From 64301df45921c0e24e07c87509d88883d5f5deca Mon Sep 17 00:00:00 2001 From: Alex Anderson Date: Fri, 8 Jul 2022 08:27:16 +0000 Subject: [PATCH] Fixed grammar issues --- guide.md | 356 +++++++++++++++++++++++++++---------------------------- 1 file changed, 178 insertions(+), 178 deletions(-) diff --git a/guide.md b/guide.md index 56819f4..6ba32d0 100644 --- a/guide.md +++ b/guide.md @@ -28,7 +28,7 @@ With this application, you can communicate even when there is no internet. -------------------------------------------------------------------------- -**This guide is a work in progress**. While I am doing the best I can to correct issues, inaccuracies, and improve the content, general structure, and readability; it will probably never be "finished". +**This guide is a work in progress**. While we are doing the best we can to correct issues, inaccuracies, and improve the content, general structure, and readability; it will probably never be "finished". **There might be some wrong or outdated information in this guide because no human is omniscient, and humans do make mistakes.** **Please do not take this guide as a definitive gospel or truth because it is not. Mistakes have been written in the guide in earlier versions and fixed later when discovered. There are likely still some mistakes in this guide at this moment (hopefully few). Those are fixed as soon as possible when discovered.** @@ -72,7 +72,7 @@ There are several ways you could read this guide: Precautions while reading this guide and accessing the various links: -- **Documents/Files** have a **[Archive.org]** link next to them for accessing content through Archive.org for increased privacy and in case the content goes missing. Some links are not yet archived or outdated on archive.org in which case I encourage you to ask for a new save if possible. +- **Documents/Files** have a **[Archive.org]** link next to them for accessing content through Archive.org for increased privacy and in case the content goes missing. Some links are not yet archived or outdated on archive.org in which case we encourage you to ask for a new save if possible. - **YouTube Videos** have a **[Invidious]** link next to them for accessing content through an Invidious Instance (in this case yewtu.be hosted in the Netherlands) for increased privacy. It is recommended to use these links when possible. See [[Archive.org]][29] for more information. @@ -448,7 +448,7 @@ You must consider your threat model[^12] before going further. (Illustration by Randall Munroe, xkcd.com, licensed under CC BY-NC 2.5) -Will this guide help you protect your privacy from OSINT researchers like Bellingcat[^13], Doxing[^14] trolls on 4chan[^15], and others that have no access to the NSA toolbox? More likely. Tho I would not be so sure about 4chan. +Will this guide help you protect your privacy from OSINT researchers like Bellingcat[^13], Doxing[^14] trolls on 4chan[^15], and others that have no access to the NSA toolbox? More likely. Tho we would not be so sure about 4chan. Here is a basic simplified threat model for this guide: @@ -486,7 +486,7 @@ You might think this guide has no legitimate use but there are many[^16]'[^17]'[ This guide is written with hope for those **good-intended individuals** who might not be knowledgeable enough to consider the big picture of online anonymity and privacy. -**Lastly, use it at your own risk. Anything in here is not legal advice and you should verify compliance with your local law before use (IANAL**[^24]**). "Trust but verify"**[^25] **all the information yourself (or even better, "Never Trust, always verify"**[^391]**). I strongly encourage you to inform yourself and do not hesitate to check any information in this guide with outside sources in case of doubt. Please do report any mistake you spot to me as I welcome criticism. Even harsh but sound criticism is welcome and will result in having the necessary corrections made as quickly as possible.** +**Lastly, use it at your own risk. Anything in here is not legal advice and you should verify compliance with your local law before use (IANAL**[^24]**). "Trust but verify"**[^25] **all the information yourself (or even better, "Never Trust, always verify"**[^391]**). We strongly encourage you to inform yourself and do not hesitate to check any information in this guide with outside sources in case of doubt. Please do report any mistake you spot to us as we welcome criticism. Even harsh but sound criticism is welcome and will result in having the necessary corrections made as quickly as possible.** # Understanding some basics of how some information can lead back to you and how to mitigate some: @@ -556,7 +556,7 @@ Here are some online resources you can use to find some information about your c - -For those reasons, I will need to obfuscate and hide that origin IP (the one tied to your identification) or hide it as much as I can through a combination of various means: +For those reasons, You will need to obfuscate and hide that origin IP (the one tied to your identification) or hide it as much as we can through a combination of various means: - Using a public Wi-Fi service (free). @@ -628,7 +628,7 @@ Here is an illustration of the issue you could encounter on Firefox-based browse Finally, even if you use a custom encrypted DNS server (DoH or DoT) with ECH/eSNI support and OCSP stapling, it might still not be enough as traffic analysis studies[^52] have shown it is still possible to reliably fingerprint and block unwanted requests. Only DNS over Tor was able to show efficient DNS Privacy in recent studies but even that can still be defeated by other means (see [Your Anonymized Tor/VPN traffic][Your Anonymized Tor/VPN traffic:]). -One could also decide to use a Tor Hidden DNS Service or ODoH (Oblivious DNS over HTTPS[^53]) to further increase privacy/anonymity but **unfortunately**, as far as I know, these methods are only provided by Cloudflare as of this writing ( [[Archive.org]][53], [[Archive.org]][54]). These are workable and reasonably secure technical options but there is also a moral choice if you want to use Cloudflare or not (despite the risk posed by some researchers[^54]). +One could also decide to use a Tor Hidden DNS Service or ODoH (Oblivious DNS over HTTPS[^53]) to further increase privacy/anonymity but **unfortunately**, as far as we know, these methods are only provided by Cloudflare as of this writing ( [[Archive.org]][53], [[Archive.org]][54]). These are workable and reasonably secure technical options but there is also a moral choice if you want to use Cloudflare or not (despite the risk posed by some researchers[^54]). Lastly, there is also this new possibility called DoHoT which stands for DNS over HTTPS over Tor which could also further increase your privacy/anonymity and which you could consider if you are more skilled with Linux. See [[Archive.org]][55]. This guide will not help you with this one at this stage, but it might be coming soon. @@ -636,11 +636,11 @@ Here is an illustration showing the current state of DNS and HTTPS privacy based ![][56] -As for your normal daily use (non-sensitive), remember that only Firefox-based browsers support ECH (formerly eSNI) so far and that it is only useful with websites hosted behind Cloudflare CDN at this stage. If you prefer a Chrome-based version (which is understandable for some due to some better-integrated features like on-the-fly Translation), then I would recommend the use of Brave instead which supports all Chrome extensions and offers much better privacy than Chrome. +As for your normal daily use (non-sensitive), remember that only Firefox-based browsers support ECH (formerly eSNI) so far and that it is only useful with websites hosted behind Cloudflare CDN at this stage. If you prefer a Chrome-based version (which is understandable for some due to some better-integrated features like on-the-fly Translation), then we would recommend the use of Brave instead which supports all Chrome extensions and offers much better privacy than Chrome. But the story does not stop there right. Now because after all this, even if you encrypt your DNS and use all possible mitigations. Simple IP requests to any server will probably allow an adversary to still detect which site you are visiting. And this is simply because the majority of websites have unique IPs tied to them as explained here: [[Archive.org]][57]. This means that an adversary can create a dataset of known websites for instance including their IPs and then match this dataset against the IP you ask for. In most cases, this will result in a correct guess of the website you are visiting. This means that despite OCSP stapling, despite ECH/eSNI, despite using Encrypted DNS ... An adversary can still guess the website you are visiting anyway. -Therefore, to mitigate all these issues (as much as possible and as best as I can), this guide will later recommend two solutions: Using Tor and a virtualized (See [Appendix W: Virtualization][Appendix V1: Hardening your Browsers:]) multi-layered solution of VPN over Tor solution (DNS over VPN over Tor or DNS over TOR). Other options will also be explained (Tor over VPN, VPN only, No Tor/VPN) but are less recommended. +Therefore, to mitigate all these issues (as much as possible and as best as we can), this guide will later recommend two solutions: Using Tor and a virtualized (See [Appendix W: Virtualization][Appendix V1: Hardening your Browsers:]) multi-layered solution of VPN over Tor solution (DNS over VPN over Tor or DNS over TOR). Other options will also be explained (Tor over VPN, VPN only, No Tor/VPN) but are less recommended. ### Your RFID enabled devices: @@ -818,7 +818,7 @@ Here is also a good YouTube video on this topic: DEFCON Safe Mode - Cooper Quint **For these reasons, it is crucial to get dedicated an anonymous phone number and/or an anonymous burner phone with an anonymous pre-paid sim card that is not tied to you in any way (past or present) for conducting sensitive activities (See more practical guidance in [Getting an anonymous Phone number][Getting an anonymous Phone number:] section).** -While there are some smartphones manufacturers like Purism with their Librem series[^98] who claim to have your privacy in mind, they still do not allow IMEI randomization which I believe is a key anti-tracking feature that should be provided by such manufacturers. While this measure will not prevent IMSI tracking within the SIM card, it would at least allow you to keep the same "burner phone" and only switch SIM cards instead of having to switch both for privacy. +While there are some smartphones manufacturers like Purism with their Librem series[^98] who claim to have your privacy in mind, they still do not allow IMEI randomization which we believe is a key anti-tracking feature that should be provided by such manufacturers. While this measure will not prevent IMSI tracking within the SIM card, it would at least allow you to keep the same "burner phone" and only switch SIM cards instead of having to switch both for privacy. See [Appendix N: Warning about smartphones and smart devices] @@ -876,7 +876,7 @@ Some of these can be avoided using Virtualization Software settings that can mit I will therefore mitigate some of these issues in this guide by recommending the use of virtual machines on a dedicated anonymous laptop for your sensitive activities that will only be used from an anonymous public network. -**In addition, I will recommend the use of AMD CPUs vs Intel CPUs.** +**In addition, You will recommend the use of AMD CPUs vs Intel CPUs.** ## Your Operating Systems and Apps telemetry services: @@ -918,7 +918,7 @@ It is important to understand that this telemetry data can be tied to your devic This does not mean for example that Apple devices are terrible choices for good Privacy (tho this might be changing[^111]), but they are certainly not the best choices for (relative) Anonymity. They might protect you from third parties knowing what you are doing but not from themselves. In all likelihood, they certainly know who you are. -Later in this guide, I will use all the means at our disposal to disable and block as much telemetry as possible to mitigate this attack vector in the Operating Systems supported in this guide. These will include Windows, macOS, and even Linux in some regard. +Later in this guide,Wewill use all the means at our disposal to disable and block as much telemetry as possible to mitigate this attack vector in the Operating Systems supported in this guide. These will include Windows, macOS, and even Linux in some regard. See [Appendix N: Warning about smartphones and smart devices] @@ -1082,7 +1082,7 @@ You should never share real individual experiences/details using your anonymous "Hell is other people", even if you evade every method listed above, you are not out of the woods yet thanks to the widespread use of advanced Face recognition by everyone. -Companies like Facebook have used advanced face recognition for years[^155]'[^156] and have been using other means (Satellite imagery) to create maps of "people" around the world[^157]. This evolution has been going on for years to the point I can now say "we lost control of our faces"[^158]. +Companies like Facebook have used advanced face recognition for years[^155]'[^156] and have been using other means (Satellite imagery) to create maps of "people" around the world[^157]. This evolution has been going on for years to the pointWecan now say "we lost control of our faces"[^158]. If you are walking in a touristy place, you will most likely appear in someone's selfie within minutes without knowing it. That person could then go ahead and upload that selfie to various platforms (Twitter, Google Photos, Instagram, Facebook, Snapchat ...). Those platforms will then apply face recognition algorithms to those pictures under the pretext of allowing better/easier tagging or to better organize your photo library. In addition to this, the same picture will provide a precise timestamp and in most cases geolocation of where it was taken. Even if the person does not provide a timestamp and geolocation, it can still be guessed with other means[^159]'[^160]. @@ -1438,7 +1438,7 @@ There is a frequent adage among the infosec community: "Don't roll your own cryp And there are reasons[^255]'[^256]'[^257]'[^258] for that: -We would not want people discouraged from studying and innovating in the crypto field because of that adage. So instead, I would recommend people to be cautious with "Roll your own crypto" because it is not necessarily good crypto: +We would not want people discouraged from studying and innovating in the crypto field because of that adage. So instead,Wewould recommend people to be cautious with "Roll your own crypto" because it is not necessarily good crypto: - Good cryptography is not easy and usually takes years of research to develop and fine-tune. @@ -1464,7 +1464,7 @@ Yet, this is not stopping some from doing it anyway and publishing various produ Cryptography is a complex topic and bad cryptography could easily lead to your de-anonymization. -In the context of this guide, I recommend sticking to Apps/Services using well-established, published, and peer-reviewed methods. +In the context of this guide,Werecommend sticking to Apps/Services using well-established, published, and peer-reviewed methods. So, what to prefer and what to avoid as of 2021? You will have to look up for yourself to get the technical details of each app and see if they are using "bad crypto" or "good crypto". Once you get the technical details, you could check this page for seeing what it is worth: [[Archive.org]][166] @@ -1561,13 +1561,13 @@ Any of those providers can be forced to silently (without your knowing (using fo - 2011, HideMyAss user was de-anonymized, and logs were provided to the FBI[^282]. -Some providers have implemented the use of a Warrant Canary[^283] that would allow their users to find out if they have been compromised by such orders, but this has not been tested yet as far as I know. +Some providers have implemented the use of a Warrant Canary[^283] that would allow their users to find out if they have been compromised by such orders, but this has not been tested yet as far asWeknow. Finally, it is now well known that some companies might be sponsored front ends for some state adversaries (see the Crypto AG story[^284] and Omnisec story[^285]). For these reasons, you mustn't trust such providers for your privacy despite all their claims. In most cases, you will be the last person to know if any of your accounts were targeted by such orders and you might never know at all. -To mitigate this, in cases where you want to use a VPN, I will recommend the use of a cash/Monero-paid VPN provider over Tor to prevent the VPN service from knowing any identifiable information about you. +To mitigate this, in cases where you want to use a VPN,Wewill recommend the use of a cash/Monero-paid VPN provider over Tor to prevent the VPN service from knowing any identifiable information about you. If the VPN provider knows nothing about you, it should mitigate any issue due to them not logging but logging anyway. @@ -1575,7 +1575,7 @@ If the VPN provider knows nothing about you, it should mitigate any issue due to ![][171] -(Illustration: an excellent movie I highly recommend: Das Leben der Anderen[^286]) +(Illustration: an excellent movieWehighly recommend: Das Leben der Anderen[^286]) Many advanced techniques can be used by skilled adversaries[^287] to bypass your security measures provided they already know where your devices are. Many of those techniques are detailed here [[Archive.org]][172] (Air-Gap Research Page, Cyber-Security Research Center, Ben-Gurion University of the Negev, Israel) but also in this report [[Archive.org]][173] (ESET, JUMPING @@ -1697,7 +1697,7 @@ If you still do not think such information can be used by various actors to trac # General Preparations: -Personally, in the context of this guide, it is also interesting to have a look at your security model. And in this context, I only have one to recommend: +Personally, in the context of this guide, it is also interesting to have a look at your security model. And in this context,Weonly have one to recommend: Zero-Trust Security[^391] ("Never trust, always verify"). @@ -1749,7 +1749,7 @@ First, here is a small basic UML diagram showing your available options accordin - It is new and it has great specs (more than 16GB or ideally 32GB of RAM, >250GB of disk space, recent fast CPU): - - **You could go for any route, but I would recommend Qubes OS if your threat model allows it.** + - **You could go for any route, butWewould recommend Qubes OS if your threat model allows it.** - If it is an ARM-based M1 Mac: @@ -1765,7 +1765,7 @@ First, here is a small basic UML diagram showing your available options accordin - **Qubes OS is not supported on ARM architecture yet.** -**Your only option on M1 Macs is probably to stick with Tor Browses for now. But I would guess that if you can afford an M1 Mac you should probably get a dedicated x86 laptop for more sensitive activities.** +**Your only option on M1 Macs is probably to stick with Tor Browses for now. ButWewould guess that if you can afford an M1 Mac you should probably get a dedicated x86 laptop for more sensitive activities.** ### Skills: @@ -1885,7 +1885,7 @@ In all cases, you should read these two pages from the Whonix documentation that - [[Archive.org]][223] -You might be asking yourself: "How do I know if I'm in a hostile online environment where activities are actively monitored and blocked?" +You might be asking yourself: "How doWeknow if I'm in a hostile online environment where activities are actively monitored and blocked?" - First read more about it at the EFF here: [[Archive.org]][224] @@ -1923,7 +1923,7 @@ It will also be crucial not to power on that burner phone ever (not even without See [Appendix N: Warning about smartphones and smart devices] -You should test that the phone is in working order before going to the next step. But I will repeat myself and state that it is important to leave your smartphone at home when going (or turn it off before leaving if you must keep it) and that you test the phone at a random location that cannot be tracked back to you (and again, do not do that in front of a CCTV, avoid cameras, be aware of your surroundings). No need for Wi-Fi at this place either. +You should test that the phone is in working order before going to the next step. ButWewill repeat myself and state that it is important to leave your smartphone at home when going (or turn it off before leaving if you must keep it) and that you test the phone at a random location that cannot be tracked back to you (and again, do not do that in front of a CCTV, avoid cameras, be aware of your surroundings). No need for Wi-Fi at this place either. When you are certain the phone is in working order, disable Bluetooth then power it off (remove the battery if you can) and go back home and resume your normal activities. Go to the next step. @@ -1951,7 +1951,7 @@ There are many commercial services offering numbers to receive SMS messages onli There are some forums and subreddits (like r/phoneverification/) where users will offer the service of receiving such SMS messages for you for a small fee (using PayPal or some crypto payment). Unfortunately, these are full of scammers and very risky in terms of anonymity. **You should not use those under any circumstance.** -To this date, I do not know any reputable service that would offer this service and accept cash payments (by post for instance) like some VPN providers. But a few services are providing online phone numbers and do accept Monero which could be reasonably anonymous (yet less recommended than that physical way in the earlier chapter) that you could consider: +To this date,Wedo not know any reputable service that would offer this service and accept cash payments (by post for instance) like some VPN providers. But a few services are providing online phone numbers and do accept Monero which could be reasonably anonymous (yet less recommended than that physical way in the earlier chapter) that you could consider: - **Recommended**: Do not require any identification (even e-mail): @@ -1977,7 +1977,7 @@ Now, what if you have no money? Well, in that case, you will have to try your lu - -**DISCLAIMER: I cannot vouch for any of these providers and therefore I will still recommend doing it yourself physically. In this case, you will have to rely on the anonymity of Monero and you should not use any service that requires any kind of identification using your real identity. Please do read [Appendix B2: Monero Disclaimer].** +**DISCLAIMER:Wecannot vouch for any of these providers and thereforeWewill still recommend doing it yourself physically. In this case, you will have to rely on the anonymity of Monero and you should not use any service that requires any kind of identification using your real identity. Please do read [Appendix B2: Monero Disclaimer].** Therefore IMHO, it is just more convenient, cheaper, and less risky to just get a pre-paid SIM card from one of the physical places that still sell them for cash without requiring ID registration. But at least there is an alternative if you have no other choice. @@ -1985,7 +1985,7 @@ Therefore IMHO, it is just more convenient, cheaper, and less risky to just get **Skip this step if you have no intention of creating anonymous accounts on most mainstream platforms but just want anonymous browsing or if the platforms you will use allow registration without a phone number.** -Get at least one or two decent size generic USB keys (at least 16GB but I would recommend 32GB). +Get at least one or two decent size generic USB keys (at least 16GB butWewould recommend 32GB). Please do not buy or use gimmicky self-encrypting devices such as these: [[Archive.org]][235] @@ -2017,7 +2017,7 @@ This part of the guide will help you in setting up the simplest and easiest way So, what is Tor Browser? Tor Browser ( [[Archive.org]][236]) is a web browser like Safari/Firefox/Chrome/Edge/Brave designed with privacy and anonymity in mind. -This browser is different from other browsers as it will connect to the internet through the Tor Network using Onion Routing. I first recommend that you watch this very nice introduction video by the Tor Project themselves: [[Invidious]][237]. After that, you should probably head over to their page to read their quick overview here: [[Archive.org]][238]. Without going into too many technical details, Tor Browser is an easy and simple "fire and forget" solution to browse the web anonymously from pretty much any device. It is probably sufficient for most people and can be used from any computer or smartphone. +This browser is different from other browsers as it will connect to the internet through the Tor Network using Onion Routing.Wefirst recommend that you watch this very nice introduction video by the Tor Project themselves: [[Invidious]][237]. After that, you should probably head over to their page to read their quick overview here: [[Archive.org]][238]. Without going into too many technical details, Tor Browser is an easy and simple "fire and forget" solution to browse the web anonymously from pretty much any device. It is probably sufficient for most people and can be used from any computer or smartphone. Here are several ways to set it up for all main OSes. @@ -2183,7 +2183,7 @@ Now, you are really done, and you can now surf the web anonymously from your iOS **This route is the easiest but is not designed to resist highly skilled adversaries. It is however usable on any device regardless of the configuration. This route is also vulnerable to correlation attacks (See [Your Anonymized Tor/VPN traffic][Your Anonymized Tor/VPN traffic:]) and is blind to anything that might be on your device (this could be any malware, exploit, virus, remote administration software, parental controls...). Yet, if your threat model is quite low, it is probably sufficient for most people.** -If you have time and want to learn, I recommend going for other routes instead as they offer far better security and mitigate far more risks while lowering your attack surface considerably. +If you have time and want to learn,Werecommend going for other routes instead as they offer far better security and mitigate far more risks while lowering your attack surface considerably. ## The Tails route: @@ -2223,7 +2223,7 @@ It does however have some drawbacks: You should also read Tails Documentation, Warnings, and limitations, before going further [[Archive.org]][241] -Taking all this into account and the fact that their documentation is great, I will just redirect you towards their well-made and well-maintained tutorial: +Taking all this into account and the fact that their documentation is great,Wewill just redirect you towards their well-made and well-maintained tutorial: [[Archive.org]][242], pick your flavor and proceed. @@ -2527,7 +2527,7 @@ This feature can be used at the OS level (a plausible OS and a hidden OS) or at This also means you could set up your own advanced "plausible deniability" setup using any Host OS by storing for instance Virtual Machines on a Veracrypt hidden volume container (be careful of traces in the Host OS tho that would need to be cleaned if the host OS is persistent, see [Some additional measures against forensics][Some additional measures against forensics:] section later). There is a project for achieving this within Tails ( [[Archive.org]][245]) which would make your Host OS non-persistent and use plausible deniability within Tails. -In the case of Windows, plausible deniability is also the reason you should ideally have Windows 10/11 Home (and not Pro). This is because Windows 10/11 Pro natively offers a full-disk encryption system (Bitlocker[^317]) where Windows 10/11 Home offers no full-disk encryption at all. We will later use third-party open-source software for encryption that will allow full-disk encryption on Windows 10/11 Home. This will give you a good (plausible) excuse to use this software. While using this software on Windows 10/11 Pro would be suspicious. +In the case of Windows, plausible deniability is also the reason you should ideally have Windows 10/11 Home (and not Pro). This is because Windows 10/11 Pro natively offers a full-disk encryption system (Bitlocker[^317]) where Windows 10/11 Home offers no full-disk encryption at all. You will later use third-party open-source software for encryption that will allow full-disk encryption on Windows 10/11 Home. This will give you a good (plausible) excuse to use this software. While using this software on Windows 10/11 Pro would be suspicious. **Note about Linux:** So, what about Linux and plausible deniability? Yes, it is possible to achieve plausible deniability with Linux too. More information within the Linux Host OS section later. @@ -2561,9 +2561,9 @@ You can mitigate this attack by doing the following (as recommended earlier): Cold Boot attacks[^319] are trickier than the Evil Maid Attack but can be part of an Evil Maid attack as it requires an adversary to come into possession of your laptop while you are actively using your device or shortly afterward. -The idea is rather simple, as shown in this video[^320], an adversary could theoretically quickly boot your device on a special USB key that would copy the content of the RAM (the memory) of the device after you shut it down. If the USB ports are disabled or if they feel like they need more time, they could open it and "cool down" the memory using a spray or other chemicals (liquid nitrogen for instance) preventing the memory from decaying. They could then be able to copy its content for analysis. This memory dump could contain the key to decrypt your device. We will later apply a few principles to mitigate these. +The idea is rather simple, as shown in this video[^320], an adversary could theoretically quickly boot your device on a special USB key that would copy the content of the RAM (the memory) of the device after you shut it down. If the USB ports are disabled or if they feel like they need more time, they could open it and "cool down" the memory using a spray or other chemicals (liquid nitrogen for instance) preventing the memory from decaying. They could then be able to copy its content for analysis. This memory dump could contain the key to decrypt your device. You will later apply a few principles to mitigate these. -In the case of Plausible Deniability, there have been some forensics studies[^321] about technically proving the presence of the hidden data with a simple forensic examination (without a Cold Boot/Evil Maid Attack) but these have been contested by other studies[^322] and by the maintainer of Veracrypt[^323] so I would not worry too much about those yet. +In the case of Plausible Deniability, there have been some forensics studies[^321] about technically proving the presence of the hidden data with a simple forensic examination (without a Cold Boot/Evil Maid Attack) but these have been contested by other studies[^322] and by the maintainer of Veracrypt[^323] soWewould not worry too much about those yet. The same measures used to mitigate Evil Maid attacks should be in place for Cold Boot attacks with some added ones: @@ -2663,9 +2663,9 @@ In the case of Windows, this data could for instance be used to prove the existe You should never conduct sensitive activities from a non-encrypted system. And even if it is encrypted, you should never conduct sensitive activities from the Host OS itself. Instead, you should use a VM to be able to efficiently isolate and compartmentalize your activities and prevent local data leaks. -If you have little to no knowledge of Linux or if you want to use OS-wide plausible deniability, I recommend going for Windows (or back to the Tails route) for convenience. This guide will help you hardening it as much as possible to prevent leaks. This guide will also help you hardening macOS and Linux as much as possible to prevent similar leaks. +If you have little to no knowledge of Linux or if you want to use OS-wide plausible deniability,Werecommend going for Windows (or back to the Tails route) for convenience. This guide will help you hardening it as much as possible to prevent leaks. This guide will also help you hardening macOS and Linux as much as possible to prevent similar leaks. -If you have no interest in OS-wide plausible deniability and want to learn to use Linux, I will strongly recommend going for Linux or the Qubes OS route if your hardware allows it. +If you have no interest in OS-wide plausible deniability and want to learn to use Linux,Wewill strongly recommend going for Linux or the Qubes OS route if your hardware allows it. **In all cases, the host OS should never be used to conduct sensitive activities directly. The host OS will only be used to connect to a public Wi-Fi Access Point. It will be left unused while you conduct sensitive activities and should ideally not be used for any of your day-to-day activities.** @@ -2673,7 +2673,7 @@ Consider also reading ** [[Archive.org]][275] +While not supported yet by this guide, it is possible to achieve a form of deniability on Linux using LUKS by using detached LUKS headers. For now,Wewill redirect you toward this page for more information: [[Archive.org]][275] ##### The Veracrypt Way: @@ -2795,7 +2795,7 @@ See [Appendix G: Safe Browser on the Host OS] **Note: At this time, this guide will not support ARM M1 MacBooks (yet). Due to Virtualbox not supporting this architecture yet. It could however be possible if you use commercial tools like VMWare or Parallels but those are not covered in this guide.** -As mentioned earlier, I do not recommend using your daily laptop for sensitive activities. Or at least I do not recommend using your in-place OS for these. Doing that might result in unwanted data leaks that could be used to de-anonymize you. If you have a dedicated laptop for this, you should reinstall a fresh clean OS. If you do not want to wipe your laptop and start over, you should consider the Tails route or proceed at your own risk. +As mentioned earlier,Wedo not recommend using your daily laptop for sensitive activities. Or at leastWedo not recommend using your in-place OS for these. Doing that might result in unwanted data leaks that could be used to de-anonymize you. If you have a dedicated laptop for this, you should reinstall a fresh clean OS. If you do not want to wipe your laptop and start over, you should consider the Tails route or proceed at your own risk. I also recommend that you do the initial installation completely offline to avoid any data leak. @@ -2815,7 +2815,7 @@ I also recommend that you do the initial installation completely offline to avoi As a light introduction for new macOS users, consider [[Invidious]][293] -Now to go more in-depth in securing and hardening your macOS, I recommend reading this guide which covers many of the issues: [[Archive.org]][294] +Now to go more in-depth in securing and hardening your macOS,Werecommend reading this guide which covers many of the issues: [[Archive.org]][294] Here are the basic steps you should take after your offline installation: @@ -2828,7 +2828,7 @@ Unfortunately, some attacks are still possible and an adversary could disable th ##### Enable Hibernation instead of sleep: -Again, this is to prevent some cold-boot and evil-maid attacks by powering down your RAM and cleaning the encryption key when you close the lid. You should always either hibernate or shut down. On macOS, the hibernate feature even has a special option to specifically clear the encryption key from memory when hibernating (while you might have to wait for the memory to decay on other Operating Systems). Once again there are no easy options to do this within the settings so instead, I will have to do this by running a few commands to enable hibernation: +Again, this is to prevent some cold-boot and evil-maid attacks by powering down your RAM and cleaning the encryption key when you close the lid. You should always either hibernate or shut down. On macOS, the hibernate feature even has a special option to specifically clear the encryption key from memory when hibernating (while you might have to wait for the memory to decay on other Operating Systems). Once again there are no easy options to do this within the settings so instead,Wewill have to do this by running a few commands to enable hibernation: - Open a Terminal @@ -2868,7 +2868,7 @@ You could block OCSP reporting by issuing the following command in Terminal: But you should document yourself on the actual issue before acting. This page is a good place to start: [[Archive.org]][297] -Up to you really. We would block it because I do not want any telemetry at all from my OS to the mothership without my specific consent. None. +Up to you really. We would block it becauseWedo not want any telemetry at all from my OS to the mothership without my specific consent. None. ##### Enable Full Disk encryption (Filevault): @@ -2894,7 +2894,7 @@ See [Appendix G: Safe Browser on the Host OS] ### Windows Host OS: -As mentioned earlier, I do not recommend using your daily laptop for sensitive activities. Or at least I do not recommend using your in-place OS for these. Doing that might result in unwanted data leaks that could be used to de-anonymize you. If you have a dedicated laptop for this, you should reinstall a fresh clean OS. If you do not want to wipe your laptop and start over, you should consider the Tails route or proceed at your own risk. +As mentioned earlier,Wedo not recommend using your daily laptop for sensitive activities. Or at leastWedo not recommend using your in-place OS for these. Doing that might result in unwanted data leaks that could be used to de-anonymize you. If you have a dedicated laptop for this, you should reinstall a fresh clean OS. If you do not want to wipe your laptop and start over, you should consider the Tails route or proceed at your own risk. I also recommend that you do the initial installation completely offline to avoid any data leak. @@ -2924,7 +2924,7 @@ See [Appendix B: Windows Additional Privacy Settings] ###### If you intend to use system-wide plausible deniability: -Veracrypt[^330] is the software I will recommend for full-disk encryption, file encryption, and plausible deniability. It is a fork of the well-known but deprecated and unmaintained TrueCrypt. It can be used for: +Veracrypt[^330] is the softwareWewill recommend for full-disk encryption, file encryption, and plausible deniability. It is a fork of the well-known but deprecated and unmaintained TrueCrypt. It can be used for: - Full Disk simple encryption (your hard drive is encrypted with one passphrase). @@ -2954,7 +2954,7 @@ More details later in [Route A and B: Simple Encryption using Veracrypt (Windows ###### If you do not intend to use system-wide plausible deniability: -For this case, I will recommend the use of BitLocker instead of Veracrypt for the full disk encryption. The reasoning is that BitLocker does not offer a plausible deniability possibility contrary to Veracrypt. A hard adversary has then no incentive in pursuing his "enhanced" interrogation if you reveal the passphrase. +For this case,Wewill recommend the use of BitLocker instead of Veracrypt for the full disk encryption. The reasoning is that BitLocker does not offer a plausible deniability possibility contrary to Veracrypt. A hard adversary has then no incentive in pursuing his "enhanced" interrogation if you reveal the passphrase. Normally, you should have installed Windows Pro in this case and the BitLocker setup is quite straightforward. @@ -3184,15 +3184,15 @@ This route is rather straightforward and will just encrypt your current Operatin - Click Next as the Generated Keys screen -- To rescue disk[^341] or not rescue disk, well that is up to you. I recommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it. +- To rescue disk[^341] or not rescue disk, well that is up to you.Werecommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it. - Wipe mode: - If you have no sensitive data yet on this laptop, select None - - If you have sensitive data on an SSD, Trim alone should take care of it[^342] but I would recommend one pass (random data) just to be sure. + - If you have sensitive data on an SSD, Trim alone should take care of it[^342] butWewould recommend one pass (random data) just to be sure. - - If you have sensitive data on an HDD, there is no Trim, and I would recommend at least 1-pass. + - If you have sensitive data on an HDD, there is no Trim, andWewould recommend at least 1-pass. - Test your setup. Veracrypt will now reboot your system to test the bootloader before encryption. This test must pass for encryption to go forward. @@ -3294,7 +3294,7 @@ Do not connect this OS to your known Wi-Fi. You should download the Veracrypt in - At this stage, you should copy decoy data onto the outer volume. So, you should have some sensitive but not so sensitive files/folders to copy there. In case you need to reveal a password to this Volume**.** This is a good place for your Anime/Mp3/Movies/Porn collection. - - I recommend you do not fill the outer volume too much or too little (about 40%). Remember you must leave enough space for the Hidden OS (which will be the same size as the first partition you created during installation). + - Werecommend you do not fill the outer volume too much or too little (about 40%). Remember you must leave enough space for the Hidden OS (which will be the same size as the first partition you created during installation). - Use a strong passphrase for the Hidden Volume (obviously a different one than the one for the Outer Volume). @@ -3354,7 +3354,7 @@ Now you will encrypt the Decoy OS: - Click Next as the Generated Keys screen -- To rescue disk[^347] or not rescue disk, well that is up to you. I recommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it. +- To rescue disk[^347] or not rescue disk, well that is up to you.Werecommend making one (just in case), just make sure to store it outside your encrypted drive (USB key for instance or wait and see the end of this guide for guidance on safe backups). This rescue disk will not store your passphrase and you will still need it to use it. - Wipe mode: Select 1-Pass just to be safe @@ -3578,11 +3578,11 @@ More information at: #### Tor over VPN: -You might be wondering: Well, what about using Tor over VPN instead of VPN over Tor? Well, I would not necessarily recommend it: +You might be wondering: Well, what about using Tor over VPN instead of VPN over Tor? Well,Wewould not necessarily recommend it: - Disadvantages: - - Your VPN provider is just another ISP that will then know your origin IP and will be able to de-anonymize you if required. We do not trust them. I prefer a situation where your VPN provider does not know who you are. It does not add much in terms of anonymity. + - Your VPN provider is just another ISP that will then know your origin IP and will be able to de-anonymize you if required. We do not trust them.Weprefer a situation where your VPN provider does not know who you are. It does not add much in terms of anonymity. - This would result in you connecting to various services using the IP of a Tor Exit Node which is banned/flagged in many places. It does not help in terms of convenience. @@ -3651,13 +3651,13 @@ If you have absolutely no other option and still want to do something, see [Appe Unfortunately, using Tor alone will raise the suspicion of many destinations' platforms. You will face many hurdles (captchas, errors, difficulties signing up) if you only use Tor. In addition, using Tor where you are could put you in trouble just for that. But Tor is still the best solution for anonymity and must be somewhere for anonymity. -- If you intend to create persistent shared and authenticated identities on various services where access from Tor is hard, I recommend the **VPN over Tor** and **VPS VPN/Proxy over Tor** options (or VPN over Tor over VPN if needed). It might be a bit less secure against correlation attacks due to breaking Tor Stream isolation but provides much better convenience in accessing online resources than just using Tor. It is an "acceptable" trade-off IMHP if you are careful enough with your identity. +- If you intend to create persistent shared and authenticated identities on various services where access from Tor is hard,Werecommend the **VPN over Tor** and **VPS VPN/Proxy over Tor** options (or VPN over Tor over VPN if needed). It might be a bit less secure against correlation attacks due to breaking Tor Stream isolation but provides much better convenience in accessing online resources than just using Tor. It is an "acceptable" trade-off IMHP if you are careful enough with your identity. - **Note: It is becoming more common that mainstream services and CDNS are also blocking or hindering VPN users with captchas and other various obstacles**. **In that case, a self-hosted VPS with a VPN/Proxy over Tor is the best solution for this as having your own dedicated VPS guarantees you are the sole user of your IP and encounter little to no obstacles.** Consider a [Self-hosted VPN/Proxy on a Monero/Cash-paid VPS (for users more familiar with Linux)][Self-hosted VPN/Proxy on a Monero/Cash-paid VPS (for users more familiar with Linux):] if you want the least amount of issues (this will be explained in the next section in more details). -- If your intent however is just to browse random services anonymously without creating specific shared identities, using tor friendly services; or if you do not want to accept that trade-off in the earlier option. **Then I recommend using the Tor Only route to keep the full benefits of Stream Isolation (or Tor over VPN if you need to).** +- If your intent however is just to browse random services anonymously without creating specific shared identities, using tor friendly services; or if you do not want to accept that trade-off in the earlier option. **ThenWerecommend using the Tor Only route to keep the full benefits of Stream Isolation (or Tor over VPN if you need to).** -- If cost is an issue, I recommend the Tor Only option if possible. +- If cost is an issue,Werecommend the Tor Only option if possible. - If both Tor and VPN access are impossible or dangerous then you have no choice but to rely on Public wi-fi safely. See [Appendix P: Accessing the internet as safely as possible when Tor and VPNs are not an option] @@ -3709,7 +3709,7 @@ This guide will therefore propose two flavors of this route: ![][331] -You will be able to decide which flavor to use based on my recommendations. I recommend the second one as explained before. +You will be able to decide which flavor to use based on my recommendations.Werecommend the second one as explained before. Whonix is well maintained and has extensive and incredibly detailed documentation. @@ -3781,7 +3781,7 @@ Finally, consider the security advice from Virtualbox themselves here VPN > Tor > VPN). +Remember that in this case,Werecommend having two VPN accounts. Both paid with cash/Monero (see [Appendix O: Getting an anonymous VPN/Proxy]). One will be used in the Host OS for the first VPN connection. The other could be used in the VM to achieve VPN over Tor over VPN (User > VPN > Tor > VPN). If you intend to only use Tor over VPN, you only need one VPN account. @@ -3845,7 +3845,7 @@ Consider using AppArmor on your Whonix Workstations by following this guide: [[Archive.org]][345] for detailed instructions. @@ -3853,11 +3853,11 @@ Consider hardening the VM as recommended in [Hardening Linux]. ##### If you cannot use Tor: -Use the Linux Distro of your choice. I would recommend Ubuntu or Fedora for convenience but any other would work too. Be sure to not enable any telemetry. You could go with the risky route: See [Appendix P: Accessing the internet as safely as possible when Tor and VPNs are not an option] +Use the Linux Distro of your choice.Wewould recommend Ubuntu or Fedora for convenience but any other would work too. Be sure to not enable any telemetry. You could go with the risky route: See [Appendix P: Accessing the internet as safely as possible when Tor and VPNs are not an option] ##### Choose a browser within the VM: -This time, I will recommend Brave browser. +This time,Wewill recommend Brave browser. See why here: [Appendix V: What browser to use in your Guest VM/Disposable VM] @@ -3971,7 +3971,7 @@ See [Appendix P: Accessing the internet as safely as possible when Tor and VPNs #### Choose a browser within the VM: -This time, I will recommend Brave browser. +This time,Wewill recommend Brave browser. See why here: [Appendix V: What browser to use in your Guest VM/Disposable VM] @@ -4015,7 +4015,7 @@ Just use the tutorials as is and see [Appendix P: Accessing the internet as safe Two possibilities: AnBox or Android-x86 -Personally, I would recommend AnBox over Android-x86 but it requires Linux +Personally,Wewould recommend AnBox over Android-x86 but it requires Linux ##### AnBox: @@ -4111,7 +4111,7 @@ Just use the tutorials as is and see [Appendix P: Accessing the internet as safe There are some drawbacks to running macOS on Virtual Machines. The main one is that they do not have a serial number (0 by default) and you will be unable to log in to any Apple-provided service (iCloud, iMessage...) without a genuine ID. You can set such IDs using this script: [[Archive.org]][352] but keep in mind that randomly generated IDs will not work and using the ID of someone else will break their Terms of Services and could count as impersonation (and therefore could be illegal). -Note: I also ran in multiple issues with running these on AMD processors. This can be fixed so here is the configuration I used which worked fine with Catalina, Big Sur and Monterey which will tell Virtualbox to emulate an Intel Processor instead: +Note:Wealso ran in multiple issues with running these on AMD processors. This can be fixed so here is the configurationWeused which worked fine with Catalina, Big Sur and Monterey which will tell Virtualbox to emulate an Intel Processor instead: - ```VBoxManage modifyvm "macOSCatalina" ---cpuidset 00000001 000106e5 00100800 0098e3fd bfebfbff``` @@ -4133,7 +4133,7 @@ Refer to [Hardening macOS]. #### Choose a browser within the VM: -This time, I will recommend Brave browser. +This time,Wewill recommend Brave browser. See why here: [Appendix V: What browser to use in your Guest VM/Disposable VM] @@ -4143,7 +4143,7 @@ See [Appendix V1: Hardening your Browsers][Appendix V1: Hardening your Browsers: You will need something to store your data (logins/passwords, identities, and TOTP[^359] information). -For this purpose, I strongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA[^360] authentication with the authenticator feature. +For this purpose,Westrongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA[^360] authentication with the authenticator feature. Remember this should ideally be installed on your Guest VM and not on your Host OS. You should never do any sensitive activities from your Host OS. @@ -4199,7 +4199,7 @@ This step will allow you to configure your Host OS so that only the Whonix Gatew There are three ways to do this: -- The Lazy Way (not really recommended): not supported by Whonix and might have some security implications as you will expose the Whonix Gateway VM to the Public Wi-Fi network. I would recommend against this unless you are in a hurry or very lazy. +- The Lazy Way (not really recommended): not supported by Whonix and might have some security implications as you will expose the Whonix Gateway VM to the Public Wi-Fi network.Wewould recommend against this unless you are in a hurry or very lazy. - **This method will not work with Wi-Fi captive portals requiring any registration to connect.** @@ -4209,7 +4209,7 @@ There are three ways to do this: #### The Lazy Way (**not supported by Whonix** but it will work if you are in a hurry, see further for the better way): -**This way is not supported by the Whonix project**[^361] but I will go ahead and give this option anyway. IMHO this is helpful to prevent your Host OS from leaking any information while you are using the Whonix VMs. +**This way is not supported by the Whonix project**[^361] butWewill go ahead and give this option anyway. IMHO this is helpful to prevent your Host OS from leaking any information while you are using the Whonix VMs. **Note that this option as-is will only work on Wi-Fis without a captive portal (where you must enter some information to unlock access).** @@ -4219,7 +4219,7 @@ The illustration below shows the result of this step: ##### Configuration of the Whonix Gateway VM: -For this to work, I will need to change some configurations on the Whonix Gateway VM. We will need to add a DHCP client to the Whonix Gateway to receive IP addresses from the network. To do those changes the Host OS will still have to have internet access allowed for now. +For this to work,Wewill need to change some configurations on the Whonix Gateway VM. You will need to add a DHCP client to the Whonix Gateway to receive IP addresses from the network. To do those changes the Host OS will still have to have internet access allowed for now. So here is how: @@ -4271,7 +4271,7 @@ Now you must block internet access from your Host OS while still allowing the VM ###### Windows Host OS: -The goal here is to associate with a Wi-Fi network without having an internet connection. We will achieve this by deleting the Gateway from the connection after you are connected: +The goal here is to associate with a Wi-Fi network without having an internet connection. You will achieve this by deleting the Gateway from the connection after you are connected: - First, connect to the safe Wi-Fi of your choice @@ -4289,7 +4289,7 @@ The goal here is to associate with a Wi-Fi network without having an internet co ###### Linux Host OS: -The goal here is to associate with a Wi-Fi network without having an internet connection. We will achieve this by deleting the Gateway from the connection after you are connected: +The goal here is to associate with a Wi-Fi network without having an internet connection. You will achieve this by deleting the Gateway from the connection after you are connected: - First, connect to the safe Wi-Fi of your choice @@ -4307,7 +4307,7 @@ The goal here is to associate with a Wi-Fi network without having an internet co ###### macOS Host OS: -The goal here is to associate with a Wi-Fi network without having an internet connection. We will achieve this by deleting the Gateway from the connection after you are connected: +The goal here is to associate with a Wi-Fi network without having an internet connection. You will achieve this by deleting the Gateway from the connection after you are connected: - First, connect to the safe Wi-Fi of your choice @@ -4331,7 +4331,7 @@ Yet this will still not be supported by the Whonix project, but it is fine as th This option will require an additional VM between the Host OS and the Whonix Gateway to act as a Network Bridge. -For this purpose, I will recommend the use of a lightweight Linux Distro. Any will do but the easiest IMHO will be an Ubuntu-based distro and I would recommend the lightweight XUbuntu as it will be extremely easy to configure this setup. +For this purpose,Wewill recommend the use of a lightweight Linux Distro. Any will do but the easiest IMHO will be an Ubuntu-based distro andWewould recommend the lightweight XUbuntu as it will be extremely easy to configure this setup. Why XUbuntu and not Ubuntu or KUbuntu? Because XUbuntu uses an XFCE desktop environment which is lightweight and this VM will only serve as a proxy and nothing else. @@ -4473,7 +4473,7 @@ Only the XUbuntu Bridge VM should be able to access the internet. The Host OS wi ###### Windows Host OS: -The goal here is to associate with a Wi-Fi network without having an internet connection. We will achieve this by deleting the Gateway from the connection after you are connected: +The goal here is to associate with a Wi-Fi network without having an internet connection. You will achieve this by deleting the Gateway from the connection after you are connected: - First, connect to the safe Wi-Fi of your choice @@ -4495,7 +4495,7 @@ The goal here is to associate with a Wi-Fi network without having an internet co ###### Linux Host OS: -The goal here is to associate with a Wi-Fi network without having an internet connection. We will achieve this by deleting the Gateway from the connection after you are connected: +The goal here is to associate with a Wi-Fi network without having an internet connection. You will achieve this by deleting the Gateway from the connection after you are connected: - First, connect to the safe Wi-Fi of your choice @@ -4517,7 +4517,7 @@ The goal here is to associate with a Wi-Fi network without having an internet co ###### macOS Host OS: -The goal here is to associate with a Wi-Fi network without having an internet connection. We will achieve this by deleting the Gateway from the connection after you are connected: +The goal here is to associate with a Wi-Fi network without having an internet connection. You will achieve this by deleting the Gateway from the connection after you are connected: - First, connect to the safe Wi-Fi of your choice @@ -4543,7 +4543,7 @@ This way will not go against Whonix recommendations (as it will not expose the W This option will require an additional VM between the Host OS and the Whonix Gateway to act as a Network Bridge and to connect to the Wi-Fi network. **This option requires a working USB Wi-Fi Dongle that will be passed through to a bridge VM.** -For this purpose, I will recommend the use of a lightweight Linux Distro. Any will do but the easiest IMHO will be an Ubuntu-based distro and I would recommend the lightweight XUbuntu as it will be extremely easy to configure this setup. +For this purpose,Wewill recommend the use of a lightweight Linux Distro. Any will do but the easiest IMHO will be an Ubuntu-based distro andWewould recommend the lightweight XUbuntu as it will be extremely easy to configure this setup. Why XUbuntu and not Ubuntu or KUbuntu? Because XUbuntu uses an XFCE desktop environment which is lightweight and this VM will only serve as a proxy and nothing else. @@ -4719,7 +4719,7 @@ Qubes OS is not a Linux distribution[^362] but a Xen distribution. It is differe - YouTube, Life Behind the Tinfoil: A Look at Qubes and Copperhead - Konstantin Ryabitsev, The Linux Foundation [[Invidious]][362] -- YouTube, I used the reasonably-secure Qubes OS for 6 months and survived - Matty McFatty [@themattymcfatty] [[Invidious]][363] +- YouTube,Weused the reasonably-secure Qubes OS for 6 months and survived - Matty McFatty [@themattymcfatty] [[Invidious]][363] - YouTube, Qubes OS: How it works, and a demo of this VM-centric OS [[Invidious]][364] @@ -4890,13 +4890,13 @@ If you have absolutely no other option and still want to do something, see [Appe Unfortunately, using Tor alone will raise the suspicion of many destinations' platforms. You will face many hurdles (captchas, errors, difficulties signing up) if you only use Tor. In addition, using Tor where you are could put you in trouble just for that. But Tor remains the best solution for anonymity and must be somewhere for anonymity. -- If you intend to create persistent shared and authenticated identities on various services where access from Tor is hard, I recommend the **VPN over Tor** and **VPS VPN/Proxy over Tor** options (or VPN over Tor over VPN if needed). It might be a bit less secure against correlation attacks due to breaking Tor Stream isolation but provides much better convenience in accessing online resources than just using Tor. It is an "acceptable" trade-off IMHP if you are careful enough with your identity. +- If you intend to create persistent shared and authenticated identities on various services where access from Tor is hard,Werecommend the **VPN over Tor** and **VPS VPN/Proxy over Tor** options (or VPN over Tor over VPN if needed). It might be a bit less secure against correlation attacks due to breaking Tor Stream isolation but provides much better convenience in accessing online resources than just using Tor. It is an "acceptable" trade-off IMHP if you are careful enough with your identity. - **Note: It is becoming more common that mainstream services and CDNS are also blocking or hindering VPN users with captchas and other various obstacles**. **In that case, a self-hosted VPS with a VPN/Proxy over Tor is the best solution for this as having your own dedicated VPS guarantees you are the sole user of your IP and encounter little to no obstacles.** Consider a [Self-hosted VPN/Proxy on a Monero/Cash-paid VPS (for users more familiar with Linux)][Self-hosted VPN/Proxy on a Monero/Cash-paid VPS (for users more familiar with Linux):] if you want the least amount of issues (this will be explained in the next section in more details). -- If your intent however is just to browse random services anonymously without creating specific shared identities, using tor friendly services; or if you do not want to accept that trade-off in the earlier option. **Then I recommend using the Tor Only route to keep the full benefits of Stream Isolation (or Tor over VPN if you need to).** +- If your intent however is just to browse random services anonymously without creating specific shared identities, using tor friendly services; or if you do not want to accept that trade-off in the earlier option. **ThenWerecommend using the Tor Only route to keep the full benefits of Stream Isolation (or Tor over VPN if you need to).** -- If cost is an issue, I recommend the Tor Only option if possible. +- If cost is an issue,Werecommend the Tor Only option if possible. - If both Tor and VPN access are impossible or dangerous then you have no choice but to rely on Public wi-fi safely. See [Appendix P: Accessing the internet as safely as possible when Tor and VPNs are not an option] @@ -4934,7 +4934,7 @@ Qubes OS uses LUKS for full disk encryption and it is technically possible to ac ### Installation: -We will follow the instructions from their own guide [[Archive.org]][368]: +You will follow the instructions from their own guide [[Archive.org]][368]: (Secure Boot is not supported as per their FAQ: [[Archive.org]][369] so it should be disabled in the BIOS/UEFI settings.) @@ -4962,7 +4962,7 @@ The Qubes master signing key fingerprint should match `427F 11FD 0FAA 4B08 0123 ### Lid Closure Behavior: -Unfortunately, Qubes OS does not support hibernation[^366] which is IMHO an issue regarding cold-boot attacks. To mitigate those, I highly recommend that you configure Qubes OS to shut down on any power action (power button, lid closure). You can do set this from the XFCE Power Manager. Do not use the sleep features. +Unfortunately, Qubes OS does not support hibernation[^366] which is IMHO an issue regarding cold-boot attacks. To mitigate those,Wehighly recommend that you configure Qubes OS to shut down on any power action (power button, lid closure). You can do set this from the XFCE Power Manager. Do not use the sleep features. ### Connect to a Public Wi-Fi: @@ -5000,7 +5000,7 @@ Remember this should be done from a safe place (see [Find some safe places with ### Upgrading Qubes OS from 4.0.x to 4.1.x (you should do it) -Personally, I wouldn't do it in-place and do a fresh install. +Personally,Wewouldn't do it in-place and do a fresh install. But if you really want to, it's technically possible by following this guide: [[Archive.org]][1372] @@ -5066,7 +5066,7 @@ Basically, AppArmor[^367] is an application sandboxing system. By default, it is ##### SELinux: -SELinux[^368] is similar to AppArmor. The differences between SELinux and AppArmor are technical details into which I will not get. +SELinux[^368] is similar to AppArmor. The differences between SELinux and AppArmor are technical details into whichWewill not get. Here is a good explanation of what it is: [[Invidious]][375] @@ -5135,7 +5135,7 @@ When you are done downloading the configuration files within the Disposable Brow - Save and exit each file -- Edit the OpenVPN config file (/etc/default/openvpn) by typing ```sudo nano /etc/default/openvpn``` (because I do not like vi editor) +- Edit the OpenVPN config file (/etc/default/openvpn) by typing ```sudo nano /etc/default/openvpn``` (becauseWedo not like vi editor) - Change ```#AUTOSTART="all"``` to ```AUTOSTART="all"``` (in other words, remove the "#") @@ -5323,7 +5323,7 @@ Edit the Whonix Disposable VM template and follow instructions here [[Archive.org]][385]) which works "well enough" with Qubes OS. More information can also be found at [[Archive.org]][347] +Since the Android-x86 does not work "well" with Qubes OS (my own experience).Wewill instead recommend using AnBox ( [[Archive.org]][385]) which works "well enough" with Qubes OS. More information can also be found at [[Archive.org]][347] #### If you can use Tor (natively or over a VPN): @@ -5345,7 +5345,7 @@ Basically, follow the tutorial here: - Click Create Qubes VM -- Name and label as you wish: I suggest "Android" +- Name and label as you wish:Wesuggest "Android" - Select Type: Standalone Qube copied from a template @@ -5415,7 +5415,7 @@ That's it, you should now have an Android Qube over Tor (or anything else) capab You will need something to store your data (logins/passwords, identities, and TOTP[^369] information). -For this purpose, I strongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA[^370] authentication with the authenticator feature. +For this purpose,Westrongly recommend KeePassXC because of its integrated TOTP feature. This is the ability to create entries for 2FA[^370] authentication with the authenticator feature. In the context of Qubes OS you should store your sensitive information within the Domain-vault Qube: @@ -5477,7 +5477,7 @@ As for Cloudflare (hCaptcha), you could also use their Accessibility solution he You should therefore deal with those carefully and force yourself to alter the way you are solving them (speed/movement/accuracy/...) to prevent "Captcha Fingerprinting". -Fortunately, as far as I am aware, these are not yet officially/publicly used to de-anonymize users for third parties. +Fortunately, as far asWeam aware, these are not yet officially/publicly used to de-anonymize users for third parties. To not have those issues, you should consider using a VPN over Tor. And the best option to avoid those is likely to use a self-hosted VPN/Proxy over Tor on a cash/Monero paid VPS server. @@ -5497,7 +5497,7 @@ Most platforms will not allow you to register using an "anonymous" or disposable The key thing to this is that it is becoming increasingly difficult to sign-up for a free e-mail account anywhere without providing (you guessed it) ... a cell phone number. That same cell phone number can be used conveniently to track you down in most places. -It is possible that those services (Proton for instance) might require you to provide an e-mail address for registration. In that case, I would recommend you create an e-mail address from these providers: +It is possible that those services (Proton for instance) might require you to provide an e-mail address for registration. In that case,Wewould recommend you create an e-mail address from these providers: - MailFence: @@ -5521,7 +5521,7 @@ Due to the suspicious situation, this guide can no longer recommend them. #### Protecting your anonymous online identities e-mails using Aliasing services: -If you want to avoid communicating your anonymous e-mail addresses to various parties. I would strongly suggest considering using e-mail aliasing services such as: +If you want to avoid communicating your anonymous e-mail addresses to various parties.Wewould strongly suggest considering using e-mail aliasing services such as: - (preferred first choice due to more options available to the free tier) @@ -5551,11 +5551,11 @@ Some examples: ### Proof of ID verification: -The deal-breaker in most cases. As far as I know, only Facebook and LinkedIn (outside of financial services) have requested such verifications which involve sending pictures of some form of identification (passport, national ID card, driver's license ...). The only way to do this would involve creating fake official documents (forgery) using some decent Photoshop skills and this might be illegal in most places. +The deal-breaker in most cases. As far asWeknow, only Facebook and LinkedIn (outside of financial services) have requested such verifications which involve sending pictures of some form of identification (passport, national ID card, driver's license ...). The only way to do this would involve creating fake official documents (forgery) using some decent Photoshop skills and this might be illegal in most places. -Therefore, this is a line I am not going to help you cross within this guide. Some services are offering such services online, but I think they are *bad actors* and are overstepping their boundaries. +Therefore, this is a lineWeam not going to help you cross within this guide. Some services are offering such services online, butWethink they are *bad actors* and are overstepping their boundaries. -In many countries, only law enforcement, some specific processes (such as GDPR requests), and some well-regulated financial services may request proof of identification. So, the legality of asking for such documents is debatable and I think such platforms should not be allowed to require those. +In many countries, only law enforcement, some specific processes (such as GDPR requests), and some well-regulated financial services may request proof of identification. So, the legality of asking for such documents is debatable andWethink such platforms should not be allowed to require those. In few countries (like Germany), this practice is illegal and online platforms such as Facebook or LinkedIn are legally bound to allow you to use a pseudonym and remain anonymous. @@ -5583,7 +5583,7 @@ For this reason, this guide does recommend the use of VPN over Tor (and not Tor Browser and Device[^382] Fingerprinting are usually integrated into the Captcha services but also in other various services. -Many platforms (like Google[^383]) will check your browser for various capabilities and settings and block Browsers they do not like. This is one of the reasons I recommend using Chromium-based Browsers such as Brave Browser over Tor Browser within this VM. +Many platforms (like Google[^383]) will check your browser for various capabilities and settings and block Browsers they do not like. This is one of the reasonsWerecommend using Chromium-based Browsers such as Brave Browser over Tor Browser within this VM. Here are some of the things they check within recent browsers: @@ -5683,7 +5683,7 @@ Some platforms/apps will require you to take a live picture of yourself either d ![][395] -This guide will not cover this one (yet) as it is mainly used on financial platforms (that will be able to identify you with other means anyway) and some dating apps like Tinder[^386]. Unfortunately, this method is now also sometimes being used on Facebook[^387] and Instagram as part of their verification methods (tho I did not face it yet so far). +This guide will not cover this one (yet) as it is mainly used on financial platforms (that will be able to identify you with other means anyway) and some dating apps like Tinder[^386]. Unfortunately, this method is now also sometimes being used on Facebook[^387] and Instagram as part of their verification methods (thoWedid not face it yet so far). ![][396] @@ -5733,7 +5733,7 @@ Now that you have a basic understanding of all the ways you can be de-anonymized - Above all, you cannot trust people -So what? Well instead of not trusting anyone or anything, I would advise to **"Trust but verify"**[^390] (or "Never trust, always verify" if you are more hardcore about it and want to apply Zero-Trust Security[^391]) instead. +So what? Well instead of not trusting anyone or anything,Wewould advise to **"Trust but verify"**[^390] (or "Never trust, always verify" if you are more hardcore about it and want to apply Zero-Trust Security[^391]) instead. **Do not start this process unless:** @@ -5805,11 +5805,11 @@ Tools that can help with this: Now is also the moment where you could finally consider getting an online phone number as explained in the [Online Phone Number (less recommended)] section. -I will help you bit by listing a few tips I learned while researching over the years **(disclaimer: this is based on my individual experiences alone)**: +I will help you bit by listing a few tipsWelearned while researching over the years **(disclaimer: this is based on my individual experiences alone)**: - "Some animals are more equal than others". - - Ethnicity is important and you will have fewer issues and attract less attention to verification algorithms if your identity is Caucasian/East-Asian than if it is Arabic/Black (yes, I tested this extensively and it is definitely an issue). + - Ethnicity is important and you will have fewer issues and attract less attention to verification algorithms if your identity is Caucasian/East-Asian than if it is Arabic/Black (yes,Wetested this extensively and it is definitely an issue). - Age is important and you will have fewer issues if you are young (18-22) than if you are middle-aged or older. Platforms seem to be more lenient in not imposing restrictions on new younger audiences. @@ -5827,7 +5827,7 @@ I will help you bit by listing a few tips I learned while researching over the y - Brave Browser (Chromium-based) with a Private Tor Tab has (IMHO) a better acceptance level than Tor Browser (Firefox based). You will experience fewer issues with captchas and online platforms[^383] if you use Brave than if you use Tor Browser (feel free to try this yourself). -- For every identity, you should have a matching profile picture associated with it. For this purpose, I recommend you just go to [[Archive.org]][399] and generate a computer-generated profile picture (Do note that algorithms have been developed[^393]'[^394] to detect these and it might not work 100% of the time). You can also generate such pictures yourself from your computer if you prefer by using the open-source StyleGan project here [[Archive.org]][400]. Just refresh the page until you find a picture that matches your identity in all aspects (age, sex, and ethnicity) and save that picture. It would be even better to have several pictures associated with that identity, but I do not have an "easy way" of doing that yet. +- For every identity, you should have a matching profile picture associated with it. For this purpose,Werecommend you just go to [[Archive.org]][399] and generate a computer-generated profile picture (Do note that algorithms have been developed[^393]'[^394] to detect these and it might not work 100% of the time). You can also generate such pictures yourself from your computer if you prefer by using the open-source StyleGan project here [[Archive.org]][400]. Just refresh the page until you find a picture that matches your identity in all aspects (age, sex, and ethnicity) and save that picture. It would be even better to have several pictures associated with that identity, butWedo not have an "easy way" of doing that yet. - **Bonus**, you could also make it more real by using this service (with an anonymous identity) [[Archive.org]][401] to make a picture more lifelike. Here is an example: @@ -5961,7 +5961,7 @@ Unfortunately, not using your real identity is against the ToS (Terms of Service This does not mean that it is illegal in other places but that it might be a breach of their Terms of Services if you do not have the law on your side. **Remember this guide only endorses this for German users residing in Germany.** -On my side, I strongly condemn this type of real-name policy. See for instance this Wikipedia article giving some examples: [[Wikiless]][408] [[Archive.org]][409] +On my side,Westrongly condemn this type of real-name policy. See for instance this Wikipedia article giving some examples: [[Wikiless]][408] [[Archive.org]][409] Here are some more references about the German case for reference: @@ -5977,7 +5977,7 @@ Here are some more references about the German case for reference: - [[Archive.org]][414] -Alternatively, you could be an adult resident of any other country where you can confirm and verify the legality of this yourself. Again, this is not legal advice, and I am not a lawyer. **Do this at your own risk.** +Alternatively, you could be an adult resident of any other country where you can confirm and verify the legality of this yourself. Again, this is not legal advice, andWeam not a lawyer. **Do this at your own risk.** Other countries where this was ruled illegal: @@ -6504,7 +6504,7 @@ While it does not technically require a real name. It does require a valid payme - Can you create accounts through Tor? Yes, but see below -Because of this valid payment method requirement, I could not test this. While this is seemingly not against their ToS, it is not possible within the context of this guide unless you manage to obtain a valid KYC payment method anonymously which AFAIK is pretty much impossible or extremely difficult. +Because of this valid payment method requirement,Wecould not test this. While this is seemingly not against their ToS, it is not possible within the context of this guide unless you manage to obtain a valid KYC payment method anonymously which AFAIK is pretty much impossible or extremely difficult. So, AFAIK, it is not possible to create an anonymous Amazon account. @@ -6538,7 +6538,7 @@ Note that this account will not allow you to set up an Apple mail account. For t - Will they require a phone number? No, but they do require an e-mail -- Can you create accounts through Tor? I had no issues with that so far using the Desktop Client +- Can you create accounts through Tor?Wehad no issues with that so far using the Desktop Client You might encounter more issues using the Web Client (Captchas). Especially with Tor Browser. @@ -6574,7 +6574,7 @@ But this clause of their ToS is illegal in Germany (see [Requirements][Pre-requi Facebook is one of the most aggressive platforms with identity verification and is pushing hard their "real name policy". It is why this guide is only advised to German residents. -Over my tests tho I was able to pinpoint a few tips: +Over my tests thoWewas able to pinpoint a few tips: - It will be easier if you have an Instagram account first. @@ -6602,7 +6602,7 @@ I also suspect strongly based on my test that the following points have an impac If your account gets suspended, you will need to appeal the decision through a quite simple form that will require you to submit a "proof of ID". However, that proof of ID verification system is more lenient than LinkedIn and will allow you to send various documents which require far less Photoshop skills. -It is also possible that they ask you to take a selfie video or picture-making certain gestures to prove your identity. If that is the case, I am afraid it is a dead-end for now unless you use a deepfake face swapping technique. +It is also possible that they ask you to take a selfie video or picture-making certain gestures to prove your identity. If that is the case,Weam afraid it is a dead-end for now unless you use a deepfake face swapping technique. If you do file an appeal, you will have to wait for Facebook to review it (I do not know whether this is automatic or human) and you will have to wait and hope for them to unsuspend your account. @@ -6678,23 +6678,23 @@ It is also possible that Google will require an ID check through indirect financ #### Instagram: -- Is this against their ToS? **Maybe?** I am not sure [[Archive.org]][430] +- Is this against their ToS? **Maybe?**Weam not sure [[Archive.org]][430] "**You can't impersonate others or provide inaccurate information. You do not have to disclose your identity on Instagram, but you must provide us with accurate and up-to-date information (including registration information)**. **Also, you may not impersonate someone you are not, and you can't create an account for someone else unless you have their express permission".** -This one is a bit of an Oxymoron don't you think? So, I am not sure whether it is allowed or not. +This one is a bit of an Oxymoron don't you think? So,Weam not sure whether it is allowed or not. - Will they require a phone number? Maybe but less likely over VPN and very likely over Tor - Can you create accounts through Tor? Yes, but expect some captchas and your phone number will be required -It is also possible that they ask you to take a selfie video or picture-making certain gestures to prove your identity (within the app or through an e-mail request). If that is the case, I am afraid it is a dead-end for now. +It is also possible that they ask you to take a selfie video or picture-making certain gestures to prove your identity (within the app or through an e-mail request). If that is the case,Weam afraid it is a dead-end for now. It is no secret that Instagram is part of Facebook however it is more lenient than Facebook when it comes to user verification. It is quite unlikely you will get suspended or banned after signing up. But it could help. -For instance, I noticed that you will face fewer issues creating a Facebook account if you already have a valid Instagram account. You should always create an Instagram account before trying Facebook. +For instance,Wenoticed that you will face fewer issues creating a Facebook account if you already have a valid Instagram account. You should always create an Instagram account before trying Facebook. -Unfortunately, there are some limitations when using the web version of Instagram. For instance, you will not be able to enable Authenticator 2FA from the web for a reason I do not understand. +Unfortunately, there are some limitations when using the web version of Instagram. For instance, you will not be able to enable Authenticator 2FA from the web for a reasonWedo not understand. After sign-up, do the following: @@ -6854,9 +6854,9 @@ Telegram is quite straightforward, and you can download their portable Windows a It will require a phone number (that can only be used once) and nothing else. -In most cases, I had no issues whether it was over Tor or VPN, but I had a few cases where my telegram account was just banned for violating terms of services (not sure which one?). This again despite not using them for anything. +In most cases,Wehad no issues whether it was over Tor or VPN, butWehad a few cases where my telegram account was just banned for violating terms of services (not sure which one?). This again despite not using them for anything. -They provide an appeal process through e-mail, but I had no success with getting any answer. +They provide an appeal process through e-mail, butWehad no success with getting any answer. Their appeal process is just sending an e-mail to [[Archive.org]][446] stating your phone number and issue and hope they answer. @@ -6900,7 +6900,7 @@ Twitter is extremely aggressive in preventing anonymity on its network. You shou More than likely, your account will be suspended immediately during the sign-up process and will require you to complete a series of automated tests to unlock. This will include a series of captchas, confirmation of your e-mail and Twitter handle, or other information. In some cases, it will also require your phone number. -In some cases, despite you selecting a text verification, the Twitter verification system will call the phone no matter what. In that case, you will have to pick up and hear the verification code. I suspect this is another method of preventing automated systems and malicious users from selling text receiving services over the internet. +In some cases, despite you selecting a text verification, the Twitter verification system will call the phone no matter what. In that case, you will have to pick up and hear the verification code.Wesuspect this is another method of preventing automated systems and malicious users from selling text receiving services over the internet. Twitter will store all this information and link it to your account including your IP, e-mail, and phone number. You will not be able that phone number to create a different account. @@ -6926,7 +6926,7 @@ Once the account is restored, you should take some time to do the following: - Log out and leave it be. -After about a week, you should check Twitter again and the chances are quite high that it will be suspended again for "suspicious activity" or "violating community guidelines" despite you not using it at all (not even a single tweet/follow/like/retweet or DM) but this time by another system. I call this the "Double-tap". +After about a week, you should check Twitter again and the chances are quite high that it will be suspended again for "suspicious activity" or "violating community guidelines" despite you not using it at all (not even a single tweet/follow/like/retweet or DM) but this time by another system.Wecall this the "Double-tap". This time you will need to submit an appeal using a form[^407], provide a good reason and wait for the appeal to be processed by Twitter. During that process, you may receive an e-mail (on Proton) asking you to reply to a customer service ticket to prove that you do have access to your e-mail and that it is you. This will be directed toward your Gmail address but will arrive on your Proton. @@ -6978,9 +6978,9 @@ Ideally, you should find a way to buy/sell crypto with cash from an unknown pers #### What about those mobile-only apps (WhatsApp/Signal)? -There are only three ways of securely using those anonymously (that I would recommend). Using a VPN on your phone is not one of those ways. All of those are, unfortunately, "tedious" to say the least. +There are only three ways of securely using those anonymously (thatWewould recommend). Using a VPN on your phone is not one of those ways. All of those are, unfortunately, "tedious" to say the least. -- Use an Android Emulator within the Windows VM and run the App through your multi-layer of Tor/VPN. The drawback is that such emulators are usually quite resource-hungry and will slow down your VM and use more battery. Here is also an (outdated) guide on this matter: [[Archive.org]][451]. As for myself, I will recommend the use of: +- Use an Android Emulator within the Windows VM and run the App through your multi-layer of Tor/VPN. The drawback is that such emulators are usually quite resource-hungry and will slow down your VM and use more battery. Here is also an (outdated) guide on this matter: [[Archive.org]][451]. As for myself,Wewill recommend the use of: - Android-x86 on Virtualbox (see [[Archive.org]][348]) that you can also set up easily. @@ -6988,9 +6988,9 @@ There are only three ways of securely using those anonymously (that I would reco - **Not recommended:** Using a non-official app (such as Wassapp for WhatsApp) to connect from the Windows VM to the app. Use at your own risk as you could get banned for violating the terms of services by using a non-official App. -- **Not recommended and most complicated:** Have a burner Smartphone that you will connect to the VM layered network through Tethering/Sharing of the connection through Wi-Fi. I will not detail this here, but it is an option. +- **Not recommended and most complicated:** Have a burner Smartphone that you will connect to the VM layered network through Tethering/Sharing of the connection through Wi-Fi.Wewill not detail this here, but it is an option. -There is no way to reliably set a decent multi-layered connectivity approach easily on an Android phone (it is not even possible on IOS as far as I know). By reliable, I mean being sure that the smartphone will not leak anything such as geolocation or anything else from booting up to shutting down. +There is no way to reliably set a decent multi-layered connectivity approach easily on an Android phone (it is not even possible on IOS as far asWeknow). By reliable,Wemean being sure that the smartphone will not leak anything such as geolocation or anything else from booting up to shutting down. #### Anything else: @@ -7028,7 +7028,7 @@ See the [Bad Cryptography][Bad Cryptography:] section at the start of this guide **Always be cautious of apps rolling their own crypto until it has been reviewed by many in the crypto community (or even better published and peer-reviewed academically)**. Again, this is harder to verify with closed-source proprietary apps. -It is not that rolling your own crypto is bad in essence, it is that good cryptography needs real peer-reviewing, auditing, testing... And since you are probably not a cryptanalyst (and I am not one either), chances are high we are not competent to assess the cryptography of some apps. +It is not that rolling your own crypto is bad in essence, it is that good cryptography needs real peer-reviewing, auditing, testing... And since you are probably not a cryptanalyst (andWeam not one either), chances are high we are not competent to assess the cryptography of some apps. #### Forward Secrecy: @@ -7664,7 +7664,7 @@ Any safe options for mobile devices? **Yes, but these are not endorsed/recommend **Note that all the non-native Tor options must be used over Tor for safety (from Tails or a guest OS running behind the Whonix Gateway such as the Whonix Workstation or an Android-x86 VM).** -While I do not recommend most of the messaging platforms for the various reasons outlined above (phone number and e-mail requirements), this does not mean it is not possible to use them anonymously if you know what you are doing. You can use even Facebook Messenger anonymously by taking the necessary precautions outlined in this guide (virtualization behind a Tor Gateway on a non-persistent OS). +WhileWedo not recommend most of the messaging platforms for the various reasons outlined above (phone number and e-mail requirements), this does not mean it is not possible to use them anonymously if you know what you are doing. You can use even Facebook Messenger anonymously by taking the necessary precautions outlined in this guide (virtualization behind a Tor Gateway on a non-persistent OS). The ones that are preferred are recommended due to their stance on privacy, their default settings, their crypto choices but also because they allow convenient anonymous sign-up without going through the many hassles of having a phone number/e-mail verification method and are open source. Those should be privileged in most cases. @@ -7684,7 +7684,7 @@ You can also consult the following external resources for more comparisons: - Messenger-Matrix.de at [[Archive.org]][461] -**I do not endorse or recommend some mainstream platforms for anonymity including the much-praised Signal which to this date still requires a phone number to register and contact others. In the context of this guide, I strongly recommend against using Signal if possible.** +**I do not endorse or recommend some mainstream platforms for anonymity including the much-praised Signal which to this date still requires a phone number to register and contact others. In the context of this guide,Westrongly recommend against using Signal if possible.** ### How to share files publicly but anonymously: @@ -7831,7 +7831,7 @@ Here is a comparative table of recommended/included software compiled from vario **Legend:** * Not recommended but mentioned. N/A = Not Included or absence of recommendation for that software type. (L)= Linux Only but can maybe be used on Windows/macOS through other means (HomeBrew, Virtualization, Cygwin). (?)= Not tested but open-source and could be considered. -**In all cases, I strongly recommend only using such applications from within a VM or Tails to prevent as much leaking as possible. If you do not, you will have to sanitize those documents carefully before publishing (See [Removing Metadata from Files/Documents/Pictures][Removing Metadata from Files/Documents/Pictures:]).** +**In all cases,Westrongly recommend only using such applications from within a VM or Tails to prevent as much leaking as possible. If you do not, you will have to sanitize those documents carefully before publishing (See [Removing Metadata from Files/Documents/Pictures][Removing Metadata from Files/Documents/Pictures:]).** ### Communicating sensitive information to various known organizations: @@ -7839,7 +7839,7 @@ You might be interested in communicating information to some organization such a If you must do so, you should take some steps because you cannot trust any organization to protect your anonymity[^422]. See [Appendix B1: Checklist of things to verify before sharing information][Appendix B1: Checklist of things to verify before sharing information:]. -For this, I strongly recommend the use of SecureDrop[^423] ( [[Archive.org]][471]) which is an open-source project from the Freedom of the Press Foundation. +For this,Westrongly recommend the use of SecureDrop[^423] ( [[Archive.org]][471]) which is an open-source project from the Freedom of the Press Foundation. - Do take a moment to their read their "source guide" here: [[Archive.org]][472] @@ -7911,7 +7911,7 @@ For these back-ups, you will need a USB key or an external hard drive with enoug #### Veracrypt: -For this purpose, I will recommend the use of Veracrypt on all platforms (Linux/Windows/macOS) for convenience, security, and portability. +For this purpose,Wewill recommend the use of Veracrypt on all platforms (Linux/Windows/macOS) for convenience, security, and portability. #### Normal File containers: @@ -7943,13 +7943,13 @@ To do this, when mounting the Decoy Volume, select Mount Options and Check the " - **Do not store multiple versions of them or store them anywhere where some versioning is being done (by the file system or the storage system). These file containers should be identical everywhere you store them. If you have a backup of such containers somewhere, it needs to be absolutely identical to the one you are using. If you do not take this precaution, an adversary could compare two different versions of this container and prove the existence of hidden data. Follow carefully the recommendations here ** [[Archive.org]][304]**. Remember the [Local Data Leaks and Forensics:] section.** -- I strongly recommend storing such containers on external USB keys that you will only mount from your guest VMs and never from your Host OS. **After each modification to the files, you should clean the free space on the USB disk and make sure that any backup of such containers is absolutely identical on each key and your computer. See the [How to securely delete specific files/folders/data on your HDD/SSD and Thumb drives][How to securely delete specific files/folders/data on your HDD/SSD and Thumb drives:] section of this guide for help on doing this.** +- Westrongly recommend storing such containers on external USB keys that you will only mount from your guest VMs and never from your Host OS. **After each modification to the files, you should clean the free space on the USB disk and make sure that any backup of such containers is absolutely identical on each key and your computer. See the [How to securely delete specific files/folders/data on your HDD/SSD and Thumb drives][How to securely delete specific files/folders/data on your HDD/SSD and Thumb drives:] section of this guide for help on doing this.** - If you have time, **I will even recommend that you delete wipe the keys completely before making any modification on such containers on your computer (if you do not work from the USB key directly).** This is to prevent an adversary that would seize your assets before you could update the keys from having multiple versions of the containers that could lead to proving the existence of hidden data using forensics techniques. - **Do not ever store such containers on cloud storage platforms that have backups and where you have no direct control over permanent deletion. They might keep "old versions" of your files which can then also be used by forensics to prove the existence of hidden data.** -- If you are mounting the hidden volume from your Host OS (**not recommended**), you should erase all traces of this hidden volume everywhere after use. There could be traces in various places (system logs, file systems journaling, recent documents in your applications, indexing, registry entries...). Refer to the [Some additional measures against forensics][Some additional measures against forensics:] section of this guide to remove such artifacts. Especially on Windows. Instead, you should mount them on your Guest VMs. With Virtualbox for instance, you could take a snapshot of the VM before opening/working the hidden volume and then restore the snapshot before opening/working on it after use. This should erase the traces of its presence and mitigate the issue. Your Host OS might keep logs of the USB key being inserted but not of the hidden volume usage. Therefore, I do not recommend using these from your host OS. +- If you are mounting the hidden volume from your Host OS (**not recommended**), you should erase all traces of this hidden volume everywhere after use. There could be traces in various places (system logs, file systems journaling, recent documents in your applications, indexing, registry entries...). Refer to the [Some additional measures against forensics][Some additional measures against forensics:] section of this guide to remove such artifacts. Especially on Windows. Instead, you should mount them on your Guest VMs. With Virtualbox for instance, you could take a snapshot of the VM before opening/working the hidden volume and then restore the snapshot before opening/working on it after use. This should erase the traces of its presence and mitigate the issue. Your Host OS might keep logs of the USB key being inserted but not of the hidden volume usage. Therefore,Wedo not recommend using these from your host OS. - Do not store these on external SSD drives if you are not sure you can use Trim on them (see the [Understanding HDD vs SSD][Understanding HDD vs SSD:] section). @@ -7963,7 +7963,7 @@ You will have two options here: - This backup can be done while the Operating System is running. - - This backup will not be encrypted using the disk encryption but using the Backup utility encryption algorithm (which you will have to trust and cannot really control for most). Alternatively, you could encrypt the backup media yourself separately (for instance with Veracrypt). I am not aware of any free or non-free utility that natively supports Veracrypt. + - This backup will not be encrypted using the disk encryption but using the Backup utility encryption algorithm (which you will have to trust and cannot really control for most). Alternatively, you could encrypt the backup media yourself separately (for instance with Veracrypt).Weam not aware of any free or non-free utility that natively supports Veracrypt. - Some utilities will allow for differential/incremental backups instead of full backups. @@ -7979,9 +7979,9 @@ You will have two options here: - This method is the easiest to manage. -I made extensive testing using live backups utilities (Macrium Reflect, EaseUS Todo Reflect, Déjà Dup...) and personally I do not think it is worth it. Instead, I would recommend that you periodically back up your system with a simple Clonezilla image. It is much easier to perform, much easier to restore, and usually works reliably without issues in all cases. And contrary to many beliefs, it is not that slow with most backups taking about an hour depending on the speed of your destination media. +I made extensive testing using live backups utilities (Macrium Reflect, EaseUS Todo Reflect, Déjà Dup...) and personallyWedo not think it is worth it. Instead,Wewould recommend that you periodically back up your system with a simple Clonezilla image. It is much easier to perform, much easier to restore, and usually works reliably without issues in all cases. And contrary to many beliefs, it is not that slow with most backups taking about an hour depending on the speed of your destination media. -For backing up single files while you work, I recommend using file containers or encrypted media directly and manually as explained in the earlier section. +For backing up single files while you work,Werecommend using file containers or encrypted media directly and manually as explained in the earlier section. #### Requirements: @@ -8003,17 +8003,17 @@ So, you should follow the steps in [Appendix E: Clonezilla] ##### QubesOS: -Qubes OS recommends using their own utility for backups as documented here [[Archive.org]][476]. But it is just a hassle and provides limited added value unless you just want to back up a single Qube. So instead, I am also recommending just making a full image with Clonezilla which will remove all the hassle and bring you back a working system in a few simple steps. +Qubes OS recommends using their own utility for backups as documented here [[Archive.org]][476]. But it is just a hassle and provides limited added value unless you just want to back up a single Qube. So instead,Weam also recommending just making a full image with Clonezilla which will remove all the hassle and bring you back a working system in a few simple steps. So, you should follow the steps in [Appendix E: Clonezilla] #### Windows: -I will only recommend the use of the open-source and free Clonezilla utility for this purpose. There are commercial utilities that offer the same functionality, but I do not see any advantage in using any of them vs Clonezilla. +I will only recommend the use of the open-source and free Clonezilla utility for this purpose. There are commercial utilities that offer the same functionality, butWedo not see any advantage in using any of them vs Clonezilla. Some warnings: -- If you use Bitlocker for encryption with TPM[^424] enabled, you might need to save your Bitlocker Key (safely) somewhere as well as this might be needed to restore your drive if your HDD/SSD or other hardware parts changed. Another option would be to use Bitlocker without the use of TPM which would not require this option. But again, I do not recommend using Bitlocker at all. +- If you use Bitlocker for encryption with TPM[^424] enabled, you might need to save your Bitlocker Key (safely) somewhere as well as this might be needed to restore your drive if your HDD/SSD or other hardware parts changed. Another option would be to use Bitlocker without the use of TPM which would not require this option. But again,Wedo not recommend using Bitlocker at all. - You should always have a backup of your Veracrypt rescue disk at hand somewhere to be able to resolve some issues that might still appear after a restore. Remember this rescue disk does not contain your passphrase or any sensitive information. You can store it as is. @@ -8033,7 +8033,7 @@ So, plug in an external drive and it should prompt you to use it as a Time Machi It is just simpler and will work online while you work. You will be able to recover your data on any other Mac from the recovery options and you will be also able to use this disk for backing up other devices. -It is possible to also use Clonezilla to clone your Mac Hard Drive, but it could bring hardware compatibility issues and probably will not add much in terms of security. So, for macOS, I am not specifically recommending Clonezilla. +It is possible to also use Clonezilla to clone your Mac Hard Drive, but it could bring hardware compatibility issues and probably will not add much in terms of security. So, for macOS,Weam not specifically recommending Clonezilla. ## Online Backups: @@ -8071,7 +8071,7 @@ If you do intend to store sensitive data on "mainstream platforms" (Dropbox, Goo ### Information: -If you just want to save information (text), I will recommend the use of secure and private pastebins[^425]. Mostly I will stick to the ones recommended by PrivacyGuides.org ( [[Archive.org]][480] ) : +If you just want to save information (text),Wewill recommend the use of secure and private pastebins[^425]. MostlyWewill stick to the ones recommended by PrivacyGuides.org ( [[Archive.org]][480] ) : - @@ -8171,7 +8171,7 @@ So, you want to be sure. To achieve 100% secure deletion on an SSD drive, you wi - Overwrite the entire drive's contents - HDDs: - Overwrite the drive's contents using a tool like [srm](https://www.howtogeek.com/425232/how-to-securely-delete-files-on-linux/), [wipe](https://linux.die.net/man/1/wipe), [shred, etc.](https://recoverit.wondershare.com/harddrive-tips/format-and-wipe-linux-disk.html). Ideally you want to use the Gutmann method, which was created for most effective data erasure on all drives. This method also works on SSDs, although it is overkill. - - Simply overwriting the drive's contents is not always enough. Dedicated secure deletion tools are designed to perform multiple passes to more effectively wipe data. This is expecially important on older drives. I recommend using either `wipe` or `srm`. + - Simply overwriting the drive's contents is not always enough. Dedicated secure deletion tools are designed to perform multiple passes to more effectively wipe data. This is expecially important on older drives.Werecommend using either `wipe` or `srm`. - If using `wipe`, just use its default options (`wipe /dev/sdX`), as the defaults are tuned to most effectively wipe data on HDDs. - If using `srm`, make sure to manually specify that it should perform a Gutmann wipe (`srm -G /dev/sdX`). - SSDs: @@ -8463,7 +8463,7 @@ If you want more security and do not trust the Trim operation, then you will hav - You can do this the graphical way with BleachBit following this tutorial from the EFF: [[Archive.org]][495] -- Or you can do this from the command line following this tutorial: [[Archive.org]][492] (For this purpose I recommend wipe and shred). +- Or you can do this from the command line following this tutorial: [[Archive.org]][492] (For this purposeWerecommend wipe and shred). #### External SSD drive: @@ -8507,7 +8507,7 @@ Please follow this documentation to Trim within Qubes OS: [[Archive.org]][503] (at your own risk, this has not been tested yet). +- Decrypt and re-encrypt the whole drive to overwrite all free space after data deletion. This will ensure overwriting of all the free space.Wedidn't find a reliable tutorial on how to do this safely on Qubes OS but it is possible this tutorial could work: [[Archive.org]][503] (at your own risk, this has not been tested yet). - Refer to this Documentation ( [[Archive.org]][504]) and then trim using "fstrim --all" and then fill up the entire free space of the disk using a utility such as: @@ -8537,7 +8537,7 @@ Use the same method as Linux from a Qube connected to that specific USB device - You can do this the graphical way with BleachBit following this tutorial from the EFF: [[Archive.org]][495] -- Or you can do this from the command line following this tutorial: [[Archive.org]][492] (For this purpose I recommend wipe and shred). +- Or you can do this from the command line following this tutorial: [[Archive.org]][492] (For this purposeWerecommend wipe and shred). #### External SSD drive: @@ -8743,7 +8743,7 @@ It is actually simple, jut install exiftool and run: #### All-in-one Tool: -Another option good tool IMHO to remove metadata from various documents is the open-source mat2 recommended by privacyguides.org[^445] ( [[Archive.org]][519]) which you can use on Linux quite easily. I never managed to make it work properly within Windows due to various dependencies issues despite the provided instructions. It is however very straightforward to install and use on Linux. +Another option good tool IMHO to remove metadata from various documents is the open-source mat2 recommended by privacyguides.org[^445] ( [[Archive.org]][519]) which you can use on Linux quite easily.Wenever managed to make it work properly within Windows due to various dependencies issues despite the provided instructions. It is however very straightforward to install and use on Linux. So, we would suggest creating a small Debian VM within Virtualbox (behind your Whonix Gateway) which you can then use from your other VMs to analyze various files from a convenient web interface. For this see [Appendix L: Creating a mat2-web guest VM for removing metadata from files] @@ -8805,9 +8805,9 @@ To remove such attributes, you will have to do it manually from the terminal: (Note that Apple has removed the convenient xattr --c option that would just remove all attributes at once so you will have to do this for each attribute on each file) -**These attributes and entries will stick even if you clear your browser history, and this is obviously bad for privacy (right?), and I am not aware of any convenient tool that will deal with those at the moment.** +**These attributes and entries will stick even if you clear your browser history, and this is obviously bad for privacy (right?), andWeam not aware of any convenient tool that will deal with those at the moment.** -Fortunately, there are some mitigations for avoiding this issue in the first place as these attributes and entries are set by the browsers. So, I tested various browsers (On macOS Catalina, Big Sur, and Monterey), and here are the results as of the date of this guide: +Fortunately, there are some mitigations for avoiding this issue in the first place as these attributes and entries are set by the browsers. So,Wetested various browsers (On macOS Catalina, Big Sur, and Monterey), and here are the results as of the date of this guide: | **Browser** | **Quarantine DB Entry** | **Quarantine File Attribute** | **Origin File Attribute** | |------------------------------|------------------------------|-------------------------------|---------------------------| @@ -8936,7 +8936,7 @@ Now you should clean the history within any app that you used including Browser ##### Wi-Fi History: -Now it is time to clear the history of the Wi-Fi you connect to. Unfortunately, Windows keeps storing a list of past Networks in the registry even if you "forgot" those in the Wi-Fi settings. As far as I know, no utilities clean those yet (BleachBit or PrivaZer for instance) so you will have to do it the manual way: +Now it is time to clear the history of the Wi-Fi you connect to. Unfortunately, Windows keeps storing a list of past Networks in the registry even if you "forgot" those in the Wi-Fi settings. As far asWeknow, no utilities clean those yet (BleachBit or PrivaZer for instance) so you will have to do it the manual way: - Launch Regedit using this tutorial: [[Archive.org]][526] @@ -9008,7 +9008,7 @@ Here are the steps for PrivaZer: - Secure Overwriting Tab: We would just pick Normal Deletion + Trim (Trim itself should be enough[^342]). Secure Deletion with Trim[^339] (1 pass) might be redundant and overkill here if you intend to overwrite the free space anyway. - - Free Space Tab: Personally, and again "just to be sure", we would select Normal Cleanup which will fill the entire free space with Data. I do not really trust Smart Cleanup as it does not actually fill all the free space of the SSD with Data. But again, this is probably not needed and overkill in most cases. + - Free Space Tab: Personally, and again "just to be sure", we would select Normal Cleanup which will fill the entire free space with Data.Wedo not really trust Smart Cleanup as it does not actually fill all the free space of the SSD with Data. But again, this is probably not needed and overkill in most cases. - If you have an HDD drive: @@ -9046,7 +9046,7 @@ Here are the steps for BleachBit: - Select any other traces you want to remove from their list - - Again, as with the earlier utility, we would not clean the free space on an SSD drive because I think the Windows native "optimize" utility is enough (see below) and that filling up the free space on a trim enabled SSD is just completely overkill and unnecessary. + - Again, as with the earlier utility, we would not clean the free space on an SSD drive becauseWethink the Windows native "optimize" utility is enough (see below) and that filling up the free space on a trim enabled SSD is just completely overkill and unnecessary. - Click Clean and wait. This will take a while and will fill your whole free space with data on both HDD and SSD drives. @@ -9118,7 +9118,7 @@ Search for the page that was changed (where your profile was deleted/changed) an ### Qwant: -As far as I know, there is no readily available tool to force this, and you will have to wait for the results to get updated if there is any. If you know a way, please report this to me through the GitHub issues. +As far asWeknow, there is no readily available tool to force this, and you will have to wait for the results to get updated if there is any. If you know a way, please report this to me through the GitHub issues. ### Yahoo Search: @@ -9126,11 +9126,11 @@ Yes, Yahoo Search still exists but as per their help page [[Wikiless]][537] [[Archive.org]][538] +As far asWeknow, there is no way to remove information from Wikipedia articles themselves but if you just want to remove traces of your username from it (as a user that contributed), you can do so by following these steps: [[Wikiless]][537] [[Archive.org]][538] This will not remove any information about your online identities that could appear in other articles but only your own identity on Wikipedia as a user. @@ -9146,7 +9146,7 @@ You can remove pages from internet archives but **only if you own the website in As per their help page -"How can I exclude or remove my site's pages from the Wayback Machine? +"How canWeexclude or remove my site's pages from the Wayback Machine? You can send an e-mail request for us to review to info@archive.org with the URL (web address) in the text of your message". @@ -9290,7 +9290,7 @@ Keep in mind that many countries have specific laws to compel you to reveal your # A small final editorial note: -After reading this whole guide, I hope you will have gained some additional beneficial insight about privacy and anonymity. It is clear now, in my humble opinion, that the world we live in has only a few safe harbors remaining where one could have a reasonable expectation of privacy and even less so anonymity. Many will often say that 1984 by George Orwell was not meant to be an instruction book. Yet today this guide and its many references should, I hope, reveal to you how far down we are in the rabbit hole. +After reading this whole guide,Wehope you will have gained some additional beneficial insight about privacy and anonymity. It is clear now, in my humble opinion, that the world we live in has only a few safe harbors remaining where one could have a reasonable expectation of privacy and even less so anonymity. Many will often say that 1984 by George Orwell was not meant to be an instruction book. Yet today this guide and its many references should,Wehope, reveal to you how far down we are in the rabbit hole. You should also know that most of the digital information described in length in this guide can be forged or tampered with by a motivated adversary for any purpose. Even if you do manage to keep secrets from prying eyes, anyone can fabricate anything to fit their narrative: @@ -9414,7 +9414,7 @@ This project for instance is running several Tor Exit nodes using donations to f - Thanks to the makers of the Social Dilemma documentary **(go watch it if you did not yet)** -- Thanks to Michael Bazzell and his great OSINT books which I recommend you **buy** at +- Thanks to Michael Bazzell and his great OSINT books whichWerecommend you **buy** at - Thanks to Randall Munroe at XKCD for his great and insightful webcomics. @@ -9884,7 +9884,7 @@ These instructions are valid for all Operating Systems: - **If you are backing up a disk with simple Encryption, encryption of the backup is not required since you are backing up an already encrypted disk, but you can still encrypt the backup anyway if you want additional security (and slower backup).** - - **If you intend to back up a device with plausible deniability encryption, I strongly recommend against it as this backup image could be used to prove the existence of the hidden volume using forensics techniques as explained earlier. Do not make an image backup of the partition containing your hidden OS.** + - **If you intend to back up a device with plausible deniability encryption,Westrongly recommend against it as this backup image could be used to prove the existence of the hidden volume using forensics techniques as explained earlier. Do not make an image backup of the partition containing your hidden OS.** - You are done, if you need to restore, follow these instructions: [[Archive.org]][583] @@ -9892,7 +9892,7 @@ Each backup could take a while depending on the speed of your laptop and the spe # Appendix F: Diskpart -Diskpart is a Windows utility that can be used to perform various operations on your hard drive. In this case, we will use Diskpart to show the Disk ID but also change it if necessary. +Diskpart is a Windows utility that can be used to perform various operations on your hard drive. In this case, You will use Diskpart to show the Disk ID but also change it if necessary. This could be needed if you restore a backup on a new HDD/SSD that has an ID that differs from the one backed up and Windows could refuse to boot. @@ -9946,13 +9946,13 @@ Clean all the data from the browser after each use. # Appendix H: Windows Cleaning Tools -In this guide I will recommend two-third native tools and two third-party tools: +In this guideWewill recommend two-third native tools and two third-party tools: - Native Tools: - Windows 10/11 Disk Cleanup Utility: [[Archive.org]][585] -> This tool will clean up a bunch of things natively. It is not enough, and I instead recommend using the third-party tools below to clean more stuff. PrivaZer for instance will use the disk cleanup utility directly itself and BleachBit will use its own mechanisms. +> This tool will clean up a bunch of things natively. It is not enough, andWeinstead recommend using the third-party tools below to clean more stuff. PrivaZer for instance will use the disk cleanup utility directly itself and BleachBit will use its own mechanisms. - Windows 10/11 Optimize Utility (Defrag on HDD Drives): [[Archive.org]][586] (yes the tutorial is for Windows 10 but should work on 11 too) @@ -9986,7 +9986,7 @@ Both these utilities can delete files and can overwrite the free space after del # Appendix I: Using ShredOS to securely wipe an HDD drive: -Several utilities are recommended (like the old unmaintained DBAN[^463] or System Rescue CD ( [[Archive.org]][589])) for this but I will recommend the use of ShredOS. +Several utilities are recommended (like the old unmaintained DBAN[^463] or System Rescue CD ( [[Archive.org]][589])) for this butWewill recommend the use of ShredOS. Feel free to go with DBAN instead if you want (using this tutorial: [[Archive.org]][590]), the process is basically the same but will not work out of the box with UEFI laptops. @@ -10060,7 +10060,7 @@ Unfortunately, most of these tools are Windows only. # Appendix K: Considerations for using external SSD drives -**I do not recommend using external SSDs due to the uncertainty about their support for Trim, ATA Secure Erase, and Sanitize options through USB controllers. Instead, I recommend using external HDD disks which can be cleaned/wiped safely and securely without hassle (albeit much slower than SSD drives).** +**I do not recommend using external SSDs due to the uncertainty about their support for Trim, ATA Secure Erase, and Sanitize options through USB controllers. Instead,Werecommend using external HDD disks which can be cleaned/wiped safely and securely without hassle (albeit much slower than SSD drives).** Please do not buy or use gimmicky self-encrypting devices such as these: [[Archive.org]][235] @@ -10120,7 +10120,7 @@ So, if it is supported (and enabled on your external SSD), you should be able to If your disk supports it but it is not enabled in macOS. You could try issuing a "sudo trimforce enable" command from the Terminal and see if it enables Trim on your external SSD. And then again check the first aid command if it is not APFS (see this Tutorial for info [[Archive.org]][606]) -If it does not work, I am not aware of any reliable method to enable TRIM besides the commercial utility Trim Enabler here [[Archive.org]][607] which claims support for external drives. +If it does not work,Weam not aware of any reliable method to enable TRIM besides the commercial utility Trim Enabler here [[Archive.org]][607] which claims support for external drives. ### ATA/NVMe Operations (Secure Erase/Sanitize): @@ -10138,7 +10138,7 @@ Download the latest Debian testing amd64 netinst ISO from [[Archive.org]][620]) that accept cash payments: Mullvad, iVPN, and Proton VPN. -In addition, I will also mention a newcomer to watch: Safing SPN [[Archive.org]][621]) which (while still in the alpha stage at the time of this writing) which also accepts cash and has a very distinct new concept for a VPN which provides benefits similar to Tor Stream isolation with their "SPN"). Note that Safing SPN is not available on macOS at the moment. This possibility is "provisional" and at your own risk, but I think was worth mentioning. +In addition,Wewill also mention a newcomer to watch: Safing SPN [[Archive.org]][621]) which (while still in the alpha stage at the time of this writing) which also accepts cash and has a very distinct new concept for a VPN which provides benefits similar to Tor Stream isolation with their "SPN"). Note that Safing SPN is not available on macOS at the moment. This possibility is "provisional" and at your own risk, butWethink was worth mentioning. Personally, for now, we would recommend Mullvad due to personal experience. @@ -10580,7 +10580,7 @@ Here are some guides provided by the recommended VPN providers in this guide: - Mullvad: [[Archive.org]][651] -- Whonix Workstation: Coming Soon, it is certainly possible, but I did not find a suitable and easy tutorial yet. It is also worth remembering that if your VPN stops on Whonix, you will still be behind the Tor Network. +- Whonix Workstation: Coming Soon, it is certainly possible, butWedid not find a suitable and easy tutorial yet. It is also worth remembering that if your VPN stops on Whonix, you will still be behind the Tor Network. - macOS: @@ -10782,17 +10782,17 @@ My take on the matter is on the pragmatic side. There is still room for some AV * **Please be aware that while VirusTotal might seem very practical for scanning various files, their "privacy policy" is problematic (see ** [[Archive.org]][669]**) and states:** -"When you submit Samples to the Services, if you submit Samples to the Services, we will collect all of the information in the Sample itself and information about the act of submitting it". +"When you submit Samples to the Services, if you submit Samples to the Services, You will collect all of the information in the Sample itself and information about the act of submitting it". **So, remember that any document you submit to them will be kept, shared, and used commercially including the content. So, you should not do that with sensitive information and rely on various local AV scanners (that do not send samples online).** So, if you are in doubt: -- For non-sensitive files, I do encourage you to check any documents/images/videos/archives/programs you intend to open with VirusTotal (or other similar tools) because ... Why not? (Either by uploading or checking hashes). +- For non-sensitive files,Wedo encourage you to check any documents/images/videos/archives/programs you intend to open with VirusTotal (or other similar tools) because ... Why not? (Either by uploading or checking hashes). - For sensitive files, we would recommend at least an offline unprivileged ClamAV scan of the files. -For instance, this guide's PDF files were submitted to VirusTotal because it is meant to be public knowledge and I see no valid argument against it. It does not guarantee the absence of malware, but it does not hurt to add this check. +For instance, this guide's PDF files were submitted to VirusTotal because it is meant to be public knowledge andWesee no valid argument against it. It does not guarantee the absence of malware, but it does not hurt to add this check. ### Manual Reviews: @@ -11018,7 +11018,7 @@ Another useful resource to be considered for comparing browsers is: . This will prevent unnecessary fees and intermediates when using a commercial swapping service. The website is self-explanatory with detailed instructions for all OSes. +**Now, as part of any process above, if you want to convert BTC back to Monero**,Werecommend not using a swapping service but instead recommend using the new Monero Atomic Swap Tool: . This will prevent unnecessary fees and intermediates when using a commercial swapping service. The website is self-explanatory with detailed instructions for all OSes. # Appendix A1: Recommended VPS hosting providers @@ -11891,7 +11891,7 @@ Note that some of those have a convenient ".onion" address: - DuckDuckGo: -In the end, I am often not satisfied with the results of both those search engines and still end up on Bing or Google. +In the end,Weam often not satisfied with the results of both those search engines and still end up on Bing or Google. # Appendix A4: Counteracting Forensic Linguistics @@ -12005,7 +12005,7 @@ Finally, and optionally, add some salt by purposefully adding some mistakes to y First decide upon a list of words that you frequently do not misspell, maybe the words "grammatical", "symbol", and "pronounced" (this list should include more words). **Do not use an AutoCorrect automatic replace option for this as it might correct when it does not make sense.** Instead, use Search and Replace and do this manually for each word. **Do not use "Replace All" either and review each change.** This is just the first step, for providing misinformation against linguistic fingerprinting. -Next, find a list of words that you commonly use in your writing. Let us say that I love to use contractions when I write, maybe I always use words such as: "can't", "don't", "shouldn't", "won't", or "let's". Well, maybe go into LibreWriter and use "Search and Replace" to replace all contractions with the full versions of the words ("can't" > "cannot", "don't" > "do not", "shouldn't" > "should not", "won't" > "will not", "let's" > "let us"). This can make a large difference in your writing and give a difference in how people and most importantly your adversaries perceive you. You can change most words to be different, as an example you can change "huge" to "large". Just make sure these words fit with your identity. +Next, find a list of words that you commonly use in your writing. Let us say thatWelove to use contractions whenWewrite, maybeWealways use words such as: "can't", "don't", "shouldn't", "won't", or "let's". Well, maybe go into LibreWriter and use "Search and Replace" to replace all contractions with the full versions of the words ("can't" > "cannot", "don't" > "do not", "shouldn't" > "should not", "won't" > "will not", "let's" > "let us"). This can make a large difference in your writing and give a difference in how people and most importantly your adversaries perceive you. You can change most words to be different, as an example you can change "huge" to "large". Just make sure these words fit with your identity. Now, consider changing your words choices to fit a geographic location. Maybe you live in the US, and you want to give the impression that your identity is from the UK. For example, you can make use of location-based spelling and lexicon. This is risky, and one mistake can give it away. @@ -12045,9 +12045,9 @@ You might also consider the use of something like AnonyMouth [[Wikiless]][718] [[Archive.org]][719]: May have an IQ of 167, but he was caught primarily based on forensic linguistics. -- [[Archive.org]][720]: Explains how your writing style can be used to track you, I highly recommend reading through these slides, or watching the accompanying presentation on YouTube. +- [[Archive.org]][720]: Explains how your writing style can be used to track you,Wehighly recommend reading through these slides, or watching the accompanying presentation on YouTube. -- [[Archive.org]][721]: Explains how your writing style can be used to track you, I highly recommend reading through these slides, or watching the accompanying presentation on YouTube, this is quite similar to the last presentation. +- [[Archive.org]][721]: Explains how your writing style can be used to track you,Wehighly recommend reading through these slides, or watching the accompanying presentation on YouTube, this is quite similar to the last presentation. - [[Archive.org]][722]: This goes over how to potentially spot deception through the internet, and presents a checklist to see how trustworthy someone is. We would advise reading the slides or watching the presentation on YouTube. @@ -12059,11 +12059,11 @@ These recommendations are similar to the ones at the beginning of the guide and - For YouTube links, use an Invidious instance ( [[Archive.org]][29]) - - I recommend [https://yewtu.be] + - Werecommend [https://yewtu.be] - For Twitter links, use a Nitter instance ( [[Archive.org]][30]) - - I recommend [https://nitter.net] + - Werecommend [https://nitter.net] - For Wikipedia links, use a Wikiless instance ( [[Archive.org]][31]) @@ -12103,7 +12103,7 @@ Offline versions (best format for the best readability) of this guide at: # Appendix A7: Comparing versions -If you want to compare an older version of the PDF with a newer version, consider these online tools (note that I do not endorse those tools in relation to their privacy policies, but it should not matter since these PDFs are public): +If you want to compare an older version of the PDF with a newer version, consider these online tools (note thatWedo not endorse those tools in relation to their privacy policies, but it should not matter since these PDFs are public): - @@ -12495,7 +12495,7 @@ You can find some introduction on these on these projects: [^113]: Reuters, Exclusive: Apple dropped plan for encrypting backups after FBI complained -- sources [[Archive.org]][887] -[^114]: ZDnet, I asked Apple for all my data. Here's what was sent back [[Archive.org]][888] +[^114]: ZDnet,Weasked Apple for all my data. Here's what was sent back [[Archive.org]][888] [^115]: De Correspondent, Here's how we found the names and addresses of soldiers and secret agents using a simple fitness app [[Archive.org]][889] @@ -12517,7 +12517,7 @@ You can find some introduction on these on these projects: [^124]: Wikipedia, Google SensorVault, [[Wikiless]][898] [[Archive.org]][899] -[^125]: NRKBeta, My Phone Was Spying on Me, so I Tracked Down the Surveillants [[Archive.org]][900] +[^125]: NRKBeta, My Phone Was Spying on Me, soWeTracked Down the Surveillants [[Archive.org]][900] [^126]: New York Times [[Archive.org]][901] @@ -12697,7 +12697,7 @@ You can find some introduction on these on these projects: [^214]: Wikipedia, Stuxnet [[Wikiless]][1002] [[Archive.org]][1003] -[^215]: Superuser.com, How do I safely investigate a USB stick found in the parking lot at work? [[Archive.org]][1004] +[^215]: Superuser.com, How doWesafely investigate a USB stick found in the parking lot at work? [[Archive.org]][1004] [^216]: The Guardian, Glenn Greenwald: how the NSA tampers with US-made internet routers [[Archive.org]][1005] @@ -12863,7 +12863,7 @@ You can find some introduction on these on these projects: [^299]: Usenix.org, Shedding too much Light on a Microcontroller's Firmware Protection [[Archive.org]][1107] -[^300]: TorProject.org, Can I run Tor Browser on an iOS device? [[Archive.org]][1108] +[^300]: TorProject.org, CanWerun Tor Browser on an iOS device? [[Archive.org]][1108] [^301]: Wikipedia, Tails [[Wikiless]][1109] [[Archive.org]][1110] @@ -13147,7 +13147,7 @@ You can find some introduction on these on these projects: [^441]: Partedmagic NVMe Secure Erase [[Archive.org]][1258] -[^442]: UFSExplorer, Can I recover data from an encrypted storage? [[Archive.org]][1259] +[^442]: UFSExplorer, CanWerecover data from an encrypted storage? [[Archive.org]][1259] [^443]: Apple Developer Documentation [[Archive.org]][1260]