noobified the hypervisor setup

opsec/hypervisorsetup/index.html

@@ -104,41 +104,6 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-<!--          <h2><b>Host OS Hardening</b></h2> </br> </br>
-<p>Now that we're in our host OS, let's do a few basic things to harden it:</p>
-<pre><code class="nim">
-su -
-apt update ; apt full-upgrade ; apt install --no-install-recommends sudo adduser curl apt-transport-tor tor torsocks
-
-usermod -aG sudo nihilist
-
-[user ~]%:~$ sudo apt update -y ; sudo apt full-upgrade -y 
-	
-</code></pre>
-<p>Next, we make sure that unattended upgrades are activated so that minor package updates are automatically carried out by the system.</p>
-<pre><code class="nim">
-[user ~]%:~$ sudo apt install unattended-upgrades apt-listchanges -y
-[user ~]%:~$ sudo dpkg-reconfigure -plow unattended-upgrades
-	
-</code></pre>
-<img src="9.png" class="imgRz">
-<p>Next, we're going to trim out what we don't need from our Host OS. First and foremost, let's get rid of all the logs (both system and kernel logs) on the system. </p>
-<pre><code class="nim">
-[user ~]%:~$ su -
-root@debian:~# crontab -e # run it as the root user!
-
-* * * * * echo "" > /var/log/*.log /var/log/*/*.log /var/log/*/*/*.log  ; dmesg -c ; dmesg -n 1 ; dmesg -c 
-0 * * * *  apt clean -y ; apt autoremove -y  
-
-#also uncomment the kernel.printk line in /etc/sysctl.conf to avoid the kernel from printing out errors
-
-root@debian:~# vim /etc/sysctl.conf
-
-root@debian:~# cat /etc/sysctl.conf | grep printk
-kernel.printk = 3 4 1 3
-	
-</code></pre>
-<p>Like so we're making sure that logfiles, and that kernel output is minutely cleared</p>-->
           <h2><b>Virtualisation setup</b></h2> </br> </br>
 <p>Next <b>we do not virtualize anything using closed-source software</b> like VMWare Workstation or else. <b>We use QEMU/KVM with virt-manager, which is an open source hypervisor</b>:</p>
 <pre><code class="nim">
@@ -149,15 +114,23 @@ sudo systemctl enable --now libvirtd
 [user ~]%:~# sudo usermod -a -G libvirt user
 [user ~]%:~# sudo usermod -a -G kvm user
 
+</code></pre>
+<p>Next we're going to use vim (which is a terminal-based text editor) to edit the libvirtd config files, that is to make sure that we can create and edit vms without requiring to type the admin password every time. <b>From inside vim you need to press i to enter insert mode (to be able to actually edit the file contents)</b>, then you can edit the mentionned lines to mention the libvirt group and the "user" username, <b>then press ESC to exit insert mode, and then type :wq to save your edits and exit the config files:</b></p>
+<pre><code class="nim">
 [user ~]%:~# sudo vim /etc/libvirt/libvirtd.conf 
-[user ~]%:~# cat /etc/libvirt/libvirtd.conf  | grep sock_group
+
 unix_sock_group = "libvirt"
 unix_sock_rw_perms = "0770"
 
-[user ~]%:~#  cat /etc/libvirt/qemu.conf
+:wq
+
+[user ~]%:~# sudo vim /etc/libvirt/qemu.conf 
+
 group = "libvirt"
 user = "user"
 
+:wq
+
 [user ~]%:~# systemctl restart libvirtd.service
 
 [user ~]%:~# virt-manager
@@ -177,6 +150,7 @@ user = "user"
 	
 [user ~]%:~$ sudo chown nihilist:libvirt -R VMs
 [user ~]%:~$ sudo chown nihilist:libvirt -R ISOs
+
 </code></pre>
 
 <p>Then you can add the file directories in virt-manager like so:</p>

opsec/index.html

@@ -184,7 +184,6 @@
                 <li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/89">🚧</a><a href="torthroughvpn/index.html"> How to use Tor Safely: (Tor + VPN combinations)</a><img src="logos/su0.png" class="logo"><img src="logos/mullvad.png" class="logo"><img src="logos/on0.png" class="logo"><img src="logos/Tor.png" class="logo"></li>
 				<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/169">✅</a><a href="clearnetvsdarknet/index.html"> Why is the Darknet superior to the Clearnet ? </a><img src="logos/Tor.png" class="logo"></li>
 				<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/266">✅</a><a href="darknetexploration/index.html"> How to explore the Darknet? (Visibility and Discoverability) </a><img src="logos/Tor.png" class="logo"></li>
-				<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/267">✅</a><a href="darknetlantern/index.html"> How to run your own Darknet Lantern for Visibility and Discoverability</a><img src="logos/Tor.png" class="logo"><img src="logos/dnlantern.png" class="logo"></li>
 				<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/168">❌ When should I use I2P instead of Tor ? </a><img src="logos/i2p.png" class="logo"></li>
 
                         </ol></br>
@@ -252,6 +251,7 @@
         <li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/104">✅</a><a href="monerop2pool/index.html"> Monero Mining with p2pool (help validate the network)</a><img src="logos/monero.png" class="logo"></li>
 		<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/18">✅</a><a href="haveno-seednode/index.html"> Haveno Seed Node</a><img src="logos/haveno.png" class="logo"></li>
 		<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/19">❌ Haveno DEX Network </a><img src="logos/haveno.png" class="logo"></li>
+		<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/267">✅</a><a href="darknetlantern/index.html"> How to run your own Darknet Lantern for Visibility and Discoverability</a><img src="logos/Tor.png" class="logo"><img src="logos/dnlantern.png" class="logo"></li>
 </ol></br>
   
 <p>🧅 Serverside - Anonymous Hidden Services </p>

opsec/linux/index.html

@@ -177,6 +177,16 @@
 <img src="56.png" class="imgRz">
 <p>And that's it! Bob has managed to get privacy from Microsoft's constant surveillance by replacing Windows with a Linux distribution.</p>
 <img src="2.png" class="imgRz">
+<!--<p><u>Sidenote:</u> to set a password for your user on Kicksecure, you can open up a terminal to do the following command:</p>
+<pre><code class="nim">
+[user ~]% sudo pwchange                  
+What user's password do you want to change? user
+New password: 
+********************
+Retype new password: 
+********************
+
+</pre></code>-->
 
 				</div>
 			</div><!-- /row -->

opsec/sensitivevm/index.html

@@ -469,16 +469,6 @@ xfconf-query -c xfce4-keyboard-shortcuts -n -t 'string' -p '/commands/custom/Con
 				<div class="col-lg-8 col-lg-offset-2">
 
           <h2><b>Emergency Reboot Scenario</b></h2> </br> </br>
-<pre><code class="nim">
--the authorities are busting down your door, you see them coming
--you immediately press the right control key
--the computer immediately wipes all the ram contents and reboots
--as the computer is restarting, all forensic traces relating to the existance of the veracrypt hidden volume have been erased.
-
--the adversary pins you down and handcuffs you
--the adversary opens up the computer, dumps liquid nitrogen on the ramsticks, then takes them out to store them safely and takes out the harddrives (the system drive and the non-system harddrive)
-
-</pre></code>
 <p>As explained higher up in this tutorial, you're going to have to test your emergency reboot procedure a few times to make sure it works but also to get used to it, <b>because when there's going to be a real emergency, you're going to need perform that emergency reboot procedure in a split second.</b></p>
 <p>So let's showcase how to do it. First setup the context, booting from the Host OS in live mode:
 <img src="../livemode/12.png" class="imgRz">