* Fix typo
Change TAILS -> Tails
* Remove duplicate link
"Snapchat Transparency Report" is repeated
Archive link is different but just older version of the same
---------
Co-authored-by: nopeitsnothing <no@anonymousplanet.org>
- Adds silent.link
As always, this guide recommends using providers which accept Monero
(XMR) as payment, or, at the very least offer non-KYC transaction via
BTC - which is viable using this guide.
Do not trust Google results for "free SMS verification".
Currently, this section is comprised of several sets of instruction
It can be shorter and to the point, and doesn't need to be so wordy
Signed-off-by: Sharp-tailed Grouse <no@anonymousplanet.org>
A few are simply typos and grammatical changes:
- Remove Lena's message (as per their request)
- Update chatroom rules for Matrix
- Fix various grammatical errors, spelling mistakes, etc.
- Add Lucas to mod status
- Remove in memoriam of Lena
Lena has requested (very explicitly, I might add) that we remove all of her
"stupid fucking messages". This is me doing that.
Signed-off-by: Sharp-tailed Grouse <no@anonymousplanet.org>
When it comes to using cryptocurrencies as a means for anonymous payments, the guide seems to put a lot of stress on using Zcash and Monero, while outright discouraging the use of Bitcoin. However, Zcash is simply not used by enough people to provide an anonymous means of financial transactions, so long as anonymity requires the ability to hide in a crowd as is relevant here. Just last year, Zcash was attacked by an entity filling up blocks, causing the [chain size to significantly increase](https://blockchair.com/zcash/charts/blockchain-size) without an [increase in transactions](https://blockchair.com/zcash/charts/transaction-count), while only costing the attacker [approximately $10 a day](https://twitter.com/lopp/status/1577718171468972033). Yet Zcash is recommended as the "Extra-Paranoid anonymous option" in "Online anonymous payments using cryptocurrencies". The reasoning stresses that the crypto algorithms would have to be broken in order to harm the anonymity of its users and that isn't true because an anonymity-focused coin that no one uses is **not anonymous** no matter how secure its algorithms are.
The [resources](https://github.com/Anon-Planet/thgtoa/blob/master/guide.md#warning-about-special-tumbling-mixing-coinjoining-privacy-wallets-and-services-wikiless-archiveorg) provided in the warning against special tumbling, mixing, coinjoining privacy wallets and services all target centralized and/or custodial mixing services, while making no mention of modern privacy protocols that work on Bitcoin and give users forward-facing on-chain privacy guarantees today.
This PR hopes to clarify the risks of using centralized mixers/tumblers, point readers to tools that are non-custodial and actually **do** provide users with forward-facing on-chain privacy so that they can use Bitcoin anonymously, and remove recommendations to use Zcash.
Based on a [previous comment](https://github.com/Anon-Planet/thgtoa/pull/28#issuecomment-1145782407), there was hesitancy on adding a recommendation before its gotten significant review. Whirlpool is an implementation of [ZeroLink](https://code.samourai.io/whirlpool/Whirlpool/-/blob/whirlpool/THEORY.md) which breaks all links between a UTXO and its history. Whirlpool has been used on Bitcoin's mainnet since 2019 beginning with its [public beta](https://bitcoinmagazine.com/culture/samourai-wallets-privacy-enhancing-whirlpool-now-in-public-beta) and has since grown to [6743 BTC in unspent capacity](https://twitter.com/SamouraiDev/status/1615708859641004032). This should provide a basis for "significant review" to be able to recommend.
We already use a plethora of VMs in this guide; it's probably not necessary to
make a big deal about VMWare tools.
Signed-off-by: Sharp-tailed Grouse <sharptail@riseup.net>
* Your Browser and Device Fingerprints:
* Microarchitectural Side-channel Deanonymization Attacks
Adds previous documentation on side-channel attacks which can be used
to fingerprint users, presented in 2016. This means this type of
microarchitectural deanonymization attack has been performed
possibly as early on as the first day websites have been able to
perform browser fingerprinting.
Fixes#70: ("Revisiting the Browser and Device Fingerprints &
Microarchitectural Side-channel Deanonymization Attacks sections")
We have two sections for FPing and this clearly defines the meaning of both:
- one section is a brief explanation and intro into Fingerprinting and "why"
- the other provides more technical analysis of things that can be leaked
Signed-off-by: Sharp-tailed Grouse <sharptail@riseup.net>
Adding designed approved quick LINDDUN tutorial video link for getting started. The video has been reviewed positively by LINDDUN designers/researchers on our demand.
