oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 06:46:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

new sections

Browse source
This commit is contained in:
zl 2025-03-16 07:28:47 -07:00
parent 3bebb97734
commit 42a088dcf2
6 changed files with 115 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
opsec/anonymityexplained/10.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 146 KiB

BIN
opsec/anonymityexplained/11.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 86 KiB

BIN
opsec/anonymityexplained/12.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 108 KiB

BIN
opsec/anonymityexplained/8.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 84 KiB

BIN
opsec/anonymityexplained/9.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 178 KiB

117
opsec/anonymityexplained/index.html
View file

@ -60,7 +60,7 @@
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-06-29</ba></p>
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc, zl - 2025-03-15</ba></p>
<h1>What is Anonymity ? Why is it Important ? </h1>
</div>
@ -116,10 +116,120 @@
<p>If you look closer at the image the "Certificate of authenticity" says that <b>it is the 41st plushie amongst the 100 that exist</b>. Therefore if the adversary is the plushie seller, <b>your anonymity odds have been reduced 1 out of 1 as he knows to whom he sent the 41st plushie.</b> Meaning that you just deanonymized yourself for that particular adversary. </p>
<p>You get the idea, if you want to remain Anonymous, you need to always ask yourself <b>"how many people could send that?"</b>, <u>if you were to send that picture i sent above, you'd realize that this is a bad idea</u>. The same concept applies as if you were to say what is your real IRL name, your phone number, your home address, your home public IP address, etc. <b>Do not give bullets to an adversary, as he will use everything you give him to shoot you.</b></p>
<p>The least info you send about yourself, what you like, what you dislike, where you live, where you work, what's your past, the better, as otherwise it will be exponentially easier for an adversary to narrow down the possibilities of who you could be, amongst a given group of people.</p>
<p> A question arises, how can we quantify how anonymous we are? When there are adversaries after you and important things to protect, this is a very important issue to consider because, <b> if you cant measure anonymity or the weight of your decisions, how can you tell when you make large mistakes or can improve?</b> </P>
<p> We are going to use simple <b>Information Theory</b> for this, a field that deals with everything related to information and gives us a framework. By using “bits” to quantify information, we will have a way to calculate impact. </p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Anonymity and Information</h2></b>
<p>
In Information Theory, a “bit” is defined as <b> any information that reduces the space of possibilities by a factor of 2.</b>
This definition may seem weird so an example helps display it clearly.
</p>
<p>
Imagine I am a detective and I know one out of 16 suspects is the culprit. Assume there are 8 men and 8 women.
</p>
<p>
Now, checking security cameras, I learn it was 100% a male by the figure size. With this piece of information, I can rule out the 8 women as suspects, leaving me with only 8 remaining suspects (the men).
</p>
<p>
With that information, my suspects went from 16 —&gt; 8, <b> it halved.</b> Therefore, the information that the culprit was male is <b> 1 bit. </b>
</p>
<div style="text-align: center; margin: 1px;"><img src="8.png" class="imgRz style="width:60%"></div>
<p>
This is a powerful concept since it allows us to <b>quantify the value and impact of any information and combine them.</b></p>
</p>
<p>
Lets make this clearer: <br><br>
You can be fully deanonymized with just ~33 bits of information since log<sub>2</sub>(8 billion) ≈ 33.
If you half a group of 8 billion things 33 times, you will always be left with 1 singular item, which in this case would be your real identity.
</p>
<p>
So in a game of anonymity, <b> your goal is to minimize the amount of bits you leak and your adversarys goal is to get as many bits as possible until they can brute force your true identity. </b>
</p>
<p>
<p>(Note that it is impossible to leak 0 bits of information. This will be shown later, but you will always be interacting: your computer will be connected to a network which uses TCP/IP for packet routing which travels through underground cables, and so on, so information transfer will occur.) </p>
<p><h3>Adversaries</h3></p>
<p>Before we can get into specifics of our framework, we have to understand adversaries. They are <b>entities (individuals, companies, states) who are trying to deanonymize you.</b></p>
<p>Our threat model and approach depends on the resources of the adversary. </p>
<p>If your home (ISP) IP address is leaked, some guy on the internet may know what city you live in based on IP geolocation. Thats roughly, assuming a city population of 30,000,
log<sub>2</sub>(8 billion/30000) ≈ 21.2 bits of information. A lot, yes, but as a regular person, it will be mostly infeasible to search the city for your identity, unless he had more information.
</p>
<p>However, lets say your adversary is a Nation State. They will simply subpoena the ISP who owns the IP address, obtaining your name, address, and payment details, all 33 bits collected. <b> When dealing with more resourceful adversaries, they are able to extract more with what they learn.</b></p>
<div style="text-align: center; margin: 1px;"><img src="9.png" class="imgRz style="width:60%"></div>
<p><br>As displayed in the diagram, strong adversaries have more opportunity and gain with the same information. </p>
<p>Motives also vary between adversaries. Google, who let's say has been watching your search history and browser info, learns that you are in New York City, in your 20s, male, skii, and love cats. There will be very few people who meet this whole criteria, but Google obtains this information for advertisement targeting. </p>
<p><h3>Information Leakage</h3></p>
<p>Now that we understand information, let's briefly look at how we leak information and how identifiable it is.</p>
<p><u>Activity Schedules:</u>
Over a long enough time period, any form of activity such as forum posts, account logins, tweets, and git commit will fall into a specific time zone. Depending on your location this can leak <b> roughly ~6-6.5 bits of information. </b><br>
<u>Network/Browser:</u>
You will still be connecting to the internet and several parties (ISP, VPN, Website) get various fingerprintable info. This can leak <b> anywhere from ~2-10+ bits of information. </b><br>
<u>Words:</u>
Your speech topics and patterns can provide insight into your age, interests, race, and professsion, leaking <b> anywhere from ~2-20+ bits of information. </b></p>
<p>Without going into detail, your physical attibutes, username, gait, and many other things leak information. However, the true power that the adversary has is <b> the combination of information.</b> They collect as many bits as possible since they can be <b>added together,</b> as mentioned previously.</p>
<p>Think of your adversary drawing circles to encompass each piece of information they have. Even from huge sample sizes, just ~16 bits narrows you down to a few thousand people extremely fast and when the adversary is a state, they can likely bruteforce to figure out the last few bits in that group.</p>
<div style="text-align: center; margin: 1px;"><img src="10.png" class="imgRz" style="width:40%"></div>
<p><br></br>As showcased before with the plushie, OPSEC failures often occur with drastic leakage of bits. Most information, even if not identifiable and simple, is highly usable and a single leak of something that contains 10+ bits of information could be enough. A few examples:</p>
<p>
- Mentioning that you were close to an real world event, narrowing you to a part of a country. (8+ bits) <br>
- Giving clues to your ethnicity/languages AND real world location. (12+ bits) <br>
- Logging into a personal account at the same time as an anonymous forum account with the same IP. (20+ bits).
</p>
<p><b>Seemingly mundane information transfer is highly compromising when put together.</b></p>
<p>So if we are constantly leaking information, what can we do? </p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>Anonymity in Practice </b></h2>
<p><br>There are two ways to maintain anonymity with bit leakage in mind: <b>Being in opaque, identical groups and misdirection.</b></p>
<p><h3>Identical Groups</h3></p>
<p>One of the core ideas of anonymity, as mentioned earlier, is that everyone should appear the exact same. But why?</p>
<p>We can see that the thing that makes bit leakage very dangerous is the combination of them. If an adversary figures out three details about you, even if they are found independently and are vague, when put together, the group size becomes incredibly small. Now, can we stop them from combining the information? </p>
<p>This is where the idea of being in <b>identical groups</b> comes in. </p>
<p>For an adversary to reliably combine informational bits, the groups (circles in the diagram) have to be transparent. For example, if an adversary knows that you are male and in Germany, then they can put those together without problem since [Male in Germany] is <b>distinct.</b></p>
<p>Now let's say instead your adversary knows you use <a href="http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/torvsvpns/index.html">TOR</a> and live in Germany. Independently, these are ~12 bits and ~6.6 bits of information. But there's an issue for the adversary. The group of TOR users is opaque, <b>every single one looks the same.</b> You cannot distinguish a German TOR user from a TOR user, <b>therefore these two pieces of information cannot be combined.</b></p>
<p>Let's look at this in our previous circle view:</p>
<div style="display: flex; justify-content: center;">
<div><img src="11.png" class="imgRz" style="height: 800px; margin-right: 20px;"></div>
<div><img src="12.png" class="imgRz" style="height: 800px; margin-left: 20px;"></div>
</div>
<p><br>In the left image, although there are 4 groups, everyone person inside of a group looks the same. Overlapping regions can't be seen or analyzed and information can't be combined. <b> The only thing an adversary can know is that you are somewhere in each of the circles independently. </b></p>
<p>However, in the right image, the groups are transparent and people are distinct. You can see the people in each overlapping and, with the combined information that you are part of all four groups, they can easily deanonymize you in the very small overlapping. </p>
<p>So, by using tools (<a href="http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/torvsvpns/index.html">TOR</a> , <a href="http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/torvsvpns/index.html">XMR</a>, etc) where every user is identical and non-identifiable, we are not only minimizing bit leakage but also <b> making most leaked bits unusable</b>, significantly decreasing deanonymization risk.</p>
<p>It's recommended to be of roughly aware of how many bits you have leaked in an anonymous persona in order to maintain anonymity. We can take advantage of bit leakage by providing <b> false information which may mislead an adversary.</b></p>
<p> To change things like speech, you can use <a href="http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/stylometry/index.html">local LLMs</a> and perhaps give fake data about location, skillset, and other idenifiable information. If an adversary combines the incorrect bits with real information, they may be looking for you in a completely wrong group/area. </p>
<p> <b>Awareness</b> is crucial: <b> knowing what your adversary might know, actively minimizing bit leakage, and staying in identical, non-identifiable groups</b> are all important. </p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon1">
<div class="container">
@ -228,7 +338,10 @@ All of it because the government intends to destroy Bob's right to remain Anonym
<div class="col-lg-4">
<h4>About nihilist</h4>
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
<h4>About zl</h4>
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 83geT3KQZGthZ99r1z72t58TFztdDHGHjgnCB3jvniV8FC1bcYf6HriDnSpnt2SZXzcBByNCcjRHiPmtNu5G8CuNG9mfDyY<br></p>
</div><!-- /col-lg-4 -->
</div>