c0mmando

joined 1 year ago
sorted by: new top controversial old
3
Master Anonymity and Privacy: Essential Guides Compilation (links.hackliberty.org)
 
  • Anonymous Planet - a community contributed online guide to anonymity written for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed, censored, harassed anywhere
  • Privacy Guides - a non-profit, socially motivated website that provides information for protecting your data security and privacy
  • Extreme Privacy 4th Edition - Michael Bazzell has helped hundreds of celebrities, billionaires, and everyday citizens disappear completely from public view.
  • Anonymous Land - a community dedicated to providing anonymity enhancing guides and services
  • Prism Break - opt out of global data surveillance programs like prism, xkeyscore and tempora.
  • The New Oil [Tor] - the beginner’s guide to data privacy & cybersecurity
  • Techlore - a small team educating people about digital rights, privacy, security, digital control, and other important topics to push the world towards a safer internet
  • Qubes OS for Anarchists [Tor] - Qubes OS is a security-oriented operating system (OS), which means it is an operating system designed from the ground up to be more difficult to hack. Given that anarchists are regularly targeted for hacking in repressive investigations, Qubes OS is an excellent choice
  • GrapheneOS for Anarchists - [Tor] - anarchists should not have phones. if you must use a phone, make it as difficult as possible for an adversary to geotrack it, intercept its messages, or hack it. this means using grapheneos
  • Tails for Anarchists [Tor] - tails is an operating system that makes anonymous computer use accessible to everyone. tails is designed to leave no trace of your activity on your computer unless you explicitly configure it to save specific data
  • Tails Opsec for Anarchists [Tor] - additional precautions you can take that are relevant to an anarchist threat model - operational security for tails
  • Make Your Electronics Tamper-Evident [Tor] - if the police ever have physical access to an electronic device like a laptop, even for five minutes, they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. one way to minimize this risk is to make it tamper-evident
  • Encrypted Messaging for Anarchists [Tor] - This article provides an overview and installation instructions for Tails, Qubes OS, and GrapheneOS encrypted messengers
  • Kill the Cop in Your Pocket [Tor] - your phone's location is tracked at all times, and this data is harvested by private companies, allowing police to bypass laws requiring them to obtain a warrant
  • Remove Identifying Metadata From Files [Tor] - metadata is 'data about data' or 'information about information'. in the context of files, this can mean information that is automatically embedded in the file, and this information can be used to deanonymize you
  • Defending against Stylometric attacks [Tor] - stylometric fingerprinting analyzes unique writing style (i.e., it uses stylometry) to identify the author of a work. it’s one of the most common techniques for de-anonymization, used by adversaries ranging from trolls to law enforcement
  • EFF Surveillance Self-Defense: The Basics - surveillance self-defense is a digital security guide that teaches you how to assess your personal risk from online spying. it can help protect you from surveillance by those who might want to find out your secrets, from petty criminals to nation states
  • EFF Surveillance Self-Defense: Tool Guides - step-by-step tutorials to help you install and use handy privacy and security tools
  • Into the Crypt - the art of anti-forensics
  • Advanced Privacy and Anonymity Using VMs, VPN’s, Tor - a series of guides that explains how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation through nested chains of VPNs and Tor
  • How to create anonymous Telegram and Signal accounts without a phone - a guide for using Whonix & Anbox to create anonymous mobile accounts without a phone
  • Security Tips & Devices for Digital Nomads - various tools and gadgets for OpSec, written with a preference for practical usability
  • Telegram Security Best Practices - quick tips that will help you sleep better at night when using Telegram

read more at: https://git.hackliberty.org/hackliberty.org/Hack-Liberty-Resources/

‘A cocktail of ignorance and a big ego’: A Ukrainian war official has slammed Elon Musk after he disrupted a stealth operation by cutting off Starlink in c/[email protected]
[–] [email protected] 2 points 10 months ago

Wow this comment section looks like a Raytheon board meeting.

I just want to say that I'm so happy that people are taking notice of privacy concerns in cars in c/[email protected]
I just want to say that I'm so happy that people are taking notice of privacy concerns in cars in c/[email protected]
[–] [email protected] 1 points 10 months ago

Depending on your vehicle.. It's possible to remove all the Nanny tracking via some DIY hacks or even a call to "opt out"

I has come to my attention that some users have never heard of F-droid. F-droid is a free software app store for android in c/[email protected]
[–] [email protected] -1 points 10 months ago (1 children)

The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.

Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.

If you have a lower threat model, this post isn't for you...

I has come to my attention that some users have never heard of F-droid. F-droid is a free software app store for android in c/[email protected]
[–] [email protected] -1 points 10 months ago

Sure, atleast you admit there's a trade off (security) for (FOSS) and maybe some additional privacy.

People should be made aware of the risks and choose according to their threat models, which is why I've highlighted some of these issues to begin with.

I has come to my attention that some users have never heard of F-droid. F-droid is a free software app store for android in c/[email protected]
[–] [email protected] -1 points 10 months ago (3 children)

Doesn't affect the end user...... beyond diminished security. Are you implying I should trust Fdroid devs as much as I would trust Google devs?

I has come to my attention that some users have never heard of F-droid. F-droid is a free software app store for android in c/[email protected]
[–] [email protected] -1 points 10 months ago* (last edited 10 months ago) (2 children)

Sure, I'll spell it out for you since apparently the point went right over your head. Fdroid devs are a single point of failure by signing every application themselves. This introduces a potential for supply chain attack, not to mention Fdroid running on EOL servers.

When you use an individual dev repo, you can avoid any trojanized apps from Fdroid because the developers maintain their own infrastructure and sign their own apks.

That's called... D I S T R I B U T E D T R U S T

I has come to my attention that some users have never heard of F-droid. F-droid is a free software app store for android in c/[email protected]
[–] [email protected] -1 points 10 months ago (4 children)

Did you even read the article? F-Droid signs all the apps in the main repo..

I has come to my attention that some users have never heard of F-droid. F-droid is a free software app store for android in c/[email protected]
[–] [email protected] -1 points 10 months ago (11 children)

Love F-Droid but be aware of the risks and always try to use a developer repo when possible..

https://privsec.dev/posts/android/f-droid-security-issues/