But one should practically note that this is just a practical warning. The omnipotence of the Mossad and NSA etc is limited too, and their interest in things is also limited.
Basically the attack vector from them is polluting the Tor nodes (so that they control enough of them to understand information), timing attacks on onion services to figure out locations of people accessing the hidden services solely within in Tor, as well as undeclared exploits, and feeding local law enforcement around the globe the information about you.
But 9 out of 10 things you could possibly even do are not things that would have them bother with you, although it is accurate that over time you begin to have a problem if you are really trying to stay both private and anonymous and are doing criminal violations (distinct from civil violations). So just keep rotating keys and move with purpose. Limit your Tor session to implementation and execution and consider using Tor just for casual reading or accessing RDP to actually browse clearnet from someone else's computer.
> Basically the attack vector from them is polluting the Tor nodes (so that they control enough of them to understand information), timing attacks on onion services to figure out locations of people accessing the hidden services solely within in Tor, as well as undeclared exploits, and feeding local law enforcement around the globe the information about you.
yeah running 1 or 2 of your own Tor nodes seems to be pretty ideal. One of which being an exit node. Connecting to that is the move.
providing an obfs4 bridge seems good too
but I really wish there was a docker container for all this, the documentation is all over the place, most of it is just on forums that can only be accessed on Tor and those forums have unreliable uptime, it is really discouraging but it seems like there are some very competent people that are so comfortable doing this that one could just assume they all have this greater level of OPSEC and infrastructure
But if they can trace back all the activity pertaining to a case they can show strongly though not conclusively that you were probably the source? Also as long as they can prove that you constructed the setup you also start looking guilty as hell..
Problem is, you essentially can’t trust people. Not even in a personal “do I know this person” way. But fundamentally people are squishy. If you squish them too much, they’ll do things they never wanted to do. That unfortunately is why groups greater than 1 are a weak spot.
In your scenario, you’ll never know if the last person increments an ID somewhere or did some other activity that adds compromises the chain.
Your ISMI (aka your sim card) is going to be sent alongside your IMEI, which makes that type of identity "borrowing" pointless because the carrier can see right through it. wifi mac addresses can be easily spoofed without swapping hardware. Overall I don't see much value in swapping hardware.
again, once you pay for it, even with cash, they can track you down(though it may take a while). It's trivially easy to see where a given # is, so once they know the phone #, they can pretty easily find out who has it in their possession, by just showing up and seeing who has it in their hand.
Not to say there isn't SOME anonymity by paying cash for a burner phone, but it's not even remotely fool-proof for anyone really wanting to figure out who you are.
Different users of one device muddle location, patterns and data being transferred. This is the usefulness.
I'm lucky enough not to live a pretty vanilla life and so do my peers. Please investigate and waste time and resources in tracking down the most boring and uninteresting (on a political and criminal level) persons you could ever snoop on.
Every person you swap hardware with is a chain leading back to you.
It also becomes tricky to convince someone to lend you their phone in my country since ID cards are required to register any SIM cards.
As someone else above said, adding more people makes the rope (your opsec) weaker.
People generally can't be trusted once their self-preservation instinct kicks in. How sure are you the other guy you trusted enough to put them in your opsec isn't going to sing on you when their balls are gently fondled by LE agents.
That's precisely the point. Infiltrate me and a group of other people that have nothing going on, as long as I'm wasting your time I'm doing my part in protecting a tiny bit those who lack freedom.
"...and feeding local law enforcement around the globe the information about you."
Local law enforcement gets almost nothing from them. Providing info on low level offenders greatly decreases the effectiveness of the program, especially if those offenders are being prosecuted in open courts (ie not the secret courts or foreign countries).
The second column is a bit puzzling. The adversaries are listed as advertisers and people randomly googling you, but the suggested mitigation is to... add 2fa? What type of advertisers and/or googlers are breaking into your accounts?
And in the offline world - pay for things in cash. Government is lazy and they love being able to search everything. Sending people to actually investigate things with actual leg work is not ideal. Paying in cash, or doing anything physical (pen and paper, in-person talking) breaks everything.
which is why laws are being made to prevent large cash transfers. I won't say which country i'm referring to, but it sounds like a police state. I'm terrified this will become the new reality. Bitcoin to the rescue? I shudder at the thought.
And live in New York City? Probably the one last city where you at least have a chance at being anonymous. The train station camera coverage is a joke.
Most of this info seems like overkill for most people's purposes, and as mentioned even following all of it won't protect you against the NSA etc.
Maybe it would be good to have an interactive version of the guide with a slider or something, which shows you the most relevant steps to take for your situation?
What I wonder about is the democratization of technology.
Basically, the technology available to the folks with "unlimited global resources" trickles to the left and becomes available to even to those with lesser skills/motivation.
For example, databases and tools formerly available only to governments are widely available. Things like DL data, wifi ap databases, rainbow tables, gps trackers - a web search + a credit card.
The bottom right cell in this chart is directly plagiarized (poorly, the dropped question mark makes the joke less funny) from a great article by James Mickens.
Because people's threat levels are different. There is nothing you can do to escape from the NSA, for example.
But there are things you can do to prevent advertisers, or other adversaries from just getting your data.
And for most people, that's what they're looking for. I can't imagine I'm very interesting to the NSA, for example. But I'm probably very interesting to a large number of corporations and organizations competing for my attention.
The first rule of security is that nothing is 100%. There is always someone who can get you if they have sufficient motivation and resources.
Security is about taking steps to reduce risk, so that its outside of your adversaries budgets to attack you, and taking mitigating steps so that if you do get attacked the damage is limited.
Nothing about this is specific to computers, it applies to all security things, whether that's locking your door or a bank trying to prevent armed roberies.
More complex =/= more secure. Tor, Whonix, Tails, et all have sections in their wikis covering potential tunneling setups and their thoughts on efficacy and rationale behind them.
From the Tor wiki:
> You -> X --> Tor --> X
> No research whether this is technically possible. Remember that this is likely a very poor plan because [#You-Tor-X you -> Tor -> X] is already a really poor plan.
I don't think the author is recommending that, just discussing it...
The guide recommends using a VPN over TOR in "specific cases", for example "when your destination service does not allow Tor Exit nodes", and for "VPN over TOR over VPN" they say it's not recommended because "it is just VPN over Tor but slower".
>This suggests to me the author is giving advice based on paranoia rather than technical knowledge.
I noticed that immediately on the home page. The author suggests installing and running some sort of python package to verify the pdf is harmless. That sort of makes sense, until you realize that installing a random python package and running it is exposing you to far more risk than a opening a pdf ever will.
There are javascripts exploits as well. Do you never enable scripts? If you do enable scripts, do you vet the websites you enable scripts on as thoroughly as you random executables off the internet?
Heh, I remember spending hours in college tweaking Firefox config flags and then checking which websites broke this time. Nowadays I just enable uBlock and call it a day. For ordinary people it's jut not worth it. Cool guide though, I will check it out.
As someone who isn't THIS paranoid, but definitely closer to it than most, I can add a criteria for a reason one would be this paranoid. If you've worked in/with some of the agencies listed, you're not just paranoid but feel totally justified knowing exactly what some old pals can see.
69 comments
[ 2.2 ms ] story [ 135 ms ] threadhttps://anonymousplanet.org/media/image6.jpeg
But one should practically note that this is just a practical warning. The omnipotence of the Mossad and NSA etc is limited too, and their interest in things is also limited.
Basically the attack vector from them is polluting the Tor nodes (so that they control enough of them to understand information), timing attacks on onion services to figure out locations of people accessing the hidden services solely within in Tor, as well as undeclared exploits, and feeding local law enforcement around the globe the information about you.
But 9 out of 10 things you could possibly even do are not things that would have them bother with you, although it is accurate that over time you begin to have a problem if you are really trying to stay both private and anonymous and are doing criminal violations (distinct from civil violations). So just keep rotating keys and move with purpose. Limit your Tor session to implementation and execution and consider using Tor just for casual reading or accessing RDP to actually browse clearnet from someone else's computer.
Nicely explained, and AFAIK, pretty much correct.
Use TOR for menial stuff to create background noise
Regularly trade laptops and phones with like-minded individuals
Assume you've been breached and that the government has full attention to you
Be as paranoid as possible, any step towards lack of freedom for the sake of convenience is unretracheable
providing an obfs4 bridge seems good too
but I really wish there was a docker container for all this, the documentation is all over the place, most of it is just on forums that can only be accessed on Tor and those forums have unreliable uptime, it is really discouraging but it seems like there are some very competent people that are so comfortable doing this that one could just assume they all have this greater level of OPSEC and infrastructure
That puts you into a group of people then. Groups are easier to infiltrate.
In opsec, people are vulnerabilities.
But I like the idea of trading devices with people who have already tied their ID with IMEI, wi-fi networks, ISP IPs etc.
Identity theft? Not really... Just borrowing it for a while.
In your scenario, you’ll never know if the last person increments an ID somewhere or did some other activity that adds compromises the chain.
Not to say there isn't SOME anonymity by paying cash for a burner phone, but it's not even remotely fool-proof for anyone really wanting to figure out who you are.
I'm lucky enough not to live a pretty vanilla life and so do my peers. Please investigate and waste time and resources in tracking down the most boring and uninteresting (on a political and criminal level) persons you could ever snoop on.
It also becomes tricky to convince someone to lend you their phone in my country since ID cards are required to register any SIM cards.
As someone else above said, adding more people makes the rope (your opsec) weaker.
People generally can't be trusted once their self-preservation instinct kicks in. How sure are you the other guy you trusted enough to put them in your opsec isn't going to sing on you when their balls are gently fondled by LE agents.
LE stands for Law Enforcement.
But please do keep imagining things, it's a powerful tool to progress!
Not for myself but for other people in this world who aren't as lucky as myself in terms of freedom.
Local law enforcement gets almost nothing from them. Providing info on low level offenders greatly decreases the effectiveness of the program, especially if those offenders are being prosecuted in open courts (ie not the secret courts or foreign countries).
The second column is a bit puzzling. The adversaries are listed as advertisers and people randomly googling you, but the suggested mitigation is to... add 2fa? What type of advertisers and/or googlers are breaking into your accounts?
You can bet someone is still doing it and more will try it until such time as there are negative consequences for it. Seems that there aren't any now.
Maybe it would be good to have an interactive version of the guide with a slider or something, which shows you the most relevant steps to take for your situation?
Basically, the technology available to the folks with "unlimited global resources" trickles to the left and becomes available to even to those with lesser skills/motivation.
For example, databases and tools formerly available only to governments are widely available. Things like DL data, wifi ap databases, rainbow tables, gps trackers - a web search + a credit card.
https://www.usenix.org/system/files/1401_08-12_mickens.pdf
The site also plagiarized text from some HN comments I've made, so there is a clear pattern here.
> TLDR for the whole guide: “A strange game. The only winning move is not to play”.
What I extrapolate from this comment is that there is no real way to be anonymous online. So what's the point of the guide then?
But there are things you can do to prevent advertisers, or other adversaries from just getting your data.
And for most people, that's what they're looking for. I can't imagine I'm very interesting to the NSA, for example. But I'm probably very interesting to a large number of corporations and organizations competing for my attention.
Security is about taking steps to reduce risk, so that its outside of your adversaries budgets to attack you, and taking mitigating steps so that if you do get attacked the damage is limited.
Nothing about this is specific to computers, it applies to all security things, whether that's locking your door or a bank trying to prevent armed roberies.
This suggests to me the author is giving advice based on paranoia rather than technical knowledge.
It makes sense to me that you would want to hide from your ISP and whatever service you're using that you're using Tor.
From the Tor wiki:
> You -> X --> Tor --> X
> No research whether this is technically possible. Remember that this is likely a very poor plan because [#You-Tor-X you -> Tor -> X] is already a really poor plan.
The guide recommends using a VPN over TOR in "specific cases", for example "when your destination service does not allow Tor Exit nodes", and for "VPN over TOR over VPN" they say it's not recommended because "it is just VPN over Tor but slower".
I noticed that immediately on the home page. The author suggests installing and running some sort of python package to verify the pdf is harmless. That sort of makes sense, until you realize that installing a random python package and running it is exposing you to far more risk than a opening a pdf ever will.
Have you looked into pdf vulnerabilities? I'd say they're about equal
Although, I didn't expect much considering the guide is created by the same people who made privacytools.io. Another hilarious site.
I wouldn't mind if it was posted every month, as I think it's that important (at least from a conceptual point or starting point).
There is healthy level of paranoia, this document is not healthy level.