Roadmap Progress (as of June 2025)
Welcome to our monthly activity recap of the OPSEC Bible Roadmap: The Opsec Bible covers a wide array of topics and tutorials, but all share the same goal: empowering the individual, to tell them how to make themselves ungovernable. Privacy comes first, then anonymity, and lastly deniability.
As you can tell, we are no longer branded "The Nihilism OPSEC Blog", we're now operating this service under the name of "The Opsec Bible", as this is one of our new marketing-related steps to better appeal to the masses. More details on those below.
Beyond our Privacy/Anonymity/Deniability classification we have 3 types of tutorials:
- Clientside Tutorials: Achieving your opsec goals on your own computer/mobile
- Serverside (Self-Hosting) Tutorials: Achieving opsec goals on your home server
- Serverside (Remote) Tutorials: Achieving opsec on remote servers (VPSes / Dedicated servers)
Within this classification of tutorials we have a special category of tutorials called the "Core tutorials" which are basically the tutorials that enable everything that is opsec-related that we are talking about. You can consider those to be the actual backbone of your operational security.
Our roadmap is based on the following critical tutorials first and foremost, as they are actually making possible every other opsec tutorial that we have.
Clientside tutorials (80% completed (-5%))
This is where The Opsec Bible shines currently, thanks to the work that has been done so far, we covered nearly everything that one can accomplish from his own computer, for his or her own opsec.
Currently this section is only missing the following tutorials (with a new planned tutorial on Black Hat hacking, which is the reason the completion rate is -5% compared to last month):
- SimpleX Deniable Chats #317
- USB-triggered emergency shutdowns #316
- NEW: Black Hat Hacking VM Setup #335
We are also missing some improvements for the following tutorials:
- Monero Inheritence #48 : need to get rid of the email server requirement
- Haveno Fiat -> XMR trades #53 : need to update how to use haveno on whonix based on the instructions on Whonix
Serverside Self-Hosting tutorials (60% completed (+40%))
Good progress in that section since last month, it was mostly an attempt from my end fix this disparity in between the clientside and serverside tutorials. Most notably
Currently this section is missing the following tutorials:
- Making your Homeserver reachable via a hidden service (SSH + RDP + Cockpit) #323
- Serverside Sensitive VM setup (whonix in a VC hidden volume) #327
- Host-OS WAN internet connection failover #185
- Automating Emergency Shutdowns (webcam movement detection) #328
- Automating Emergency Shutdowns (detecting usb changes) #329
We are also missing some improvements for the following tutorials:
- Self-Hosting a server : kicksecure host OS recap + X2GO + SSH access #318: requires us to replace RDP (as it's really a shitty protocol) with X2GO instead, which is supposedly more stable, and should be compatible with the upcoming hidden service version of that tutorial in #323
Serverside (Remote) Tutorials (65% completed (+15%))
For now on the remote serverside tutorials we are halfway there, we are lacking the following tutorials as of right now:
- Backing up data on VPSes without revealing the content to the cloud provider #321
- Anonymous Alerting System (via SimpleX bots) #223
- Deniably renting servers from the Sensitive VM #326
- Sensitive remote servers organization #222
And we are missing some improvements to those tutorials aswell:
- E2EE: why can't i trust serverside encryption ? #84
Nowhere Community News
This month i started to take some Marketing-related steps to improve the first impression of that complete noobs get to have of our work (as some reactions i've seen have actually been abysmal), for instance as you can see I rebranded the "nihilism opsec blog" to a more catchy name: The Opsec Bible. This will be a much more memorable name to have for the project, given the long road ahead that awaits us.
Those marketing steps led me to also rework the main Nowhere website to give it a fresh new, and modern look:
And lastly as you can see our motto has been changed to "You cannot be governed, you just didn't realize it yet". Complete noobs that visit both our main website, and the opsec bible itself, will get to immediately understand what our work is mean to achieve:
This one motto is the first and foremost message that i want everyone to get on their first visit to our services. This is the one common goal that everything we do is meant to lead to; Making every individual out there ungovernable, by enabling them to achieve perfect operational security.
On the infrastructure side, we also spun up 8 new onion-only SimpleX SMP and XFTP servers that you can freely use, they are listed on this page, If you don't trust them, we encourage everyone to run their own onion-only simplex servers and use them like we do.
List of all new blogposts (including the non-critical ones) from June
Below are all the new tutorials that we published in June:
- 2025-06-29: The German and Netherlands Tor Nodes problem
- 2025-06-28: Why should I price goods and services in Monero directly ?
- 2025-06-26: Forgejo SimpleX Alerts
- 2025-06-26: Monitoring SimpleX Alerts
- 2025-06-22: GrapheneOS Duress PIN
- 2025-06-16: File Verification (minisign update)
- 2025-06-13: Protesting is not Enough
- 2025-06-09: How to encrypt files and messages (Age and PGP)
- 2025-06-09: What's Agorism? (Contributed by Sam Bent)
- 2025-06-08: How to hide your self-hosted service's home IP from the end users
- 2025-06-08: Prevent IP leaks using a VPN on the Home Server Host OS
- 2025-06-08: Everyone is a Criminal
- 2025-06-07: Anonymous Alerting System (via SimpleX)
- 2025-06-07: Stylometry Protection (Using Local LLMs) [old tutorial rewrite]
- 2025-06-06: Laws do not stop crimes
- 2025-06-05: DoT, DoH, DNSCrypt, DNS over Tor and Local DNS: What actually protects you?
- 2025-06-01: Self-Hosting a Hypervisor on your Home Server
Miscellaneous Opsec Bible News
Upon much pondering i figured that the Opsec Bible could also feature both operational security mistakes the consequences of bad operational security in separate blogposts.
Operational Security Mistakes: the idea is to cover the downfalls of documented sensitive activities, including Silk road, alphabay, the recent downfall of archetyp market, and more. Those will serve as examples to justify the actual opsec advice that we have been giving to the audience.
The Consequences of Operational Security: for those the idea is to cover everything that you are supposed to know from being interrogated by the adversary, to being actually arrested, to going to trial, to going to jail, to ending up in prison and how to survive once you end up in there.
Suggest changes
Nihilist 2025-06-30
8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8 Donate XMR to the author: