oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 11:56:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

anonproxy + sensitive vm finish

Browse source
This commit is contained in:
nihilist 2024-11-07 21:16:10 +01:00
parent d8f1c456ac
commit 0e8b0fcc59
23 changed files with 251 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

8
opsec/veracrypt/index.html
View file

@ -119,16 +119,16 @@ regarding wear leveling:
→ veracrypt
</code></pre>
<p>So now that you have veracrypt installed, before you start to use veracrypt, you need to be aware of the lack of deniability you have when using the Host OS in regular mode:</p>
<p>So now that you have veracrypt installed, before you start to use it, you need to be aware of the lack of deniability you have when using the Host OS in regular mode:</p>
<img src="../livemode/3.png" class="imgRz">
<p>By default, your host OS directly writes into the system drive all sorts of potential forensic evidence that an adversary may use against you, such as system logs, kernel logs, non-standard logs, etc, and unless if you manually remove each of those manually, you're never sure of wether or not Host OS saved proof of the existence of the hidden volume onto the system drive. <b>That's why you need to use the Host OS in <a href="../livemode/index.html">live mode</a>, to be able to use veracrypt.</b></p>
<p>By default, your host OS directly writes into the system drive all sorts of potential forensic evidence that an adversary may use against you, such as system logs, kernel logs, non-standard logs, etc, and unless if you remove each of those manually, you're never sure of wether or not the Host OS saved proof of the existence of the hidden volume onto the system drive. <b>That's why you need to use the Host OS in <a href="../livemode/index.html">live mode</a>, to be able to use veracrypt.</b></p>
<img src="../livemode/4.png" class="imgRz">
<p>That way, as you're loading the entire host OS in the RAM due to being in live mode, you are not writing anything on the system drive anymore, <b>but rather only writing all that potential forensic evidence of the veracrypt hidden volume <u>in RAM alone</u>, which can be easily erased with a simple shutdown</b>.</p>
<p>So now that we have installed veracrypt, let's reboot the Host OS into live mode:</p>
<img src="../livemode/2.png" class="imgRz">
<img src="../deniability/7.png" class="imgRz">
<p><b>And only now once we are in live mode, we can use veracrypt to create drives.</b> But be aware that everything you write into the system drive will be wiped upon shutting down, <b>if you want to store something persistent accross reboots from live mode, you need to save it in a non-system drive.</b></p>
<p><b>And only now once we are in live mode, we can use veracrypt to create hidden encrypted volumes and unlock them.</b> But be aware that everything you write into the system drive will be wiped upon shutting down, <b>if you want to store something persistent accross reboots from live mode, you need to save it in a non-system drive.</b></p>
<p> So now from there we can create the encrypted volumes (either as files or as entire drives). In this example we'll create an encrypted file: </p>
<img src="2.png" class="imgRz">
<p>Here we select that we want a Hidden veracrypt volume as well (which will be able to deny it's existence).</p>