This Constitution is subject to change but the premise will be generally
upheld from this point forward.
Signed-off-by: Sharp-tailed Grouse <no@anonymousplanet.org>
When it comes to using cryptocurrencies as a means for anonymous payments, the guide seems to put a lot of stress on using Zcash and Monero, while outright discouraging the use of Bitcoin. However, Zcash is simply not used by enough people to provide an anonymous means of financial transactions, so long as anonymity requires the ability to hide in a crowd as is relevant here. Just last year, Zcash was attacked by an entity filling up blocks, causing the [chain size to significantly increase](https://blockchair.com/zcash/charts/blockchain-size) without an [increase in transactions](https://blockchair.com/zcash/charts/transaction-count), while only costing the attacker [approximately $10 a day](https://twitter.com/lopp/status/1577718171468972033). Yet Zcash is recommended as the "Extra-Paranoid anonymous option" in "Online anonymous payments using cryptocurrencies". The reasoning stresses that the crypto algorithms would have to be broken in order to harm the anonymity of its users and that isn't true because an anonymity-focused coin that no one uses is **not anonymous** no matter how secure its algorithms are.
The [resources](https://github.com/Anon-Planet/thgtoa/blob/master/guide.md#warning-about-special-tumbling-mixing-coinjoining-privacy-wallets-and-services-wikiless-archiveorg) provided in the warning against special tumbling, mixing, coinjoining privacy wallets and services all target centralized and/or custodial mixing services, while making no mention of modern privacy protocols that work on Bitcoin and give users forward-facing on-chain privacy guarantees today.
This PR hopes to clarify the risks of using centralized mixers/tumblers, point readers to tools that are non-custodial and actually **do** provide users with forward-facing on-chain privacy so that they can use Bitcoin anonymously, and remove recommendations to use Zcash.
Based on a [previous comment](https://github.com/Anon-Planet/thgtoa/pull/28#issuecomment-1145782407), there was hesitancy on adding a recommendation before its gotten significant review. Whirlpool is an implementation of [ZeroLink](https://code.samourai.io/whirlpool/Whirlpool/-/blob/whirlpool/THEORY.md) which breaks all links between a UTXO and its history. Whirlpool has been used on Bitcoin's mainnet since 2019 beginning with its [public beta](https://bitcoinmagazine.com/culture/samourai-wallets-privacy-enhancing-whirlpool-now-in-public-beta) and has since grown to [6743 BTC in unspent capacity](https://twitter.com/SamouraiDev/status/1615708859641004032). This should provide a basis for "significant review" to be able to recommend.
Update the onion via #266. Nginx proxy was set up incorrectly and listening on the wrong port by default. I fixed that port issue, and then I also had to edit the systemd service to remove the previous PID in /run that was causing issues. After a reload, it works flawlessly. The site should redirect easily now, to our brand-new Tor address!
We already use a plethora of VMs in this guide; it's probably not necessary to
make a big deal about VMWare tools.
Signed-off-by: Sharp-tailed Grouse <sharptail@riseup.net>
* Your Browser and Device Fingerprints:
* Microarchitectural Side-channel Deanonymization Attacks
Adds previous documentation on side-channel attacks which can be used
to fingerprint users, presented in 2016. This means this type of
microarchitectural deanonymization attack has been performed
possibly as early on as the first day websites have been able to
perform browser fingerprinting.
Fixes#70: ("Revisiting the Browser and Device Fingerprints &
Microarchitectural Side-channel Deanonymization Attacks sections")
We have two sections for FPing and this clearly defines the meaning of both:
- one section is a brief explanation and intro into Fingerprinting and "why"
- the other provides more technical analysis of things that can be leaked
Signed-off-by: Sharp-tailed Grouse <sharptail@riseup.net>
