nihilist`s Blog
Previous Page

OPSEC: Privacy, Anonymity and Plausible Deniability

Tutorials to show how to achieve Privacy, Anonymity and Plausible Deniability online. I have a quality standard as to how i do these tutorials, if there are any improvements i can do on them please let me know.

SHOWCASED ARTICLE: Learn how to audit your own setup, to determine your Operational Security (OPSEC) Level, and find out what is the most appropriate internet use for it.


Articles Status:

  1. ⭐: Personal Favorite
  2. βœ…: Completed
  3. 🟠: Work in progress
  4. ❌: Not started yet

⚠️ This Blog is open to contributions:

If you want to contribute, check out the gitea repository for contributions here. (i'm rewarding 10 to 50 euros in monero per new complete blogpost), if the blogpost you want to contribute is not listed below, validate your blogpost idea with me beforehand.

πŸ“ Explaining Concepts

  1. βœ… a Nihilist's Manifesto
  2. βœ… Privacy, Anonymity, Plausible Deniability, Decentralisation, Security, and 0days
  3. βœ… Governments, Centralisation, and Law Enforcement
  4. βœ… Governments fear Decentralisation and Anonymity

πŸ“ Explaining OPSEC ⭐

  1. βœ… Audit your OPSEC and determine the appropriate internet use
  2. βœ… Internet usage segmentation (QEMU VMs + Identity Management)
  3. βœ… OPSEC: Using the right Technology and Behavior




OPSEC LEVEL 1: Privacy

πŸ“ Explaining Privacy

  1. βœ… What is Privacy ? Why is it important ?
  2. βœ… The main source of Privacy: Open source software
  3. βœ… The lack of Open Source Hardware (CPUs, Motherboards, GPUs)

πŸ’» Getting started

  1. βœ… How to install Linux from a Windows PC ⭐
  2. βœ… How to install and update programs on Linux
  3. βœ… How to install GrapheneOS on a Pixel Phone

πŸ’» File Sharing

  1. ❌ One on One large file sharing (Syncthing over VPN)
  2. ❌ P2P large file sharing (Torrents over VPN)

πŸ’» Privacy means Open Source (FOSS)

  1. βœ… How to compile open source software + How to verify software integrity
  2. βœ… How to Virtualize Machines (QEMU/KVM Hypervisor)
  3. βœ… How to get privacy from your ISP using a VPN
  4. βœ… Route QEMU VMs through a Host OS VPN
  5. βœ… Password Management 101 (How to use Keepass)
  6. βœ… Serverside: Should I trust serverside encryption? Should I use PGP?
  7. βœ… Private Messaging (PGP encryption)
  8. ❌ How to use GPG SmartCards to secure your PGP keys

⚠️ Miscellaneous - In real life

  1. ❌ Hide the contents of a mail package





OPSEC LEVEL 2: Anonymity

πŸ“ Explaining Anonymity

  1. βœ… What is Anonymity ? Why is it Important ?
  2. βœ… Why isn't Privacy enough for Anonymous use ?
  3. βœ… The main source of Anonymity: The Tor Network
  4. βœ… Using Tor Safely: Tor through VPN or VPN through Tor ?
  5. 🟠 Phone Numbers are incompatible with Anonymity
  6. ❌ How to protect against fingerprinting (persona, text, files)
  7. ❌ How to run a local LLM to change your writing style (and it's use in whonix VM)

πŸ’» Clientside - Getting Started (⚠️ Check if your ISP allows Tor or Not!)

  1. ❌How to setup and navigate Qubes OS
  2. βœ… Tor Web Browser setup
  3. βœ… How to use the Tor Browser on Mobile
  4. βœ… Tails OS QEMU VM for Temporary Anonymity
  5. βœ… VMs for Long-term Anonymity (Whonix QEMU VMs)

πŸ’» File Sharing

  1. ❌ How to send small files Anonymously (Onionshare)
  2. ❌ One on One large file sharing (Syncthing over Tor)
  3. ❌ P2P large file sharing (Torrents over i2p or Tor)

πŸ’» Clientside - Decentralized Finances ⭐

  1. βœ… Why Financial decentralisation ? (Cryptocurrencies, Exchanges and KYC) ⭐
  2. βœ… How to acquire and use Monero
  3. βœ… Why can't I trust Centralised Exchanges, and random Monero nodes ?
  4. βœ… Haveno Decentralised Exchange direct Fiat -> XMR transaction ⭐
  5. βœ… Haveno DEX Dispute resolution (Fiat -> XMR)
  6. βœ… Haveno DEX Bank Transfer (ex: SEPA) -> XMR transaction
  7. βœ… Haveno DEX Cash By Mail -> XMR transaction ⭐
  8. ❌ Convert Monero into other Cryptos Anonymously (XMR -> BTC Atomic Swaps DEX)
  9. ❌ Monero Inheritence Management

πŸ’» Clientside - Making use of Anonymity (Non-KYC Providers)

  1. ❌ How to get a mail account anonymously (Mails as a service)
  2. ❌ How to get a phone number anonymously (Remote SMSes as a service)
  3. ❌ How to get a credit card anonymously (Credit cards as a service)
  4. ❌ How to get a residential proxies anonymously

πŸ§… Serverside - Contributing to Anonymity

  1. βœ… Tor Bridge Node
  2. βœ… Tor Node
  3. βœ… Tor Exit Node
  4. βœ… Monero Node
  5. βœ… Monero Mining with p2pool (help validate the network)
  6. ❌ Haveno Seed Node
  7. ❌ Haveno DEX Network

πŸ§… Serverside - Anonymous Hidden Services

  1. βœ… Where to host Anonymous Hidden Services ?
  2. βœ… Hidden Service with custom .onion Vanity V3 address
  3. ❌ Basic Webserver setup (NGINX / PHP / MYSQL)
  4. ❌ Minimalistic MoneroSSO .onion setup
  5. 🟠 XMPP prosody .onion setup (chat service)
  6. ❌ Gitea .onion setup (Code repositories)
  7. ❌ Nextcloud .onion setup (cloud storage)
  8. ❌ Mastodon .onion setup (Microblogging)
  9. ❌ Discourse .onion setup (Forums)
  10. ❌ How to setup Nerostr (Nostr blogging)


πŸ§… Serverside - Anonymous Clearnet Services

  1. βœ… Where to host Anonymous Clearnet Services ?
  2. βœ… How to rent remote servers anonymously (Cloud resellers) ⭐
  3. βœ… How to rent remote domains anonymously (Registrar resellers) ⭐
  4. βœ… Remote anonymous access setup (cockpit + ssh through tor)
  5. βœ… Clearnet Bind9 DNS server setup (with DNSSEC)
  6. βœ… Clearnet Matrix server (federated clearnet chatting)
  7. βœ… Anonymous (remote or self-hosted) clearnet Mail Server ⭐


⚠️ Miscellaneous - In real life

  1. ❌ How to send a mail package anonymously
  2. ❌ How to recieve a mail package anonymously
  3. ❌ How to remain Anonymous during a protest



OPSEC LEVEL 3: Plausible Deniability

πŸ“ Explaining Plausible Deniability

  1. βœ… What is Plausible Deniability ? Why is it Important ?
  2. βœ… Why Anonymity isn’t enough for Sensitive use ?
  3. 🟠 Sensitive Services: Self-Host or Host Remotely ?

πŸ’» Clientside - Getting Started

  1. βœ… The main source of Plausible Deniability: Veracrypt Hidden Partitions
  2. βœ… Plausibly Deniable Critical Data Backups
  3. 🟠 Plausibly Deniable Anonymity VMs (Whonix VMs in a Hidden Volume)⭐

πŸ’» Steganography - Hiding secrets in plain sight

  1. ❌ Other sources of Plausible Deniability: Steganography Introduction
  2. ❌ Hiding textfiles into images
  3. βœ… Hiding entire zipfiles into videofiles files (zulucrypt)

πŸ§… Serverside - Plausible Deniability at Home (⚠️ Self Hosting = Risky!)

  1. βœ… Open source router VM setup (pfsense on QEMU/KVM)
  2. βœ… Electrical Failover (basic UPS setup)
  3. βœ… Internet Failover (Dual WAN pfsense setup)
  4. ❌ Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service)
  5. βœ… Automating Deniable Encryption Protection (USB Changes, detecting movements, and SSH bruteforce attempts)
  6. βœ… Endgame V3 (.onion service Anti DDOS / Load Balancer / WAF + Captcha) ⭐

πŸ§… Serverside - Remote Plausible Deniability (⚠️ Remote Hosting = Safer!)

  1. ❌ When the Adversary is the cloud provider himself
  2. ❌ Protecting against cold boot attacks, with RAM encryption (no hardware access!)
  3. ❌ System Intrusion / Integrity monitoring (kernel modules, binary files, unwanted processes, hardwre changes)
  4. ❌ Custom Linux OS making (debian-based)
  5. ❌ Obtaining a non-KYC dedicated server, with a custom OS
  6. ❌ Intrusion detection on remote servers



Inspirations

  1. Hack Liberty Resources
  2. Privacy Guides
  3. Simplified Privacy
  4. The Hitchhiker's guide to Anonymity


Non-KYC VPS providers



Current services used:

  1. ServersGuru (KYC-Free reseller of cloud providers like Hetzner)
  2. nicevps.net (KYC-Free registrar)

Previous services:

  1. Incognet (both registrar and cloud provider)
  2. Hostiko (cloud provider)
  3. Other Non-KYC Cloud Providers



LEGAL DISCLAIMER: 
Across the entirety of my blog, in all articles that I made, I advocate for the legal use of technologies, even when I am talking about Privacy-enhancing and Anonymity-enabling technologies. In no way am I advocating for any illegal use of any technology showcased in any article on my blog. as the goal of this blog is to remain stricly informative and educative.


I decline any and all responsibility for any mis-use of any of the technology i showcase in the entirety of my blog. I also decline any and all responsibility for any physical, digital and psychological damage caused by the mis-use of any showcased technology, as the responsibility of such acts remains with the perpretating third-party. By reading this blog, you permanently, irrevocably and world-widely agree that I am in no way am responsible for any illegal action done by you or anyone that uses any of the showcased technology in my blog articles.

Nihilism

Until there is Nothing left.

My Links

RSS Feed
Matrix Chat

About nihilist

Donate XMR: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8


Contact: nihilist@contact.nowhere.moe (PGP)