راهنمای مسافر به ناشناسی آنلاین - نسخه ۰.۹.۴ - مه ۲۰۲۱
The Hitchhiker’s Guide to Online Anonymity - Version 0.9.4 - May 2021 Version 0.9.4
معرفی کتاب «راهنمای مسافر به ناشناسی آنلاین - نسخه ۰.۹.۴ - مه ۲۰۲۱» (با عنوان لاتین The Hitchhiker’s Guide to Online Anonymity - Version 0.9.4 - May 2021 Version 0.9.4) نوشتهٔ AnonymousPlanet، منتشرشده توسط نشر AnonymousPlanet در سال 2021. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
This is a maintained technical guide that aims to provide introduction to various online tracking techniques, online id verification techniques and guidance to creating and maintaining (truly) anonymous online identities including social media accounts safely and legally. No pre-requisites besides English reading are required. It is written with hope for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed/censored anywhere! This guide is an open-source non-profit initiative, licensed under Creative Commons Attribution 4.0 International (cc-by-4.0) and is not sponsored/endorsed by any commercial/governmental entity. The latest version is 0.9.4, See the CHANGELOG at https://anonymousplanet.org/CHANGELOG.html Latest Online HTML versions at: Main: https://anonymousplanet.org/guide.html [Archive.org] [Archive.today] Mirror: https://mirror.anonymousplanet.org/guide.html [Archive.org] [Archive.today] Tor Mirror: http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion/guide.html Archive.today over Tor: http://archivecaslytosk.onion/anonymousplanet.org/guide.html Requirements: Introduction: Understanding some basics of how some information can lead back to you and how to mitigate some: Your Network: Your IP address: Your DNS requests: Your RFID enabled devices: The Wi-Fis and Bluetooth devices around you: Malicious/Rogue Wi-Fi Access Points: Your Anonymized Tor/VPN traffic: Some Devices can be tracked even when offline: Your Hardware Identifiers: Your IMEI and IMSI (and by extension, your phone number): Your Wi-Fi or Ethernet MAC address: Your Bluetooth MAC address: Your CPU: Your Operating Systems and Apps telemetry services: Your Smart devices in general: Yourself: Your Metadata including your Geo-Location: Your Digital Fingerprint, Footprint, and Online Behavior: Your Clues about your Real Life and OSINT: Your Face, Voice, Biometrics and Pictures: Phishing and Social Engineering: Malware, exploits, and viruses: Malware in your files/documents/e-mails: Malware and Exploits in your apps and services: Malicious USB devices: Your files, documents, pictures, and videos: Properties and Metadata: Watermarking: Pictures/Videos/Audio: Printing Watermarking: Pixelized or Blurred Information: Your Crypto currencies transactions: Your Cloud backups/sync services: Your Browser and Device Fingerprints: Local Data Leaks and Forensics: Bad Cryptography: No logging but logging anyway policies: Some Advanced targeted techniques: Some bonus resources: Notes: General Preparations: Picking your route: Timing limitations: Budget/Material limitations: Skills: Adversaries (threats): Steps for all routes: Get an anonymous Phone number: Physical Burner Phone and prepaid SIM card: Get a burner phone: Get an anonymous pre-paid SIM card: Online Phone Number (less recommended): Get an USB key: Find some safe places with decent public Wi-Fi: The TAILS route: Persistent Plausible Deniability using Whonix within TAILS: First Run: Subsequent Runs: Steps for all other routes: Get a dedicated laptop for your sensitive activities: Some laptop recommendations: Bios/UEFI/Firmware Settings of your laptop: PC: About Secure boot: Mac: Physically Tamper protect your laptop: The Whonix route: Picking your Host OS (the OS installed on your laptop): Threats with encryption: The 5$ Wrench: Evil-Maid Attack: Cold-Boot Attack: About Sleep, Hibernation and Shutdown: Local Data Leaks (traces) and forensics examination: Windows: MacOS: Linux: Online Data Leaks: Conclusion: Linux Host OS: Full disk encryption: Reject/Disable any telemetry: Disable anything unnecessary: Hibernation: Enable MAC address randomization: Hardening Linux: Setting up a safe Browser: MacOS Host OS: During the install: Hardening MacOS: Enable Firmware password with “disable-reset-capability” option: Enable Hibernation instead of sleep: Disable unnecessary services: Prevent Apple OCSP calls: Enable Full Disk encryption (Filevault): MAC Address Randomization: Setting up a safe Browser: Windows Host OS: Installation: Enable MAC address randomization: Setting up a safe Browser: Enable some additional privacy settings on your Host OS: Windows Host OS encryption: Enable Hibernation (optional): Deciding which sub-route you will take: Route A and B: Simple Encryption (Windows tutorial) Route B: Plausible Deniability Encryption with a Hidden OS (Windows only) Step 1: Create a Windows 10 install USB key Step 2: Boot the USB key and start the Windows 10 install process (Hidden OS) Step 3: Privacy Settings (Hidden OS) Step 4: Veracrypt installation and encryption process start (Hidden OS) Step 5: Reboot and boot the USB key and start the Windows 10 install process again (Decoy OS) Step 6: Privacy settings (Decoy OS) Step 7: Veracrypt installation and encryption process start (Decoy OS) Step 8: Test your setup (Boot in Both) Step 9: Changing the decoy data on your Outer Volume safely Step 10: Leave some forensics evidence of your outer Volume (with the decoy Data) within your Decoy OS Notes: Virtualbox on your Host OS: Pick your connectivity method: Tor only: VPN/Proxy over Tor: Tor over VPN: VPN only: No VPN/Tor: Conclusion: Get an anonymous VPN/Proxy: Whonix: A note on Virtualbox Snapshots: Download Virtualbox and Whonix utilities: Virtualbox Hardening recommendations: Tor over VPN: Whonix Virtual Machines: Pick your guest workstation Virtual Machine: If you can use Tor: If you cannot use Tor: Linux Virtual Machine (Whonix or Linux): Whonix Workstation (recommended and preferred): Linux (any distro): If you can use Tor (natively or over a VPN): If you cannot use Tor: Windows 10 Virtual Machine: Windows 10 ISO download: If you can use Tor (natively or over a VPN): Install: Network Settings: Choose a browser within the VM: If you cannot use Tor: Install: Network Settings: Choose a browser within the VM: Additional Privacy settings in Windows 10: Android Virtual Machine: If you can use Tor (natively or over a VPN): If you cannot use Tor: Installation: MacOS Virtual Machine: If you can use Tor (natively or over a VPN): If you cannot use Tor: Installation: KeepassXC: VPN client installation (cash/Monero paid): Final steps: The Qubes Route: Pick your connectivity method: Tor only: VPN/Proxy over Tor: Tor over VPN: VPN only: No VPN/Tor: Conclusion: Get an anonymous VPN/Proxy: Installation: Lid Closure Behavior: Connect to a Public Wi-Fi: Update Qube OS: Setup the VPN ProxyVM: Create the ProxyVM: Download the VPN configuration from your cash/Monero paid VPN provider: If you can use Tor: If you cannot use Tor: Configure the ProxyVM: VPN over Tor: Setup a disposable Browser Qube for VPN over Tor use: Tor Over VPN: Any other combination? (VPN over Tor over VPN for instance) Setup a safe Browser within Qube OS (optional but recommended): Fedora Disposable VM: Whonix Disposable VM: Setup an Android VM: If you can use Tor (natively or over a VPN): If you cannot use Tor: Installation: KeePassXC: Creating your anonymous online identities: Understanding the methods used to prevent anonymity and verify identity: Captchas: Phone verification: E-Mail verification: User details checking: Proof of ID verification: IP Filters: Browser and Device Fingerprinting: Human interaction: User Moderation: Behavioral Analysis: Financial transactions: Sign-in with some platform: Live Face recognition and biometrics (again): Manual reviews: Getting Online: Creating new identities: The Real-Name System: Overview: Amazon: Apple: Briar: Discord: Element: Facebook: GitHub: GitLab: Google: HackerNews: Instagram: Jami: iVPN: LinkedIn: Medium: Microsoft: Mullvad: Njalla: OnionShare: ProtonMail: ProtonVPN: Reddit: Slashdot: Telegram: Tutanota: Twitter: Twitch: WhatsApp: 4chan: Crypto Wallets: What about those mobile only apps (WhatsApp/Signal)? Anything else: How to share files or chat anonymously: End-to-end Encryption: Roll your own crypto: Forward Secrecy: Zero-Access Encryption at rest: Metadata Protection: Open-Source: Comparison: Conclusion: Redacting Documents/Pictures/Videos/Audio safely: Communicating sensitive information to various known organizations: Maintenance tasks: Backing-up your work securely: Offline Backups: Selected Files Backups: Requirements: Veracrypt: Normal File containers: Hidden File containers with plausible deniability: Full Disk/System Backups: Requirements: Some general warnings and considerations: Linux: Ubuntu (or any other distro of choice): QubesOS: Windows: MacOS: Online Backups: Synchronizing your files between devices Online: Covering your tracks: Understanding HDD vs SSD: Wear-Leveling. Trim Operations: Garbage Collection: Conclusion: How to securely wipe your whole Laptop/Drives if you want to erase everything: Linux (all versions including Qubes OS): System/Internal SSD: External SSD: Internal/System HDD: External/Secondary HDD and Thumb Drives: Windows: System/Internal SSD: External SSD: Internal/System HDD: External/Secondary HDD and Thumb Drives: MacOS: System/Internal SSD: External SSD: External HDD and Thumb Drives: How to securely delete specific files/folders/data on your HDD/SDD and Thumb drives: Windows: System/Internal SSD drive: Internal/External HDD or a USB Thumb Drive: External SSD drive: Linux (non Qubes OS): System/Internal SSD drive: Internal/External HDD drive or a Thumb Drive: External SSD drive: Linux (Qubes OS): System/Internal SSD drive: Internal/External HDD drive or a Thumb Drive: External SSD drive: MacOS: System/Internal SSD drive: System/Internal, External HDD drive or a Thumb Drive: External SSD drive: Some additional measures against forensics: Removing Metadata from Files/Documents/Pictures: Pictures and videos: ExifCleaner: ExifTool: Windows Native tool: Cloaking/Obfuscating to prevent picture recognition: PDF Documents: PDFParanoia (Linux/Windows/MacOS/QubesOS): ExifCleaner (Linux/Windows/MacOS/QubesOS): ExifTool (Linux/Windows/MacOS/QubesOS): MS Office Documents: ExifCleaner: ExifTool: LibreOffice Documents: ExifCleaner: ExifTool: All-in-one Tool: TAILS: Whonix: MacOS: Guest OS: Host OS: Quarantine Database (used by Gatekeeper and XProtect): Various Artifacts: Force a Trim operation after cleaning: Linux (Qubes OS): Linux (non-Qubes): Guest OS: Host OS: Windows: Guest OS: Host OS: Diagnostic Data and Telemetry: Event logs: Veracrypt History: Browser History: Wi-Fi History: Shellbags: Extra Tools Cleaning: PrivaZer: BleachBit: Force a Trim with Windows Optimize (for SSD drives): Removing some traces of your identities on search engines and various platforms: Google: Bing: DuckDuckGo: Yandex: Qwant: Yahoo Search: Baidu: Wikipedia: Internet Archive: Some low-tech old-school tricks: Hidden communications in plain sight: How to spot if someone has been searching your stuff: Some last OPSEC thoughts: If you think you got burned: If you have some time: If you have no time: A small final editorial note: Donations: Acknowledgements: Appendix A: Windows Installation Installation: Privacy Settings: Appendix B: Windows Additional Privacy Settings Appendix C: Windows Installation Media Creation Appendix D: Using System Rescue to securely wipe an SSD drive. Appendix E: Clonezilla Appendix F: Diskpart Appendix G: Safe Browser on the Host OS If you can use Tor: If you cannot use Tor: Appendix H: Windows Cleaning Tools Appendix I: Using ShredOS to securely wipe an HDD drive: Windows: Linux: Appendix J: Manufacturer tools for Wiping HDD and SSD drives: Tools that provide a boot disk for wiping from boot: Tools that provide only support from running OS (for external drives). Appendix K: Considerations for using external SSD drives Windows: Trim Support: ATA/NVMe Operations (Secure Erase/Sanitize): Linux: Trim Support: ATA/NVMe Operations (Secure Erase/Sanitize): MacOS: Trim Support: ATA/NVMe Operations (Secure Erase/Sanitize): Appendix L: Creating a mat2-web guest VM for removing metadata from files Appendix M: BIOS/UEFI options to wipe disks in various Brands Appendix N: Warning about smartphones and smart devices Appendix O: Get an anonymous VPN/Proxy Cash/Monero-Paid VPN (preferred): Self-hosted VPN/Proxy on a Monero/Cash-paid VPS (for skilled users familiar with Linux): VPN VPS: Socks Proxy VPS: Linux/MacOS: Windows: Appendix P: Accessing the internet as safely as possible when Tor and VPNs are not an option Appendix Q: Using long range Antenna to connect to Public Wi-Fis from a safe distance: Appendix R: Installing a VPN on your VM or Host OS. Appendix S: Check your network for surveillance/censorship using OONI Appendix T: Checking files for malware Integrity (if available): Authenticity (if available): Security (checking for actual malware): Anti-Virus Software: Manual Reviews: PDF files: Other type of files: Appendix U: How to bypass (some) local restrictions on supervised computers Portable Apps: Bootable Live Systems: Precautions: Appendix V: What browser to use in your Guest VM/Disposable VM Appendix W: Virtualization Appendix X: Using Tor bridges in hostile environments Appendix Y: Windows AME download and installation Download: Installation:
دانلود کتاب راهنمای مسافر به ناشناسی آنلاین - نسخه ۰.۹.۴ - مه ۲۰۲۱