Git-Mirrors/thgtoa
1
0
Fork 0
mirror of https://github.com/Anon-Planet/thgtoa.git synced 2024-10-01 01:25:56 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'Anon-Planet:master' into master

Browse Source
This commit is contained in:
T. H 2022-07-16 00:47:28 -11:00 committed by GitHub
commit e37ad09c02
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 59 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@ -8,14 +8,14 @@ This guide is an open-source non-profit initiative, [licensed](LICENSE.html) und
**If you would like to make a donation to help this project, you can do so from [here](donations.html) where you will also find the project goals. All the donations will be strictly used within the context of this project. All donations and spendings are logged on the donations page.**
**Direct downloads:**
- <del>CryptPad.fr at: <https://cryptpad.fr/drive/#/2/drive/view/Ughm9CjQJCwB8BIppdtvj5zy4PyE-8Gxn11x9zaqJLI/></del> (temporarily unavailable)
**Direct downloads alternatives:**
- **Coming soon**
**View the guide:**
- [In your browser](guide.html)
- [PDF](export/guide.pdf)
- [OpenDocument (ODT)](export/guide.odt)
- Raw [Markdown](https://raw.githubusercontent.com/NobodySpecial256/thgtoa/master/guide.md)
- Raw [Markdown](https://raw.githubusercontent.com/NobodySpecial256/thgtoa/master/guide.md) (references do not work when viewing this way).
Mirrors:
- **Coming soon**
@ -23,7 +23,7 @@ Mirrors:
The guide and all the files are also readily available on Archive.org and Archive.today:
- Archive.org: <https://web.archive.org/web/https://anonymousplanet-ng.org/>
- Archive.today: <https://archive.fo/anonymousplanet-ng.org/>
- Archive.today: <https://archive.ph/anonymousplanet-ng.org/>
- Archive.today over Tor: <http://archiveiya74codqgiixo33q62qlrqtkgmcitqx5u2oeqnmn5bpcbiyd.onion/anonymousplanet-ng.org/>
If you want to access/see the original/legacy project, please see the [legacy resources](legacy.html) page.
@ -34,7 +34,7 @@ If you want to see the changes between your PDF and the latest PDF, you could us
- <https://products.aspose.app/pdf/comparison>
- <https://draftable.com/compare>
If you want to compare an older ODT file with a newer one, use the LibreWriter compare features as explained here: <https://help.libreoffice.org/7.1/en-US/text/shared/guide/redlining_doccompare.html>
If you want to compare an older ODT file with a newer one, use the LibreWriter compare features as explained here: <https://help.libreoffice.org/7.1/en-US/text/shared/guide/redlining_doccompare.html> <sup>[[Archive.org]][2]</sup>)
**If you want to check the files for integrity, safety, authenticity, please refer to this ["How To"](verify.html).**
@ -52,3 +52,4 @@ Have a good read and feel free to share and/or recommend it!
[cc-by-nc-4.0]: https://creativecommons.org/licenses/by-nc/4.0/
[1]: https://web.archive.org/web/https://creativecommons.org/licenses/by-nc/4.0/
[2]: https://web.archive.org/wen/https://help.libreoffice.org/7.1/en-US/text/shared/guide/redlining_doccompare.html

72
guide.md
View File

@ -10,13 +10,13 @@ Version 1.1.5, June 2022 by Anonymous Planet
Це послання до народу України. Ми настійно рекомендуємо вам використовувати Briar для спілкування. Ви можете знайти його тут: <https://briarproject.org/ .
За допомогою цієї програми ви можете спілкуватися, навіть коли немає Інтернету.
Посібник тут: <https://briarproject.org/manual/uk/> , Швидкий початок: <https://briarproject.org/quick-start/uk/>
Посібник тут: <https://briarproject.org/manual/uk/>, Швидкий початок: <https://briarproject.org/quick-start/uk/>
--------------------------------------------------------------------------
This is a message for the people of Ukraine. We strongly recommend that you use Briar for communicating. You can find it here: <https://briarproject.org/>
With this application, you can communicate even when there is no internet.
The manual is here: <https://briarproject.org/manual/> , quick-start guie here: <https://briarproject.org/quick-start/>
The manual is here: <https://briarproject.org/manual/>, quick-start guide here: <https://briarproject.org/quick-start/>
--------------------------------------------------------------------------
@ -1569,9 +1569,7 @@ If the VPN provider knows nothing about you, it should mitigate any issue due to
(Illustration: an excellent movie we highly recommend: Das Leben der Anderen[^286])
Many advanced techniques can be used by skilled adversaries[^287] to bypass your security measures provided they already know where your devices are. Many of those techniques are detailed here <https://cyber.bgu.ac.il/advanced-cyber/airgap> <sup>[[Archive.org]][172]</sup> (Air-Gap Research Page, Cyber-Security Research Center, Ben-Gurion University of the Negev, Israel) but also in this report <https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf> <sup>[[Archive.org]][173]</sup> (ESET, JUMPING
THE AIR GAP: 15 years of nation-state effort) and include:
Many advanced techniques can be used by skilled adversaries[^287] to bypass your security measures provided they already know where your devices are. Many of those techniques are detailed here <https://cyber.bgu.ac.il/advanced-cyber/airgap> <sup>[[Archive.org]][172]</sup> (Air-Gap Research Page, Cyber-Security Research Center, Ben-Gurion University of the Negev, Israel) but also in this report <https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf> <sup>[[Archive.org]][173]</sup> (ESET, JUMPING THE AIR GAP: 15 years of nation-state effort) and include:
- Attacks requiring malware implants:
@ -4958,10 +4956,15 @@ The Qubes master signing key fingerprint should match `427F 11FD 0FAA 4B08 0123
Unfortunately, Qubes OS does not support hibernation[^366] which is an issue regarding cold-boot attacks. To mitigate those, I highly recommend that you configure Qubes OS to shut down on any power action (power button, lid closure). You can do set this from the XFCE Power Manager. Do not use the sleep features.
### Anti Evil Maid (AEM):
**Warning**, this step only works with Intel CPUs, a legacy BIOS, TPM 1.2. If you do not meet those requirements, skip this step.
Anti Evil Maid is an implementation of a TPM-based static trusted boot with a primary goal to prevent Evil Maid attacks. Installing and using AEM requires attaching a USB drive directly to dom0. So the user must make a choice between protecting dom0 from a potentially malicious USB drive, and protecting the system from Evil Maid attacks. Note that AEM is only compatible with Intel CPUs and Legacy boot options.
The preference for mitigating any evil maid attack is to maintain physical control of your device at all times. If that is not possible, then this might be relevant to your threat model.
Before deciding to use this system, please read [Appendix B4: Important notes about evil-maid and tampering]
See the following links for more details and installation instructions:
- <https://www.qubes-os.org/doc/anti-evil-maid/> <sup>[[Archive.org]][1378]</sup>
@ -9223,30 +9226,40 @@ Wait, what is OPSEC? Well, OPSEC means Operations Security[^456]. The basic defi
OPSEC is often just applying common sense and being cautious about your activities including in the physical world:
- **Remember to use passphrases instead of passwords and use a different one for each service ([Appendix A2: Guidelines for passwords and passphrases]).**
## Digital and Online OPSEC
- **Remember to use passphrases or suits of words instead of short passwords and use a different one for each service. See [Appendix A2: Guidelines for passwords and passphrases].**
- Make sure you are not keeping a copy of this guide anywhere unsafe after. The sole presence of this guide will most likely defeat all your plausible deniability possibilities.
- Consider the use of Haven <https://guardianproject.github.io/haven/> <sup>[[Archive.org]][540]</sup> on some old android phone to keep watch on your home/room while you are away.
- Doxx "yourself" and your identities from time to time by looking for them yourself online using various search engines to monitor your online identities. You can even automate the process somewhat using various tools such as Google Alerts <https://www.google.com/alerts> <sup>[[Archive.org]][541]</sup>.
- Remember [Appendix N: Warning about smartphones and smart devices]. Do not forget your smart devices can compromise your anonymity.
- OSINT "yourself" and your identities from time to time by looking for them yourself online using various search engines to monitor your online identities. You can even automate the process somewhat using various tools such as Google Alerts <https://www.google.com/alerts> <sup>[[Archive.org]][541]</sup>.
- Do not ever use biometrics alone to safeguard your secrets. Biometrics can be used without your consent.
- Do check the signatures and hashes of software and documents you download before installing/viewing them.
- Encrypt everything but do not take it for granted. Remember the 5$ wrench.
## Physical and IRL OPSEC
- Remember the ["Physically Tamper protect your laptop"][Physically Tamper protect your laptop:] section.
- See ["Appendix B4: Important notes about evil-maid and tampering"][Appendix B4: Important notes about evil-maid and tampering]
- Remember the ["How to spot if someone has been searching your stuff, home, or room"](How to spot if someone has been searching your stuff, home, or room:) section.
- Consider the use of Haven <https://guardianproject.github.io/haven/> <sup>[[Archive.org]][540]</sup> on some old android phone to keep watch on your home/room while you are away.
- Remember [Appendix N: Warning about smartphones and smart devices]. Do not forget your smart devices can compromise your anonymity.
- Do not ever travel with those devices if you must pass strong border checks and where they could be illegal or raise suspicion.
- Do not plug any equipment in that laptop unless you trust it. Use a USB data blocker for charging.
- Do check the signatures and hashes of Software you download before installing them.
- Remember the first rule of fight club and do not talk to anyone about your sensitive activities using your real identity.
- Keep a normal life and do not be weird. If you spend all your online time using Tor to access the internet and have no social network accounts at all ... You are already suspicious and attracting unnecessary attention.
- Encrypt everything but do not take it for granted. Remember the 5$ wrench.
- Keep plausible deniability as an option but remember it will not help against the 5$ wrench either.
- Never ever leave your laptop unattended/on/unlocked anywhere when conducting sensitive activities. Remember the story of Ross Ulbricht and his arrest <https://en.wikipedia.org/wiki/Ross_Ulbricht#Silk_Road,_arrest_and_trial> <sup>[[Wikiless]][542]</sup> <sup>[[Archive.org]][543]</sup>.
@ -9257,9 +9270,11 @@ OPSEC is often just applying common sense and being cautious about your activiti
- Know and always have at your disposal the details of a lawyer that could help you as a last resort in case things go wrong.
- Keep your situation awareness high but not too high as to appear suspicious.
- Read those tips here <https://www.whonix.org/wiki/DoNot> <sup>[[Archive.org]][339]</sup>
- **Finally, have common sense, do not be dumb, look and learn from others' mistakes, watch/read these:**
- **Have common sense, do not be dumb, look and learn from others' mistakes, watch/read these:**
- Medium.com, Darkweb Vendors and the Basic Opsec Mistakes They Keep Making <https://medium.com/@c5/darkweb-vendors-and-the-basic-opsec-mistakes-they-keep-making-e54c285a488c> <sup>[[Scribe.rip]][545]</sup> <sup>[[Archive.org]][546]</sup>
@ -9267,16 +9282,24 @@ OPSEC is often just applying common sense and being cautious about your activiti
- 2020, RSA Conference 2020, When Cybercriminals with Good OpSec Attack <https://www.youtube.com/watch?v=zXmZnU2GdVk> <sup>[[Invidious]][548]</sup>
- 2015, DEFCON 22, Adrian Crenshaw- Dropping Docs on Darknets: How People Got Caught <https://www.youtube.com/watch?v=eQ2OZKitRwc> <sup>[[Invidious]][549]</sup> ([Slides][] <sup>[[Archive.org]][550]</sup>)
- 2015, DEF CON 22, Adrian Crenshaw, Dropping Docs on Darknets: How People Got Caught <https://www.youtube.com/watch?v=eQ2OZKitRwc> <sup>[[Invidious]][549]</sup> ([Slides][] <sup>[[Archive.org]][550]</sup>)
- 2017, Ochko123 - How the Feds Caught Russian Mega-Carder Roman Seleznev <https://www.youtube.com/watch?v=6Chp12sEnWk> <sup>[[Invidious]][551]</sup>
- 2015, DEF CON 22 - Zoz - Don't Fuck It Up! <https://www.youtube.com/watch?v=J1q4Ir2J8P8> <sup>[[Invidious]][552]</sup>
- 2015, DEF CON 22, Zoz, Don't Fuck It Up! <https://www.youtube.com/watch?v=J1q4Ir2J8P8> <sup>[[Invidious]][552]</sup>
- 2020, Bad Opsec - How Tor Users Got Caught, <https://www.youtube.com/watch?v=GR_U0G-QGA0> <sup>[[Invidious]][553]</sup>
- 2020, Bad Opsec, How Tor Users Got Caught, <https://www.youtube.com/watch?v=GR_U0G-QGA0> <sup>[[Invidious]][553]</sup>
**FINAL OPSEC DISCLAIMER: KEEP YOUR ANONYMOUS IDENTITIES COMPLETELY SANDBOXED FROM YOUR NORMAL ENVIRONMENT AND REAL IDENTITY. DO NOT SHARE ANYTHING BETWEEN THE ANONYMOUS ENVIRONMENTS AND THE REAL IDENTITY ENVIRONMENT. KEEP THEM COMPLETELY COMPARTMENTALIZED ON EVERY LEVEL. MOST OPSEC FAILURES ARE DUE TO USERS ACCIDENTALLY LEAKING INFORMATION RATHER THAN TECHNICAL FAILURES.**
# What to do if you detected tampering or searching ?
- In the case of a laptop, they likely placed a key-logger, and possible network and gps capabilities. We recommend to open your laptop take the drive (which should be fully encrypted) and leave for a safe place and abandonning the laptop. Do not try to remove the "bug" as this could put you in physical danger.
- If you detected searching of your room, home... Again we recommend leaving for a safe place while abandoning everything in the room that could also be "bugged".
- Do your best to not let your adversary suspect or know you detected the search and/or the tampering. Be creative. Call a friend for example just to tell you're gonna go to the supermarket to buy food.
# **If you think you got burned:**
## If you have some time:
@ -12300,6 +12323,16 @@ You can find some introduction on these on these projects:
- Online Operations Security: [https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]
# Appendix B4: Important notes about evil-maid and tampering
Your context needs to be taken into account.
Preventing an evil-maid attack attack or tampering might lead to bad consequences. Your adversary might then resort to other means to obtain the key.
On the other hand, allowing the attack but detecting it will not let your adversary know that you are aware of the tampering. You can then take steps safely to not reveal information and possibly leave.
See the [Some last OPSEC thoughts][Some last OPSEC thoughts:] section for some tips.
---
# References:
@ -13671,6 +13704,7 @@ You can find some introduction on these on these projects:
[Appendix B1: Checklist of things to verify before sharing information:]: #appendix-b1-checklist-of-things-to-verify-before-sharing-information
[Appendix B2: Monero Disclaimer]: #appendix-b2-monero-disclaimer
[Appendix B3: Threat modeling resources]: #appendix-b3-threat-modeling-resources
[Appendix B4: Important notes about evil-maid and tampering]: #appendix-b4-important-notes-about-evil-maid-and-tampering
[References:]: #references
[cc-by-nc-4.0]: https://creativecommons.org/licenses/by-nc/4.0/
[27]: https://web.archive.org/web/https://creativecommons.org/licenses/by-nc/4.0/