From c279c934535cafacfe51777276c811fe256d32e8 Mon Sep 17 00:00:00 2001 From: nihilist Date: Wed, 16 Apr 2025 22:01:11 +0200 Subject: [PATCH] updated --- opsec/chats/index.html | 87 +++++++++++++++++++++++++++++++----------- opsec/index.html | 2 +- rss/feed.xml | 9 +++++ sed.sh | 0 4 files changed, 75 insertions(+), 23 deletions(-) mode change 100755 => 100644 sed.sh diff --git a/opsec/chats/index.html b/opsec/chats/index.html index 104c956..6e6bf8d 100644 --- a/opsec/chats/index.html +++ b/opsec/chats/index.html @@ -86,6 +86,7 @@ When discussing the topic of OPSEC, an important concept that inevitably arises is compartmentalization. Broadly speaking, compartmentalization can be defined as separating different activities into different buckets in order to prevent them from being linked together. This concept is perhaps most commonly seen using online emails. You may want one email for all of your social media, a different email for all of your online purchases and a different email still for all health related items. This same concept can be applied to your online chats. In this tutorial, we will explore the different types of chats, how to compartmentalize them based on their contexts and when each one is optimal to use.

+ @@ -96,6 +97,21 @@ When discussing the topic of OPSEC, an important concept that inevitably arises
+

OPSEC Requirements in Chats



+ +

Another thing to note is that there are a ton of chat apps out there, and as we have explained previously, depending on the level of Operational Security you are aiming for (wether it is privacy, anonymity or deniability), the tool has to meet certain criterias to be suitable for the intended use.

+ +

As you're going to see shortly, depending on the types of chats you want to have, the chat platform you use is very much dependant on meeting the OPSEC requirements to match the intended uses.

+
+
+
+ + + +
+
+
+

Types of Chats



@@ -115,10 +131,10 @@ The chart below describes 4 different types of chats. They are separated by thei - - - - + + + + @@ -137,24 +153,24 @@ The chart below describes 4 different types of chats. They are separated by thei - - - - + + + + - - + + - - - + + +
Public ChatPrivate ChatAnonymous ChatDeniable ChatPublic Chats
Private Chats
Anonymous Chats
Deniable Chats
Technical Requirements (Online)-None. No E2EE required-E2EE is required-E2EE is required
-No user IDs, no IP address linkability
-E2EE is required
-No user IDs, no IP address linkability
-Disappearing messages		-None. (everything you say is public knowledge)-FOSS Software
-E2EE is required
-You can self-host the chat server yourself
-FOSS Software
-E2EE is required
-Upon signup, requires no phone numbers, no user IDs, and no IP address linkability (using Tor)
-FOSS Software
-E2EE is required
-Upon signup, requires no phone numbers, no user IDs, and no IP address linkability (using Tor)
-Disappearing messages
Pros -Easiest to achieve
-No restrictions
-Suitable for any environment		-Contents of conversation are secure
-Many apps now implement E2EE		-May assume different anonymous identities for different conversations
-Suitable for exploring controversial topics
-Contents of the conversation are visible only by the participants
-Many apps now implement E2EE		-May assume different anonymous identities for different conversations
-Suitable for exploring controversial topics
-Anonymity is possible in public chats too!		 -Off the record
-No history of the conversation
-Suitable for sensitive topics
Cons -Anything said can be linked to your real identity-May still be known the conversation took place
-May be able to build patterns based on conversations		-Requires specialized software-Requires specialized software
-Requires specialized settings configuration		-very few chat apps are FOSS on both the clientside and the serverside
-The identity of the participants are known
-May still be known the conversation took place
-May be able to build patterns based on conversations		-even fewer chat apps can be used to sign up anonymously
-Deanonymization may happen based on what the anonymous party says		-Can't read the history of the chat beyond the time limit
@@ -176,14 +192,14 @@ As with many things, these chats exist on a spectrum between being more convenie

-
+
-

Examples



+

Public Chat Example



-Let's take a look at a few examples to illustrate these concepts. First up is a public chat similar to what you'd find online, on social media, in public chat rooms, etc. + Let's take a look at a few examples to illustrate these concepts. First up is a public chat similar to what you'd find online, on social media, in public chat rooms, etc.

@@ -194,8 +210,17 @@ Let's take a look at a few examples to illustrate these concepts. First up is a This conversation, tied to Alice and Bob's real identities, is visible for anyone to see. Public chats such as this one pose the smallest barrier to entry as they can take place anytime/anywhere. Any information discussed, such as their plans together next weekend and mode of transportation, are now publicly known by anyone present at the time of the conversation. Alice and Bob may openly show their support for their favorite football teams, but what if there was some information they didn't want others to know?

-
-
+
+
+
+
+ + +
+
+
+
+

Private Chat Example



For discussions involving information that is not necessarily meant for everyone to know about, we have private chats. In private chats, participants may still use their real identities, but the key differences is that the information is only accessible between the parties chatting and nobody else as the conversation is End-to-End Encrypted (E2EE). @@ -209,9 +234,18 @@ For discussions involving information that is not necessarily meant for everyone Alice may be uncomfortable announcing to the world she's short on cash at the moment, but can confide in her friend Bob with this information. In this private chat, only Alice and Bob know what was discussed and a record of this conversation exists. Luckily many popular chat apps are starting to implement E2EE, but without also including metadata protections, patterns can still be gleaned based on which contacts you are talking to and how often. But there may be situations where someone may not want you to know who they are when they're speaking with you. What happens in that situation?

-
-
+
+
+
+
+ +
+
+
+
+ +

Anonymous Chat Example



For discussions where one participant (or multiple participants) don't want the conversation tied in any way to their real identity, we have anonymous chats. With increasing OPSEC requirements comes the need for more specialized software, which may be more inconvenient for certain people.

@@ -224,9 +258,18 @@ For discussions where one participant (or multiple participants) don't want the In this example, Alice is speaking with someone who doesn't want to have their persona tied to their real identity (the participant is using an incognito profile). The nature of the conversation may include controversial topics such as insider information. To achieve an anonymous chat, there must specifically be no user identifiers and no IP address linkability. An added benefit of having no user identifies is that a person can create disposable personas on the fly and use a different anonymous identity for each new conversation. But what if we need to communicate and can leave no trace of the conversation ever having taken place?

-
-
+
+
+
+
+ +
+
+
+
+ +

Deniable Chat Example



For the next step up, deniable chats, we must build on everything we've discussed up to and further employ disappearing messages. This is the only chat type suitable for discussing sensitive topics.

diff --git a/opsec/index.html b/opsec/index.html index c8fe080..a69526c 100644 --- a/opsec/index.html +++ b/opsec/index.html @@ -87,7 +87,7 @@
  • Internet usage segmentation (QEMU VMs + Identity Management)
  • OPSEC: Using the right Technology and Behavior
  • How to maintain multiple Identities Online
    • -
  • ❌ Public Chats / Private Chats / Anonymous Chats / Deniable Chats
    • +
  • Public Chats / Private Chats / Anonymous Chats / Deniable Chats
  • ❌ 10 Things you must do if you are pro-freedom

    • diff --git a/rss/feed.xml b/rss/feed.xml index 0f05b04..c00800f 100644 --- a/rss/feed.xml +++ b/rss/feed.xml @@ -9,6 +9,14 @@ Nihilist`s Technical Blog + + Public Chats / Private Chats / Anonymous Chats / Deniable Chats + http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/chats/index.html + 2025041600 + In this tutorial we're going to differentiate all 4 types of Chats, being the public, private, anonymous and deniable chats, and briefly showcase how simpleX fits all of our needs. + + + How to Verify One's Identity While Maintaining Anonymity Using PGP Canaries http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/opsec/pgpcanary/index.html @@ -955,6 +963,7 @@ + diff --git a/sed.sh b/sed.sh old mode 100755 new mode 100644