⛦𝟛𝟙𝟛𝟛𝟟 𝕙𝟜𝕩𝕩𝟘𝕣🏴‍☠️₵Ɏ₱ⱧɆⱤ₱Ʉ₦₭ 🏴𝖍𝖆𝖈𝖐 𝖙𝖍𝖊 𝖕𝖑𝖆𝖓𝖊𝖙⛦

  • 4 Posts
  • 11 Comments
Joined 2Y ago
cake
Cake day: Feb 06, 2023

help-circle
rss

hi wravoc, good to see you again and i must say your git page is looking sweeet


Master Anonymity and Privacy: Essential Guides Compilation
- [Anonymous Planet](https://anonymousplanet.org/) - a community contributed online guide to anonymity written for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed, censored, harassed anywhere - [Privacy Guides](https://www.privacyguides.org/) - a non-profit, socially motivated website that provides information for protecting your data security and privacy - [Extreme Privacy 4th Edition](https://annas-archive.org/md5/3bca9891bf832a50e0f8d7aee7555eb3) - Michael Bazzell has helped hundreds of celebrities, billionaires, and everyday citizens disappear completely from public view. - [Anonymous Land](https://www.anonymousland.org) - a community dedicated to providing anonymity enhancing guides and services - [Prism Break](https://prism-break.org) - opt out of global data surveillance programs like prism, xkeyscore and tempora. - [The New Oil](https://thenewoil.org/) [[Tor](http://vyrgfx4jz2lnejqduons56ph5xtsrtaoo7ovny53dd7okyzhfsgkzbad.onion/)] - the beginner’s guide to data privacy & cybersecurity - [Techlore](https://www.techlore.tech) - a small team educating people about digital rights, privacy, security, digital control, and other important topics to push the world towards a safer internet - [Qubes OS for Anarchists](https://www.anarsec.guide/posts/qubes/) [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/qubes/index.html)] - Qubes OS is a security-oriented operating system (OS), which means it is an operating system designed from the ground up to be more difficult to hack. Given that anarchists are regularly targeted for hacking in repressive investigations, Qubes OS is an excellent choice - [GrapheneOS for Anarchists](https://www.anarsec.guide/posts/grapheneos/) - [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/grapheneos/index.html)] - anarchists should not have phones. if you must use a phone, make it as difficult as possible for an adversary to geotrack it, intercept its messages, or hack it. this means using grapheneos - [Tails for Anarchists](https://www.anarsec.guide/posts/tails/) [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/tails/index.html)] - tails is an operating system that makes anonymous computer use accessible to everyone. tails is designed to leave no trace of your activity on your computer unless you explicitly configure it to save specific data - [Tails Opsec for Anarchists](https://www.anarsec.guide/posts/tails-best/) [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/tails-best/index.html)] - additional precautions you can take that are relevant to an anarchist threat model - operational security for tails - [Make Your Electronics Tamper-Evident](https://www.anarsec.guide/posts/tamper/) [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/tamper/index.html)] - if the police ever have physical access to an electronic device like a laptop, even for five minutes, they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. one way to minimize this risk is to make it tamper-evident - [Encrypted Messaging for Anarchists](https://www.anarsec.guide/posts/e2ee/) [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/e2ee/index.html)] - This article provides an overview and installation instructions for Tails, Qubes OS, and GrapheneOS encrypted messengers - [Kill the Cop in Your Pocket](https://www.anarsec.guide/posts/nophones/) [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/nophones/index.html)] - your phone's location is tracked at all times, and this data is harvested by private companies, allowing police to bypass laws requiring them to obtain a warrant - [Remove Identifying Metadata From Files](https://www.anarsec.guide/posts/metadata/) [[Tor](http://uwb25d43nnzerbozmtviwn7unn7ku226tpsjyhy5n4st5cf3d4mtflqd.onion/posts/metadata/index.html)] - metadata is 'data about data' or 'information about information'. in the context of files, this can mean information that is automatically embedded in the file, and this information can be used to deanonymize you - [Defending against Stylometric attacks](https://seirdy.one/posts/2022/07/09/stylometric-fingerprinting-redux/) [[Tor](http://wgq3bd2kqoybhstp77i3wrzbfnsyd27wt34psaja4grqiezqircorkyd.onion/posts/2022/07/09/stylometric-fingerprinting-redux/)] - stylometric fingerprinting analyzes unique writing style (i.e., it uses stylometry) to identify the author of a work. it’s one of the most common techniques for de-anonymization, used by adversaries ranging from trolls to law enforcement - [EFF Surveillance Self-Defense: The Basics](https://ssd.eff.org/module-categories/basics) - surveillance self-defense is a digital security guide that teaches you how to assess your personal risk from online spying. it can help protect you from surveillance by those who might want to find out your secrets, from petty criminals to nation states - [EFF Surveillance Self-Defense: Tool Guides](https://ssd.eff.org/module-categories/basics) - step-by-step tutorials to help you install and use handy privacy and security tools - [Into the Crypt](https://0xacab.org/optout/into-the-crypt) - the art of anti-forensics - [Advanced Privacy and Anonymity Using VMs, VPN’s, Tor](https://www.ivpn.net/privacy-guides/advanced-privacy-and-anonymity-part-1/) - a series of guides that explains how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation through nested chains of VPNs and Tor - [How to create anonymous Telegram and Signal accounts without a phone](https://web.archive.org/web/20230603151721/https://agorism.blog/anarkio/anonymous-telegram-account) - a guide for using Whonix & Anbox to create anonymous mobile accounts without a phone - [Security Tips & Devices for Digital Nomads](https://web.archive.org/web/20231010234237/https://officercia.mirror.xyz/GX0LvoKDcC12ACXzhT3F_3PVRSfEyhE8cJYMZnoia9U) - various tools and gadgets for OpSec, written with a preference for practical usability - [Telegram Security Best Practices](https://web.archive.org/web/20231011012559/https://officercia.mirror.xyz/i9-pRa_r9Of1RNf-tnkhJLO9ho3gwhBK-4ARHNFtmvM) - quick tips that will help you sleep better at night when using Telegram read more at: https://git.hackliberty.org/hackliberty.org/Hack-Liberty-Resources/
fedilink

Washington-based Digital Impact Alliance (DIAL) has called for more money to be set aside for digital public infrastructure (DPI) including one of its elements, digital ID – and this means not only the funds earmarked for the technology portion of it. Currently, DPI projects can count on $400 million by the end of the decade – that is the figure “stakeholders” have already committed to “the cause.” Essentially, DIAL is advocating for money to be steadily spent on promotion of its mission via seemingly “trustworthy” messengers such as civil societies, academics, etc. Apparently, this would also allow their participation in governance, as well as the design and deployment of various DPIs. Among those sitting on DIAL’s board are the director of USAI, an organization known for its involvement in setting up the digital ID in Ukraine, as well as the president and CEO of the UN Foundation, and a Gates Foundation senior adviser.
fedilink

The internet was less free and open for users around the world last year, the human rights advocacy organization Freedom House said Wednesday — a trajectory that has the potential to worsen if artificial intelligence tools are used in undemocratic ways. The organization’s 13th annual Freedom on the Net [report](https://freedomhouse.org/report/freedom-net/2023/repressive-power-artificial-intelligence) is a worldwide survey ranking digital rights in 70 countries, based on metrics such as the prevalence of censorship, disinformation campaigns, surveillance, punishments for online speech, and more. This iteration of the report covered June 2022 through May of this year. Last year set multiple troubling records, including for the number of countries — 55 total — where people faced legal trouble because of their online speech. Governments in a record 41 countries restricted access to websites “hosting political, social, and religious speech.”
fedilink

Under the pretense of fortifying digital security in the United States, newly proposed legislation seeks to transform the United States Postal Service (USPS) into a hub for digital IDs. Senators Ron Wyden, a Democrat, and Bill Cassidy, Republican, have put forth the bill known as the Post Office Services for Trustworthy Identity Act. The proposed legislation opens new discourse on digital privacy and the potential for abnormal surveillance measures, sparking debate over the delicate balance between biosecurity and preserving citizens’ fundamental rights. We obtained a copy of the bill for you here [[PDF]](https://docs.reclaimthenet.org/post-id-act.pdf). The proposed legislation comes in response to the piecemeal approach taken towards biometric identification in America. Historically, disjointed programs have been created by different states and separate agency undertakings, giving rise to the necessity for a more coherent national strategy. The Post Office Services for Trustworthy Identity Act could mark a landmark shift, focusing on service provision rather than overarching digital ID strategy.
fedilink

Depending on your vehicle… It’s possible to remove all the Nanny tracking via some DIY hacks or even a call to “opt out”


If you think Fdroid security is on par with Google security… then I got a bridge to sell you



The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.

Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.

If you have a lower threat model, this post isn’t for you…


Sure, atleast you admit there’s a trade off (security) for (FOSS) and maybe some additional privacy.

People should be made aware of the risks and choose according to their threat models, which is why I’ve highlighted some of these issues to begin with.


Doesn’t affect the end user… beyond diminished security. Are you implying I should trust Fdroid devs as much as I would trust Google devs?


Sure, I’ll spell it out for you since apparently the point went right over your head. Fdroid devs are a single point of failure by signing every application themselves. This introduces a potential for supply chain attack, not to mention Fdroid running on EOL servers.

When you use an individual dev repo, you can avoid any trojanized apps from Fdroid because the developers maintain their own infrastructure and sign their own apks.

That’s called… D I S T R I B U T E D T R U S T




Normie’s gonna normie. If we ain’t talking over signal we ain’t talking.