From 995a8396d86284c32135701fe9068c488281d029 Mon Sep 17 00:00:00 2001 From: anarsec <anarsec@riseup.net> Date: Sat, 1 Jul 2023 15:30:59 +0000 Subject: [PATCH] links --- content/posts/e2ee/index.md | 2 +- content/posts/grapheneos/index.md | 2 +- content/posts/linux/index.md | 6 +++--- content/posts/metadata/index.md | 3 ++- content/posts/nophones/index.md | 2 +- content/posts/qubes/index.md | 2 +- content/posts/tails-best/index.md | 2 +- 7 files changed, 10 insertions(+), 9 deletions(-) diff --git a/content/posts/e2ee/index.md b/content/posts/e2ee/index.md index 07380b8..7491586 100644 --- a/content/posts/e2ee/index.md +++ b/content/posts/e2ee/index.md @@ -264,6 +264,6 @@ PGP (Pretty Good Privacy) isn't so much a messaging platform as it is a way of e We recommend switching to Element for asynchronous use cases, and switching to Cwtch for synchronous use cases. If you need to use email, use a [radical server](https://riseup.net/en/security/resources/radical-servers) and see the [Riseup Guide to Encrypted Email](https://riseup.net/en/security/message-security/openpgp). -PGP is used for another purpose outside of communication: to verify the integrity of files. For this use, see our [GPG explanation](/posts/linux/#gpg-explanation). +PGP is used for another purpose outside of communication: to verify the integrity and authenticity of files. For this use, see our [GPG explanation](/posts/linux/#gpg-explanation). diff --git a/content/posts/grapheneos/index.md b/content/posts/grapheneos/index.md index d11e3b3..f0c2c31 100644 --- a/content/posts/grapheneos/index.md +++ b/content/posts/grapheneos/index.md @@ -16,7 +16,7 @@ blogimage="/images/graphene.avif" # What is GrapheneOS? GrapheneOS is a private and secure version of the Android [operating system](/glossary#operating-system-os). Standard Android smartphones have Google baked into them (for example, [Google Play Services](https://en.wikipedia.org/wiki/Google_Play_Services) has irrevocable ability to access your files, call logs, location, etc.), and it is trivial to [bypass standard Android authentication](https://www.csrc.link/threat-library/techniques/targeted-digital-surveillance/authentication-bypass.html) with [physical access](/glossary/#physical-attacks) to the device. GrapheneOS uses hardware-based security to [substantially increase the difficulty](https://grapheneos.org/faq#encryption) of bypassing the authentication, it is significantly [hardened](/glossary#hardening) against hacking, and it has all Google apps and services removed by default. Other alternative Android operating systems exist [but they are inferior](https://blog.privacyguides.org/2022/04/21/grapheneos-or-calyxos/). See the [GrapheneOS documentation](https://grapheneos.org/features) for an extensive list of the privacy and security improvements over standard Android. GrapheneOS is [regularly audited](https://grapheneos.org/faq#audit). -Cellphones leave a geolocation history when they connect to cell towers, by nature of [how the technology works](https://anonymousplanet.org/guide.html#your-metadata-including-your-geo-location). For this reason, we recommend using a smartphone which stays at home like a landline, and connects to the Internet through Wi-Fi rather than by using a SIM card to connect through cell towers. Even if you use an anonymously acquired SIM, if this is linked to your identity in the future, the service provider can be retroactively queried for all geolocation data. Additionally, it's insufficient to only leave a phone at home when you are going to a demo or action because this then [stands out](/posts/nophones/#metadata-patterns) as an outlier, serving as an indication that there is conspiratorial activity in that time window. +Cellphones leave a geolocation history when they connect to cell towers, by nature of [how the technology works](https://privsec.dev/posts/android/android-tips/#carrier-tracking). For this reason, we recommend using a smartphone which stays at home like a landline, and connects to the Internet on airplane mode through Wi-Fi rather than by using a SIM card to connect through cell towers. Even if you use an anonymously acquired SIM, if this is linked to your identity in the future, the service provider can be retroactively queried for all geolocation data. Additionally, it's insufficient to only leave a phone at home when you are going to a demo or action because this then [stands out](/posts/nophones/#metadata-patterns) as an outlier, serving as an indication that there is conspiratorial activity in that time window. # Installation [Google Pixel](https://www.privacyguides.org/android/#google-pixel) phones are the only devices that currently meet GrapheneOS's hardware security requirements - see the [supported devices](https://grapheneos.org/faq#device-support) and [recommended devices](https://grapheneos.org/faq#recommended-devices). Beginning with the Pixel 6, Pixel devices receive a minimum of [5 years of security updates](https://grapheneos.org/faq#device-lifetime) from when they are released. End-of-life devices (GrapheneOS "extended support" devices) do not have full security updates so they are not recommended. Avoid carrier variants of the phone, meaning don't buy one from a mobile network operator, which can prevent you from installing GrapheneOS. The cheapest option is to buy the "a" model just after the next flagship model is released - for example, the Google Pixel 6a after the Pixel 7 is released. diff --git a/content/posts/linux/index.md b/content/posts/linux/index.md index aeee09e..9deaf98 100644 --- a/content/posts/linux/index.md +++ b/content/posts/linux/index.md @@ -28,7 +28,7 @@ In Linux, the term for an application is a **package**. Rather than downloading How do you actually install from the software repository? Each distribution also has a **package manager**, which is an application which installs software from a software repository. Debian, and distributions based on it, use the `apt` package manager. In some distributions, it is possible to install software with a Graphical User Interface (GUI) that is using the package manager in the background, like the [Synaptic Package Manager](https://tails.boum.org/doc/persistent_storage/additional_software/index.en.html#index3h1) in Tails. # Software Alternatives -Part of the learning curve to Linux is figuring out what open-source software to use, instead of the closed-source options you will be familiar with from Windows and macOS. For example, instead of using Microsoft Word, you can use LibreOffice. An application being open-source is an essential criteria, but is insufficient to be considered secure. For example, Telegram advertises itself as being open-source, but the servers are not open-source and the cryptography is [trash](https://anonymousplanet.org/guide.html#bad-cryptography). The list of [included software for Tails](https://tails.boum.org/doc/about/features/index.en.html#index1h1) will cover many of your needs with reputable choices. +Part of the learning curve to Linux is figuring out what open-source software to use, instead of the closed-source options you will be familiar with from Windows and macOS. For example, instead of using Microsoft Word, you can use LibreOffice. An application being open-source is an essential criteria, but is insufficient to be considered secure. For example, Telegram advertises itself as being open-source, but the servers are not open-source and the cryptography is [trash](https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-the-most-backdoor-looking/). The list of [included software for Tails](https://tails.boum.org/doc/about/features/index.en.html#index1h1) will cover many of your needs with reputable choices. # The Command Line Interface The dreaded [command line](/glossary/#command-line-interface-cli)! What even is it? You are used to interacting with applications through a **Graphical User Interface (GUI)**, which means through pointing and clicking buttons with your mouse. Some applications can also be interacted with through a **Command Line Interface (CLI)**, which is textual. Many applications will be available in both CLI and GUI versions. @@ -43,7 +43,7 @@ Some commands will require elevated permissions, equivalent to 'Open as Administ Most Linux users will rarely need to use the CLI. For using [Tails](/tags/tails/), it shouldn't be required at all, although you will need the following commands for the [more secure installation](https://tails.boum.org/install/expert/index.en.html): * `wget`: this downloads files from the Internet over the Command Line (rather than through a web browser) -* `gpg`: this handles [GPG encryption](/glossary#gnupg-openpgp) operations. It is how the integrity of the Tails download is verified. +* `gpg`: this handles [GPG encryption](/glossary#gnupg-openpgp) operations. It is how the integrity and authenticity of the Tails download is verified. * `apt`: this manages packages on Debian. * `dd`: this copies a file from one disk to another. @@ -57,7 +57,7 @@ If you ever don't understand what a command is meant to do, try searching [expla #### GPG Explanation Using `gpg` during the installation of Tails or Qubes OS will be less confusing if you understand how it works. -First, some points of clarification. PGP and GPG are terms that can be used interchangeably; PGP (Pretty Good Privacy) is the encryption standard, and GPG (GNU Privacy Guard) is a program that implements it. PGP/GPG is also used for encrypted email communication ([though we don't recommend it](/posts/e2ee/#pgp-email)), but we are using it here exclusively to verify the integrity of files. +First, some points of clarification. PGP and GPG are terms that can be used interchangeably; PGP (Pretty Good Privacy) is the encryption standard, and GPG (GNU Privacy Guard) is a program that implements it. PGP/GPG is also used for encrypted email communication ([though we don't recommend it](/posts/e2ee/#pgp-email)), but we are using it here exclusively to verify the integrity and authenticity of files. GPG is a classic example of [public-key cryptography](/glossary/#public-key-cryptography). GPG provides cryptographic functions to [encrypt](/glossary/#encryption), decrypt, and sign files; our concern here is digitally signing files. The Qubes and Tails teams both generate a [digital signature](/glossary/#digital-signatures) on their .img releases. GPG gives us a way to verify that the file is truly 'signed' by the developers, which enables us to trust that it hasn't been tampered with. diff --git a/content/posts/metadata/index.md b/content/posts/metadata/index.md index d55c9b1..e39b868 100644 --- a/content/posts/metadata/index.md +++ b/content/posts/metadata/index.md @@ -41,4 +41,5 @@ Multiple photos or videos from the same camera can be tied together in this way, All modern printers leave invisible watermarks in order to encode information such as the serial number of the printer and and when it was printed. If printed material is scanned, these markings are present in the file. To learn more, see [Revealing Traces in printouts and scans](https://dys2p.com/en/2022-09-print-scan-traces.html) and the Whonix documentation on [printing and scanning](https://www.whonix.org/wiki/Printing_and_Scanning). # Further Reading -* [Redacting Documents/Pictures/Videos/Audio safely](https://anonymousplanet.org/guide.html#redacting-documentspicturesvideosaudio-safely) +* [Anonymous File Sharing](https://www.whonix.org/wiki/Surfing_Posting_Blogging#Anonymous_File_Sharing) from the Whonix documentation. +* [Redacting Documents/Pictures/Videos/Audio safely](https://anonymousplanet.org/guide.html#redacting-documentspicturesvideosaudio-safely) for a table of recommended software for creating different types of files. diff --git a/content/posts/nophones/index.md b/content/posts/nophones/index.md index 86878ac..66b4aa2 100644 --- a/content/posts/nophones/index.md +++ b/content/posts/nophones/index.md @@ -11,7 +11,7 @@ blogimage="/images/prison.jpg" toc=true +++ -With effective [security culture and OPSEC](https://www.csrc.link/read/csrc-bulletin-1-en.html#header-a-base-to-stand-on-distinguishing-opsec-and-security-culture), the forces of repression wouldn't know about our specific criminal activities, but they also wouldn't know about our lives, [relationships](https://www.csrc.link/threat-library/techniques/network-mapping.html), movement patterns, etc. This knowledge is a huge asset to help them narrow down suspects and execute targeted surveillance. The location of your phone is [tracked at all times](https://anonymousplanet.org/guide.html#your-metadata-including-your-geolocation), and this data is harvested by private companies, enabling police to bypass laws requiring them to obtain a warrant. [Hardware identifiers and the subscription information](https://anonymousplanet.org/guide.html#your-imei-and-imsi-and-by-extension-your-phone-number) of the phone are logged by cell towers with every connection. Hacking services like [Pegasus](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/) bring total phone compromise within the reach of even local law enforcement agencies, and are 'zero-click', meaning that success doesn't rely on you clicking a link or opening a file. +With effective [security culture and OPSEC](https://www.csrc.link/read/csrc-bulletin-1-en.html#header-a-base-to-stand-on-distinguishing-opsec-and-security-culture), the forces of repression wouldn't know about our specific criminal activities, but they also wouldn't know about our lives, [relationships](https://www.csrc.link/threat-library/techniques/network-mapping.html), movement patterns, etc. This knowledge is a huge asset to help them narrow down suspects and execute targeted surveillance. The location of your phone is [tracked at all times](https://www.vice.com/en/article/m7vqkv/how-fbi-gets-phone-data-att-tmobile-verizon), and this data is harvested by private companies, enabling police to bypass laws requiring them to obtain a warrant. [Hardware identifiers and the subscription information](https://anonymousplanet.org/guide.html#your-imei-and-imsi-and-by-extension-your-phone-number) of the phone are logged by cell towers with every connection. Hacking services like [Pegasus](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/) bring total phone compromise within the reach of even local law enforcement agencies, and are 'zero-click', meaning that success doesn't rely on you clicking a link or opening a file. <!-- more --> diff --git a/content/posts/qubes/index.md b/content/posts/qubes/index.md index 8a8e453..7a8cfbf 100644 --- a/content/posts/qubes/index.md +++ b/content/posts/qubes/index.md @@ -273,7 +273,7 @@ Adapted from the [docs](https://www.qubes-os.org/doc/how-to-back-up-restore-and- # Whonix and Tor The Whonix project has their own [extensive documentation](https://www.whonix.org/wiki/Documentation), as does [Kicksecure](https://www.kicksecure.com/wiki/Documentation), upon which it is based. When Whonix is used in Qubes OS it is sometimes referred to as Qubes-Whonix. Whonix can be used on other operating systems as well, but it's preferable to use it on Qubes OS due to the superior isolation it provides. -Different applications on a Whonix App qube are configured to use unique circuits of the [Tor network](/glossary#tor-network) so that their activity cannot be correlated - this is called [Stream Isolation](https://anonymousplanet.org/guide.html#pick-your-connectivity-method). +Different applications on a Whonix App qube are configured to use unique circuits of the [Tor network](/glossary#tor-network) so that their activity cannot be correlated - this is called [Stream Isolation](https://www.whonix.org/wiki/Stream_Isolation). Note that [multiple Whonix App qubes](https://www.whonix.org/wiki/Multiple_Whonix-Workstation#Safety_Precautions) should not be used simultaneously: > It is safest to only use one Whonix-Workstation at a time and for a single activity. New risks are introduced by running multiple Whonix-Workstation at the same time. For instance, if a single Whonix-Workstation was compromised, it could potentially perform various side channel attacks to learn about running processes in other VMs, and not all of these can be defeated. Depending on user activities, a skilled adversary might be able to correlate multiple Whonix-Workstations to the same pseudonym. diff --git a/content/posts/tails-best/index.md b/content/posts/tails-best/index.md index 7113f44..ecf49ac 100644 --- a/content/posts/tails-best/index.md +++ b/content/posts/tails-best/index.md @@ -118,7 +118,7 @@ On a USB with a write-protect switch, you will not be able to make any changes t 1) **For a dedicated upgrade session.** When Tails needs to be upgraded, you can do so in a dedicated session with the switch disabled - this is required because the upgrade will need to be written to the Tails USB. As soon as you are done you should reboot Tails with the switch enabled. 2) **For occasional Persistent Storage configuration sessions, if you decide to use it.** [Persistent Storage](/posts/tails/#create-and-configure-persistence) is a Tails feature that allows data to persist between otherwise amnesiac sessions. Because it requires writing to the Tails USB to persist data, it is generally impractical to use along with a write-protect switch. However, disabling the switch for occasional Persistent Storage configuration sessions, for example to install additional software, might be acceptable. For example, in an 'unlocked' session, you enable additional software for persistence and install Scribus, selecting that it is installed every session. Then, in a 'locked' session you actually use Scribus - none of the files you work on will be saved to the Tails USB, because it is 'locked'. The Persistent Storage feature is not possible using the `toram` boot, or with a DVD. -Where can we store personal data for use between Tails sessions, if the write-protect switch prevents us from using Persistent Storage? We recommend storing personal data on a second LUKS USB. This 'personal data' USB should not look identical to your Tails USB, to avoid confusing them. To make this separate USB, see [Creating and using LUKS encrypted volumes](https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html). If you happen to be reading this from a country like the UK where not providing encryption passwords can land you in jail, this second drive should be a HDD containing a [Veracrypt Hidden Volume](https://www.veracrypt.fr/en/Hidden%20Volume.html) (SDD and USB drives are not appropriate for Hidden Volumes). +Where can we store personal data for use between Tails sessions, if the write-protect switch prevents us from using Persistent Storage? We recommend storing personal data on a second LUKS USB. This 'personal data' USB should not look identical to your Tails USB, to avoid confusing them. To make this separate USB, see [Creating and using LUKS encrypted volumes](https://tails.boum.org/doc/encryption_and_privacy/encrypted_volumes/index.en.html). If you happen to be reading this from a country like the UK where not providing encryption passwords can land you in jail, this second drive should be a HDD containing a [Veracrypt Hidden Volume](https://www.veracrypt.fr/en/Hidden%20Volume.html) (SSD and USB drives are [not appropriate for Hidden Volumes](https://www.veracrypt.fr/en/Trim%20Operation.html)).  -- GitLab