by /u/nihilist1 · 2024-04-20 13:32:00 in /d/OpSec
0 votes · 8 comments
by /u/nihilist1 · 2024-04-13 16:09:00 in /d/OpSec
0 votes · 33 comments
by /u/nihilist1 · 2024-04-07 14:09:00 in /d/OpSec
0 votes · 3 comments
by /u/nihilist1 · 2024-04-09 12:05:00 in /d/CafeDread
0 votes · 5 comments
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments
- /u/nihilist1 📢 P 13th April, 2024 - 16:46 great news, and thanks for the input :)
by /u/nihilist1 · 2024-04-13 16:09:00 in /d/OpSec
0 votes · 33 comments
- /u/nihilist1 📢 P 9th April, 2024 - 11:28 so you suggest running sensitive services on a cloud provider that doesn't know about it first-hand ? Not sure what's your suggestion there, because cloud providers definitely have much more checks in place to detect .onion hidden services since they have full visibility on what's happening inside of all VPSes and Dedicated servers. Whereas at home the only threat I see is the router provided by the ISP that may spy on your local traffic, but as mentionned in my tutorial, this should be taken care of. So mind explaining what are the exact threat vectors ? > Switching off the cable internet and jammer is enough yea that will be mentionned in my next tutorial on how to scale out operations with endgame, one backend server per location, to ward off the scenario where your backend server is completely cut off from the network or powered off. > in some cases you discover it just by monitoring the network. How so ? you found a way to drecrypt tor traffic ? Seriously though i think this problem is taken care of if you put your service behind a pfsense router to avoid the ISP spying on it from the ISP router. I could probably mention to put a local tor bridge between the service and the pfsense router aswell, but not sure if this would change anything. would be glad to know what you're talking about exactly.
by /u/nihilist1 · 2024-04-07 14:09:00 in /d/OpSec
0 votes · 3 comments
- /u/nihilist1 📢 P 1st April, 2024 - 17:08 should be fine actually, maybe try with a new torbrowser identity/circuit ?
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments
- /u/nihilist1 📢 P 2nd April, 2024 - 16:01 >If you're running the onion from real estate tied to your identity or your associates' identities, you've already lost. what do you recommend in that case ? (same question for /u/LondonKnives) >For unattended systems, it's worth drilling/filling any ports and installing circuitry that destroys all memory/storage devices if something is plugged in. interesting idea, but sounds very complex to me, unless if you know of a simple way of implementing it
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments
- /u/nihilist1 📢 P 2nd April, 2024 - 06:12 >I would not use email, if you wanted any sort of real time notifications your email client would have to be online permanently and email has some opsec risks. should be online 24/7 if you use a remote mail server, care to elaborate what opsec risks are there exactly ? let's assume you use either of that smtp mailserver setup (as mentionned in the tutorial) : http://blog.nihilhfjmj55gfbleupwl2ub7lvbhq4kkoioatiopahfqwkcnglsawyd.onion/servers/mailprivate/index.html >Also, the emergency shutdown, data should be wiped not just volume deletes. the whole point is that it's only closing the veracrypt hidden volume, since at rest without having it opened, it should be impossible to prove that there is a hidden volume. Feel free to correct me if i'm wrong though, but so far i didn't find any articles detailing that it's possible to prove the existance of a veracrypt hidden volume > You may be reasonably safe with the encrypted volumes I do not know. Plus ssd drives, deleted data is still there but just marked as deleted? Use old fashioned wipeable hard disk drives though they take forever to wipe. True i should mention in the tutorial that HDDs are to be preferred, however again, i don't see the point of deleting any data if it's still impossible to prove the existance of a hidden VC volume at rest >I do feel a bit uncomfortable replying to this seeing a hostname Wonderland in the tutorial terminal. i don't see an issue, but i can change the hostname to something else if you want :)
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments