thgtoa/export/CHANGELOG.html
nopenothinghere 1c7ea25ef9
v1.1.9
Fix VT hashes
Sign recent changes
2023-07-29 13:00:17 -04:00

1026 lines
76 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" lang xml:lang>
<head>
<meta charset="utf-8" />
<meta name="generator" content="pandoc" />
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes" />
<title>The Hitchhiker&#39;s Guide to Online Anonymity</title>
<style>
html {
line-height: 1.5;
font-family: Georgia, serif;
font-size: 20px;
color: #1a1a1a;
background-color: #fdfdfd;
}
body {
margin: 0 auto;
max-width: 36em;
padding-left: 50px;
padding-right: 50px;
padding-top: 50px;
padding-bottom: 50px;
hyphens: auto;
overflow-wrap: break-word;
text-rendering: optimizeLegibility;
font-kerning: normal;
}
@media (max-width: 600px) {
body {
font-size: 0.9em;
padding: 1em;
}
h1 {
font-size: 1.8em;
}
}
@media print {
body {
background-color: transparent;
color: black;
font-size: 12pt;
}
p, h2, h3 {
orphans: 3;
widows: 3;
}
h2, h3, h4 {
page-break-after: avoid;
}
}
p {
margin: 1em 0;
}
a {
color: #1a1a1a;
}
a:visited {
color: #1a1a1a;
}
img {
max-width: 100%;
}
h1, h2, h3, h4, h5, h6 {
margin-top: 1.4em;
}
h5, h6 {
font-size: 1em;
font-style: italic;
}
h6 {
font-weight: normal;
}
ol, ul {
padding-left: 1.7em;
margin-top: 1em;
}
li > ol, li > ul {
margin-top: 0;
}
blockquote {
margin: 1em 0 1em 1.7em;
padding-left: 1em;
border-left: 2px solid #e6e6e6;
color: #606060;
}
code {
font-family: Menlo, Monaco, 'Lucida Console', Consolas, monospace;
font-size: 85%;
margin: 0;
}
pre {
margin: 1em 0;
overflow: auto;
}
pre code {
padding: 0;
overflow: visible;
overflow-wrap: normal;
}
.sourceCode {
background-color: transparent;
overflow: visible;
}
hr {
background-color: #1a1a1a;
border: none;
height: 1px;
margin: 1em 0;
}
table {
margin: 1em 0;
border-collapse: collapse;
width: 100%;
overflow-x: auto;
display: block;
font-variant-numeric: lining-nums tabular-nums;
}
table caption {
margin-bottom: 0.75em;
}
tbody {
margin-top: 0.5em;
border-top: 1px solid #1a1a1a;
border-bottom: 1px solid #1a1a1a;
}
th {
border-top: 1px solid #1a1a1a;
padding: 0.25em 0.5em 0.25em 0.5em;
}
td {
padding: 0.125em 0.5em 0.25em 0.5em;
}
header {
margin-bottom: 4em;
text-align: center;
}
#TOC li {
list-style: none;
}
#TOC ul {
padding-left: 1.3em;
}
#TOC > ul {
padding-left: 0;
}
#TOC a:not(:hover) {
text-decoration: none;
}
code{white-space: pre-wrap;}
span.smallcaps{font-variant: small-caps;}
span.underline{text-decoration: underline;}
div.column{display: inline-block; vertical-align: top; width: 50%;}
div.hanging-indent{margin-left: 1.5em; text-indent: -1.5em;}
ul.task-list{list-style: none;}
.display.math{display: block; text-align: center; margin: 0.5rem auto;}
</style>
</head>
<body>
<header id="title-block-header">
<h1 class="title">The Hitchhiker&#39;s Guide to Online Anonymity</h1>
</header>
<p>v1.1.9</p>
<ul>
<li>Add dependency check action</li>
<li>Fixup Brave config settings</li>
<li>Add silent.link to Online Phone Number section</li>
<li>Fix Appendix K reference to itself</li>
<li>Rename “TAILS” to “Tails”</li>
</ul>
<p>v1.1.8</p>
<ul>
<li>Add AnarSec to links</li>
<li>CICD: fix automatic VT scans</li>
<li>Appendix D: remove trailing period in title</li>
<li>CICD: lock old issues &amp; pull requests</li>
<li>Tor onion offline</li>
<li>CICD: update issues template</li>
<li>Revert “Quantum resistance and good crypto algos”</li>
</ul>
<p>v1.1.7</p>
<ul>
<li>Add A.P. Open Collective link</li>
<li>Remove in memoriam for Lena per her wishes</li>
<li>Add Lucas as NTH mod</li>
<li>Fix missing inline image leftover from previous PRs</li>
<li>“Checking if your Tor Exit Node is terrible”: reduce to one section
and remove subsections</li>
</ul>
<p>v1.1.6 <strong>“Its alive…again.”</strong></p>
<p>The thing works now.</p>
<ul>
<li>Fixed the errors in pandoc (Tex2PDF) build</li>
<li>Updated Tor .onion links</li>
<li>Drank a lulz amount of espresso</li>
<li>Cleaned up garbage</li>
<li>Removed unused links</li>
<li>Note regarding Alexs absence (they will return)</li>
</ul>
<p>v1.1.6-pre2 - I know, I know. Pre-release? Again??! v1.1.6 coming
<strong>very</strong> soon. - Update to $OXEN staking prices in Session
section - Small grammar/spelling fixes - Fix image inline linking issue
(stop using dual linking) - Re-order hardlinks to make it easy to
manage</p>
<p>v1.1.6-pre1 - Update on Tor Browser route due to major changes - Tor
Project has condensed their settings and it is no longer necessary to
manually configure bridges. - Fix out of date options/settings for Tor
on Android - Small grammar/spelling fixes - Removal and fix of some bad
links - Removal of AnonArchive (down) - “How to spot if someone has been
searching your stuff” fixed - PDF and ODT builds disabled temporarily -
Update to social links for SEO plugin - Link to Qubes tutorial for
installing Windows VMs - Added link to Arkenfox/user.js - Remove
unnecessary addons</p>
<p>v1.1.5 - Various spelling and grammar fixes - Fixed several numbering
errors in references - Updated and fixed many broken URLs and saved them
in the Wayback Machine - Noted that https://mastodon.social/<span class="citation" data-cites="anonypla">@anonypla</span> is gone? added
strike-through - Adapted Qubes OS hardware requirements that were too
low for a decent experience (RAM) according to their recommendation -
Put more incentive to use Tor Browser Safest mode as long as it does not
break anything and switch to Safer if necessary and with precautions
linked in an appendix - Precision that Anti-Evil Maid on Qubes OS is
only available on Intel CPUs - Removed dead link of Centry Fork project
- Added Windows 11 support to the guide - Partial additions of partial
Qubes 4.1.X support but needs completion and testing (coming soon) -
Added link to official guide to upgrade from Qubes 4.0.X to 4.1.X (fresh
or in-place) - Fixed issue in Qubes OS Tor over VPN and VPN over Tor
Networking cases that were just plain wrong - Added guidance to run
Windows 11 within Virtualbox + link to official guide from Oracle -
Added recommendation to install/use Safing PortMaster and added a link
for some compatibility issues between Portmaster and some VPNs - Removed
Windows AME completely from the guide - Replaced the “I would” by a “We
would” since it is now a group effort and project - Added a safest
recommendation for more paranoid people in security level choices in
Tor</p>
<p>v1.1.4-pre2 - Fixed some spelling/grammar - Update to contributing
guidelines - Update of modern-crypto room rules - Addition of
chatroom-rules for the PSA community - Update of verification guide
(removed outdated content, fixed links, updates) - Removal of CTemplar
references since it was shutdown - Fixed links to Proton services,
references, onion URL, and archives - Removal of BTC Wasabi
recommedation in favor of Coinjoin alternative and wallet
recommendations - Re-phrasing of some confusing sentences - LibRedirect
extension is recommended again - Fixed many links formatting - Removal
of removed content (dark pdf) - Fixed links to ODT file - Added
recommendation to <a href="https://z0ccc.github.io/extension-fingerprints/#" class="uri">https://z0ccc.github.io/extension-fingerprints/#</a> and <a href="https://www.deviceinfo.me/" class="uri">https://www.deviceinfo.me/</a> - Removed links to
non-existant mirrors - Updated some outdated references(old project)</p>
<p>v1.1.4-pre1 - Addition of a legacy resources page for the old
archives - Changes in the about page to reflect the current situation -
Changes in the donation page to reflect the current situation - Fix link
to video “How to Hack a Turned-Off Computer, [..]” - Misspelling and
grammar mistakes fixed - Fix formatting - Garbage removal - Inline
linking fixes - Privacyguides changed their URL scheme - Almost all
archive.org links fixed - Annotated some links to make them more
descriptive - Got rid of dupes and empty refs - Renew links for
researchgate articles that were removed - Removed mobile wikipedia links
- Fix a couple patent links &amp; Rubber-hose cryptanalysis wiki -
Update PDF archivals so they are direct links but not downloaded - Some
scientific articles were removed or replaced - IEEExplore,
Spread-spectrum watermarking of audio signals - ScienceDirect, Robust
audio watermarking using perceptual masking - SSRN, The Cryptocurrency
Tumblers: Risks, Legality and Oversight - Property of the People, Lawful
Access to Secure Messaging Apps Data - Arxiv url fixes -
s/grayshirt/grayshift/gi - Trailing parentheses and commas removed -
Fixed all broken links - Removed uMatrix from the guide (use uBlock
Origin) - Removal of https://xchange.me/ (abandoned) - Removal of
https://swap.lightning-network.ro/ (abandoned) - Removal of
https://privacyguides.org/providers/hosting/ (category removed from
website) - Added a warning about the privacy redirect extension stating
it might be abandoned/unmaintained - Added Anonymouth for linguistic
antiforensics &amp; related links</p>
<p>v1.1.3 - Added dedicated section about gait recognition and other
long-range biometric techniques - Updated PDF toolchain to allow
embedding images in the PDF guide</p>
<p>v1.1.3-pre1 - Updating info to reflect the new identity being used to
publich the guide - Attempted to reconstruct toolchain to generate PDF
and ODT guides</p>
<p>v1.1.2 - Removed SIM/Virtual Numbers providers not accepting at least
XMR from the guide as there are sufficient providers accepting XMR -
Added some more free SMS providers in the guide - Added links to
Scribe.rip front-end to Medium.com for Medium.com links - Considerable
work was done in relation to the community aspects of this project and
other related projects with the creation of a Matrix space (PSA)
regrouping several efforts. - Added link to <a href="https://psa.anonymousplanet.org/" class="uri">https://psa.anonymousplanet.org/</a> containing the
community rules for our chatrooms on Matrix and Discord - Added
reference to <a href="https://en.wikipedia.org/wiki/Sybil_attack" class="uri">https://en.wikipedia.org/wiki/Sybil_attack</a> to the
attacks against anonymized Tor traffic section - Added reference to <a href="https://arstechnica.com/information-technology/2014/07/active-attack-on-tor-network-tried-to-decloak-users-for-five-months/" class="uri">https://arstechnica.com/information-technology/2014/07/active-attack-on-tor-network-tried-to-decloak-users-for-five-months/</a>
in the attacks against anonymized Tor traffic section - Added reference
to <a href="https://www.whonix.org/wiki/Anbox" class="uri">https://www.whonix.org/wiki/Anbox</a> for running Android
Apps within the Whonix Workstation - Added reference to <a href="https://www.wikigain.com/install-macos-monterey-on-virtualbox/" class="uri">https://www.wikigain.com/install-macos-monterey-on-virtualbox/</a>
to the macOS VM section - Added reference to <a href="https://blog.kraken.com/post/11905/your-fingerprint-can-be-hacked-for-5-heres-how/" class="uri">https://blog.kraken.com/post/11905/your-fingerprint-can-be-hacked-for-5-heres-how/</a>
to the biometrics section - Added reference to <a href="https://propertyofthepeople.org/document-detail/?doc-id=21114562" class="uri">https://propertyofthepeople.org/document-detail/?doc-id=21114562</a>
- Added reference to <a href="https://12ft.io/" class="uri">https://12ft.io/</a> in the introduction section - Added
reference to <a href="https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/" class="uri">https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/</a>
to the SSD wiping conclusions - Added reference to <a href="https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf" class="uri">https://www.welivesecurity.com/wp-content/uploads/2021/12/eset_jumping_the_air_gap_wp.pdf</a>
to the advanced targeted techniques section - Small grammar/spelling
fixes - <strong>Special thanks to the anonymous donator of 1
XMR</strong></p>
<p>v1.1.1 - Added reference to <a href="https://www.youtube.com/watch?v=H33ggs7bh8M" class="uri">https://www.youtube.com/watch?v=H33ggs7bh8M</a> as an intro
video to Monero in the Monero Disclaimer section - Added reference to <a href="https://www.youtube.com/watch?v=qkJGF3syQy4" class="uri">https://www.youtube.com/watch?v=qkJGF3syQy4</a> in the Guest
VM Browser section about Brave - Added reference to <a href="https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon" class="uri">https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon</a>
in the metadata/geo-location section - Added reference to <a href="https://fingerprintjs.com/blog/disabling-javascript-wont-stop-fingerprinting/" class="uri">https://fingerprintjs.com/blog/disabling-javascript-wont-stop-fingerprinting/</a>
in several sections about JavaScript - Added reference to <a href="https://qua3k.github.io/ungoogled/" class="uri">https://qua3k.github.io/ungoogled/</a> in the sections about
Ungoogled-Chromium - Re-Added Privacytools.io in the Links section -
Added a general disclaimer on the Links page about websites possibly
using sponsorships, affiliate links, paid services, premium offers, and
merchandising… - Re-Added a Discord server to provide easier access to
the community through <a href="https://discord.gg/V8dmd9y7mt" class="uri">https://discord.gg/V8dmd9y7mt</a> with all the rooms bridged
to Matrix rooms - Changed the Matrix/Discord communities from being room
focused (#anonymity) to a broader “Privacy Security Anonymity” space
with a new #security focused room and an off-topic room. - Creation of a
Matrix space at <code>#privacy-security-anonymity:matrix.org</code> <a href="https://matrix.to/#/#privacy-security-anonymity:matrix.org" class="uri">https://matrix.to/#/#privacy-security-anonymity:matrix.org</a>
- Added an RSS bot to those rooms relaying some relevant security and
anonymity news within those rooms. - Started the test hosting of a small
Synapse server with the domain anonymousplanet.org</p>
<p>v1.1.0 - Removed SHA-3 from recommended methods for password storage
- Added reference to <a href="https://docs.securedrop.org/en/stable/source.html" class="uri">https://docs.securedrop.org/en/stable/source.html</a> in the
section about communicating sensitive information to various
organizations - <strong>Pending review</strong> removal of
privacytools.io from the guide after discovering sponsored
recommendations within the lists on their website. Disclaimer added on
the links page. - Added reference to <a href="https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf" class="uri">https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf</a>
in the Stylometry section - Added reference to <a href="https://www.whonix.org/wiki/Surfing_Posting_Blogging#Stylometry" class="uri">https://www.whonix.org/wiki/Surfing_Posting_Blogging#Stylometry</a>
in the Stylometry section - Added reference to <a href="https://www.whonix.org/wiki/Surfing_Posting_Blogging#Anonymous_File_Sharing" class="uri">https://www.whonix.org/wiki/Surfing_Posting_Blogging#Anonymous_File_Sharing</a>
in the appendix checklist of things to check before sharing information
- Added reference to <a href="https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf" class="uri">https://web.archive.org/web/20181125133942/https://www.cs.drexel.edu/~sa499/papers/adversarial_stylometry.pdf</a>
in the section about countering stylometry using translators - Changed
the fonts of the website to improve readability (now using “Helvetica”,
“Calibri”,and “Times New Roman”) - Removed some unnecessary information
from the main page and the donations page to reduce their size - Added a
new Tor Exit node (Tor-Exit-05) - Various spelling/grammar fixes</p>
<p>v1.0.9 - Re-Added Privacytools.io (along Privacyguides.org) as a good
source of information and recommendations for various
services/products/platforms within the guide. - Added a Links page to
the website with a small collection of recommended projects to visit. -
Changed the layout of the website to make the buttons a bit smaller -
Added reference to <a href="https://medium.com/@c5/darkweb-vendors-and-the-basic-opsec-mistakes-they-keep-making-e54c285a488c" class="uri">https://medium.com/@c5/darkweb-vendors-and-the-basic-opsec-mistakes-they-keep-making-e54c285a488c</a>
in the OPSEC section. - Added reference to <a href="https://kycnot.me/" class="uri">https://kycnot.me/</a> which lists non-KYC cryptocurrencies
exchange services - Fixed some mistakes in the cryptocurrency swapping
section</p>
<p>v1.0.8-hotfix - Added a reference to <a href="https://privacytests.org/" class="uri">https://privacytests.org/</a> in the section about picking a
browser in a guest VM - Fixed not-working Nitter links by changing the
Nitter instance to Nitter.net - Added Minisign signatures for the PDFs
and the ODT file - <strong>Hotfix</strong> Added a reference to <a href="https://qua3k.github.io/ungoogled/" class="uri">https://qua3k.github.io/ungoogled/</a> and now strongly
recommends <strong>against</strong> using Ungoogled-Chromium due to them
lagging behind in security patches</p>
<p>v1.0.8 - Added a reference to <a href="https://www.websiteplanet.com/blog/gethealth-leak-report/" class="uri">https://www.websiteplanet.com/blog/gethealth-leak-report/</a>
in the Smart Devices section - Added several academic references to the
Tor Correlation Fingerprinting attack: <a href="https://homes.esat.kuleuven.be/~mjuarezm/index_files/pdf/ccs18.pdf" class="uri">https://homes.esat.kuleuven.be/~mjuarezm/index_files/pdf/ccs18.pdf</a>,
<a href="https://www.internetsociety.org/sites/default/files/blogs-media/website-fingerprinting-internet-scale.pdf" class="uri">https://www.internetsociety.org/sites/default/files/blogs-media/website-fingerprinting-internet-scale.pdf</a>,
and <a href="https://www.esat.kuleuven.be/cosic/publications/article-2456.pdf" class="uri">https://www.esat.kuleuven.be/cosic/publications/article-2456.pdf</a>
- Added a reference to <a href="https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations" class="uri">https://blog.torproject.org/new-low-cost-traffic-analysis-attacks-mitigations</a>
in the same section - Added an important precision/correction that Tor
Correlation Fingerprinting attacks references papers were done in a
limited closed-world testing environment and their efficiency in a real
open-world situation has not been demonstrated other than theoretically
- Added two VPS hosting providers to the list of possible providers: <a href="https://cryptoho.st/" class="uri">https://cryptoho.st/</a> and <a href="https://www.privex.io/" class="uri">https://www.privex.io/</a> -
Added reference to <a href="https://about.fb.com/news/2021/10/end-to-end-encrypted-backups-on-whatsapp/" class="uri">https://about.fb.com/news/2021/10/end-to-end-encrypted-backups-on-whatsapp/</a>
announcing e2ee backups on WhatsApp</p>
<p>v1.0.7 - Added reference to <a href="https://www.scientificamerican.com/article/a-blank-wall-can-show-how-many-people-are-in-a-room-and-what-theyre-doing/" class="uri">https://www.scientificamerican.com/article/a-blank-wall-can-show-how-many-people-are-in-a-room-and-what-theyre-doing/</a>
in the targeted techniques section - Added reference to <a href="https://www.scientificamerican.com/article/a-shiny-snack-bags-reflections-can-reconstruct-the-room-around-it/" class="uri">https://www.scientificamerican.com/article/a-shiny-snack-bags-reflections-can-reconstruct-the-room-around-it/</a>
in the targeted techniques section - Added reference to <a href="https://www.scientificamerican.com/article/footstep-sensors-identify-people-by-gait/" class="uri">https://www.scientificamerican.com/article/footstep-sensors-identify-people-by-gait/</a>
in the targeted techniques section - Switched various links from
PrivacyTools.io to PrivacyGuides.org that were forgotten in a previous
update - Added guidance to share information and files publicly
including IPFS - Added an appendix containing a checklist of things to
verify before sharing any information or file (metadata…) - Complete
reworking of the Introduction and Prologue for better readability (there
was way too much text in there) - Added references to <a href="https://thenewoil.org" class="uri">https://thenewoil.org</a>, <a href="https://privacyguides.org" class="uri">https://privacyguides.org</a>, and the YouTube Techlore
channel <a href="https://www.youtube.com/c/Techlore" class="uri">https://www.youtube.com/c/Techlore</a> as bonus introduction
reads on privacy and security - Various grammar/spelling fixes</p>
<p>v1.0.6 - Added reference to <a href="https://www.forbes.com/sites/thomasbrewster/2021/10/04/google-keyword-warrants-give-us-government-data-on-search-users" class="uri">https://www.forbes.com/sites/thomasbrewster/2021/10/04/google-keyword-warrants-give-us-government-data-on-search-users</a>
in the digital fingerprint section - Added the fourth Tor Exit node in
the donation page listing - Added recommendation for considering
Minisign (<a href="https://jedisct1.github.io/minisign/" class="uri">https://jedisct1.github.io/minisign/</a>) as an alternative
to PGP/GPG for file signing - Added new archive of the guide on
anonarchive.org - Added Content-Security-Policy and X-XSS-Protection
metatags to the HTML headers of the website - Added reference to <a href="https://latacora.singles/2019/07/16/the-pgp-problem.html" class="uri">https://latacora.singles/2019/07/16/the-pgp-problem.html</a>
to justify the recommendation to use Minisign over PGP/GPG for signing -
Added <a href="https://mobilesms.io" class="uri">https://mobilesms.io</a> to the list of online phone number
providers - Added an “extra paranoid” route using Zcash in addition to
Monero if you want even more safety than just relying on Monero alone
for anonymous crypto transactions - Added instructions to install a
Zcash wallet on various OSes including the Whonix Workstation - Refined
the VPN over Tor sections with more information about using a
self-hosted VPN/Proxy instead of a VPN provider - Added guidance to
upgrade Whonix from version 15 to version 16 on Qubes OS - Added
disclaimer about Windows 11 not being supported (yet) by the guide -
Some grammar/spelling fixes - Various broken links fixes</p>
<p>v1.0.5 - Added reference to <a href="https://www.theguardian.com/australia-news/2021/sep/11/inside-story-most-daring-surveillance-sting-in-history" class="uri">https://www.theguardian.com/australia-news/2021/sep/11/inside-story-most-daring-surveillance-sting-in-history</a>
in the smartphone warnings section - Made main website available through
IPv6 - Endnotes are now also supported on the repository MD file through
<a href="https://github.com/AnonymousPlanet/thgtoa/blob/main/guide.md" class="uri">https://github.com/AnonymousPlanet/thgtoa/blob/main/guide.md</a>
thanks to markdown update from GitHub. Previously, those were only
working on the rendered Jekyll HTML - Added link to <a href="https://oksms.org" class="uri">https://oksms.org</a> as an option
if you cannot afford a dedicated number. More will be added soon. -
Added reference to <a href="https://www.vice.com/en/article/93ypke/the-nsa-and-cia-use-ad-blockers-because-online-advertising-is-so-dangerous" class="uri">https://www.vice.com/en/article/93ypke/the-nsa-and-cia-use-ad-blockers-because-online-advertising-is-so-dangerous</a>
as an argument to recommend adding uBlock to Tor Browser - Added
reference to <a href="http://0pointer.net/blog/authenticated-boot-and-disk-encryption-on-linux.html" class="uri">http://0pointer.net/blog/authenticated-boot-and-disk-encryption-on-linux.html</a>
in the in-depth Linux hardening resources - Added reference to <a href="https://www.usenix.org/system/files/sec21-hoang.pdf" class="uri">https://www.usenix.org/system/files/sec21-hoang.pdf</a> and
<a href="https://gfwatch.org/" class="uri">https://gfwatch.org/</a> in
the section about hostile environments - Added reference to <a href="https://www.d-id.com/talkingheads/" class="uri">https://www.d-id.com/talkingheads/</a> in the creating new
identities section - Added reference to <a href="https://twitter.com/SecurityJon/status/1445020885472235524" class="uri">https://twitter.com/SecurityJon/status/1445020885472235524</a>
and <a href="https://labs.f-secure.com/blog/sniff-there-leaks-my-bitlocker-key/" class="uri">https://labs.f-secure.com/blog/sniff-there-leaks-my-bitlocker-key/</a>
into the Windows Host OS section of the Whonix route - Added reference
to <a href="https://www.wired.com/story/clearview-ai-new-tools-identify-you-photos/" class="uri">https://www.wired.com/story/clearview-ai-new-tools-identify-you-photos/</a>
in the biometrics section - Added reference to <a href="https://www.coindesk.com/business/2021/09/21/leaked-slides-show-how-chainalysis-flags-crypto-suspects-for-cops/" class="uri">https://www.coindesk.com/business/2021/09/21/leaked-slides-show-how-chainalysis-flags-crypto-suspects-for-cops/</a>
in the Cryptocurrencies Transaction section - Added Cwtch <a href="https://cwtch.im" class="uri">https://cwtch.im</a> to the
messaging apps lists and recommendations - Added a new fourth Tor Exit
node using donations funds - Some grammar/spelling fixes</p>
<p>v1.0.4 - Added reference to <a href="https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/" class="uri">https://therecord.media/malware-found-preinstalled-in-classic-push-button-phones-sold-in-russia/</a>
in the burner phone section - Added reference to <a href="https://sourceforge.net/p/veracrypt/discussion/technical/thread/3961542951/" class="uri">https://sourceforge.net/p/veracrypt/discussion/technical/thread/3961542951/</a>
in the Veracrypt settings sections - Changed Privacytools.io to
Privacyguides.org after name change - Added reference to <a href="https://github.com/iperov/DeepFaceLive" class="uri">https://github.com/iperov/DeepFaceLive</a> in the Face
recognition section - Added reference to <a href="https://www.news.ucsb.edu/2021/020392/dont-fidget-wifi-will-count-you" class="uri">https://www.news.ucsb.edu/2021/020392/dont-fidget-wifi-will-count-you</a>
within the Wi-Fi around you section - Matrix room change from
#online-anonymity:matrix.org to #anonymity:matrix.org (old alias remains
valid) - Renewed hosting of Tor-Exit-01 for 1 year using funding from
donations</p>
<p>v1.0.3 - Added reference to ProtonMail IP logging case <a href="https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities/" class="uri">https://techcrunch.com/2021/09/06/protonmail-logged-ip-address-of-french-activist-after-order-by-swiss-authorities/</a>
- Added more information regarding Firefox hardening settings - Added
reference to <a href="https://www.privateinternetaccess.com/blog/internet-freedom-around-the-world-in-50-stats/" class="uri">https://www.privateinternetaccess.com/blog/internet-freedom-around-the-world-in-50-stats/</a>
- Fixed several broken links - Some grammar fixes</p>
<p>v1.0.2 - Minor layout fixes - Added BLAKE2 hash to the list of hashes
and clarified the hashes recommendations - Added Twofish and Serpent to
the recommended section in the File Encryption section - Added reference
to <a href="https://justdeleteme.xyz/" class="uri">https://justdeleteme.xyz/</a> and <a href="https://inteltechniques.com/workbook.html" class="uri">https://inteltechniques.com/workbook.html</a> in the
Removing traces section - Added references to <a href="https://techcrunch.com/2021/08/19/google-geofence-warrants/" class="uri">https://techcrunch.com/2021/08/19/google-geofence-warrants/</a>
and <a href="https://www.techdirt.com/articles/20210821/10494847401/google-report-shows-reverse-warrants-are-swiftly-becoming-law-enforcements-go-to-investigative-tool.shtml" class="uri">https://www.techdirt.com/articles/20210821/10494847401/google-report-shows-reverse-warrants-are-swiftly-becoming-law-enforcements-go-to-investigative-tool.shtml</a>
about the expanding trend of Geofencing warrants - Added reference to <a href="https://edwardsnowden.substack.com/p/all-seeing-i" class="uri">https://edwardsnowden.substack.com/p/all-seeing-i</a> in
reference to Apple Privacy - Added various references and information
about setting up plausible deniability on Linux - Added reference and
information about setting up plausible deniability on Qubes OS -
Improved the section about countering linguistic forensics - Updated
Archive.today onion v2 address to v3 - Full (self) proofreading
resulting in a large amount of spelling/grammar fixes and some shame
about those</p>
<p>v1.0.1 - Added information about Monero Atomic Swap for converting
from BTC to Monero instead of a swapping service (Monero Rules!) - Added
link to <a href="https://www.useapassphrase.com/" class="uri">https://www.useapassphrase.com/</a> in the
password/passphrase guidelines appendix - Added an appendix about Crypto
Swapping services with some recommendations - Added OnlyFans, Binance
and Kraken to the list of tested online services - Added Information on
how to check if your Tor Exit node is in few or many blocklists to avoid
issues when signing-up to various services - Various spelling/grammar
fixes</p>
<p>v1.0.0 Codename “Deal With It” (because its not perfect, so deal
with it) - Various spelling/grammar fixes to the Countering Forensic
Linguistics section - Added guidance on how to compare older PDFs with
newer releases using some online tools - Added guidance on how to
compare older ODTs with newer releases using LibreWriter - Removed the
attribution to Mark Twain from the quote in the final editorial notes -
Added some references in the list of threats to anonymity to the
proposed mitigations in the guide - Various grammar/spelling fixes -
Slightly changed the Light theme header color</p>
<p>v1.0.0-rc3-hotfix (unpublished release) - Modified the Countering
Forensic Linguistics section to remove the AutoCorrect usage
recommendation in favor of “Search and Replace” to avoid unintended
mistakes. - Removed hybrid-analysis checks from the files as I think
VirusTotal is enough</p>
<p>v1.0.0-rc3 - Added recommendation to use the Privacy Redirect
extension on the Guest VMs browsers: <a href="https://github.com/SimonBrazell/privacy-redirect" class="uri">https://github.com/SimonBrazell/privacy-redirect</a> - Added
a section to emphasize some precautions when using a Browser with
JavaScript enabled (including Tor Browser up to the “Safer Level”) in
every route - Added more information and recommendations related to
using Tor Browser at the “Safer” level. - Added some more crypto
disclaimers to avoid some services such as Mixers/Tumblers - Re-ordered
and re-linked many sections in a more logical way - Removed some
duplicate information in some sections - Fixed some bad hyperlinks -
Added a release of the guide in the ODT format in addition to PDFs</p>
<p>v1.0.0-rc2 - Many grammar/spelling changes after some
proofreading</p>
<p>v1.0.0-rc1 (Release Candidate 1) - Small grammar/spelling fixes -
Small layout fixes - Added some information about Safari in the Guest VM
Browser selection/hardening sections - Removed DREAD in the threat
modeling references as it is deprecated - Added link to <a href="https://arstechnica.com/gadgets/2021/07/vpn-servers-seized-by-ukrainian-authorities-werent-encrypted/" class="uri">https://arstechnica.com/gadgets/2021/07/vpn-servers-seized-by-ukrainian-authorities-werent-encrypted/</a>
in the No Logging but Logging anyway section of VPN providers - Added
Session Messenger as a possible “last resort” recommendation for iOS
users because well there is no better option it seems despite their lack
of PFS and Deniability - Corrected the Session Messenger information as
not using Tor Natively but using LokiNet Onion Routing natively - Added
a new Tor Browser route for the simplest, easiest way to access the web
anonymously with appropriate security warnings - Added additional
information on attack mitigations on Bitlocker encrypted drives and
reference to <a href="https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network" class="uri">https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network</a>
- Changed the recommendations about the state of your real phone while
using a burner phone. You should never bring it with you and leave it on
at home. - Changed the route picking UML to only show options depending
on your skills/resources/availability without considering
threats/adversaries - Expanded the threat modeling section (after the
previous UML) with adversaries/threats and picking the adequate route in
consequence - Added reference to <a href="https://arxiv.org/pdf/2107.04940.pdf" class="uri">https://arxiv.org/pdf/2107.04940.pdf</a> to the Bad
Cryptography section - Added reference to <a href="https://edition.cnn.com/2021/07/23/tech/idme-unemployment-facial-recognition/index.html" class="uri">https://edition.cnn.com/2021/07/23/tech/idme-unemployment-facial-recognition/index.html</a>
to the Face Recognition section - Lowered recommendation for RiseUP as a
free mail service as they now require invitation for registration -
Added reference to <a href="https://gitlab.com/FG-01/fg-01" class="uri">https://gitlab.com/FG-01/fg-01</a> as a possible mitigation
to gait recognition systems as well as 2 more journalistic references to
gait recognition - Changed information about China/Russia “will block”
ECH/eSNI to “might block” as it hasnt been verified/confirmed - Added a
whole appendix on Counteracting Forensic Linguistics (Writeprint) with
your anonymous identities - Added IPFS mirror of the whole website at <a href="https://ipfs.anonymousplanet.org" class="uri">https://ipfs.anonymousplanet.org</a></p>
<p>v0.9.9h - Fixed bad and missing linking about browser selection and
install in guest VMs setup sections - Added ShutUp10 to the list of
tools to improve Privacy on Windows 10 - Removed Windows AME from the
recommendations/possibilities within guest VMs and advising against it
instead</p>
<p>v0.9.9g - Added Safing.io to the recommended VPN providers list
(provisional) - Many links fixed/updated/replaced/removed (dead links
check on the whole document) - Updated most of the .onion v2 addresses
to .onion v3 addresses (except for Archive.today which is still on v2) -
Added .onion addresses to some publication links having a Tor mirror
such as The Intercept - Decided to switch the licensing of the project
to add NonCommercial (cc-by-nc-4.0), prior releases are not affected</p>
<p>v0.9.9f - Added section on search engines - Added some more
information on Brave source of adblocking - Added separator between the
text and the references to the online HTML version - Added a ToC entry
of the references to the online HTML version - Added a bit more
information on eventual physical destruction of HDDs and SSDs</p>
<p>v0.9.9e - Added more information on why I recommend Brave within
guests VMs and more information about other choices (mainly Firefox) -
Added Browser Hardening guidelines for Brave, Ungoogled-Chromium, Edge,
and Firefox</p>
<p>v0.9.9d - Changed wording from all incorrect “TAILS” instances to the
correct “Tails” - Changed wording from some incorrect “Qube OS”
instances to the correct “Qubes OS” - Added header to the PDFs with the
title - Added footer to the PDFs with the page numbers - Changed the
PDFs from having all references in the endnotes to having them in the
footnotes of each page for better readability</p>
<p>v0.9.9c - Improved the password/passphrase recommendation section -
Added a new Tor Exit node to the project <a href="https://metrics.torproject.org/rs.html#details/F535BA067A776457083141688C7FE781B6DFB24E" class="uri">https://metrics.torproject.org/rs.html#details/F535BA067A776457083141688C7FE781B6DFB24E</a>
- Added ChaCha20 to the recommended file/disk encryption algorithms -
Various fixes in the README/Index</p>
<p>v0.9.9b - Changed recommendation from Veracrypt to Bitlocker for
Windows simple encryption route to prevent rubber-hose cryptanalysis -
Started running a Tor exit-node using project funds <a href="https://metrics.torproject.org/rs.html#details/970814F267BF3DE9DFF2A0F8D4019F80C68AEE26" class="uri">https://metrics.torproject.org/rs.html#details/970814F267BF3DE9DFF2A0F8D4019F80C68AEE26</a>.
I was only able to buy 3 months with the remaining funds. Please donate
if you want this to continue. - Changed slightly the donations requests
so that they appear sooner including in the README/index.html and
earlier in the guide in a lighter way - Small grammar/spelling fixes</p>
<p>v0.9.9a - Added Wikiless links to all Wikipedia articles for enhanced
privacy (see <a href="https://codeberg.org/orenom/wikiless" class="uri">https://codeberg.org/orenom/wikiless</a>) - Added message to
inform users with JavaScript disabled that JavaScript is needed to
toggle the themes on the website - Removed underline of every hyperlink
in the PDF format guide for better readability - Added small section
about helping others staying anonymous by running a Tor entry/relay node
- Shortened the Index/README to make it more readable and creating a
sub-page with the safety/integrity/authentication information - Added
new hosting provider to the list (<a href="https://1984.is" class="uri">https://1984.is</a>) and created a small appendix dedicated
to recommended hosting providers - Small grammar/spelling fixes - Small
fixes on the website layout (thanks to LiJu09 again)</p>
<p>v0.9.9 - Added toggle switch from dark to light theme for the website
(requires Javascript) to improve general UX (very special thanks to
LiJu09 for the great help) - Fixed layout issues in the OSX section
about Gatekeeper and XProtect - Small fix in the malware section “higher
level” changed to “lower level” - Added reference to <a href="https://www.inteltechniques.com/podcast.html" class="uri">https://www.inteltechniques.com/podcast.html</a> as an OSINT
resource - Added reference to <a href="https://github.com/Qubes-Community/Contents/blob/master/docs/privacy/anonymizing-your-mac-address.md" class="uri">https://github.com/Qubes-Community/Contents/blob/master/docs/privacy/anonymizing-your-mac-address.md</a>
in the Qubes Route section - Various spelling/grammar fixes</p>
<p>v0.9.8 - Added reference to <a href="https://github.com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/technical_note.pdf" class="uri">https://github.com/insight-decentralized-consensus-lab/post-quantum-monero/blob/master/writeups/technical_note.pdf</a>
in the Monero Disclaimer section - Added cars in the Smart Devices
section because obviously cars are also issues - Added reference to <a href="https://www.washingtonpost.com/technology/2019/12/17/what-does-your-car-know-about-you-we-hacked-chevy-find-out/" class="uri">https://www.washingtonpost.com/technology/2019/12/17/what-does-your-car-know-about-you-we-hacked-chevy-find-out/</a>
in the Smart Devices section - Added more OSINT links: <a href="https://osintframework.com/" class="uri">https://osintframework.com/</a>, <a href="https://recontool.org" class="uri">https://recontool.org</a>, and
<a href="https://github.com/jivoi/awesome-osint" class="uri">https://github.com/jivoi/awesome-osint</a> - Added more
information about crafting your legend for your anonymous identities in
a consistent manner in the creating new identities section - Added more
OPSEC information and a reference to <a href="https://www.youtube.com/watch?v=IqZZU9lFlF4" class="uri">https://www.youtube.com/watch?v=IqZZU9lFlF4</a> - Added more
references to Hardening Linux: <a href="https://wiki.archlinux.org/title/Security" class="uri">https://wiki.archlinux.org/title/Security</a> and <a href="https://codeberg.org/SalamanderSecurity/PARSEC" class="uri">https://codeberg.org/SalamanderSecurity/PARSEC</a> - Added
references to AppArmor usage on Whonix VMs: <a href="https://www.whonix.org/wiki/AppArmor" class="uri">https://www.whonix.org/wiki/AppArmor</a> - Added
AppArmor/SELinux references within the Qubes OS section for Hardening
VMs - Added light introduction video references for hardening
Linux/Windows/MacOS by the nice people at Techlore. - Switched from
Mastodon.online to Mastodon.social <a href="https://mastodon.social/@anonypla" class="uri">https://mastodon.social/@anonypla</a> - Fixed duplicate
notations on GPG key - Added Nitter links to Twitter links - Various
spelling/grammar fixes</p>
<p>v0.9.7b - Added disclaimer about Monero usage and its long-term
security relative to KYC regulations - Added a bonus step within the BTC
anonymizing section to reference Wasabi Wallet <a href="https://wasabiwallet.io/" class="uri">https://wasabiwallet.io/</a>
as an added efficient obfuscation measure - Fixed layout issue at the
very end of the guide (wrong tabulation) - Added reference to RiseUp,
Disroot, and Autistici for e-mail creation if you need an e-mail
verification for creating for instance a ProtonMail or a MailFence
account - Removed <a href="http://keys.gnupg.net/" class="uri">http://keys.gnupg.net/</a> from README because its dead it
seems</p>
<p>v0.9.7a - Fixed wrong information about Session messenger and
presence of Forward Secrecy and removed from recommendations due to that
and the absence of deniability - Added information about how to get/use
BTC anonymously using Monero swapping - Removed the THGTOA subreddit and
the discord server (due to being mostly unused) to leave only the Matrix
room and GitHub for discussions - Made the README slightly more
user-friendly - Various spelling/grammar fixes</p>
<p>v0.9.7 - Fixed DNS section stating that ECH/eSNI leaks DNS when in
fact it leaks only DN (Domain Name) - Fixed DNS section stating that
Firefox enforces OCSP stapling when it does not - Added information in
DNS section that Chromium based browsers do not rely on OCSP but CRLSets
- Fixed DNS illustration according to above fixes - Renamed DNS section
into DNS and IP and added information about IP correlation with various
websites despite having encrypted DNS - Added reference to <a href="https://www.hackerfactor.com/blog/index.php?/archives/906-Tor-0day-The-Management-Vulnerability.html" class="uri">https://www.hackerfactor.com/blog/index.php?/archives/906-Tor-0day-The-Management-Vulnerability.html</a>
in the anonymize Tor/VPN traffic section - Added section about rootkits
and backdoors in the malware in the malware, exploits and viruses
section - Added information about rootkits and firmware
malware/backdoors - Added Session in the messengers table and
recommendations - Added disclaimer to be extra cautious when using Tails
(always use the last version and be extremely careful with bundled apps)
- Various spelling/grammar fixes</p>
<p>v0.9.6b - Added emphasis and disclaimer on the threat model of this
guide to clarify strongly that this guide is a DRAFT and may contain
inaccuracies. This guide should not be considered a definitive truth. -
Added reference to the new Tutanota incident forcing them to monitor
users - Added reference to the RSA Conference 2020, When Cybercriminals
with Good OpSec Attack <a href="https://www.youtube.com/watch?v=zXmZnU2GdVk" class="uri">https://www.youtube.com/watch?v=zXmZnU2GdVk</a> video in the
OPSEC section</p>
<p>v0.9.6a - Added the USB Wi-Fi dongle option within the section to
block Host OS network access while allowing VM network access - Small
spelling/grammar fixes</p>
<p>v0.9.6 - Added references to AnonAddy and Simplelogin e-mail aliasing
services in the e-mail verification section of creating new online
identities. Could be useful. - Fixed the word SSD that was somehow
spelled SDD all over the place (/shame) - Added section to explain how
to disable/prevent Internet Access on the Host OS while allowing VMs
(specifically the Whonix Gateway) to access the internet in the Whonix
Route - Added further password recommendation based on Bruce Schneier
recommendations <a href="https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html" class="uri">https://www.schneier.com/blog/archives/2014/03/choosing_secure_1.html</a>
- Removed telegram channel because is was unused and empty in favor of
keeping only the Matrix channel (Primary) and the Discord channel
(Secondary) but linked - Added information about AMD PSP not having
remote management capabilities unlike IME - Various spelling/grammar
fixes</p>
<p>v0.9.5 - Added some small disclaimer for Coreboot containing some
proprietary software - Added reference to Tempora surveillance program -
Small correction to the text relating to the Tutanota court order to
avoid misunderstandings - Added <a href="https://censys.io/" class="uri">https://censys.io/</a> and <a href="https://www.zoomeye.org/" class="uri">https://www.zoomeye.org/</a>
in addition to Shodan as IoT search engines options - Removed SHA3 from
the “avoid” list because it was incorrect - Added more information in
the Online Backups section - Added more references to people caught due
to their fingerprints appearing on shared pictures online in the
biometrics section - Added link to <a href="https://stegcloak.surge.sh/" class="uri">https://stegcloak.surge.sh/</a> in the Hidden communications
in plain sight section - Various small spelling/grammar fixing</p>
<p>v0.9.4 - Added reference to <a href="https://www.youtube.com/watch?v=FDZ39h-kCS8" class="uri">https://www.youtube.com/watch?v=FDZ39h-kCS8</a> in the Smart
Devices around you section - Added reference to TypingDNA (<a href="https://www.typingdna.com/" class="uri">https://www.typingdna.com/</a>) in the Online Behavior
section - Various small spelling fixes - Added reference to SORM
(Russia) along PRISM,XKEYSCORE… - Added reference to smarttags (Apple
AirTags, Samsung Smarttags, Tile…) in the smart devices section - Added
reference to Michael Bazzells interesting OSINT Techniques book <a href="https://inteltechniques.com/book1.html" class="uri">https://inteltechniques.com/book1.html</a> in the bonus
resources section - Added reference to LibGen in the Introduction
section in addition to Sci-Hub - Fixed some ordering issues in the
various sections that were re-ordered in previous updates</p>
<p>v0.9.3 - Added reference to <a href="https://disable-gatekeeper.github.io/" class="uri">https://disable-gatekeeper.github.io/</a> and how to disable
MacOS Gatekeeper on Big Sur - Various grammar/spelling/layout fixes -
Transifex translations are now possible and open for any volunteer.
Currently some are working on Russian/Ukrainian - Added
https://crypton.sh/ to the list of Monero accepting phone number
providers - Added reference to e-mail tracking in the Malware section -
Updated DNS section to reflect change from eSNI to ECH - Added more
OSINT video tutorials references from Bellingcat - Added information
about OCSP stapling in the DNS section - Added illustration for
comparing simple OCSP vs OCSP stapling - Added illustration for
comparing DNS encryption with and without ECH</p>
<p>v0.9.2a - Multiple small punctuation fixes for better
readability/translation of markdown format - Small reference fix from
BBC to The Guardian</p>
<p>v0.9.2 - Added reference to <a href="https://mattw.io/youtube-geofind/location" class="uri">https://mattw.io/youtube-geofind/location</a> for Video
geolocation (YouTube) - Added reference to <a href="https://jakecreps.com/tag/osint-tools/" class="uri">https://jakecreps.com/tag/osint-tools/</a> for various OSINT
tools to try on yourself - Fixed some bad links between a bunch of
cross-references - Some font color fixing in the dark themed PDF - Added
various attribution references for some external illustrations - Various
spelling/grammar fixes - Re-organized some of the de-anonymization
methods into grouped sub-sections for readability</p>
<p>v0.9.1 - Fixed Messaging table inaccuracies regarding metadata leaks
and e2e for Element/Matrix and Zoom - Added reference/guidance to
Windows AME (<a href="https://ameliorated.info/" class="uri">https://ameliorated.info/</a>)for use in guest VMs in place
of Standard Windows 10 Pro - Added Tor Mirror into the HTML header for
discoverability - Added reference to <a href="https://arxiv.org/pdf/1906.05754.pdf" class="uri">https://arxiv.org/pdf/1906.05754.pdf</a> in the crypto
transactions section - Added references to NEC NeoFace and Clearview AI
face recognition systems in the Face/Biometrics section - Added FLoC
opt-out and no-referrer policies into the HTML header - Added reference
to <a href="https://arxiv.org/abs/1512.05616" class="uri">https://arxiv.org/abs/1512.05616</a> in the Smart Devices
warning section - Added reference to <a href="https://people.eecs.berkeley.edu/~dawnsong/papers/2012%20On%20the%20Feasibility%20of%20Internet-Scale%20Author%20Identification.pdf" class="uri">https://people.eecs.berkeley.edu/~dawnsong/papers/2012%20On%20the%20Feasibility%20of%20Internet-Scale%20Author%20Identification.pdf</a>
in the digital fingerprint section - Added reference to <a href="https://www.gwern.net/Death-Note-Anonymity" class="uri">https://www.gwern.net/Death-Note-Anonymity</a> in the Bonus
section - Fixed the Qubes OS section implying that Qubes OS is a Linux
distribution when it is not - Fixed LICENSE file missing on the website
- Various spelling/grammar fixes</p>
<p>v0.9.0 - Various layout, spelling, and grammar fixes - Added new
discussion channel on matrix <code>#online-anonymity:matrix.org</code> -
Fixed connectivity methods table recommendations (VPN over Tor over VPN)
- Removed the shark meme because it was a bit much - Added reference to
the recent Spotify AI voice recognition patent <a href="https://patents.justia.com/patent/10891948" class="uri">https://patents.justia.com/patent/10891948</a> - Added more
information and illustration about Tor Bridges and especially Meek
bridges for users in hostile environments - Added some more information
about hash collisions - Moved Requirements section up before
Introduction - Fixed DNS privacy illustration DoHoT that was spelled
wrong - Fixed Appendixes names that were out of order - Added guidance
to create a Proxy VPS in addition to a VPN VPS in the case of the now
VPN/Proxy over Tor route - Added more guidance to the “No Tor/VPN”
option in a hostile environment</p>
<p>v0.8.9a - Moved the donations section to the bottom of the guide</p>
<p>v0.8.9 - Added reference to <a href="https://www.freehaven.net/anonbib/date.html" class="uri">https://www.freehaven.net/anonbib/date.html</a> in the bonus
resources section - Many small fixes in the README - Various small
layout and grammar fixes - Removed some parts about unblockable
telemetry on MacOS Big Sur since this issue is no longer relevant it
seems (and the telemetry can be blocked) - Erratum: removed a quote from
a user on his request</p>
<p>v0.8.8 - Fixed QR codes pointing to old addresses (but still valid) -
Added Keyoxide proofs to the README - Various small fixes - Huge thanks
to the generous donator of 1 XMR - Added proper native Tor mirror on <a href="http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion" class="uri">http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion</a></p>
<p>v0.8.7 - Added reference to <a href="https://www.scss.tcd.ie/doug.leith/apple_google.pdf" class="uri">https://www.scss.tcd.ie/doug.leith/apple_google.pdf</a> in
the Smart Devices section and the OS Telemetry section. -
Moved/rephrased small introduction paragraph about Apple being among the
best choices for Privacy in the OS and Telemetry section. - Changed
recommendation for Android VM to Androix-x86 CyanogenMod releases (14.1
r5 at the time of this writing) - Several small spelling/grammar/layout
fixes - Added more explanation and illustration to the basic concept of
Virtualization through a new Appendix - Fixed illustration to mention
Tor Stream Isolation possibilities - Added a couple easter eggs because
why not</p>
<p>v0.8.6 - Small layout fixes due to regex errors in pandoc conversion
- Small re-write of the instant messaging section that should make more
sense now - Changed the Briar information to reflect that they do now
provide a Desktop option (with limited features) in addition to the
Android client (emulator no longer strictly required) - Updated the
messaging table to include qTox (Tox) and Gajim (XMPP) - Added reference
to IDF famous tweet <a href="https://twitter.com/idf/status/1125066395010699264" class="uri">https://twitter.com/idf/status/1125066395010699264</a> -
Added some references to Zero-Trust security models - Added some
references to Bad Opsec resources (<a href="https://www.youtube.com/watch?v=eQ2OZKitRwc" class="uri">https://www.youtube.com/watch?v=eQ2OZKitRwc</a> and <a href="https://www.youtube.com/watch?v=eQ2OZKitRwc" class="uri">https://www.youtube.com/watch?v=eQ2OZKitRwc</a>) - Added
several tools to check an IP or your own IP for various things in the
“Your IP Address” section - Added references to Hybrid Analysis for PDFs
in addition to VirusTotal - Added small additional illustration about
threat models in the Introduction - Added small additional illustration
about Privacy vs Anonymity in the Introduction - Removed the password
protected PDF file from the project because it was never used and
creaitng more compatibilities issues than necessary on my side -
Replaced donations QR codes with better ones</p>
<p>v0.8.5 - Changed donations QR codes with better ones with logos -
Many small fixes in grammar/spelling/layout - Fixed many unnecessary
escaping backslashes in front of special characters because pandoc does
that - Changed all lines containing code lines into inline code for
better readability on the online version - Migrated my Mastodon account
to <a href="https://mastodon.online/@anonypla" class="uri">https://mastodon.online/@anonypla</a> (old one redirected
automatically) - Fixed Tor over VPN section that was clearly missing
emphasis on it being a viable option with good use cases - Added more
information in the Pick your Connectivity conclusions for a better
overview - Added section about Online file Syncing in the Online Backup
section - Added more information about messaging apps and a rather
detailed table comparing their privacy/security/anonymity features -
Added disclaimer on reddit/discord to not discuss sensitive topics on
those platforms</p>
<p>v0.8.4 - Added more information regarding Tor stream isolation and
VPNs - Added reference to <a href="https://clickclickclick.click" class="uri">https://clickclickclick.click</a> in the Behavior analysis
section - Added project website mirror at <a href="https://mirror.anonymousplanet.org" class="uri">https://mirror.anonymousplanet.org</a> (hosted at GitLab) -
Added PDFs mirror at CryptPad.from - Added reference to recently
released list of data collected by Google Chrome - Added reference to <a href="https://www.bbc.com/news/technology-55573802" class="uri">https://www.bbc.com/news/technology-55573802</a> about
Facial recognition defeating Face Masks in the biometrics section -
Added reference to Microsoft Azure Facial Cognitive Services Demo <a href="https://azure.microsoft.com/en-us/services/cognitive-services/face/#demo" class="uri">https://azure.microsoft.com/en-us/services/cognitive-services/face/#demo</a>
in the biometrics section - Added reference to <a href="https://www.bellingcat.com/news/2021/03/19/berlin-assassination-new-evidence-on-suspected-fsb-hitman-passed-to-german-investigators/" class="uri">https://www.bellingcat.com/news/2021/03/19/berlin-assassination-new-evidence-on-suspected-fsb-hitman-passed-to-german-investigators/</a>
in the biometrics section</p>
<p>v0.8.3 - Added reference to <a href="https://www.reflectacles.com/" class="uri">https://www.reflectacles.com/</a> glasses to interfere with
CCTV surveillance. - Added “enhance” example to the deblurring section -
Thanks to the anonymous donators. Their donations were spent to renew
the domain for 3 more years (4 years total). - Added information about
risks/drawbacks related to Tor Stream Isolation when using VPN over Tor
and for which use cases this method is recommended - Added QR code for
BTC legacy address in the donations section</p>
<p>v0.8.2 - Brighter fonts on some headers for better readability in
dark mode - Added reference to Sci-Hub in the introduction - Added
reference to deniable encryption on Linux and why it is not (yet) in the
current routes - Added reference to EncroChat and Sky ECC and warning
against using such commercial devices/services for anonymity - Small
fixes in some URLs that were not properly changed after domain switch to
anonymousplanet.org - Added Bitcoin legacy address in addition to Segwit
for donations - Various spelling/grammar issues</p>
<p>v0.8.1 - Fixed many various small layout/spelling/grammar issues -
Fixed 2 shortened URLs (t.me and bit.ly) from the guide with correct
destination URLs - Added some references to “roll your own crypto” cases
(Telegram, Zoom) - Added reference to <a href="https://www.vice.com/en/article/y3g97x/location-data-apps-drone-strikes-iowa-national-guard" class="uri">https://www.vice.com/en/article/y3g97x/location-data-apps-drone-strikes-iowa-national-guard</a>
in the Metadata/Geolocation section - Removed archive.today PDF links to
replace them with Archive.org links (because archive.today doesnt
actually save PDFs) - Added reference to a MAC tracking device <a href="https://amsignalinc.com/data-sheets/Acyclica/Acyclica-RoadTrend-Product-Sheet.pdf" class="uri">https://amsignalinc.com/data-sheets/Acyclica/Acyclica-RoadTrend-Product-Sheet.pdf</a>
in the MAC address section - Added disclaimer about not endorsing
Cloudflare in the DNS section by mentioning them several times for
technical reasons. - Added references to Ungoogled-Chromium as an
alternative to Tor Browser, Firefox and Brave. - Added some results of
Browser fingerprinting testing by the EFF coveryourtracks project. -
Added reference to Tor Browser security levels which I realized are not
known by most people. - Added Archive.org links to all documents/pages
hyperlinks for people willing to avoid direct links to various websites
- Added Invidious (through yewtu.be invidious instance hosted in the NL)
links to all YouTube videos hyperlinks for people wanting more privacy
on Youtube videos - Added reference to AMD PSP security analysis (and
how it is not as bad as IME) in the “Your CPU” section <a href="https://www.youtube.com/watch?v=bKH5nGLgi08&amp;t=2834s" class="uri">https://www.youtube.com/watch?v=bKH5nGLgi08&amp;t=2834s</a>
and the laptop recommendation section. - Moved the Safe Browser part of
Guest OSes into an Appendix to avoid duplication - Added domain for
project <a href="https://anonymousplanet.org/" class="uri">https://anonymousplanet.org/</a> with donation funds</p>
<p>v0.8.0 - Changed mat2 VM appendix to debian testing (instead of
stable) to get latest version of mat2 - Fixed mat2 VM appendix as the
network was not working properly with the previous guidance - Added
reference to <a href="https://en.wikipedia.org/wiki/Stylometry" class="uri">https://en.wikipedia.org/wiki/Stylometry</a> - Added
references to various threat modeling methodologies (LUNDDUN, STRIFE,
DREAD, PASTA) and some more in-depth resources for those willing to go
further - Added reference to <a href="https://geekfeminism.wikia.org/wiki/Who_is_harmed_by_a_%22Real_Names%22_policy%3F" class="uri">https://geekfeminism.wikia.org/wiki/Who_is_harmed_by_a_%22Real_Names%22_policy%3F</a>
in the introduction - Added reference to <a href="https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual#.22Real.22_names" class="uri">https://gendersec.tacticaltech.org/wiki/index.php/Complete_manual#.22Real.22_names</a>
in the creating identities section - Multiple spelling/grammar fixes
(including email into e-mail, and wifi into wi-fi) - Added reference to
<a href="https://www.whonix.org/wiki/Data_Collection_Techniques" class="uri">https://www.whonix.org/wiki/Data_Collection_Techniques</a>
as bonus resources in de-anonymization methods - Added reference to <a href="https://www.whonix.org/wiki/DoNot" class="uri">https://www.whonix.org/wiki/DoNot</a> in the OPSEC section
because it should be there - Added reference to <a href="https://www.whonix.org/wiki/Printing_and_Scanning" class="uri">https://www.whonix.org/wiki/Printing_and_Scanning</a> in the
Printing Watermarking section - Added reference to MIT project
SeeingYellow <a href="http://seeingyellow.com/" class="uri">http://seeingyellow.com/</a> in the Printing Watermarking
section - Re-Wrote the malware section in the de-anonymization methods
for better readability - Added a specific Anti-Virus section in the
Malware checks section with various references and arguments for some
selective/limited use. - Added reference to EFF security scenarios (<a href="https://ssd.eff.org/en/module-categories/security-scenarios" class="uri">https://ssd.eff.org/en/module-categories/security-scenarios</a>)
in the Introduction as examples of threat models for various people. -
Added new section with guidance for safe document publishing including
various tool recommendations. - Added a bit more guidance on malware
removal for Pictures and Documents (PDFs, Office Documents…) - Added Bad
Cryptography in the de-anonymization threats with some examples - Added
several Behavior Analysis references in the renamed “Your Digital
Fingerprint, Footprint, and Online Behavior” section</p>
<p>v0.7.9 - Updated GitHub Transparency report - Added information to
make animated online identities pictures for increased plausibility -
Added references to the list of services blocking Tor (<a href="https://gitlab.torproject.org/legacy/trac/-/wikis/org/doc/ListOfServicesBlockingTor" class="uri">https://gitlab.torproject.org/legacy/trac/-/wikis/org/doc/ListOfServicesBlockingTor</a>)
- Added reference to <a href="https://haveibeenpwned.com/" class="uri">https://haveibeenpwned.com/</a> in the Identities
maintenance section - Added automatic archival and links of the project
to Archive.today (through Archive.fo)</p>
<p>v0.7.8 - Various small layout/spelling/grammar fixes - Added
reference to Financial transactions and KYC in the real-name system
section - Added guidance to bypass some local restrictions on supervised
computers safely (Appendix Q) - Added guidance to run Tails without
using Tor in a hostile environment - Updated UML diagram of various
routes to include a non-dedicated laptop - Changed the whole document to
a more formal/cleared grammar for better readability and compatibility
with translation engines - Changed table colors for better readability
in dark modes (PDF and Online)</p>
<p>v0.7.7 - Added some acknowledgements to various added Projects -
Changed and improved the “Picking your route” section with the new
option (Tails+Whonix) - Added basic threat model illustration in the
Introduction - Added basic UML diagram to pick your route - Added basic
UML diagrams for picking your connectivity methods - Added illustration
of the Tails with HiddenVM option - Rescaled some images that were way
too big - Added a whole bunch of platforms to the Online Identities
section - Added more references to German law in the Online Identities
section - Added a legend to the Online Identities overview table</p>
<p>v0.7.6 - Added reference to video visually explaining DNS - Added
some information related to the anonymous use of Bitcoin (vs Monero). -
Added reference to risks of using Crypto Tumblers and Mixers. - Added
reference to the Go Incognito project (<a href="https://github.com/techlore-official/go-incognito" class="uri">https://github.com/techlore-official/go-incognito</a>) and
their informative YouTube videos for optional introduction before
reading this guide. - Added reference to ExifTool and ExifCleaner to
Metadata removal sections for documents (because they also work on those
formats) - Added reference to picture recognition cloaking tools
(Fawkes, Adverserial.io, LowKey) for preventing picture recognition
algorithms from various platforms. - Added detailed guidance to create
Android guest VMs in the Whonix Route - Added detailed guidance to
create Android Qubes in the Qubes Route - Added detailed guidance to use
Persistent Plausible Deniability with Whonix within Tails (using
HiddenVM project) - Added Briar, GitLab to the online identities
sections - Added recommended Apps for sharing and communicating
anonymously - Added some acknowledgements to various added Projects</p>
<p>v0.7.5 - Added reference to <a href="https://github.com/rshipp/awesome-malware-analysis" class="uri">https://github.com/rshipp/awesome-malware-analysis</a> in
the Malware analysis appendix - Many small fixes in
layout/spelling/grammar - Added quotes around VirusTotal “privacy
policy” - Changed “Exploits in your Apps” to “Malware and Exploits in
your Apps” - Added references to State surveillance using “mandatory”
apps such as WeChat. - Added Wikipedia reference to <a href="https://en.wikipedia.org/wiki/List_of_government_mass_surveillance_projects" class="uri">https://en.wikipedia.org/wiki/List_of_government_mass_surveillance_projects</a>
- Added guidance and references to check files for integrity and
authenticity in the “Checking files for malware” section. - Added
emphasis on recommendation of using Tor Browser on the Host OS if Tor is
available. - Removed GPG signatures from markdown and text files to
instead sign the whole release for convenience in Contribution workflow.
- Adapted the README to the new signatures - Added Bitcoin donation
option</p>
<p>v0.7.4 - Added reference to Whonix Live mode if you dont want
persistence when shutting down the VMs as an added possible safety
measure - Added reference to harden Linux from <a href="https://madaidans-insecurities.github.io/guides/linux-hardening.html" class="uri">https://madaidans-insecurities.github.io/guides/linux-hardening.html</a>
- Added reference to Linux security issues from <a href="https://madaidans-insecurities.github.io/linux.html" class="uri">https://madaidans-insecurities.github.io/linux.html</a> -
Added reference to PDF listing malware analysis tools <a href="https://www.winitor.com/pdf/Malware-Analysis-Fundamentals-Files-Tools.pdf" class="uri">https://www.winitor.com/pdf/Malware-Analysis-Fundamentals-Files-Tools.pdf</a>
- Added reference to SANS Malware Analysis cheat sheet <a href="https://digital-forensics.sans.org/media/analyzing-malicious-document-files.pdf" class="uri">https://digital-forensics.sans.org/media/analyzing-malicious-document-files.pdf</a>
- Added reference to the DoHoT project in the DNS section <a href="https://github.com/alecmuffett/dohot" class="uri">https://github.com/alecmuffett/dohot</a> and updated the DNS
illustration with this possibility - Various spelling/grammar fixes -
Started adding some proper code blocks in the online Markdown version
and will slowly adopt this in the whole guide in the future - Fixed the
Title missing a T - Fixed a an hyperlink issue causing PDFID to detect
an Automatic Action on guide.pdf - Added warning in README concerning
VirusTotal “privacy policy” - Changed the PDFID warnings in the README
to better explain their meaning for checking the PDFs published here -
Started fixing some accessibility issues in the guide (bad indents,
empty spaces…) - Fixed some bad links in cross-references - Changed link
from <a href="https://panopticlick.eff.org/" class="uri">https://panopticlick.eff.org/</a> to <a href="https://coveryourtracks.eff.org/" class="uri">https://coveryourtracks.eff.org/</a></p>
<p>v0.7.3 - Added extra-security measures and references for sending
cash to a VPN provider safely - Added reference to sim-swapping in TOTP
recommendation (and why SMS 2FA is bad) - Added VirusTotal scans to all
PDFs in the repository (while not endorsing/recommending VirusTotal at
all for anything sensitive) - Added Disclaimer about VirusTotal and
their privacy policy in the guide and README - Added QR code for Monero
donations within the guide itself - Added references in the Phishing
section - Added reference to <a href="https://archive.flossmanuals.net/bypassing-censorship/index.html" class="uri">https://archive.flossmanuals.net/bypassing-censorship/index.html</a>
in the Safe Access without Tor/VPN appendix - Added guidance to
communicate sensitive information safely to various organization (such
as the press) - Various grammar/spelling/layout fixes</p>
<p>v0.7.2 - Small layout/spelling/grammar fixes - Added methods to check
your surveillance and censorship levels on your Network using various
resources. - Changed site font to Helvetica - Changed paragraph spacing
on PDFs for better readability</p>
<p>v0.7.1 - Switched Github Pages Jekyll theme to Hacker because I
prefer dark themes and this one doesnt rely on external fonts (Google).
- Added some references to voice deepfake tech in the Biometrics section
- Slightly changed the styles/colors of the PDFs</p>
<p>v0.7.0 - Added recommendations to consider leaving your smartphone at
home online instead of just leaving it powered off or within a faraday
bag. - Added disclaimer stating that this guide is not sponsored by any
commercial entity such as VPN providers - Added specific sections and
guidance about the various connectivity schemes (Tor, VPN over Tor, Tor
Over VPN, VPN only, VPN over VPN and No Tor/VPN) with various
references. - Added guidance for using Tor Bridges with Tor Browser,
Tails, Whonix and Qubes OS. - Added last resort guidance for situations
where Tor and/or VPN might not be possible options. - Added guidance to
use Long Range Antennas (Yagi type) for connecting to Public Wi-Fis from
a safe distance - Added new face recognition reference and gait
recognition reference - Added dark themed PDF - Fixed error in Windows
VM installation behind Whonix (missing Network setting) - Various
grammar/spelling fixes</p>
<p>v0.6.9 - Fixes/Adds to the online phone numbers sections.
Recommendations based on identification requirements. - Grammar/Spelling
fixes.</p>
<p>v0.6.8 - Added security disclaimer concerning online phone providers
using Monero.</p>
<p>v0.6.7 - Added guidance to possibly get online phone numbers using
Monero (less recommended than a Physical Burner Phone with a Pre-paid
SIM paid by cash). - Adapted the various sections of the guide to
reflect the above change.</p>
<p>v0.6.6 - Added reference to PornHub biometrics identification
statement - Small various spelling/layout fixes - Added reference to
Project Snowflake from Tor at the end of the guide if you wish you help
others evade censorship - Removed bad link to <a href="https://www.blackbagtech.com/blog/2017/01/13/windows-10-jump-list-forensics/" class="uri">https://www.blackbagtech.com/blog/2017/01/13/windows-10-jump-list-forensics/</a>
(no archive available) - Fixed bad inline reference - As from now on,
all new references in this guide will also be saved to the Internet
Archive in case of article removal - Added privacy vs anonymity in the
Introduction - Added more references to legitimate use of Anonymity from
the Whonix and Tor projects</p>
<p>v0.6.5 - Passive automated mirror setup at GitLab <a href="https://gitlab.com/AnonymousPlanet/thgtoa" class="uri">https://gitlab.com/AnonymousPlanet/thgtoa</a> - Added
Donation Monero address within the guide - Added README/Guide mention to
the GitLab mirror - Changed CHANGELOG/LICENSE to CHANGELOG.md/LICENSE.md
for GitHub Pages integration - Updated GPG key with GitLab noreply
e-mail for commit verification - Added sitemap on GitHub Pages for SEO -
Added latest version, changelog and alternative pdf download links on
Github Pages - Verified site on Keybase</p>
<p>v0.6.4 - Improved HTML layouts for better readability and SEO - Added
redirect from <a href="https://anonymousplanet.github.io" class="uri">https://anonymousplanet.github.io</a> to the guide page -
Fixed README to to include hyperlinks</p>
<p>v0.6.3 - Added Table of Contents to PDF formats for better
readability - Fixed Appendixes/Sections references in the Markdown/HTML
format - Moved target-audience disclaimer from introduction to start of
document - Small layout fixes</p>
<p>v0.6.2 - Various little kramdown glitches fixed in HTML format -
Small fixes in spelling/grammar - Added a small disclaimer in the
introduction to let people know they can just read the first 26 pages to
learn about the various threats without the need for practical
applications</p>
<p>v0.6.1 - Various endnotes layout fixes - Added OSINT YouTube Playlist
reference - Added reference to Whonix Live Host OS documentation
(Similar to HiddenVM project) - Added Twitter account (If it lasts, it
was already suspended three times) <a href="https://twitter.com/AnonyPla" class="uri">https://twitter.com/AnonyPla</a>. Id be grateful if you
share/like my tweet about this guide.</p>
<p>v0.6.0 - Various small spelling/grammar/layout fixes - Added various
references to Whonix Documentation (Hardening, Anti-Forensics, Anti-Evil
Maid…) - Added one Bellingcat reference to a recent case - Added some
Qubes OS references (Anti-Evil Maid and Hardening) - Added new sub-route
to the Tails route using the HiddenVM project <a href="https://github.com/aforensics/HiddenVM" class="uri">https://github.com/aforensics/HiddenVM</a> for providing
Plausible Deniability within Tails</p>
<p>v0.5.9 - Added Monero accepting VPS providers as options for
self-hosting cloud services and self-hosting VPN services</p>
<p>v0.5.8 - Added various references to Whonix documentation
(anti-forensics, cold boot attack defenses, full disk encryption) -
Small various fixes - Added reasoning for not supporting M1 Macs - Added
Acknowledgements at the end of the guide - Added some resources to
cold-boot, evil-maid defenses</p>
<p>v0.5.7 - Added methods to check Trim/ATA/NVMe operations on external
SSDs - Added methods to securely delete data on Qubes OS</p>
<p>v0.5.6 - Added donations/sponsorship support to this project using
Monero - Added reference to Law Enforcement surveillance capabilities
(CCC video) - Added guidance to remove some forensic traces from MacOS -
Added guidance to remove some forensic traces from Linux (log deletion
and trim) - Added variants for securely erasing SSD drives (only ATA
drives were mentioned, added specific info for NVMe drives). - Added
lists of laptop brands supporting Secure Erase (SSD) from BIOS/UEFI. -
Changed recommendation from GParted to System Rescue instead due to
GParted not providing nvme-cli by default. - Fix: Multiple fixes in
SDD/HDD sections (layout, duplicate data…) - Fix: Multiple fixes in SDD
secure erasing section and added various warnings for various methods -
Fix: Removed blkdiscard from wrong section and from MacOS as its not
supported on MacOS by Homebrew - Various spelling/grammar fixes</p>
<p>v0.5.5 - Added passphrase recommendations (xkcd.com) in the OPSEC
section and other sections.</p>
<p>v0.5.4 - Added more information and mitigation possibilities for CPU
exploits on Virtual Machines (Spectre, Meltdown…)</p>
<p>v0.5.3 - Added guidance to hidden containers with plausible
deniability in the backup section - Added guidance for online backups -
Added information for VPN kill switches for Whonix, MacOS and Linux</p>
<p>v0.5.2 - Update of GPG key (added no-reply e-mail) to get verified
commits</p>
<p>v0.5.1 - Small various fixes</p>
<p>v0.5.0 - Added Watermarking section in threats with
pictures/videos/audios watermarks and printer watermarks within</p>
<p>v0.4.9 - Various small spelling/grammar/layout fixes - Added some
Laptop recommendations and more info about Libreboot and Coreboot -
Added various references to key disclosure laws - Added guidance to
create a mat2-web guest Debian VM for removing metadata from files
conveniently - Changed CHANGELOG to markdown for integrating into GitHub
Pages</p>
<p>v0.4.8 - Various fixes on spelling/grammar and layout - Various fixes
on KeepassXC sections for Linux/MacOS - Added hardening recommendations
for Virtualbox - Added VPN installation tutorials for Linux/MacOS</p>
<p>v0.4.7 - added Virtualbox workaround for Spectre/Meltdown issue
mitigation - added section and guidance to remove metadata from various
files and tools - added reference to Haven app for physical security in
OPSEC section - added recommendation to use systematic TOTP 2FA for
online identities when possible - added references to Deepfakes, facial
recognition and fingerprint recognition in biometric threats</p>
<p>v0.4.6 Added link to Shodan to Smart Devices Section, Full rewrite of
data wipe sections (especially SSDs)</p>
<p>v0.4.5 Improved SSD/HDD erasure section and some spelling fixes.</p>
<p>v0.4.x Added Backup methods, OPSec tricks, Malicious USB, Printers
and various fixes</p>
<p>v0.3.x Added MacOS information and various fixes</p>
<p>v0.2.x Added Qubes OS information and various fixes</p>
<p>v0.1.x Initial Release (missing Qubes OS details and MacOS
support)</p>
</body>
</html>