaidans-insecurities.github.io/firefox-chromium.html [Archive.org]↩︎
GrapheneOS, Web Browsing https://grapheneos.org/usage#web-browsing [Archive.org]↩︎
ResearchGate, Web Browser Privacy: What Do Browsers Say When They Phone Home? https://www.researchgate.net/publication/349979628_Web_Browser_Privacy_What_Do_Browsers_Say_When_They_Phone_Home [Archive.org]↩︎
Duck’s pond, Ungoogled-Chromium https://qua3k.github.io/ungoogled/ [Archive.org]↩︎
Madaidan’s Insecurities, Firefox and Chromium https://madaidans-insecurities.github.io/firefox-chromium.html [Archive.org]↩︎
GrapheneOS, Web Browsing https://grapheneos.org/usage#web-browsing [Archive.org]↩︎
Microsoft.com, Microsoft Edge support for Microsoft Defender Application Guard https://docs.microsoft.com/en-us/deployedge/microsoft-edge-security-windows-defender-application-guard [Archive.org]↩︎
PcMag, Mozilla Signs Lucrative 3-Year Google Search Deal for Firefox https://www.pcmag.com/news/mozilla-signs-lucrative-3-year-google-search-deal-for-firefox [Archive.org]↩︎
Madaidan’s Insecurities, Firefox and Chromium https://madaidans-insecurities.github.io/firefox-chromium.html [Archive.org]↩︎
FingerprintJS, Demo: Disabling JavaScript Won’t Save You from Fingerprinting https://fingerprintjs.com/blog/disabling-javascript-wont-stop-fingerprinting/ [Archive.org]↩︎
Duck’s pond, Ungoogled-Chromium https://qua3k.github.io/ungoogled/ [Archive.org]↩︎
Wikipedia, Virtualization https://en.wikipedia.org/wiki/Virtualization [Wikiless] [Archive.org]↩︎
Tor Project, Project Snowflake https://snowflake.torproject.org/ [Archive.org]↩︎
GitHub, Obfs4 Repository https://github.com/Yawning/obfs4/ [Archive.org]↩︎
Tor Browser Manual, Pluggable Transport https://tb-manual.torproject.org/circumvention/ [Archive.org]↩︎
Oracle Virtualbox Documentation, https://docs.oracle.com/en/virtualization/virtualbox/6.0/admin/hyperv-support.html [Archive.org]↩︎
Lenny Zeltser, Analyzing Malicious Documents Cheat Sheet https://zeltser.com/analyzing-malicious-documents/ [Archive.org]↩︎
Wikipedia, Portable Applications https://en.wikipedia.org/wiki/Portable_application [Wikiless] [Archive.org]↩︎
Brave Help, What is a Private Window with Tor Connectivity? https://support.brave.com/hc/en-us/articles/360018121491-What-is-a-Private-Window-with-Tor [Archive.org]↩︎
BlackGNU, Brave, the false sensation of privacy https://blackgnu.net/brave-is-shit.html [Archive.org]↩︎
Brave Help Center, What is “Shields”? https://support.brave.com/hc/en-us/articles/360022973471-What-is-Shields [Archive.org]↩︎
VentureBeat, Browser benchmark battle January 2020: Chrome vs. Firefox vs. Edge vs. Brave https://venturebeat.com/2020/01/15/browser-benchmark-battle-january-2020-chrome-firefox-edge-brave/view-all/ [Archive.org]↩︎
Brave.com, Brave, Fingerprinting, and Privacy Budgets https://brave.com/brave-fingerprinting-and-privacy-budgets/ [Archive.org]↩︎
Madaidan’s Insecurities, Firefox and Chromium https://madaidans-insecurities.github.io/firefox-chromium.html [Archive.org]↩︎
GrapheneOS, Web Browsing https://grapheneos.org/usage#web-browsing [Archive.org]↩︎
ResearchGate, Web Browser Privacy: What Do Browsers Say When They Phone Home? https://www.researchgate.net/publication/349979628_Web_Browser_Privacy_What_Do_Browsers_Say_When_They_Phone_Home [Archive.org]↩︎
Duck’s pond, Ungoogled-Chromium https://qua3k.github.io/ungoogled/ [Archive.org]↩︎
Madaidan’s Insecurities, Firefox and Chromium https://madaidans-insecurities.github.io/firefox-chromium.html [Archive.org]↩︎
GrapheneOS, Web Browsing https://grapheneos.org/usage#web-browsing [Archive.org]↩︎
Microsoft.com, Microsoft Edge support for Microsoft Defender Application Guard https://docs.microsoft.com/en-us/deployedge/microsoft-edge-security-windows-defender-application-guard [Archive.org]↩︎
PcMag, Mozilla Signs Lucrative 3-Year Google Search Deal for Firefox https://www.pcmag.com/news/mozilla-signs-lucrative-3-year-google-search-deal-for-firefox [Archive.org]↩︎
Madaidan’s Insecurities, Firefox and Chromium https://madaidans-insecurities.github.io/firefox-chromium.html [Archive.org]↩︎
FingerprintJS, Demo: Disabling JavaScript Won’t Save You from Fingerprinting https://fingerprintjs.com/blog/disabling-javascript-wont-stop-fingerprinting/ [Archive.org]↩︎
Duck’s pond, Ungoogled-Chromium https://qua3k.github.io/ungoogled/ [Archive.org]↩︎
Wikipedia, Virtualization https://en.wikipedia.org/wiki/Virtualization [Wikiless] [Archive.org]↩︎
Tor Project, Project Snowflake https://snowflake.torproject.org/ [Archive.org]↩︎
GitHub, Obfs4 Repository https://github.com/Yawning/obfs4/ [Archive.org]↩︎
Tor Browser Manual, Pluggable Transport https://tb-manual.torproject.org/circumvention/ [Archive.org]↩︎
Wikipedia, Domain Fronting https://en.wikipedia.org/wiki/Domain_fronting [Wikiless] [Archive.org]↩︎
GitLab, Tor Browser Issues, Add uBlock Origin to the Tor Browser https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/17569 [Archive.org]↩︎
Vice, The NSA and CIA Use Ad Blockers Because Online Advertising Is So Dangerous https://www.vice.com/en/article/93ypke/the-nsa-and-cia-use-ad-blockers-because-online-advertising-is-so-dangerous [Archive.org]↩︎
A Comprehensive Bitcoin CoinJoin Guide https://bitcoinmagazine.com/technical/a-comprehensive-bitcoin-coinjoin-guide [Archive.org]↩︎
Samourai Whirlpool https://docs.samourai.io/whirlpool/start[Archive.org]↩︎
Wasabi Wallet zkSNACKs Blacklisting https://blog.wasabiwallet.io/zksnacks-blacklisting-update [Archive.org]↩︎
An Analysis and Disclosure Regarding the Deterministic Nature of the Wasabi Wallet CoinJoin Algorithm https://research.oxt.me/alerts/2020/08/21/Wasabi-Wallet [Archive.org]↩︎
NIST, NIST Has Spoken - Death to Complexity, Long Live the Passphrase! https://www.sans.org/blog/nist-has-spoken-death-to-complexity-long-live-the-passphrase/ [Archive.org]↩︎
ZDnet, FBI recommends passphrases over password complexity https://www.zdnet.com/article/fbi-recommends-passphrases-over-password-complexity/ [Archive.org]↩︎
The Intercept, Passphrases That You Can Memorize — But That Even the NSA Can’t Guess https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/ [Tor Mirror] [Archive.org]↩︎
Proton Blog, Let’s settle the password vs. passphrase debate once and for all https://proton.me/blog/protonmail-com-blog-password-vs-passphrase/ [Archive.org]↩︎
YouTube, Edward Snowden on Passwords: Last Week Tonight with John Oliver (HBO) https://www.youtube.com/watch?v=yzGzB-yYKcc [Invidious]↩︎
YouTube, How to Choose a Password – Computerphile https://www.youtube.com/watch?v=3NjQ9b3pgIg [Invidious]↩︎
Wikipedia, Passphrase https://en.wikipedia.org/wiki/Passphrase#Passphrase_selection [Wikiless] [Archive.org]↩︎
Monero Research Lab, Evaluating cryptocurrency security and privacy in a post-quantum world https://github.com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/technical_note.pdf [Archive.org]↩︎
Tor Browser Manual, Pluggable Transport https://tb-manual.torproject.org/circumvention/ [Archive.org]↩︎
Wikipedia, Domain Fronting https://en.wikipedia.org/wiki/Domain_fronting [Wikiless] [Archive.org]↩︎
GitLab, Tor Browser Issues, Add uBlock Origin to the Tor Browser https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/17569 [Archive.org]↩︎
Vice, The NSA and CIA Use Ad Blockers Because Online Advertising Is So Dangerous https://www.vice.com/en/article/93ypke/the-nsa-and-cia-use-ad-blockers-because-online-advertising-is-so-dangerous [Archive.org]↩︎
A Comprehensive Bitcoin CoinJoin Guide https://bitcoinmagazine.com/technical/a-comprehensive-bitcoin-coinjoin-guide [Archive.org]↩︎
Samourai Whirlpool https://docs.samourai.io/whirlpool/start[Archive.org]↩︎
Wasabi Wallet zkSNACKs Blacklisting https://blog.wasabiwallet.io/zksnacks-blacklisting-update [Archive.org]↩︎
An Analysis and Disclosure Regarding the Deterministic Nature of the Wasabi Wallet CoinJoin Algorithm https://research.oxt.me/alerts/2020/08/21/Wasabi-Wallet [Archive.org]↩︎
NIST, NIST Has Spoken - Death to Complexity, Long Live the Passphrase! https://www.sans.org/blog/nist-has-spoken-death-to-complexity-long-live-the-passphrase/ [Archive.org]↩︎
ZDnet, FBI recommends passphrases over password complexity https://www.zdnet.com/article/fbi-recommends-passphrases-over-password-complexity/ [Archive.org]↩︎
The Intercept, Passphrases That You Can Memorize — But That Even the NSA Can’t Guess https://theintercept.com/2015/03/26/passphrases-can-memorize-attackers-cant-guess/ [Tor Mirror] [Archive.org]↩︎
Proton Blog, Let’s settle the password vs. passphrase debate once and for all https://proton.me/blog/protonmail-com-blog-password-vs-passphrase/ [Archive.org]↩︎
YouTube, Edward Snowden on Passwords: Last Week Tonight with John Oliver (HBO) https://www.youtube.com/watch?v=yzGzB-yYKcc [Invidious]↩︎
YouTube, How to Choose a Password – Computerphile https://www.youtube.com/watch?v=3NjQ9b3pgIg [Invidious]↩︎
Wikipedia, Passphrase https://en.wikipedia.org/wiki/Passphrase#Passphrase_selection [Wikiless] [Archive.org]↩︎
Monero Research Lab, Evaluating cryptocurrency security and privacy in a post-quantum world https://github.com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/technical_note.pdf [Archive.org]↩︎