oxeo0/blog-contributions
1
0
Fork 0
mirror of http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions.git synced 2025-07-02 06:46:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

official darknetlantern release + fix moneroinheritance

Browse source
This commit is contained in:
nihilist 2025-02-01 19:13:46 +01:00
parent 6ba40402a3
commit 81f72c07e8
57 changed files with 791 additions and 88 deletions
Download patch file Download diff file Expand all files Collapse all files

200
graphs/.$lantern.drawio.bkp Normal file
View file

@ -0,0 +1,200 @@
<mxfile host="Electron" agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/25.0.2 Chrome/128.0.6613.186 Electron/32.2.5 Safari/537.36" version="25.0.2">
<diagram name="Page-1" id="AROqC8fMQaNWye3_sZ_R">
<mxGraphModel dx="2611" dy="961" grid="0" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="0" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="LnSmRKnKzvJv8pziYg2E-1" value="Darknet Lantern&lt;div&gt;Project Architecture&lt;/div&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;" vertex="1" parent="1">
<mxGeometry x="-789" y="430" width="120" height="44" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-2" value="nginx web server&lt;br&gt;(listening&amp;nbsp;for lantern.nowherejez...onion &lt;br&gt;requests on 127.0.0.1:4443)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-643" y="356" width="219" height="45" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-3" value="www" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-565" y="439" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-4" value="Tor hidden service&lt;br&gt;lantern.nowherejez...onion:80&lt;br&gt;127.0.0.1:4443" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#6a00ff;fontColor=#ffffff;strokeColor=#3700CC;" vertex="1" parent="1">
<mxGeometry x="-625" y="306" width="183" height="44" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-5" value="Tor" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#6a00ff;fontColor=#ffffff;strokeColor=#3700CC;" vertex="1" parent="1">
<mxGeometry x="-562.5" y="275" width="58" height="24" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-6" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.502;entryY=-0.025;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-2" target="LnSmRKnKzvJv8pziYg2E-3">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-8" value="index.php" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-442" y="439" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-9" value="?query=yoursearchquery" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-372" y="439" width="137" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-10" value="&amp;amp;sensitive=1" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-232" y="439" width="77" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-11" value="static.php" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-442" y="471" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-12" value="participants/" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-442" y="505" width="71" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-13" value="lantern.nowherejez...onion" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-321" y="505" width="147" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-14" value="lantern.nowhevi57f...onion" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-321" y="536" width="147" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-15" value="verified.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="505" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-16" value="unverified.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="536" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-17" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.004;entryY=0.502;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-15">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-18" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.006;entryY=0.472;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-16">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-19" value="sensitive.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="598" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-20" value="blacklist.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="629" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-21" value="webring-participants.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="567" width="139" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-22" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.007;entryY=0.469;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-21">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-23" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.009;entryY=0.535;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-19">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-24" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.006;entryY=0.444;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-20">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-25" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.035;entryY=0.508;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-3" target="LnSmRKnKzvJv8pziYg2E-8">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-26" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.457;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-3" target="LnSmRKnKzvJv8pziYg2E-11">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-27" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.015;entryY=0.425;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-3" target="LnSmRKnKzvJv8pziYg2E-12">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="-472" y="452" />
<mxPoint x="-472" y="516" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-28" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.001;entryY=0.509;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-12" target="LnSmRKnKzvJv8pziYg2E-13">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-30" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.003;entryY=0.528;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-12" target="LnSmRKnKzvJv8pziYg2E-14">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-31" value="&lt;div&gt;&lt;b&gt;&lt;u&gt;lantern.py&lt;/u&gt;&lt;br&gt;&lt;/b&gt;&lt;/div&gt;&lt;div&gt;&lt;b&gt;&amp;nbsp;&lt;/b&gt;1) Add a new Website entry (into unverified.csv)&lt;/div&gt;&lt;div&gt;&amp;nbsp;2) Trust a Website entry (move an entry from unverified to verified.csv)&lt;/div&gt;&lt;div&gt;&amp;nbsp;3) Untrust a Website entry (move an entry from unverified to verified.csv)&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;&amp;nbsp;4) Synchronize new links from existing webring participants, into your unverified.csv file&lt;/div&gt;&lt;div&gt;&amp;nbsp;5) Add a new webring participant (and download their files into their directory (without trusting them yet!))&lt;/div&gt;&lt;div&gt;&amp;nbsp;6) Trust/UnTrust/Blacklist a webring participant (Potentially dangerous)&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;&amp;nbsp;7) Add/Remove Words/URLs in the sensitive list (ex: drug)&lt;/div&gt;&lt;div&gt;&amp;nbsp;8) Add/Remove Words/URLs or links in the blacklist (ex: porn)&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;&amp;nbsp;9) Remove the duplicate URLs for your own instance&lt;/div&gt;&lt;div&gt;&amp;nbsp;10) Perform sanity checks on all csv files for all instances &lt;br&gt;(to mark them as sensitive / or remove the ones that are blacklisted)&lt;/div&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=left;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;" vertex="1" parent="1">
<mxGeometry x="-462" y="753" width="618" height="217" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-33" value="&lt;b&gt;&lt;u&gt;uptimechecker.py&lt;/u&gt;&lt;/b&gt;&lt;br&gt;(used to check the listed websites&#39;&lt;br&gt;uptime, by going through Tor)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=left;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;" vertex="1" parent="1">
<mxGeometry x="-462" y="694" width="197" height="48" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-36" value="scripts" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;" vertex="1" parent="1">
<mxGeometry x="-565" y="690" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-40" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.001;entryY=0.038;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-36" target="LnSmRKnKzvJv8pziYg2E-31">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-41" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.002;entryY=0.188;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-36" target="LnSmRKnKzvJv8pziYg2E-33">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-42" value="&lt;pre&gt;Instance,Category,Name,URL,Sensitive,Description,Status,Score&lt;br/&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="505" width="462" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-43" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.022;entryY=0.515;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-1" target="LnSmRKnKzvJv8pziYg2E-3">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-44" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.445;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-1" target="LnSmRKnKzvJv8pziYg2E-36">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-46" value="templates" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;" vertex="1" parent="1">
<mxGeometry x="-565" y="647" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-47" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.009;entryY=0.533;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-1" target="LnSmRKnKzvJv8pziYg2E-46">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-48" value="&lt;pre&gt;Instance,Category,Name,URL,Sensitive,Description,Status,Score&lt;br/&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="536" width="462" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-49" value="&lt;pre&gt;Name,URL,Description,Trusted,Status,Score&lt;br/&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="24" y="567" width="325" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-50" value="&lt;pre&gt;sensitive-words&lt;br&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="598" width="118" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-51" value="&lt;pre&gt;blacklisted-words&lt;br&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="629" width="135" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-52" value="banner.png" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#f0a30a;fontColor=#000000;strokeColor=#BD7000;" vertex="1" parent="1">
<mxGeometry x="-125" y="662" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-53" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.007;entryY=0.492;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-52">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-54" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.016;entryY=0.477;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-46" target="LnSmRKnKzvJv8pziYg2E-52">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="-149" y="660" />
<mxPoint x="-149" y="674" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-55" value="&lt;pre&gt;png, 240x60&lt;br&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#f0a30a;fontColor=#000000;strokeColor=#BD7000;" vertex="1" parent="1">
<mxGeometry x="-31" y="662" width="105" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-56" value="&lt;b&gt;~/.darknet_participant_url&lt;/b&gt;&lt;br&gt;(contains your instance&#39;s url)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;fontStyle=0" vertex="1" parent="1">
<mxGeometry x="-230.5" y="990" width="155" height="41" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-58" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.498;entryY=-0.022;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-31" target="LnSmRKnKzvJv8pziYg2E-56">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-59" value="via the local Tor daemon&lt;br&gt;(127.0.0.1:9050)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#6a00ff;fontColor=#ffffff;strokeColor=#3700CC;" vertex="1" parent="1">
<mxGeometry x="-230.5" y="698" width="137" height="40" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-61" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.002;entryY=0.511;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-33" target="LnSmRKnKzvJv8pziYg2E-59">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-62" value="destination .onion websites&lt;br&gt;and clearnet websites" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#647687;fontColor=#ffffff;strokeColor=#314354;" vertex="1" parent="1">
<mxGeometry x="-61" y="698" width="169" height="40" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-63" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.001;entryY=0.5;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-59" target="LnSmRKnKzvJv8pziYg2E-62">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-64" value="Default main webpage that lists:&lt;br&gt;-verified links categories&lt;br&gt;-both verified and unverified links (with searchbar)&lt;br&gt;-optional sensitive search&amp;nbsp; to list the drug-related websites&lt;br&gt;-webring participants&lt;br&gt;(while filtering any potential malicious php inputs)" style="text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="-372" y="341" width="326" height="98" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-65" value="(your instance and every&lt;br&gt;other webring participant&lt;br&gt;has their own folder in here)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="-331" y="558" width="167" height="55" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-66" value="(every webring participant that this participant knows of)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="349" y="567" width="314" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-67" value="(keywords that automatically flags a link as sensitive (ex: drugs))" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="84" y="598" width="360" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-68" value="(keywords that automatically removes links (ex: porn))" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="102" y="629" width="305" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-69" value="(every link that got verified by the webring participant)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="44" y="477" width="302" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-70" value="(every link that the participant didnt verify yet)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="428" y="536" width="259" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-71" value="same as above without the search feature (all links displayed at once)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="-382" y="471" width="388" height="26" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

200
graphs/lantern.drawio Normal file
View file

@ -0,0 +1,200 @@
<mxfile host="Electron" agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) draw.io/25.0.2 Chrome/128.0.6613.186 Electron/32.2.5 Safari/537.36" version="25.0.2">
<diagram name="Page-1" id="AROqC8fMQaNWye3_sZ_R">
<mxGraphModel dx="2611" dy="961" grid="0" gridSize="10" guides="1" tooltips="1" connect="1" arrows="1" fold="1" page="0" pageScale="1" pageWidth="850" pageHeight="1100" math="0" shadow="0">
<root>
<mxCell id="0" />
<mxCell id="1" parent="0" />
<mxCell id="LnSmRKnKzvJv8pziYg2E-1" value="Darknet Lantern&lt;div&gt;Project Architecture&lt;/div&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;" vertex="1" parent="1">
<mxGeometry x="-789" y="430" width="120" height="44" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-2" value="nginx web server&lt;br&gt;(listening&amp;nbsp;for lantern.nowherejez...onion &lt;br&gt;requests on 127.0.0.1:4443)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-643" y="356" width="219" height="45" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-3" value="www" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-565" y="439" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-4" value="Tor hidden service&lt;br&gt;lantern.nowherejez...onion:80&lt;br&gt;127.0.0.1:4443" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#6a00ff;fontColor=#ffffff;strokeColor=#3700CC;" vertex="1" parent="1">
<mxGeometry x="-625" y="306" width="183" height="44" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-5" value="Tor" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#6a00ff;fontColor=#ffffff;strokeColor=#3700CC;" vertex="1" parent="1">
<mxGeometry x="-562.5" y="275" width="58" height="24" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-6" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.502;entryY=-0.025;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-2" target="LnSmRKnKzvJv8pziYg2E-3">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-8" value="index.php" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-442" y="439" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-9" value="?query=yoursearchquery" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-372" y="439" width="137" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-10" value="&amp;amp;sensitive=1" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-232" y="439" width="77" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-11" value="static.php" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#0050ef;fontColor=#ffffff;strokeColor=#001DBC;" vertex="1" parent="1">
<mxGeometry x="-442" y="471" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-12" value="participants/" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-442" y="505" width="71" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-13" value="lantern.nowherejez...onion" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-321" y="505" width="147" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-14" value="lantern.nowhevi57f...onion" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#008a00;fontColor=#ffffff;strokeColor=#005700;" vertex="1" parent="1">
<mxGeometry x="-321" y="536" width="147" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-15" value="verified.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="505" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-16" value="unverified.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="536" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-17" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.004;entryY=0.502;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-15">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-18" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.006;entryY=0.472;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-16">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-19" value="sensitive.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="598" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-20" value="blacklist.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="629" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-21" value="webring-participants.csv" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#d80073;fontColor=#ffffff;strokeColor=#A50040;" vertex="1" parent="1">
<mxGeometry x="-125" y="567" width="139" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-22" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.007;entryY=0.469;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-21">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-23" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.009;entryY=0.535;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-19">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-24" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.006;entryY=0.444;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-20">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-25" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.035;entryY=0.508;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-3" target="LnSmRKnKzvJv8pziYg2E-8">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-26" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.457;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-3" target="LnSmRKnKzvJv8pziYg2E-11">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-27" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.015;entryY=0.425;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-3" target="LnSmRKnKzvJv8pziYg2E-12">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="-472" y="452" />
<mxPoint x="-472" y="516" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-28" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.001;entryY=0.509;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-12" target="LnSmRKnKzvJv8pziYg2E-13">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-30" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.003;entryY=0.528;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-12" target="LnSmRKnKzvJv8pziYg2E-14">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-31" value="&lt;div&gt;&lt;b&gt;&lt;u&gt;lantern.py&lt;/u&gt;&lt;br&gt;&lt;/b&gt;&lt;/div&gt;&lt;div&gt;&lt;b&gt;&amp;nbsp;&lt;/b&gt;1) Add a new Website entry (into unverified.csv)&lt;/div&gt;&lt;div&gt;&amp;nbsp;2) Trust a Website entry (move an entry from unverified to verified.csv)&lt;/div&gt;&lt;div&gt;&amp;nbsp;3) Untrust a Website entry (move an entry from unverified to verified.csv)&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;&amp;nbsp;4) Synchronize new links from existing webring participants, into your unverified.csv file&lt;/div&gt;&lt;div&gt;&amp;nbsp;5) Add a new webring participant (and download their files into their directory (without trusting them yet!))&lt;/div&gt;&lt;div&gt;&amp;nbsp;6) Trust/UnTrust/Blacklist a webring participant (Potentially dangerous)&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;&amp;nbsp;7) Add/Remove Words/URLs in the sensitive list (ex: drug)&lt;/div&gt;&lt;div&gt;&amp;nbsp;8) Add/Remove Words/URLs or links in the blacklist (ex: porn)&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;&amp;nbsp;9) Remove the duplicate URLs for your own instance&lt;/div&gt;&lt;div&gt;&amp;nbsp;10) Perform sanity checks on all csv files for all instances &lt;br&gt;(to mark them as sensitive / or remove the ones that are blacklisted)&lt;/div&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=left;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;" vertex="1" parent="1">
<mxGeometry x="-462" y="753" width="618" height="217" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-33" value="&lt;b&gt;&lt;u&gt;uptimechecker.py&lt;/u&gt;&lt;/b&gt;&lt;br&gt;(used to check the listed websites&#39;&lt;br&gt;uptime, by going through Tor)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=left;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;" vertex="1" parent="1">
<mxGeometry x="-462" y="694" width="197" height="48" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-36" value="scripts" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;" vertex="1" parent="1">
<mxGeometry x="-565" y="690" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-40" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.001;entryY=0.038;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-36" target="LnSmRKnKzvJv8pziYg2E-31">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-41" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.002;entryY=0.188;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-36" target="LnSmRKnKzvJv8pziYg2E-33">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-42" value="&lt;pre&gt;Instance,Category,Name,URL,Sensitive,Description,Status,Score&lt;br/&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="505" width="462" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-43" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.022;entryY=0.515;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-1" target="LnSmRKnKzvJv8pziYg2E-3">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-44" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0;entryY=0.445;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-1" target="LnSmRKnKzvJv8pziYg2E-36">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-46" value="templates" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;" vertex="1" parent="1">
<mxGeometry x="-565" y="647" width="63" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-47" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.009;entryY=0.533;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-1" target="LnSmRKnKzvJv8pziYg2E-46">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-48" value="&lt;pre&gt;Instance,Category,Name,URL,Sensitive,Description,Status,Score&lt;br/&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="536" width="462" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-49" value="&lt;pre&gt;Name,URL,Description,Trusted,Status,Score&lt;br/&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="24" y="567" width="325" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-50" value="&lt;pre&gt;sensitive-words&lt;br&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="598" width="118" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-51" value="&lt;pre&gt;blacklisted-words&lt;br&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#a20025;fontColor=#ffffff;strokeColor=#6F0000;" vertex="1" parent="1">
<mxGeometry x="-31" y="629" width="135" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-52" value="banner.png" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#f0a30a;fontColor=#000000;strokeColor=#BD7000;" vertex="1" parent="1">
<mxGeometry x="-125" y="662" width="87" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-53" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.007;entryY=0.492;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-13" target="LnSmRKnKzvJv8pziYg2E-52">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-54" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.016;entryY=0.477;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-46" target="LnSmRKnKzvJv8pziYg2E-52">
<mxGeometry relative="1" as="geometry">
<Array as="points">
<mxPoint x="-149" y="660" />
<mxPoint x="-149" y="674" />
</Array>
</mxGeometry>
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-55" value="&lt;pre&gt;png, 240x60&lt;br&gt;&lt;/pre&gt;" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#f0a30a;fontColor=#000000;strokeColor=#BD7000;" vertex="1" parent="1">
<mxGeometry x="-31" y="662" width="105" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-56" value="&lt;b&gt;~/.darknet_participant_url&lt;/b&gt;&lt;br&gt;(contains your instance&#39;s url)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#fa6800;fontColor=#000000;strokeColor=#C73500;fontStyle=0" vertex="1" parent="1">
<mxGeometry x="-230.5" y="990" width="155" height="41" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-58" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.498;entryY=-0.022;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-31" target="LnSmRKnKzvJv8pziYg2E-56">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-59" value="via the local Tor daemon&lt;br&gt;(127.0.0.1:9050)" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#6a00ff;fontColor=#ffffff;strokeColor=#3700CC;" vertex="1" parent="1">
<mxGeometry x="-230.5" y="698" width="137" height="40" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-61" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=-0.002;entryY=0.511;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-33" target="LnSmRKnKzvJv8pziYg2E-59">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-62" value="destination .onion websites&lt;br&gt;and clearnet websites" style="verticalLabelPosition=middle;verticalAlign=middle;html=1;shape=mxgraph.basic.rect;fillColor2=none;strokeWidth=1;size=20;indent=5;labelPosition=center;align=center;fillColor=#647687;fontColor=#ffffff;strokeColor=#314354;" vertex="1" parent="1">
<mxGeometry x="-61" y="698" width="169" height="40" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-63" style="edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;entryX=0.001;entryY=0.5;entryDx=0;entryDy=0;entryPerimeter=0;" edge="1" parent="1" source="LnSmRKnKzvJv8pziYg2E-59" target="LnSmRKnKzvJv8pziYg2E-62">
<mxGeometry relative="1" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-64" value="Default main webpage that lists:&lt;br&gt;-verified links categories&lt;br&gt;-both verified and unverified links (with searchbar)&lt;br&gt;-optional sensitive search&amp;nbsp; to list the drug-related websites&lt;br&gt;-webring participants&lt;br&gt;(while filtering any potential malicious php inputs)" style="text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="-372" y="341" width="326" height="98" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-65" value="(your instance and every&lt;br&gt;other webring participant&lt;br&gt;has their own folder in here)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="-331" y="558" width="167" height="55" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-66" value="(every webring participant that this participant knows of)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="349" y="567" width="314" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-67" value="(keywords that automatically flags a link as sensitive (ex: drugs))" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="84" y="598" width="360" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-68" value="(keywords that automatically removes links (ex: porn))" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="102" y="629" width="305" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-69" value="(every link that got verified by the webring participant)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="44" y="477" width="302" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-70" value="(every link that the participant didnt verify yet)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="428" y="536" width="259" height="26" as="geometry" />
</mxCell>
<mxCell id="LnSmRKnKzvJv8pziYg2E-71" value="same as above without the search feature (all links displayed at once)" style="text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;" vertex="1" parent="1">
<mxGeometry x="-382" y="471" width="388" height="26" as="geometry" />
</mxCell>
</root>
</mxGraphModel>
</diagram>
</mxfile>

320
opsec/cloud_provider/index.html Normal file
View file

@ -0,0 +1,320 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Cloud provider threat model">
<meta name="author" content="MulliganSecurity">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>What can an hostile cloud provider see and do?</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
<link href="../../assets/css/xt256.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="../../assets/css/main.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Static navbar -->
<div class="navbar navbar-inverse-anon navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="/about.html">About</a></li>
<li><a href="/blog.html">Categories</a></li>
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
<li><a href="/contact.html">Contact</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/mulligan_sec.jpeg" width="50px" height="50px"> <ba>Mulligan Security - 21 / 01 / 2025</a></p>
<p>
<h1><b> How safe am I from my cloud provider? </b></h1>
Since the 2010's VPS have become cheaper and widely available. From your local mom and pop datacenter where you can rent a baremetal Pi equivalent to highly secured Amazon datacenters and on-demand cpu/bandwidth allocation you can now find a broad range of options for your operational and security needs.
<br>
<br>
If clandestinity is a requirement, there also are cryptocurrency-based options in jurisdictions without LEO cooperation treatises with your own.
<br><br>
But, <b>what if the adversary is already inside?</b><br>
in this post we are going to do a threat modelling exercise:<br><br>
<ol>
<li>Context and assumptions: what are the capabilities of our adversary? what about our own OPSEC requirments?</li>
<li>Threats: what the adversary might want to acomplish (their goal)</li>
<li>Attack Scenarii: a quick list of possible attacks</li>
<li>Mitigation measures: what we can do to make those attack uneconomical, harder</li>
</ol>
<br><br>
<b> Let's start with an image to visualize exactly what the trust and security boundaries are in such a setup</b>
<br>
<br>
<img src="diagram.png">
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h1><b>Context and assumptions</b></h1>
<h2><b>Setting up the scene</b></h2>
Alice wishes to start hosting a coordination platform for her activist group, but she doesn't want to host the platform herself for the following reasons:
<ul>
<li>Shes does not want to have incriminating data in her house</li>
<li>She is unable to provide the required level if high availability for her group's safety and operational standards</li>
<li>She has limited bandwidth/electricity to devote to her cause</li>
</ul>
<br>
<br>
She gets in touch with Bob, owner and operator of Bob's friendly datacenter, and orders from him a VPS (Virtual Private Server). Bob's pretty open-minded so Alice is free to use whatever OS she wants, gets a public IP.
<br><br>
<h2><b>Enters Leo</b></h2>
One day Bob's phone rings, it's Leo calling! Leo asks Bob to confirm that he indeed has Alice as a customer. Without further ado, Leo pays Bob a visit! After entering the premises and showing a government agency badge, Leo asks for complete access to Bob's infrastructure and binds him with a gag order to make sure no one hears about his investigation. Even if Bob is sympathetic to Alice or wishes to protect his customers he would now run afoul of his country's laws if he were to warn them. Leo might have been nice to him but he is not to be trifled with...
<h2><b> Leo sets up shop </b></h2>
Commandeering an office in Bob's datacenter, Leo gets to work. He has plenty of options:
<ol>
<li>Network sniffing: Leo can capture and log ALL trafic related to Alice's activity inside Bob's datacenter, so he will know the IP of everyone interacting with her platform</li>
<li>Firmware/hardware attacks: during maintenance windows, Leo could tamper with the BIOS/UEFI of Alice's server (if she had chosen a bare-metal option), or with her server's storage devices in order to deactivate encryption or exfiltrate data unnoticed</li>
<li>Memory attacks: Leo is able to take snapshots of Alice's VPS RAM to gather information about her activities. If she had chosen a bare-metal server he could cut the power, extract and refrigerate the RAM sticks in order to retrieve the data, but such an attack would be very conspicuous</li>
</ol>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon3">
<div class="container">
<div class="row">
# <div class="col-lg-8 col-lg-offset-2">
<h1><b>Alice's threat model</b></h1>
Alice is very happy with her new deployment. The platform runs great and her team has started using it in earnest. Still, the bond of implicit trust that now exists between her and Bob bothers here. She decides to do a quick threat modelling exercise to calm her mind: instead of wondering about whatifs, she is going to identify the risks associated with her current setup and find ways to mitigate them.
<h2><b>Threats to Confidentiality</b></h2>
If Bob was dishonest (or compelled into acting dishonestly), he would be able to harvest information directly from her server's memory! (She doesn't know Leo is already hard at work)<br><br>
<b>Impacted assets</b><br>
<ul>
<li>decryption keys (eg: her https private key, allowing for complete decryption of her team's traffic)</li>
<li>sensitive data (ephemeral private messages on her forum that arer only kepy in RAM in an unencrypted form)</li>
<li>software state (session cookies, metadata)</li>
</ul>
<br><br>
Bob could also use side-channel attacks by monitoring the underlying server's power usage or run cache timing attack to find the value of her cryptographic secret keys even if Bob's hardware allows her to store them in a dedicated secure chip!
<h2><b>Threats to integrity</b></h2>
Someone with Bob's level of access (he is the administrator of the <i>hypervisor</i> - the software that runs Alice's virtual server) could also:
<ul>
<li>Run an evil maid attack: inject thir own code in the bootloader, in Alice's OS image or inside the hypervisor which Alice can't monitor</li>
<li>Through the hypervisor, tamper with Alice's virtual machine to compromise it</li>
</ul>
<h2><b>Threats to availability</b></h2>
Having access to the physical layer of the network as well as the power grid feeding the servers, Bob could disrupt Alice's operations in the following way:
<ul>
<li>Disconnect Alice's VM from the network</li>
<li>Throttle Alice's network traffic</li>
<li>Cut the power off to Alice's host server to perform a cold boot attack </li>
</ul>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h1><b>VPS Attack scenarios</b><h1>
<h2><b>Live RAM extraction</b></h2>
<h3>Attack</h3>
Bob makes a RAM snapshot of the virtual machine. on a VPS it is very easy and can be done without notice.
<h3>Countermeasures</h3>
This one is very tricky and can't be addressed without renting a bare-metal server instead. Alice would need hardware that supports RAM encryption (such as AMD SEV and SME).
<h2><b>Malicious Libvirt or Xen Interception</b></h2>
<h3>Attack</h3>
Bob modifies the hypervisor's behavior to manipulate network, disk, or console input/output in real time.
Can inject fake SSH authentication prompts or steal plaintext database queries before they reach encrypted storage.
<h3>Countermeasures</h3>
None, this would be undetectable from within the VPS.
<h2><b>Covert Persistent Backdoor via VMState Injection</b></h2>
<h3>Attack</h3>
Bob can embed custom logic in the hypervisor to modify the VPS state after every reboot, reinfecting it persistently.
Similar to NSAs DEITYBOUNCE attack, where malware implants are injected into firmware or hypervisor layers to reinfect systems post-wipe.
<h3>Countermeasures</h3>
Hardly any, if the modification has been done directly in the kernel and in such a way that disables rootkit-detection or other security systems then it can't be detected or mitigated
<h1><b>Conclusion</b></h1>
A VPS provides no privacy from a malicious cloud provider. If used, only encrypted data should transit/be stored in it and the decryption keys should never be present anywhere accessible by it.
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon3">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h1><b>Bare Metal Attack scenarios</b><h1>
<h2><b>Live RAM extraction</b></h2>
<h3>Attack</h3>
Bob powers down the serve hosting the vps and extracts its RAM, refrigerate it to analyze its contents
<h3>Countermeasures</h3>
Alice would need hardware that supports RAM encryption (such as AMD SEV and SME).
<br><br>
This attack is both costly and obvious as it requires the server to go offline. Alice's decides to accept the risk for now and reevaluate based on the evolving sensitivity of the data stored on her server.
<h2><b>BMC Exploitation</b></h2>
<h3>Attack</h3>
A malicious firmware update is deployed to the Baseboard Management Controller (BMC), providing stealthy persistent access and enabling future compromise of the OS or hypervisor.
<h3>Countermeasures</h3>
This attack has the same issue as the previous one and could be deployed during a schedule maintenance at Bob's datacenter. Ensuring a TPM is present on the motheboard and only signed firmware updates are accepted is a first step. This wouldn't protect her from a malicious update signed with a legitimate key as some government agency could deploy. Another, better option is to opt for a physical enclosure only she can access in the datacenter and be present during maintenance. Such enclosure would need to be monitored and trigger a server poweroff in case of breach.
<h2><b>Evil Maid Attack</b></h2>
<h3>Attack</h3>
With physical access to the server, a rogue technician could inject a rootkit into the UEFI to mainain persistance, running their code before the OS loads.
<h3>Countermeasures</h3>
A physically locked enclosure such as ones used by payment processors in their datacenters would greatly reduce the likelihood of this attack.
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h1><b>Conclusion</b></h1>
Following her analysis, Alice understands that having a VPS gives her no privacy from her cloud provider. That all of her traffic and data can easily be seen, copied or moved. She updates her risk analysis and changes her organization's SOPS so her team can have an appropriate behavior when using the services she hosts on this platform. <br><br>
<h2><b>Organizational mitigations</b></h2>
<ul>
<li>Use of codewords when discussing operations and people</li>
<li>Use of onion services to protect the anonymity of her teammates when accessing her services</li>
<li>Use of a separate server with higher security requirements for critical data</li>
</ul>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<!-- +++++ Footer Section +++++ -->
<div id="anonb">
<div class="container">
<div class="row">
<div class="col-lg-4">
<h4>Nihilism</h4>
<p>
Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>My Links</h4>
<p>
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>About Mulligan Security</h4>
<p style="word-wrap: break-word;"><u>Donate XMR:</u><br>86NCojqYmjwim4NGZzaoLS2ozbLkMaQTnd3VVa9MdW1jVpQbseigSfiCqYGrM1c5rmZ173mrp8RmvPsvspG8jGr99yK3PSs</p></br><p><u>Contact:</u> mulligansecurity@riseup.net <br><a href="http://msec2nnqtbwh5c5yxpiswzwnqperok5k33udj7t6wmqcleu3ifj34sqd.onion">website</a><br><a href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FiZJOs1BYKxD2nEndBtacHlBP-bNKv3gywICYPZZjXXE%3D%40chatnedvznvcnsovrm3e6jrgt6pkpai5i3rgslrrxlnv352ardboebid.onion%2FtT5R0tQWBzJPAkjvH-wai4PnpfTor89R%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEA_7oNMJAjBrt210CSc2LEIZJh5BFizPx7JUYFCmj8p1k%253D">SimpleX</a></p>
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
</body>
</html>

BIN
opsec/darknetlantern/1.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 183 KiB

After

Width:  |  Height:  |  Size: 278 KiB

Before After
Before After

BIN
opsec/darknetlantern/13.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 137 KiB

After

Width:  |  Height:  |  Size: 286 KiB

Before After
Before After

BIN
opsec/darknetlantern/15.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 436 KiB

BIN
opsec/darknetlantern/16.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 320 KiB

BIN
opsec/darknetlantern/17.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 299 KiB

38
opsec/darknetlantern/index.html
View file

@ -8,7 +8,7 @@
<meta name="author" content="">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>How to join the Darknet Lantern Webring ?</title>
<title>How to run your own Darknet Lantern for Visibility and Discoverability</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
@ -61,7 +61,7 @@
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@Mainpc-PrivateVM-Debian12 - 2025-01-26</ba></p>
<h1>How to join the Darknet Lantern Webring ? </h1>
<h1>How to run your own Darknet Lantern for Visibility and Discoverability </h1>
<img src="1.png" class="imgRz">
<p>In this tutorial we're going to first explain why the Darknet Lantern is important in the current Darknet context, we'll cover what it is made of, and then we'll cover how to spin up a Darknet Lantern instance, how to maintain one's list of onion links, and lastly we'll cover how to join the Darknet Webring.</p>
@ -98,16 +98,20 @@
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>What is the Darknet Lantern Project ?</b></h2> </br> </br>
<img src="16.png" class="imgRz">
<p>The Darknet Lantern project aims to provide 3 core functionnalities:</p>
<ol>
<li><p>Allow you to run and maintain your own list of onion links, and make it accessible for whoever wants to access it,</p></li>
<li><p>Allow you to automatically check the uptime of the onion links that you list, so that you can track which links are no longer active easily,</p></li>
<li><p>Allow you to participate in a Darknet Webring so that your community may benefit from the visibility coming from the other communities that are participating in the same Webring. </p></li>
</ol>
<p>The sourcecode for the project is available <a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/darknet-lantern">here</a>. At first I wrote it mainly because i was largely dissatisfied with how the uptimekuma project required javascript and how Database-corruptive the upgrades were. After i nailed down the basic "uptime checker" part, it dawned on me that the webring part was also equally essential for the Darknet ecosystem, as explained above. So that's what i have been focusing on for the last 4 weeks, and now i can proudly say that the project is reaching maturity.</p>
<img src="../darknetexploration/17.png" class="imgRz">
<p>The sourcecode for the project is available <a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/darknet-lantern">here</a>. At first I wrote it mainly because i was largely dissatisfied with how the uptimekuma project required javascript and how Database-corruptive the upgrades were. After i nailed down the basic "uptime checker" part, it dawned on me that the webring part was also equally essential for the Darknet ecosystem, as explained above. So that's what i have been focusing on for the last 4 weeks, and now i can proudly say that the project is reaching maturity.</p>
<img src="15.png" class="imgRz">
<p>The Darknet Lantern project is built using PHP, Python, and CSV files. You have the CSV files containing the onion links and their attributes, you have python scripts in the backend to automatically update the uptime of those links, including one main python script called lantern.py to manually maintain and edit your instance's csv files.</p>
<p> And lastly you have php files to search through those CSV files, and filter the results like a regular search engine. All in all, it has been built with minimalism in mind, i tried to keep it as simple as i could to meet the needs. To make it work you need a debian stable release (currently debian 12 bookworm), nginx, php8.2-fpm (currently), Tor, python3 and a few other python3 dependencies that you can install via the apt package manager.</p>
<p> And lastly you have the index.php and static.php files to search through those CSV files, and filter the results like a regular search engine. All in all, it has been built with minimalism in mind, i tried to keep it as simple as i could to meet the needs. To make it work you need a debian stable release (currently debian 12 bookworm), nginx, php8.2-fpm (currently), Tor, python3 and a few other python3 dependencies that you can install via the apt package manager.</p>
<p>This project has been built with anonymity in mind, by default, for the serverside. when you are checking the uptimes for both clearnet and darknet websites, <b>the requests all go through Tor to prevent the website's location from being discovered.</b></p>
<p>This project also takes into account that malicious webring participants may show up, and therefore <b>lantern comes with safeguards and checks in place to prevent any malicious inputs (meaning php, python or bash commands) from being ran from the csv values that may be received from other instances.</b> The PHP files are also preventing any php code from being ran from the CSV files even if there was one to slip through the cracks.</p>
</div>
</div><!-- /row -->
@ -585,6 +589,16 @@ server {
index static.php;
}
</pre></code>
<p>You can also edit the default banner.png image for your instance if you want to customize your instance:</p>
<img src="12.png" class="imgRz">
<p>If you want to change it you can upload your custom banner.png image in your instance folder in <b>/srv/darknet-lantern/www/participants/lantern.nowherejezblahblah.onion/banner.png</b> but be careful, the python scripts are going to check <b>if your banner has the 240x60 resolution</b>, if it does not it won't be accepted by the other webring participants, and it will simply be replaced by the default banner image (coming from the templates folder)</p>
<pre><code class="nim">
[ laptop-privateVM ] [ /dev/pts/8 ] [blog/opsec/darknetlantern]
→ scp banner.png yourserver:/srv/darknet-lantern/www/participants/yourinstancename.onion/banner.png
</pre></code>
<img src="17.png" class="imgRz">
</div>
</div><!-- /row -->
@ -597,19 +611,9 @@ server {
<div class="col-lg-8 col-lg-offset-2">
<h2><b> How to participate in the webring ? (WIP)</b></h2> </br> </br>
<p>In order to participate in the webring that i am running, the only requirements i have is that your webring instance should have the core functionnalities (you list links you didn't verify yet, you also list the ones you verified, and you list the other webring participants), you should bring some new onion links i don't already have, and you shouldn't list porn links.</p>
<p><u>Sidenote:</u> you are free to fork the project, and change how the front-end looks to customize it, but the CSV format (especially the columns order and their titles, and the values format) and the paths(ex: http://URL.onion/participants/URL.onion/verified.csv) need to remain the same </p>
<p><u>Sidenote:</u> you are free to fork the project, and change how the front-end looks to customize it, <b>but the CSV format (especially the columns order and their titles, and the values format) and the paths</b>(ex: http://URL.onion/participants/URL.onion/verified.csv) <b>those NEED to remain the same to be able to remain compatible with the other lantern instances.</b> </p>
<p>So if you are running a functionnal lantern instance all you need is to do is show up <a href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FDkWtBNDdIPVjaap5trLwtmBBEUjyqxSZ%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAcQLIsWEJ0xCv9sMSYVQV_sfMTkK_pisAtN55jgH08T8%253D%26srv%3Dt3srl5etd5y7nfvamlkdsjmm2okfu7db2jp4crxvf3tkwo42odme3kid.onion&data=%7B%22groupLinkId%22%3A%22iK4_U76rW6AdmZZfgVDDVQ%3D%3D%22%7D">in the Darknet Exploration simplex chatroom</a> i'm running, and let me know that you are running a darknet lantern instance:</p>
<p>After that i'll go over your darknet lantern instance to check for the new links you are bringing to the table, and if there are no porn links in there:</p>
<p>Also one thing that you may want to edit, this is your default banner.png:</p>
<img src="12.png" class="imgRz">
<p>If you want to change it you can upload your custom banner.png image in your instance folder in <b>/srv/darknet-lantern/www/participants/lantern.nowherejezblahblah.onion/banner.png</b> but be careful, the python scripts are going to check <b>if your banner has the 240x60 resolution</b>, if it does not it won't be accepted by the other webring participants, and it will simply be replaced by the default banner image (coming from the templates folder)</p>
<pre><code class="nim">
[ laptop-privateVM ] [ /dev/pts/8 ] [blog/opsec/darknetlantern]
→ scp banner.png yourserver:/srv/darknet-lantern/www/participants/yourinstancename.onion/banner.png
</pre></code>
<p>If that's OK for me, i'll add it to my darknet lantern instance by doing the following:</p>
<p>So if you are running a functionnal lantern instance, you can either <a href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FBD4qkVq8lJUgjHt0kUaxeQBYsKaxDejeecxm6-2vOwI%3D%40b6geeakpwskovltbesvy3b6ah3ewxfmnhnshojndmpp7wcv2df7bnead.onion%2F4NTxj7pyXgVGYfHs8qDdKfW-STOA8AP1%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEA5FMqfn6nXs8ETbpz2iu55jr3BKHlfuesWVnko-A1Ewk%253D">send me a private message on SimpleX</a>, or you can show up <a href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FDkWtBNDdIPVjaap5trLwtmBBEUjyqxSZ%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAcQLIsWEJ0xCv9sMSYVQV_sfMTkK_pisAtN55jgH08T8%253D%26srv%3Dt3srl5etd5y7nfvamlkdsjmm2okfu7db2jp4crxvf3tkwo42odme3kid.onion&data=%7B%22groupLinkId%22%3A%22iK4_U76rW6AdmZZfgVDDVQ%3D%3D%22%7D">in the Darknet Lantern Simplex chatroom</a> i'm running, and let me know that you are running a darknet lantern instance. After that i'll go and check your darknet lantern instance to check for the new links you are bringing to the table, and if there are no porn links there, i'll add it to my darknet lantern instance by doing the following:</p>
<pre><code class="nim">
Select Option? (0-11): 5
5
@ -670,7 +674,7 @@ Name,URL,Description,Trusted,Status,Score
→ torsocks git push
</pre></code>
<p>And that's it! you are now an official member of the darknet webring :)</p>
<p>And that's it! you are now an official member of the darknet lantern webring, your community may now benefit from the visibility coming from the other webring participants' communities, while at the same time making sure that your community gets to know that those other communities exist.</p>
</div>

1
opsec/index.html
View file

@ -175,6 +175,7 @@
<li><a href="torthroughvpn/index.html">✅ How to use Tor Safely: (Tor + VPN combinations)</a><img src="logos/su0.png" class="logo"><img src="logos/mullvad.png" class="logo"><img src="logos/on0.png" class="logo"><img src="logos/Tor.png" class="logo"></li>
<li><a href="clearnetvsdarknet/index.html">✅ Why is the Darknet superior to the Clearnet ? </a><img src="logos/Tor.png" class="logo"></li>
<li><a href="darknetexploration/index.html">✅ How to explore the Darknet? (Visibility and Discoverability) </a><img src="logos/Tor.png" class="logo"></li>
<li><a href="darknetlantern/index.html">✅ How to run your own Darknet Lantern for Visibility and Discoverability</a><img src="logos/Tor.png" class="logo"><img src="logos/dnlantern.png" class="logo"></li>
<li><a href="http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions/issues/168">❌ When should I use I2P instead of Tor ? </a><img src="logos/i2p.png" class="logo"></li>
</ol></br>

BIN
opsec/logos/dnlantern.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 6.6 KiB

120
opsec/moneroinheritance/index.html
View file

@ -95,7 +95,7 @@ Uncle Rich has worked hard his entire life and has managed to save a large amoun
In order to avoid relying on third parties, we need a sovereign solution that is FOSS, self-hostable, end-to-end encrypted and that stores data in a zero-knowledge environment. Vaultwarden is the ideal candidate for this task as it is an alternative server implementation of Bitwarden that is written in Rust and is memory-safe. It is more light-weight than the full Bitwarden stack and can be easily deployed on a VPS for less than €5 per month.
</p>
<p>
<img src="1.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="1.png" class="imgRz">
</p>
<p>
Nephew Nick will start by setting up a self-hosted instance where both Uncle Rich and him will create an account. After setting up a reliable notification system, Uncle Rich will grant Nephew Nick Emergency Access to his account, where he has his seedphrase stored. After Nephew Nick accepts Emergency Access, everything will be set in place. In the future, when Nephew Nick requests access to Uncle Rich's vault, Uncle Rich will receive a notification and have a predetermined amount of time to reject the Emergency Access request. If Uncle Rich is still alive at this point, that is trivially easy to do. If Uncle Rich is no longer with us, he will not be able to reject the Emergency Access request. As a result, after the allotted time has expired, Nephew Nick will be notified his request has been granted and will be able to access Uncle Rich's vault where the seedphrase lies.
@ -124,12 +124,12 @@ Starting from Nephew Nick's perspective:
<p>
Prerequisites:
<br>
- A <a href=http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/anondomain/index.html target=_blank>domain name</a> - Nephew Nick purchased one anonymously using Monero on <b>Njalla</b> using their onion link.
- A <a href="../anondomain/index.html">domain name</a> - Nephew Nick purchased one anonymously using Monero on <b>Njalla</b> using their onion link.
<br>
- A <a href=http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/anonymousremoteserver/index.html target=_blank>VPS</a> - Nephew Nick purchased one anonymously using Monero on <b>Kyun</b> using their onion link. Specs consisting of 1 core and 2 GB of memory are more than enough to self-host everything needed for the setup.
- A <a href="../anonymousremoteserver/index.html">VPS</a> - Nephew Nick purchased one anonymously using Monero on <b>Kyun</b> using their onion link. Specs consisting of 1 core and 2 GB of memory are more than enough to self-host everything needed for the setup.
<br>
<br>
<img src="2.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="2.png" class="imgRz">
<br>
Nephew Nick knows that Uncle Rich is getting quite old. Uncle Rich is still capable of using a computer but in order for this setup to work it must provide as little friction as possible. As such, we will keep things simple and use email notifications from a self-hosted server. While not overtly private, email is a suitable option in this case given its ease of use and because it is being used strictly for notifications with no sensitive information is being transmitted. Setting up a self-hosted mail server has been <a href=http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/mailprivate/index.html target=_blank>covered before</a>, however, in this article we will do things a little different in line with running all of our services independently as docker containers. All publicly accessible services will be protected by SSL and we will use Traefik reverse proxy both to automatically procure wildcard SSL certificates and renew them, and also to route traffic to each respective subdomain. Let's get started.
</p>
@ -148,13 +148,13 @@ Nephew Nick knows that Uncle Rich is getting quite old. Uncle Rich is still capa
Nephew Nick will start by setting up DNS records on Njalla (note: no trailing dot is needed). Required are A records pointing to the VPS IP address for xmronly.com, *.xmronly.com, and mail.xmronly.com. An MX record for mail.xmronly.com is also required as shown.
</p>
<p>
<img src="3.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="3.png" class="imgRz">
</p>
<p>
Over on Kyun, Nephew Nick will set a reverse DNS to point to mail.xmronly.com.
</p>
<p>
<img src="4.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="4.png" class="imgRz">
</p>
<p>
With this complete, Nephew Nick can test the DNS records to make sure they are set up correctly and have propagated. With the expected outputs as shown below, we're ready to move on.
@ -297,7 +297,7 @@ networks:
Start the containers with <b>docker compose -f traefik.yml up -d</b> then navigate to https://mail.xmronly.com and verify the SSL certificate is present.
</p>
<p>
<img src="5.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="5.png" class="imgRz">
</p>
<p>
Next we'll set up a docker-compose file (<b>mailserver.yml</b>) in /docker/mailserver.
@ -387,7 +387,7 @@ Content: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkifHSvSJUf3...
With everything complete, your DNS should look like this:
</p>
<p>
<img src="6.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="6.png" class="imgRz">
</p>
<p>
@ -404,10 +404,8 @@ docker compose -f mailserver.yml up -d
You can confirm everything is working correctly by configuring Thunderbird to use your mail server and sending out a test email on <b>https://mail-tester.com</b>.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="7.png" style="margin: 10px;" width="400">
<img src="8.png" style="margin: 10px;" width="400">
</p>
<img src="7.png" class="imgRz">
<img src="8.png" class="imgRz">
<p>
The last step is to set up a docker-compose file (<b>vaultwarden.yml</b>) in /docker/vaultwarden.
@ -463,25 +461,21 @@ Start the container with <b>docker compose -f vaultwarden.yml up -d</b>. With th
Continuing with the same perspective, Nephew Nick will head to <b>https://vaultwarden.xmronly.com</b> and start by creating an account then using it to sign in.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="9.png" style="margin: 10px;" width="400">
<img src="10.png" style="margin: 10px;" width="400">
</p>
<img src="9.png" class="imgRz">
<img src="10.png" class="imgRz">
<p>
When prompted, Nephew Nick will verify his email address.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="11.png" style="margin: 10px;" height="100">
<img src="12.png" style="margin: 10px;" width="600">
</p>
<img src="11.png" class="imgRz">
<img src="12.png" class="imgRz">
<p>
With verification complete, Nephew Nick will confirm his account fingerprint phrase as this information will be needed for a future step. This is located on the sidebar under Settings -> My account.
</p>
<p>
<img src="13.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="13.png" class="imgRz">
</p>
</div>
@ -506,36 +500,28 @@ Switching over to Uncle Rich's perspective now:
Uncle Rich will start by creating an account and then using it to sign in.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="9.png" style="margin: 10px;" height="400">
<img src="14.png" style="margin: 10px;" width="400">
</p>
<img src="9.png" class="imgRz">
<img src="14.png" class="imgRz">
<p>
When prompted, Uncle Rich will verify his email address.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="11.png" style="margin: 10px;" height="100">
<img src="15.png" style="margin: 10px;" width="600">
</p>
<img src="11.png" class="imgRz">
<img src="15.png" class="imgRz">
<p>
With verification complete, Uncle Rich can proceed to set up an entry containing his seedphrase.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="16.png" style="margin: 10px;" height="200">
<img src="17.png" style="margin: 10px;" width="600">
</p>
<img src="16.png" class="imgRz">
<img src="17.png" class="imgRz">
<p>
Next, Uncle Rich will add Nephew Nick as an Emergency Contact. This is found on the sidebar under Settings -> Emergency access.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="18.png" style="margin: 10px;" height="350">
<img src="19.png" style="margin: 10px;" width="450">
</p>
<img src="18.png" class="imgRz">
<img src="19.png" class="imgRz">
</div>
</div><!-- /row -->
@ -560,19 +546,15 @@ Switching back to Nephew Nick's perspective now:
Nephew Nick receives an email notification that Uncle Rich has invited him to be an Emergency Contact. Clicking the link prompts a log in, automatically accepting the request.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="20.png" style="margin: 10px;" height="400">
<img src="21.png" style="margin: 10px;" width="400">
</p>
<img src="20.png" class="imgRz">
<img src="21.png" class="imgRz">
<p>
Upon signing in, there is a notification indicating that the invitation has been accepted and that Nephew Nick's identity must be confirmed (by Uncle Rich). Nephew Nick can see the status of his designation as an Emergency Contact under Settings -> Emergency access on the sidebar.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="22.png" style="margin: 10px;" height="200">
<img src="23.png" style="margin: 10px;" height="400">
</p>
<img src="22.png" class="imgRz">
<img src="23.png" class="imgRz">
</div>
</div><!-- /row -->
@ -597,7 +579,7 @@ Uncle Rich receives an email notification that Nephew Nick has accepted the invi
</p>
<p>
<img src="24.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="24.png" class="imgRz">
</p>
<p>
@ -605,8 +587,8 @@ Uncle Rich logs in and navigates to Settings -> Emergency access on the sidebar.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="25.png" style="margin: 10px;" height="350">
<img src="26.png" style="margin: 10px;" width="500">
<img src="25.png" class="imgRz">
<img src="26.png" class="imgRz">
</p>
</div>
@ -632,7 +614,7 @@ Nephew Nick receives an email notification that he has been confirmed as an Emer
</p>
<p>
<img src="27.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="27.png" class="imgRz">
</p>
<p>
@ -643,9 +625,9 @@ With that, the setup is fully complete. Nephew Nick is able to request Emergency
<br>
<br>
<p style="text-align: center">
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------------------------- Some times passes ----------------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
[Some times passes...]
</p>
<br>
<br>
@ -655,10 +637,8 @@ With that, the setup is fully complete. Nephew Nick is able to request Emergency
Nephew Nick has not heard from Uncle Rich in a long time and fears the worst has happened. After signing in, he navigates to Settings -> Emergency access on the sidebar and requests Emergency Access to Uncle Rich's vault.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="28.png" style="margin: 10px;" height="350">
<img src="29.png" style="margin: 10px;" width="400">
</p>
<img src="28.png" class="imgRz">
<img src="29.png" class="imgRz">
@ -686,7 +666,7 @@ Uncle Rich receives an email notification that Nephew Nick has requested Emergen
</p>
<p>
<img src="30.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="30.png" class="imgRz">
</p>
<p>
@ -694,7 +674,7 @@ After logging into his account, Uncle Rich navigates to Settings -> Emergency ac
</p>
<p>
<img src="31.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="31.png" class="imgRz">
</p>
<p>
@ -706,7 +686,7 @@ From Nephew Nick's perspective, he will receive an email notification saying his
</p>
<p>
<img src="32.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="32.png" class="imgRz">
</p>
@ -733,24 +713,22 @@ From Nephew Nick's perspective, there is nothing to do but wait for the 30 day i
</p>
<p>
<img src="33.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="33.png" class="imgRz">
</p>
<p>
Nephew Nick signs into his account and navigates to Settings -> Emergency access. He is now able to view Uncle Rich's vault.
</p>
<p style="display: flex; justify-content: center; align-items: center;">
<img src="34.png" style="margin: 10px;" height="350">
<img src="35.png" style="margin: 10px;" width="400">
</p>
<img src="34.png" class="imgRz">
<img src="35.png" class="imgRz">
<p>
And just like that Nephew Nick has received Uncle Rich's seedphrase!
</p>
<p>
<img src="36.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="36.png" class="imgRz">
</p>
</div>
@ -768,7 +746,7 @@ Nephew Nick opens up his Monero Wallet GUI and navigates to "Restore wallet from
</p>
<p>
<img src="37.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="37.png" class="imgRz">
</p>
<p>
@ -776,7 +754,7 @@ He gives the wallet a name and chooses a location to save it. Finally Nephew Nic
</p>
<p>
<img src="38.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="38.png" class="imgRz">
</p>
<p>
@ -784,7 +762,7 @@ Proceeding to the next screen, Nephew Nick inputs a strong password and saves it
</p>
<p>
<img src="39.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="39.png" class="imgRz">
</p>
<p>
@ -792,7 +770,7 @@ Finally, he selects a node for the connection. Connecting to your own node is re
</p>
<p>
<img src="40.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="40.png" class="imgRz">
</p>
<p>
@ -800,7 +778,7 @@ With the connection established, all that is left to do is to wait synchronizati
</p>
<p>
<img src="41.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="41.png" class="imgRz">
</p>
<p>
@ -808,7 +786,7 @@ Nephew Nick has successfully restored Uncle Rich's wallet using the seedphrase!
</p>
<p>
<img src="42.png" style="display: block; margin-left: auto; margin-right: auto;">
<img src="42.png" class="imgRz">
</p>

0
opsec/qubesos/Screenshot From 2024-12-05 11-20-03.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 162 KiB

After

Width:  |  Height:  |  Size: 162 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-26-38.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 11 KiB

After

Width:  |  Height:  |  Size: 11 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-28-18.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 178 KiB

After

Width:  |  Height:  |  Size: 178 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-28-40.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 137 KiB

After

Width:  |  Height:  |  Size: 137 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-28-51.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 74 KiB

After

Width:  |  Height:  |  Size: 74 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-29-00.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 82 KiB

After

Width:  |  Height:  |  Size: 82 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-29-12.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 96 KiB

After

Width:  |  Height:  |  Size: 96 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-29-23.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 94 KiB

After

Width:  |  Height:  |  Size: 94 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-29-33.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 143 KiB

After

Width:  |  Height:  |  Size: 143 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-29-47.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 38 KiB

After

Width:  |  Height:  |  Size: 38 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-29-57.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 134 KiB

After

Width:  |  Height:  |  Size: 134 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-39-09.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 94 KiB

After

Width:  |  Height:  |  Size: 94 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-39-27.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 7.4 KiB

After

Width:  |  Height:  |  Size: 7.4 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-40-07.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 94 KiB

After

Width:  |  Height:  |  Size: 94 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-40-34.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 79 KiB

After

Width:  |  Height:  |  Size: 79 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 16-40-42.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 91 KiB

After

Width:  |  Height:  |  Size: 91 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 17-40-25.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 37 KiB

After

Width:  |  Height:  |  Size: 37 KiB

Before After
Before After

0
opsec/qubesos/Screenshot From 2024-12-05 17-40-39.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 33 KiB

After

Width:  |  Height:  |  Size: 33 KiB

Before After
Before After

0
opsec/qubesosnetwork/QubesManager.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 184 KiB

After

Width:  |  Height:  |  Size: 184 KiB

Before After
Before After

0
opsec/qubesosnetwork/banking.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 322 KiB

After

Width:  |  Height:  |  Size: 322 KiB

Before After
Before After

0
opsec/qubesosnetwork/copy_destination.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 109 KiB

After

Width:  |  Height:  |  Size: 109 KiB

Before After
Before After

0
opsec/qubesosnetwork/copy_in_vm.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 67 KiB

After

Width:  |  Height:  |  Size: 67 KiB

Before After
Before After

0
opsec/qubesosnetwork/create.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 212 KiB

After

Width:  |  Height:  |  Size: 212 KiB

Before After
Before After

0
opsec/qubesosnetwork/destination_paste.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 80 KiB

After

Width:  |  Height:  |  Size: 80 KiB

Before After
Before After

0
opsec/qubesosnetwork/disp_whonix.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 188 KiB

After

Width:  |  Height:  |  Size: 188 KiB

Before After
Before After

0
opsec/qubesosnetwork/dom0_exec.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 110 KiB

After

Width:  |  Height:  |  Size: 110 KiB

Before After
Before After

0
opsec/qubesosnetwork/file_arrived.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 131 KiB

After

Width:  |  Height:  |  Size: 131 KiB

Before After
Before After

0
opsec/qubesosnetwork/file_await_transfer.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 84 KiB

After

Width:  |  Height:  |  Size: 84 KiB

Before After
Before After

0
opsec/qubesosnetwork/firewall-net.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 112 KiB

After

Width:  |  Height:  |  Size: 112 KiB

Before After
Before After

0
opsec/qubesosnetwork/firewall-service.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 137 KiB

After

Width:  |  Height:  |  Size: 137 KiB

Before After
Before After

0
opsec/qubesosnetwork/manager.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 186 KiB

After

Width:  |  Height:  |  Size: 186 KiB

Before After
Before After

0
opsec/qubesosnetwork/master_pasteboard.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 70 KiB

After

Width:  |  Height:  |  Size: 70 KiB

Before After
Before After

0
opsec/qubesosnetwork/master_pasteboard_wiped.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 65 KiB

After

Width:  |  Height:  |  Size: 65 KiB

Before After
Before After

0
opsec/qubesosnetwork/template_install.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 168 KiB

After

Width:  |  Height:  |  Size: 168 KiB

Before After
Before After

0
opsec/qubesosnetwork/template_shutdown.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 295 KiB

After

Width:  |  Height:  |  Size: 295 KiB

Before After
Before After

0
opsec/qubesosnetwork/terminal.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 48 KiB

After

Width:  |  Height:  |  Size: 48 KiB

Before After
Before After

0
opsec/qubesosnetwork/text_arrived.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 68 KiB

After

Width:  |  Height:  |  Size: 68 KiB

Before After
Before After

0
opsec/qubesosnetwork/torrent_transmission.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 246 KiB

After

Width:  |  Height:  |  Size: 246 KiB

Before After
Before After

0
opsec/qubesosnetwork/torrent_vm.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 224 KiB

After

Width:  |  Height:  |  Size: 224 KiB

Before After
Before After

0
opsec/qubesosnetwork/transmission_on.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 192 KiB

After

Width:  |  Height:  |  Size: 192 KiB

Before After
Before After

0
opsec/qubesosnetwork/whonix-usage.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 153 KiB

After

Width:  |  Height:  |  Size: 153 KiB

Before After
Before After

0
opsec/qubesosnetwork/whonix_dread.png Executable file → Normal file
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 78 KiB

After

Width:  |  Height:  |  Size: 78 KiB

Before After
Before After

0
pull.sh Executable file → Normal file
View file

0
push.sh Executable file → Normal file
View file

0
pushtoprod.sh Executable file → Normal file
View file