lots of changes

2025-07-02 11:56:40 +00:00 · 2024-11-30 16:50:12 +01:00 · 2024-11-30 16:50:12 +01:00 · ad30d67903
commit ad30d67903
parent 7a1f91e098
36 changed files with 275 additions and 24 deletions
--- a/opsec/index.html
+++ b/opsec/index.html
@ -285,8 +285,8 @@
        <p>💻 Clientside - Getting Started </p>
        <ol>
                <li><a href="tailsqemuvm/index.html">✅ Tails OS for Easy Temporary Sensitive Use</a></li>
                <li><a href="livemode/index.html">✅ Using the Host-OS in live-mode to enable Sensitive Use</a></li>
                <li><a href="tailsqemuvm/index.html">✅ Tails OS for Temporary Sensitive Use</a></li>
                <li><a href="veracrypt/index.html">✅ The main source of Plausible Deniability: Deniable Encryption</a></li>
                <li><a href="sensitivevm/index.html">✅ Sensitive use VMs Setup (Whonix VMs in a Veracrypt Hidden Volume)⭐</a></li>
                <li><a href="plausiblydeniabledataprotection/index.html">🟠 Plausibly Deniable Critical Data Backups</a></li>
--- a/opsec/livemode/10.png
+++ b/opsec/livemode/10.png
--- a/opsec/livemode/4.png
+++ b/opsec/livemode/4.png
--- a/opsec/livemode/7.png
+++ b/opsec/livemode/7.png
--- a/opsec/livemode/8.png
+++ b/opsec/livemode/8.png
--- a/opsec/livemode/9.png
+++ b/opsec/livemode/9.png
--- a/opsec/livemode/index.html
+++ b/opsec/livemode/index.html
@ -56,7 +56,7 @@
 	<!-- +++++ Posts Lists +++++ -->
 	<!-- +++++ First Post +++++ -->
-	<div id="anon2">
+	<div id="anon1">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
@ -79,7 +79,7 @@
 	</div><!-- /grey -->
 	<!-- +++++ Second Post +++++ -->
-	<div id="anon3">
+	<div id="anon2">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
@ -92,7 +92,6 @@
 <img src="3.png" class="imgRz">
 <p>Now when you are using your computer for regular public, private and anonymous activities, normally you don't need to care about those things. But the Host OS is a potential goldmine of forensic evidence to be used against you, <b>so for sensitive use specifically we need to take care of it.</b></p>
 <p>Now you could start to manually erase all logs, all kernel logs, all non-standard system logs, manually overwrite the RAM contents, but this is going to be way too tedious and you're likely to miss something. So we have one simple solution: <b>use the Host OS in live mode</b>.</p>
 <img src="4.png" class="imgRz">
 <p>Thanks to live mode, <b>we are able to load the entire Host OS in RAM directly</b>, allowing us to avoid writing anything on the system disk (no system logs, no kernel logs, no non-standard logs, <b>only ram contents to worry about</b>)</p>
 <p>And since everything is loaded inside the RAM, <b>all we need is to reboot the computer to wipe all of the RAM contents</b>, effectively <b>erase all forensic evidence (and all potential forensic evidence) of the existence of the hidden volume in one simple action.</b></p>
 				</div>
@ -100,12 +99,14 @@
 	    </div> <!-- /container -->
 	</div><!-- /white -->
-  <div id="anon2">
+  <div id="anon1">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Setting up Live Mode</b></h2> </br> </br>
+          <h2><b>Using Live Mode from the System Drive</b></h2> </br> </br>
-<p>To do so, we need to install Kickstart's apt repository to have the grub-live package:</p>
+<p>⚠️ <u>Deniability Disclaimer:</u> <b>This setup is only suitable if the adversary can be told that you are using Kicksecure, with the ram-wipe and grub-live packages, without it being a reason to throw you in jail. Do not proceed if that's the case.</b> ⚠️</p>
 <img src="4.png" class="imgRz">
 <p>If the adversary won't put you in jail for having Kicksecure on the system drive, you can proceed to install Kickstart's apt repository to have the grub-live and ram-wipe packages:</p>
 <pre><code class="nim">
 nothing@debian-tests:~$ su -
 Password: 
@ -171,6 +172,49 @@ root@debian-tests:~# reboot now
 	    </div> <!-- /container -->
 	</div><!-- /white -->
  <div id="anon2">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Using Live Mode from a USB Stick</b></h2> </br> </br>
 <p>⚠️ <u>Deniability Disclaimer:</u> <b>This setup is suitable if the adversary cannot be told that you are using Kicksecure, with the ram-wipe and grub-live packages, without it being a reason to throw you in jail.</b> ⚠️</p>
 <p>If you are in the usecase where the adversary cannot be told that you are using kicksecure, <b>there is an innocent way of using live mode, by using a usb stick with the debian iso flashed on it</b>:</p>
 <img src="7.png" class="imgRz">
 <p>In order to have a USB stick with a debian iso flashed on it, we're going to copy the "how to install linux" tutorial i wrote <a href="../linux/index.html">here</a>, except that we're not going to use the netinstall debian iso file, but rather we'll use one of the <a href="https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/">"debian-live"</a> ISOs :</p>
 <img src="8.png" class="imgRz">
 <p>Then you can use dd to flash the iso on your usb stick:</p>
 <pre><code class="nim">
 nihilist@mainpc:~$ lsblk
 NAME        MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
 [...]
 sdc           8:32   1  14.6G  0 disk 
 └─sdc1        8:33   1  14.6G  0 part  /media/nihilist/024F-D7E6
 [...]
 nihilist@mainpc:~$ umount /media/nihilist/024F-D7E6
 nihilist@mainpc:~$ sudo dd bs=4M if=debian-live-12.8.0-amd64-cinnamon.iso of=/dev/sdc status=progress oflag=sync
 3384803328 bytes (3.4 GB, 3.2 GiB) copied, 165 s, 20.5 MB/s
 810+1 records in
 810+1 records out
 3399122944 bytes (3.4 GB, 3.2 GiB) copied, 165.953 s, 20.5 MB/s
 </pre></code>
 <p>once you have the USB stick with debian on it, simply plug it in your computer, reboot your computer, and then boot on the usb stick after entering the BIOS/UEFI:</p>
 <img src="../linux/18.png" class="imgRz">
 <img src="../linux/19.png" class="imgRz">
 <img src="../linux/20.png" class="imgRz">
 <img src="../linux/21.png" class="imgRz">
 <p>Next, select the usb key and then you can boot on it by choosing the <b>"Live system" option:</b> </p>
 <img src="9.png" class="imgRz">
 <img src="10.png" class="imgRz">
 <p>And here as you can see we successfully entered livemode by booting into debian from the usb key directly, and we are able to see the other drives that are on the computer, without writing any data on them.</p>
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
  <!-- +++++ Second Post +++++ -->
 	<div id="anon1">
@ -201,7 +245,7 @@ nothing@debian-tests:~$ cat test.txt
 THis has been written in the system disk vda1 from live mode !
 </code></pre>
-<p>and then we will create a file in the <b>non-system drive /dev/vdb</b> (which contains a veracrypt hidden volume):</p>
+<p>and then we will create a file in the <b>non-system drive /dev/vdb</b> (which contains a <a href="../veracrypt/index.html">veracrypt</a> hidden volume):</p>
 <img src="1.png" class="imgRz">
 <pre><code class="nim">
 nothing@debian-tests:~$ lsblk
@ -226,7 +270,7 @@ this is a test file written from live mode, into a non-system drive!
 </code></pre>
-<p>Then we simply reboot the host OS into regular non-live mode to check if our first test file on the system drive is gone, and if the second test file on the non-system drive has been effectively saved:</p>
+<p>Then we simply reboot into the system-drive host OS in regular non-live mode to check if our first test file on the system drive is gone, and if the second test file on the non-system drive has been effectively saved:</p>
 <img src="2.png" class="imgRz">
 <p>And then we check that the first test file we created in the system drive is effectively not there anymore:</p>
 <pre><code class="nim">
@ -261,7 +305,8 @@ this is a test file written from live mode, into a non-system drive!
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Emergency Shutdown Script</b></h2> </br> </br>
-<p>Now in order to make sure we can shutdown the Host OS quickly, we need to have an emergency shutdown script, that can be ran by a non-root user in order to immediately shutdown the Host OS whenever we need it.</p>
+<p>Now in order to make sure we can shutdown the Host OS quickly and fine-tune the shutdown sequence later depending on our needs, we can setup an emergency shutdown script, that can be ran by a non-root user in order to immediately shutdown the Host OS whenever we need it.</p>
 <p>⚠️ <u>Deniability Disclaimer:</u> Proceed with the following part <b>in the system-drive outside of live mode, only if you can afford the adversary to see that you have an emergency shutdown script.</b> <u>If that is not an option, you're going to have to do this part manually every time you boot into live mode.</u> (meaning that upon rebooting, there won't be any emergency shutdown script to be found) ⚠️</p>
 <p>First we need to make sure the user is able to run the shutdown command:</p>
 <pre><code class="nim">
@ -293,7 +338,66 @@ nothing@debian:~$ chmod +x shutdown.sh
 <img src="5.png" class="imgRz">
 <img src="6.png" class="imgRz">
 <p>And thats it! you now you have a shortcut that you can use to immediately shutdown the Host OS.</p>
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
  <div id="anon1">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Emergency Shutdown Script for live USB users</b></h2> </br> </br>
 <p>⚠️ <u>Deniability Disclaimer:</u> Proceed with the following part <b>if you can't afford the adversary to find out that you have an emergency shutdown script.</b> ⚠️</p>
 <p>If you are in this usecase, since you're going to have to do this setup at every bootup, you want to speed up the initial setup as much as you can, to help with that i recommend storing your sensitive use scripts on <a href="../anonymousremoteserver/index.html">a non-KYC VPS</a>, because that way, you only have to remember the IP of the VPS, and how to login there:</p>
 <pre><code class="nim">
 nothing@debian:~$  ssh root@65.109.30.253
 root@65.109.30.253's password:
 Linux Datura 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64
 The programs included with the Debian GNU/Linux system are free software;
 the exact distribution terms for each program are described in the
 individual files in /usr/share/doc/*/copyright.
 Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
 permitted by applicable law.
 Web console: https://localhost.localdomain:9090/ or https://65.109.30.253:9090/
 You have mail.
 Last login: Sat Nov 30 14:42:04 2024 from 91.90.40.175
 [ Datura ] [ /dev/pts/0 ] [~]
 → mkdir sensitive_scripts
 [ Datura ] [ /dev/pts/0 ] [~]
 → cd sensitive_scripts
 [ Datura ] [ /dev/pts/0 ] [~/sensitive_scripts]
 → vim shutdown.sh
 [ Datura ] [ /dev/pts/0 ] [~/sensitive_scripts]
 → cat shutdown.sh
 #!/bin/bash
 /sbin/shutdown -h now
 </pre></code>
 <p>The idea being that you manually get your scripts from the VPS upon each boot into live mode, that way you don't need to rewrite them from scratch every time, <b>and especially you are not storing them anywhere locally, where the adversary could find them</b> </p>
 <p>To download the script you can simply run a scp command to download your scripts via SSH directly:</p>
 <pre><code class="nim">
 nothing@debian:~$  scp root@65.109.30.253:/root/sensitive_scripts/shutdown.sh .
 root@65.109.30.253's password:
 shutdown.sh                                                                                                                                                                                                   100%   35     0.3KB/s   00:00
 nothing@debian:~$  cat shutdown.sh
 #!/bin/bash
 /sbin/shutdown -h now
 nothing@debian:~$  chmod +x shutdown.sh
 </pre></code>
 <p>Now from here onwards, the setup is the as described above, you need to manually configure the shortcut to be able to use the shutdown script.</p>
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
--- a/opsec/tailsqemuvm/index.html
+++ b/opsec/tailsqemuvm/index.html
@ -8,7 +8,7 @@
    <meta name="author" content="">
    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
-    <title>Tails OS for Temporary Sensitive Use</title>
+    <title>Tails OS for Easy Temporary Sensitive Use</title>
    <!-- Bootstrap core CSS -->
    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
@ -61,10 +61,10 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-10-03</ba></p>
-<h1>Tails OS for Temporary Sensitive Use </h1>
+<h1>Tails OS for Easy Temporary Sensitive Use </h1>
 <img src="0.png" style="width:250px">
 <p>In this tutorial we're going to look at how you can run Tails OS (The Amnesic Incognito Linux System) on a USB Stick, and also on a QEMU VM, following the official documentation <a href="https://tails.net/doc/advanced_topics/virtualization/virt-manager/index.en.html">here</a>. </p>
-
+<p>⚠️ <u>Deniability Disclaimer:</u> <b>This setup is only suitable if the adversary can be told that you are using Tails OS, without it being a reason to throw you in jail. Do not proceed if that's the case.</b> ⚠️</p>
 <p><b>Tails OS is suitable for Short Term Sensitive Use due to it's default live-mode feature</b>, where upon shutting down the OS, every forensic trace of what you were doing is completely erased from memory, where the entire OS is loaded into. There are no disk-writes at all by default. (Unless if you use the persistent storage, which is not suitable for sensitive use, due to not being deniable encryption like <a href="../veracrypt/index.html">Veracrypt</a> ).</p>
 <img src="37.png" class="imgRz">
 <p>While it is similar to Whonix, it is specificially intended for temporary sensitive use. <a href="../sensitivevm/index.html">Whonix</a> on the other hand can be used for long-term sensitive use. Click <a href="https://www.whonix.org/wiki/Comparison_with_Others">here</a> for more details on the differences between Whonix and Tails.</p>
--- a/opsec/tor/bridge/12.png
+++ b/opsec/tor/bridge/12.png
--- a/opsec/tor/bridge/13.png
+++ b/opsec/tor/bridge/13.png
--- a/opsec/tor/bridge/14.png
+++ b/opsec/tor/bridge/14.png
--- a/opsec/tor/bridge/15.png
+++ b/opsec/tor/bridge/15.png
--- a/opsec/tor/bridge/16.png
+++ b/opsec/tor/bridge/16.png
--- a/opsec/tor/bridge/17.png
+++ b/opsec/tor/bridge/17.png
--- a/opsec/tor/bridge/18.png
+++ b/opsec/tor/bridge/18.png
--- a/opsec/tor/bridge/19.png
+++ b/opsec/tor/bridge/19.png
--- a/opsec/tor/bridge/index.html
+++ b/opsec/tor/bridge/index.html
@ -61,13 +61,9 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
  				<a href="../../index.html">Previous Page</a></br></br>	<p><img src="../../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist - 01 / 02 / 2024</ba></p>
-					<h1>TOR Bridge (June 2023 update)</h1>
+					<h1>TOR Bridge (November 2024 update)</h1>
 					<img src="../logo.png" class="imgRz">
                    <p> Before we start, you will need a Debian VPS (you can get one on digitalocean for example), if you prefer to use your own self hosted server, make sure that port 80 and 443 are correctly port forwarded so that the public ip points to the server and not the router. Once that's done, go and ssh into your Debian server. </p>
 <p>Now regarding the choice of location for the server, in order to make sure that Tor remains decentralised,  make sure that you are picking a country that doesn't have many tor nodes (see the <a href="https://metrics.torproject.org/bubbles.html#country">bubbles graph</a>):</p>
 <img src="../relay/country.png" class="imgRz">
 <p><u>Disclaimer:</u> <b>Do not host your Tor node in Germany, Netherlands or in the US, as there are already too many nodes in those countries.</b> Try to run your own Tor nodes in countries that have the least nodes preferably, as this will help keeping the Tor network decentralized.</p>
 	       </div>
 			</div><!-- /row -->
@ -224,11 +220,87 @@ Bridge obfs4 134.209.26.190:8042 829165B21621041E7A9CDF7192AFFC51CA640B0E  cert=
 <p>Then we check if it is working on <a href="https://check.torproject.org/">check.torproject.org</a>:</p>
 <img src="11.png" class="imgRz">
 <p>And that's it! we have been able to use our own VPS-hosted tor bridge!</p>
 <p>If you want to use the bridge from torrc you can do as follows:</p>
 <pre><code class="nim">
 nihilist@mainpc: ~$ vim /etc/tor/torrc
 nihilist@mainpc: ~$ cat /etc/tor/torrc
 UseBridges 1
 ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy managed
 Bridge obfs4 134.209.26.190:8042 829165B21621041E7A9CDF7192AFFC51CA640B0E  cert=L04rcSpDJb9xdGUy/LgAlxbNgtQUWPJFsdF3q2i8lKRmzffiVFJU5ARjr4RYXRZSrsNYXg iat-mode=0
 nihilist@mainpc: ~$ systemctl restart tor@default
 </pre></code>
 <p>Now keep in mind that obfs4 traffic simply looks like random data on the outside, it doesn't look like legit https traffic when doing deep-packet inspection. Therefore for heavily-censored countries, we recommend you use snowflake bridges:</p>
 </div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
 	<div id="anon2">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Snowflake bridge theory</b></h2> </br> </br>
 <p>As time goes to 2024 censorship becomes more advanced, and sometimes snowflake protocol works better than obfs4. We will go through theories and setup about snowflake bridge</p>
 <p>For a normal tor connection without bridge, you will:</p>
 <p>1.Talk to central directory</p>
 <p>2.Get network information</p>
 <p>3.Connect to your gurad nodes, and form tor circuits</p>
 <img src="snowflake-migrate/normal_tor_connection.png" class="imgRz" style="width: 700px">
 <p>If tor network is blocked, you cannot talk to central directory or any tor node ip, then you need a <b>bridge</b></p>
 <p>All of your communication goes through the bridge, including your initial talk to central directory, and your bridge automatically becomes your first tor node</p>
 <img src="snowflake-migrate/bridge.png" class="imgRz" style="width: 600px">
 <p>Bridges are usually not publicly announced for censorship resistance, since once a bridge ip get known by censoring firewall it can simply drop all the packets to that ip</p>
 <p>This is the weakness for traditional tor bridges, not matter how hard you try to obfuscate your traffic, the <b>bridge ip </b>always have to be semi-public because you want people to use it, but this means people who work for censorship can also find bridge ip</p>
 <p>To end this cat and mouse game, snowflake is introduced</p>
 <img src="snowflake-migrate/snowflake-schematic.png" class="imgRz" style="width: 700px">
 <p>This is a picture of how snowflake works from tor official</p>
 <p>First you have volunteers over the world who install snowflake plugin in their browsers, they act as bridges for you to connect to tor network. Because this is mostly run by amateurs, and people turn on and off their devices all the time, which makes many ephemeral bridges, and this is why it is called snowflake</p>
 <p>There is also a server called broker that knows all the information about snowflakes</p>
 <img src="snowflake-migrate/snowflakes.png" class="imgRz" style="width: 600px">
 <p>Then you will use a technique called domain fronting, which makes you seems connecting to a legit service like azure cloud or google cloud, but your actual connection goes to the broker.</p>
 <img src="snowflake-migrate/domain-fronting.png" class="imgRz" style="width: 600px">
 <p>Then the broker server introduce you to the snowflake proxy, then you establish a webrtc connection, which is a connection allows two app to have direct connection for video call or file transmission. Then your traffic goes to the snowflake proxy, and connects to the rest of tor network</p>
 <img src="snowflake-migrate/WebRTC.png" class="imgRz" style="width: 600px">
 <p>Then you connect to tor network!</p>
          <h2><b>Snowflake bridge in practice</b></h2> </br> </br>
 <p>Now in practice, all you need to do to run a snowflake bridge is to have a webpage that runs the following HTML code:</p>
 <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
 <p>Whoever wants to run a snowflake bridge simply has to click the "enabled" slider to run a snowflake bridge. Or you can also run <a href="https://addons.mozilla.org/en-US/firefox/addon/torproject-snowflake/">the snowflake firefox extension</a> to run a snowflake bridge whenever you are starting a webpage:</p>
 <img src="15.png" class="imgRz">
 <img src="16.png" class="imgRz">
 <img src="17.png" class="imgRz">
 <img src="18.png" class="imgRz">
 <img src="19.png" class="imgRz">
 <p> and then you can simply wait for someone to use it. Someone that needs to evade censorship somewhere in the world will start to use it when torproject will give them the snowflake bridgelike so: </p>
 <img src="12.png" class="imgRz">
 <img src="13.png" class="imgRz">
 <img src="14.png" class="imgRz">
 <p>If you want to use the snowflake bridge from torrc you can do as follows:</p>
 <pre><code class="nim">
 nihilist@mainpc: ~$ vim /etc/tor/torrc
 nihilist@mainpc: ~$ cat /etc/tor/torrc
 UseBridges 1
 ClientTransportPlugin snowflake exec ./client -log snowflake.log
 Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://snowflake-broker.torproject.net.global.prod.fastly.net/ fronts=foursquare.com,github.githubassets.com ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
 Bridge snowflake 192.0.2.4:80 8838024498816A039FCBBAB14E6F40A0843051FA fingerprint=8838024498816A039FCBBAB14E6F40A0843051FA url=https://1098762253.rsc.cdn77.org/ fronts=www.cdn77.com,www.phpmyadmin.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.net:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
 Bridge snowflake 192.0.2.3:80 2B280B23E1107BB62ABFC40DDCC8824814F80A72 fingerprint=2B280B23E1107BB62ABFC40DDCC8824814F80A72 url=https://1098762253.rsc.cdn77.org/ fronts=www.cdn77.com,www.phpmyadmin.net ice=stun:stun.l.google.com:19302,stun:stun.antisip.com:3478,stun:stun.bluesip.net:3478,stun:stun.dus.net:3478,stun:stun.epygi.com:3478,stun:stun.sonetel.com:3478,stun:stun.uls.co.za:3478,stun:stun.voipgate.com:3478,stun:stun.voys.nl:3478 utls-imitate=hellorandomizedalpn
 nihilist@mainpc: ~$ systemctl restart tor@default
 </pre></code>
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
 	<!-- +++++ Footer Section +++++ -->
 	<div id="anonb">
@ -237,7 +309,7 @@ Bridge obfs4 134.209.26.190:8042 829165B21621041E7A9CDF7192AFFC51CA640B0E  cert=
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
          <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
 					</p>
 				</div><!-- /col-lg-4 -->
--- a/opsec/tor/bridge/snowflake-migrate/WebRTC.png
+++ b/opsec/tor/bridge/snowflake-migrate/WebRTC.png
--- a/opsec/tor/bridge/snowflake-migrate/bridge.png
+++ b/opsec/tor/bridge/snowflake-migrate/bridge.png
--- a/opsec/tor/bridge/snowflake-migrate/domain-fronting.png
+++ b/opsec/tor/bridge/snowflake-migrate/domain-fronting.png
--- a/opsec/tor/bridge/snowflake-migrate/flake_log.png
+++ b/opsec/tor/bridge/snowflake-migrate/flake_log.png
--- a/opsec/tor/bridge/snowflake-migrate/normal_tor_connection.png
+++ b/opsec/tor/bridge/snowflake-migrate/normal_tor_connection.png
--- a/opsec/tor/bridge/snowflake-migrate/snowflake-schematic.png
+++ b/opsec/tor/bridge/snowflake-migrate/snowflake-schematic.png
--- a/opsec/tor/bridge/snowflake-migrate/snowflakes.png
+++ b/opsec/tor/bridge/snowflake-migrate/snowflakes.png
--- a/opsec/tor/bridge/snowflake-migrate/tor_check.png
+++ b/opsec/tor/bridge/snowflake-migrate/tor_check.png
--- a/opsec/torbrowsing/index.html
+++ b/opsec/torbrowsing/index.html
@ -214,6 +214,30 @@ extraction percent done: 100 / 100
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
 	<div id="anon2">
    <div class="container">
    <div class="row">
      <div class="col-lg-8 col-lg-offset-2">
        <h2><b>How to get the Tor Browser when you are in a Heavily-censored country</b></h2>
 <p>There are situations when you cannot simply download tor browser from their official site because of censorship. There are alternative methods for you to get the tor browser</p>
        <p>Tor browser official offers an email address called gettor@torproject.org, which you can send email to them, and they will offer you a download link</p>
 <p>First prepare an email, for me I am using protonmail, you can also use outlook or apple email if protonmail is blocked. Any service provider allows you to email tor project will work.</p>
 <img src="snow-flake-tutorial-migrate/1.png" class="imgRz">
 <p>Next simply send an empty email to tor project</p>
 <img src="snow-flake-tutorial-migrate/2.png" class="imgRz" style="width: 500px">
 <p>Soon you will receive a reply from tor project, simply reply them with your OS name(select one from the list)</p>
 <img src="snow-flake-tutorial-migrate/3.png" class="imgRz" style="width: 500px">
 <p>For me during this demo is linux64</p>
 <img src="snow-flake-tutorial-migrate/4.png" class="imgRz" style="width: 800px">
 <p>After the reply they will send you a download link, very ironically the download link is a google drive link, many countries that block tor also block google, they actually are supposed to send the brower bundle in attachment</p>
 <img src="snow-flake-tutorial-migrate/5.png" class="imgRz" style="width: 500px">
 <p>If you find out google drive does not work for you, try to check whether if github is accessible. Tor browser also provides download on github officially, check the releases on <a href="https://github.com/TheTorProject/gettorbrowser">Tor browser github repository</a></p>
 <img src="snow-flake-tutorial-migrate/6.png" class="imgRz" style="width: 900px">
      </div>
    </div><!-- /row -->
    </div> <!-- /container -->
 </div><!-- /white -->
 	<!-- +++++ Footer Section +++++ -->
 	<div id="anonb">
@ -222,7 +246,7 @@ extraction percent done: 100 / 100
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
          <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
 					</p>
 				</div><!-- /col-lg-4 -->
--- a/opsec/torbrowsing/snow-flake-tutorial-migrate/1.png
+++ b/opsec/torbrowsing/snow-flake-tutorial-migrate/1.png
--- a/opsec/torbrowsing/snow-flake-tutorial-migrate/2.png
+++ b/opsec/torbrowsing/snow-flake-tutorial-migrate/2.png
--- a/opsec/torbrowsing/snow-flake-tutorial-migrate/3.png
+++ b/opsec/torbrowsing/snow-flake-tutorial-migrate/3.png
--- a/opsec/torbrowsing/snow-flake-tutorial-migrate/4.png
+++ b/opsec/torbrowsing/snow-flake-tutorial-migrate/4.png
--- a/opsec/torbrowsing/snow-flake-tutorial-migrate/5.png
+++ b/opsec/torbrowsing/snow-flake-tutorial-migrate/5.png
--- a/opsec/torbrowsing/snow-flake-tutorial-migrate/6.png
+++ b/opsec/torbrowsing/snow-flake-tutorial-migrate/6.png
--- a/opsec/torthroughvpn/11.png
+++ b/opsec/torthroughvpn/11.png
--- a/opsec/torthroughvpn/12.png
+++ b/opsec/torthroughvpn/12.png
--- a/opsec/torthroughvpn/index.html
+++ b/opsec/torthroughvpn/index.html
@ -92,7 +92,7 @@
 <img src="11.png" class="imgRz">
 <p>First comes the clientside context: <b>Does your country allow anonymity ?</b></br> </p><p>Check if your country allows Tor traffic or not. If it's not illegal, you can use tor traffic as is. </br><b>(you -> tor)</b></p>
 <p>If you are in a country where tor traffic is illegal, you need to hide tor use behind a vpn </br><b>(you -> vpn -> tor)</b></p>
-<p>If you are in a country where both Tor and VPNs are illegal, <b>know that this is too risky to try and be anonymous online</b> personally i wouldn't even try to be anonymous online in that context, <b>because you risk being persecuted for just using the technology</b>. If you still want to have anonymity anyway, you'll have to <a href="https://github.com/net4people/bbs/issues">use censorship evasion techniques</a> like using <a href="../tor/bridge/index.html">tor bridges.</a></br> <b>(you -> tor bridge -> tor)</b></p>
+<p>If you are in a country where both Tor and VPNs are illegal, <b>know that this is too risky to try and be anonymous online</b> personally i wouldn't even try to be anonymous online in that context, <b>because you risk being persecuted for just using the technology</b>. If you still want to have anonymity anyway, you'll have to <a href="https://github.com/net4people/bbs/issues">use censorship evasion techniques</a> like using <a href="../v2ray/index.html">v2ray</a></p>
 <img src="12.png" class="imgRz">
 <p>Second comes serverside context: <b>Does the service allow anonymity?</b></br></p><p> Check if you can use the service using tor only,</br><b>(tor -> website)</b></p>
--- a/opsec/veracrypt/index.html
+++ b/opsec/veracrypt/index.html
@ -97,12 +97,61 @@ regarding wear leveling:
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
          <h2><b>Deniability Context </b></h2>
 <p>⚠️ <u>Deniability Disclaimer:</u> <b>If the adversary cannot be told that you are using veracrypt, do not install Veracrypt on the host OS outside of live mode, but rather install it manually each time you boot into live mode</b> That way everytime you reboot, there is no veracrypt program to be found at all. ⚠️</p>
 <p>Let's install the .deb package for veracrypt (you can install it safely from non-live mode), so that the software is available whenever you want to use it while the host OS is in live mode: </p>
 <img src="1.png" class="imgRz">
 <pre><code class="nim">
 [ mainpc ] [ /dev/pts/1 ] [~/Downloads]
 → wget https://launchpad.net/veracrypt/trunk/1.26.7/+download/veracrypt-1.26.7-Debian-12-amd64.deb
 </code></pre>
 <p>If you are using a VPS to help speed up the initial setup everytime you boot into live mode like we have <a href="../livemode/index.html">showcased previously</a>, you can also use it to store the veracrypt .deb file for you, to make it easier to retrieve each time:</p>
 <pre><code class="nim">
 [ mainpc ] [ /dev/pts/4 ] [/tmp]
 → ssh root@65.109.30.253
 root@65.109.30.253's password:
 Linux Datura 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64
 The programs included with the Debian GNU/Linux system are free software;
 the exact distribution terms for each program are described in the
 individual files in /usr/share/doc/*/copyright.
 Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
 permitted by applicable law.
 Web console: https://localhost.localdomain:9090/ or https://65.109.30.253:9090/
 You have mail.
 Last login: Sat Nov 30 14:42:15 2024 from 91.90.40.175
 [ Datura ] [ /dev/pts/0 ] [~]
 → cd sensitive_scripts
 [ Datura ] [ /dev/pts/0 ] [~/sensitive_scripts]
 → wget https://launchpad.net/veracrypt/trunk/1.26.7/+download/veracrypt-1.26.7-Debian-12-amd64.deb -O vc.deb
 2024-11-30 16:43:58 (20.1 MB/s) - ‘vc.deb’ saved [9211094/9211094]
 [ Datura ] [ /dev/pts/0 ] [~/sensitive_scripts]
 → exit
 Connection to 65.109.30.253 closed.
 </pre></code>
 <p>That way, everytime you boot into live mode, all you need is to download the vc.deb file from the VPS:</p>
 <pre><code class="nim">
 [ mainpc ] [ /dev/pts/4 ] [/tmp]
 → scp root@65.109.30.253:/root/sensitive_scripts/vc.deb .
 root@65.109.30.253's password:
 vc.deb                                                                                                                                                                                                        100% 8995KB   1.9MB/s   00:04
 [ mainpc ] [ /dev/pts/4 ] [/tmp]
 → file vc.deb
 vc.deb: Debian binary package (format 2.0), with control.tar.gz, data compression gz
 </pre></code>
 <p>And then to install it you can do it like so:</p>
 <pre><code class="nim">
 [ mainpc ] [ /dev/pts/1 ] [~/Downloads]
 → sudo dpkg -i veracrypt-1.26.7-Debian-12-amd64.deb
@ -119,10 +168,12 @@ regarding wear leveling:
 [ mainpc ] [ /dev/pts/1 ] [~/Downloads]
 → veracrypt
-</code></pre>
+</pre></code>
 <p>So now that you have veracrypt installed, before you start to use it, you need to be aware of the lack of deniability you have when using the Host OS in regular mode:</p>
 <img src="../livemode/3.png" class="imgRz">
-<p>By default, your host OS directly writes into the system drive all sorts of potential forensic evidence that an adversary may use against you, such as system logs, kernel logs, non-standard logs, etc, and unless if you remove each of those manually, you're never sure of wether or not the Host OS saved proof of the existence of the hidden volume onto the system drive. <b>That's why you need to use the Host OS in <a href="../livemode/index.html">live mode</a>, to be able to use veracrypt.</b></p>
+<p>By default, your host OS directly writes into the system drive all sorts of potential forensic evidence that an adversary may use against you, such as system logs, kernel logs, non-standard logs, etc, and unless if you remove each of those manually, you're never sure of wether or not the Host OS saved proof of the existence of the hidden volume onto the system drive. <b>That's why you need to use the Host OS in <a href="../livemode/index.html">live mode</a>, to be able to use veracrypt</b>, and <b>to install it aswell if you cannot tell the adversary that you are using veracrypt.</b></p>
 <img src="../livemode/4.png" class="imgRz">
 <p>That way, as you're loading the entire host OS in the RAM due to being in live mode, you are not writing anything on the system drive anymore, <b>but rather only writing all that potential forensic evidence of the veracrypt hidden volume <u>in RAM alone</u>, which can be easily erased with a simple shutdown</b>.</p>
 <p>So now that we have installed veracrypt, let's reboot the Host OS into live mode:</p>