by /u/nihilist1 · 2024-04-20 13:32:00 in /d/OpSec
0 votes · 8 comments
by /u/nihilist1 · 2024-04-13 16:09:00 in /d/OpSec
0 votes · 33 comments
by /u/nihilist1 · 2024-04-07 14:09:00 in /d/OpSec
0 votes · 3 comments
by /u/nihilist1 · 2024-04-09 12:05:00 in /d/CafeDread
0 votes · 5 comments
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments
- /u/nihilist1 📢 P 2nd April, 2024 - 06:15 Care to elaborate what trouble there is exactly ? i could mention that the server should sit behind a pfsense router (open source router to avoid any ISP spying on the local network) as for why running a server at home, i mean who hasn't heard of cloud providers reporting to the authorities that some sensitive service is running on their rented server? I definitely would consider running some sensitive service at home rather than having to trust a cloud provider to keep a service hidden given that they will most likely comply with any request from authorities
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments
- /u/nihilist1 📢 P 1st April, 2024 - 20:41 love yEd, minimalistic software, all that's needed to make simple or complex graphs
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments
- /u/nihilist1 📢 P 2nd April, 2024 - 15:57 >1. At least read Veracrypt documentation before writing guides about how to use Veracrypt. Hidden Volumes are detectable on devices that utilize wear-leveling. yea i forgot to mention that detail, will note in my tutorials to not trust ssds for the same, and prefer HDDs >2. You recommend backing up files with hidden volumes to cloud but changing a few things in the hidden partition before. If the cloud provider secretly keeps versions you will lose all plausible deniability after you upload the container second time. I shoudl've already address this in the tutorial you mentioned, maybe badly formulated it http://blog.nihilhfjmj55gfbleupwl2ub7lvbhq4kkoioatiopahfqwkcnglsawyd.onion/servers/plausiblydeniabledataprotection/index.html "goal is that for each veracrypt hidden volume changes that occur, the content of the decoy partition must also change because otherwise it will reveal the existance of the hidden volume if the remote server keeps the previous versions of each file." meaning the decoy partition must justify the overall volume changes >3. The entire "Shifting from a public to an Anonymous online persona". agreed it's a preety incomplete tutorial i'll have to go back over and update. Why isn't just going through KYC-free services with tor and monero alone to simulate a "i've sold my services to someone else, since that date" enough to justify you no longer own the service ? of course as mentionned in there, idea is to operate the services only from the whonix VMs in the plausibly deniable partition, if you can't prove those VMs exist, then you can't prove that you are still the owner of the services right ? of course i'm assuming in this case that whoever does this is innocent until proven guilty. >4. Hosting public Tor services from home. Be smart and don't host public (and legally questionable) services from your own network. what do you recommend then ? hosting tor services from your friend's house ? trusting a cloud provider to run a sensitive service, (putting himself and his business at risk in the process) and to not snitch ? Of course i know how to acquire a server anonymously and use it anonymously, but i'm also looking at the longevity of the service here. would be interested in hearing what other threat vectors you identified when running an onion service from home.
by /u/nihilist1 · 2024-04-01 15:11:00 in /d/OpSec
0 votes · 22 comments