diff --git a/assets/css/bootstrap.css b/assets/css/bootstrap.css
index 272d868..d822578 100644
--- a/assets/css/bootstrap.css
+++ b/assets/css/bootstrap.css
@@ -907,8 +907,8 @@ pre code {
 .col-lg-12 {
   position: relative;
   min-height: 1px;
-  padding-right: 15px;
-  padding-left: 15px;
+  padding-right: 1px;
+  padding-left: 1px;
 }
 
 .col-xs-1,
@@ -1498,7 +1498,7 @@ pre code {
     width: 75%;
   }
   .col-lg-8 {
-    width: 66.66666666666666%;
+    width: 90%;
   }
   .col-lg-7 {
     width: 58.333333333333336%;
@@ -1630,7 +1630,8 @@ pre code {
     margin-left: 25%;
   }
   .col-lg-offset-2 {
-    margin-left: 16.666666666666664%;
+    /*margin-left: 16.666666666666664%;*/
+    margin-left: 5%;
   }
   .col-lg-offset-1 {
     margin-left: 8.333333333333332%;
diff --git a/assets/css/main.css b/assets/css/main.css
index 491ffa3..6605046 100644
--- a/assets/css/main.css
+++ b/assets/css/main.css
@@ -10,6 +10,68 @@
 /*@import url(http://fonts.googleapis.com/css?family=Montserrat:400,700);*/
 /*@import url(montserrat.css);*/
 
+
+/* CSS FORMATTING FOR MOBILE SCREENS */
+
+@media screen and (max-width: 1000px) {
+        .container-m{
+                display: flex;
+            flex-direction: column;
+            /*align-items: center;*/
+            padding: 2px 5px 2px 2px;
+            justify-content: left;
+        }
+}
+
+.container-m{
+    display: flex;
+    flex-direction: row;
+    /*align-items: center;*/
+    padding: 2px 5px 2px 2px;
+    justify-content: left;
+}
+
+.column-m{
+    display: flex;
+    flex-direction: column;
+    padding: 5px 10px 5px 5px;
+    font-size: 18px;
+}
+
+
+.column-m:nth-child(1){
+        border-top-left-radius: 5px;
+        border-bottom-left-radius: 5px;
+}
+
+.column-m:nth-child(4){
+        border-top-right-radius: 5px;
+        border-bottom-right-radius: 5px;
+}
+
+.column-container-m{
+        width: 100%;
+        height: 100vh;
+        display: flex;
+        flex-direction: row;
+        align-items: left;
+        justify-content: left;
+}
+
+.column-container-main-m{
+        width: 100%;
+        height: 100vh;
+        display: flex;
+        flex-direction: row;
+        /*align-items: center;
+        justify-content: center;*/
+}
+
+
+
+/* END OF CSS FORMATTING FOR MOBILE */
+
+
 body {
   	background-color: #000000;
   	font-family: sans-serif;
diff --git a/index.html b/index.html
index 9c26bd8..1c5d324 100644
--- a/index.html
+++ b/index.html
@@ -8,7 +8,7 @@
     <meta name="author" content="">
     <link rel="shortcut icon" href="../../../../../assets/img/favicon.png">
 
-    <title>nihilist - Categories </title>
+    <title>The Nihilism Blog </title>
     <!-- cp index.html blog.html-->
     <!-- Bootstrap core CSS! -->
     <link href="assets/css/bootstrap.css" rel="stylesheet">
@@ -150,7 +150,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/mirrors.txt b/mirrors.txt
new file mode 100644
index 0000000..7a34401
--- /dev/null
+++ b/mirrors.txt
@@ -0,0 +1,14 @@
+### Active ###
+
+Nihilist:
+-Clearnet: https://blog.nowhere.moe
+-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
+-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
+-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
+
+
+
+### Inactive ###
+
+
+### Removed ###
diff --git a/opsec/0.html b/opsec/0.html
index 6cae47d..e995c49 100644
--- a/opsec/0.html
+++ b/opsec/0.html
@@ -114,7 +114,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/0_anon/index.html b/opsec/0_anon/index.html
index 87d2289..b43dbe4 100644
--- a/opsec/0_anon/index.html
+++ b/opsec/0_anon/index.html
@@ -62,7 +62,7 @@
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist - 00 / 00 / 00</ba></p>
 <h1>SRVNAME Setup </h1>
-<img src="0.png" style="width:250px">
+<img src="0.png" class="imgRz">
 <p> </p>
           
 	       </div>
@@ -161,7 +161,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/Arch/index.html b/opsec/Arch/index.html
index 3f13250..fa6df54 100644
--- a/opsec/Arch/index.html
+++ b/opsec/Arch/index.html
@@ -178,7 +178,7 @@ nano 3.sh
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/MobileTor/index.html b/opsec/MobileTor/index.html
index 75ca7f9..26f4ed8 100644
--- a/opsec/MobileTor/index.html
+++ b/opsec/MobileTor/index.html
@@ -74,7 +74,7 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <p><h2><u>Technology Recommended: </u></h2></p>
+          <p><h2><u>OPSEC Recommendations: </u></h2></p>
 <ul>
 	<li><p>Hardware: Google Pixel</p></li>
 	<li><p>Host OS: <a href="../graphene/index.html">Graphene OS</a></p></li>
@@ -156,7 +156,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonaccess/index.html b/opsec/anonaccess/index.html
index a44cf00..21d1551 100644
--- a/opsec/anonaccess/index.html
+++ b/opsec/anonaccess/index.html
@@ -243,7 +243,7 @@ nihilist ALL=(ALL:ALL) ALL
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonclearnetservices/index.html b/opsec/anonclearnetservices/index.html
index 6ae9b79..a707b3f 100644
--- a/opsec/anonclearnetservices/index.html
+++ b/opsec/anonclearnetservices/index.html
@@ -111,7 +111,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anoncreditcard/0.png b/opsec/anoncreditcard/0.png
new file mode 100644
index 0000000..7143acd
Binary files /dev/null and b/opsec/anoncreditcard/0.png differ
diff --git a/opsec/anoncreditcard/1.png b/opsec/anoncreditcard/1.png
new file mode 100644
index 0000000..8c1a796
Binary files /dev/null and b/opsec/anoncreditcard/1.png differ
diff --git a/opsec/anoncreditcard/10.png b/opsec/anoncreditcard/10.png
new file mode 100644
index 0000000..d01ef5d
Binary files /dev/null and b/opsec/anoncreditcard/10.png differ
diff --git a/opsec/anoncreditcard/11.png b/opsec/anoncreditcard/11.png
new file mode 100644
index 0000000..5f12562
Binary files /dev/null and b/opsec/anoncreditcard/11.png differ
diff --git a/opsec/anoncreditcard/12.png b/opsec/anoncreditcard/12.png
new file mode 100644
index 0000000..935324c
Binary files /dev/null and b/opsec/anoncreditcard/12.png differ
diff --git a/opsec/anoncreditcard/13.png b/opsec/anoncreditcard/13.png
new file mode 100644
index 0000000..2853903
Binary files /dev/null and b/opsec/anoncreditcard/13.png differ
diff --git a/opsec/anoncreditcard/14.png b/opsec/anoncreditcard/14.png
new file mode 100644
index 0000000..2a4521e
Binary files /dev/null and b/opsec/anoncreditcard/14.png differ
diff --git a/opsec/anoncreditcard/15.png b/opsec/anoncreditcard/15.png
new file mode 100644
index 0000000..88f9546
Binary files /dev/null and b/opsec/anoncreditcard/15.png differ
diff --git a/opsec/anoncreditcard/16.png b/opsec/anoncreditcard/16.png
new file mode 100644
index 0000000..8daa139
Binary files /dev/null and b/opsec/anoncreditcard/16.png differ
diff --git a/opsec/anoncreditcard/17.png b/opsec/anoncreditcard/17.png
new file mode 100644
index 0000000..f7c6755
Binary files /dev/null and b/opsec/anoncreditcard/17.png differ
diff --git a/opsec/anoncreditcard/18.png b/opsec/anoncreditcard/18.png
new file mode 100644
index 0000000..c6862bd
Binary files /dev/null and b/opsec/anoncreditcard/18.png differ
diff --git a/opsec/anoncreditcard/19.png b/opsec/anoncreditcard/19.png
new file mode 100644
index 0000000..9657d7b
Binary files /dev/null and b/opsec/anoncreditcard/19.png differ
diff --git a/opsec/anoncreditcard/2.png b/opsec/anoncreditcard/2.png
new file mode 100644
index 0000000..72bb8db
Binary files /dev/null and b/opsec/anoncreditcard/2.png differ
diff --git a/opsec/anoncreditcard/20.png b/opsec/anoncreditcard/20.png
new file mode 100644
index 0000000..5c0d02c
Binary files /dev/null and b/opsec/anoncreditcard/20.png differ
diff --git a/opsec/anoncreditcard/21.png b/opsec/anoncreditcard/21.png
new file mode 100644
index 0000000..7d514f2
Binary files /dev/null and b/opsec/anoncreditcard/21.png differ
diff --git a/opsec/anoncreditcard/22.png b/opsec/anoncreditcard/22.png
new file mode 100644
index 0000000..ce56ddd
Binary files /dev/null and b/opsec/anoncreditcard/22.png differ
diff --git a/opsec/anoncreditcard/23.png b/opsec/anoncreditcard/23.png
new file mode 100644
index 0000000..a0dba4c
Binary files /dev/null and b/opsec/anoncreditcard/23.png differ
diff --git a/opsec/anoncreditcard/24.png b/opsec/anoncreditcard/24.png
new file mode 100644
index 0000000..e5ae791
Binary files /dev/null and b/opsec/anoncreditcard/24.png differ
diff --git a/opsec/anoncreditcard/3.png b/opsec/anoncreditcard/3.png
new file mode 100644
index 0000000..4f10ccb
Binary files /dev/null and b/opsec/anoncreditcard/3.png differ
diff --git a/opsec/anoncreditcard/4.png b/opsec/anoncreditcard/4.png
new file mode 100644
index 0000000..6255e9c
Binary files /dev/null and b/opsec/anoncreditcard/4.png differ
diff --git a/opsec/anoncreditcard/5.png b/opsec/anoncreditcard/5.png
new file mode 100644
index 0000000..9142728
Binary files /dev/null and b/opsec/anoncreditcard/5.png differ
diff --git a/opsec/anoncreditcard/6.png b/opsec/anoncreditcard/6.png
new file mode 100644
index 0000000..5a2d7f4
Binary files /dev/null and b/opsec/anoncreditcard/6.png differ
diff --git a/opsec/anoncreditcard/7.png b/opsec/anoncreditcard/7.png
new file mode 100644
index 0000000..45225a1
Binary files /dev/null and b/opsec/anoncreditcard/7.png differ
diff --git a/opsec/anoncreditcard/8.png b/opsec/anoncreditcard/8.png
new file mode 100644
index 0000000..15ea039
Binary files /dev/null and b/opsec/anoncreditcard/8.png differ
diff --git a/opsec/anoncreditcard/9.png b/opsec/anoncreditcard/9.png
new file mode 100644
index 0000000..6739e86
Binary files /dev/null and b/opsec/anoncreditcard/9.png differ
diff --git a/opsec/anoncreditcard/index.html b/opsec/anoncreditcard/index.html
new file mode 100644
index 0000000..19f3d99
--- /dev/null
+++ b/opsec/anoncreditcard/index.html
@@ -0,0 +1,328 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>How to Get a Credit Card Anonymously (Credit Cards as a Service)</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>XMRonly - 2024 / 11 / 06</ba></p>
+<h1>How to Get a Credit Card Anonymously (Credit Cards as a Service)</h1>
+<img src="0.png" width="100px">
+<p> </p>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Introduction</b></h2>
+<p>
+With the growing economy and increasingly aggressive marketing, every company is competing to earn your business. There are no shortages of ways to spend your hard-earned money, but you may not always want to have your purchases tied to your real identity. For in person purchases, there is the obvious choice of cash as no information about you is recorded. However, online is a different story. E-commerce is heavily reliant on the use of credit cards, which leave a digital trail of metadata that ties back to you, is shared with third parties and is repackaged and sold to data brokers. Some forward-thinking vendors accept cryptocurrency but given online markets as a whole, this is still relatively niche. If your preferred method of buying something is Monero and your target vendor doesn't accept Monero, wouldn't it be great if you could still just use Monero anyway? In this article, we will explore how to obtain an anonymous prepaid card for Monero using Cake Pay and how to use this prepaid card to purchase a VPS from Hostinger, a KYC web hosting provider. 
+</p>
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
+    <li><p>Virtual Machine: <a href="../whonixqemuvms/index.html">Whonix</a> or <a href="../tailsqemuvm/index.html">Tails</a> </p></li>                                                    </ol>
+<p>Every steps listed below are to be done via the Tor browser, in order to preserve our anonymity.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Obtaining the Card</b></h2> </br> </br>
+<p>
+Using the Tor Browser, navigate to <b>https://buy.cakepay.com</b>. Here we are going to select the Mastercard Prepaid USD Debit (Virtual Only) option. Click Buy Now. 
+<img src="1.png" class="imgRz">
+</p>
+
+<p>
+When prompted, enter an <a href=../anonemail/index.html target=_blank>anonymous email</a> and then retrieve and enter the one-time password emailed to us. 
+<img src="2.png" class="imgRz">
+</p>
+
+<p>
+The next screen has some important information on it. It informs us that a name and email will be required for sign-up. It just doesn't specify that it has to be <i>our</i> name and address. This card will not work in Apple Pay or Google Wallet, not that we were planning on using those anyway. Additionally, trying to redeem this card while using a VPN (or in our case, the Tor Browser) may fail. More on that later. Enter a desired amount and click Buy Now. 
+<img src="3.png" class="imgRz">
+</p>
+
+<p>
+We are now presented with a payment screen. 
+<img src="4.png" class="imgRz">
+</p>
+
+<p>
+Copy the destination address and amount into your Monero wallet and send the payment. 
+<img src="5.png" class="imgRz">
+</p>
+
+<p>
+Cake Pay will quickly detect the payment, and after a few more on-chain confirmations it will say the invoice is paid. 
+<img src="6.png" class="imgRz">
+</p>
+
+<p>
+Back in your inbox, you will now receive an email with Redemption Instructions and a Code. 
+<img src="7.png" class="imgRz">
+</p>
+
+<p>
+Attempting to redeem the code through the Tor Browser or through a VPN will fail and after around 10 consecutive attempts your redemption link and code will be temporarily locked. 
+<img src="8.png" class="imgRz">
+</p>
+
+<p>
+This is where a <a href=../anonproxy/index.html target=_blank>residential proxy</a> will come in handy. After setting one up, we can continue unimpeded using the Tor Browser. Input the code, confirm you are not a robot and click Submit.
+<img src="9.png" class="imgRz">
+</p>
+
+<p>
+Our card purchase was successful. Copy the code and navigate to the provided link.
+<img src="10.png" class="imgRz">
+</p>
+
+<p>
+Enter the code and click on Redeem Code.
+<img src="11.png" class="imgRz">
+</p>
+
+<p>
+Complete the captcha if prompted by sliding the puzzle piece in place.
+<img src="12.png" class="imgRz">
+</p>
+
+<p>
+We are now prompted to fill out the information we want for registering this card. We enter a name, an address that is for sale online, a phone number and email. After everything is populated click the checkboxes and finally hit Activate. Note that the phone number is not verified in any way. 
+<img src="13.png" class="imgRz">
+</p>
+
+<p>
+Our card is ready! 
+<img src="14.png" class="imgRz">
+</p>
+
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Using the Card</b></h2> </br> </br>
+<p>
+With our (digital) card in hand, it's time to actually buy something. Hostinger is a clearnet web hosting company with no explicitly stated support for signing up anonymously. All of their payment options require some information about the user and while their site supports a long list of cryptocurrencies, they somehow forgot to accept Monero. That's OK, we have a prepaid card for that. 
+<img src="15.png" class="imgRz">
+</p>
+
+<p>
+Using the Tor Browser, navigate to <b>https://hostinger.com</b> and click on Hosting -> VPS hosting. 
+<img src="16.png" class="imgRz">
+</p>
+
+<p>
+If prompted, verify you are human. 
+<img src="17.png" class="imgRz">
+</p>
+
+<p>
+We will select a plan that costs less than the amount on our prepaid card. 
+<img src="18.png" class="imgRz">
+</p>
+
+<p>
+OPTIONAL: A quick online search found a promo code. Apply it and click Continue. 
+<img src="19.png" class="imgRz">
+</p>
+
+<p>
+It is time to create an account. Enter an email address and password. 
+<img src="20.png" class="imgRz">
+</p>
+
+<p>
+Enter the billing details we used to create our prepaid card. Note that a phone number is not required here. 
+<img src="21.png" class="imgRz">
+</p>
+
+<p>
+Enter the card details and click Submit payment. 
+<img src="22.png" class="imgRz">
+</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>VPS Configuration</b></h2>
+
+<p>
+We are now prompted to configure our VPS. A few quick steps are required before we can start using it. Click through to choose a location, an OS, a malware scanner, set a root password and then click Finish setup. 
+<img src="23.png" class="imgRz">
+</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Conclusion</b></h2>
+
+<p>
+After a short setup, our VPS is ready! 
+<img src="24.png" class="imgRz">
+</p>
+
+<p>
+Let's try to connect via <a href=../anonaccess/index.html target=_blank>SSH over Tor</a>.
+<pre><code class="nim">
+~ ❯ torsocks ssh root@145.223.79.150
+The authenticity of host '145.223.79.150 (145.223.79.150)' can't be established.
+ED25519 key fingerprint is SHA256:bF9YlAl82SyfCu3X911lclJ0TwywiU6qgNtKCYDdnd0.
+This key is not known by any other names.
+Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
+Warning: Permanently added '145.223.79.150' (ED25519) to the list of known hosts.
+root@145.223.79.150's password:
+Linux srv636770 6.1.0-26-cloud-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.112-1 (2024-09-30) x86_64
+
+The programs included with the Debian GNU/Linux system are free software;
+the exact distribution terms for each program are described in the
+individual files in /usr/share/doc/*/copyright.
+
+Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
+permitted by applicable law.
+root@srv636770:~#
+
+</code></pre>
+<p>And that's it ! we have managed to get access to a credit card anonymously, and we also managed to use it to get a VPS anonymously, all while maintaining our anonymity.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4 class="readable">About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u>
+						8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
+					</p></br>
+					<p style="word-wrap: break-word;"><u>Donate XMR to the author:</u>
+						8AHNGepbz9844kfCqR4aVTCSyJvEKZhtxdyz6Qn8yhP2gLj5u541BqwXR7VTwYwMqbGc8ZGNj3RWMNQuboxnb1X4HobhSv3</p>
+					<p class="readable"><u>Contact:</u> nihilist@contact.nowhere.moe (<a
+							href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/anondomain/index.html b/opsec/anondomain/index.html
index 7600265..b068cd2 100644
--- a/opsec/anondomain/index.html
+++ b/opsec/anondomain/index.html
@@ -123,7 +123,7 @@ PING ns1.nihilism.network (23.137.250.140) 56(84) bytes of data.
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonemail/index.html b/opsec/anonemail/index.html
index 6276f8a..5efaac1 100644
--- a/opsec/anonemail/index.html
+++ b/opsec/anonemail/index.html
@@ -189,7 +189,7 @@ And your new anonymous email account is ready for use! In line with practicing g
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonpersona/index.html b/opsec/anonpersona/index.html
index 394a79b..9d39402 100644
--- a/opsec/anonpersona/index.html
+++ b/opsec/anonpersona/index.html
@@ -188,7 +188,7 @@ A: done, and added to the public page as an announcement, thanks.
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonprotest/index.html b/opsec/anonprotest/index.html
index dcb2c89..d451ddd 100644
--- a/opsec/anonprotest/index.html
+++ b/opsec/anonprotest/index.html
@@ -218,7 +218,7 @@
 					<h4 class="readable">As we have discussed the various methods that Law Enforcement agencies can track you down
 						precisely, and there isn't much you can do to stop it, leaving your personal mobile phone, smart
 						watch, or any other smart device at home is the best way to stay anonymous in a protest, leaving
-						no proof that you took part in it and <a href="../encryption/index.html">denying</a> that
+						no proof that you took part in it and <a href="../deniability/index.html">denying</a> that
 						you ever left your home.</h4>
 
 				</div>
@@ -669,7 +669,7 @@
 					<h4 class="readable">Nihilism</h4>
 					<p class="readable">
 						Until there is Nothing left.</p></br></br>
-					<p class="readable">Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+					<p class="readable">Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 
 					</p>
 				</div><!-- /col-lg-4 -->
@@ -709,4 +709,4 @@
 
 </body>
 
-</html>
\ No newline at end of file
+</html>
diff --git a/opsec/anonproxy/AccessAllowed.jpg b/opsec/anonproxy/AccessAllowed.jpg
new file mode 100644
index 0000000..bd38bf3
Binary files /dev/null and b/opsec/anonproxy/AccessAllowed.jpg differ
diff --git a/opsec/anonproxy/AccessDenied.jpg b/opsec/anonproxy/AccessDenied.jpg
new file mode 100644
index 0000000..1dc7733
Binary files /dev/null and b/opsec/anonproxy/AccessDenied.jpg differ
diff --git a/opsec/anonproxy/CheckIP.png b/opsec/anonproxy/CheckIP.png
new file mode 100644
index 0000000..7cbe60d
Binary files /dev/null and b/opsec/anonproxy/CheckIP.png differ
diff --git a/opsec/anonproxy/Deposit.png b/opsec/anonproxy/Deposit.png
new file mode 100644
index 0000000..717c58c
Binary files /dev/null and b/opsec/anonproxy/Deposit.png differ
diff --git a/opsec/anonproxy/FoxyProxyAdd.png b/opsec/anonproxy/FoxyProxyAdd.png
new file mode 100644
index 0000000..d29702f
Binary files /dev/null and b/opsec/anonproxy/FoxyProxyAdd.png differ
diff --git a/opsec/anonproxy/FoxyProxyInstall.png b/opsec/anonproxy/FoxyProxyInstall.png
new file mode 100644
index 0000000..aa1565f
Binary files /dev/null and b/opsec/anonproxy/FoxyProxyInstall.png differ
diff --git a/opsec/anonproxy/FoxyProxyInstall2.png b/opsec/anonproxy/FoxyProxyInstall2.png
new file mode 100644
index 0000000..f8e403a
Binary files /dev/null and b/opsec/anonproxy/FoxyProxyInstall2.png differ
diff --git a/opsec/anonproxy/FoxyProxyOptions.png b/opsec/anonproxy/FoxyProxyOptions.png
new file mode 100644
index 0000000..a9c277d
Binary files /dev/null and b/opsec/anonproxy/FoxyProxyOptions.png differ
diff --git a/opsec/anonproxy/FoxyProxySearch.png b/opsec/anonproxy/FoxyProxySearch.png
new file mode 100644
index 0000000..710eeb0
Binary files /dev/null and b/opsec/anonproxy/FoxyProxySearch.png differ
diff --git a/opsec/anonproxy/FoxyProxySearch2.png b/opsec/anonproxy/FoxyProxySearch2.png
new file mode 100644
index 0000000..2a5187e
Binary files /dev/null and b/opsec/anonproxy/FoxyProxySearch2.png differ
diff --git a/opsec/anonproxy/InstallAddon.png b/opsec/anonproxy/InstallAddon.png
new file mode 100644
index 0000000..a2dfb80
Binary files /dev/null and b/opsec/anonproxy/InstallAddon.png differ
diff --git a/opsec/anonproxy/Proxy.png b/opsec/anonproxy/Proxy.png
new file mode 100644
index 0000000..d1eaad2
Binary files /dev/null and b/opsec/anonproxy/Proxy.png differ
diff --git a/opsec/anonproxy/ProxyData.png b/opsec/anonproxy/ProxyData.png
new file mode 100644
index 0000000..59c0c60
Binary files /dev/null and b/opsec/anonproxy/ProxyData.png differ
diff --git a/opsec/anonproxy/Reg.png b/opsec/anonproxy/Reg.png
new file mode 100644
index 0000000..aa67eb4
Binary files /dev/null and b/opsec/anonproxy/Reg.png differ
diff --git a/opsec/anonproxy/WebsiteAccessed.png b/opsec/anonproxy/WebsiteAccessed.png
new file mode 100644
index 0000000..2d432c7
Binary files /dev/null and b/opsec/anonproxy/WebsiteAccessed.png differ
diff --git a/opsec/anonproxy/WebsiteDenied.png b/opsec/anonproxy/WebsiteDenied.png
new file mode 100644
index 0000000..e75c1c4
Binary files /dev/null and b/opsec/anonproxy/WebsiteDenied.png differ
diff --git a/opsec/anonproxy/index.html b/opsec/anonproxy/index.html
new file mode 100644
index 0000000..ba17b0a
--- /dev/null
+++ b/opsec/anonproxy/index.html
@@ -0,0 +1,207 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="prism_breaker">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>How to get and use residential proxies anonymously</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>prism_breaker</ba></p>
+<h1>How to get and use residential proxies anonymously</h1>
+<p>While Tor is a requirement to protect your anonymity online, some services refuse to be accessed anonymously, and are intentionally blocking connections coming from Tor exits nodes. These services are against your anonymity, but there are still ways to access them anonymously:<p>
+<img src="AccessDenied.jpg" class="imgRz">
+<p>A residential proxy will reroute your access through a residential ip address, which makes your connection look like it is coming from your ISP or your mobile carrier.</p>
+<p><u>Serverside Context:</u> This setup is to be considered only in the case where the destination website also blocks your attempts at connecting there via a <a href="../whenTorisblocked/index.html">(you -> Tor -> VPN -> destination)</a> setup.</p>
+
+<img src="../torthroughvpn/12.png" class="imgRz">
+<p> Under this setup you can access those websites that are blocking both Tor and VPN traffic, while still keeping your anonymity intact.</p>
+<img src="AccessAllowed.jpg" class="imgRz">
+
+<p style="color: red;">Warning: This setup is not officialy supported by Tor project, it should be considered as experimental. It is still recommended to use the default setup of Whonix and Tor browser for the rest of your anonymous activities online.</p>
+
+<p>For further details on how you can combine Tor and VPNs to protect your anonymity, refer to <a href="../torthroughvpn/index.html">this tutorial</a></p>
+
+<p>Other useful reference: <a href="https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy">https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy</a> </p>
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a> (Or Qubes OS)</p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a> (Or Qubes OS's Xen)</p></li>
+    <li><p>Virtual Machine:<a href="../whonixqemuvms/index.html">Whonix</a> (that must be dedicated to the (you -> Tor -> residential proxy -> website) setup </p></li>                                                    </ol>
+</ol>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Proxy Purchase</b></h2>
+<p><p style="color: red;"><u>Warning:</u> Everything below needs to be done inside the dedicated new whonix workstation VM!</p></p>
+<p><a href="https://smspool.net/">smspool.net</a> is chosen to be the proxy provider for this demo, the author is not affiliated with this service. It is used because it is monero friendly, other service providers should work similarly.</p>
+<p>First you need to register:</p>
+<img src="Reg.png" style="width: 400px; height: auto;" class="small">
+<p>Choose "switch to hCaptcha" otherwise you might get stuck at the cloudflare verification.</p>
+<p>The next step is to deposit monero into the website and purchase the proxy.</p>
+<img src="Deposit.png" class="imgRz">
+<p>When your deposit get credited, purchase the proxy.</p>
+<img src="Proxy.png" class="imgRz">
+<p>Now your proxy is ready, check for the details inside "My Proxy" section.</p>	
+<img src="ProxyData.png" class="imgRz">
+<p>Copy your proxy ip, port, username, password. It will be used later.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Browser setup</b></h2> </br> </br>
+<p>Due to an upstream change, the proxy setup method mentioned in whonix tutorial is not working <a href="https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy/Proxy_Settings_Method">https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_proxy/Proxy_Settings_Method</a></p>
+
+<p>One of the other methods is to use the foxyproxy addon. <b>However please note that installing a plugin will change the Tor browser fingerprint, so it is highly recommended you keep the rest of your anonymous activities in a separate default Whonix Workstation VM.</b> Use this setup only when you are in this specific serverside context.</p>
+<img src="InstallAddon.png" style="width: 400px; height: auto;" class="imgRz">
+<p>Choose the "add-ons and themes" in the firefox menu and search for foxyproxy.</p>
+<img src="FoxyProxySearch.png" class="imgRz">
+<p></p>
+<img src="FoxyProxySearch2.png" class="imgRz">
+
+<p>Install the plugin, pin the plugin and allow it to work in private windows.</p>
+<img src="FoxyProxyInstall.png" class="imgRz">
+<P></P>
+<img src="FoxyProxyInstall2.png" style="width: 400px; height: auto;" class="imgRz">
+
+
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Connect to Proxy</b></h2> </br> </br>
+<p>Finally, we will connect to the proxy we just purchased.</p>
+<p>First find foxyproxy in the menu bar and choose "options".</p>
+<img src="FoxyProxyOptions.png" style="width: 400px; height: auto;" class="imgRz">
+<p>Add the proxy information in the "proxy" tab.</p>
+<img src="FoxyProxyAdd.png" class="imgRz">
+<p>In this demo, the proxy is HTTP, if you use a different provider and it doesn't work, try to check the protocol. Fill all the info and save it.</p>
+<p>Now check the website you want to accessed, it is blocked because you are still using the Tor exit node.</p>
+<img src="WebsiteDenied.png" class="imgRz">
+<p>Choose the proxy you just added in FoxyProxy button, and reset your Tor browser identity.</p>
+<p>Now access <a href="https://check.Torproject.org">https://check.Torproject.org</a>, and you should see a warning says you are not using Tor, due to having the connection originating from the residential Proxy IP, <b>this means that you have successfully completed the (you -> Tor -> residential proxy -> website) Setup, effectively hiding that you're using Tor from the destination website.</b></p>
+<img src="CheckIP.png" class="imgRz">
+<p>Now try the website that blocks Tor, it should work now if you did everything correctly!</p>
+<img src="WebsiteAccessed.png" class="imgRz">
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>PrismBreaker</h4>
+          <p>
+						Shatter the big brother.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About Prism Breaker</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 87iB34vdFvNULrAjyfVAZ7jMXc8vbq9tLGMLjo6WC8N9Xo2JFaa8Vkp6dwXBt8rK12Xpz5z1rTa9jSfgyRbNNjswHKTzFVh</p></br><p><u>Contact:</u> prismbreaker@waifu.club (<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/735816B2B9E6F4660ECE44D983E602C4B6EA6AEE">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/anonsensitive/index.html b/opsec/anonsensitive/index.html
index eb1fe6a..c62ad0d 100644
--- a/opsec/anonsensitive/index.html
+++ b/opsec/anonsensitive/index.html
@@ -75,7 +75,7 @@
 
 <img src="6.png" class="imgRz">
 <p>Here’s the problem: the adversary can just bust down Bob’s door and <b>force him to unlock his laptop, including every encrypted volume.</b> What happens then?</p>
-<img src="../encryption/4.png" class="imgRz">
+<img src="../deniability/4.png" class="imgRz">
 <p><img src="../de2.png"> <b>Since Bob has no other choice but to comply when the adversary forces him to unlock his hard drives, and since he didn’t implement Deniable Encryption</b>, he has to show all the incriminating evidence, and therefore he can no longer deny implications with the sensitive activity.</p>
 <img src="5.png" class="imgRz">
 <p> Bob’s setup, although suitable for Anonymous Use, is not suitable for Sensitive Use <b>due to the lack of Deniable Encryption</b></p>
@@ -93,7 +93,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonsimplex/index.html b/opsec/anonsimplex/index.html
index 9d69345..83133f2 100644
--- a/opsec/anonsimplex/index.html
+++ b/opsec/anonsimplex/index.html
@@ -309,7 +309,7 @@ sudo apt install tor</pre></code>
             <h4>Nihilism</h4>
             <p>
               Until there is Nothing left.<br>
-              Creative Commons Zero: No Rights Reserved<br>
+              Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a><br>
               <img src="\CC0.png" alt="Creative Commons Zero">
             </p>
           </div>
diff --git a/opsec/anonsms/index.html b/opsec/anonsms/index.html
index e98f3b1..8d6500c 100644
--- a/opsec/anonsms/index.html
+++ b/opsec/anonsms/index.html
@@ -163,7 +163,7 @@ Simply complete the remaining steps onscreen and voilà! If prompted for an emai
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonuse/index.html b/opsec/anonuse/index.html
index f42ffae..7afe5fb 100644
--- a/opsec/anonuse/index.html
+++ b/opsec/anonuse/index.html
@@ -91,7 +91,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonymity/16.png b/opsec/anonymity/16.png
deleted file mode 100644
index ac0b0bd..0000000
Binary files a/opsec/anonymity/16.png and /dev/null differ
diff --git a/opsec/anonymity/17.png b/opsec/anonymity/17.png
deleted file mode 100644
index d719ac8..0000000
Binary files a/opsec/anonymity/17.png and /dev/null differ
diff --git a/opsec/anonymity/21.png b/opsec/anonymity/21.png
deleted file mode 100644
index b9adcb2..0000000
Binary files a/opsec/anonymity/21.png and /dev/null differ
diff --git a/opsec/anonymity/22.png b/opsec/anonymity/22.png
deleted file mode 100644
index a537562..0000000
Binary files a/opsec/anonymity/22.png and /dev/null differ
diff --git a/opsec/anonymity/23.png b/opsec/anonymity/23.png
deleted file mode 100644
index ee16c38..0000000
Binary files a/opsec/anonymity/23.png and /dev/null differ
diff --git a/opsec/anonymity/24.png b/opsec/anonymity/24.png
deleted file mode 100644
index b57f470..0000000
Binary files a/opsec/anonymity/24.png and /dev/null differ
diff --git a/opsec/anonymity/25.png b/opsec/anonymity/25.png
deleted file mode 100644
index 2169c3e..0000000
Binary files a/opsec/anonymity/25.png and /dev/null differ
diff --git a/opsec/anonymity/26.png b/opsec/anonymity/26.png
deleted file mode 100644
index 98b55af..0000000
Binary files a/opsec/anonymity/26.png and /dev/null differ
diff --git a/opsec/anonymity/27.png b/opsec/anonymity/27.png
deleted file mode 100644
index 6cfddd6..0000000
Binary files a/opsec/anonymity/27.png and /dev/null differ
diff --git a/opsec/anonymity/28.png b/opsec/anonymity/28.png
deleted file mode 100644
index ca7f98e..0000000
Binary files a/opsec/anonymity/28.png and /dev/null differ
diff --git a/opsec/anonymity/29.png b/opsec/anonymity/29.png
deleted file mode 100644
index c09d540..0000000
Binary files a/opsec/anonymity/29.png and /dev/null differ
diff --git a/opsec/anonymity/31.png b/opsec/anonymity/31.png
deleted file mode 100644
index 819d4f0..0000000
Binary files a/opsec/anonymity/31.png and /dev/null differ
diff --git a/opsec/anonymity/32.png b/opsec/anonymity/32.png
deleted file mode 100644
index 53bb169..0000000
Binary files a/opsec/anonymity/32.png and /dev/null differ
diff --git a/opsec/anonymity/33.png b/opsec/anonymity/33.png
deleted file mode 100644
index 6ee92f1..0000000
Binary files a/opsec/anonymity/33.png and /dev/null differ
diff --git a/opsec/anonymity/34.png b/opsec/anonymity/34.png
deleted file mode 100644
index 2e0885e..0000000
Binary files a/opsec/anonymity/34.png and /dev/null differ
diff --git a/opsec/anonymity/35.png b/opsec/anonymity/35.png
deleted file mode 100644
index ceec400..0000000
Binary files a/opsec/anonymity/35.png and /dev/null differ
diff --git a/opsec/anonymity/36.png b/opsec/anonymity/36.png
deleted file mode 100644
index 3f7dd1d..0000000
Binary files a/opsec/anonymity/36.png and /dev/null differ
diff --git a/opsec/anonymity/37.png b/opsec/anonymity/37.png
deleted file mode 100644
index 2ee2c8a..0000000
Binary files a/opsec/anonymity/37.png and /dev/null differ
diff --git a/opsec/anonymity/38.png b/opsec/anonymity/38.png
deleted file mode 100644
index 1a19105..0000000
Binary files a/opsec/anonymity/38.png and /dev/null differ
diff --git a/opsec/anonymity/39.png b/opsec/anonymity/39.png
deleted file mode 100644
index c922a06..0000000
Binary files a/opsec/anonymity/39.png and /dev/null differ
diff --git a/opsec/anonymity/41.png b/opsec/anonymity/41.png
deleted file mode 100644
index 0d22ad0..0000000
Binary files a/opsec/anonymity/41.png and /dev/null differ
diff --git a/opsec/anonymity/42.png b/opsec/anonymity/42.png
deleted file mode 100644
index 942b175..0000000
Binary files a/opsec/anonymity/42.png and /dev/null differ
diff --git a/opsec/anonymity/43.png b/opsec/anonymity/43.png
deleted file mode 100644
index 9e1bfc4..0000000
Binary files a/opsec/anonymity/43.png and /dev/null differ
diff --git a/opsec/anonymity/44.png b/opsec/anonymity/44.png
deleted file mode 100644
index ef30e1f..0000000
Binary files a/opsec/anonymity/44.png and /dev/null differ
diff --git a/opsec/anonymity/45.png b/opsec/anonymity/45.png
deleted file mode 100644
index 6a462d5..0000000
Binary files a/opsec/anonymity/45.png and /dev/null differ
diff --git a/opsec/anonymity/index.html b/opsec/anonymity/index.html
deleted file mode 100644
index f73db36..0000000
--- a/opsec/anonymity/index.html
+++ /dev/null
@@ -1,927 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
-    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
-
-    <title>Anonymity Management</title>
-
-    <!-- Bootstrap core CSS -->
-    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
-	<link href="../../assets/css/xt256.css" rel="stylesheet">
-    
-    
-
-    <!-- Custom styles for this template -->
-    <link href="../../assets/css/main.css" rel="stylesheet">
-
-    
-
-    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
-    <!--[if lt IE 9]>
-      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
-      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
-    <![endif]-->
-  </head>
-
-  <body>
-
-    <!-- Static navbar -->
-    <div class="navbar navbar-inverse-anon navbar-static-top">
-      <div class="container">
-        <div class="navbar-header">
-          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-          </button>
-          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
-        </div>
-        <div class="navbar-collapse collapse">
-          <ul class="nav navbar-nav navbar-right">
-
-            <li><a  href="/about.html">About</a></li>
-            <li><a  href="/blog.html">Categories</a></li>
-<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
-            <li><a  href="/contact.html">Contact</a></li>
-          </ul>
-        </div><!--/.nav-collapse -->
-        
-      </div>
-    </div>
-
-	<!-- +++++ Posts Lists +++++ -->
-	<!-- +++++ First Post +++++ -->
-	<div id="anon2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nothing@nowhere - 2023-10-12</ba></p>
-<h1>Anonymity Management  (DISCLAIMER: i need to redo that tutorial!)</h1>
-<p>In this tutorial we're going to take a look at how to manage your online Anonymity.</p>
-
-</br><b>DISCLAIMER: we're using only harddrives (HDDs) here, because using SSDs are not a secure way to have Plausible Deniability, that is due to hidden Volumes being detectable on devices that utilize wear-leveling</b>
-<pre><code class="nim">
-source: https://anonymousplanet.org/guide.html#understanding-hdd-vs-ssd
-
-regarding wear leveling:
-"Also as mentioned earlier, disabling Trim will reduce the lifetime of your SSD drive and will significantly impact its performance over time (your laptop will become slower and slower over several months of use until it becomes almost unusable, you will then have to clean the drive and re-install everything). But you must do it to prevent data leaks that could allow forensics to defeat your plausible deniability. The only way around this at the moment is to have a laptop with a classic HDD drive instead."
-
-</pre></code>
-
-<p>This tutorial is based on my previous explanation on <a href="../opsec/index.html">OPSEC</a> make sure that you take it into account before proceeding.</p>
-<img src="100.png" class="imgRz">
-<p>So, we basically want 3 ways to access websites. The first being while using tor, for complete anonymity, to do that we'll use whonix. The second is to do the same but to masquerade it with a non-KYC VPN which will also be acquired anonymously to be used only in the case of a website blocking tor exit nodes, and the last one is without any protection, for websites you cannot use without KYC.</p>
-<img src="101.png" class="imgRz">
-<p>As a safety measure for Anonymity, there will be a veracrypt hidden partition in use for plausible deniability.</p>
-<img src="102.png" class="imgRz">
-<p>To prepare the computer for those tasks, we will rely on opensource software to avoid any tracking, we'll remove logs from linux. </p>
-<p>And lastly, we're going to take a look at how to keep track of your accesses to the websites you access anonymously</p>
-
-          
-	       </div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /grey -->
-
-	<!-- +++++ Second Post +++++ -->
-	<div id="anon3">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Initial Setup </b></h2>
-<p>First let's make sure all logs get erased upon system shutdown as described in my previous tutorial on <a href="../antiforensics/index.html">host OS hardening</a> (by piping all logs to go to the /tmp/ folder):</p>
-
-<p>We also make sure that the script to remove logs also includes shutting down the VMs and closes the veracrypt volume just like the emergency shutdown script we detailed in <a href="../physicalsecurity/index.html">the previous tutorial on homeserver physical security</a>:</p>
-<pre><code class="nim">
-
-[ mainpc ] [ /dev/pts/2 ] [~/logremover]
-→ cat /etc/systemd/system/reboot_logremover.service
-[Unit]
-Description=Shutdown Anti forensics
-DefaultDependencies=no
-Before=shutdown.target reboot.target halt.target
-
-[Service]
-Type=oneshot
-ExecStart=/root/shutdown.sh
-TimeoutStartSec=0
-
-[Install]
-WantedBy=shutdown.target reboot.target halt.target
-
-[ mainpc ] [ /dev/pts/2 ] [~/logremover]
-→ cat shutdown.sh
-#!/bin/bash
-
-#remove VMs
-
-sudo virsh -c qemu:///system destroy Whonix-Gateway
-sudo virsh -c qemu:///system destroy Whonix-Workstation
-sudo virsh -c qemu:///system undefine Whonix-Gateway
-sudo virsh -c qemu:///system undefine Whonix-Workstation
-sudo virsh -c qemu:///system net-destroy Whonix-External
-sudo virsh -c qemu:///system net-destroy Whonix-Internal
-sudo virsh -c qemu:///system net-undefine Whonix-External
-sudo virsh -c qemu:///system net-undefine Whonix-External
-
-#then unmount veracrypt volumes
-
-sudo veracrypt -d  -f
-
-# then cleanup logs
-
-sudo rm -rf /dev/shm/*
-sudo rm -rf /var/log/*
-sudo dmesg -c
-
-</pre></code>
-<p>In the shutdown.sh script we also make sure that the VMs are removed, and that the veracrypt volumes are unmounted, before clearing up the logs.</p>
-
-<p>Next we're going to install libvirt as seen in our previous tutorial on host os hardening<a href="../antiforensics/index.html">here</a>:</p>
-<pre><code class="nim">
-sudo pacman -S libvirt qemu-full virt-manager dnsmasq bridge-utils
-	
-sudo systemctl enable --now libvirtd
-
-#####################vault.sh:#######################################
-#!/bin/bash
-echo "[+] MOUNTING VAULTS..."
-
-sudo cryptsetup luksOpen /dev/nvme1n1p1 VAULT
-sudo mkdir /run/media/nihilist/VAULT 2>/dev/null
-sudo mount /dev/mapper/VAULT /run/media/nihilist/VAULT
-
-echo "[+] VAULTS MOUNTED"
-###################################################################
-
-usermod -a -G libvirt nihilist
-usermod -a -G kvm nihilist
-
-[root@nowhere ~]# vim /etc/libvirt/libvirtd.conf 
-[root@nowhere ~]# cat /etc/libvirt/libvirtd.conf  | grep sock_group
-unix_sock_group = "libvirt"
-unix_sock_rw_perms = "0770"
-
-sudo chmod 770 -R VMs 
-sudo chown nihilist:libvirt -R VMs 
-
-cat /etc/libvirt/qemu.conf
-group = "libvirt"
-user = "nihilist"
-
-systemctl restart libvirtd.service
-
-virt-manager
-
-</code></pre>
-
-<p>Next step we create the veracrypt drives, so use the /dev/sdb harddrive for it:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/2 ] [~/Nextcloud/Obsidian]
-→ lsblk
-NAME          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
-sda             8:0    0   1.8T  0 disk
-└─sda1          8:1    0   1.8T  0 part
-<b>sdb             8:16   0 447.1G  0 disk</b>
-sdc             8:32   0   3.6T  0 disk
-└─VAULTBACKUP 253:1    0   3.6T  0 crypt /mnt/VAULTBACKUP
-zram0         254:0    0     4G  0 disk  [SWAP]
-nvme1n1       259:0    0   1.8T  0 disk
-└─nvme1n1p1   259:1    0   1.8T  0 part
-  └─VAULT     253:0    0   1.8T  0 crypt /mnt/VAULT
-nvme0n1       259:2    0 465.8G  0 disk
-├─nvme0n1p1   259:3    0   511M  0 part  /boot
-└─nvme0n1p2   259:4    0 465.3G  0 part  /
-	
-</code></pre>
-
-<p>Be aware that the 3 VMs we need to place in a veracrypt container all weigh 100GB each so <b>you need 300Gb for all 3 VMs</b>, so you need at least 2x300Gb to replicate the setup in the decoy partition, <b>so pick a 1.2TB harddrive instead</b>, with some additional space <b>so preferably a 1.8TB</b> one just to be safe, unlike as shown below (a 500gb disk which is not enough!)</p>
-<p>So let's now setup the hidden partition there:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/2 ] [~/Nextcloud/Obsidian]
-→ sudo pacman -S veracrypt
-	
-</code></pre>
-<img src="20.png" class="imgRz">
-<img src="21.png" class="imgRz">
-<img src="22.png" class="imgRz">
-<img src="23.png" class="imgRz">
-<img src="24.png" class="imgRz">
-<img src="25.png" class="imgRz">
-<img src="26.png" class="imgRz">
-<img src="27.png" class="imgRz">
-<img src="28.png" class="imgRz">
-<img src="29.png" class="imgRz">
-<img src="30.png" class="imgRz">
-<img src="31.png" class="imgRz">
-<img src="32.png" class="imgRz">
-<img src="33.png" class="imgRz">
-<img src="34.png" class="imgRz">
-<img src="35.png" class="imgRz">
-<img src="36.png" class="imgRz">
-<img src="37.png" class="imgRz">
-<img src="38.png" class="imgRz">
-<img src="39.png" class="imgRz">
-<img src="40.png" class="imgRz">
-<img src="41.png" class="imgRz">
-<img src="42.png" class="imgRz">
-<img src="43.png" class="imgRz">
-<img src="44.png" class="imgRz">
-<img src="45.png" class="imgRz">
-<p>Now that's done, let's setup the whonix and workstations templates, we will then copy them in the veracrypt harddrive afterward to edit them. So let's go <a href="https://www.whonix.org/wiki/KVM#Download_Whonix">here</a> to download whonix for QEMU:</p>
-
-<img src="1.png" class="imgRz">
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ mv ~/Downloads/Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz .
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ tar -xvf Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_BINARY_LICENSE_AGREEMENT
-WHONIX_DISCLAIMER
-Whonix-Gateway-Xfce-17.0.3.0.xml
-Whonix-Workstation-Xfce-17.0.3.0.xml
-Whonix_external_network-17.0.3.0.xml
-Whonix_internal_network-17.0.3.0.xml
-Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2
-Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ touch WHONIX_BINARY_LICENSE_AGREEMENT_accepted
-</pre></code>
-<p>Next we edit the XML files to have the working VMs, for which we will give 2GB of ram for the gateway, and 4GB of ram for the workstation while also specifying the path to their .qcow2 volumes:</p>
-<pre><code class="nim">
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml | grep GiB
-  <<b></b>memory dumpCore='off' unit='GiB'>4</memory>
-  <<b></b>currentMemory unit='GiB'>4</currentMemory>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/mnt/VAULT/ISOs/whonix/Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-
-
-
-
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml | grep GiB
-  <<b></b>memory dumpCore='off' unit='GiB'>2</memory>
-  <<b></b>currentMemory unit='GiB'>2</currentMemory>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/mnt/VAULT/ISOs/whonix/Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-</pre></code>
-<p>and now to make things easier let's put a refreshvms.sh script in there to remove and restart the VMs:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim refreshvms.sh
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat refreshvms.sh
-#!/bin/bash
-
-#remove VMs
-
-sudo virsh -c qemu:///system destroy Whonix-Gateway
-sudo virsh -c qemu:///system destroy Whonix-Workstation
-sudo virsh -c qemu:///system undefine Whonix-Gateway
-sudo virsh -c qemu:///system undefine Whonix-Workstation
-sudo virsh -c qemu:///system net-destroy Whonix-External
-sudo virsh -c qemu:///system net-destroy Whonix-Internal
-sudo virsh -c qemu:///system net-undefine Whonix-External
-sudo virsh -c qemu:///system net-undefine Whonix-External
-
-echo '[+] VMs removed, re-install them ? (ctrl+c to exit)'
-read
-
-#install VMs
-
-sudo virsh -c qemu:///system net-define Whonix_external*.xml
-sudo virsh -c qemu:///system net-define Whonix_internal*.xml
-sudo virsh -c qemu:///system net-autostart Whonix-External
-sudo virsh -c qemu:///system net-start Whonix-External
-sudo virsh -c qemu:///system net-autostart Whonix-Internal
-sudo virsh -c qemu:///system net-start Whonix-Internal
-sudo virsh -c qemu:///system define Whonix-Gateway*.xml
-sudo virsh -c qemu:///system define Whonix-Workstation*.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ chmod +x refreshvms.sh
-
-</pre></code>
-<p>then run it:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ./refreshvms.sh
-error: Failed to destroy domain 'Whonix-Gateway'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation'
-error: Requested operation is not valid: domain is not running
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-error: Failed to define network from Whonix_internal_network-17.0.3.0.xml
-error: operation failed: network 'Whonix-Internal' already exists with uuid 48298ccf-9352-4b21-b6c4-17ad13ad1d6d
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-
-</pre></code>
-<p>Then launch the VMs from virt-manager:</p>
-<img src="2.png" class="imgRz">
-<p>let's start with the Gateway:</p>
-<img src="3.png" class="imgRz">
-<img src="4.png" class="imgRz">
-<img src="5.png" class="imgRz">
-<img src="6.png" class="imgRz">
-<img src="9.png" class="imgRz">
-<p>Now that's done you can also finish the initial setup for the workstation:</p>
-<img src="7.png" class="imgRz">
-<img src="8.png" class="imgRz">
-<p>So from here you can use whonix regularly to browse with the tor browser, don't forget to disable javascript and to always keep the browser up to date like so:</p>
-<img src="10.png" class="imgRz">
-<p>As suggested above, we'll also upgrade the VMs, and to go further we'll install unattended upgrades (note whonix's default system credentials are <b>user:changeme</b>:</p>
-<pre><code class="nim">
-$ passwd
-$ sudo -i
-# apt update -y ; apt upgrade -y ; apt autoremove -y
-# apt install unattended-upgrades apt-listchanges -y
-# dpkg-reconfigure -plow unattended-upgrades 
-
-^ select yes there
-	
-</code></pre>
-<p>Next step is to have the second workstation which will be used as the vpn over tor setup later on so let's copy the .xml and .qcow2 after shutting down the existing workstation:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ls
-refreshvms.sh                             Whonix_external_network-17.0.3.0.xml            Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-WHONIX_BINARY_LICENSE_AGREEMENT           Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2  Whonix-Workstation-Xfce-17.0.3.0.xml
-WHONIX_BINARY_LICENSE_AGREEMENT_accepted  Whonix-Gateway-Xfce-17.0.3.0.xml                Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_DISCLAIMER                         Whonix_internal_network-17.0.3.0.xml	
-
- 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cp Whonix-Workstation-Xfce-17.0.3.0.xml Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cp Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2 Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-
-</code></pre>
-<p>Then edit the new xml file to match the new VM name:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ vim Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat Whonix-Workstation2-Xfce-17.0.3.0.xml | grep Workstation2
-  <<b></b>name>Whonix-Workstation2<</b>/name>
-      <<b></b>source file='/mnt/VAULT/ISOs/whonix/Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-	
-</code></pre>
-<p>Then we include it in the refreshVMs.sh script:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cat refreshvms.sh
-#!/bin/bash
-
-#remove VMs
-
-sudo virsh -c qemu:///system destroy Whonix-Gateway
-sudo virsh -c qemu:///system destroy Whonix-Workstation
-sudo virsh -c qemu:///system destroy Whonix-Workstation2
-
-sudo virsh -c qemu:///system undefine Whonix-Gateway
-sudo virsh -c qemu:///system undefine Whonix-Workstation
-sudo virsh -c qemu:///system undefine Whonix-Workstation2
-
-
-sudo virsh -c qemu:///system net-destroy Whonix-External
-sudo virsh -c qemu:///system net-destroy Whonix-Internal
-sudo virsh -c qemu:///system net-undefine Whonix-External
-sudo virsh -c qemu:///system net-undefine Whonix-Internal
-
-
-
-
-echo '[+] VMs removed, re-install them ? (ctrl+c to exit)'
-read
-
-#install VMs
-sudo virsh -c qemu:///system net-define Whonix_external*.xml
-sudo virsh -c qemu:///system net-define Whonix_internal*.xml
-
-
-sudo virsh -c qemu:///system net-autostart Whonix-External
-sudo virsh -c qemu:///system net-start Whonix-External
-
-sudo virsh -c qemu:///system net-autostart Whonix-Internal
-sudo virsh -c qemu:///system net-start Whonix-Internal
-
-sudo virsh -c qemu:///system define Whonix-Gateway*.xml
-sudo virsh -c qemu:///system define Whonix-Workstation2*.xml
-sudo virsh -c qemu:///system define Whonix-Workstation-*.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ./refreshvms.sh
-error: Failed to destroy domain 'Whonix-Gateway'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation2'
-error: Requested operation is not valid: domain is not running
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Domain 'Whonix-Workstation2' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-Network Whonix-Internal has been undefined
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-Network Whonix-Internal defined from Whonix_internal_network-17.0.3.0.xml
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation2' defined from Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-
-</code></pre>
-<p>Then edit the new workstation VM to have the 10.152.152.12 ip by default (since the other one has the 10.152.152.11 ip):</p>
-<img src="11.png" class="imgRz">
-<img src="12.png" class="imgRz">
-<p>Now that our VM templates are done, let's put them on our veracrypt harddrive:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ./refreshvms.sh
-[sudo] password for nothing:
-Domain 'Whonix-Gateway' destroyed
-
-Domain 'Whonix-Workstation' destroyed
-
-Domain 'Whonix-Workstation2' destroyed
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Domain 'Whonix-Workstation2' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-Network Whonix-Internal has been undefined
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-^C
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ ls
-refreshvms.sh                             Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2       Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-WHONIX_BINARY_LICENSE_AGREEMENT           Whonix-Gateway-Xfce-17.0.3.0.xml                     Whonix-Workstation-Xfce-17.0.3.0.xml
-WHONIX_BINARY_LICENSE_AGREEMENT_accepted  Whonix_internal_network-17.0.3.0.xml                 Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_DISCLAIMER                         Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-Whonix_external_network-17.0.3.0.xml      Whonix-Workstation2-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<img src="14.png" class="imgRz">
-<img src="15.png" class="imgRz">
-<p>Once mounted, let's copy them here and launch them: </p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
-→ cd /media/veracrypt1
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cp /mnt/VAULT/ISOs/whonix/* .
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ls -lash
-total 21G
-4.0K drwxr-xr-x 2 nothing nothing 4.0K Oct  8 13:35 .
-4.0K drwxr-xr-x 3 root    root    4.0K Oct  8 13:34 ..
-4.0K -rwxr-xr-x 1 nothing nothing 1.2K Oct  8 13:35 refreshvms.sh
- 40K -rw-r--r-- 1 nothing nothing  39K Oct  8 13:35 WHONIX_BINARY_LICENSE_AGREEMENT
-   0 -rw-r--r-- 1 nothing nothing    0 Oct  8 13:35 WHONIX_BINARY_LICENSE_AGREEMENT_accepted
-8.0K -rw-r--r-- 1 nothing nothing 4.1K Oct  8 13:35 WHONIX_DISCLAIMER
-4.0K -rw-r--r-- 1 nothing nothing  172 Oct  8 13:35 Whonix_external_network-17.0.3.0.xml
-5.2G -rw-r--r-- 1 nothing nothing 101G Oct  8 13:35 Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2
-4.0K -rw-r--r-- 1 nothing nothing 2.4K Oct  8 13:35 Whonix-Gateway-Xfce-17.0.3.0.xml
-4.0K -rw-r--r-- 1 nothing nothing   97 Oct  8 13:35 Whonix_internal_network-17.0.3.0.xml
-6.9G -rw-r--r-- 1 nothing nothing 101G Oct  8 13:35 Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-4.0K -rw-r--r-- 1 nothing nothing 2.3K Oct  8 13:35 Whonix-Workstation2-Xfce-17.0.3.0.xml
-7.0G -rw-r--r-- 1 nothing nothing 101G Oct  8 13:35 Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-4.0K -rw-r--r-- 1 nothing nothing 2.3K Oct  8 13:35 Whonix-Workstation-Xfce-17.0.3.0.xml
-1.3G -rw-r--r-- 1 nothing nothing 1.3G Oct  8 13:35 Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-
-</code></pre>
-<p>Now that's done, you need to edit each XML to make sure it has the correct path in it:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Gateway-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/media/veracrypt1/Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation2-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-	
-</code></pre>
-<p>Then you can use the VMs using the refreshvms.sh script:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ./refreshvms.sh
-[sudo] password for nothing:
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-Network Whonix-Internal defined from Whonix_internal_network-17.0.3.0.xml
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation2' defined from Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<p>Now with this if you are forced to give away the password for that harddrive, you can give them this decoy partition, and they'll find the whonix VMs you've copied there.</p>
-<p>So now dismount the veracrypt partition, to do that you need to first remove the VMs with the script, and then you need to EXIT the folder, otherwise it'll complain and tell you that the target drive is busy and can't be unmounted: </p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ./refreshvms.sh
-error: Failed to destroy domain 'Whonix-Gateway'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation'
-error: Requested operation is not valid: domain is not running
-
-error: Failed to destroy domain 'Whonix-Workstation2'
-error: Requested operation is not valid: domain is not running
-
-Domain 'Whonix-Gateway' has been undefined
-
-Domain 'Whonix-Workstation' has been undefined
-
-Domain 'Whonix-Workstation2' has been undefined
-
-Network Whonix-External destroyed
-
-Network Whonix-Internal destroyed
-
-Network Whonix-External has been undefined
-
-Network Whonix-Internal has been undefined
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-^C
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cd ..
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media]
-→
-</code></pre>
-<img src="46.png" class="imgRz">
-<p>Now that's done for the decoy partition, we do the same for the hidden partition:</p>
-<img src="47.png" class="imgRz">
-<img src="48.png" class="imgRz">
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media]
-→ cd veracrypt1
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cp /mnt/VAULT/ISOs/whonix/* .
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ls
-refreshvms.sh                             Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2       Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2
-WHONIX_BINARY_LICENSE_AGREEMENT           Whonix-Gateway-Xfce-17.0.3.0.xml                     Whonix-Workstation-Xfce-17.0.3.0.xml
-WHONIX_BINARY_LICENSE_AGREEMENT_accepted  Whonix_internal_network-17.0.3.0.xml                 Whonix-Xfce-17.0.3.0.Intel_AMD64.qcow2.libvirt.xz
-WHONIX_DISCLAIMER                         Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2
-Whonix_external_network-17.0.3.0.xml      Whonix-Workstation2-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<p>Then edit the paths again:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Gateway-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ vim Whonix-Workstation-Xfce-17.0.3.0.xml
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Gateway-Xfce-17.0.3.0.xml| grep source
-      <<b></b>source file='/media/veracrypt1/Whonix-Gateway-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation2-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation2-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ cat Whonix-Workstation-Xfce-17.0.3.0.xml | grep source
-      <<b></b>source file='/media/veracrypt1/whonix/Whonix-Workstation-Xfce-17.0.3.0.Intel_AMD64.qcow2'/>
-	
-</code></pre>
-<p>Then start the VMs:</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/23 ] [/media/veracrypt1]
-→ ./refreshvms.sh
-[sudo] password for nothing:
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get domain 'Whonix-Gateway'
-
-error: failed to get domain 'Whonix-Workstation'
-
-error: failed to get domain 'Whonix-Workstation2'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-error: failed to get network 'Whonix-External'
-error: Network not found: no network with matching name 'Whonix-External'
-
-error: failed to get network 'Whonix-Internal'
-error: Network not found: no network with matching name 'Whonix-Internal'
-
-[+] VMs removed, re-install them ? (ctrl+c to exit)
-
-Network Whonix-External defined from Whonix_external_network-17.0.3.0.xml
-
-Network Whonix-Internal defined from Whonix_internal_network-17.0.3.0.xml
-
-Network Whonix-External marked as autostarted
-
-Network Whonix-External started
-
-Network Whonix-Internal marked as autostarted
-
-Network Whonix-Internal started
-
-Domain 'Whonix-Gateway' defined from Whonix-Gateway-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation2' defined from Whonix-Workstation2-Xfce-17.0.3.0.xml
-
-Domain 'Whonix-Workstation' defined from Whonix-Workstation-Xfce-17.0.3.0.xml
-	
-</code></pre>
-<p>You need to keep in mind that currently we have not given out any information about ourselves, other than we've used Tor. We won't stop there, and in order to use a VPN anonymously, you need to acquire it through Tor, buy it with Monero, and force the VPN Connection itself through Tor. Cherry on top is that we're going to use a well-used VPN service, so we won't be the only user with that public VPN ip. But what matters is that we do not give any information about us to the VPN provider. If the VPN provider forces you to provide anything personal (if the vpn provider blocks tor connections, or forces you to buy it with something else than monero), then it would not truly be a non-KYC VPN provider, and thus it's against your privacy. That's the only way you can find out which ones are all just marketing.</p>
-<img src="104.png" class="imgRz">
-<p>Now that's done we can go find a vpn provider for the workstation2, let's try out the very praised mullvad vpn provider <a href="https://kycnot.me/service/mullvad">here</a>, Firstly because it's a non-KYC VPN provider (meaning you can acquire it and use it through Tor, and pay with Monero), also due to the fact that we won't be the only ones using that service, it means we won't need to change the VPN server when we want to have another identity online. On top of that, mullvad gives us the ability to connect to a random server of theirs, via openvpn via TCP on port 443, which is definitely neat because it mimicks web HTTPS traffic, and isn't blockable by tor exit node hosters (which is definitely a trend, most of them block ports that are suceptible to abuse, 443 https being the least likely of them): </p>
-<img src="49.png" class="imgRz">
-<img src="50.png" class="imgRz">
-<p>now to not loose your accesses , make sure to save credentials in a local keepass database on the VM.</p>
-<img src="51.png" class="imgRz">
-<img src="52.png" class="imgRz">
-<img src="53.png" class="imgRz">
-<p>Now let's add time to our account, and of course we will pay with <a href="https://iv.nowhere.moe/watch?v=YTTac2XjyFY">the only cryptocurrency that's used</a>:</p>
-<img src="54.png" class="imgRz">
-<img src="56.png" class="imgRz">
-<p>To get some monero you can buy it on localmonero.co, and make sure it arrives on your monero wallet inside the whonix VM, never trust centralised exchanges with your assets, always keep them locally.</p>
-<img src="55.png" class="imgRz">
-<p>Once it finishes installing, create your monero wallet:</p>
-<img src="57.png" class="imgRz">
-<p>Then say no to mining and use an onion-based monero daemon, like the one i'm hosting, you can find a full list of other ones <a href="https://monero.fail/">here</a>:</p>
-<img src="58.png" class="imgRz">
-<p>Wait for it to finish synchronizing, then get some monero from a vendor on localmonero.co (by giving them a wallet address you'd have created: </p>
-<img src="59.png" class="imgRz">
-<img src="60.png" class="imgRz">
-<p>Once you've paid, download the .ovpn file to connect via vpn:</p>
-<img src="61.png" class="imgRz">
-<p>Then unzip and let's now make sure the vpn goes through tor:</p>
-<img src="62.png" class="imgRz">
-<img src="63.png" class="imgRz">
-<p>To do that we need to make sure the VPN goes through the local SOCKS port 9050, and to mention the entry node which is the gateway 10.152.152.10:</p>
-<img src="66.png" class="imgRz">
-<p>before we launch it keep in mind this:</p>
-<img src="67.png" class="imgRz">
-<p>Then launch the VPN and you can then see that you no longer have a tor exit node IP:</p>
-<img src="68.png" class="imgRz">
-<img src="69.png" class="imgRz">
-<p>Now check your ip from Firefox, not the tor browser:</p>
-<img src="70.png" class="imgRz">
-<p>You can also check if there are any DNS leaks:</p>
-<img src="71.png" class="imgRz">
-<p>here we see the test revealed a dns ip leak, but upon checking (in shodan.io) we see that it's a tor exit IP address:</p>
-<img src="72.png" class="imgRz">
-<p>We can also check if there are any WebRTC leaks:</p>
-<img src="73.png" class="imgRz">
-<p>and there we see that there are no webRTC leaks either, so it's all good.</p>
-<p>To make sure the vpn is started automatically we can make it a systemd service:</p>
-<pre><code class="nim">
-root@workstation:~# cat /etc/systemd/system/vpn.service
-[Unit]
-Description=VPN
-After=network-online.target
-Wants=network-online.target
-
-[Install]
-WantedBy=multi-user.target
-
-[Service]
-Type=simple
-WorkingDirectory=/home/user/Desktop/mullvad_config_linux_nl_ams/
-ExecStart=/usr/sbin/openvpn /home/user/Desktop/mullvad_config_linux_nl_ams/mullvad_nl_ams.conf
-ExecStop=kill -9 $(pidof openvpn)
-Restart=always
-
-root@workstation:~# systemctl daemon-reload ; systemctl enable --now vpn.service ; systemctl restart vpn.service
-
-</pre></code>
-<img src="103.png" class="imgRz">
-<p>Now thanks to that, you can still browse websites anonymously in case if they block tor exit nodes.</p>
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-  <div id="anon2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-
-  <!-- +++++ Second Post +++++ -->
-	<div id="anon1">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Anonymity management</b></h2> </br> </br>
-<p>To implement Anonymity Management, simply ask yourselves the following questions:</p>
-<p>First question to answer is "Is the activity Sensitive, and will I need to be able to deny it's existence ?" If the answer is no, then we have the following questions:</p>
-<img src="105.png" class="imgRz">
-<p>If the website requires you to give it your home address like Amazon for example, you can forget trying to be anonymous because you'll anyway need to de-anonymize yourself with your actions, no matter how you accessed the website.</p>
-<p>If the website doesn't block tor exit nodes, browse it via the Whonix VMs. But if it does, then use the VPN through Tor setup to circumvent the blockage.</p>
-<p>And lastly, for all websites you browsed to anonymously, make sure you log it to have an global view of your online anonymity.</p>
-<img src="106.png" class="imgRz">
-<p>If your activities are sensitive enough that you need to be able to deny their existence, then we make use of veracrypt's plausible deniability features, and we open the whonix VMs from inside the hidden partition.</p>
-<p>And there the same questions apply, but you better remain anonymous while you conduct said sensitive activities.</p>
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-	<!-- +++++ Footer Section +++++ -->
-
-	<div id="anonb">
-		<div class="container">
-			<div class="row">
-				<div class="col-lg-4">
-					<h4>Nihilism</h4>
-          <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
-						
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>My Links</h4>
-					<p>
-
-						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
-
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>About nihilist</h4>
-					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
-				</div><!-- /col-lg-4 -->
-
-			</div>
-
-		</div>
-	</div>
-
-
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    
-  </body>
-</html>
diff --git a/opsec/anonymity/old.html b/opsec/anonymity/old.html
deleted file mode 100644
index 2c17c3f..0000000
--- a/opsec/anonymity/old.html
+++ /dev/null
@@ -1,309 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <meta http-equiv="X-UA-Compatible" content="IE=edge">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <meta name="description" content="">
-    <meta name="author" content="">
-    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
-
-    <title>anonymity Setup</title>
-
-    <!-- Bootstrap core CSS -->
-    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
-	<link href="../../assets/css/xt256.css" rel="stylesheet">
-    
-    
-
-    <!-- Custom styles for this template -->
-    <link href="../../assets/css/main.css" rel="stylesheet">
-
-    
-
-    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
-    <!--[if lt IE 9]>
-      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
-      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
-    <![endif]-->
-  </head>
-
-  <body>
-
-    <!-- Static navbar -->
-    <div class="navbar navbar-inverse-cis navbar-static-top">
-      <div class="container">
-        <div class="navbar-header">
-          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-            <span class="icon-bar"></span>
-          </button>
-          <a class="navbar-brand-cis" href="\index.html">The Nihilism Blog</a>
-        </div>
-        <div class="navbar-collapse collapse">
-          <ul class="nav navbar-nav navbar-right">
-
-            <li><a  href="/about.html">About</a></li>
-            <li><a  href="/blog.html">Categories</a></li>
-<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
-            <li><a  href="/contact.html">Contact</a></li>
-          </ul>
-        </div><!--/.nav-collapse -->
-        
-      </div>
-    </div>
-
-	<!-- +++++ Posts Lists +++++ -->
-	<!-- +++++ First Post +++++ -->
-	<div id="cis2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nothing@nowhere - 2023-09-24</ba></p>
-<h1>anonymity Setup </h1>
-<p>In this tutorial we're going to take a look at how to manage your online Anonymity.</p>
-<img src="0.png" class="imgRz">
-<p>We want 3 ways to access websites. The first being while using tor, for complete anonymity. The second is to do the same but to masquerade it with a non-KYC VPN which will also be acquired anonymously, and the last is without any protection.</p>
-<img src="1.png" class="imgRz">
-<p>As a preventive measure, we're going to separate each VMs using VLANs, so that there's a clear separation between any KYC VMs, and VMs used for anonymity. To do so there will be 3 separate VLANs, one being for Anonymity purposes, and the others for KYC use.
-For Anonymity, there will be a veracrypt hidden partition in use for plausible deniability.</p>
-<img src="2.png" class="imgRz">
-<p>To prepare the computer for those tasks, we will rely on opensource software to avoid any tracking, we'll remove logs from arch linux, and from pfsense. </p>
-<p>And lastly, we're going to take a look at how to keep track of your accesses to the websites you access anonymously</p>
-
-          
-	       </div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /grey -->
-
-	<!-- +++++ Second Post +++++ -->
-	<div id="cis3">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Initial Setup </b></h2>
-<p>First let's make sure all logs get erased upon system shutdown (by piping all logs to go to the /tmp/ folder):</p>
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ sudo rm -rf log
-[sudo] password for nothing:
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ sudo ln -s /tmp/ /var/log
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ ls -lash log
-0 lrwxrwxrwx 1 root root 5 Sep 24 18:43 log -> /tmp/
-	
-</code></pre>
-
-<p>Next we're going to install libvirti as seen <a href="../virtual/virtmanager.html">here</a>:</p>
-<pre><code class="nim">
-sudo pacman -S libvirt qemu virt-manager dnsmasq bridge-utils
-	
-sudo systemctl enable --now libvirtd
-
-virt-manager
-
-</code></pre>
-<p>Then create the 2 separate LANs for the VMs in virt-manager like so:</p>
-
-<img src="27.png" class="imgRz">
-<img src="28.png" class="imgRz">
-<p>Then you're going to need to create the pfsense VM, so first get the iso from the <a href="https://www.pfsense.org/download/">official website</a>:</p>
-<img src="8.png" class="imgRz">
-<pre><code class="nim">
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/var]
-→ cd /mnt/VAULT/ISOs
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/mnt/VAULT/ISOs]
-→ mv ~/Downloads/pfSense-CE-2.7.0-RELEASE-amd64.iso.gz .
-
-[ 10.99.99.9/24 ] [ /dev/pts/31 ] [/mnt/VAULT/ISOs]
-→ ls -lash | grep pfSense
-730M -rw-r--r--  1 nothing      nothing      730M Sep 24 19:16 pfSense-CE-2.7.0-RELEASE-amd64.iso
-	
-</code></pre>
-<p>Then create the VM:</p>
-<img src="7.png" class="imgRz">
-<img src="9.png" class="imgRz">
-<img src="10.png" class="imgRz">
-<img src="11.png" class="imgRz">
-<p>Before installing the VM we will setup the 3 network cards it will handle: The default WAN, and the 2 LANs </p>
-<img src="12.png" class="imgRz">
-<img src="13.png" class="imgRz">
-<img src="14.png" class="imgRz">
-<img src="15.png" class="imgRz">
-<p>Now let's start installing the pfsense VM:</p>
-<img src="16.png" class="imgRz">
-<img src="17.png" class="imgRz">
-<img src="18.png" class="imgRz">
-<img src="19.png" class="imgRz">
-<img src="20.png" class="imgRz">
-<img src="21.png" class="imgRz">
-<img src="22.png" class="imgRz">
-<p>And now that's done, next step is to make sure pfsense handles the 2 VLANs properly:</p>
-<img src="23.png" class="imgRz">
-<img src="24.png" class="imgRz">
-<img src="25.png" class="imgRz">
-<img src="26.png" class="imgRz">
-<p>Then we set the ip addresses of each interface, starting with the LAN-KYC VLAN:</p>
-<img src="29.png" class="imgRz">
-<img src="30.png" class="imgRz">
-<img src="31.png" class="imgRz">
-<img src="32.png" class="imgRz">
-<p>Then do the same for the LAN-ANON VLAN:</p>
-<img src="36.png" class="imgRz">
-<img src="37.png" class="imgRz">
-<img src="38.png" class="imgRz">
-<p>For this next step, we're going to put a VM in the KYC vlan to finish the pfsense router setup</p>
-<img src="39.png" class="imgRz">
-<img src="40.png" class="imgRz">
-<p>From there, it's a matter of setting up pfsense:</p>
-<img src="41.png" class="imgRz">
-<img src="42.png" class="imgRz">
-<img src="43.png" class="imgRz">
-<img src="44.png" class="imgRz">
-<img src="45.png" class="imgRz">
-<p>To change the pfsense theme to a dark theme, go in System > General Setup > webConfiguratior > Theme > set to pfsense-dark</p>
-<img src="46.png" class="imgRz">
-<p>As you've seen above, we've set 2 temporary public dns servers, so next we're going to setup 2 local TOR DNS servers, which will allow the VMs to resolve any domain anonymously. </p>
-<img src="47.png" class="imgRz">
-<p>Once done, we make sure that pfsense takes these 2 dns servers, and only uses them, will also setup firewall rules to deny any other dns traffic. </p>
-<img src="48.png" class="imgRz">
-<p>Here you can see it's working fine:</p>
-<img src="49.png" class="imgRz">
-<p>Then shutdown the VM, clone it and you'll have the 2 tor DNSes working.</p>
-<img src="50.png" class="imgRz">
-<p>Next just put them in the anon VLAN:</p>
-<img src="51.png" class="imgRz">
-<img src="52.png" class="imgRz">
-<p>Once in there, we make sure that they are DHCP reserved so their ip won't change over time:</p>
-<img src="53.png" class="imgRz">
-<img src="54.png" class="imgRz">
-<img src="55.png" class="imgRz">
-<p>Then do the same for the other tordns:</p>
-<img src="56.png" class="imgRz">
-<img src="57.png" class="imgRz">
-<p>Then from the firewall, we allow the whole subnet to communicate to tordns1 and 2, because they will also be the bridge nodes, and we allow the tordns 1 and 2 servers to connect anywhere with any protocol.
-That way, the only traffic that can escape from the anon subnet, will only be through these 2 servers, that will prevent any data leak from happening.</p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-  <div id="cis2">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Setup</b></h2> </br> </br>
-<p></p>
-<img src="" class="imgRz">
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<img src="" class="imgRz">
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<img src="" class="imgRz">
-<pre><code class="nim">
-	
-</code></pre>
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-
-  <!-- +++++ Second Post +++++ -->
-	<div id="cis1">
-	    <div class="container">
-			<div class="row">
-				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Setup</b></h2> </br> </br>
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-
-<p></p>
-<pre><code class="nim">
-	
-</code></pre>
-
-				</div>
-			</div><!-- /row -->
-	    </div> <!-- /container -->
-	</div><!-- /white -->
-
-	<!-- +++++ Footer Section +++++ -->
-
-	<div id="cisb">
-		<div class="container">
-			<div class="row">
-				<div class="col-lg-4">
-					<h4>Nihilism</h4>
-          <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
-						
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>My Links</h4>
-					<p>
-
-						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
-
-					</p>
-				</div><!-- /col-lg-4 -->
-
-				<div class="col-lg-4">
-					<h4>About nihilist</h4>
-					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
-				</div><!-- /col-lg-4 -->
-
-			</div>
-
-		</div>
-	</div>
-
-
-    <!-- Bootstrap core JavaScript
-    ================================================== -->
-    <!-- Placed at the end of the document so the pages load faster -->
-    
-  </body>
-</html>
diff --git a/opsec/anonymity/old/10.png b/opsec/anonymity/old/10.png
deleted file mode 100644
index 175578e..0000000
Binary files a/opsec/anonymity/old/10.png and /dev/null differ
diff --git a/opsec/anonymity/old/11.png b/opsec/anonymity/old/11.png
deleted file mode 100644
index 79ffa76..0000000
Binary files a/opsec/anonymity/old/11.png and /dev/null differ
diff --git a/opsec/anonymity/old/12.png b/opsec/anonymity/old/12.png
deleted file mode 100644
index 7a742c2..0000000
Binary files a/opsec/anonymity/old/12.png and /dev/null differ
diff --git a/opsec/anonymity/old/13.png b/opsec/anonymity/old/13.png
deleted file mode 100644
index 1963335..0000000
Binary files a/opsec/anonymity/old/13.png and /dev/null differ
diff --git a/opsec/anonymity/old/14.png b/opsec/anonymity/old/14.png
deleted file mode 100644
index 04648c7..0000000
Binary files a/opsec/anonymity/old/14.png and /dev/null differ
diff --git a/opsec/anonymity/old/15.png b/opsec/anonymity/old/15.png
deleted file mode 100644
index b21c44c..0000000
Binary files a/opsec/anonymity/old/15.png and /dev/null differ
diff --git a/opsec/anonymity/old/16.png b/opsec/anonymity/old/16.png
deleted file mode 100644
index e5a3970..0000000
Binary files a/opsec/anonymity/old/16.png and /dev/null differ
diff --git a/opsec/anonymity/old/17.png b/opsec/anonymity/old/17.png
deleted file mode 100644
index 45b3b4c..0000000
Binary files a/opsec/anonymity/old/17.png and /dev/null differ
diff --git a/opsec/anonymity/old/18.png b/opsec/anonymity/old/18.png
deleted file mode 100644
index 4016034..0000000
Binary files a/opsec/anonymity/old/18.png and /dev/null differ
diff --git a/opsec/anonymity/old/19.png b/opsec/anonymity/old/19.png
deleted file mode 100644
index 91cedf2..0000000
Binary files a/opsec/anonymity/old/19.png and /dev/null differ
diff --git a/opsec/anonymity/old/20.png b/opsec/anonymity/old/20.png
deleted file mode 100644
index d411970..0000000
Binary files a/opsec/anonymity/old/20.png and /dev/null differ
diff --git a/opsec/anonymity/old/21.png b/opsec/anonymity/old/21.png
deleted file mode 100644
index dac75ea..0000000
Binary files a/opsec/anonymity/old/21.png and /dev/null differ
diff --git a/opsec/anonymity/old/22.png b/opsec/anonymity/old/22.png
deleted file mode 100644
index 866ad5a..0000000
Binary files a/opsec/anonymity/old/22.png and /dev/null differ
diff --git a/opsec/anonymity/old/23.png b/opsec/anonymity/old/23.png
deleted file mode 100644
index b350210..0000000
Binary files a/opsec/anonymity/old/23.png and /dev/null differ
diff --git a/opsec/anonymity/old/24.png b/opsec/anonymity/old/24.png
deleted file mode 100644
index a03884a..0000000
Binary files a/opsec/anonymity/old/24.png and /dev/null differ
diff --git a/opsec/anonymity/old/25.png b/opsec/anonymity/old/25.png
deleted file mode 100644
index c5bba9b..0000000
Binary files a/opsec/anonymity/old/25.png and /dev/null differ
diff --git a/opsec/anonymity/old/26.png b/opsec/anonymity/old/26.png
deleted file mode 100644
index f49616e..0000000
Binary files a/opsec/anonymity/old/26.png and /dev/null differ
diff --git a/opsec/anonymity/old/27.png b/opsec/anonymity/old/27.png
deleted file mode 100644
index ba6a8f5..0000000
Binary files a/opsec/anonymity/old/27.png and /dev/null differ
diff --git a/opsec/anonymity/old/28.png b/opsec/anonymity/old/28.png
deleted file mode 100644
index a7020d9..0000000
Binary files a/opsec/anonymity/old/28.png and /dev/null differ
diff --git a/opsec/anonymity/old/29.png b/opsec/anonymity/old/29.png
deleted file mode 100644
index 007363b..0000000
Binary files a/opsec/anonymity/old/29.png and /dev/null differ
diff --git a/opsec/anonymity/old/3.png b/opsec/anonymity/old/3.png
deleted file mode 100644
index ebbeae8..0000000
Binary files a/opsec/anonymity/old/3.png and /dev/null differ
diff --git a/opsec/anonymity/old/30.png b/opsec/anonymity/old/30.png
deleted file mode 100644
index ce3c2e5..0000000
Binary files a/opsec/anonymity/old/30.png and /dev/null differ
diff --git a/opsec/anonymity/old/31.png b/opsec/anonymity/old/31.png
deleted file mode 100644
index 608430b..0000000
Binary files a/opsec/anonymity/old/31.png and /dev/null differ
diff --git a/opsec/anonymity/old/32.png b/opsec/anonymity/old/32.png
deleted file mode 100644
index 14b03c4..0000000
Binary files a/opsec/anonymity/old/32.png and /dev/null differ
diff --git a/opsec/anonymity/old/33.png b/opsec/anonymity/old/33.png
deleted file mode 100644
index 350cd59..0000000
Binary files a/opsec/anonymity/old/33.png and /dev/null differ
diff --git a/opsec/anonymity/old/34.png b/opsec/anonymity/old/34.png
deleted file mode 100644
index 3e604c4..0000000
Binary files a/opsec/anonymity/old/34.png and /dev/null differ
diff --git a/opsec/anonymity/old/35.png b/opsec/anonymity/old/35.png
deleted file mode 100644
index 9c41364..0000000
Binary files a/opsec/anonymity/old/35.png and /dev/null differ
diff --git a/opsec/anonymity/old/36.png b/opsec/anonymity/old/36.png
deleted file mode 100644
index b02e830..0000000
Binary files a/opsec/anonymity/old/36.png and /dev/null differ
diff --git a/opsec/anonymity/old/37.png b/opsec/anonymity/old/37.png
deleted file mode 100644
index 0f9c045..0000000
Binary files a/opsec/anonymity/old/37.png and /dev/null differ
diff --git a/opsec/anonymity/old/38.png b/opsec/anonymity/old/38.png
deleted file mode 100644
index 946b210..0000000
Binary files a/opsec/anonymity/old/38.png and /dev/null differ
diff --git a/opsec/anonymity/old/39.png b/opsec/anonymity/old/39.png
deleted file mode 100644
index dc0972b..0000000
Binary files a/opsec/anonymity/old/39.png and /dev/null differ
diff --git a/opsec/anonymity/old/4.png b/opsec/anonymity/old/4.png
deleted file mode 100644
index 5953921..0000000
Binary files a/opsec/anonymity/old/4.png and /dev/null differ
diff --git a/opsec/anonymity/old/40.png b/opsec/anonymity/old/40.png
deleted file mode 100644
index d00dcef..0000000
Binary files a/opsec/anonymity/old/40.png and /dev/null differ
diff --git a/opsec/anonymity/old/41.png b/opsec/anonymity/old/41.png
deleted file mode 100644
index 5340a17..0000000
Binary files a/opsec/anonymity/old/41.png and /dev/null differ
diff --git a/opsec/anonymity/old/42.png b/opsec/anonymity/old/42.png
deleted file mode 100644
index ad84fd8..0000000
Binary files a/opsec/anonymity/old/42.png and /dev/null differ
diff --git a/opsec/anonymity/old/43.png b/opsec/anonymity/old/43.png
deleted file mode 100644
index bc28fb6..0000000
Binary files a/opsec/anonymity/old/43.png and /dev/null differ
diff --git a/opsec/anonymity/old/44.png b/opsec/anonymity/old/44.png
deleted file mode 100644
index 8b5fade..0000000
Binary files a/opsec/anonymity/old/44.png and /dev/null differ
diff --git a/opsec/anonymity/old/45.png b/opsec/anonymity/old/45.png
deleted file mode 100644
index 05d2d5c..0000000
Binary files a/opsec/anonymity/old/45.png and /dev/null differ
diff --git a/opsec/anonymity/old/46.png b/opsec/anonymity/old/46.png
deleted file mode 100644
index bec0028..0000000
Binary files a/opsec/anonymity/old/46.png and /dev/null differ
diff --git a/opsec/anonymity/old/47.png b/opsec/anonymity/old/47.png
deleted file mode 100644
index 07e2756..0000000
Binary files a/opsec/anonymity/old/47.png and /dev/null differ
diff --git a/opsec/anonymity/old/48.png b/opsec/anonymity/old/48.png
deleted file mode 100644
index 5b913f9..0000000
Binary files a/opsec/anonymity/old/48.png and /dev/null differ
diff --git a/opsec/anonymity/old/49.png b/opsec/anonymity/old/49.png
deleted file mode 100644
index a603176..0000000
Binary files a/opsec/anonymity/old/49.png and /dev/null differ
diff --git a/opsec/anonymity/old/5.png b/opsec/anonymity/old/5.png
deleted file mode 100644
index 50447f1..0000000
Binary files a/opsec/anonymity/old/5.png and /dev/null differ
diff --git a/opsec/anonymity/old/50.png b/opsec/anonymity/old/50.png
deleted file mode 100644
index ed8bb23..0000000
Binary files a/opsec/anonymity/old/50.png and /dev/null differ
diff --git a/opsec/anonymity/old/51.png b/opsec/anonymity/old/51.png
deleted file mode 100644
index a3ccf35..0000000
Binary files a/opsec/anonymity/old/51.png and /dev/null differ
diff --git a/opsec/anonymity/old/52.png b/opsec/anonymity/old/52.png
deleted file mode 100644
index 1b44848..0000000
Binary files a/opsec/anonymity/old/52.png and /dev/null differ
diff --git a/opsec/anonymity/old/53.png b/opsec/anonymity/old/53.png
deleted file mode 100644
index 9b3988b..0000000
Binary files a/opsec/anonymity/old/53.png and /dev/null differ
diff --git a/opsec/anonymity/old/54.png b/opsec/anonymity/old/54.png
deleted file mode 100644
index 5be8a52..0000000
Binary files a/opsec/anonymity/old/54.png and /dev/null differ
diff --git a/opsec/anonymity/old/55.png b/opsec/anonymity/old/55.png
deleted file mode 100644
index ac98c7d..0000000
Binary files a/opsec/anonymity/old/55.png and /dev/null differ
diff --git a/opsec/anonymity/old/56.png b/opsec/anonymity/old/56.png
deleted file mode 100644
index c5b6740..0000000
Binary files a/opsec/anonymity/old/56.png and /dev/null differ
diff --git a/opsec/anonymity/old/57.png b/opsec/anonymity/old/57.png
deleted file mode 100644
index 3969f97..0000000
Binary files a/opsec/anonymity/old/57.png and /dev/null differ
diff --git a/opsec/anonymity/old/6.png b/opsec/anonymity/old/6.png
deleted file mode 100644
index ffb449e..0000000
Binary files a/opsec/anonymity/old/6.png and /dev/null differ
diff --git a/opsec/anonymity/old/7.png b/opsec/anonymity/old/7.png
deleted file mode 100644
index 8e4c87f..0000000
Binary files a/opsec/anonymity/old/7.png and /dev/null differ
diff --git a/opsec/anonymity/old/8.png b/opsec/anonymity/old/8.png
deleted file mode 100644
index 70927c7..0000000
Binary files a/opsec/anonymity/old/8.png and /dev/null differ
diff --git a/opsec/anonymity/old/9.png b/opsec/anonymity/old/9.png
deleted file mode 100644
index 42fa57e..0000000
Binary files a/opsec/anonymity/old/9.png and /dev/null differ
diff --git a/opsec/anonymityexplained/3.png b/opsec/anonymityexplained/3.png
new file mode 100644
index 0000000..365f94e
Binary files /dev/null and b/opsec/anonymityexplained/3.png differ
diff --git a/opsec/anonymityexplained/4.png b/opsec/anonymityexplained/4.png
new file mode 100644
index 0000000..ce6cc02
Binary files /dev/null and b/opsec/anonymityexplained/4.png differ
diff --git a/opsec/anonymityexplained/5.png b/opsec/anonymityexplained/5.png
new file mode 100644
index 0000000..f14006a
Binary files /dev/null and b/opsec/anonymityexplained/5.png differ
diff --git a/opsec/anonymityexplained/6.png b/opsec/anonymityexplained/6.png
new file mode 100644
index 0000000..92e9251
Binary files /dev/null and b/opsec/anonymityexplained/6.png differ
diff --git a/opsec/anonymityexplained/7.png b/opsec/anonymityexplained/7.png
new file mode 100644
index 0000000..c4a9db8
Binary files /dev/null and b/opsec/anonymityexplained/7.png differ
diff --git a/opsec/anonymityexplained/index.html b/opsec/anonymityexplained/index.html
index 4a1356f..4a4990e 100644
--- a/opsec/anonymityexplained/index.html
+++ b/opsec/anonymityexplained/index.html
@@ -89,7 +89,39 @@
 	    </div> <!-- /container -->
 	</div><!-- /white -->
 
-  <div id="anon2">
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Anonymous Amongst Who ? What are the odds ?</b></h2> </br> </br>
+<p><b>The strength of your Anonymity is measured by the odds of finding you amongst a group of people.</b></p>
+<p><img src="../logos/on0.png"> - Anonymity</p>
+<p>let's say your Anonymity is Perfect and you are simply <b>"one human being in the world"</b>, the adversary currently has a chance of <b>1 out of 8 billion</b> to guess that it is you. He'd do better to try and play the lottery than to try and guess that it's you.</p>
+<img src="3.png" class="imgRz">
+<p>Now let's say the adversary knows that you live in France what are the odds now ?</p>
+<img src="4.png" class="imgRz">
+<p><b>If the adversary knows you live in France</b>, the odds have been significantly reduced from 1 out of 8 billion to <b>1 out of 65 million</b>, but still that's not enough to accurately pinpoint you, the probability of the adversary figuring out who you are is still very low.</p>
+<p><img src="../logos/on1.png"> - Pseudonymity</p>
+<p>But now let's say that the adversary knows more than that, let's suppose that <b>the adversary knows that you have a masters in cybersecurity, and that you work a general IT job in France, for a software company.</b> Now the odds have shrinked further, especially if the adversary is able to combine multiple sources of data to try and profile you.</p>
+<img src="5.png" class="imgRz">
+
+<p>Let's say you are trying to chat on <a href="../anonsimplex/index.html">SimpleX</a> while the adversary is in the chat with you, and he sees that you have a <a href="https://www.youtube.com/watch?v=S03T47hapAc">gorillaz profile picture</a>, call yourself Nihilist, and talk about Opsec all the time. If the adversary is good at profiling you over time, he could have already shrinked down the odds to <b>1 out of 10 thousand</b> people. Here we're talking about a drastically reduced anonymity, <b>which we can consider to be pseudonymity.</b> but that is still not enough to know who you are IRL.</p>
+<p><img src="../logos/on2.png"> - Onymity</p>
+<p>But you need to be aware that even the tiniest opsec mistake can reduce the odds of your anonymity to <b>1 out of 1</b>, where you are effectively deanonymized. For instance let's say you are in this <a href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FWdXMbz3Yq9baXgQVKy2EppUm0NCcYluM%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAtVlfehjn5VhPIhDI_ses2kw3itcjMpLMvLlUFejMNlU%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22gUgzlCwi97y1rHaezDZcLg%3D%3D%22%7D">SimpleX chatroom </a>, and let's say you are sending a picture of your own <a href="https://monerosupplies.com/product/monerochan-plush/">limited edition MoneroChan fumo plushie</a>:</p>
+<img src="6.png" class="imgRz">
+<p>Now the thing is, <b>there are only 100 of those plushies</b> out there, if the adversary is the seller of those monerochan plushies, your anonymity odds has been reduced to <b>1 out of 100</b>, that's because he knows to whom he sent those 100 plushies, meaning he now only has a group of 100 people to guess who you are from.  But upon closer exception it is worse than you may think:</p>
+<img src="7.png" class="imgRz">
+<p>If you look closer at the image the "Certificate of authenticity" says that <b>it is the 41st plushie amongst the 100 that exist</b>. Therefore if the adversary is the plushie seller, <b>your anonymity odds have been reduced 1 out of 1 as he knows to whom he sent the 41st plushie.</b> Meaning that you just deanonymized yourself for that particular adversary. </p>
+<p>You get the idea, if you want to remain Anonymous, you need to always ask yourself <b>"how many people could send that?"</b>, <u>if you were to send that picture i sent above, you'd realize that this is a bad idea</u>. The same concept applies as if you were to say what is your real IRL name, your phone number, your home address, your home public IP address, etc. <b>Do not give bullets to an adversary, as he will use everything you give him to shoot you.</b></p>
+<p>The least info you send about yourself, what you like, what you dislike, where you live, where you work, what's your past, the better, as otherwise it will be exponentially easier for an adversary to narrow down the possibilities of who you could be, amongst a given group of people.</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon1">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
@@ -144,7 +176,7 @@ All of it because the government intends to destroy Bob's right to remain Anonym
 
 
   <!-- +++++ Second Post +++++ -->
-	<div id="anon1">
+	<div id="anon2">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
@@ -179,7 +211,7 @@ All of it because the government intends to destroy Bob's right to remain Anonym
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonymousremoteserver/index.html b/opsec/anonymousremoteserver/index.html
index 9e397f6..276ef97 100644
--- a/opsec/anonymousremoteserver/index.html
+++ b/opsec/anonymousremoteserver/index.html
@@ -200,7 +200,7 @@ root@cockbox:~# apt update -y ; apt upgrade -y ; apt autoremove -y
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/anonzulucrypt/index.html b/opsec/anonzulucrypt/index.html
index e1b5df1..d6cb3b6 100644
--- a/opsec/anonzulucrypt/index.html
+++ b/opsec/anonzulucrypt/index.html
@@ -165,7 +165,7 @@ vlc night_of_the_living_dead_512kb.mp4
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/aps/index.html b/opsec/aps/index.html
index 39b298e..673662d 100644
--- a/opsec/aps/index.html
+++ b/opsec/aps/index.html
@@ -178,7 +178,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/chainalysisattempts/index.html b/opsec/chainalysisattempts/index.html
index ef9a211..1bf1d42 100644
--- a/opsec/chainalysisattempts/index.html
+++ b/opsec/chainalysisattempts/index.html
@@ -142,7 +142,7 @@ Coinomi
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/closedsource/index.html b/opsec/closedsource/index.html
index 43479f1..378a67d 100644
--- a/opsec/closedsource/index.html
+++ b/opsec/closedsource/index.html
@@ -149,7 +149,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/compilation/index.html b/opsec/compilation/index.html
index e787f08..35b19bc 100644
--- a/opsec/compilation/index.html
+++ b/opsec/compilation/index.html
@@ -288,7 +288,7 @@ c30634c84161f09e8dde74c76367b1ce848414bb1cc269c2a2715f6803220738  Flameshot-12.1
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/contribute/index.html b/opsec/contribute/index.html
index 1e8ae7d..a70d16c 100644
--- a/opsec/contribute/index.html
+++ b/opsec/contribute/index.html
@@ -444,7 +444,7 @@ nginx: configuration file /etc/nginx/nginx.conf test is successful
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/encryption/1.png b/opsec/deniability/1.png
similarity index 100%
rename from opsec/encryption/1.png
rename to opsec/deniability/1.png
diff --git a/opsec/encryption/2.png b/opsec/deniability/2.png
similarity index 100%
rename from opsec/encryption/2.png
rename to opsec/deniability/2.png
diff --git a/opsec/encryption/3.png b/opsec/deniability/3.png
similarity index 100%
rename from opsec/encryption/3.png
rename to opsec/deniability/3.png
diff --git a/opsec/encryption/4.png b/opsec/deniability/4.png
similarity index 100%
rename from opsec/encryption/4.png
rename to opsec/deniability/4.png
diff --git a/opsec/encryption/5.png b/opsec/deniability/5.png
similarity index 100%
rename from opsec/encryption/5.png
rename to opsec/deniability/5.png
diff --git a/opsec/encryption/6.png b/opsec/deniability/6.png
similarity index 100%
rename from opsec/encryption/6.png
rename to opsec/deniability/6.png
diff --git a/opsec/deniability/7.png b/opsec/deniability/7.png
new file mode 100644
index 0000000..e784816
Binary files /dev/null and b/opsec/deniability/7.png differ
diff --git a/opsec/encryption/index.html b/opsec/deniability/index.html
similarity index 71%
rename from opsec/encryption/index.html
rename to opsec/deniability/index.html
index a6e31a9..4ebb27c 100644
--- a/opsec/encryption/index.html
+++ b/opsec/deniability/index.html
@@ -104,6 +104,8 @@ The door is closed, the conversation remains between Alice and Bob, their conver
 <li><p>in January 2012 (<a href="https://www.wired.com/2012/01/judge-orders-laptop-decryption/">source</a>)</p></li>
 <li><p>in Febuary 2009 (<a href="https://www.cnet.com/tech/tech-industry/judge-orders-defendant-to-decrypt-pgp-protected-laptop/">source</a>)</p></li>
 </ol>
+<p>Now here there are multiple scenarios. Either you live in a country that doesn't respect human rights, and they torture you until you spit out the password, or the country you live in has to respect human rights, they throw you in jail for let's say 6 months, for contempt of court (arguing that you swore to tell the truth, and you lied about having forgotten your password), <b>which is also an attempt to break your will, to make you spit out the password.</b> the only problem is that they can't legally torture you any other way, so they have no other option than to do it like that.</p>
+<p>If you are ever dragged into court, <b>the judge will appreciate much more if you actually hand over your laptop, and show that you are willing to cooperate with the authorities by providing your password to unlock it</b>, rather than starting to pretend you forgot your password (which can end badly like in <a href="https://lawblog.legalmatch.com/2018/07/23/florida-man-jailed-allegedly-forgetting-password-on-cell-phones/">this court case</a>, where the defendant was found to be in contempt of court, and thrown in jail for 6 months for it), </p>
 <p>When that is the case, simply encrypting the disk is not enough, as <b>all that is required is for the adversary to know of the existance of the encrypted drive, to be able to force Bob to open it</b></p>
 <img src="6.png" class="imgRz">
 <p>As far as key encryption laws, the trend is that most developed countries are forcing their citizens to incriminate themselves and to surrender the encryption keys to authorities, when asked. In short,<b>If the encrypted volume is proven to exist, you can be forced to surrender the decryption key/password to open it.</b></p>
@@ -119,7 +121,7 @@ The door is closed, the conversation remains between Alice and Bob, their conver
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Why is Plausible Deniability is Vital?</b></h2> </br> </br>
+          <h2><b>Why is Deniable Encryption Vital?</b></h2> </br> </br>
 <p>From a legal standpoint, the only way to be protected against that scenario where you're forced to decrypt your harddrive <b>is to be able to deny the existence of said encrypted volume (Plausible Deniability)</b> . If the encrypted volume does not exist, there is no password to be given for it.</p>
 <p>So here we need a technology that can provide us Plausible Deniability. <b>That is what Veracrypt can do for us</b>.</p>
 <img src="5.png" class="imgRz">
@@ -132,6 +134,24 @@ The door is closed, the conversation remains between Alice and Bob, their conver
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Live mode - Protecting your Deniability</b></h2> </br> </br>
+<p>Now when there is an adversary busting down your door, running towards your computer to collect as much incriminating evidence as possible on you, you need to make sure that they are not finding anything incriminating on you. Thing is, if he were to seize your computer, there are many places he can check inside your computer for anything incriminating (system logs, kernel logs, non-standard log-files, the contents of the RAM, etc)</p>
+<p>In the context of you using <a href="../veracrypt/index.html">deniable encryption</a>, <b>the adversary must not able to prove the existance of said encrypted volume</b> that you are trying to keep hidden. This is where using an operating system in live mode comes in the picture:</p>
+<img src="7.png" class="imgRz">
+<p>To make it short, if you start your operating system in live mode, <b>you are not writing anything on the system disk</b>, but rather <b>you are loading the entire operating system in the RAM</b>. Everthing that you write on the system drive while in live mode gets erased upon rebooting. </p>
+<p>The idea behind using live mode is that <b>every forensic trace regarding the hidden encrypted volume</b> that would normally be written into the system logs, kernel logs, and various other system files <b>(that we would normally need to manually clean up after closing the hidden volume)</b> will all be written into RAM instead of being written onto Disk, and then <b>will all be completely erased upon rebooting the computer.</b> </p>
+<p>As you'll see in <a href="../tailsqemuvm/index.html">this tutorial</a>, we can make use of a VM's live mode to securely erase every trace of sensitive activity.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
 
 	<!-- +++++ Footer Section +++++ -->
 
@@ -141,7 +161,7 @@ The door is closed, the conversation remains between Alice and Bob, their conver
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/dns/index.html b/opsec/dns/index.html
index b5d0aee..975b7b2 100644
--- a/opsec/dns/index.html
+++ b/opsec/dns/index.html
@@ -1132,7 +1132,7 @@ echo "Execution end"
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/endgame/index.html b/opsec/endgame/index.html
index 12edc8d..16d4be0 100644
--- a/opsec/endgame/index.html
+++ b/opsec/endgame/index.html
@@ -970,7 +970,7 @@ root@endgame1:~# shutdown now
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/failover-wan/index.html b/opsec/failover-wan/index.html
index 59bfb90..e260e26 100644
--- a/opsec/failover-wan/index.html
+++ b/opsec/failover-wan/index.html
@@ -134,7 +134,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/failovers/index.html b/opsec/failovers/index.html
index 2be5aaf..33ae030 100644
--- a/opsec/failovers/index.html
+++ b/opsec/failovers/index.html
@@ -356,7 +356,7 @@ To activate the new configuration, you need to run:
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/finances/index.html b/opsec/finances/index.html
index a81f465..c205585 100644
--- a/opsec/finances/index.html
+++ b/opsec/finances/index.html
@@ -150,7 +150,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/gitea-anon/0.png b/opsec/gitea-anon/0.png
new file mode 100644
index 0000000..93626d7
Binary files /dev/null and b/opsec/gitea-anon/0.png differ
diff --git a/opsec/gitea-anon/1.png b/opsec/gitea-anon/1.png
new file mode 100644
index 0000000..275688e
Binary files /dev/null and b/opsec/gitea-anon/1.png differ
diff --git a/opsec/gitea-anon/10.png b/opsec/gitea-anon/10.png
new file mode 100644
index 0000000..477b33d
Binary files /dev/null and b/opsec/gitea-anon/10.png differ
diff --git a/opsec/gitea-anon/11.png b/opsec/gitea-anon/11.png
new file mode 100644
index 0000000..e03c5c7
Binary files /dev/null and b/opsec/gitea-anon/11.png differ
diff --git a/opsec/gitea-anon/12.png b/opsec/gitea-anon/12.png
new file mode 100644
index 0000000..cd42e34
Binary files /dev/null and b/opsec/gitea-anon/12.png differ
diff --git a/opsec/gitea-anon/13.png b/opsec/gitea-anon/13.png
new file mode 100644
index 0000000..c0ee582
Binary files /dev/null and b/opsec/gitea-anon/13.png differ
diff --git a/opsec/gitea-anon/14.png b/opsec/gitea-anon/14.png
new file mode 100644
index 0000000..85d8946
Binary files /dev/null and b/opsec/gitea-anon/14.png differ
diff --git a/opsec/gitea-anon/15.png b/opsec/gitea-anon/15.png
new file mode 100644
index 0000000..9a1e074
Binary files /dev/null and b/opsec/gitea-anon/15.png differ
diff --git a/opsec/gitea-anon/16.png b/opsec/gitea-anon/16.png
new file mode 100644
index 0000000..7539102
Binary files /dev/null and b/opsec/gitea-anon/16.png differ
diff --git a/opsec/gitea-anon/17.png b/opsec/gitea-anon/17.png
new file mode 100644
index 0000000..eec827b
Binary files /dev/null and b/opsec/gitea-anon/17.png differ
diff --git a/opsec/gitea-anon/18.png b/opsec/gitea-anon/18.png
new file mode 100644
index 0000000..b62acd5
Binary files /dev/null and b/opsec/gitea-anon/18.png differ
diff --git a/opsec/gitea-anon/19.png b/opsec/gitea-anon/19.png
new file mode 100644
index 0000000..c602363
Binary files /dev/null and b/opsec/gitea-anon/19.png differ
diff --git a/opsec/gitea-anon/2.png b/opsec/gitea-anon/2.png
new file mode 100644
index 0000000..f6aa132
Binary files /dev/null and b/opsec/gitea-anon/2.png differ
diff --git a/opsec/gitea-anon/20.png b/opsec/gitea-anon/20.png
new file mode 100644
index 0000000..51b0d12
Binary files /dev/null and b/opsec/gitea-anon/20.png differ
diff --git a/opsec/gitea-anon/21.png b/opsec/gitea-anon/21.png
new file mode 100644
index 0000000..500cbda
Binary files /dev/null and b/opsec/gitea-anon/21.png differ
diff --git a/opsec/gitea-anon/22.png b/opsec/gitea-anon/22.png
new file mode 100644
index 0000000..5618e29
Binary files /dev/null and b/opsec/gitea-anon/22.png differ
diff --git a/opsec/gitea-anon/23.png b/opsec/gitea-anon/23.png
new file mode 100644
index 0000000..9a550f6
Binary files /dev/null and b/opsec/gitea-anon/23.png differ
diff --git a/opsec/gitea-anon/3.png b/opsec/gitea-anon/3.png
new file mode 100644
index 0000000..d314b23
Binary files /dev/null and b/opsec/gitea-anon/3.png differ
diff --git a/opsec/gitea-anon/4.png b/opsec/gitea-anon/4.png
new file mode 100644
index 0000000..483f153
Binary files /dev/null and b/opsec/gitea-anon/4.png differ
diff --git a/opsec/gitea-anon/5.png b/opsec/gitea-anon/5.png
new file mode 100644
index 0000000..dcdf8f9
Binary files /dev/null and b/opsec/gitea-anon/5.png differ
diff --git a/opsec/gitea-anon/6.png b/opsec/gitea-anon/6.png
new file mode 100644
index 0000000..cde2031
Binary files /dev/null and b/opsec/gitea-anon/6.png differ
diff --git a/opsec/gitea-anon/7.png b/opsec/gitea-anon/7.png
new file mode 100644
index 0000000..fa0670f
Binary files /dev/null and b/opsec/gitea-anon/7.png differ
diff --git a/opsec/gitea-anon/8.png b/opsec/gitea-anon/8.png
new file mode 100644
index 0000000..9c2e46c
Binary files /dev/null and b/opsec/gitea-anon/8.png differ
diff --git a/opsec/gitea-anon/9.png b/opsec/gitea-anon/9.png
new file mode 100644
index 0000000..63ce89b
Binary files /dev/null and b/opsec/gitea-anon/9.png differ
diff --git a/opsec/gitea-anon/index.html b/opsec/gitea-anon/index.html
new file mode 100644
index 0000000..3edab37
--- /dev/null
+++ b/opsec/gitea-anon/index.html
@@ -0,0 +1,578 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>Gitea .onion Setup (Anonymous Code Repositories and Collaboration)</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-11-23</ba></p>
+<h1>Gitea .onion Setup (Anonymous Code Repositories and Collaboration) </h1>
+<img src="0.png" class="imgRz">
+<p>In this tutorial we're going to take a look at how you can setup an anonymous gitea instance that is accessible over Tor, in order to be able to collaborate with people on projects, while maintaining everyone's anonymity. </p>
+
+<p><u>Disclaimer:</u> If you are a developer working on projects that aim to reduce governmental control, such as working on privacy-cryptocurrency projects (ie Monero, Haveno, Crypto Mixers, etc), <b>take some time to consider stopping maintaing/contributing to those projects under your public identity</b>, and rather shift to maintaining those projects under an anonymous identity (which is the aim of the following Gitea setup). </p>
+<p><b>You never know when your tyrannical government is going to snap and decide to make an example out of you, just like what happened to <a href="https://www.coindesk.com/policy/2024/05/14/tornado-cash-developer-alexey-pertsev-found-guilty-of-money-laundering/">Tornado Cash</a></b>. It is a matter of <a href="../internetsegmentation/index.html">adapting your OPSEC to the intended internet use</a>. Don't paint a target on your back and give any ammunition to the adversary, because they're going to shoot you with everything you give them (your IRL name, what you contributed on the project, taking things you said out of context, etc). <b>Tyrants don't care, even if it they have to step on your freedom of speech</b> (as that's what developing code is) to keep their control over the masses, they will do anything to keep their control intact.</p>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Why is this relevant ?</b></h2>
+<p>First of all, Git is a distributed version control system that tracks versions of files. It is often used to control source code by programmers who are developing software collaboratively. It is especially popular in the FOSS community as it allows anyone to contribute to projects.</p>
+<p>The place where you can find the most repositories online is <a href="https://github.com/trending">Github</a>, but the problem is that Github has been purchased by Microsoft.</p>
+<img src="2.png" class="imgRz">
+<p>Now the problem with trusting a business to host your code repositories that reduces governmental control (such as <a href="https://decrypt.co/107053/it-doesnt-change-anything-says-tornado-cash-code-disappears-github">Tornado Cash</a>) is that those governments can use any company (such as Microsoft in particular) to do their bidding, <b>such as infringing on your freedom of speech, censoring you and deleting your work from the platform.</b></p>
+<p>The source code for crypto transaction mixer Tornado Cash has disappeared from Github <b>barely 24 hours after the US Treasury Department added the privacy tool to its sanctions list.</b> Highlighting how Microsoft is a proxy that the US Government uses (more often than you think) to persecute anyone they don't like. </p>
+<img src="1.png" class="imgRz">
+<p> <b>That is why Github should not be relied on to host any code repository that threaten governmental control</b>, we need an alternative that we can host ourselves, to break free from that governmental control. Which is where Gitea comes in the picture.</p>
+<p>Gitea is a painless, self-hosted, all-in-one software development service. It includes Git hosting, code review, team collaboration, package registry, and CI/CD. It is similar to GitHub, Bitbucket and GitLab. The most important part being that it can be self-hosted.</b></p>
+<img src="3.png" class="imgRz">
+<p>Now let's suppose you setup your potentially sensitive repositories on a clearnet gitea instance (meaning the server can be reached directly by a domain name, to it's public IP address. <b>What is stopping the tyrannical government from ordering the VPS provider to shut down the server ?</b> They know where it is located, what server it is on, so they can order it to be taken down all the same, as they will simply force another business to comply with their demands, and this time it will be the server itself that will be taken down.</p>
+</br>
+
+</br>
+<h2><u>OPSEC RECOMMENDATIONS:</u></h2>
+<p>This is why the gitea instance needs to be setup behind Tor, as a <a href="../torwebsite/index.html">.onion hidden service</a>. Now you have a few options as to where to host the the gitea service. It can be on a <a href="../anonymousremoteserver/index.html">remote VPS that you acquired anonymously</a> (where the cost will be the renting of that VPS, such as 5 euros per month):</p>
+<img src="../hiddenservice/1.png" class="imgRz">
+<p>Or it can simply be on a server that is running at your own home, at the cost of your own elecricity consumption, and internet connection:</p>
+<img src="../hiddenservice/0.png" class="imgRz">
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Gitea instance Setup</b></h2> </br> </br>
+<p>Now that we laid out the justifications for this setup, let's set it up on our server using Docker:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/13 ] [/srv]
+→ apt install docker.io docker-compose -y  ; systemctl enable --now docker
+	
+[ Datura ] [ /dev/pts/13 ] [/srv]
+→ cd /srv
+
+[ Datura ] [ /dev/pts/13 ] [/srv]
+→ mkdir gitea_onion
+
+[ Datura ] [ /dev/pts/13 ] [/srv]
+→ cd gitea_onion
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ cat docker-compose.yml
+version: "3"
+
+networks:
+  gitea:
+    external: false
+
+services:
+  server:
+    image: gitea/gitea:latest
+    container_name: gitea-onion
+    environment:
+      - USER_UID=1000
+      - USER_GID=1000
+    restart: always
+    networks:
+      - gitea
+      - tor
+    volumes:
+      - ./gitea:/data
+      - /etc/timezone:/etc/timezone:ro
+      - /etc/localtime:/etc/localtime:ro
+    ports:
+      - "127.0.0.1:3019:3000"
+      - "127.0.0.1:2222:22"
+  tor:
+    image: osminogin/tor-simple
+    container_name: tor
+    volumes:
+      - ./tor-data:/var/lib/tor
+      - ./tor-data/torrc:/etc/tor
+    networks:
+      - tor
+
+networks:
+  tor:
+  gitea:
+
+</pre></code>
+<p>Now let's setup a docker Tor daemon and the folder it needs to have, as we'll later need gitea to connect elsewhere through Tor :</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ mkdir -p tor-data/torrc
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ vim tor-data/torrc/torrc
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ cat tor-data/torrc/torrc
+ SOCKSPort 0.0.0.0:9050
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ chown -R 100:65533 tor-data/
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ chmod 700 tor-data
+
+</code></pre>
+
+<p>now before we run the gitea instance, we need to make it reachable via a .onion domain, so let's install tor and generate a .onion domain by following <a href="../torwebsite/index.html">this tutorial</a></a>: </p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/13 ] [/srv/mkp224o]
+→ ls /var/lib/tor/onions/daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion
+authorized_clients  hostname  hs_ed25519_public_key  hs_ed25519_secret_key
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ cat /etc/tor/torrc | tail -n 5
+HiddenServiceDir /var/lib/tor/onions/daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/
+HiddenServicePort 80 127.0.0.1:3019
+HiddenServicePort 2222 127.0.0.1:2222
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ systemctl restart tor@default
+
+</code></pre>
+<p>Now that's done, we launch gitea by using docker-compose:</p>
+<pre><code class="nim">
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ docker-compose up
+Creating gitea-onion ... done
+Attaching to gitea-onion
+gitea-onion | Generating /data/ssh/ssh_host_ed25519_key...
+gitea-onion | Generating /data/ssh/ssh_host_rsa_key...
+gitea-onion | Generating /data/ssh/ssh_host_ecdsa_key...
+gitea-onion | Server listening on :: port 22.
+gitea-onion | Server listening on 0.0.0.0 port 22.
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:242:runWeb() [I] Starting Gitea on PID: 15
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:111:showWebStartupMessage() [I] Gitea version: 1.22.3 built with GNU Make 4.4.1, go1.22.8 : bindata, timetzdata, sqlite, sqlite_unlock_notify
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:112:showWebStartupMessage() [I] * RunMode: prod
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:113:showWebStartupMessage() [I] * AppPath: /usr/local/bin/gitea
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:114:showWebStartupMessage() [I] * WorkPath: /data/gitea
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:115:showWebStartupMessage() [I] * CustomPath: /data/gitea
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:116:showWebStartupMessage() [I] * ConfigFile: /data/gitea/conf/app.ini
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:117:showWebStartupMessage() [I] Prepare to run install page
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:304:listen() [I] Listen: http://0.0.0.0:3000
+gitea-onion | 2024/11/23 16:37:01 cmd/web.go:308:listen() [I] AppURL(ROOT_URL): http://localhost:3000/
+gitea-onion | 2024/11/23 16:37:01 ...s/graceful/server.go:50:NewServer() [I] Starting new Web server: tcp:0.0.0.0:3000 on PID: 15
+	
+</code></pre>
+<p>Now that's done, let's access our gitea instance from the tor browser at the .onion domain we set for it, to setup the initial configuration:</p>
+<img src="4.png" class="imgRz">
+<p>Take note that you can leave everything as it is by default here, except if you want to change the Site Title, take note that there is no need for https in the URL, it is normal for it to remain http. And lastly let's disable registrations, <b>as users won't be using emails to register since we're not going to use the clearnet at all.</b></p>
+<img src="5.png" class="imgRz">
+<p>Lastly don't forget to create the administrator account at the bottom, and click "Install Gitea":</p>
+<img src="6.png" class="imgRz">
+<p>Wait a bit for the gitea instance to finish setup, and you're done!</p>
+<img src="7.png" class="imgRz">
+<p>Now we need to tweak the instance a bit, so let's edit the app.ini file that is located in <b>/srv/gitea_onion/gitea/gitea/conf/app.ini</b>:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/6 ] [/srv/gitea_onion]
+→ ls
+docker-compose.yml  gitea
+
+[ Datura ] [ /dev/pts/6 ] [/srv/gitea_onion]
+→ cd gitea
+
+[ Datura ] [ /dev/pts/6 ] [/srv/gitea_onion/gitea]
+→ ls
+git  gitea  ssh
+
+[ Datura ] [ /dev/pts/6 ] [/srv/gitea_onion/gitea]
+→ cd gitea
+
+[ Datura ] [ /dev/pts/6 ] [gitea_onion/gitea/gitea]
+→ ls
+actions_artifacts  attachments  conf      home      jwt  packages  repo-archive  sessions
+actions_log        avatars      gitea.db  indexers  log  queues    repo-avatars  tmp
+
+[ Datura ] [ /dev/pts/6 ] [gitea_onion/gitea/gitea]
+→ cd conf
+
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/conf]
+→ ls
+app.ini
+
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/conf]
+→ vim app.ini
+	
+</code></pre>
+<p>now the first thing i like to do here is to set the default gitea theme to "gitea-dark" by adding the [ui] section at the bottom:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/conf]
+→ cat app.ini | tail -n 3
+
+[ui]
+DEFAULT_THEME = gitea-dark
+
+</pre></code>
+<p>dont forget to restart the gitea docker everytime you edit the app.ini config file:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ docker-compose down ; docker-compose up -d
+Stopping gitea-onion ... done
+Removing gitea-onion ... done
+Removing network gitea_onion_gitea
+Creating network "gitea_onion_gitea" with the default driver
+Creating gitea-onion ... done
+
+</pre></code>
+<p>then on the webpage, hit "Ctrl+F5" to refresh the page and see the new theme:</p>
+<img src="8.png" class="imgRz">
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+  <div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Gitea mirroring Github repositories through Tor</b></h2> </br> </br>
+<p>Now in order to make sure our gitea instance is able to mirror external git repositories from other websites such as github, we need to make sure it goes through Tor to do so, so we need to make sure the gitea container can reach the docker tor daemon, so have to make sure it uses it by adding the [proxy] section in the app.ini config file (<u>Sidenote:</u> the Gitea container will know that the "tor" hostname refers to the tor docker container, so it is totally intentional as written below):</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ vim gitea/gitea/conf/app.ini
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ cat gitea/gitea/conf/app.ini | tail -n 4
+[proxy]
+PROXY_ENABLED = true
+PROXY_URL = <b>socks://tor:9050/</b>
+PROXY_HOSTS = *
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ docker-compose down ; docker-compose up -d
+
+</pre></code>
+<p>And now from there, we should be able to mirror external repositories on gitea by making the traffic go through Tor aswell. As an example, let's create a git mirror of the official <a href="../monero2024/index.html">Monero</a> repository that currently sits on <a href="https://github.com/monero-project/monero">Github</a>:</p>
+<img src="9.png" class="imgRz">
+<img src="10.png" class="imgRz">
+<img src="11.png" class="imgRz">
+<p>Now be aware that it's going to take longer than it usually would to get the repository due to the low bandwidth that Tor has, so be be patient and wait until it finishes:</p>
+<img src="12.png" class="imgRz">
+<img src="13.png" class="imgRz">
+<p>And there you go! you just managed to mirror a github repository while still making sure the connections go through Tor.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Handling gitea repositories through Tor</b></h2> </br> </br>
+<p>So now let's create our first gitea repository from the web interface:</p>
+<img src="14.png" class="imgRz">
+<img src="15.png" class="imgRz">
+<p>Now that the repository has been created, we need to push our first commit there so let's follow the instructions: </p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/9 ] [~/Documents]
+→ mkdir my-very-cool-repository
+
+[ mainpc ] [ /dev/pts/9 ] [~/Documents]
+→ cd my-very-cool-repository
+	
+[ mainpc ] [ /dev/pts/9 ] [~/Documents/my-very-cool-repository]
+→ touch README.md
+
+[ mainpc ] [ /dev/pts/9 ] [~/Documents/my-very-cool-repository]
+→ git init
+hint: Using 'master' as the name for the initial branch. This default branch name
+hint: is subject to change. To configure the initial branch name to use in all
+hint: of your new repositories, which will suppress this warning, call:
+hint:
+hint:   git config --global init.defaultBranch <name>
+hint:
+hint: Names commonly chosen instead of 'master' are 'main', 'trunk' and
+hint: 'development'. The just-created branch can be renamed via this command:
+hint:
+hint:   git branch -m <name>
+Initialized empty Git repository in /home/nihilist/Documents/my-very-cool-repository/.git/
+
+[ mainpc ] [ /dev/pts/9 ] [~/Documents/my-very-cool-repository]
+→ git checkout -b main
+Switched to a new branch 'main'
+
+[ mainpc ] [ /dev/pts/9 ] [~/Documents/my-very-cool-repository]
+→ git add README.md
+
+[ mainpc ] [ /dev/pts/9 ] [~/Documents/my-very-cool-repository]
+→ git commit -m "first commit"
+[main (root-commit) b090f42] first commit
+ 1 file changed, 0 insertions(+), 0 deletions(-)
+ create mode 100644 README.md
+
+</code></pre>
+<p>Then we can proceed with the rest of the instructions to push the commit to the repository via the .onion gitea domain, with the exception of the <b>git push</b> command, where we need to use the <b>torsocks</b> in front of it, because otherwise it won't be able to resolve the .onion domain:</p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/9 ] [~/Documents/my-very-cool-repository]
+→ git remote add origin http://daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/nihilist/my-very-cool-repository.git
+
+[ mainpc ] [ /dev/pts/9 ] [~/Documents/my-very-cool-repository]
+→ <b>torsocks git push -u origin main</b>
+Username for 'http://daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion': nihilist
+Password for 'http://nihilist@daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion':
+Enumerating objects: 3, done.
+Counting objects: 100% (3/3), done.
+Writing objects: 100% (3/3), 212 bytes | 16.00 KiB/s, done.
+Total 3 (delta 0), reused 0 (delta 0), pack-reused 0
+remote: . Processing 1 references
+remote: Processed 1 references in total
+To http://daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/nihilist/my-very-cool-repository.git
+ * [new branch]      main -> main
+branch 'main' set up to track 'origin/main'.
+
+</code></pre>
+<p>And that's it! You managed to do your first git commit via Tor !</p>
+<img src="16.png" class="imgRz">
+<p><u>Sidenote:</u> in the same way you also need to use torsocks to git clone repositories that are on .onion domains:</p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/9 ] [~/Documents]
+→ torsocks git clone http://daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/nihilist/my-very-cool-repository
+Cloning into 'my-very-cool-repository'...
+remote: Enumerating objects: 3, done.
+remote: Counting objects: 100% (3/3), done.
+remote: Total 3 (delta 0), reused 0 (delta 0), pack-reused 0 (from 0)
+Receiving objects: 100% (3/3), done.
+
+</pre></code>
+<p>Next, if you want other people to contribute to your gitea projects, you'll have to do manual registrations as they can't use email to register new accounts:</p>
+<img src="20.png" class="imgRz">
+<img src="21.png" class="imgRz">
+<img src="22.png" class="imgRz">
+<img src="23.png" class="imgRz">
+<p>Once created, simply send the credentials to login to the user that needs them in a private chat (see our recommendation to use <a href="../anonsimplex/index.html">SimpleX chat</a>).</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>BONUS: Customizing Gitea's appearance</b></h2> </br> </br>
+<p>Now if you want to customize your gitea instance like i did at <a href="https://git.nowhere.moe">https://git.nowhere.moe</a> you'll can first create the templates folder to change the homepage:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ cd gitea/gitea
+
+[ Datura ] [ /dev/pts/13 ] [gitea_onion/gitea/gitea]
+→ mkdir templates
+
+[ Datura ] [ /dev/pts/13 ] [gitea_onion/gitea/gitea]
+→ cd templates
+
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/templates]
+→ wget https://git.nowhere.moe/nihilist/Datura-Network/raw/branch/main/2-Decentralization/gitea/gitea/gitea/templates/home.toml -O home.tmpl
+
+[ Datura ] [ /dev/pts/13 ] [gitea/gitea/templates]
+→ vim home.tmpl
+
+[ Datura ] [ /dev/pts/13 ] [gitea/gitea/templates]
+→ cat home.tmpl | grep pain
+                                <h2>A painful, self-inflicted Nightmare </h2>
+
+[ Datura ] [ /dev/pts/13 ] [gitea/gitea/templates]
+→ cd /srv/gitea_onion
+
+[ Datura ] [ /dev/pts/13 ] [/srv/gitea_onion]
+→ docker-compose down ; docker-compose up -d
+
+</code></pre>
+<img src="17.png" class="imgRz">
+<p>then to change the logo you can drop your own custom logos in the <b>/srv/gitea_onion/gitea/gitea/public/assets/img/</b> directory:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/6 ] [gitea_onion/gitea/gitea]
+→ mkdir public/assets/img
+
+[ Datura ] [ /dev/pts/6 ] [gitea_onion/gitea/gitea]
+→ cd public/assets/img
+
+[ Datura ] [ /dev/pts/6 ] [public/assets/img]
+→ ls
+apple-touch-icon.png  favicon.png  gitea-192.png  gitea-lg.png      gitea-sm.png  img.tar
+favicon.ico           favicon.svg  gitea-512.png  gitea-safari.svg  gitea.svg     logo.svg
+	
+[ Datura ] [ /dev/pts/6 ] [public/assets/img]
+→ cd /srv/gitea_onion
+
+[ Datura ] [ /dev/pts/6 ] [/srv/gitea_onion]
+→  docker-compose down ; docker-compose up -d
+
+</code></pre>
+<p>Then, simply refresh the page to see the changes:</p>
+<img src="18.png" class="imgRz">
+<p>Next, if you want a custom CSS theme like the one i have, <b>first be aware that as gitea continues to be updated, the CSS theme may break depending on the breaking changes that gitea introduces, it is safer to keep using the default gitea-dark theme.</b> If that's not a problem for you, you can download it from <a href="https://git.nowhere.moe/nihilist/Datura-Network/raw/branch/main/2-Decentralization/gitea/gitea/gitea/public/assets/css/theme-space.css">here</a> and put it in the <b>/srv/gitea_onion/gitea/gitea/public/assets/css/</b> directory:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/6 ] [/srv/gitea_onion]
+→ cd gitea/gitea/public/assets
+
+[ Datura ] [ /dev/pts/6 ] [gitea/public/assets]
+→ mkdir css
+
+[ Datura ] [ /dev/pts/6 ] [gitea/public/assets]
+→ cd css
+
+[ Datura ] [ /dev/pts/6 ] [public/assets/css]
+→ wget https://git.nowhere.moe/nihilist/Datura-Network/raw/branch/main/2-Decentralization/gitea/gitea/gitea/public/assets/css/theme-space.css
+--2024-11-23 20:25:50--  https://git.nowhere.moe/nihilist/Datura-Network/raw/branch/main/2-Decentralization/gitea/gitea/gitea/public/assets/css/theme-space.css
+Resolving git.nowhere.moe (git.nowhere.moe)... 65.109.30.253
+Connecting to git.nowhere.moe (git.nowhere.moe)|65.109.30.253|:443... connected.
+HTTP request sent, awaiting response... 200 OK
+Length: 22754 (22K) [text/plain]
+Saving to: ‘theme-space.css’
+
+theme-space.css                100%[=================================================>]  22.22K  --.-KB/s    in 0s
+
+2024-11-23 20:25:50 (310 MB/s) - ‘theme-space.css’ saved [22754/22754]
+
+	
+</code></pre>
+<p>Then make sure this is the default theme that is used, from the app.ini config file, and restart the gitea instance to refresh the configuration:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/6 ] [public/assets/css]
+→ cd ../../../
+
+[ Datura ] [ /dev/pts/6 ] [gitea_onion/gitea/gitea]
+→ cd conf
+
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/conf]
+→ ls
+app.ini
+
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/conf]
+→ vim app.ini
+
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/conf]
+→ cat app.ini  | tail -n 9
+
+<b>[ui]
+DEFAULT_THEME = space
+THEMES = space, gitea-dark</b>
+
+[ Datura ] [ /dev/pts/6 ] [gitea/gitea/conf]
+→ cd ../../..
+
+[ Datura ] [ /dev/pts/6 ] [/srv/gitea_onion]
+→ docker-compose down ; docker-compose up -d
+
+</pre></code>
+
+
+<img src="19.png" class="imgRz">
+<p>And that's it! You managed to get a customized .onion-only gitea instance, effectively forcing whoever that wants to use it to remain anonymous, if they want to deanonymize themselves, it will be out of their own accord later on.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/governments/index.html b/opsec/governments/index.html
index 3f6a7f1..6f0552a 100644
--- a/opsec/governments/index.html
+++ b/opsec/governments/index.html
@@ -154,7 +154,7 @@ Law enforcement is the activity of some members of government who act in an orga
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/govfear/index.html b/opsec/govfear/index.html
index 43732da..7af4236 100644
--- a/opsec/govfear/index.html
+++ b/opsec/govfear/index.html
@@ -124,7 +124,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/graphene/index.html b/opsec/graphene/index.html
index f1e68d4..88bcc68 100644
--- a/opsec/graphene/index.html
+++ b/opsec/graphene/index.html
@@ -8,7 +8,7 @@
     <meta name="author" content="">
     <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
 
-    <title>How to install GrapheneOS on a Pixel Phone</title>
+    <title>How to have Privacy on your Phone (GrapheneOS)</title>
 
     <!-- Bootstrap core CSS -->
     <link href="../../assets/css/bootstrap.css" rel="stylesheet">
@@ -61,7 +61,7 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-07-10</ba></p>
-<h1>How to install GrapheneOS on a Pixel Phone </h1>
+<h1>How to have Privacy on your Phone (GrapheneOS) </h1>
 <img src="1.png" class="imgRz">
 <p>In this tutorial we're going to setup graphene OS, an open source android operating system for google pixel phones. (Yes google phones, if you don't like it then you'll have to wait for functional <a href="../openhardware/index.html">open hardware</a> alternatives to arrive on the market.) Currently GrapheneOS is one of the most privacy-focused mobile operating systems given that it's fully <a href="https://grapheneos.org/source">open source</a>. and that they refuse to implement google services by default, unlike their competitors like LineageOS.</p>
           
@@ -308,7 +308,7 @@ Finished. Total time: 0.276s
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/haveno-arbitrator/index.html b/opsec/haveno-arbitrator/index.html
index f591855..8bb6b5a 100644
--- a/opsec/haveno-arbitrator/index.html
+++ b/opsec/haveno-arbitrator/index.html
@@ -215,7 +215,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/haveno-cashbymail/index.html b/opsec/haveno-cashbymail/index.html
index cf0f40d..214b91e 100644
--- a/opsec/haveno-cashbymail/index.html
+++ b/opsec/haveno-cashbymail/index.html
@@ -233,7 +233,7 @@ This will help you distinguish packages coming from different buyers and avoid c
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/haveno-client-f2f/index.html b/opsec/haveno-client-f2f/index.html
index f55ee50..a8d20e2 100644
--- a/opsec/haveno-client-f2f/index.html
+++ b/opsec/haveno-client-f2f/index.html
@@ -181,17 +181,82 @@ May-29 20:55:27.427 [JavaFX Application Thread] INFO  h.d.c.c.c.PopOver: hide:20
           <h2><b>For Arch Linux Users</b></h2>
 <p>You can either extract the .rpm (which is originally intended for Fedora users) package and run the haveno binary yourself, or use the <a href="https://aur.archlinux.org/packages/haveno-reto">AUR package maintained by duje</a></p>
           <h2><b>For Windows Users </b></h2>
-<p> If you are a windows user (know that it cant be trusted as <a href="../closedsource/index.html">it's not an open source operating system</a>, check out my tutorial here on <a href="../linux/index.html">how to install linux</a> instead), if you're too lazy you can check out darknetreporter's tutorial: </p>
-<iframe class="rumble" width="640" height="360" src="https://rumble.com/embed/v4wro7n/?pub=4" frameborder="0" allowfullscreen></iframe>
+<p> If you are a windows user (know that windows cant be trusted as <a href="../closedsource/index.html">it's not an open source operating system</a>, so <a href="../linux/index.html">install linux</a> instead): </p>
 <!--          <h2><b>For Tails OS Users: Use BrandyJson's Script!</b></h2>-->
-          <h2><b>For Tails OS Users: (as of 6th October 2024)</b></h2>
+          <h2><b>For Tails OS Users: (as of 3rd November 2024)</b></h2>
 <p>If you want to have a TailsOS VM running, check out my latest tutorial on it <a href="../tailsqemuvm/index.html">here</a>.</p>
 <p>Then make sure you have the admin password enabled:</p>
 <img src="100.png" class="imgRz">
 <p>Then make sure you have the persistant storage enabled, with the dotfiles enabled:</p>
 <img src="101.png" class="imgRz">
-<p>Then, to install it at the current latest version (as of the 6th of october 2024, version 0.) you need to run the following command:</p>
+<p>Then, to install it at the current latest version (as of the 6th of october 2024, version 1.0.12) you need to run the following commands:</p>
 <pre><code class="nim">
+amnesia@amnesia:~$ curl -x socks5h://127.0.0.1:9050 -fsSLO https://github.com/haveno-dex/haveno/raw/master/scripts/install_tails/haveno-install.sh  && bash haveno-install.sh https://github.com/retoaccess1/haveno-reto/releases/download/v1.0.12/haveno-linux-deb.zip DAA24D878B8D36C90120A897CA02DAC12DAE2D0F
+
+amnesia@amnesia:~$ ./Persistent/haveno/App/utils/exec.sh 
+
+</pre></code>
+<!--<pre><code class="nim">
+amnesia@amnesia:~$ cd Persistent
+amnesia@amnesia:~/Persistent$ wget -e use_proxy=yes -e http_proxy=127.0.0.1:9050 https://github.com/retoaccess1/haveno-reto/releases/download/v1.0.12/haveno-linux-deb.zip
+
+amnesia@amnesia:~/Persistent$ unzip haveno-linux-deb.zip 
+Archive:  haveno-linux-deb.zip
+  inflating: desktop-1.0.12-SNAPSHOT-all.jar.SHA-256  
+  inflating: haveno-v1.0.12-linux-x86_64-installer.deb
+
+amnesia@amnesia:~/Persistent$ wget -e use_proxy=yes -e http_proxy=127.0.0.1:9050 https://raw.githubusercontent.com/BrandyJSon/haveno-install-tails/refs/heads/main/haveno-install.sh
+
+</pre></code>
+<p>Here we basically need to edit the script to make sure it uses the correct haveno .deb file that we unzipped above:</p>
+<pre><code class="nim">
+amnesia@amnesia:~/Persistent$ sed -i s'/haveno_1.0.7-1_amd64.deb/haveno-v1.0.12-linux-x86_64-installer.deb/gi' haveno-install.sh 
+
+amnesia@amnesia:~/Persistent$ 
+amnesia@amnesia:~/Persistent$ sudo ./haveno-install.sh 
+[sudo] password for amnesia:          
+Installing dpkg from persistent, (1.07-1, if this is out of date change the deb path in the script or manually install after running
+(Reading database ... 150142 files and directories currently installed.)
+Preparing to unpack .../haveno-v1.0.12-linux-x86_64-installer.deb ...
+Unpacking haveno (1.0.12-1) over (1.0.12-1) ...
+Setting up haveno (1.0.12-1) ...
+Allowing amnesia to read tor control port cookie, only run this script when you actually want to use haveno
+
+!!! not secure !!!
+
+Updating apparmor-profile
+Adding rule to iptables to allow for monero-wallet-rpc to work
+Updating torsocks to allow for inbound connection
+Restarting onion-grater service
+Everything is set up just run
+
+source ~/.bashrc
+
+Then you can start haveno using haveno-tails
+amnesia@amnesia:~/Persistent$ source ~/.bashrc
+amnesia@amnesia:~/Persistent$ haveno-tails 
+
+
+</pre></code>-->
+<!--<pre><code class="nim">
+# Install Haveno like any other `.deb` file
+amnesia@amnesia:~$  cd Persistent
+amnesia@amnesia:~/Persistent$ wget -e use_proxy=yes -e http_proxy=127.0.0.1:9050 https://github.com/retoaccess1/haveno-reto/releases/download/v1.0.12/haveno-linux-deb.zip
+amnesia@amnesia:~/Persistent$ unzip haveno-linux-deb.zip
+amnesia@amnesia:~/Persistent$ sudo apt update -y
+amnesia@amnesia:~/Persistent$ sudo dpkg -i ./haveno*.deb
+
+# Disable Tor Cookie Authentication
+amnesia@amnesia:~/Persistent$ echo "CookieAuthentication 0" | sudo tee -a /etc/tor/torrc
+
+# Reload Tor Service
+amnesia@amnesia:~/Persistent$ sudo systemctl reload tor
+
+# Run Haveno with Built-in Tor and saving the data on the persistent storage
+amnesia@amnesia:~/Persistent$ /opt/haveno/bin/Haveno --torControlPort=9051 --torStreamIsolation --socks5ProxyXmrAddress=127.0.0.1:9050 --useTorForXmr=ON --userDataDir=/home/amnesia/Persistent
+
+</pre></code>-->
+<!--<pre><code class="nim">
 amnesia@amnesia:~$ curl --socks5-hostname socks5://127.0.0.1:9050 -fsSLO https://github.com/haveno-dex/haveno/raw/master/scripts/install_tails/haveno-install.sh && bash haveno-install.sh "https://github.com/retoaccess1/haveno-reto/releases/latest/download/haveno_amd64_deb-latest.zip" "DAA2 4D87 8B8D 36C9 0120 A897 CA02 DAC1 2DAE 2D0F"
 
 Installing dependencies ...
@@ -236,8 +301,8 @@ Haveno binaries have been successfully verified.
 Files moved to persistent directory /home/amnesia/Persistent/haveno/Install
 Haveno installation setup completed successfully.
 
-</pre></code>
-<img src="102.png" class="imgRz">
+</pre></code>-->
+<!--<img src="102.png" class="imgRz">-->
 <img src="103.png" class="imgRz">
 <img src="104.png" class="imgRz">
 <!--<p>Download the latest haveno package just like on debian, then put it in the persistant storage:</p>
@@ -465,7 +530,7 @@ Arbitrators are inherited from Bisq’s 2/3 protocol. They are a trusted role an
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/haveno-client/index.html b/opsec/haveno-client/index.html
index 066aabd..8afa21a 100644
--- a/opsec/haveno-client/index.html
+++ b/opsec/haveno-client/index.html
@@ -312,7 +312,7 @@ May-13 19:39:44.867 [JavaFX Application Thread] INFO  haveno.desktop.app.HavenoA
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/haveno-seednode/index.html b/opsec/haveno-seednode/index.html
index 0e2caa7..45980d2 100644
--- a/opsec/haveno-seednode/index.html
+++ b/opsec/haveno-seednode/index.html
@@ -483,7 +483,7 @@ Oct 06 13:39:13 Datura Haveno-Seednode2[1412193]: Oct-06 13:39:13.059 [Connectio
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/haveno-sepa/index.html b/opsec/haveno-sepa/index.html
index 712dc91..03383f5 100644
--- a/opsec/haveno-sepa/index.html
+++ b/opsec/haveno-sepa/index.html
@@ -199,7 +199,7 @@ If you get banned from a physical bank, they may put your name on a fraud regist
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/hiddenservice/index.html b/opsec/hiddenservice/index.html
index d86a669..52d1e69 100644
--- a/opsec/hiddenservice/index.html
+++ b/opsec/hiddenservice/index.html
@@ -115,7 +115,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/hiddenservices.old/index.html b/opsec/hiddenservices.old/index.html
index e227133..de83edf 100644
--- a/opsec/hiddenservices.old/index.html
+++ b/opsec/hiddenservices.old/index.html
@@ -125,7 +125,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/hypervisorsetup/30.png b/opsec/hypervisorsetup/30.png
index 33acbc9..d998389 100644
Binary files a/opsec/hypervisorsetup/30.png and b/opsec/hypervisorsetup/30.png differ
diff --git a/opsec/hypervisorsetup/50.png b/opsec/hypervisorsetup/50.png
new file mode 100644
index 0000000..d8ddde7
Binary files /dev/null and b/opsec/hypervisorsetup/50.png differ
diff --git a/opsec/hypervisorsetup/51.png b/opsec/hypervisorsetup/51.png
new file mode 100644
index 0000000..57c46d4
Binary files /dev/null and b/opsec/hypervisorsetup/51.png differ
diff --git a/opsec/hypervisorsetup/index.html b/opsec/hypervisorsetup/index.html
index 8ac9b2b..bb566a6 100644
--- a/opsec/hypervisorsetup/index.html
+++ b/opsec/hypervisorsetup/index.html
@@ -163,6 +163,9 @@ nihilist@debian:~# virt-manager
 </code></pre>
 <p>Next just make sure that the NAT network is created, and that the ISOs and VMs folders are with the correct permissions:</p>
 <img src="11.png" class="imgRz">
+<p>And also create another NAT network so that we can put all the untrusted VMs such as Windows into:</p>
+<img src="50.png" class="imgRz">
+<p>That way, the adversary that can normally see what's going on in the network attached to the Windows VM can no longer see as it is being put in a different network altogether. </p>
 <pre><code class="nim">
 nihilist@debian:~$ mkdir ISOs
 nihilist@debian:~$ mkdir VMs
@@ -203,6 +206,10 @@ nihilist@debian:~$ sudo chown nihilist:libvirt -R ISOs
 <img src="28.png" class="imgRz">
 <img src="29.png" class="imgRz">
 <img src="30.png" class="imgRz">
+<p>Then before we begin the installation, we make sure that the windows VM uses the untrusted NAT network to make sure it remains isolated:</p>
+<img src="51.png" class="imgRz">
+<p>Then we hit Apply, and then we click on begin installation</p>
+
 <img src="31.png" class="imgRz">
 <img src="32.png" class="imgRz">
 <img src="33.png" class="imgRz">
@@ -216,7 +223,16 @@ nihilist@debian:~$ sudo chown nihilist:libvirt -R ISOs
 <img src="38.png" class="imgRz">
 <img src="39.png" class="imgRz">
 <p>Then Bob can use the windows VM for his public usage (such as KYC services, and closed-source software), and use the debian VM for his private usage (any personal matter, with only open source software)</p>
-<p>Next, Bob can setup a  <a href="../vpn/index.html">VPN</a> by default into his debian VM.</p>
+<p>From inside the Debian VM, you can run the following from a terminal to be able to copy and paste from inside the VM out, and from outside the VM in:</p>
+<pre><code class="nim">
+su -
+apt update -y
+apt install spice-vdagent -y
+reboot now
+
+</pre></code>
+<p>Do not do the same for the windows VM, otherwise you'd be allowing the Windows VM to spy on what your clipboard contains, from outside the VM. Make sure it is kept isolated as it is by default here.</p>
+<p>Next, Bob can setup a  <a href="../vpn/index.html">VPN</a> by default into his debian VM to prevent his ISP from spying on what he is doing.</p>
 
 
 				</div>
@@ -232,7 +248,7 @@ nihilist@debian:~$ sudo chown nihilist:libvirt -R ISOs
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/hypervisorsetup/old.html b/opsec/hypervisorsetup/old.html
index 718f02a..b855057 100644
--- a/opsec/hypervisorsetup/old.html
+++ b/opsec/hypervisorsetup/old.html
@@ -452,7 +452,7 @@ nothing@debian:~$ sudo chown nothing:libvirt -R ISOs
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/index.html b/opsec/index.html
index 4d6314d..ec387b0 100644
--- a/opsec/index.html
+++ b/opsec/index.html
@@ -73,7 +73,6 @@
                 <li><a href="aps/index.html">✅ Privacy, Anonymity, Plausible Deniability, Decentralisation, Security, and 0days</a></li>
                 <li><a href="governments/index.html">✅ Governments, Centralisation, and Law Enforcement</a></li>
                 <li><a href="govfear/index.html">✅ Governments fear Decentralisation and Anonymity</a></li>
-                <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/118">❌ How to use technology to free yourself from tyranny?</a></li>
         </ol></br>
        
       
@@ -85,9 +84,7 @@
 				<li><a href="internetsegmentation/index.html">✅ Internet usage segmentation (QEMU VMs + Identity Management)</a></li>
                 <li><a href="opsec/index.html">✅ OPSEC: Using the right Technology and Behavior </a></li>
 				<li><a href="multiple_identities/index.html">✅ How to maintain multiple Identities Online</a></li>
-</br>
-</br>
-</br>
+
         </ol></br>
 
            </div>
@@ -110,28 +107,29 @@
         </ol></br>
 <p>💻 Getting started</p>
 <ol>
-                <li><a href="linux/index.html">✅ How to install Linux from a Windows PC ⭐</a></li>
-                <li><a href="linuxprograms/index.html">✅ How to install and update programs on Linux </a></li>
-                <li><a href="graphene/index.html">✅ How to install GrapheneOS on a Pixel Phone</a></li>
+                <li><a href="linux/index.html">✅ How to have Privacy on your Computer (Linux) ⭐</a></li>
+                <li><a href="graphene/index.html">✅ How to have Privacy on your Phone (GrapheneOS)</a></li>
+                <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/161">❌ How to have Privacy on your Router (Opnsense)</a></li>
 				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/61">❌ Easy Private Chats - SimpleX</a></li>
 </ol></br>
 
 
 <p>💻 File Sharing</p>
 <ol>
-				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/11">❌ One on One large file sharing (Syncthing over VPN)</a></li>
+				<li><a href="syncthingvpn/index.html">✅ One on One large file sharing (Syncthing over VPN)</a></li>
 				<li><a href="p2ptorrents/index.html">✅ P2P large file sharing (Torrents over VPN)</a></li>
 </ol></br>
 </div>
 <div style="float: right; width: 50%;">
 <p>💻 Privacy means Open Source (FOSS)</p>
 <ol>
+                <li><a href="linuxprograms/index.html">✅ How to install and update programs on Linux </a></li>
                 <li><a href="compilation/index.html">✅ How to compile open source software + How to verify software integrity </a></li>
                 <li><a href="hypervisorsetup/index.html">✅ How to Virtualize Machines (QEMU/KVM Hypervisor)</a></li>
                 <li><a href="vpn/index.html">✅ How to get privacy from your ISP using a VPN</a></li>
                 <li><a href="vpnqemu/index.html">✅ Route QEMU VMs through a Host OS VPN</a></li>
                 <li><a href="passwordmanagement/index.html">✅ Password Management 101 (How to use Keepass)</a></li>
-                <li><a href="serversideencryption/index.html">✅ Serverside: Should I trust serverside encryption? Should I use PGP?</a></li>
+                <li><a href="serversideencryption/index.html">✅ Why can't I trust Server-side Encryption ?</a></li>
                 <li><a href="pgp/index.html">✅ Private Messaging (PGP encryption)</a></li>
 </ol></br>
 
@@ -161,6 +159,8 @@
                 <li><a href="anonymityexplained/index.html">✅ What is Anonymity ? Why is it Important ? </a></li>
                 <li><a href="anonuse/index.html">✅ Why isn't Privacy enough for Anonymous use ? </a></li>
                 <li><a href="torvsvpns/index.html">✅ The main source of Anonymity: The Tor Network</a></li>
+				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/169">❌ Why is the darknet superior to clearnet ? </a></li>
+				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/168">❌ When should I use I2P instead of Tor ? </a></li>
                 <li><a href="torthroughvpn/index.html">✅ Using Tor Safely: Tor through VPN or VPN through Tor ? </a></li>
                 <li><a href="phonenumbers/index.html">✅ Phone Numbers are incompatible with Anonymity</a></li>
 				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/43">❌ How to protect against fingerprinting (persona, text, files)</a></li>
@@ -172,9 +172,8 @@
 				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/42">❌ How to setup and navigate Qubes OS</a></li>
                 <li><a href="torbrowsing/index.html">✅ Tor Web Browser setup</a></li>
                 <li><a href="MobileTor/index.html">✅ How to use the Tor Browser on Mobile</a></li>
-                <li><a href="tailsqemuvm/index.html">✅ Tails OS QEMU VM for Temporary Anonymity</a></li>
                 <li><a href="whonixqemuvms/index.html">✅ VMs for Long-term Anonymity (Whonix QEMU VMs)</a></li>
-                <li><a href="whonixqemuvms/index.html">❌ How to Anonymously access websites that block Tor</a></li>
+                <li><a href="whentorisblocked/index.html">✅ How to Anonymously access websites that block Tor</a></li>
 				<li><a href="anonsimplex/index.html">✅ Easy Anonymous Chats - SimpleX</a></li>
 
 </ol></br>
@@ -191,7 +190,7 @@
 <p>💻 File Sharing</p>
 <ol>
 				<li><a href="onionshare/index.html">✅ How to send small files Anonymously (Onionshare)</a></li>
-				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/16">❌ One on One large file sharing (Syncthing over Tor)</a></li>
+				<li><a href="syncthinganon/index.html">✅ One on One large file sharing (Syncthing over Tor)</a></li>
 				<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/17">❌ P2P large file sharing (Torrents over Tor)</a></li>
 </ol></br>
 
@@ -214,8 +213,8 @@
 <ol>
         <li><a href="anonemail/index.html">✅ How to Get an Email Account Anonymously (Emails as a Service)</a></li>
         <li><a href="anonsms/index.html">✅ How to Receive Anonymous SMSes (Remote SMSes as a Service)</a></li>
-        <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/28">❌ How to get a credit card anonymously (Credit cards as a service)</a></li>
-        <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/29">❌ How to get residential proxies anonymously</a></li>
+        <li><a href="anoncreditcard/index.html">✅ How to get a credit card anonymously (Credit cards as a service)</a></li>
+        <li><a href="anonproxy/index.html">✅ How to get residential proxies anonymously</a></li>
 
 </ol></br>
 </div>
@@ -239,12 +238,7 @@
         <!--<li><a href="hiddenservices/index.html">✅ Introduction to Hosting Hidden Services</a></li>-->
 		<li><a href="hiddenservice/index.html">✅ Where to host Anonymous Hidden Services ?</a></li>
         <li><a href="torwebsite/index.html">✅ Hidden Service with custom .onion Vanity V3 address</a></li>
-		<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/20">❌ Basic Webserver setup (NGINX / PHP / MYSQL)</a></li>
-		<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/21">❌ Minimalistic MoneroSSO .onion setup</a></li>
-		<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/22">❌ Gitea .onion setup (Code repositories)</a></li>
-		<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/23">❌ Nextcloud .onion setup (cloud storage)</a></li>
-		<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/24">❌ Mastodon .onion setup (Microblogging)</a></li>
-		<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/25">❌ Discourse .onion setup (Forums)</a></li>
+		<li><a href="gitea-anon/index.html">✅ Gitea .onion Setup (Anonymous Code Repositories and Collaboration)</a></li>
 		<li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/47">❌ How to setup Nerostr (Nostr blogging)</a></li>
 </br>
 </ol></br>
@@ -285,15 +279,16 @@
 
         <p>📝 Explaining Plausible Deniability</p>
         <ol>
-                <li><a href="encryption/index.html">✅ What is Plausible Deniability ? Why is it Important ?</a></li>
+                <li><a href="deniability/index.html">✅ What is Plausible Deniability ? Why is it Important ?</a></li>
                 <li><a href="anonsensitive/index.html">✅ Why Anonymity isn’t enough for Sensitive use ? </a></li>
-                <li><a href="sensitiveremotevshome/index.html">🟠 Sensitive Services: Self-Host or Host Remotely ?</a></li>
         </ol></br>
 
         <p>💻 Clientside - Getting Started </p>
         <ol>
-                <li><a href="veracrypt/index.html">✅ The main source of Plausible Deniability: Veracrypt Hidden Partitions</a></li>
-                <li><a href="anonymity/index.html">🟠 Sensitive use VMs Setup (Whonix VMs in a Veracrypt Hidden Volume)⭐</a></li>
+                <li><a href="livemode/index.html">✅ Using the Host-OS in live-mode to enable Sensitive Use</a></li>
+                <li><a href="tailsqemuvm/index.html">✅ Tails OS for Temporary Sensitive Use</a></li>
+                <li><a href="veracrypt/index.html">✅ The main source of Plausible Deniability: Deniable Encryption</a></li>
+                <li><a href="sensitivevm/index.html">✅ Sensitive use VMs Setup (Whonix VMs in a Veracrypt Hidden Volume)⭐</a></li>
                 <li><a href="plausiblydeniabledataprotection/index.html">🟠 Plausibly Deniable Critical Data Backups</a></li>
         </ol></br>
 <p>💻 Steganography - Hiding secrets in plain sight</p>
@@ -305,6 +300,7 @@
 
 <p>💻 Decentralised Finances</p>
 <ol>
+			   <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/167">❌ How to hide your Monero ?</a></li>
 			   <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/49">❌ How to Cash out your crypto gains (Fiat income limits, and justifications)</a></li>
 </ol></br>
 <p>⚠️ When you risk being persecuted for just using technology</p>
@@ -326,11 +322,12 @@
                 <li><a href="failover-wan/index.html">✅ Internet Failover (Dual WAN pfsense setup)</a></li>
                 <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/66">❌ Isolating on-premise hidden services (VM-based restrictive networking)</a></li>
                 <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/33">❌ Deniable Encryption Protection (emergency shutdown script, shortcut, + systemd service)</a></li>
-                <li><a href="physicalsecurity/index.html">✅ Automating Deniable Encryption Protection (USB Changes, detecting movements, and SSH bruteforce attempts)</a></li>
+                <li><a href="physicalsecurity/index.html">🟠 Automating Deniable Encryption Protection (USB Changes, detecting movements, and SSH bruteforce attempts)</a></li>
                 <li><a href="endgame/index.html">✅ Endgame V3 (.onion service Anti DDOS / Load Balancer / WAF + Captcha) ⭐</a></li>
 </ol></br>
 <p>🧅 Serverside - Remote Plausible Deniability (⚠️ <a href="sensitiveremotevshome/index.html">Remote Hosting = Safer!</a>)</p>
 <ol>
+                <li><a href="sensitiveremotevshome/index.html">🟠 Sensitive Services: Self-Host or Host Remotely ?</a></li>
                 <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/36">❌ When the Adversary is the cloud provider himself</a></li>
                 <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/37">❌ Protecting against cold boot attacks, with RAM encryption (no hardware access!)</a></li>
                 <li><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/38">❌ System Intrusion / Integrity monitoring (kernel modules, binary files, unwanted processes, hardwre changes)</a></li>
@@ -410,7 +407,7 @@ I decline any and all responsibility for any mis-use of any of the technology i
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/internetsegmentation/index.html b/opsec/internetsegmentation/index.html
index f4a9de1..dab679b 100644
--- a/opsec/internetsegmentation/index.html
+++ b/opsec/internetsegmentation/index.html
@@ -173,7 +173,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/linux/index.html b/opsec/linux/index.html
index c0e6e40..893bacd 100644
--- a/opsec/linux/index.html
+++ b/opsec/linux/index.html
@@ -8,7 +8,7 @@
     <meta name="author" content="">
     <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
 
-    <title>How to install Linux from a Windows PC </title>
+    <title>How to have Privacy on your Computer (Linux) </title>
 
     <!-- Bootstrap core CSS -->
     <link href="../../assets/css/bootstrap.css" rel="stylesheet">
@@ -61,7 +61,7 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-06-16</ba></p>
-<h1>How to install Linux from a Windows PC  </h1>
+<h1>How to have Privacy on your Computer (Linux)  </h1>
 <img src="0.png" style="width:250px">
 <p>In this tutorial, we're going to look at the first and foremost thing anyone can do to remove surveillance from their digital lives, by installing a free and open source software (FOSS) host operating system: Linux, in this case we're going to setup the latest Debian.</p>
 <p><h2><u>OPSEC Recommendations:</u></h2></p>
@@ -175,7 +175,7 @@
 <img src="29.png" class="imgRz">
 <img src="30.png" class="imgRz">
 <img src="31.png" class="imgRz">
-<p>Here Bob decides that he wants to encrypt his whole harddrive too. That way, if someone were to steal his computer, without knowing his password, they would have no way to access Bob's local data.</p>
+<p>Here Bob decides that he wants to encrypt his whole harddrive too. That way, if someone were to steal his computer, without knowing his password, they would have no way to access Bob's local data. (but be warned that for sensitive use, one shouldn't need to encrypt the system drive at all (<a href="../livemode/index.html">more details</a>).</p>
 <img src="32.png" class="imgRz">
 <img src="33.png" class="imgRz">
 <img src="34.png" class="imgRz">
@@ -223,7 +223,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/linuxprograms/index.html b/opsec/linuxprograms/index.html
index c50ad21..58c86a7 100644
--- a/opsec/linuxprograms/index.html
+++ b/opsec/linuxprograms/index.html
@@ -305,7 +305,7 @@ nihilist@mainpc:~$ firefox
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/livemode/1.png b/opsec/livemode/1.png
new file mode 100644
index 0000000..a4cc039
Binary files /dev/null and b/opsec/livemode/1.png differ
diff --git a/opsec/livemode/2.png b/opsec/livemode/2.png
new file mode 100644
index 0000000..ad77018
Binary files /dev/null and b/opsec/livemode/2.png differ
diff --git a/opsec/livemode/3.png b/opsec/livemode/3.png
new file mode 100644
index 0000000..6829101
Binary files /dev/null and b/opsec/livemode/3.png differ
diff --git a/opsec/livemode/4.png b/opsec/livemode/4.png
new file mode 100644
index 0000000..9050e8d
Binary files /dev/null and b/opsec/livemode/4.png differ
diff --git a/opsec/livemode/5.png b/opsec/livemode/5.png
new file mode 100644
index 0000000..ee8755f
Binary files /dev/null and b/opsec/livemode/5.png differ
diff --git a/opsec/livemode/6.png b/opsec/livemode/6.png
new file mode 100644
index 0000000..971357c
Binary files /dev/null and b/opsec/livemode/6.png differ
diff --git a/opsec/livemode/index.html b/opsec/livemode/index.html
new file mode 100644
index 0000000..30c8dc7
--- /dev/null
+++ b/opsec/livemode/index.html
@@ -0,0 +1,340 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>Using the Host-OS in live-mode to prepare for long-term Sensitive Use</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-11-03</ba></p>
+<h1>Using the Host-OS in live-mode to prepare for long-term Sensitive Use </h1>
+<img src="../deniability/7.png" class="imgRz">
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>System Harddrive: not LUKS encrypted <a href="https://www.kicksecure.com/wiki/Ram-wipe">[1]</a></p></li>
+    <li><p>Non-System Harddrive: 500Gb (will be used to contain our <a href="../veracrypt/index.html">Veracrypt</a> encrypted volumes)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">QEMU/KVM</a></p></li>
+</ol>
+
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>What is the usecase ?</b></h2>
+<p>The main usecase of using your Host OS in live mode, is that you want to use it for long term sensitive activities (meaning, you want to save sensitive files on a harddrive). <b>As you're going to see, using the Host OS in live mode is effectively a hard requirement for deniability</b>.</p>
+<p>When we are talking sensitive use, we are talking about our need of Deniability. Which means that we need to use deniable encryption using <a href="../veracrypt/index.html">Veracrypt's hidden volumes</a>:</p>
+<img src="../deniability/5.png" class="imgRz">
+<p>In theory it is impossible to prove the existence of the hidden volume by itself once it is closed, <b>and if there is no proof of it's existence our deniability is maintained.</b> </p>
+<p>But the issue is that we have more variables that we also need to keep under control, on the Host OS side you have <b>system logs, kernel logs</b>, the various other <b>non-standard log files</b> that software is writing on the disk, and even <b>the content of the RAM itself</b> can be used to prove the existence of a hidden volume.</p>
+<img src="3.png" class="imgRz">
+<p>Now when you are using your computer for regular public, private and anonymous activities, normally you don't need to care about those things. But the Host OS is a potential goldmine of forensic evidence to be used against you, <b>so for sensitive use specifically we need to take care of it.</b></p>
+<p>Now you could start to manually erase all logs, all kernel logs, all non-standard system logs, manually overwrite the RAM contents, but this is going to be way too tedious and you're likely to miss something. So we have one simple solution: <b>use the Host OS in live mode</b>.</p>
+<img src="4.png" class="imgRz">
+<p>Thanks to live mode, <b>we are able to load the entire Host OS in RAM directly</b>, allowing us to avoid writing anything on the system disk (no system logs, no kernel logs, no non-standard logs, <b>only ram contents to worry about</b>)</p>
+<p>And since everything is loaded inside the RAM, <b>all we need is to reboot the computer to wipe all of the RAM contents</b>, effectively <b>erase all forensic evidence (and all potential forensic evidence) of the existence of the hidden volume in one simple action.</b></p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Setting up Live Mode</b></h2> </br> </br>
+<p>To do so, we need to install Kickstart's apt repository to have the grub-live package:</p>
+<pre><code class="nim">
+nothing@debian-tests:~$ su -
+Password: 
+root@debian-tests:~# wget https://www.kicksecure.com/keys/derivative.asc
+--2024-11-04 07:22:22--  https://www.kicksecure.com/keys/derivative.asc
+Resolving www.kicksecure.com (www.kicksecure.com)... 95.216.66.124, 64:ff9b::5fd8:427c
+Connecting to www.kicksecure.com (www.kicksecure.com)|95.216.66.124|:443... connected.
+HTTP request sent, awaiting response... 200 OK
+Length: 77312 (76K) [application/octet-stream]
+Saving to: ‘derivative.asc’
+
+derivative.asc            100%[=====================================>]  75.50K  --.-KB/s    in 0.1s    
+
+2024-11-04 07:22:22 (794 KB/s) - ‘derivative.asc’ saved [77312/77312]
+
+root@debian-tests:~# sudo cp ~/derivative.asc /usr/share/keyrings/derivative.asc
+root@debian-tests:~# echo "deb [signed-by=/usr/share/keyrings/derivative.asc] https://deb.kicksecure.com bookworm main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list
+deb [signed-by=/usr/share/keyrings/derivative.asc] https://deb.kicksecure.com bookworm main contrib non-free
+root@debian-tests:~# sudo apt-get update -y
+Hit:1 http://security.debian.org/debian-security bookworm-security InRelease
+Hit:2 http://deb.debian.org/debian bookworm InRelease                     
+Hit:3 http://deb.debian.org/debian bookworm-updates InRelease             
+Get:4 https://deb.kicksecure.com bookworm InRelease [62.0 kB]             
+Get:5 https://deb.kicksecure.com bookworm/main amd64 Packages [37.6 kB]
+Get:6 https://deb.kicksecure.com bookworm/contrib amd64 Packages [509 B]
+Get:7 https://deb.kicksecure.com bookworm/non-free amd64 Packages [917 B]
+Fetched 101 kB in 1s (73.7 kB/s)
+Reading package lists... Done
+
+</code></pre>
+<p>Then we install the grub-live package, and the ram-wipe package <b>(warning, the ram-wipe package may cause your system to fail to boot in case if you encrypted the system drive using LUKS, click <a href="https://www.kicksecure.com/wiki/Ram-wipe">here</a> for more details on this)</b>. Therefore i recommend having the <a href="../linux/index.html">Host OS</a> system drive not encrypted until dracut supports LUKS encryption, but it shouldn't matter though, as the actual VMs that we'll be running will be on a non-system drive, which will be manually kept in <a href="../veracrypt/index.html">deniable encryption</a>.</p>
+<pre><code class="nim">
+root@debian-tests:~#  apt install grub-live ram-wipe -y
+
+</pre></code>
+
+<p>Once that's done, let's take a quick look at the mounted drives using the lsblk command:</p>
+<pre><code class="nim">
+nothing@debian-tests:~$ lsblk
+NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
+sr0     11:0    1 1024M  0 rom  
+vda    254:0    0   20G  0 disk 
+<b>├─vda1 254:1    0   19G  0 part /</b>
+├─vda2 254:2    0    1K  0 part 
+└─vda5 254:5    0  975M  0 part [SWAP]
+vdb    254:16   0    1G  0 disk 
+
+</code></pre>
+<p>As you can see here, we are not yet in live mode, so you can see the vda1 system drive mounted in the root directory, meaning that by default everything that is written on the disk by the Host OS is actually being written into the disk, rather than the RAM. So let's reboot to get into live mode:</p>
+<pre><code class="nim">
+root@debian-tests:~# reboot now 
+
+</code></pre>
+
+<p>and then when you reboot your host OS, you should see that there is a new boot option to choose from grub:</p>
+<img src="../deniability/7.png" class="imgRz">
+
+
+<p>So we select it to boot into the OS, and then we're in live mode!</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Testing Live Mode</b></h2> </br> </br>
+<p>now we're back into the host OS in live mode, let's first open a terminal and validate that we are in live mode by running lsblk:</p>
+<pre><code class="nim">
+nothing@debian-tests:~$ lsblk
+NAME   MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
+sr0     11:0    1 1024M  0 rom  
+vda    254:0    0   20G  0 disk 
+<b>├─vda1 254:1    0   19G  0 part /usr/lib/live/mount/medium
+│                               /usr/lib/live/mount/rootfs/filesystem
+│                               /run/live/medium
+│                               /run/live/rootfs/filesystem</b>
+├─vda2 254:2    0    1K  0 part 
+└─vda5 254:5    0  975M  0 part [SWAP]
+vdb    254:16   0    1G  0 disk 
+	
+</code></pre>
+<p>Here you can see that we have the <b>/dev/vda1 system drive</b> mounted under the <b>/run/live</b> and <b>/usr/lib/live</b> directories, so basically now everything that is normally being written into the system disk (like system logs, kernel logs, non-standard logs, and every other file) <b>is instead being written into the RAM, and not writing on the system disk at all.</b> </p>
+<p>To test this, we'll create a file in the system drive:</p>
+<pre><code class="nim">
+nothing@debian-tests:~$ vim test.txt
+nothing@debian-tests:~$ cat test.txt 
+THis has been written in the system disk vda1 from live mode !
+	
+</code></pre>
+<p>and then we will create a file in the <b>non-system drive /dev/vdb</b> (which contains a veracrypt hidden volume):</p>
+<img src="1.png" class="imgRz">
+<pre><code class="nim">
+nothing@debian-tests:~$ lsblk
+NAME         MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
+sr0           11:0    1  1024M  0 rom  
+vda          254:0    0    20G  0 disk 
+├─vda1       254:1    0    19G  0 part /usr/lib/live/mount/medium
+│                                      /usr/lib/live/mount/rootfs/filesystem
+│                                      /run/live/medium
+│                                      /run/live/rootfs/filesystem
+├─vda2       254:2    0     1K  0 part 
+└─vda5       254:5    0   975M  0 part [SWAP]
+<b>vdb          254:16   0     1G  0 disk 
+└─veracrypt1 253:0    0 499.9M  0 dm   /media/veracrypt1</b>
+
+nothing@debian-tests:~$ cd /media/veracrypt1/
+nothing@debian-tests:/media/veracrypt1$ ls
+lost+found
+nothing@debian-tests:/media/veracrypt1$ vim test2.txt
+nothing@debian-tests:/media/veracrypt1$ cat test2.txt 
+this is a test file written from live mode, into a non-system drive!
+	
+</code></pre>
+
+<p>Then we simply reboot the host OS into regular non-live mode to check if our first test file on the system drive is gone, and if the second test file on the non-system drive has been effectively saved:</p>
+<img src="2.png" class="imgRz">
+<p>And then we check that the first test file we created in the system drive is effectively not there anymore:</p>
+<pre><code class="nim">
+nothing@debian-tests:~$ lsblk
+NAME         MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
+sr0           11:0    1  1024M  0 rom  
+vda          254:0    0    20G  0 disk 
+├─vda1       254:1    0    19G  0 part /
+├─vda2       254:2    0     1K  0 part 
+└─vda5       254:5    0   975M  0 part [SWAP]
+vdb          254:16   0     1G  0 disk 
+└─veracrypt1 253:0    0 499.9M  0 dm   /media/veracrypt1
+
+nothing@debian-tests:~$ cat test.txt
+cat: test.txt: No such file or directory
+	
+</code></pre>
+<p>And then we check if the file we created in the non-system veracrypt hidden volume is effectively still there:</p>
+<pre><code class="nim">
+nothing@debian-tests:~$ cat /media/veracrypt1/test2.txt 
+this is a test file written from live mode, into a non-system drive!
+	
+</code></pre>
+<p>And that's it ! we have now validated that running the Host OS in live mode could protect our veracrypt hidden volume's existence from being proven, protecting our deniability. </p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Emergency Shutdown Script</b></h2> </br> </br>
+<p>Now in order to make sure we can shutdown the Host OS quickly, we need to have an emergency shutdown script, that can be ran by a non-root user in order to immediately shutdown the Host OS whenever we need it.</p>
+
+<p>First we need to make sure the user is able to run the shutdown command:</p>
+<pre><code class="nim">
+nothing@debian:~$ su -
+Password: 
+root@debian:~# visudo
+
+
+[...]
+
+nothing ALL=NOPASSWD:/sbin/shutdown
+nothing ALL=NOPASSWD:/sbin/reboot
+
+[...]
+
+</pre></code>
+<p>Then we create a simple shutdown.sh script:</p>
+<pre><code class="nim">
+nothing@debian:~$ vim shutdown.sh
+nothing@debian:~$ cat shutdown.sh 
+#!/bin/bash
+
+/sbin/shutdown -h now
+
+nothing@debian:~$ chmod +x shutdown.sh 
+
+</pre></code>
+<p>Then, you need to hook it up to a shortcut, such as <b>Super+R</b>, i'm going to do it in Cinnamon as this is the Desktop Environment i use:</p>
+<img src="5.png" class="imgRz">
+<img src="6.png" class="imgRz">
+<p>And thats it! you now you have a shortcut that you can use to immediately shutdown the Host OS.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/mail/index.html b/opsec/mail/index.html
index 83a0527..b8836b2 100644
--- a/opsec/mail/index.html
+++ b/opsec/mail/index.html
@@ -225,7 +225,7 @@ If anyone knows a particular hosting service that ALLOWS port 25 and other mail-
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/mailinabox/index.html b/opsec/mailinabox/index.html
index ea2eff0..5e4e642 100644
--- a/opsec/mailinabox/index.html
+++ b/opsec/mailinabox/index.html
@@ -125,7 +125,7 @@ root@mail:~# reboot now
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/mailprivate/index.html b/opsec/mailprivate/index.html
index b7e4e5f..eccbf63 100644
--- a/opsec/mailprivate/index.html
+++ b/opsec/mailprivate/index.html
@@ -909,7 +909,7 @@ ssl_cert = <<b></b>/etc/letsencrypt/live/mail.nowhere.moe/fullchain.pem
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/manifesto/index.html b/opsec/manifesto/index.html
index 18318eb..a6504cd 100644
--- a/opsec/manifesto/index.html
+++ b/opsec/manifesto/index.html
@@ -180,7 +180,7 @@ Honorable reasons:
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/mastodon/index.html b/opsec/mastodon/index.html
index f2799f4..f6dc24f 100644
--- a/opsec/mastodon/index.html
+++ b/opsec/mastodon/index.html
@@ -1036,7 +1036,7 @@ You can change your password once you login.
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/monero/index.html b/opsec/monero/index.html
index 0df0263..e2a2e8a 100644
--- a/opsec/monero/index.html
+++ b/opsec/monero/index.html
@@ -912,7 +912,7 @@ WantedBy=multi-user.target
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/monero2024/index.html b/opsec/monero2024/index.html
index 2ca71d0..724d0ee 100644
--- a/opsec/monero2024/index.html
+++ b/opsec/monero2024/index.html
@@ -289,7 +289,7 @@ Important commands:
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/monero2024/node.html b/opsec/monero2024/node.html
index 7d13f8d..bf08cf6 100644
--- a/opsec/monero2024/node.html
+++ b/opsec/monero2024/node.html
@@ -231,7 +231,7 @@ status
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/multiple_identities/index.html b/opsec/multiple_identities/index.html
index 222e045..826a48d 100644
--- a/opsec/multiple_identities/index.html
+++ b/opsec/multiple_identities/index.html
@@ -225,7 +225,7 @@
             <h4>Nihilism</h4>
             <p>
               Until there is Nothing left.<br>
-              Creative Commons Zero: No Rights Reserved<br>
+              Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a><br>
               <img src="\CC0.png" alt="Creative Commons Zero">
             </p>
           </div>
diff --git a/opsec/nonkycdomains/index.html b/opsec/nonkycdomains/index.html
index 3ecf541..f291b3a 100644
--- a/opsec/nonkycdomains/index.html
+++ b/opsec/nonkycdomains/index.html
@@ -109,7 +109,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/onionshare/index.html b/opsec/onionshare/index.html
index 02e9cfc..94574f7 100644
--- a/opsec/onionshare/index.html
+++ b/opsec/onionshare/index.html
@@ -114,7 +114,7 @@ sudo apt install onionshare
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/openhardware/index.html b/opsec/openhardware/index.html
index 825a977..88aee56 100644
--- a/opsec/openhardware/index.html
+++ b/opsec/openhardware/index.html
@@ -149,7 +149,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/opsec/index.html b/opsec/opsec/index.html
index e0f1b99..a27bd19 100644
--- a/opsec/opsec/index.html
+++ b/opsec/opsec/index.html
@@ -261,7 +261,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/opsec4levels/index.html b/opsec/opsec4levels/index.html
index 85db860..85a5f10 100644
--- a/opsec/opsec4levels/index.html
+++ b/opsec/opsec4levels/index.html
@@ -180,7 +180,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/p2ptorrents/index.html b/opsec/p2ptorrents/index.html
index 26a2171..2bd2d84 100644
--- a/opsec/p2ptorrents/index.html
+++ b/opsec/p2ptorrents/index.html
@@ -218,7 +218,7 @@ Larry is now leeching the file that Sam is seeding! After a bit of time the tran
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/passwordmanagement/index.html b/opsec/passwordmanagement/index.html
index 4e543ee..7d742cc 100644
--- a/opsec/passwordmanagement/index.html
+++ b/opsec/passwordmanagement/index.html
@@ -128,7 +128,7 @@ nihilist@mainpc:~/Nextcloud/blog$ keepassxc
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/pf_captive/index.html b/opsec/pf_captive/index.html
index 58fad09..2f77345 100644
--- a/opsec/pf_captive/index.html
+++ b/opsec/pf_captive/index.html
@@ -126,7 +126,7 @@ the bind user is in the pfsense-admin group:</p>
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/pf_virt/index.html b/opsec/pf_virt/index.html
index 66608ea..633f201 100644
--- a/opsec/pf_virt/index.html
+++ b/opsec/pf_virt/index.html
@@ -174,7 +174,7 @@ systemctl enable lightdm --now
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/pgp/index.html b/opsec/pgp/index.html
index 2ec4e1a..70828da 100644
--- a/opsec/pgp/index.html
+++ b/opsec/pgp/index.html
@@ -482,7 +482,7 @@ gpg: Good signature from "nihilist <<b></b>nihilist@nowhere.moe>" [ultimate]
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/phonenumbers/index.html b/opsec/phonenumbers/index.html
index d307868..2a99c70 100644
--- a/opsec/phonenumbers/index.html
+++ b/opsec/phonenumbers/index.html
@@ -145,7 +145,7 @@ Telegram, is a centralised service that <a href="https://www.geeksforgeeks.org/h
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/physicalsecurity/index.html b/opsec/physicalsecurity/index.html
index 911bf33..627483d 100644
--- a/opsec/physicalsecurity/index.html
+++ b/opsec/physicalsecurity/index.html
@@ -1430,7 +1430,7 @@ sed: can't read /root/.bash_history: Permission denied
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/plausiblydeniabledataprotection/index.html b/opsec/plausiblydeniabledataprotection/index.html
index 754b67a..fff1aff 100644
--- a/opsec/plausiblydeniabledataprotection/index.html
+++ b/opsec/plausiblydeniabledataprotection/index.html
@@ -238,7 +238,7 @@ echo '[+] SENSITIVE BACKUP COMPLETED, NOW HIDE ALL 3 IN HIDDEN LOCATIONS, UNMOUN
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/privacy/1.png b/opsec/privacy/1.png
index 156ad4e..fbafb69 100644
Binary files a/opsec/privacy/1.png and b/opsec/privacy/1.png differ
diff --git a/opsec/privacy/2.JPG b/opsec/privacy/2.JPG
new file mode 100644
index 0000000..0791ced
Binary files /dev/null and b/opsec/privacy/2.JPG differ
diff --git a/opsec/privacy/3.png b/opsec/privacy/3.png
new file mode 100644
index 0000000..bf6376b
Binary files /dev/null and b/opsec/privacy/3.png differ
diff --git a/opsec/privacy/index.html b/opsec/privacy/index.html
index a926556..7340695 100644
--- a/opsec/privacy/index.html
+++ b/opsec/privacy/index.html
@@ -103,7 +103,6 @@
 <p>And it does not stop there, even when LE is not involved, <b>politicians can also request and pay to get private user data</b>, at the discretion of those large companies that specialize on infringing upon users' privacy for their own profit <a href="https://en.wikipedia.org/wiki/Facebook%E2%80%93Cambridge_Analytica_data_scandal">(see the cambridge analytica scandal)</a>.</p>
 <p>Your personal data is being sold by large corporations, for their own profit, and your consent is of no concern to them.</p>
 
-
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
@@ -115,6 +114,27 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>The Panopticon, Myth or Reality ?</b></h2> </br> </br>
+<p>The Panopticon originally was a prison building design,  which was designed by the social theorist Jeremy Bentham in the 18th century, where the core concept revolved around making all prisoners to be observed by a single cop, <b>without the inmates being able to know wether or not they are being watched</b>. </p>
+<img src="2.JPG" class="imgRz">
+<p>The idea is that every inmate, since they don't know wether or not they are being watched, <b>they would have to assume that they were under constant surveillance, forcing all of them to behave at their best</b>, even if the cop is not looking in their direction.</p>
+<p>Now you probably get where i'm trying to go with this, <b>this is the narrative that governments are trying to push, that everyone's actions are under constant surveillance, that everyone must behave at their best at all times if they don't want to end up in jail.</b> And how convenient it must be for those governments, they have the vast majority of their populations giving away their privacy in the name of convenience by using closed-source software on their phones, on their computers, on their laptops, on their routers, etc. </p>
+<p><b>If privacy doesn't matter, i hope you won't mind me installing a camera in your bedroom, filming you 24/7 right ?</b></p>
+<img src="3.png" class="imgRz">
+<p>For some reason, it is as if everyone is accepting the panopticon narrative as if it was normal, that everything they do is anyway being watched by big brother and for some reason that's supposed to be ok. Exhibitionism definitely isn't my thing, but governments and law enforcement certainly are into voyeurism, as it helps them prosecute whoever they don't like, to try and preserve the control they have over the masses.</p>
+<p><b>The panopticon myth ends where you decide to put the effort to restore your privacy</b>, you could simply pull over the blinds to prevent outsiders from looking at what you're doing in your bedroom, but there are a myriad of things you have to do to protect your privacy online. <b>It is all up to you if you are willing to put the effort to get it, or not.</b></p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
           <h2><b>Why is Privacy Important?</b></h2> </br> </br>
 <p>Ask yourself this simple question: <b>"Who should be aware of what i do ?"</b></p>
 <p>Let's take the most common example you can encounter: <b>"Should a company (such as Microsoft) be able to spy on what I do with my computer ?"</b></p>
@@ -139,7 +159,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/privacyvsanonymity/index.html b/opsec/privacyvsanonymity/index.html
index 8112778..79f100a 100644
--- a/opsec/privacyvsanonymity/index.html
+++ b/opsec/privacyvsanonymity/index.html
@@ -168,7 +168,7 @@ Alice is talking to Bob, behind closed doors. Jack can't hear their conversation
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/runtheblog/0.png b/opsec/runtheblog/0.png
new file mode 100644
index 0000000..7b23394
Binary files /dev/null and b/opsec/runtheblog/0.png differ
diff --git a/opsec/runtheblog/1.png b/opsec/runtheblog/1.png
new file mode 100644
index 0000000..2c56441
Binary files /dev/null and b/opsec/runtheblog/1.png differ
diff --git a/opsec/runtheblog/10.png b/opsec/runtheblog/10.png
new file mode 100644
index 0000000..8883c6b
Binary files /dev/null and b/opsec/runtheblog/10.png differ
diff --git a/opsec/runtheblog/11.png b/opsec/runtheblog/11.png
new file mode 100644
index 0000000..c7023d0
Binary files /dev/null and b/opsec/runtheblog/11.png differ
diff --git a/opsec/runtheblog/12.png b/opsec/runtheblog/12.png
new file mode 100644
index 0000000..4b7b0d2
Binary files /dev/null and b/opsec/runtheblog/12.png differ
diff --git a/opsec/runtheblog/13.png b/opsec/runtheblog/13.png
new file mode 100644
index 0000000..074b131
Binary files /dev/null and b/opsec/runtheblog/13.png differ
diff --git a/opsec/runtheblog/14.png b/opsec/runtheblog/14.png
new file mode 100644
index 0000000..3b0d56a
Binary files /dev/null and b/opsec/runtheblog/14.png differ
diff --git a/opsec/runtheblog/15.png b/opsec/runtheblog/15.png
new file mode 100644
index 0000000..68c579f
Binary files /dev/null and b/opsec/runtheblog/15.png differ
diff --git a/opsec/runtheblog/16.png b/opsec/runtheblog/16.png
new file mode 100644
index 0000000..9bd11ae
Binary files /dev/null and b/opsec/runtheblog/16.png differ
diff --git a/opsec/runtheblog/17.png b/opsec/runtheblog/17.png
new file mode 100644
index 0000000..c582123
Binary files /dev/null and b/opsec/runtheblog/17.png differ
diff --git a/opsec/runtheblog/18.png b/opsec/runtheblog/18.png
new file mode 100644
index 0000000..9f0323e
Binary files /dev/null and b/opsec/runtheblog/18.png differ
diff --git a/opsec/runtheblog/19.png b/opsec/runtheblog/19.png
new file mode 100644
index 0000000..df319dd
Binary files /dev/null and b/opsec/runtheblog/19.png differ
diff --git a/opsec/runtheblog/2.png b/opsec/runtheblog/2.png
new file mode 100644
index 0000000..574cb22
Binary files /dev/null and b/opsec/runtheblog/2.png differ
diff --git a/opsec/runtheblog/20.png b/opsec/runtheblog/20.png
new file mode 100644
index 0000000..7f05dba
Binary files /dev/null and b/opsec/runtheblog/20.png differ
diff --git a/opsec/runtheblog/21.png b/opsec/runtheblog/21.png
new file mode 100644
index 0000000..d473d05
Binary files /dev/null and b/opsec/runtheblog/21.png differ
diff --git a/opsec/runtheblog/22.png b/opsec/runtheblog/22.png
new file mode 100644
index 0000000..b92fbcc
Binary files /dev/null and b/opsec/runtheblog/22.png differ
diff --git a/opsec/runtheblog/23.png b/opsec/runtheblog/23.png
new file mode 100644
index 0000000..ee27801
Binary files /dev/null and b/opsec/runtheblog/23.png differ
diff --git a/opsec/runtheblog/24.png b/opsec/runtheblog/24.png
new file mode 100644
index 0000000..e53a9e5
Binary files /dev/null and b/opsec/runtheblog/24.png differ
diff --git a/opsec/runtheblog/3.png b/opsec/runtheblog/3.png
new file mode 100644
index 0000000..7e7e25e
Binary files /dev/null and b/opsec/runtheblog/3.png differ
diff --git a/opsec/runtheblog/4.png b/opsec/runtheblog/4.png
new file mode 100644
index 0000000..4705c5f
Binary files /dev/null and b/opsec/runtheblog/4.png differ
diff --git a/opsec/runtheblog/5.png b/opsec/runtheblog/5.png
new file mode 100644
index 0000000..3d42d7c
Binary files /dev/null and b/opsec/runtheblog/5.png differ
diff --git a/opsec/runtheblog/6.png b/opsec/runtheblog/6.png
new file mode 100644
index 0000000..e4c19b5
Binary files /dev/null and b/opsec/runtheblog/6.png differ
diff --git a/opsec/runtheblog/7.png b/opsec/runtheblog/7.png
new file mode 100644
index 0000000..bf25fe2
Binary files /dev/null and b/opsec/runtheblog/7.png differ
diff --git a/opsec/runtheblog/8.png b/opsec/runtheblog/8.png
new file mode 100644
index 0000000..946675d
Binary files /dev/null and b/opsec/runtheblog/8.png differ
diff --git a/opsec/runtheblog/9.png b/opsec/runtheblog/9.png
new file mode 100644
index 0000000..ccd7fc9
Binary files /dev/null and b/opsec/runtheblog/9.png differ
diff --git a/opsec/runtheblog/index.html b/opsec/runtheblog/index.html
new file mode 100644
index 0000000..807a418
--- /dev/null
+++ b/opsec/runtheblog/index.html
@@ -0,0 +1,648 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>How to run the Nihilism Blog Yourself</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-11-12</ba></p>
+<h1>How to run the Nihilism Blog Yourself </h1>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Why are you letting me run the blog ? </b></h2>
+<p>As you have probably noticed after looking at the footer of any of the blogposts in this blog, they are all licensed under the public domain license. This means that there is no copyright restrictions at all, it is free for all, forever.</p>
+<img src="0.png" class="imgRz"> 
+<p>The reason behind this stems from <a href="../../productivity/sum-nihil/index.html">Sum Nihil</a>, where i strongly believe that it doesn't matter who does the work, who gets the fame, who gets to profit off of it, <b>what truly matters is that the work gets done</b>, no matter who does it.</p>
+<p>Here, <b>the work is to make sure that everyone out there knows that when using the right technology in the right way, they cannot be oppressed, silenced, censored, controlled, and governed anymore.</b> If you can help me reach that goal i'm definitely going to welcome it, even if it means to allow other people to run the blog.</p>
+<p>The entire blog is meant to remain available for free, for everyone, over clearnet and over the Tor network. Ideally i'd like it to be resillient to takedowns in the case if something were to happen to me in the future. <b>Therefore, the more people run the blog themselves, the more resillient it will become, and the farther the word will be able to go out there.</b> </p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Clearnet Setup</b></h2> </br> </br>
+<p>Now if you are interested in helping me get the word accross, you can run the blog yourself like so:</p>
+<p>On a debian server (VPS or not), install the following packages:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ sudo apt install nginx wget curl -y
+	
+</code></pre>
+
+<p>Then, you need to download the blog somewhere, you can simply git clone it from the blog-contributions gitea repository into the /srv/ directory:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ git clone https://git.nowhere.moe/nihilist/blog-contributions /srv/blog/
+	
+</code></pre>
+
+<p>then you can use this nginx configuration (and dont forget to enable it with a symlink to sites-enabled):</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ rm /etc/nginx/sites-*/default
+
+[ Datura ] [ /dev/pts/23 ] [~]
+→ vim /etc/nginx/sites-available/blog.nowhere.moe
+
+[ Datura ] [ /dev/pts/23 ] [~]
+→ ln -s /etc/nginx/sites-available/blog.nowhere.moe /etc/nginx/sites-enabled/
+
+[ Datura ] [ /dev/pts/23 ] [~]
+→ cat /etc/nginx/sites-available/blog.nowhere.moe
+	
+server {
+        listen 80;
+        listen [::]:80;
+        server_name blog.nowhere.moe;
+        return 301 https://$server_name$request_uri;
+}
+
+server {
+        ######## TOR CHANGES ########
+        listen 4443;
+        listen [::]:4443;
+        server_name blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion;
+        add_header Onion-Location "http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion$request_uri" always;
+        ######## TOR CHANGES ########
+
+        listen 443 ssl http2;
+        listen [::]:443 ssl http2;
+        server_name blog.nowhere.moe;
+########################################## HARDENING SSL #############################################
+                ssl_certificate /root/.acme.sh/blog.nowhere.moe/fullchain.cer;
+                                ssl_certificate_key /root/.acme.sh/blog.nowhere.moe/blog.nowhere.moe.key;
+                ssl_dhparam     /root/.acme.sh/dhparam.pem;
+
+
+# SSL Settings
+                ssl_protocols TLSv1.2 TLSv1.3;
+                ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+                ssl_prefer_server_ciphers on;
+
+
+                ssl_session_cache shared:SSL:10m;
+                ssl_session_timeout 10m;
+                ssl_session_tickets off;
+                ssl_ecdh_curve auto;
+
+                # OCSP stapling
+                ssl_stapling on;
+                ssl_stapling_verify on;
+                ssl_trusted_certificate /root/.acme.sh/blog.nowhere.moe/fullchain.cer;
+                resolver 1.1.1.1 208.67.222.222;
+
+                add_header Strict-Transport-Security "max-age=63072000" always;
+
+
+
+
+        access_log  off;
+    error_log off;
+###################################END OF HARDENING SSL###########################################
+
+
+
+                root /srv/blog/;
+                                rewrite ^/servers/anon.html /opsec/index.html permanent;
+                                rewrite ^/servers/(.*)$ /opsec/$1 permanent;
+                index index.html;
+}
+</code></pre>
+<p>but as you can see we're missing the TLS certificates, so let's get them using acme.sh:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ wget -O -  https://get.acme.sh | sh -s email=nihilist@contact.nowhere.moe
+
+[ Datura ] [ /dev/pts/23 ] [~]
+→ systemctl stop nginx ; acme.sh --issue --standalone -d blog.nowhere.moe -k 4096; systemctl start nginx
+	
+</code></pre>
+<p>And now that we have them, let's see if the nginx config is correct:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ nginx -t
+nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
+nginx: configuration file /etc/nginx/nginx.conf test is successful
+	
+</code></pre>
+<p>Now that the nginx config is correct let's restart nginx to load in the new config:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ systemctl restart nginx 
+	
+</code></pre>
+<p>And then we can see that the website is up and reachable at the clearnet domain:</p>
+<img src="1.png" class="imgRz"> 
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Tor Hidden Service Setup</b></h2> </br> </br>
+<p>Since clearnet websites are easily censorable nowadays, let's make sure it is censorship-resistant by making it available over Tor. Let's first install Tor:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ apt install tor -y
+	
+</code></pre>
+
+<p>Then we git clone the mkp repository to be able to generate an onion hidden service address: </p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ apt install gcc libc6-dev libsodium-dev make autoconf tor
+
+[ Datura ] [ /dev/pts/23 ] [~]
+→ git clone https://github.com/cathugger/mkp224o /srv/mkp224o
+
+[ Datura ] [ /dev/pts/23 ] [/srv/mkp224o]
+→ cd /srv/mkp224o ; ./autogen.sh ; ./configure ; make
+
+[ Datura ] [ /dev/pts/23 ] [/srv/mkp224o]
+→ ./mkp224o datura
+sorting filters... done.
+filters:
+        datura
+in total, 1 filter
+using 12 threads
+daturacccspczuluj2hbgqfcpkjo75hn7bzmuzsm5zys3az6k3su45ad.onion
+daturaxnp7x4ubwlslgyeaft5dabaxotmsaxanayocnpxarc7wi36kid.onion
+
+[ Datura ] [ /dev/pts/23 ] [/srv/mkp224o]
+→ mkdir /var/lib/tor/onions 
+
+[ Datura ] [ /dev/pts/23 ] [/srv/mkp224o]
+→ mv daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion /var/lib/tor/onions 
+
+[ Datura ] [ /dev/pts/11 ] [lib/tor/onions]
+→ ls -lash
+total 16K
+4.0K drwx------ 4 debian-tor debian-tor 4.0K Jan 27 15:33 .
+4.0K drwx--S--- 8 debian-tor debian-tor 4.0K Feb  1 15:08 ..
+4.0K drwx------ 3 debian-tor debian-tor 4.0K Jul 12  2023 daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion
+4.0K drwx------ 3 debian-tor debian-tor 4.0K Jan 27 15:48 nihilhfjmj55gfbleupwl2ub7lvbhq4kkoioatiopahfqwkcnglsawyd.onion
+
+[ Datura ] [ /dev/pts/11 ] [lib/tor/onions]
+→ ls -lash daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion
+total 24K
+4.0K drwx------ 3 debian-tor debian-tor 4.0K Jul 12  2023 .
+4.0K drwx------ 4 debian-tor debian-tor 4.0K Jan 27 15:33 ..
+4.0K drwx------ 2 debian-tor debian-tor 4.0K Jul 12  2023 authorized_clients
+4.0K -r-------- 1 debian-tor debian-tor   63 Jul 12  2023 hostname
+4.0K -r-------- 1 debian-tor debian-tor   64 Jul 12  2023 hs_ed25519_public_key
+4.0K -r-------- 1 debian-tor debian-tor   96 Jul 12  2023 hs_ed25519_secret_key
+
+</code></pre>
+
+<p>Then after copying the hidden service files where they belong we change the directory rights accordingly:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/11 ] [lib/tor/onions]
+→ chmod 700 daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion
+
+[ Datura ] [ /dev/pts/11 ] [lib/tor/onions]
+→ chmod 400 daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/*
+
+[ Datura ] [ /dev/pts/11 ] [lib/tor/onions]
+→ chmod 700 daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/authorized_clients -R
+
+[ Datura ] [ /dev/pts/11 ] [lib/tor/onions]
+→ chown debian-tor: /var/lib/tor/onions -R
+
+</code></pre>
+<p>Then we edit the torrc config file to make sure it uses the correct hidden service directory, along with a port to be used to access the website:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/11 ] [/srv/mkp224o]
+→ cat /etc/tor/torrc
+HiddenServiceDir /var/lib/tor/onions/daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/
+HiddenServicePort 80 127.0.0.1:4443  # for web service HTTP (recommended!)
+HiddenServicePort 443 127.0.0.1:4444 # for web service HTTPS (but not recommended!)
+
+HiddenServicePort 18080 127.0.0.1:18080 # for monero nodes
+HiddenServicePort 18081 127.0.0.1:18081 # for monero nodes
+
+# to have another hidden service, you can append it afterward like so; but you need to use different ports:
+
+HiddenServiceDir /var/lib/tor/onions/daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion/
+HiddenServicePort 80 127.0.0.1:4445
+
+</code></pre>
+<p>Then we restart Tor to refresh the configuration:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [/srv/mkp224o]
+→ systemctl restart tor@default
+
+[ Datura ] [ /dev/pts/23 ] [/srv/mkp224o]
+→ systemctl status tor@default
+● tor@default.service - Anonymizing overlay network for TCP
+     Loaded: loaded (/lib/systemd/system/tor@default.service; enabled-runtime; preset: enabled)
+     Active: active (running) since Sun 2024-11-10 21:39:43 CET; 2 days ago
+   Main PID: 2790923 (tor)
+      Tasks: 13 (limit: 77002)
+     Memory: 1.5G
+        CPU: 1d 12h 17min 42.199s
+     CGroup: /system.slice/system-tor.slice/tor@default.service
+             └─2790923 /usr/bin/tor --defaults-torrc /usr/share/tor/tor-service-defaults-torrc -f /etc/tor/torrc --RunAsDaemon 0
+
+</code></pre>
+<p>And from there, we edit the nginx configuration to make sure the website is reachable over the tor domain aswell along with having the header set so that the user's tor browser mentions that there is a .onion link available:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ vim /etc/nginx/sites-available/blog.nowhere.moe
+
+[ Datura ] [ /dev/pts/23 ] [/srv/mkp224o]
+→ cat /etc/nginx/sites-available/blog.nowhere.moe
+server {
+        listen 80;
+        listen [::]:80;
+        server_name blog.nowhere.moe;
+        return 301 https://$server_name$request_uri;
+}
+
+server {
+<b>        ######## TOR CHANGES ########
+        listen 4443;
+        listen [::]:4443;
+        server_name blog.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion;
+        add_header Onion-Location "http://blog.daturab6drmkhyeia4ch5gvfc2f3wgo6bhjrv3pz6n7kxmvoznlkq4yd.onion$request_uri" always;
+        ######## TOR CHANGES ########</b>
+
+	[...]
+}
+
+</code></pre>
+<p>And then we refresh nginx and we see that the website can be reached over the .onion link aswell:</p>
+<pre><code class="nim">
+[ Datura ] [ /dev/pts/23 ] [~]
+→ systemctl restart nginx
+
+</code></pre>
+<img src="2.png" class="imgRz"> 
+<img src="3.png" class="imgRz"> 
+<p>And that's it! you now have made your own copy of the blog available over clearnet and Tor.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Setting up Collaboration</b></h2> </br> </br>
+<p>Now if you want to make sure the blog content keeps growing, you'll need to either write your own blogposts in it or setup collaboration:</p>
+<p>Now in order to make sure you can welcome external contributions, you need at least to be able to have a gitea instance like the one i have at <a href="https://git.nowhere.moe/">https://git.nowhere.moe</a>:</p>
+
+<img src="4.png" class="imgRz"> 
+<img src="5.png" class="imgRz"> 
+<img src="6.png" class="imgRz"> 
+<img src="7.png" class="imgRz"> 
+<img src="8.png" class="imgRz"> 
+<p>Now here you have a simple mirror git repo of the blog, once a day it will synchronize the new changes onto your mirror which is always useful to have in case if the <a href="https://git.nowhere.moe/nihilist/blog-contributions">main repository</a> gets taken down.</p>
+
+<p> If it were to get taken down for whatever reason, or if you decide to branch out and do your own thing with the blog, you can edit the repository to not be a mirror anymore (meaning you'll be able to push your own commits without going through me):</p>
+<img src="9.png" class="imgRz"> 
+<img src="10.png" class="imgRz"> 
+<img src="11.png" class="imgRz"> 
+
+<p>And once done you can recreate the collaboration kanban board like so:</p>
+<img src="12.png" class="imgRz"> 
+<img src="14.png" class="imgRz"> 
+<img src="13.png" class="imgRz"> 
+<img src="15.png" class="imgRz"> 
+<p>Then you can add the an issue per tutorial into it like so:</p>
+<img src="16.png" class="imgRz"> 
+<img src="17.png" class="imgRz"> 
+<img src="18.png" class="imgRz"> 
+<p>You can also add labels to add more details on each issue, to be visible from the kanban board:</p>
+<img src="19.png" class="imgRz"> 
+<img src="20.png" class="imgRz"> 
+<img src="21.png" class="imgRz"> 
+<p>Then on each issue you can add labels on each like so:</p>
+<img src="22.png" class="imgRz"> 
+<p>Here the workflow is preety straightforward, the first column is there for the tutorials that dont have the todolist written yet, the second column is for those that do but aren't assigned to someone yet, the third column is for the assigned tutorials (with a 1 month default deadline), the fourth column is for the maintainer to review what the contributor has sent, and the last column is for the tutorials that are completed:</p>
+<img src="23.png" class="imgRz"> 
+<p>And then obviously, don't forget to have a <a href="../anonsimplex/index.html">SimpleX Chatroom</a> to make sure you can chat easily with your contributors like i do <a href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">here</a>, this will help brainstorm ideas quickly and help clear up misconceptions with your audience directly:</p>
+<img src="24.png" class="imgRz"> 
+<p>And there you go! you now have a platform to receive criticism, collaborate and produce quality content.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+  <div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Setting up a Mirror List</b></h2> </br> </br>
+<p>And then to make sure the nihilism blog remains resistant to takedowns, you can update the mirrors.txt file:</p>
+<p>Now in order to give people a list of all the backup blog mirrors in one go, to make it simple i recommend just listing them manually in a textfile that you update on a monthly basis:</p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
+→ vim mirrors.txt
+
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
+→ cat mirrors.txt
+### Active ###
+
+Nihilist:
+-Clearnet: https://blog.nowhere.moe
+-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
+-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
+-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
+
+Anon1:
+-Clearnet: link1
+-Tor: link.onion1
+
+Anon2:
+-Clearnet: link2
+-Tor: link.onion2
+
+
+### Inactive ###
+
+### Removed ###
+
+</pre></code>
+<p>Then each month, validate that each link is still reachable, and if one of the links isnt reachable just move it to the "Inactive" category:</p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
+→ vim mirrors.txt
+
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
+→ cat mirrors.txt
+### Active ###
+
+Nihilist:
+-Clearnet: https://blog.nowhere.moe
+-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
+-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
+-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
+
+Anon1:
+-Clearnet: link1
+-Tor: link.onion1
+
+### Inactive ###
+
+Anon2:
+-Clearnet: link2
+-Tor: link.onion2
+
+### Removed ###
+
+</pre></code>
+
+<p>Next month upon the next review, check if the mirror is still no longer reachable just move it to the "Removed" category:</p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
+→ vim mirrors.txt
+
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog]
+→ cat mirrors.txt
+### Active ###
+
+Nihilist:
+-Clearnet: https://blog.nowhere.moe
+-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
+-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
+-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
+
+Anon1:
+-Clearnet: link1
+-Tor: link.onion1
+
+### Inactive ###
+
+### Removed ###
+
+Anon2:
+-Clearnet: link2
+-Tor: link.onion2
+
+</pre></code>
+<p>Don't forget to git push the file onto the git repository and you're good !</p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
+→ vim mirrors.txt
+
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
+→ cat mirrors.txt
+### Active ###
+
+Nihilist:
+-Clearnet: https://blog.nowhere.moe
+-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
+-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
+-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
+
+
+
+### Inactive ###
+
+
+### Removed ###
+
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
+→ cat push.sh
+#!/bin/bash
+git config --global user.email "nihilist@contact.nowhere.moe"
+git config --global user.name "nihilist"
+
+git add -A
+git commit
+git push
+
+[ mainpc ] [ /dev/pts/6 ] [~/Nextcloud/blog-contributions]
+→ ./push.sh
+
+add mirrors.txt
+# Please enter the commit message for your changes. Lines starting
+# with '#' will be ignored, and an empty message aborts the commit.
+#
+# On branch main
+# Your branch is up to date with 'origin/main'.
+#
+# Changes to be committed:
+#   new file:   mirrors.txt
+#   modified:   push.sh
+
+:wq
+
+[main 39b29a3] add mirrors.txt
+ 2 files changed, 15 insertions(+), 2 deletions(-)
+ create mode 100644 mirrors.txt
+
+<b>Username for 'https://git.nowhere.moe': nihilist
+Password for 'https://nihilist@git.nowhere.moe':</b>
+
+Enumerating objects: 6, done.
+Counting objects: 100% (6/6), done.
+Delta compression using up to 4 threads
+Compressing objects: 100% (4/4), done.
+Writing objects: 100% (4/4), 581 bytes | 290.00 KiB/s, done.
+Total 4 (delta 1), reused 0 (delta 0), pack-reused 0
+remote: . Processing 1 references
+remote: Processed 1 references in total
+To https://git.nowhere.moe/nihilist/blog-contributions
+   d1bc9ce..39b29a3  main -> main
+
+</pre></code>
+<p>And that's it! you have now made the mirrors.txt file accessible to your audience. They now can simply download it like so:</p>
+<pre><code class="nim">
+[ mainpc ] [ /dev/pts/7 ] [/tmp]
+→ apt install curl -y
+ 
+[ mainpc ] [ /dev/pts/7 ] [/tmp]
+→ curl https://blog.nowhere.moe/mirrors.txt
+### Active ###
+
+Nihilist:
+-Clearnet: https://blog.nowhere.moe
+-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
+-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
+-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
+
+### Inactive ###
+
+### Removed ###
+
+[ mainpc ] [ /dev/pts/7 ] [/tmp]
+→ curl -x socks5h://127.0.0.1:9050 http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/mirrors.txt
+### Active ###
+
+Nihilist:
+-Clearnet: https://blog.nowhere.moe
+-Tor: http://blog.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion
+-Clearnet: https://git.nowhere.moe/nihilist/blog-contributions
+-Tor: http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/blog-contributions
+
+### Inactive ###
+
+### Removed ###
+
+</pre></code>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/sensitiveremotevshome/index.html b/opsec/sensitiveremotevshome/index.html
index 1331cfd..f7b8784 100644
--- a/opsec/sensitiveremotevshome/index.html
+++ b/opsec/sensitiveremotevshome/index.html
@@ -149,7 +149,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/sensitivevm/0.png b/opsec/sensitivevm/0.png
new file mode 100644
index 0000000..0cb9d2c
Binary files /dev/null and b/opsec/sensitivevm/0.png differ
diff --git a/opsec/sensitivevm/1.png b/opsec/sensitivevm/1.png
new file mode 100644
index 0000000..a3ae1a5
Binary files /dev/null and b/opsec/sensitivevm/1.png differ
diff --git a/opsec/sensitivevm/10.png b/opsec/sensitivevm/10.png
new file mode 100644
index 0000000..7cc6b82
Binary files /dev/null and b/opsec/sensitivevm/10.png differ
diff --git a/opsec/sensitivevm/11.png b/opsec/sensitivevm/11.png
new file mode 100644
index 0000000..b694c7c
Binary files /dev/null and b/opsec/sensitivevm/11.png differ
diff --git a/opsec/sensitivevm/12.png b/opsec/sensitivevm/12.png
new file mode 100644
index 0000000..03ee32a
Binary files /dev/null and b/opsec/sensitivevm/12.png differ
diff --git a/opsec/sensitivevm/13.png b/opsec/sensitivevm/13.png
new file mode 100644
index 0000000..777efa7
Binary files /dev/null and b/opsec/sensitivevm/13.png differ
diff --git a/opsec/sensitivevm/14.png b/opsec/sensitivevm/14.png
new file mode 100644
index 0000000..94da2d8
Binary files /dev/null and b/opsec/sensitivevm/14.png differ
diff --git a/opsec/sensitivevm/15.png b/opsec/sensitivevm/15.png
new file mode 100644
index 0000000..4ebf012
Binary files /dev/null and b/opsec/sensitivevm/15.png differ
diff --git a/opsec/sensitivevm/16.png b/opsec/sensitivevm/16.png
new file mode 100644
index 0000000..e40cef3
Binary files /dev/null and b/opsec/sensitivevm/16.png differ
diff --git a/opsec/sensitivevm/17.png b/opsec/sensitivevm/17.png
new file mode 100644
index 0000000..9c7f17c
Binary files /dev/null and b/opsec/sensitivevm/17.png differ
diff --git a/opsec/sensitivevm/18.png b/opsec/sensitivevm/18.png
new file mode 100644
index 0000000..a1eb818
Binary files /dev/null and b/opsec/sensitivevm/18.png differ
diff --git a/opsec/sensitivevm/19.png b/opsec/sensitivevm/19.png
new file mode 100644
index 0000000..6b54cf9
Binary files /dev/null and b/opsec/sensitivevm/19.png differ
diff --git a/opsec/sensitivevm/2.png b/opsec/sensitivevm/2.png
new file mode 100644
index 0000000..c7088b8
Binary files /dev/null and b/opsec/sensitivevm/2.png differ
diff --git a/opsec/sensitivevm/20.png b/opsec/sensitivevm/20.png
new file mode 100644
index 0000000..737b838
Binary files /dev/null and b/opsec/sensitivevm/20.png differ
diff --git a/opsec/sensitivevm/21.png b/opsec/sensitivevm/21.png
new file mode 100644
index 0000000..45dd96e
Binary files /dev/null and b/opsec/sensitivevm/21.png differ
diff --git a/opsec/sensitivevm/22.png b/opsec/sensitivevm/22.png
new file mode 100644
index 0000000..4859c75
Binary files /dev/null and b/opsec/sensitivevm/22.png differ
diff --git a/opsec/sensitivevm/23.png b/opsec/sensitivevm/23.png
new file mode 100644
index 0000000..88de9d6
Binary files /dev/null and b/opsec/sensitivevm/23.png differ
diff --git a/opsec/sensitivevm/24.png b/opsec/sensitivevm/24.png
new file mode 100644
index 0000000..5c0e75d
Binary files /dev/null and b/opsec/sensitivevm/24.png differ
diff --git a/opsec/sensitivevm/25.png b/opsec/sensitivevm/25.png
new file mode 100644
index 0000000..8136af6
Binary files /dev/null and b/opsec/sensitivevm/25.png differ
diff --git a/opsec/sensitivevm/26.png b/opsec/sensitivevm/26.png
new file mode 100644
index 0000000..40f60a2
Binary files /dev/null and b/opsec/sensitivevm/26.png differ
diff --git a/opsec/sensitivevm/27.png b/opsec/sensitivevm/27.png
new file mode 100644
index 0000000..ccc143c
Binary files /dev/null and b/opsec/sensitivevm/27.png differ
diff --git a/opsec/sensitivevm/28.png b/opsec/sensitivevm/28.png
new file mode 100644
index 0000000..c4630cf
Binary files /dev/null and b/opsec/sensitivevm/28.png differ
diff --git a/opsec/sensitivevm/29.png b/opsec/sensitivevm/29.png
new file mode 100644
index 0000000..ed30d3c
Binary files /dev/null and b/opsec/sensitivevm/29.png differ
diff --git a/opsec/sensitivevm/3.png b/opsec/sensitivevm/3.png
new file mode 100644
index 0000000..e95d34b
Binary files /dev/null and b/opsec/sensitivevm/3.png differ
diff --git a/opsec/sensitivevm/30.png b/opsec/sensitivevm/30.png
new file mode 100644
index 0000000..ae2b4b3
Binary files /dev/null and b/opsec/sensitivevm/30.png differ
diff --git a/opsec/sensitivevm/31.png b/opsec/sensitivevm/31.png
new file mode 100644
index 0000000..5791d88
Binary files /dev/null and b/opsec/sensitivevm/31.png differ
diff --git a/opsec/sensitivevm/32.png b/opsec/sensitivevm/32.png
new file mode 100644
index 0000000..af635af
Binary files /dev/null and b/opsec/sensitivevm/32.png differ
diff --git a/opsec/sensitivevm/33.png b/opsec/sensitivevm/33.png
new file mode 100644
index 0000000..2bab1e0
Binary files /dev/null and b/opsec/sensitivevm/33.png differ
diff --git a/opsec/sensitivevm/34.png b/opsec/sensitivevm/34.png
new file mode 100644
index 0000000..3edfebc
Binary files /dev/null and b/opsec/sensitivevm/34.png differ
diff --git a/opsec/sensitivevm/35.png b/opsec/sensitivevm/35.png
new file mode 100644
index 0000000..a740af9
Binary files /dev/null and b/opsec/sensitivevm/35.png differ
diff --git a/opsec/sensitivevm/36.png b/opsec/sensitivevm/36.png
new file mode 100644
index 0000000..93fc276
Binary files /dev/null and b/opsec/sensitivevm/36.png differ
diff --git a/opsec/sensitivevm/37.png b/opsec/sensitivevm/37.png
new file mode 100644
index 0000000..107d0c6
Binary files /dev/null and b/opsec/sensitivevm/37.png differ
diff --git a/opsec/sensitivevm/38.png b/opsec/sensitivevm/38.png
new file mode 100644
index 0000000..a88d768
Binary files /dev/null and b/opsec/sensitivevm/38.png differ
diff --git a/opsec/sensitivevm/39.png b/opsec/sensitivevm/39.png
new file mode 100644
index 0000000..eed4bcc
Binary files /dev/null and b/opsec/sensitivevm/39.png differ
diff --git a/opsec/sensitivevm/4.png b/opsec/sensitivevm/4.png
new file mode 100644
index 0000000..f5632a0
Binary files /dev/null and b/opsec/sensitivevm/4.png differ
diff --git a/opsec/sensitivevm/40.png b/opsec/sensitivevm/40.png
new file mode 100644
index 0000000..6014cfd
Binary files /dev/null and b/opsec/sensitivevm/40.png differ
diff --git a/opsec/sensitivevm/41.png b/opsec/sensitivevm/41.png
new file mode 100644
index 0000000..d080a53
Binary files /dev/null and b/opsec/sensitivevm/41.png differ
diff --git a/opsec/sensitivevm/42.png b/opsec/sensitivevm/42.png
new file mode 100644
index 0000000..8fa570b
Binary files /dev/null and b/opsec/sensitivevm/42.png differ
diff --git a/opsec/sensitivevm/5.png b/opsec/sensitivevm/5.png
new file mode 100644
index 0000000..0eb486f
Binary files /dev/null and b/opsec/sensitivevm/5.png differ
diff --git a/opsec/sensitivevm/6.png b/opsec/sensitivevm/6.png
new file mode 100644
index 0000000..3c63041
Binary files /dev/null and b/opsec/sensitivevm/6.png differ
diff --git a/opsec/sensitivevm/7.png b/opsec/sensitivevm/7.png
new file mode 100644
index 0000000..d1f34d0
Binary files /dev/null and b/opsec/sensitivevm/7.png differ
diff --git a/opsec/sensitivevm/8.png b/opsec/sensitivevm/8.png
new file mode 100644
index 0000000..50144a8
Binary files /dev/null and b/opsec/sensitivevm/8.png differ
diff --git a/opsec/sensitivevm/9.png b/opsec/sensitivevm/9.png
new file mode 100644
index 0000000..36e24aa
Binary files /dev/null and b/opsec/sensitivevm/9.png differ
diff --git a/opsec/sensitivevm/index.html b/opsec/sensitivevm/index.html
new file mode 100644
index 0000000..43cf0b6
--- /dev/null
+++ b/opsec/sensitivevm/index.html
@@ -0,0 +1,681 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>Sensitive use VMs Setup (Whonix VMs in a Veracrypt Hidden Volume)</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-10-29</ba></p>
+<h1>Sensitive use VMs Setup (Whonix VMs in a Veracrypt Hidden Volume) </h1>
+<img src="0.png" class="imgRz">
+<p>In this tutorial we're going to cover how to setup Whonix VMs for Sensitive use. This means that our <a href="../opsec4levels/index.html">OPSEC requirement</a> is that <b>we need to be able to deny the existance of the Sensitive Whonix VM if the adversary ever gets access to our laptop.</b> </p>
+<p>Now the advantage of this setup, is that it is not going to actually destroy the computer, nor any sensitive data, you can keep using it even after triggering an emergency shutdown. </p>
+<p><u>CONTEXT WARNING:</u> this setup is only suitable <b>if you are not going to be thrown in jail for just using Veracrypt.</b>, and if an adversary were to bust down your front door, <b>you need to have at least 5 seconds before he can see your laptop screen.</b></p>
+
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a>, but in <a href="../livemode/index.html">live mode</a></p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
+    <li><p>Harddrive (HDD): 500GB and encrypted with <a href="../veracrypt/index.html">Veracrypt (with a 250Gb Hidden Volume)</a></p></li>
+    <li><p>Virtual Machine:<a href="../whonixqemuvms/index.html">Whonix</a></p></li>
+</ol>
+ 	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Deniability Requirement</b></h2> </br> </br>
+<p>First of all as you have seen, the requirement is that we do this setup from the Host OS, in <a href="../livemode/index.html">live mode</a>. That is because we want to make sure that there is no forensic evidence to be saved on the system drive as we have explained <a href="../livemode/index.html">previously.</a> </p>
+
+<img src="../livemode/4.png" class="imgRz">
+<p>While in Live mode we can't write anything new on the system disk (such as the system logs, kernel logs, non-standard logs) <b>which can all be potential forensic evidence that the hidden volume exists</b>. Instead, everything is written into RAM, and we can easily erase all of those contents with a simple reboot. While in live mode however, we can write to non-system drives, which is where we will setup a big enough veracrypt volume to store the Whonix VMs that we will use for long-term sensitive use.</p>
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>How to setup the VMs inside the Hidden Volume</b></h2> </br> </br>
+<p>So before we start, make sure you reboot the Host OS to go into live mode:</p>
+<img src="../deniability/7.png" class="imgRz">
+
+<p>Then, once in live mode we're going to setup our veracrypt volumes on our 500Gb harddrive:</p>
+<img src="2.png" class="imgRz">
+<img src="3.png" class="imgRz">
+<p>Here we're using a non-system drive, as we want to be able to store our veracrypt hidden volume contents in a persistent manner, accross reboots. (if we were to have the veracrypt volume on the system drive, it would be wiped off upon rebooting since the Host OS is in live mode.)</p>
+<img src="4.png" class="imgRz">
+<img src="5.png" class="imgRz">
+<img src="6.png" class="imgRz">
+<img src="7.png" class="imgRz">
+<img src="8.png" class="imgRz">
+<img src="9.png" class="imgRz">
+<img src="10.png" class="imgRz">
+<img src="11.png" class="imgRz">
+<p>And in our veracrypt outer (decoy) volume, we're going to setup the veracrypt inner (hidden) volume, and set it to be 250Gb big:</p>
+<img src="12.png" class="imgRz">
+<img src="13.png" class="imgRz">
+<img src="14.png" class="imgRz">
+<img src="15.png" class="imgRz">
+<img src="16.png" class="imgRz">
+<img src="17.png" class="imgRz">
+<img src="18.png" class="imgRz">
+<img src="19.png" class="imgRz">
+<img src="20.png" class="imgRz">
+<p>Now that the vercarypt volume has been setup, to highlight the mechanism, for the same harddrive, you have 2 passwords. Password A opens up the decoy volume, and Password B (which must remains secret, only to be known by you) opens up the hidden volume:</p>
+<img src="21.png" class="imgRz">
+<img src="22.png" class="imgRz">
+<img src="23.png" class="imgRz">
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Setting up the Hidden Volume</b></h2> </br> </br>
+<p>So now let's setup the hidden volume, where we will put the Sensitive Whonix QEMU VMs:</p>
+<img src="24.png" class="imgRz">
+
+<p>Then, we're going to download the Whonix VMs and configure them to be used from inside the hidden veracrypt volume: </p>
+<img src="25.png" class="imgRz">
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
+→ mv ~/Downloads/Whonix-Xfce-17.2.3.7.Intel_AMD64.qcow2.libvirt.xz /mnt/veracrypt1/
+
+[ nowhere ] [ /dev/pts/23 ] []
+→ tar -xvf Whonix-Xfce-17.2.3.7.Intel_AMD64.qcow2.libvirt.xz
+WHONIX_BINARY_LICENSE_AGREEMENT
+WHONIX_DISCLAIMER
+Whonix-Gateway-Xfce-17.2.3.7.xml
+Whonix-Workstation-Xfce-17.2.3.7.xml
+Whonix_external_network-17.2.3.7.xml
+Whonix_internal_network-17.2.3.7.xml
+Whonix-Gateway-Xfce-17.2.3.7.Intel_AMD64.qcow2
+Whonix-Workstation-Xfce-17.2.3.7.Intel_AMD64.qcow2
+
+[ nowhere ] [ /dev/pts/23 ] [VAULT/ISOs/whonix]
+→ touch WHONIX_BINARY_LICENSE_AGREEMENT_accepted
+
+</pre></code>
+<p>next, we simplify the files names:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ mv Whonix-Gateway-Xfce-17.2.3.7.xml Whonix-Gateway.xml
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ mv Whonix-Gateway-Xfce-17.2.3.7.Intel_AMD64.qcow2 Whonix-Gateway.qcow2
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ mv Whonix-Workstation-Xfce-17.2.3.7.xml Whonix-Workstation.xml
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ mv Whonix-Workstation-Xfce-17.2.3.7.Intel_AMD64.qcow2 Whonix-Workstation.qcow2
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ mv Whonix_external_network-17.2.3.7.xml Whonix-external.xml
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ mv Whonix_internal_network-17.2.3.7.xml Whonix-internal.xml
+
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ ls -l
+total 209745392
+drwx------ 2 root     root           16384 Sep  1 21:24 lost+found
+-rwxrwx--x 1 nihilist libvirt         1202 Jan  2  2024 refreshvms.sh
+-rwxrwx--- 1 nihilist libvirt        39649 Oct 21  2015 WHONIX_BINARY_LICENSE_AGREEMENT
+-rwxrwx--- 1 nihilist libvirt         4185 Oct 21  2015 WHONIX_DISCLAIMER
+-rwxrwx--- 1 nihilist libvirt          172 Oct 21  2015 Whonix_external_network-17.2.3.7.xml
+-rwxrwx--- 1 nihilist libvirt 107389386752 Nov  1 14:13 Whonix-Gateway.qcow2
+-rwxrwx--- 1 nihilist libvirt         3577 Sep  1 22:31 Whonix-Gateway.xml
+-rwxrwx--- 1 nihilist libvirt           97 Oct 21  2015 Whonix_internal_network-17.2.3.7.xml
+-rwxrwx--- 1 nihilist libvirt 107389386752 Nov  1 14:13 Whonix-Workstation.qcow2
+-rwxrwx--- 1 nihilist libvirt         3466 Sep  1 22:30 Whonix-Workstation.xml
+
+</pre></code>
+<p>And then we edit the .xml file of the gateway VM to give it 1GB of RAM and mentionning the correct .qcow2 path:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ vim Whonix-Gateway.xml 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ cat Whonix-Gateway.xml | grep emory
+  <<b></b>memory dumpCore="off" unit="GiB">1<<b></b>/memory>
+  <<b></b>currentMemory unit="GiB">1<<b></b>/currentMemory>
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ cat Whonix-Gateway.xml | grep qcow2
+      <<b></b>driver name="qemu" type="qcow2"/>
+      <<b></b>source file="/mnt/veracrypt1/Whonix-Gateway.qcow2"/>
+
+</pre></code>
+<p>And then we do the same for the .xml file of the workstation VM to give it 8GB of RAM and mentionning the correct .qcow2 path aswell:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ vim Whonix-Workstation.xml 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ cat Whonix-Workstation.xml | grep emory
+  <<b></b>memory dumpCore="off" unit="GiB">8<<b></b>/memory>
+  <<b></b>currentMemory unit="GiB">8<<b></b>/currentMemory>
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ cat Whonix-Workstation.xml | grep qcow2
+      <<b></b>driver name="qemu" type="qcow2"/>
+      <<b></b>source file="/mnt/veracrypt1/Whonix-Workstation.qcow2"/>
+
+</pre></code>
+<p>and from here we create <b>script.sh</b> that we put inside the veracrypt hidden volume, we will use it to automatically either import or remove both VMs into virt-manager depending on wether they are already imported or not.</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ vim script.sh
+
+[ nowhere ] [ /dev/pts/0 ] [~]
+→ cat /mnt/veracrypt1/script.sh
+#!/bin/bash
+
+if [ $(virsh -c qemu:///system list --all | grep Whonix | wc -l) -ne 0 ];
+then
+
+	# if the VMs are imported, remove them:
+
+	virsh -c qemu:///system destroy Whonix-Gateway
+	virsh -c qemu:///system destroy Whonix-Workstation
+	virsh -c qemu:///system undefine Whonix-Gateway
+	virsh -c qemu:///system undefine Whonix-Workstation
+	virsh -c qemu:///system net-destroy Whonix-External
+	virsh -c qemu:///system net-destroy Whonix-Internal
+	virsh -c qemu:///system net-undefine Whonix-External
+	virsh -c qemu:///system net-undefine Whonix-Internal
+else
+
+
+	# if the VMs are not imported, import them:
+
+	virsh -c qemu:///system net-define /mnt/veracrypt1/Whonix-external.xml
+	virsh -c qemu:///system net-define /mnt/veracrypt1/Whonix-internal.xml
+	virsh -c qemu:///system net-autostart Whonix-External
+	virsh -c qemu:///system net-start Whonix-External
+	virsh -c qemu:///system net-autostart Whonix-Internal
+	virsh -c qemu:///system net-start Whonix-Internal
+	virsh -c qemu:///system define /mnt/veracrypt1/Whonix-Gateway.xml
+	virsh -c qemu:///system define /mnt/veracrypt1/Whonix-Workstation.xml
+fi
+
+</pre></code>
+<p>So by default you have your QEMU VMs like so:</p>
+<img src="26.png" class="imgRz">
+<p>And to run the script to import the VMs you do as follows:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ chmod +x script.sh 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ ./script.sh 
+Network Whonix-External defined from Whonix-external.xml
+
+Network Whonix-Internal defined from Whonix-internal.xml
+
+Network Whonix-External marked as autostarted
+
+Network Whonix-External started
+
+Network Whonix-Internal marked as autostarted
+
+Network Whonix-Internal started
+
+Domain 'Whonix-Gateway' defined from Whonix-Gateway.xml
+
+Domain 'Whonix-Workstation' defined from Whonix-Workstation.xml
+
+</pre></code>
+<p>From there you'll see that the Whonix VMs are imported:</p>
+<img src="27.png" class="imgRz">
+<p>And now to remove them you can just run the same script again:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ ./script.sh
+error: Failed to destroy domain 'Whonix-Gateway'
+error: Requested operation is not valid: domain is not running
+
+error: Failed to destroy domain 'Whonix-Workstation'
+error: Requested operation is not valid: domain is not running
+
+Domain 'Whonix-Gateway' has been undefined
+
+Domain 'Whonix-Workstation' has been undefined
+
+Network Whonix-External destroyed
+
+Network Whonix-Internal destroyed
+
+Network Whonix-External has been undefined
+
+Network Whonix-Internal has been undefined
+
+</pre></code>
+<p>And you'll see that the VMs are no longer there:</p>
+<img src="26.png" class="imgRz">
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Setting up the Decoy volume</b></h2> </br> </br>
+<p>Now that we have setup the hidden volume, let's close it so that we can setup the decoy volume (dont forget to exit the drive from the commandline, otherwise veracrypt will complain that the drive is busy):</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ cd ..
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ 
+
+</pre></code>
+<p>Now first dismount the hidden volume:</p>
+<img src="28.png" class="imgRz">
+<p>And then mount the decoy volume:</p>
+<img src="21.png" class="imgRz">
+<p>In the decoy volume, we want content that makes sense to be kept hidden in an encrypted volume while still not being considered as sensitive (meaning nothing that can get you into trouble like adult content, or movies that you pirated):</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ cd /mnt/veracrypt1 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ ls
+lost+found
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ sudo apt install yt-dlp vlc -y
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ yt-dlp https://www.youtube.com/watch\?v\=16efRG5H_Vc
+	
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ yt-dlp https://www.youtube.com/watch\?v\=HmZm8vNHBSU 
+
+</code></pre>
+<img src="29.png" class="imgRz">
+<p>So in this example we're going to pretend we have pirated some movies and got some adult content, that way we have an excuse as to why we have an encrypted veracrypt volume if ever forced by an adversary. We then create the script.sh which will basically be used to kill the media player window:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ vim script.sh 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ chmod +x script.sh 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt/veracrypt1]
+→ cat script.sh 
+#!/bin/bash
+
+kill -9 $(pidof vlc)
+
+</pre></code>
+<p>If ever asked to by an adversary, we'll basically pretend that this script is there to quickly kill the media player window in case if someone were to enter the room while you were watching that not-sensitive-but-private content.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Emergency shutdown shortcut</b></h2> </br> </br>
+<!--<p>Now that we're done setting up both the hidden and the decoy volumes, we're going to setup the script that will launch either of the 2 script.sh scripts we just wrote, on top of also erasing all potential proof that the sensitive VM exists (meaning we erase all logs, all kernel logs, we fill the ram with random content 3 times, and we erase the command history): </p>
+<p>First we need to make sure we can run veracrypt commands without requiring to be a sudo user:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ ls -lash /usr/bin/veracrypt 
+4.3M -rwxr-xr-x 1 root root 4.3M Sep  8 22:37 /usr/bin/veracrypt
+
+[ nowhere ] [ /dev/pts/1 ] [~]
+→ sudo chown root:nihilist /usr/bin/veracrypt
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo groupadd veracrypt
+[sudo] password for nihilist: 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo usermod -aG veracrypt $(whoami)
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ zsh
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo visudo -f /etc/sudoers.d/veracrypt 
+
+%veracrypt ALL=(root) NOPASSWD:/usr/bin/veracrypt, /usr/bin/mount, /usr/bin/umount, /usr/bin/uptime
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ whoami
+nihilist
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ veracrypt -d  -f
+
+</pre></code>
+<p>Now from there (after a reboot) you wont require sudo passwords to use veracrypt anymore. Next we need to be able to remove all logs without being the root user:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [~]
+→ sudo setfacl -Rm u:$(whoami):rwX /var/log 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ rm /var/log/*.log /var/log/*/*.log /var/log/*/*/*.log -rf
+
+[ nowhere ] [ /dev/pts/1 ] [~]
+→ sudo setfacl -Rm u:$(whoami):rwX /dev/shm
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ rm /dev/shm/*.log /dev/shm/*/*.log /dev/shm/*/*/*.log -rf
+
+</pre></code>
+<p>Then we need to do the same but to remove all kernel logs:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo sysctl -w kernel.dmesg_restrict=0 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo vim /etc/sysctl.d/01-dmesg.conf.txt 
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ cat /etc/sysctl.d/01-dmesg.conf.txt 
+kernel.dmesg_restrict = 0
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo chown root:nihilist /usr/bin/dmesg
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo chmod 750 /usr/bin/dmesg
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo setcap cap_syslog=ep /usr/bin/dmesg
+
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ dmesg -c 
+
+</pre></code>
+<p>then we kill veracrypt's process to avoid having the veracrypt window display which drive/volume was selected:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ kill $(pidof veracrypt)
+
+</pre></code>
+<p>and then we overwrite the ram contents like so:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ sudo apt install stress -y
+
+#find how many GBs of ram you have:
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ free -ght | grep Mem | cut -d ' ' -f 12 | cut -d 'G' -f 1
+125
+
+#do a stress test to fill those 125GBs of ram:
+[ nowhere ] [ /dev/pts/1 ] [/mnt]
+→ stress -m 1 --vm-bytes $(free -ght | grep Mem | cut -d ' ' -f 12 | cut -d 'G' -f 1)G -t 10 
+stress: info: [2659012] dispatching hogs: 0 cpu, 0 io, 1 vm, 0 hdd
+stress: info: [2659012] successful run completed in 11s
+
+</pre></code>
+<p>so now we write the wipe.sh script, that we place at the home directory of our user:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/1 ] [~]
+→ cd
+
+[ nowhere ] [ /dev/pts/1 ] [~]
+→ vim wipe.sh 
+
+[ nowhere ] [ /dev/pts/1 ] [~]
+→ cat wipe.sh 
+#!/bin/bash
+
+# run script.sh from inside the veracrypt volume:
+/mnt/veracrypt1/script.sh
+
+# close down the veracrypt volume:
+/usr/bin/veracrypt -d  -f
+
+# remove all system logs:
+rm /var/log/*.log /var/log/*/*.log /var/log/*/*/*.log -rf
+rm /dev/shm/*.log /dev/shm/*/*.log /dev/shm/*/*/*.log -rf
+
+# remove all kernel logs:
+/usr/bin/dmesg -c >/dev/null 2>/dev/null 
+
+# kill the veracrypt process:
+kill $(pidof veracrypt)
+
+# erase the commandline history:
+echo '' > ~/.zsh_history
+echo '' > ~/.bash_history
+
+# overwrite the ram contents 3 times:
+stress -m 1 --vm-bytes $(free -ght | grep Mem | cut -d ' ' -f 12 | cut -d 'G' -f 1)G -t 10 
+stress -m 1 --vm-bytes $(free -ght | grep Mem | cut -d ' ' -f 12 | cut -d 'G' -f 1)G -t 10 
+stress -m 1 --vm-bytes $(free -ght | grep Mem | cut -d ' ' -f 12 | cut -d 'G' -f 1)G -t 10 
+
+[ nowhere ] [ /dev/pts/1 ] [~]
+→ chmod +x wipe.sh 
+
+</pre></code>-->
+<p>Now that we're setup, we need to be able to run that script using a shortcut to be ran from our desktop environment, I am currently using Cinnamon, therefore to create a shortcut for cinnamon you do as follows:</p>
+<img src="30.png" class="imgRz">
+<!--<img src="31.png" class="imgRz">
+<img src="32.png" class="imgRz">
+<p>So basically from here, if you are not in a QEMU VM, you simply need to hit the shortcut <b>"SUPER+R"</b>.</p>
+<p>If you are focused in a QEMU VM, you need to do <b>"Ctrl+Alt"</b> (to focus out of the QEMU VM), and then <b>"SUPER+R"</b> to run the wipe.sh script from the Host OS.</p>-->
+<img src="37.png" class="imgRz">
+<p>Now we're setting up the shortcut <b>"Super+V"</b> to run the <b>/mnt/veracrypt1/script.sh</b> script just so it is quicker to setup the whonix VMs when inside the veracrypt hidden volume.</p>
+
+<img src="36.png" class="imgRz">
+<p> Now in order to shut down the Host OS, as we have explained <a href="../livemode/index.html">previously</a>,  we need to have the emergency shutdown bashscript script:</p>
+<pre><code class="nim">
+nihilist@mainpc:~$ su -
+Password: 
+root@mainpc:~# visudo
+
+[...]
+
+nihilist ALL=NOPASSWD:/sbin/shutdown
+
+[...]
+
+nihilist@mainpc:~$ vim shutdown.sh
+nihilist@mainpc:~$ cat shutdown.sh 
+#!/bin/bash
+
+/sbin/shutdown -h now
+
+nihilist@mainpc:~$ chmod +x shutdown.sh 
+
+</pre></code>
+<p>However we're going to edit it a bit to run the script.sh, along with closing down the veracrypt volumes before shutting down the Host OS, so we need to edit the shutdown.sh script as follows:</p>
+<pre><code class="nim">
+nihilist@mainpc:~$ cat shutdown.sh 
+#!/bin/bash
+
+# run script.sh
+/mnt/veracrypt1/script.sh
+
+# unmount veracrypt volumes
+/usr/bin/veracrypt -d -f
+
+# kill veracrypt after unmounting
+kill $(pidof veracrypt)
+
+# shutdown the host OS
+/sbin/shutdown -h now
+
+</pre></code>
+<p>Then, we need to make sure that the shutdown.sh script can be ran with the <b>"Super+R"</b> shortcut:</p>
+<img src="41.png" class="imgRz">
+<p>And we're now all setup! So let's try it out in both scenarios (from the decoy volume, and from the hidden volume):</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Decoy Volume Scenario (watching non-sensitive content)</b></h2>
+<p>So first we open the veracrypt, and open the decoy volume:</p>
+<img src="21.png" class="imgRz">
+<img src="22.png" class="imgRz">
+<p>Then we open VLC, and we hit "Open file" and browse to our non-sensitive files:</p>
+<img src="33.png" class="imgRz">
+<img src="34.png" class="imgRz">
+<p>Then suddenly someone busts your front door, and you quickly press <b>"Super+R"</b>  the VLC window immediately closes, followed by the closure of the veracrypt volume, and in a few seconds you have the Host OS shutting down. And as the Host OS shuts down, all the RAM contents are erased (even though there was nothing sensitive in it this time).</p>
+<img src="" class="imgRz">
+<p>And that's it ! if the adversary didnt get to your desk by the time you pressed the shortcut, he didnt get to see the content you were playing on your monitor. </p>
+
+          <h2><b>Hidden Volume Scenario (using the sensitive VM)</b></h2>
+<p>Now to test emergency shutdown on the hidden volume side, we first open the hidden volume:</p>
+<img src="23.png" class="imgRz">
+<img src="24.png" class="imgRz">
+<p>Once the hidden volume is mounted, we hit <b>"Super+V"</b> to quickly setup the whonix VMs:</p>
+<img src="38.png" class="imgRz">
+<p>And after a while of doing some actual sensitive stuff on the whonix VM you hear your front door being busted down, so you quickly hit <b>"Ctrl+Alt"</b> to focus out of the VM, and then you hit <b>"Super+R"</b> to trigger the emergency shutdown:</p>
+<img src="42.png" class="imgRz">
+<p>Here it also only takes approximately 4 seconds after pressing <b>"Super+R"</b> to have the VMs removed, the veracrypt volume closed, and your Host OS shutdown, erasing all the forensic evidence regarding the existence of the veracrypt hidden volume and the Sensitive Whonix VM that it contains.</p>
+<p>And that's it ! You now have a Sensitive VM ready to be used, and you have implemented the necessary measures to protect the deniability of it's existance, from an adversary.</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>In what context is there Deniability ?</b></h2>
+<p>With this setup, you have deniability the moment that the Host OS finishes shutting down, regarding the existance of the veracrypt hidden volume, and the whonix sensitive VMs that are in it. <b>Meaning that it is impossible for an adversary that seizes your computer to prove the existance of the Whonix Sensitive VMs after the Host OS finished shutting down.</b></p>
+<p>Below is all an adversary will be able to see, if he were to seize your laptop after you manage to shut it down:</p>
+<img src="40.png" class="imgRz">
+<p>Of course, if you are ever forced to, <b>ONLY give your decoy password to the adversary.</b> The existance of the hidden volume, and of the secret password thats used to reveal it must remain a secret at all costs, it must remain known only by you.</p>
+<p>If you are ever dragged into court, <b>the judge will appreciate much more if you actually hand over your laptop, and show that you are willing to cooperate with the authorities by providing your password to unlock it</b>, rather than starting to pretend you forgot your password (which can end badly like in <a href="https://lawblog.legalmatch.com/2018/07/23/florida-man-jailed-allegedly-forgetting-password-on-cell-phones/">this court case</a>, where the defendant was found to be in contempt of court, and thrown in jail for 6 months for it). </p>
+<p>If ever asked by the authorities on why you used veracrypt in your laptop, you can simply claim that it was to put your stash of adult content in it. Nothing incriminating about it, and it is plausible given that you dont want that laying around on your desktop, due to being of a private matter.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/serversideencryption/index.html b/opsec/serversideencryption/index.html
index 6bd4380..184a4a7 100644
--- a/opsec/serversideencryption/index.html
+++ b/opsec/serversideencryption/index.html
@@ -8,7 +8,7 @@
     <meta name="author" content="">
     <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
 
-    <title>Serverside: Should I trust serverside encryption? Should I use PGP?</title>
+    <title>Why can't I trust Server-side Encryption ?</title>
 
     <!-- Bootstrap core CSS -->
     <link href="../../assets/css/bootstrap.css" rel="stylesheet">
@@ -61,7 +61,7 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-05-01</ba></p>
-<h1>Serverside: Should I trust serverside encryption? Should I use PGP? </h1>
+<h1>Why can't I trust Server-side Encryption ? </h1>
           
 	       </div>
 			</div><!-- /row -->
@@ -74,12 +74,12 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
           <h2><b>Clientside Encryption: Who can be trusted ? </b></h2>
-<p>As we discussed <a href="../encryption/index.html">previously</a>, Encryption is about providing privacy, Bob and Alice use encryption, for their conversation to remain private from the adversary Jack.</p>
+<p>As we discussed <a href="../deniability/index.html">previously</a>, Encryption is about providing privacy, Bob and Alice use encryption, for their conversation to remain private from the adversary Jack.</p>
 <img src="1.png" class="imgRz">
 <p>One way to close the door on Jack, is to use PGP encryption:</p>
 <img src="2.png" class="imgRz">
 <p>the logic behind using PGP encryption is for Bob and Alice to encrypt their conversation themselves, because they don't trust anyone else. <b>Bob encrypts his message using PGP</b>, and no matter where he sends it (over mail, over discord, over IRC, XMPP, facebook, etc.) <b>only Alice will be able to decrypt the message.</b></p>
-<p>In short, Bob uses PGP because he doesn't trust the platform on which you wish to talk to Alice.</p>
+<p>In short, Bob uses PGP because he doesn't trust the platform on which he wishes to talk to Alice.</p>
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
@@ -130,7 +130,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/steganography/index.html b/opsec/steganography/index.html
index 615f625..2e26207 100644
--- a/opsec/steganography/index.html
+++ b/opsec/steganography/index.html
@@ -108,7 +108,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/steghide/index.html b/opsec/steghide/index.html
index ec9b6aa..3594b1e 100644
--- a/opsec/steghide/index.html
+++ b/opsec/steghide/index.html
@@ -153,7 +153,7 @@ d56d71ecadf2137be09d8b1d35c6c042  output.pdf</samp></pre>
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/syncthinganon/1.png b/opsec/syncthinganon/1.png
new file mode 100644
index 0000000..3233291
Binary files /dev/null and b/opsec/syncthinganon/1.png differ
diff --git a/opsec/syncthinganon/10.png b/opsec/syncthinganon/10.png
new file mode 100644
index 0000000..1e0b8b6
Binary files /dev/null and b/opsec/syncthinganon/10.png differ
diff --git a/opsec/syncthinganon/11.png b/opsec/syncthinganon/11.png
new file mode 100644
index 0000000..83e4cf4
Binary files /dev/null and b/opsec/syncthinganon/11.png differ
diff --git a/opsec/syncthinganon/2.png b/opsec/syncthinganon/2.png
new file mode 100644
index 0000000..34ad941
Binary files /dev/null and b/opsec/syncthinganon/2.png differ
diff --git a/opsec/syncthinganon/3.png b/opsec/syncthinganon/3.png
new file mode 100644
index 0000000..1c0b599
Binary files /dev/null and b/opsec/syncthinganon/3.png differ
diff --git a/opsec/syncthinganon/4.png b/opsec/syncthinganon/4.png
new file mode 100644
index 0000000..2f1cedc
Binary files /dev/null and b/opsec/syncthinganon/4.png differ
diff --git a/opsec/syncthinganon/5.png b/opsec/syncthinganon/5.png
new file mode 100644
index 0000000..a8b8921
Binary files /dev/null and b/opsec/syncthinganon/5.png differ
diff --git a/opsec/syncthinganon/6.png b/opsec/syncthinganon/6.png
new file mode 100644
index 0000000..d7dec97
Binary files /dev/null and b/opsec/syncthinganon/6.png differ
diff --git a/opsec/syncthinganon/7.png b/opsec/syncthinganon/7.png
new file mode 100644
index 0000000..f00b2cf
Binary files /dev/null and b/opsec/syncthinganon/7.png differ
diff --git a/opsec/syncthinganon/8.png b/opsec/syncthinganon/8.png
new file mode 100644
index 0000000..676b477
Binary files /dev/null and b/opsec/syncthinganon/8.png differ
diff --git a/opsec/syncthinganon/9.png b/opsec/syncthinganon/9.png
new file mode 100644
index 0000000..c8c670c
Binary files /dev/null and b/opsec/syncthinganon/9.png differ
diff --git a/opsec/syncthinganon/Syncthing_circuit.jpg b/opsec/syncthinganon/Syncthing_circuit.jpg
new file mode 100644
index 0000000..4992658
Binary files /dev/null and b/opsec/syncthinganon/Syncthing_circuit.jpg differ
diff --git a/opsec/syncthinganon/index.html b/opsec/syncthinganon/index.html
new file mode 100644
index 0000000..c967313
--- /dev/null
+++ b/opsec/syncthinganon/index.html
@@ -0,0 +1,257 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>One on One large file sharing (Syncthing over Tor)</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>Prism_Breaker</ba></p>
+<h1>One on One large file sharing (Syncthing over Tor)</h1>
+<p>Onionshare is a good choice when you want to share small files over tor. But onionshare cannot handle big files, because when tor circuit fails (which is quite common in Tor) your download simply fails, and it does not support resuming the download at where it previously failed. Syncthing is a better alternative if you want to share large files over tor, it does not need any setup or hosting, and it will automatically retry at break point when network fails.</p>
+
+<p>Syncthing is FOSS software and has E2EE by default, and can run it without requiring a VPS. This means you can just spin up syncthing client from your whonix workstation directly, and your data will be encrypted and sent through public syncthing nodes. If you have a threat model that needs a way to reliably share files with minimum exposure, this setup suits the need.</p>
+
+<p>Syncthing has its own relays for supporting transmission of files between peers which are both behind the nat, and it works when both parties are behind tor. This allows us to guarantee the anonymity of both parties.</p>
+
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a> (Or Qubes OS)</p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a> (Or Qubes OS's Xen)</p></li>
+    <li><p>Virtual Machine: <a href="../whonixqemuvms/index.html">Whonix</a></p></li>
+</ol>
+
+<p>
+It is highly recommended to use whonix for this setup, because there are always cases that an app might not honor your proxy setting and somehow tries to connect to the syncthing relay directly without going through Tor. It is always a good idea to put any anonymous use app in a whonix workstation, so your clearnet ip doesn't get revealed.
+</p>
+
+
+<p></p>
+</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Initial Setup </b></h2>
+<p>The first thing to do is to get syncthing to your whonix workstation.</p>
+<p>For simplicity you can just do</p>
+<pre><code class="nim">sudo apt-get install syncthing -y
+</code></pre>
+<p>If apt does not contain the up to date package, then you need to get it from the <a href="https://syncthing.net/downloads/">syncthing website</a></p>
+<img src="1.png" class="imgRz">
+
+<p>Next verify the sha256sum according to <a href="https://syncthing.net/security/">https://syncthing.net/security/</a></p>
+<pre><code class="nim">curl -s https://syncthing.net/release-key.txt | gpg --import
+</code></pre>
+
+<p>Check the gpg fingerprint, it should be like this</p>
+<pre><code class="nim">
+gpg --fingerprint
+/home/user/.gnupg/pubring.kbx
+-----------------------------
+pub   rsa2048/0xD26E6ED000654A3E 2014-12-29 [SC]
+		Key fingerprint = 37C8 4554 E7E0 A261 E4F7  6E1E D26E 6ED0 0065 4A3E
+uid                   [ unknown] Syncthing Release Management <release@syncthing.net>
+sub   rsa2048/0x681C3CFCF614F575 2014-12-29 [E]
+
+</code></pre>
+
+<p>Then download verify the checksum file, and check the checksum to see if it matches</p>
+<pre><code class="nim">
+$ curl -sLO https://github.com/syncthing/syncthing/releases/download/v1.23.6/sha256sum.txt.asc	
+
+$ gpg --verify sha256sum.txt.asc
+gpg: Signature made Mo 03 Jul 2023 10:09:30 UTC
+gpg:                using RSA key D26E6ED000654A3E
+gpg: Good signature from "Syncthing Release Management <release@syncthing.net>"
+gpg: WARNING: This key is not certified with a trusted signature!
+gpg:          There is no indication that the signature belongs to the owner.	
+
+$ sha256sum -c sha256sum.txt.asc
+...
+sha256sum: syncthing-linux-386-v1.23.6.tar.gz: No such file or directory
+syncthing-linux-386-v1.23.6.tar.gz: FAILED open or read
+<b>syncthing-linux-amd64-v1.23.6.tar.gz: OK</b>
+sha256sum: syncthing-linux-armv5-v1.23.6.tar.gz: No such file or directory
+syncthing-linux-armv5-v1.23.6.tar.gz: FAILED open or read
+...
+sha256sum: WARNING: 14 lines are improperly formatted
+sha256sum: WARNING: 35 listed files could not be read
+
+</code></pre>
+
+<p>Next you need to do some changes in the tor browser, so you can access the web panel that is running on localhost (127.0.0.1), type <b>about:config</b> inside the address bar, accept the risk and continue:</p>
+<img src="2.png" class="imgRz">
+<p>search for no_proxies_on in the search bar, and add 127.0.0.1 to it</p>
+<img src="3.png" class="imgRz">
+<p>Editing your tor browser is fine if you are just using it to access local syncthing instance, but you should revert the change if you want to access the internet. Changing tor config might bring some unexpected browser fingerprint issue. You should get a separate whonix vm if paranoid.</p>
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>How to setup syncthing</b></h2> </br> </br>
+<p>Next decompress the syncthing pack and execute it</p>
+<pre><code class="nim">
+$ tar xvf syncthing-linux-amd64-v1.28.0.tar.gz
+
+$ cd syncthing-linux-amd64-v1.28.0/
+
+$ ./syncthing
+</code></pre>
+
+<p>If you have setup your tor browser correctly it should automatically redirect you to http://127.0.0.1:8384/ and you will see the web panel</p>
+<p>Next thing to do is to find your client id, it is in the actions menu</p>
+<img src="4.png" class="imgRz">
+<p></p>
+<img src="5.png" class="imgRz">
+<p>Next exchange this id with people you are sharing file with</p>
+<p>After that add each other in both clients in the remote device section, if nothing goes wrong you should be able to see each other in the remote device section showed as "connected"</p>
+<img src="6.png" class="imgRz">
+<p></p>
+<img src="7.png" class="imgRz">
+<p></p>
+<img src="8.png" class="imgRz">
+	
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>How to sync files anonymously</b></h2> </br> </br>
+<p>After the previous setup, you can share the file you want. <b>But be aware tor traffic has low bandwidth, that is the price of online Anonymity</b>! Because if both parties are behind tor, your file goes through a circuit like this: </p>
+<img src="Syncthing_circuit.jpg" class="imgRz">
+<p>I personally tried this setup, <b>to send a 10GB file it took me 4 hours 30 minutes to send it</b>, which is normal due to the Tor network being slow, you'll need to be patient when you are trying to send large files over Tor.</p>
+
+<p>You and your peer will only see the relay server's ip address, unlike the vpn setup which will expose the vpn ip you are using, which you can check <a href=../syncthingvpn/index.html">here</a></p>
+<p>You peer also won't know you are using tor if you do not tell him</p>
+<img src="remote_node.png" class="imgRz">
+
+
+<p>Choose add folder to create a new sharing Folder, and choose to share this folder with your peer</p>	
+<img src="9.png" class="imgRz">
+<p></p>
+<img src="10.png" class="imgRz">
+
+<p>If nothing goes wrong, the receiver should see this</p>
+<img src="11.png" class="imgRz">
+<p>Agree and add the folder, after that syncthing will automatically transmit the files</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>PrismBreaker</h4>
+          <p>
+						Shatter the big brother.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About Prism Breaker</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 87iB34vdFvNULrAjyfVAZ7jMXc8vbq9tLGMLjo6WC8N9Xo2JFaa8Vkp6dwXBt8rK12Xpz5z1rTa9jSfgyRbNNjswHKTzFVh</p></br><p><u>Contact:</u> prismbreaker@waifu.club (<a href="https://keys.openpgp.org/vks/v1/by-fingerprint/735816B2B9E6F4660ECE44D983E602C4B6EA6AEE">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/syncthinganon/remote_node.png b/opsec/syncthinganon/remote_node.png
new file mode 100644
index 0000000..201f6fc
Binary files /dev/null and b/opsec/syncthinganon/remote_node.png differ
diff --git a/opsec/syncthingvpn/0.png b/opsec/syncthingvpn/0.png
new file mode 100644
index 0000000..8d1a89b
Binary files /dev/null and b/opsec/syncthingvpn/0.png differ
diff --git a/opsec/syncthingvpn/1.png b/opsec/syncthingvpn/1.png
new file mode 100644
index 0000000..d5e60f2
Binary files /dev/null and b/opsec/syncthingvpn/1.png differ
diff --git a/opsec/syncthingvpn/10.png b/opsec/syncthingvpn/10.png
new file mode 100644
index 0000000..58c7b11
Binary files /dev/null and b/opsec/syncthingvpn/10.png differ
diff --git a/opsec/syncthingvpn/11.png b/opsec/syncthingvpn/11.png
new file mode 100644
index 0000000..3fcdab5
Binary files /dev/null and b/opsec/syncthingvpn/11.png differ
diff --git a/opsec/syncthingvpn/12.png b/opsec/syncthingvpn/12.png
new file mode 100644
index 0000000..d1e62d1
Binary files /dev/null and b/opsec/syncthingvpn/12.png differ
diff --git a/opsec/syncthingvpn/13.png b/opsec/syncthingvpn/13.png
new file mode 100644
index 0000000..96654e1
Binary files /dev/null and b/opsec/syncthingvpn/13.png differ
diff --git a/opsec/syncthingvpn/2.png b/opsec/syncthingvpn/2.png
new file mode 100644
index 0000000..c318f8a
Binary files /dev/null and b/opsec/syncthingvpn/2.png differ
diff --git a/opsec/syncthingvpn/3.png b/opsec/syncthingvpn/3.png
new file mode 100644
index 0000000..8d48bf6
Binary files /dev/null and b/opsec/syncthingvpn/3.png differ
diff --git a/opsec/syncthingvpn/4.png b/opsec/syncthingvpn/4.png
new file mode 100644
index 0000000..3c78c62
Binary files /dev/null and b/opsec/syncthingvpn/4.png differ
diff --git a/opsec/syncthingvpn/5.png b/opsec/syncthingvpn/5.png
new file mode 100644
index 0000000..af37660
Binary files /dev/null and b/opsec/syncthingvpn/5.png differ
diff --git a/opsec/syncthingvpn/6.png b/opsec/syncthingvpn/6.png
new file mode 100644
index 0000000..1ef8614
Binary files /dev/null and b/opsec/syncthingvpn/6.png differ
diff --git a/opsec/syncthingvpn/7.png b/opsec/syncthingvpn/7.png
new file mode 100644
index 0000000..8ed9ffa
Binary files /dev/null and b/opsec/syncthingvpn/7.png differ
diff --git a/opsec/syncthingvpn/8.png b/opsec/syncthingvpn/8.png
new file mode 100644
index 0000000..3fe4254
Binary files /dev/null and b/opsec/syncthingvpn/8.png differ
diff --git a/opsec/syncthingvpn/9.png b/opsec/syncthingvpn/9.png
new file mode 100644
index 0000000..4645a4e
Binary files /dev/null and b/opsec/syncthingvpn/9.png differ
diff --git a/opsec/syncthingvpn/index.html b/opsec/syncthingvpn/index.html
new file mode 100644
index 0000000..0000805
--- /dev/null
+++ b/opsec/syncthingvpn/index.html
@@ -0,0 +1,378 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>One-on-One Large File Sharing (Syncthing over VPN)</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>XMRonly - 2024 / 11 / 01</ba></p>
+<h1>One-on-One Large File Sharing (Syncthing over VPN)</h1>
+<img src="0.png" style="width:250px">
+<p> </p>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Introduction</b></h2>
+<p>
+While many methods of sending files online exist - methods such as email attachments, FTP, <a href=https://blog.nowhere.moe/opsec/onionshare/index.html target=_blank>OnionShare</a> and even <a href=https://blog.nowhere.moe/opsec/p2ptorrents/index.html target=_blank>torrenting</a> - all of these methods have one thing in common. Once a file has been sent, no further changes to that file are tracked. For the use-case where you want to not only send a file or a group of files but also receive any updates to the file(s), that is where Syncthing comes in. Syncthing is a FOSS continous file synchronization program that enables users to securely share files across multiple devices in a decentralized manner. It uses peer-to-peer technology to ensure that data is end-to-end encrypted and transferred directly between enabled devices, eliminating any need for centralized cloud services. Syncthing can be completely self-hosted and is very versatile as sync locations can be a home server, VPS, mobile device or even a friend's computer! In this article, we will explore how Sam can set up Syncthing to privately share large files with Larry and track changes to those files, all while using a VPN to mask their internet activity.
+</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Setup</b></h2> </br> </br>
+<p>
+We start from the perspective of both Sam and Larry as both will complete these initial steps.
+<br>
+<img src="sam.png"> <img src="larry.png">
+</p>
+
+<p>
+Sam and Larry are both using Debian and are on separate internet connections geographically distant from one another. It is presumed that both Sam and Larry have already purchased a subscription to a <a href=https://blog.nowhere.moe/opsec/vpn/index.html target=_blank>VPN</a>. For this example we will use Proton VPN, but other <a href=https://kycnot.me/?t=service&q=vpn target=_blank>non-KYC VPNs</a> that accept Monero, such as Mullvad, may also be used. To start, they will sign in to their VPN client, ensure kill switch is enabled in the Settings, connect to their VPN and verify their IP address.
+<img src="1.png" class="imgRz">
+</p>
+
+<p>
+Syncthing works by end-to-end encrypting files and sending them over the internet. To do this, Syncthing uses a <a href=https://docs.syncthing.net/users/stdiscosrv.html target=_blank>discovery server</a> to find peers and the Syncthing project maintains a global cluster of discovery servers for public use. If establishing a direct connection between devices is not possible, Syncthing will automatically use community-contributed publicly available <a href=https://docs.syncthing.net/users/strelaysrv.html target=_blank>relay servers</a> to route the file transfer instead. Because Syncthing is end-to-end encrypted, there is no need to trust these servers as they cannot read anything going through. With that being said, because Syncthing is fully open-source, it is possible to self-host both discovery and relay servers, but such configurations are beyond the scope of this article. 
+<br>
+<br>
+For self-hosting a working Syncthing instance, the official <a href=https://github.com/syncthing/syncthing/blob/main/README-Docker.md target=_blank>docker compose</a> instructions are as follows:
+<pre>
+<code class="nim">
+---
+version: "3"
+services:
+  syncthing:
+    image: syncthing/syncthing
+    container_name: syncthing
+    hostname: my-syncthing
+    environment:
+      - PUID=1000
+      - PGID=1000
+    volumes:
+      - /wherever/st-sync:/var/syncthing
+    ports:
+      - 8384:8384 # Web UI
+      - 22000:22000/tcp # TCP file transfers
+      - 22000:22000/udp # QUIC file transfers
+      - 21027:21027/udp # Receive local discovery broadcasts
+    restart: unless-stopped
+    healthcheck:
+      test: curl -fkLsS -m 2 127.0.0.1:8384/rest/noauth/health | grep -o --color=never OK || exit 1
+      interval: 1m
+      timeout: 10s
+      retries: 3
+</code>
+</pre>
+</p>
+
+<p>
+For this article, however, both Sam and Larry will install Syncthing on their computers from their package managers according to the <a href=https://apt.syncthing.net/ target=_blank>official instructions</a> rather than self-hosting an instance:
+<pre>
+<code class="nim">
+# Add the release PGP keys:
+sudo mkdir -p /etc/apt/keyrings
+sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg
+
+# Add the "stable" channel to your APT sources:
+echo "deb [signed-by=/etc/apt/keyrings/syncthing-archive-keyring.gpg] https://apt.syncthing.net/ syncthing stable" | sudo tee /etc/apt/sources.list.d/syncthing.list
+
+# Update and install syncthing:
+sudo apt-get update
+sudo apt-get install syncthing
+</code>
+</pre>
+</p>
+
+
+<p>
+Both Sam and Larry will create a systemd unit to automate the process of starting Syncthing. Sam and Larry will both replace <b>USER</b> with their respective usernames.
+<pre>
+<code class="nim">
+# Download the recommended systemd unit from the official Syncthing repository
+wget "https://raw.githubusercontent.com/syncthing/syncthing/main/etc/linux-systemd/system/syncthing%40.service"
+
+# Make the file owned by root
+sudo chown root: syncthing\@.service
+
+# Move the file to the appropriate directory
+sudo mv syncthing\@.service /etc/systemd/system
+
+# Reload the daemon with the changes made
+sudo systemctl daemon-reload
+
+# Enable the service on startup
+sudo systemctl enable syncthing@<b>USER</b>
+
+# Start the service
+sudo systemctl start syncthing@<b>USER</b>
+
+# Check the status
+sudo systemctl status syncthing@<b>USER</b>
+
+# Example output for Sam
+syncthing@sam.service - Syncthing - Open Source Continuous File Synchronization for sam
+     Loaded: loaded (/etc/systemd/system/syncthing@.service; <font color="5af68d"><b style="color:inherit; background-color:inherit; border:none">enabled</b></font>; preset: enabled)
+     Active: <font color="5af68d"><b style="color:inherit; background-color:inherit; border:none">active (running)</b></font> since Fri 2024-10-25 12:15:35 EDT; 1h 46min ago
+       Docs: man:syncthing(1)
+   Main PID: 3634 (syncthing)
+      Tasks: 17 (limit: 4622)
+     Memory: 35.8M
+        CPU: 19.790s
+     CGroup: /system.slice/system-syncthing.slice/syncthing@sam.service
+             \u251c\u25003634 /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
+             \u2514\u25003641 /usr/bin/syncthing serve --no-browser --no-restart --logflags=0
+</code>
+</pre>
+</p>
+
+<p>
+Syncthing is now running as a daemon, and will sync files in the background. Because of its continuous file synchronization, file transfers will restart automatically should any interruptions in VPN connection or power supply occur.
+</p>
+
+<p>
+Sam and Larry will navigate to <b>localhost:8384</b> in their browsers to open the Syncthing web GUI. Sam and Larry are greeted with an option to allow anonymous reporting, which they can accept or deny.
+<img src="2.png" class="imgRz">
+</p>
+
+<p>
+Sam and Larry may choose to password protect their Syncthing web GUI, but in this article we'll just click OK.
+<img src="3.png" class="imgRz">
+</p>
+
+<p>
+We will switch to Larry's perspective.
+<br>
+<img src="larry.png">
+</p>
+
+<p>
+Larry clicks on Actions -> Show ID to get the ID of his device.
+<img src="4.png" class="imgRz">
+</p>
+
+<p>
+Larry now starts a <a href=https://blog.nowhere.moe/opsec/anonsimplex/index.html target=_blank>SimpleX</a> chat with Sam using disappearing messages and sends his Syncthing Device ID.
+<img src="5.png" class="imgRz">
+</p>
+
+<p>
+We will switch to Sam's perspective.
+<br>
+<img src="sam.png">
+</p>
+
+<p>
+Syncthing adds a Default Folder at <b>/home/sam/Sync</b> which will be used to share files. This can of course be changed if desired. Sam clicks to Add Remote Device and adds Larry's Device ID. Sam adds a Device Name as well.
+<img src="6.png" class="imgRz">
+</p>
+
+<p>
+Sam has 10GB of "Linux ISOs" he wants to share with Larry. Sam will start by moving the desired files to <b>/home/sam/Sync</b>.
+<pre>
+<code class="nim">
+sam@debian:~$ mv *.iso /home/sam/Sync && ls -lh /home/sam/Sync
+total 11G
+-rw-r--r-- 1 sam sam 2.9G Oct 27 12:56 linux-1.iso
+-rw-r--r-- 1 sam sam 2.9G Oct 30 09:18 linux-2.iso
+-rw-r--r-- 1 sam sam 2.9G Oct 30 09:18 linux-3.iso
+-rw-r--r-- 1 sam sam 1.5G Oct 26 17:06 linux-4-broken.iso
+</code>
+</pre>
+</p>
+
+<p>
+From there, Syncthing will automatically detect the files and scan them.
+<img src="7.png" class="imgRz">
+</p>
+
+<p>
+Once scanning is complete, Sam is ready to share the files with Larry. On the Default Folder, Sam clicks Edit -> Sharing -> larry-computer and Save.
+<img src="8.png" class="imgRz">
+</p>
+
+<p>
+We will switch to Larry's perspective.
+<br>
+<img src="larry.png">
+</p>
+
+<p>
+Larry receives a notification that Sam wants to connect and share something with him. Larry accepts the connection and shared Default Folder.
+<img src="9.png" class="imgRz">
+</p>
+
+<p>
+Notice how the IP address that is shown to Larry is that of a Syncthing relay server like mentioned previously. If a direct connection had been established, Sam's VPN IP address would have been shown instead.
+<img src="10.png" class="imgRz">
+</p>
+
+<p>
+The file transfer starts.
+<br>
+<img src="11.png" class="imgRz">
+</p>
+
+<p>
+Once finished, Larry has a complete copy of all of the files in <b>/home/larry/Sync</b>. Larry notices that Sam sent a Linux ISO that is broken. Larry fixes this broken Linux ISO and also adds a Linux ISO of his own to the shared folder.
+<br>
+<img src="12.png" class="imgRz">
+</p>
+
+<p>
+Back to Sam's perspective.
+<br>
+<img src="sam.png">
+</p>
+
+<p>
+Because the file transfer is bi-directional by default, the changes that Larry made are synced back to Sam!
+<pre>
+<code class="nim">
+sam@debian:~$ ls -lh /home/sam/Sync
+total 12G
+-rw-r--r-- 1 sam sam 1.5G Oct 30 10:47 larry-favorite.iso
+-rw-r--r-- 1 sam sam 2.9G Oct 27 12:56 linux-1.iso
+-rw-r--r-- 1 sam sam 2.9G Oct 30 09:18 linux-2.iso
+-rw-r--r-- 1 sam sam 2.9G Oct 30 09:18 linux-3.iso
+-rw-r--r-- 1 sam sam 1.5G Oct 26 17:06 linux-4-fixed.iso
+</code>
+</pre>
+</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Conclusion</b></h2> </br> </br>
+
+<p>
+Sam was able to privately share 10GB of files and automatically receive changes to those files all while keeping his internet activity hidden. Notice how Larry was able to overwrite a file that Sam originally shared. There may be cases where this is undesirable and this option can be changed under Default Folder -> Edit -> Advanced and selecting either Send Only or Receive Only.
+<img src="13.png" class="imgRz">
+</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4 class="readable">About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u>
+						8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
+					</p></br>
+					<p style="word-wrap: break-word;"><u>Donate XMR to the author:</u>
+						8AHNGepbz9844kfCqR4aVTCSyJvEKZhtxdyz6Qn8yhP2gLj5u541BqwXR7VTwYwMqbGc8ZGNj3RWMNQuboxnb1X4HobhSv3</p>
+					<p class="readable"><u>Contact:</u> nihilist@contact.nowhere.moe (<a
+							href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/syncthingvpn/larry.png b/opsec/syncthingvpn/larry.png
new file mode 100644
index 0000000..4ed8d71
Binary files /dev/null and b/opsec/syncthingvpn/larry.png differ
diff --git a/opsec/syncthingvpn/sam.png b/opsec/syncthingvpn/sam.png
new file mode 100644
index 0000000..c680e65
Binary files /dev/null and b/opsec/syncthingvpn/sam.png differ
diff --git a/opsec/tailsqemuvm/20.png b/opsec/tailsqemuvm/20.png
new file mode 100644
index 0000000..c6bc5be
Binary files /dev/null and b/opsec/tailsqemuvm/20.png differ
diff --git a/opsec/tailsqemuvm/21.png b/opsec/tailsqemuvm/21.png
new file mode 100644
index 0000000..e051e0f
Binary files /dev/null and b/opsec/tailsqemuvm/21.png differ
diff --git a/opsec/tailsqemuvm/30.png b/opsec/tailsqemuvm/30.png
new file mode 100644
index 0000000..03699c3
Binary files /dev/null and b/opsec/tailsqemuvm/30.png differ
diff --git a/opsec/tailsqemuvm/31.png b/opsec/tailsqemuvm/31.png
new file mode 100644
index 0000000..5e9aace
Binary files /dev/null and b/opsec/tailsqemuvm/31.png differ
diff --git a/opsec/tailsqemuvm/32.png b/opsec/tailsqemuvm/32.png
new file mode 100644
index 0000000..6bc7559
Binary files /dev/null and b/opsec/tailsqemuvm/32.png differ
diff --git a/opsec/tailsqemuvm/33.png b/opsec/tailsqemuvm/33.png
new file mode 100644
index 0000000..03699c3
Binary files /dev/null and b/opsec/tailsqemuvm/33.png differ
diff --git a/opsec/tailsqemuvm/34.png b/opsec/tailsqemuvm/34.png
new file mode 100644
index 0000000..a2daa7f
Binary files /dev/null and b/opsec/tailsqemuvm/34.png differ
diff --git a/opsec/tailsqemuvm/35.png b/opsec/tailsqemuvm/35.png
new file mode 100644
index 0000000..e03f6f5
Binary files /dev/null and b/opsec/tailsqemuvm/35.png differ
diff --git a/opsec/tailsqemuvm/36.png b/opsec/tailsqemuvm/36.png
new file mode 100644
index 0000000..6eb5690
Binary files /dev/null and b/opsec/tailsqemuvm/36.png differ
diff --git a/opsec/tailsqemuvm/37.png b/opsec/tailsqemuvm/37.png
new file mode 100644
index 0000000..058c517
Binary files /dev/null and b/opsec/tailsqemuvm/37.png differ
diff --git a/opsec/tailsqemuvm/40.mp4 b/opsec/tailsqemuvm/40.mp4
new file mode 100644
index 0000000..89f1a33
Binary files /dev/null and b/opsec/tailsqemuvm/40.mp4 differ
diff --git a/opsec/tailsqemuvm/index.html b/opsec/tailsqemuvm/index.html
index 9faea61..f82894b 100644
--- a/opsec/tailsqemuvm/index.html
+++ b/opsec/tailsqemuvm/index.html
@@ -8,7 +8,7 @@
     <meta name="author" content="">
     <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
 
-    <title>Tails OS QEMU VM for Temporary Anonymity</title>
+    <title>Tails OS for Temporary Sensitive Use</title>
 
     <!-- Bootstrap core CSS -->
     <link href="../../assets/css/bootstrap.css" rel="stylesheet">
@@ -60,21 +60,21 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-06-14</ba></p>
-<h1>Tails OS QEMU VM for Temporary Anonymity </h1>
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-10-03</ba></p>
+<h1>Tails OS for Temporary Sensitive Use </h1>
 <img src="0.png" style="width:250px">
-<p>In this tutorial we're going to look at how you can run Tails OS (The Amnesic Incognito Linux System) in a QEMU VM, following the official documentation <a href="https://tails.net/doc/advanced_topics/virtualization/virt-manager/index.en.html">here</a>. </p>
+<p>In this tutorial we're going to look at how you can run Tails OS (The Amnesic Incognito Linux System) on a USB Stick, and also on a QEMU VM, following the official documentation <a href="https://tails.net/doc/advanced_topics/virtualization/virt-manager/index.en.html">here</a>. </p>
 
-<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<p><b>Tails OS is suitable for Short Term Sensitive Use due to it's default live-mode feature</b>, where upon shutting down the OS, every forensic trace of what you were doing is completely erased from memory, where the entire OS is loaded into. There are no disk-writes at all by default. (Unless if you use the persistent storage, which is not suitable for sensitive use, due to not being deniable encryption like <a href="../veracrypt/index.html">Veracrypt</a> ).</p>
+<img src="37.png" class="imgRz">
+<p>While it is similar to Whonix, it is specificially intended for temporary sensitive use. <a href="../sensitivevm/index.html">Whonix</a> on the other hand can be used for long-term sensitive use. Click <a href="https://www.whonix.org/wiki/Comparison_with_Others">here</a> for more details on the differences between Whonix and Tails.</p>
+<p><h2><u>OPSEC Recommendations (for the live USB setup):</u></h2></p>
 <ol>
-    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Hardware : (Personal Computer / Laptop) and a USB stick (with at least 2GB)</p></li>
     <li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
-    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
-    <li><p>Application: <a href="../index.html">Host-based VPN</a> (if your ISP doesn't allow Tor traffic)  </p></li>
 </ol>
-<p>I recommend using this setup into one of the above mentionned VMs, for <a href="../anonymityexplained/index.html">Anonymous use</a>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
-<p><u>Sidenote:</u> If your ISP does not allow Tor traffic, make sure that you <a href="../vpnqemu/index.html">route the  QEMU VMs traffic through a VPN</a>, to hide the tor traffic from your ISP (You -> VPN -> Tor) Setup</p>
 
+<p>I recommend using this setup for <a href="../anonymityexplained/index.html">Anonymous use</a> if you store anything into the persistent storage, <b>or for short-term <a href="../deniability/index.html">Sensitive use</a> if you are not storing anything sensitive in the persistent storage</b>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
           
 	       </div>
 			</div><!-- /row -->
@@ -86,7 +86,7 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Tails Setup </b></h2>
+          <h2><b>Tails live USB Setup </b></h2>
 <p>First we download Tails OS as a USB image <a href="https://tails.net/install/download/index.en.html">here</a>:</p>
 <img src="1.png" class="imgRz">
 <p>Then we resize the image size to be able to contain persistent storage (in this case, i'll make it 8Gbs):</p>
@@ -99,7 +99,55 @@
 → truncate -s 8192M tails-amd64-6.3.img 	
 
 </code></pre>
-<p>And now we can create the VM in virt-manager like so:</p>
+<p>Now here we can use <a href="https://etcher.balena.io/#download-etcher">balenaetcher</a> to flash the tails OS image onto a usb stick that we plug in on our computer:</p>
+<img src="30.png" class="imgRz">
+<pre><code class="nim">
+nihilist@mainpc:~$ lsblk
+NAME        MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINTS
+
+[...]
+<b>sdc           8:32   1  14.6G  0 disk  </b>
+[...]
+
+nihilist@mainpc:~$ cd .mullvad-browser/Downloads/
+nihilist@mainpc:~/.mullvad-browser/Downloads$ unzip balenaEtcher-linux-x64-1.19.25.zip 
+nihilist@mainpc:~/.mullvad-browser/Downloads$ cd balenaEtcher-linux-x64/
+nihilist@mainpc:~/.mullvad-browser/Downloads/balenaEtcher-linux-x64$ ./balena-etcher
+
+</pre></code>
+<img src="31.png" class="imgRz">
+<img src="32.png" class="imgRz">
+<img src="33.png" class="imgRz">
+<p>Now that the Tails OS image has been flashed onto the usb stick, you can simply reboot your computer, and then enter the boot menu to choose to boot onto the USB rather than onto your host OS. In this example i need to press ESC, but depending on your motherboard you may need to press F2, or F11, or another key.</p>
+<img src="34.png" class="imgRz">
+<p>Then after entering the boot options by pressing ESC, we press 1 to choose to boot onto the USB key, rather than booting on the system drive.</p>
+<img src="35.png" class="imgRz">
+<img src="36.png" class="imgRz">
+<p>And you've just booted in Tails OS from your usb key!</p>
+
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Tails QEMU VM Setup </b></h2>
+<img src="21.png" class="imgRz">
+<p><h2><u>OPSEC Recommendations (for the QEMU setup):</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
+    <li><p>Application: <a href="../index.html">Host-based VPN</a> (if your ISP doesn't allow Tor traffic)  </p></li>
+</ol>
+<p><u>Sidenote:</u> If your ISP does not allow Tor traffic, make sure that you <a href="../vpnqemu/index.html">route the  QEMU VMs traffic through a VPN</a>, to hide the tor traffic from your ISP (You -> VPN -> Tor) Setup</p>
+
+
+<p>Now in the same way (even though it is a less-popular setup) we can also we can create a Tails OS QEMU VM in virt-manager like so:</p>
 <img src="2.png" class="imgRz">
 <img src="3.png" class="imgRz">
 <img src="4.png" class="imgRz">
@@ -122,12 +170,12 @@
 	    </div> <!-- /container -->
 	</div><!-- /white -->
 
-  <div id="anon2">
+  <div id="anon3">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Persistent Storage Setup</b></h2> </br> </br>
-<p>Next, if you want to enable the persistent storage go there:</p>
+          <h2><b>Persistent Storage Setup (warning, this is not <a href="../veracrypt/index.html">deniable encryption</a>!)</b></h2> </br> </br>
+<p>Next, if you want to enable the persistent storage <b>(which uses regular encryption, do not store anything sensitive in it!)</b> go there:</p>
 <img src="13.png" class="imgRz">
 <p>make sure you enter a strong password that can't be bruteforced easily:</p>
 <img src="14.png" class="imgRz">
@@ -177,6 +225,27 @@ Nsyh+-..+y+-   yMMMMd   :mMM+   DE: GNOME 43.9
 </code></pre>
 
 <p>And that's it! We managed to run tails OS from a QEMU VM and install some software into the persistent storage.</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Deniability Context</b></h2> </br> </br>
+<p>Now suppose you are living in a country where using Tails OS and Tor is not going to be a reason to immediately throw you in jail, the adversary is busting down your door, while you are browsing a sensitive website with it, and you want to make sure that there is no incriminating evidence to be found against you when the adversary seizes your computer.</p>
+<p><b>Reminder, this is only for temporary sensitive use, do not save anything sensitive in the persistent storage because otherwise the adversary can force you to unlock it to reveal the contents.</b></p>
+<p>If you have a regular live usb tails os setup, all you need to do is to simply <b>unplug or disconnect the USB stick to shutdown the system and wipe off all forensic trace of what you were doing:</b></p>
+ <video width="100%" height="100%" controls>
+  <source src="40.mp4" type="video/mp4">
+</video> 
+
+<p>And If you have a Tails OS VM, you can simply hit the shutdown button to erase what you were doing in the VM:</p>
+<img src="20.png" class="imgRz">
+<p>All you need is to shutdown the VM, and everything forensic trace of what you were doing in it gets immediately erased from memory, as if there was nothing there to begin with. <b>Effectively leaving the adversary empty-handed with no incriminating evidence to use against you in court.</b></p>
+<p>And that's it! You now have a dedicated live OS for temporary sensitive use.</p>
 
 				</div>
 			</div><!-- /row -->
@@ -190,7 +259,7 @@ Nsyh+-..+y+-   yMMMMd   :mMM+   DE: GNOME 43.9
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/test/index.html b/opsec/test/index.html
index 60d66de..969df23 100644
--- a/opsec/test/index.html
+++ b/opsec/test/index.html
@@ -161,7 +161,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/testnihil/index.html b/opsec/testnihil/index.html
index 557cf35..66e8b5b 100644
--- a/opsec/testnihil/index.html
+++ b/opsec/testnihil/index.html
@@ -161,7 +161,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/tor/bridge/index.html b/opsec/tor/bridge/index.html
index 9aa2000..1110be2 100644
--- a/opsec/tor/bridge/index.html
+++ b/opsec/tor/bridge/index.html
@@ -64,7 +64,11 @@
 					<h1>TOR Bridge (June 2023 update)</h1>
 					<img src="../logo.png" class="imgRz">
                     <p> Before we start, you will need a Debian VPS (you can get one on digitalocean for example), if you prefer to use your own self hosted server, make sure that port 80 and 443 are correctly port forwarded so that the public ip points to the server and not the router. Once that's done, go and ssh into your Debian server. </p>
-          
+<p>Now regarding the choice of location for the server, in order to make sure that Tor remains decentralised,  make sure that you are picking a country that doesn't have many tor nodes (see the <a href="https://metrics.torproject.org/bubbles.html#country">bubbles graph</a>):</p>
+<img src="../relay/country.png" class="imgRz">
+<p><u>Disclaimer:</u> <b>Do not host your Tor node in Germany, Netherlands or in the US, as there are already too many nodes in those countries.</b> Try to run your own Tor nodes in countries that have the least nodes preferably, as this will help keeping the Tor network decentralized.</p>
+
+ 
 	       </div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
@@ -233,7 +237,7 @@ Bridge obfs4 134.209.26.190:8042 829165B21621041E7A9CDF7192AFFC51CA640B0E  cert=
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/tor/exit_node/index.html b/opsec/tor/exit_node/index.html
index a78d345..8f59715 100644
--- a/opsec/tor/exit_node/index.html
+++ b/opsec/tor/exit_node/index.html
@@ -77,6 +77,9 @@ If you are still motivated to get your own exit node, keep the phone number of a
 
 <p>Now you can get a domain name to resolve to your exit node, or just use the one provided by njal.la :</p>
 <img src="8.png" class="imgRz">
+<p>Now regarding the choice of location for the server, in order to make sure that Tor remains decentralised,  make sure that you are picking a country that doesn't have many tor nodes (see the <a href="https://metrics.torproject.org/bubbles.html#country">bubbles graph</a>):</p>
+<img src="../relay/country.png" class="imgRz">
+<p><u>Disclaimer:</u> <b>Do not host your Tor node in Germany, Netherlands or in the US, as there are already too many nodes in those countries.</b> Try to run your own Tor nodes in countries that have the least nodes preferably, as this will help keeping the Tor network decentralized.</p>
 
           
 	       </div>
@@ -222,7 +225,7 @@ root@exit:~# nyx
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/tor/relay/country.png b/opsec/tor/relay/country.png
new file mode 100644
index 0000000..ab9c852
Binary files /dev/null and b/opsec/tor/relay/country.png differ
diff --git a/opsec/tor/relay/index.html b/opsec/tor/relay/index.html
index 9ac75d5..3a7d2b1 100644
--- a/opsec/tor/relay/index.html
+++ b/opsec/tor/relay/index.html
@@ -67,7 +67,9 @@
 					<p>You will also need to make sure that the VPS provider allows the hosting of a tor node! check torproject's good/bad isps page <a href="https://community.torproject.org/relay/community-resources/good-bad-isps/">here</a>. </p>
 					<img src="1.png" class="imgRz">
 					<p> For example, you wouldn't be able to host an exit node on DigitalOcean, however hosting a regular node is completely fine.</p>
-<p><a href="https://git.nowhere.moe/nihilist/blog-contributions/issues/101">TODO</a>: showcase the Tor DDOS PoW protection </p>
+<p>Now regarding the choice of location for the server, in order to make sure that Tor remains decentralised,  make sure that you are picking a country that doesn't have many tor nodes (see the <a href="https://metrics.torproject.org/bubbles.html#country">bubbles graph</a>):</p>
+<img src="country.png" class="imgRz">
+<p><u>Disclaimer:</u> <b>Do not host your Tor node in Germany, Netherlands or in the US, as there are already too many nodes in those countries.</b> Try to run your own Tor nodes in countries that have the least nodes preferably, as this will help keeping the Tor network decentralized.</p>
           
 	       </div>
 			</div><!-- /row -->
@@ -149,7 +151,7 @@ nyx
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/torbrowsing/index.html b/opsec/torbrowsing/index.html
index f07b4bf..123e295 100644
--- a/opsec/torbrowsing/index.html
+++ b/opsec/torbrowsing/index.html
@@ -222,7 +222,7 @@ extraction percent done: 100 / 100
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/torthroughvpn/18.png b/opsec/torthroughvpn/18.png
new file mode 100644
index 0000000..010a6b0
Binary files /dev/null and b/opsec/torthroughvpn/18.png differ
diff --git a/opsec/torthroughvpn/19.png b/opsec/torthroughvpn/19.png
new file mode 100644
index 0000000..d2bbb14
Binary files /dev/null and b/opsec/torthroughvpn/19.png differ
diff --git a/opsec/torthroughvpn/20.png b/opsec/torthroughvpn/20.png
new file mode 100644
index 0000000..aa75d99
Binary files /dev/null and b/opsec/torthroughvpn/20.png differ
diff --git a/opsec/torthroughvpn/21.png b/opsec/torthroughvpn/21.png
new file mode 100644
index 0000000..72cd31d
Binary files /dev/null and b/opsec/torthroughvpn/21.png differ
diff --git a/opsec/torthroughvpn/index.html b/opsec/torthroughvpn/index.html
index a9724dd..c52a136 100644
--- a/opsec/torthroughvpn/index.html
+++ b/opsec/torthroughvpn/index.html
@@ -122,6 +122,24 @@ you -> VPN -> Tor -> VPN -> service
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Use DAITA when trying to use VPNs for Anonymity</b></h2> </br> </br>
+<p>When trying to use VPNs for anonymity, take note that we need to prevent traffic correlation as much as possible, hence we want to protect against AI-guided traffic analysis, <b>in order to make sure our VPN traffic looks the same as with other users.</b> To do so we enable DAITA (Defense Against AI-guided traffic analysis) in the mullvad VPN:</p>
+<img src="18.png" style="width:250px;">
+<img src="19.png" style="width:250px;">
+<img src="20.png" style="width:250px;">
+<img src="21.png" style="width:250px;">
+<p>Once enabled this will prevent an adversary watching connections to and from a VPN server to figure out which VPN user (that is currently using a VPN server) is visiting which website, based on the packet size and traffic patterns. (see <a href="https://mullvad.net/en/vpn/daita">this article</a> for more details on how DAITA works)</p>
+
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="anon1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
           <h2><b>First Goal: Accessing websites that block Tor</b></h2> </br> </br>
 <p>Great, you found out about Tor, you want to be anonymous while browsing the web, and now you start to use your favorite centralised services (google, youtube for example) <b>but you realize that they don't allow you to use their service while you use tor!</b></p>
 <img src="1.png" class="imgRz">
@@ -155,7 +173,7 @@ You -> Tor -> VPN -> Destination
 
 
   <!-- +++++ Second Post +++++ -->
-	<div id="anon1">
+	<div id="anon2">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
@@ -176,7 +194,7 @@ You -> VPN -> Tor -> Destination
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
-	<div id="anon2">
+	<div id="anon1">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
@@ -212,7 +230,7 @@ Several countries, including China and Iran, have found ways to detect and block
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/torvsvpns/index.html b/opsec/torvsvpns/index.html
index 12abc42..a2d8679 100644
--- a/opsec/torvsvpns/index.html
+++ b/opsec/torvsvpns/index.html
@@ -134,7 +134,7 @@ Until Jack can figure out who that Someone is, that someone is Anonymous.
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/torweb/index.html b/opsec/torweb/index.html
index 86ae083..60a415c 100644
--- a/opsec/torweb/index.html
+++ b/opsec/torweb/index.html
@@ -78,7 +78,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/torwebsite/index.html b/opsec/torwebsite/index.html
index 585ebab..9cf9d8b 100644
--- a/opsec/torwebsite/index.html
+++ b/opsec/torwebsite/index.html
@@ -451,7 +451,7 @@ Add the following to your <code>/etc/tor/torrc</code>
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/tutorial/index.html b/opsec/tutorial/index.html
index 10d726b..e6c8096 100644
--- a/opsec/tutorial/index.html
+++ b/opsec/tutorial/index.html
@@ -159,7 +159,7 @@ Congratulations, you just managed to gain privacy at your own house / apartment
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/veracrypt/index.html b/opsec/veracrypt/index.html
index 7aa7b8e..bacfbbb 100644
--- a/opsec/veracrypt/index.html
+++ b/opsec/veracrypt/index.html
@@ -8,7 +8,7 @@
     <meta name="author" content="">
     <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
 
-    <title>Plausible Deniability Setup</title>
+    <title>The main source of Plausible Deniability: Deniable Encryption</title>
 
     <!-- Bootstrap core CSS -->
     <link href="../../assets/css/bootstrap.css" rel="stylesheet">
@@ -61,11 +61,31 @@
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-01-31</ba></p>
-<h1>Plausible Deniability Setup </h1>
+<h1>The main source of Plausible Deniability: Deniable Encryption </h1>
 <img src="0.png" style="width:250px">
 <p>VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux. It is based on Truecrypt, This tool will be used for Plausible Deniability. </p>
 <p>But why is Plausible Deniability important first of all ? From a legal perspective, depending on jurisdictions, you may be forced to type your password into an encrypted drive if requested. All it takes is for an adversary to be able to prove the existence of an encrypted drive to be able to force you to reveal the password to unlock it. Hence for example the regular LUKS encryption is not enough, <b>because you need to be able to deny the existence of the encrypted volume</b>. If that is the case, we have to use Veracrypt, which is an encryption tool used to provide protection (which is Plausible Deniability) against that scenario where you're forced to provide a password.</p>
-          
+<img src="../deniability/5.png" class="imgRz">
+
+<b>DISCLAIMER: we're using only harddrives (HDDs) here, because using SSDs are not a secure way to have Plausible Deniability, that is due to hidden Volumes being detectable on devices that utilize wear-leveling</b>
+<pre><code class="nim">
+source: https://anonymousplanet.org/guide.html#understanding-hdd-vs-ssd
+
+regarding wear leveling:
+"Also as mentioned earlier, disabling Trim will reduce the lifetime of your SSD drive and will significantly impact its performance over time (your laptop will become slower and slower over several months of use until it becomes almost unusable, you will then have to clean the drive and re-install everything). But you must do it to prevent data leaks that could allow forensics to defeat your plausible deniability. The only way around this at the moment is to have a laptop with a classic HDD drive instead."
+
+</pre></code>
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>System Harddrive: not LUKS encrypted <a href="https://www.kicksecure.com/wiki/Ram-wipe">[1]</a></p></li>
+    <li><p>Non-System Harddrive: 500Gb (used to contain our Veracrypt encrypted volumes)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a> </p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">QEMU/KVM</a></p></li>
+    <li><p>Packages: <a href="../linux/livemode.html">grub-live and ram-wipe</a></p></li>
+</ol>
+
+ 
 	       </div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
@@ -76,19 +96,8 @@
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>Initial Setup </b></h2>
-</br>
-<b>DISCLAIMER: we're using only harddrives (HDDs) here, because using SSDs are not a secure way to have Plausible Deniability, that is due to hidden Volumes being detectable on devices that utilize wear-leveling</b>
-<pre><code class="nim">
-source: https://anonymousplanet.org/guide.html#understanding-hdd-vs-ssd
-
-regarding wear leveling:
-"Also as mentioned earlier, disabling Trim will reduce the lifetime of your SSD drive and will significantly impact its performance over time (your laptop will become slower and slower over several months of use until it becomes almost unusable, you will then have to clean the drive and re-install everything). But you must do it to prevent data leaks that could allow forensics to defeat your plausible deniability. The only way around this at the moment is to have a laptop with a classic HDD drive instead."
-
-</pre></code>
-
-
-<p>Let's install the .deb package for veracrypt: </p>
+          <h2><b>Deniability Context </b></h2>
+<p>Let's install the .deb package for veracrypt (you can install it safely from non-live mode), so that the software is available whenever you want to use it while the host OS is in live mode: </p>
 <img src="1.png" class="imgRz">
 <pre><code class="nim">
 [ mainpc ] [ /dev/pts/1 ] [~/Downloads]
@@ -111,12 +120,21 @@ regarding wear leveling:
 → veracrypt
 
 </code></pre>
+<p>So now that you have veracrypt installed, before you start to use it, you need to be aware of the lack of deniability you have when using the Host OS in regular mode:</p>
+<img src="../livemode/3.png" class="imgRz">
+<p>By default, your host OS directly writes into the system drive all sorts of potential forensic evidence that an adversary may use against you, such as system logs, kernel logs, non-standard logs, etc, and unless if you remove each of those manually, you're never sure of wether or not the Host OS saved proof of the existence of the hidden volume onto the system drive. <b>That's why you need to use the Host OS in <a href="../livemode/index.html">live mode</a>, to be able to use veracrypt.</b></p>
+<img src="../livemode/4.png" class="imgRz">
+<p>That way, as you're loading the entire host OS in the RAM due to being in live mode, you are not writing anything on the system drive anymore, <b>but rather only writing all that potential forensic evidence of the veracrypt hidden volume <u>in RAM alone</u>, which can be easily erased with a simple shutdown</b>.</p>
+<p>So now that we have installed veracrypt, let's reboot the Host OS into live mode:</p>
+<img src="../deniability/7.png" class="imgRz">
 
-<p>Now from there we can create encrypted volumes (either as files or as entire drives). In this case we'll create an encrypted file: </p>
+
+<p><b>And only now once we are in live mode, we can use veracrypt to create hidden encrypted volumes and unlock them.</b> But be aware that everything you write into the system drive will be wiped upon shutting down, <b>if you want to store something persistent accross reboots from live mode, you need to save it in a non-system drive.</b></p>
+<p> So now from there we can create the encrypted volumes (either as files or as entire drives). In this example we'll create an encrypted file: </p>
 <img src="2.png" class="imgRz">
 <p>Here we select that we want a Hidden veracrypt volume as well (which will be able to deny it's existence).</p>
 <img src="3.png" class="imgRz">
-<p>Then we want it to be a simple file in my home directory</p>
+<p>Then we want it to be a simple file in my home directory for testing purposes (so be aware that <u>upon rebooting it will be erased due to being in the system drive</u>). If you want it to not be erased upon rebooting, you'll need to put it in a non-system drive like in <a href="../sensitivevm/index.html">this tutorial.</a></p>
 <img src="4.png" class="imgRz">
 <p>Leave the default settings for the encryption</p>
 <img src="5.png" class="imgRz">
@@ -129,7 +147,7 @@ regarding wear leveling:
 <p>Then move your mouse to make sure the randomness of the encryption is best, then let it complete the formatting. If you are creating a large encrypted volume, it will take time to overwrite all the data. <b>DO NOT SELECT QUICK FORMAT, or you risk having the hidden volume being discoverable by an adversary.</b> </p>
 <img src="9.png" class="imgRz">
 <img src="10.png" class="imgRz">
-<p>Now that's completed, we then create the Hidden Volume, which we'll open only when we are all alone, <b>the existence of this volume must never be revealed to anyone except you.</b>. then we repeat the previous steps:</p>
+<p>Now that's completed, we then create the Hidden Volume, which we'll open only when we are all alone, <b>the existence of this volume must never be revealed to anyone, only you should know about it</b>. then we repeat the previous steps:</p>
 <img src="11.png" class="imgRz">
 <img src="12.png" class="imgRz">
 <p>Here we select the size we need for the hidden volume. </p>
@@ -158,6 +176,7 @@ regarding wear leveling:
 <img src="21.png" class="imgRz">
 <p>And here you see that the volume mounted is now of the "hidden" type</p>
 <img src="22.png" class="imgRz">
+<p>And that's it! We now have setup a test veracrypt volume with a hidden volume, into which we can store some sensitive files.</p>
 
 				</div>
 			</div><!-- /row -->
@@ -170,7 +189,7 @@ regarding wear leveling:
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/vimrc/index.html b/opsec/vimrc/index.html
index a2df766..5e78b06 100644
--- a/opsec/vimrc/index.html
+++ b/opsec/vimrc/index.html
@@ -237,7 +237,7 @@ CTRL+N
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/vpn/index.html b/opsec/vpn/index.html
index f7b8501..146d6e7 100644
--- a/opsec/vpn/index.html
+++ b/opsec/vpn/index.html
@@ -69,6 +69,8 @@
     <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
     <li><p>VM : <a href="../hypervisor/index.html">Linux</a></p></li>
 </ol>
+
+
 <p>I recommend to use that setup as part of your <a href="../privacy/index.html">Privacy Use</a> online, to hide what you are browsing online from your ISP</p>
 
           
@@ -166,6 +168,39 @@ mullvad-vpn/unknown,now 2024.4 amd64 [installed]
 <img src="13.png" class="imgRz">
 <p>If you want to reduce your fingerprinting attack surface as much as possible, you can choose to disable javascript by selecting the "Safest" security level, but it may break some websites functionnality.</p>
 <img src="14.png" class="imgRz">
+
+<br><br><br><br>
+          <h2><b>Mobile Setup</b></h2> </br> </br>
+
+          <p><h2><u>OPSEC Recommendations: </u></h2></p>
+<ul>
+    <li><p>Hardware: Google Pixel</p></li>
+    <li><p>Host OS: <a href="../graphene/index.html">Graphene OS</a></p></li>
+    <li><p>Configuration: Can be set in the Private or Anonymous Profile</p></li>
+</ul>
+
+<p>
+
+Of course, Bob can set Mullvad up on mobile as well. He searches for Mullvad in the F-Droid store and then clicks Install. Leaving the default Network permission, he clicks Install on the pop-up.
+<img src="m1.png" class="imgRz">
+</p>
+
+<p>
+Once the app is downloaded, Bob opens it up. Bob agrees to the Mullvad's privacy policy and then grants notification permissions. Finally, he enters his account information and clicks Login.
+<img src="m2.png" class="imgRz">
+</p>
+
+<p>
+Mullvad will alert Bob to the fact that the connection is unsecured. Bob clicks Secure my connection to connect. If it is Bob's first time using Mullvad, he will need to grant it permission to establish a VPN connection. Bob should now be connected!
+<img src="m3.png" class="imgRz">
+</p>
+
+<p>
+To verify the mobile connection, Bob navigates to <a href="https://mullvad.net/en/check">https://mullvad.net/en/check</a> and ensures the connection is not leaking any information.
+<img src="m4.png" class="imgRz">
+</p>
+
+
 				</div>
 			</div><!-- /row -->
 	    </div> <!-- /container -->
@@ -181,6 +216,7 @@ mullvad-vpn/unknown,now 2024.4 amd64 [installed]
 <p>So now currently, Bob has managed to setup a Debian VM (with only open source software) with a VPN in order to use it and gain privacy from his ISP.</p>
 <img src="10.png" class="imgRz">
 <p>Currently, Bob's setup is suitable for Public use (thanks to his windows VM), AND suitable for Private use too (thanks to his debian VM with the VPN setup).</p>
+<p>However you can also setup the <a href="../vpnqemu/index.html">VPN from the Host OS directly</a>, so that every VM in it goes through the VPN. </p>
 <p>Next, Bob can setup KeepassXC to implement proper <a href="../passwordmanagement/index.html">Password Management</a>.</p>
 
 				</div>
@@ -196,7 +232,7 @@ mullvad-vpn/unknown,now 2024.4 amd64 [installed]
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/vpn/m1.png b/opsec/vpn/m1.png
new file mode 100644
index 0000000..cb325fd
Binary files /dev/null and b/opsec/vpn/m1.png differ
diff --git a/opsec/vpn/m2.png b/opsec/vpn/m2.png
new file mode 100644
index 0000000..913f1bc
Binary files /dev/null and b/opsec/vpn/m2.png differ
diff --git a/opsec/vpn/m3.png b/opsec/vpn/m3.png
new file mode 100644
index 0000000..e94b980
Binary files /dev/null and b/opsec/vpn/m3.png differ
diff --git a/opsec/vpn/m4.png b/opsec/vpn/m4.png
new file mode 100644
index 0000000..2a0fb73
Binary files /dev/null and b/opsec/vpn/m4.png differ
diff --git a/opsec/vpnqemu/index.html b/opsec/vpnqemu/index.html
index 4697ee3..90ccfa3 100644
--- a/opsec/vpnqemu/index.html
+++ b/opsec/vpnqemu/index.html
@@ -179,7 +179,7 @@ curl ifconfig.me
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/whentorisblocked/0.png b/opsec/whentorisblocked/0.png
new file mode 100644
index 0000000..365dcea
Binary files /dev/null and b/opsec/whentorisblocked/0.png differ
diff --git a/opsec/anonymity/1.png b/opsec/whentorisblocked/1.png
similarity index 100%
rename from opsec/anonymity/1.png
rename to opsec/whentorisblocked/1.png
diff --git a/opsec/anonymity/10.png b/opsec/whentorisblocked/10.png
similarity index 100%
rename from opsec/anonymity/10.png
rename to opsec/whentorisblocked/10.png
diff --git a/opsec/anonymity/100.png b/opsec/whentorisblocked/100.png
similarity index 100%
rename from opsec/anonymity/100.png
rename to opsec/whentorisblocked/100.png
diff --git a/opsec/anonymity/101.png b/opsec/whentorisblocked/101.png
similarity index 100%
rename from opsec/anonymity/101.png
rename to opsec/whentorisblocked/101.png
diff --git a/opsec/anonymity/102.png b/opsec/whentorisblocked/102.png
similarity index 100%
rename from opsec/anonymity/102.png
rename to opsec/whentorisblocked/102.png
diff --git a/opsec/anonymity/103.png b/opsec/whentorisblocked/103.png
similarity index 100%
rename from opsec/anonymity/103.png
rename to opsec/whentorisblocked/103.png
diff --git a/opsec/anonymity/104.png b/opsec/whentorisblocked/104.png
similarity index 100%
rename from opsec/anonymity/104.png
rename to opsec/whentorisblocked/104.png
diff --git a/opsec/anonymity/105.png b/opsec/whentorisblocked/105.png
similarity index 100%
rename from opsec/anonymity/105.png
rename to opsec/whentorisblocked/105.png
diff --git a/opsec/anonymity/106.png b/opsec/whentorisblocked/106.png
similarity index 100%
rename from opsec/anonymity/106.png
rename to opsec/whentorisblocked/106.png
diff --git a/opsec/anonymity/11.png b/opsec/whentorisblocked/11.png
similarity index 100%
rename from opsec/anonymity/11.png
rename to opsec/whentorisblocked/11.png
diff --git a/opsec/anonymity/12.png b/opsec/whentorisblocked/12.png
similarity index 100%
rename from opsec/anonymity/12.png
rename to opsec/whentorisblocked/12.png
diff --git a/opsec/anonymity/13.png b/opsec/whentorisblocked/13.png
similarity index 100%
rename from opsec/anonymity/13.png
rename to opsec/whentorisblocked/13.png
diff --git a/opsec/anonymity/14.png b/opsec/whentorisblocked/14.png
similarity index 100%
rename from opsec/anonymity/14.png
rename to opsec/whentorisblocked/14.png
diff --git a/opsec/anonymity/15.png b/opsec/whentorisblocked/15.png
similarity index 100%
rename from opsec/anonymity/15.png
rename to opsec/whentorisblocked/15.png
diff --git a/opsec/anonymity/2.png b/opsec/whentorisblocked/2.png
similarity index 100%
rename from opsec/anonymity/2.png
rename to opsec/whentorisblocked/2.png
diff --git a/opsec/anonymity/20.png b/opsec/whentorisblocked/20.png
similarity index 100%
rename from opsec/anonymity/20.png
rename to opsec/whentorisblocked/20.png
diff --git a/opsec/anonymity/200.png b/opsec/whentorisblocked/200.png
similarity index 100%
rename from opsec/anonymity/200.png
rename to opsec/whentorisblocked/200.png
diff --git a/opsec/anonymity/3.png b/opsec/whentorisblocked/3.png
similarity index 100%
rename from opsec/anonymity/3.png
rename to opsec/whentorisblocked/3.png
diff --git a/opsec/anonymity/30.png b/opsec/whentorisblocked/30.png
similarity index 100%
rename from opsec/anonymity/30.png
rename to opsec/whentorisblocked/30.png
diff --git a/opsec/whentorisblocked/300.png b/opsec/whentorisblocked/300.png
new file mode 100644
index 0000000..63e6d59
Binary files /dev/null and b/opsec/whentorisblocked/300.png differ
diff --git a/opsec/anonymity/4.png b/opsec/whentorisblocked/4.png
similarity index 100%
rename from opsec/anonymity/4.png
rename to opsec/whentorisblocked/4.png
diff --git a/opsec/anonymity/40.png b/opsec/whentorisblocked/40.png
similarity index 100%
rename from opsec/anonymity/40.png
rename to opsec/whentorisblocked/40.png
diff --git a/opsec/anonymity/46.png b/opsec/whentorisblocked/46.png
similarity index 100%
rename from opsec/anonymity/46.png
rename to opsec/whentorisblocked/46.png
diff --git a/opsec/anonymity/47.png b/opsec/whentorisblocked/47.png
similarity index 100%
rename from opsec/anonymity/47.png
rename to opsec/whentorisblocked/47.png
diff --git a/opsec/anonymity/48.png b/opsec/whentorisblocked/48.png
similarity index 100%
rename from opsec/anonymity/48.png
rename to opsec/whentorisblocked/48.png
diff --git a/opsec/anonymity/49.png b/opsec/whentorisblocked/49.png
similarity index 100%
rename from opsec/anonymity/49.png
rename to opsec/whentorisblocked/49.png
diff --git a/opsec/anonymity/5.png b/opsec/whentorisblocked/5.png
similarity index 100%
rename from opsec/anonymity/5.png
rename to opsec/whentorisblocked/5.png
diff --git a/opsec/anonymity/50.png b/opsec/whentorisblocked/50.png
similarity index 100%
rename from opsec/anonymity/50.png
rename to opsec/whentorisblocked/50.png
diff --git a/opsec/anonymity/51.png b/opsec/whentorisblocked/51.png
similarity index 100%
rename from opsec/anonymity/51.png
rename to opsec/whentorisblocked/51.png
diff --git a/opsec/anonymity/52.png b/opsec/whentorisblocked/52.png
similarity index 100%
rename from opsec/anonymity/52.png
rename to opsec/whentorisblocked/52.png
diff --git a/opsec/anonymity/53.png b/opsec/whentorisblocked/53.png
similarity index 100%
rename from opsec/anonymity/53.png
rename to opsec/whentorisblocked/53.png
diff --git a/opsec/anonymity/54.png b/opsec/whentorisblocked/54.png
similarity index 100%
rename from opsec/anonymity/54.png
rename to opsec/whentorisblocked/54.png
diff --git a/opsec/anonymity/55.png b/opsec/whentorisblocked/55.png
similarity index 100%
rename from opsec/anonymity/55.png
rename to opsec/whentorisblocked/55.png
diff --git a/opsec/anonymity/56.png b/opsec/whentorisblocked/56.png
similarity index 100%
rename from opsec/anonymity/56.png
rename to opsec/whentorisblocked/56.png
diff --git a/opsec/anonymity/57.png b/opsec/whentorisblocked/57.png
similarity index 100%
rename from opsec/anonymity/57.png
rename to opsec/whentorisblocked/57.png
diff --git a/opsec/anonymity/58.png b/opsec/whentorisblocked/58.png
similarity index 100%
rename from opsec/anonymity/58.png
rename to opsec/whentorisblocked/58.png
diff --git a/opsec/anonymity/59.png b/opsec/whentorisblocked/59.png
similarity index 100%
rename from opsec/anonymity/59.png
rename to opsec/whentorisblocked/59.png
diff --git a/opsec/anonymity/6.png b/opsec/whentorisblocked/6.png
similarity index 100%
rename from opsec/anonymity/6.png
rename to opsec/whentorisblocked/6.png
diff --git a/opsec/anonymity/60.png b/opsec/whentorisblocked/60.png
similarity index 100%
rename from opsec/anonymity/60.png
rename to opsec/whentorisblocked/60.png
diff --git a/opsec/anonymity/61.png b/opsec/whentorisblocked/61.png
similarity index 100%
rename from opsec/anonymity/61.png
rename to opsec/whentorisblocked/61.png
diff --git a/opsec/anonymity/62.png b/opsec/whentorisblocked/62.png
similarity index 100%
rename from opsec/anonymity/62.png
rename to opsec/whentorisblocked/62.png
diff --git a/opsec/anonymity/63.png b/opsec/whentorisblocked/63.png
similarity index 100%
rename from opsec/anonymity/63.png
rename to opsec/whentorisblocked/63.png
diff --git a/opsec/anonymity/64.png b/opsec/whentorisblocked/64.png
similarity index 100%
rename from opsec/anonymity/64.png
rename to opsec/whentorisblocked/64.png
diff --git a/opsec/anonymity/65.png b/opsec/whentorisblocked/65.png
similarity index 100%
rename from opsec/anonymity/65.png
rename to opsec/whentorisblocked/65.png
diff --git a/opsec/anonymity/66.png b/opsec/whentorisblocked/66.png
similarity index 100%
rename from opsec/anonymity/66.png
rename to opsec/whentorisblocked/66.png
diff --git a/opsec/anonymity/67.png b/opsec/whentorisblocked/67.png
similarity index 100%
rename from opsec/anonymity/67.png
rename to opsec/whentorisblocked/67.png
diff --git a/opsec/anonymity/68.png b/opsec/whentorisblocked/68.png
similarity index 100%
rename from opsec/anonymity/68.png
rename to opsec/whentorisblocked/68.png
diff --git a/opsec/anonymity/69.png b/opsec/whentorisblocked/69.png
similarity index 100%
rename from opsec/anonymity/69.png
rename to opsec/whentorisblocked/69.png
diff --git a/opsec/anonymity/7.png b/opsec/whentorisblocked/7.png
similarity index 100%
rename from opsec/anonymity/7.png
rename to opsec/whentorisblocked/7.png
diff --git a/opsec/anonymity/70.png b/opsec/whentorisblocked/70.png
similarity index 100%
rename from opsec/anonymity/70.png
rename to opsec/whentorisblocked/70.png
diff --git a/opsec/anonymity/71.png b/opsec/whentorisblocked/71.png
similarity index 100%
rename from opsec/anonymity/71.png
rename to opsec/whentorisblocked/71.png
diff --git a/opsec/anonymity/72.png b/opsec/whentorisblocked/72.png
similarity index 100%
rename from opsec/anonymity/72.png
rename to opsec/whentorisblocked/72.png
diff --git a/opsec/anonymity/73.png b/opsec/whentorisblocked/73.png
similarity index 100%
rename from opsec/anonymity/73.png
rename to opsec/whentorisblocked/73.png
diff --git a/opsec/anonymity/8.png b/opsec/whentorisblocked/8.png
similarity index 100%
rename from opsec/anonymity/8.png
rename to opsec/whentorisblocked/8.png
diff --git a/opsec/anonymity/9.png b/opsec/whentorisblocked/9.png
similarity index 100%
rename from opsec/anonymity/9.png
rename to opsec/whentorisblocked/9.png
diff --git a/opsec/whentorisblocked/index.html b/opsec/whentorisblocked/index.html
new file mode 100644
index 0000000..df3149f
--- /dev/null
+++ b/opsec/whentorisblocked/index.html
@@ -0,0 +1,302 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>How to Anonymously access websites that block Tor</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-anon navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-anon" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="anon2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nothing@nowhere - 2023-10-12</ba></p>
+<h1>How to Anonymously access websites that block Tor</h1>
+<p>In this tutorial we're going to cover how we can circumvent a website's attempts at blocking Tor traffic, by using a VPN. As we discussed <a href="../torthroughvpn/index.html">previously</a>, this is relating to the serverside context required to know if we should combine the use of Tor with the use of a VPN. </p>
+
+
+<img src="../torthroughvpn/12.png" class="imgRz">
+<p><b>Here we are using a VPN to hide from the website owner that we are connecting via Tor.</b> Effectively giving off the impression that we are only connecting via a VPN, while in reality Tor is protecting our Anonymity on the IP level. Now we also need to preserve our Anonymity when we are renting and using the VPN, that's why we have to use <a href="../vpn/index.html">MullvadVPN</a> as they don't care who's using their service (they allow both <a href="../torbrowsing/index.html">Tor connections</a> and<a href="../monero2024/index.html"> Monero</a> payments). <b>We are also blending in their large userbase.</b> (which would not be the case if we were using a VPS with openvpn on it, in which we would be the only one to use it).</p>
+<img src="0.png" class="imgRz">
+<p><u>DISCLAIMER:</u> Be aware that when doing a (you -> Tor -> VPN -> website) setup, you are getting rid of the stream isolation that is there by default in Whonix, <b>making every application in that Whonix VM go through one circuit, rather than through many circuits.</b> Over time this can lead to traffic use correlation if you start to use this VM for every other Anonymous use.</p>
+<img src="300.png" class="imgRz">
+<p>So keep in mind that <b>a website blocking Tor traffic is the only scenario in which you need a (you -> Tor -> VPN -> website) setup. the rest of your anonymous activities are to remain in a regular Whonix VM (you -> Tor -> website) setup !</b> </p>
+
+
+<p><h2><u>OPSEC Recommendations:</u></h2></p>
+<ol>
+    <li><p>Hardware : (Personal Computer / Laptop)</p></li>
+    <li><p>Host OS: <a href="../linux/index.html">Linux</a></p></li>
+    <li><p>Hypervisor: <a href="../hypervisorsetup/index.html">libvirtd QEMU/KVM</a></p></li>
+    <li><p>Application: <a href="../index.html">Host-based VPN</a> (if your ISP doesn't allow Tor traffic)  </p></li>
+    <li><p>VM: <a href="../whonixqemuvms/index.html">Whonix VMs</a> (for any regular long-term Anonymous Use)</p></li>
+</ol>
+<p>I recommend using this setup into one of the above mentioned VMs, for <a href="../anonymityexplained/index.html">Anonymous use</a>, as per the <a href="../opsec4levels/index.html">4 basic OPSEC levels</a>.</p>
+<p><u>Sidenote:</u> If your ISP does not allow Tor traffic, make sure that you <a href="../vpnqemu/index.html">route the  QEMU VMs traffic through a VPN</a>, to hide the tor traffic from your ISP (You -> VPN -> Tor) Setup</p>
+
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="anon3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Setting up the VM second Whonix Workstation VM </b></h2>
+<p>Now the first thing to do here is that we copy the existing  the second workstation which will be used as the vpn over tor setup later on so let's copy the .xml and .qcow2 after shutting down the existing workstation:</p>
+<p>Be careful that you need 100Gb for the Whonix Gateway, 100Gb for the Whonix Workstation, and another 100Gb for the Whonix Workstation with the VPN setup we want to make. <b>So you need a total of 300Gb disk space at least!</b></p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/0 ] [/mnt/veracrypt1]
+→ ls
+lost+found     WHONIX_BINARY_LICENSE_AGREEMENT  Whonix-Gateway.qcow2  Whonix-Workstation.qcow2
+refreshvms.sh  WHONIX_DISCLAIMER                Whonix-Gateway.xml    Whonix-Workstation.xml
+script.sh      Whonix-external.xml              Whonix-internal.xml
+
+[ nowhere ] [ /dev/pts/0 ] [/mnt/veracrypt1]
+→ cp Whonix-Workstation.qcow2 Whonix-Workstation-vpn.qcow2
+
+ nowhere ] [ /dev/pts/23 ] [/mnt/veracrypt1]
+→ cp Whonix-Workstation.xml Whonix-Workstation-vpn.xml
+
+[ nowhere ] [ /dev/pts/0 ] [/mnt/veracrypt1]
+→ cp Whonix-Workstation.xml Whonix-Workstation-vpn.xml
+
+</code></pre>
+<p>Then edit the new xml file to match the new VM name:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/23 ] [/mnt/veracrypt1]
+→ vim Whonix-Workstation-vpn.xml
+
+[ nowhere ] [ /dev/pts/23 ] [/mnt/veracrypt1]
+→ cat Whonix-Workstation-vpn.xml | grep Workstation2
+  <<b></b>name>Whonix-Workstation-vpn<</b>/name>
+      <<b></b>source file='/mnt/veracrypt1/Whonix-Workstation-vpn.qcow2'/>
+	
+</code></pre>
+<p>Then we include it in the script.sh script:</p>
+<pre><code class="nim">
+[ nowhere ] [ /dev/pts/23 ] [/mnt/veracrypt1]
+→ cat script.sh
+
+#!/bin/bash
+
+if [ $(virsh -c qemu:///system list --all | grep Whonix | wc -l) -ne 0 ];
+then
+
+	# if the VMs are imported, remove them:
+
+	virsh -c qemu:///system destroy Whonix-Gateway
+	virsh -c qemu:///system destroy Whonix-Workstation
+	virsh -c qemu:///system destroy Whonix-Workstation-vpn
+	virsh -c qemu:///system undefine Whonix-Gateway
+	virsh -c qemu:///system undefine Whonix-Workstation
+	virsh -c qemu:///system undefine Whonix-Workstation-vpn
+	virsh -c qemu:///system net-destroy Whonix-External
+	virsh -c qemu:///system net-destroy Whonix-Internal
+	virsh -c qemu:///system net-undefine Whonix-External
+	virsh -c qemu:///system net-undefine Whonix-Internal
+else
+
+
+	# if the VMs are not imported, import them:
+
+	virsh -c qemu:///system net-define /mnt/veracrypt1/Whonix-external.xml
+	virsh -c qemu:///system net-define /mnt/veracrypt1/Whonix-internal.xml
+	virsh -c qemu:///system net-autostart Whonix-External
+	virsh -c qemu:///system net-start Whonix-External
+	virsh -c qemu:///system net-autostart Whonix-Internal
+	virsh -c qemu:///system net-start Whonix-Internal
+	virsh -c qemu:///system define /mnt/veracrypt1/Whonix-Gateway.xml
+	virsh -c qemu:///system define /mnt/veracrypt1/Whonix-Workstation.xml
+	virsh -c qemu:///system define /mnt/veracrypt1/Whonix-Workstation-vpn.xml
+	# then exit because we dont want to run the rest of wipe.sh
+	exit $? 
+fi
+
+
+[ nowhere ] [ /dev/pts/23 ] [/mnt/veracrypt1]
+→ ./script.sh
+
+Network Whonix-External defined from Whonix-external.xml
+
+Network Whonix-Internal defined from Whonix-internal.xml
+
+Network Whonix-External marked as autostarted
+
+Network Whonix-External started
+
+Network Whonix-Internal marked as autostarted
+
+Network Whonix-Internal started
+
+Domain 'Whonix-Gateway' defined from Whonix-Gateway.xml
+
+Domain 'Whonix-Workstation-vpn' defined from Whonix-Workstation-vpn.xml
+
+Domain 'Whonix-Workstation' defined from Whonix-Workstation.xml
+
+</code></pre>
+<p>Then edit the new workstation VM to have the 10.152.152.12 ip by default (since the other one has the 10.152.152.11 ip):</p>
+<img src="11.png" class="imgRz">
+<img src="12.png" class="imgRz">
+
+<p>You need to keep in mind that currently we have not given out any information about ourselves, other than we've used Tor. We won't stop there, and in order to use a VPN anonymously, you need to acquire it through Tor, buy it with Monero, and force the VPN Connection itself through Tor. Cherry on top is that we're going to use a well-used VPN service, so we won't be the only user with that public VPN ip. But what matters is that we do not give any information about us to the VPN provider. If the VPN provider forces you to provide anything personal (if the vpn provider blocks tor connections, or forces you to buy it with something else than monero), then it would not truly be a non-KYC VPN provider, and thus it's against your privacy. That's the only way you can find out which ones are all just marketing.</p>
+<img src="104.png" class="imgRz">
+<p>Now that's done we can go find a vpn provider for the workstation2, let's try out the very praised mullvad vpn provider <a href="https://kycnot.me/service/mullvad">here</a>, Firstly because it's a non-KYC VPN provider (meaning you can acquire it and use it through Tor, and pay with Monero), also due to the fact that we won't be the only ones using that service, it means we won't need to change the VPN server when we want to have another identity online. On top of that, mullvad gives us the ability to connect to a random server of theirs, via openvpn via TCP on port 443, which is definitely neat because it mimicks web HTTPS traffic, and isn't blockable by tor exit node hosters (which is definitely a trend, most of them block ports that are suceptible to abuse, 443 https being the least likely of them): </p>
+<img src="49.png" class="imgRz">
+<img src="50.png" class="imgRz">
+<p>now to not loose your accesses , make sure to save credentials in a local keepass database on the VM.</p>
+<img src="51.png" class="imgRz">
+<img src="52.png" class="imgRz">
+<img src="53.png" class="imgRz">
+<p>Now let's add time to our account, and of course we will pay with <a href="https://iv.nowhere.moe/watch?v=YTTac2XjyFY">the only cryptocurrency that's used</a>:</p>
+<img src="54.png" class="imgRz">
+<img src="56.png" class="imgRz">
+<p>To get some monero you can buy it on localmonero.co, and make sure it arrives on your monero wallet inside the whonix VM, never trust centralised exchanges with your assets, always keep them locally.</p>
+<img src="55.png" class="imgRz">
+<p>Once it finishes installing, create your monero wallet:</p>
+<img src="57.png" class="imgRz">
+<p>Then say no to mining and use an onion-based monero daemon, like the one i'm hosting, you can find a full list of other ones <a href="https://monero.fail/">here</a>:</p>
+<img src="58.png" class="imgRz">
+<p>Wait for it to finish synchronizing, then get some monero from a vendor on localmonero.co (by giving them a wallet address you'd have created: </p>
+<img src="59.png" class="imgRz">
+<img src="60.png" class="imgRz">
+<p>Once you've paid, download the .ovpn file to connect via vpn:</p>
+<img src="61.png" class="imgRz">
+<p>Then unzip and let's now make sure the vpn goes through tor:</p>
+<img src="62.png" class="imgRz">
+<img src="63.png" class="imgRz">
+<p>To do that we need to make sure the VPN goes through the local SOCKS port 9050, and to mention the entry node which is the gateway 10.152.152.10:</p>
+<img src="66.png" class="imgRz">
+<p>before we launch it keep in mind this:</p>
+<img src="67.png" class="imgRz">
+<p>Then launch the VPN and you can then see that you no longer have a tor exit node IP:</p>
+<img src="68.png" class="imgRz">
+<img src="69.png" class="imgRz">
+<p>Now check your ip from Firefox, not the tor browser:</p>
+<img src="70.png" class="imgRz">
+<p>You can also check if there are any DNS leaks:</p>
+<img src="71.png" class="imgRz">
+<p>here we see the test revealed a dns ip leak, but upon checking (in shodan.io) we see that it's a tor exit IP address:</p>
+<img src="72.png" class="imgRz">
+<p>We can also check if there are any WebRTC leaks:</p>
+<img src="73.png" class="imgRz">
+<p>and there we see that there are no webRTC leaks either, so it's all good.</p>
+<p>To make sure the vpn is started automatically we can make it a systemd service:</p>
+<pre><code class="nim">
+root@workstation:~# cat /etc/systemd/system/vpn.service
+[Unit]
+Description=VPN
+After=network-online.target
+Wants=network-online.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=simple
+WorkingDirectory=/home/user/Desktop/mullvad_config_linux_nl_ams/
+ExecStart=/usr/sbin/openvpn /home/user/Desktop/mullvad_config_linux_nl_ams/mullvad_nl_ams.conf
+ExecStop=kill -9 $(pidof openvpn)
+Restart=always
+
+root@workstation:~# systemctl daemon-reload ; systemctl enable --now vpn.service ; systemctl restart vpn.service
+
+</pre></code>
+<img src="103.png" class="imgRz">
+<p>Now thanks to that, you can still browse websites anonymously in case if they block tor exit nodes. However as stated above, make sure that you leave the rest of your Anonymous use in the regular Whonix VM, as there is no stream isolation in the Whonix-Workstation-VPN VM.</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="anonb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/opsec/whonix/index.html b/opsec/whonix/index.html
index 2ce4474..214f4b0 100644
--- a/opsec/whonix/index.html
+++ b/opsec/whonix/index.html
@@ -378,7 +378,7 @@ Domain 'Whonix-Workstation' defined from Whonix-Workstation-XFCE-16.0.9.0.xml
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/opsec/whonixqemuvms/index.html b/opsec/whonixqemuvms/index.html
index 83f042d..9134fc9 100644
--- a/opsec/whonixqemuvms/index.html
+++ b/opsec/whonixqemuvms/index.html
@@ -313,7 +313,7 @@ Domain 'Whonix-Workstation' defined from Whonix-Workstation.xml
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/0/index.html b/productivity/0/index.html
index 71f3d74..f0444a3 100644
--- a/productivity/0/index.html
+++ b/productivity/0/index.html
@@ -132,7 +132,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/coldshowers/1.jpg b/productivity/coldshowers/1.jpg
new file mode 100644
index 0000000..071bfec
Binary files /dev/null and b/productivity/coldshowers/1.jpg differ
diff --git a/productivity/coldshowers/index.html b/productivity/coldshowers/index.html
index 9612fdb..f48532e 100644
--- a/productivity/coldshowers/index.html
+++ b/productivity/coldshowers/index.html
@@ -62,7 +62,8 @@
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a>
 <h1>Cold Exposure: Where Discipline takes over Comfort </h1>
-<p>What the body and mind doesn't want, but actually needs. The perfect discipline practice. </p>
+<img src="1.jpg" class="imgRz">
+<p>What the body and mind don't want, but actually needs. The perfect discipline practice. </p>
           
 	       </div>
 			</div><!-- /row -->
@@ -186,7 +187,7 @@ Exhalation: I need nothing
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/diet-n-mental-health/index.html b/productivity/diet-n-mental-health/index.html
index 53e4a1c..edf566d 100644
--- a/productivity/diet-n-mental-health/index.html
+++ b/productivity/diet-n-mental-health/index.html
@@ -413,7 +413,7 @@
 	<li><p><b>How friction-free is the digestion ?</b></p></li>
 	<li><p><b>How energetic and alive your body feels after digesting it ?</b></p></li>
 </ol>
-<p>You will see after experimenting a bit, that <b>your body digests best what is furthest away from you from an evolutionnary perspective.</b> Try out eating only meat for one meal and observe how your body feels, based off the above 3 criterias. You'll see that it takes forever to digest that kind of food, the body will be dragged down by the inertia caused by the digestion itself, and you won't feel energetic at all you'll most likely want to sleep (even though you cannot properly sleep and properly digest at the same time). And as a counter example, see what how your body feels after eating what i recommend below:</p>
+<p>You will see after experimenting a bit, that <b>your body digests best what is furthest away from you from an evolutionnary perspective.</b> Try out eating only meat for one meal and observe how your body feels, based off the above 3 criterias. You'll see that it takes forever to digest that kind of food, the body will be dragged down by the inertia caused by the digestion itself, and you won't feel energetic at all you'll most likely want to sleep (even though you cannot properly sleep and properly digest at the same time). And as a counter example, see how your body feels after eating what i recommend below:</p>
 
 <p>If your <b>body feels agile and alive</b> and it <b>doesn't take long to digest</b>, your body is telling you that <b>this is good food</b> because it is not building up inertia, but rather it is making it feel alive and well. Inertia is not what you are looking for when you want to live, as death basically is total inertia. You need aliveness, energy and agility.</p>
 <p>On top of that, the more intertia you make your body go through while eating, the more you will need to sleep for your body to repair the damage done that has been done. But if you eat the right kind of food, your sleep quota will go down, as there will be less damage done to the body, meaning less maintenance to do on the body, meaning less sleep will be required.</p>
@@ -450,7 +450,7 @@
                     <h4>Nihilism</h4>
                     <p>
                         Until there is Nothing left.</p></br></br>
-                    <p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+                    <p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 
                     </p>
                 </div><!-- /col-lg-4 -->
diff --git a/productivity/discipline/index.html b/productivity/discipline/index.html
index 6b240cc..1b8d204 100644
--- a/productivity/discipline/index.html
+++ b/productivity/discipline/index.html
@@ -135,7 +135,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/graphs/index.html b/productivity/graphs/index.html
index bfd4722..5f40d8f 100644
--- a/productivity/graphs/index.html
+++ b/productivity/graphs/index.html
@@ -131,7 +131,7 @@ draw.io/now 24.7.17 amd64 [installed,local]
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/index.html b/productivity/index.html
index 650c9ad..ed87975 100644
--- a/productivity/index.html
+++ b/productivity/index.html
@@ -92,6 +92,7 @@
 <li><a href="macrotime/index.html">✅ Macro Time Management: Project Priorization and Calendar Scheduling</a></li>
 <li><a href="microworkflow/index.html">✅ Micro Workflow: Todo Listing, Contextualizing, and Ordering Tasks </a></li>
 <li><a href="kanban/index.html">✅ Collaborative Project Management (Kanban in Gitea)</a></li>
+<li><a href="zeroemail/index.html">✅ Zero Email Workflow (in Thunderbird)</a></li>
 </ol>
 </div>
 
@@ -107,10 +108,10 @@
 
 <div style="float: left; width: 100%;">
 <ol>
-<li><a href="morningroutine/index.html">✅ The Morning Routine</a></li>
-<li><a href="mentalopti/index.html">✅ Workspace Preparation: Mental Energy Optimisation</a></li>
 <li><a href="pomodoro/index.html">✅ Pomodoro Focus times (Intentional pauses to prevent burnouts)</a></li>
-<li><a href="zeroemail/index.html">✅ Zero Email Workflow (in Thunderbird)</a></li>
+<li><a href="mentalenergy/index.html">✅ Mental Energy: How good are you at spending it ?  </a></li>
+<li><a href="mentalopti/index.html">✅ Workspace Preparation: Mental Energy Optimisation</a></li>
+<li><a href="morningroutine/index.html">✅ The Morning Routine</a></li>
 </ol>
 </div>
 
@@ -154,7 +155,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/kanban/index.html b/productivity/kanban/index.html
index 1c54974..a77a70c 100644
--- a/productivity/kanban/index.html
+++ b/productivity/kanban/index.html
@@ -249,7 +249,7 @@ branch 'main' set up to track 'origin/main'.
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/macrotime/index.html b/productivity/macrotime/index.html
index cc82258..802cd64 100644
--- a/productivity/macrotime/index.html
+++ b/productivity/macrotime/index.html
@@ -157,7 +157,7 @@ For yourself (2)
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/macroworkflow/index.html b/productivity/macroworkflow/index.html
index 607b31f..2ea259d 100644
--- a/productivity/macroworkflow/index.html
+++ b/productivity/macroworkflow/index.html
@@ -206,7 +206,7 @@ For yourself (2)
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/mentalenergy/1.png b/productivity/mentalenergy/1.png
new file mode 100644
index 0000000..7d85a61
Binary files /dev/null and b/productivity/mentalenergy/1.png differ
diff --git a/productivity/mentalenergy/2.png b/productivity/mentalenergy/2.png
new file mode 100644
index 0000000..2660a0a
Binary files /dev/null and b/productivity/mentalenergy/2.png differ
diff --git a/productivity/mentalenergy/3.png b/productivity/mentalenergy/3.png
new file mode 100644
index 0000000..2ad01ac
Binary files /dev/null and b/productivity/mentalenergy/3.png differ
diff --git a/productivity/mentalenergy/index.html b/productivity/mentalenergy/index.html
new file mode 100644
index 0000000..65590cf
--- /dev/null
+++ b/productivity/mentalenergy/index.html
@@ -0,0 +1,158 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
+
+    <title>Mental Energy: How good are you at spending it ?</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="../../assets/css/bootstrap.css" rel="stylesheet">
+	<link href="../../assets/css/xt256.css" rel="stylesheet">
+    
+    
+
+    <!-- Custom styles for this template -->
+    <link href="../../assets/css/main.css" rel="stylesheet">
+
+    
+
+    <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
+      <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <!-- Static navbar -->
+    <div class="navbar navbar-inverse-productivity navbar-static-top">
+      <div class="container">
+        <div class="navbar-header">
+          <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+            <span class="icon-bar"></span>
+          </button>
+          <a class="navbar-brand-productivity" href="\index.html">The Nihilism Blog</a>
+        </div>
+        <div class="navbar-collapse collapse">
+          <ul class="nav navbar-nav navbar-right">
+
+            <li><a  href="/about.html">About</a></li>
+            <li><a  href="/blog.html">Categories</a></li>
+<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
+            <li><a  href="/contact.html">Contact</a></li>
+          </ul>
+        </div><!--/.nav-collapse -->
+        
+      </div>
+    </div>
+
+	<!-- +++++ Posts Lists +++++ -->
+	<!-- +++++ First Post +++++ -->
+	<div id="productivity2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+  					<a href="../index.html">Previous Page</a>
+<h1>Mental Energy: How good are you at spending it ? </h1>
+          
+	       </div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /grey -->
+
+	<!-- +++++ Second Post +++++ -->
+	<div id="productivity3">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>Your Mental Energy is like Money </b></h2>
+<p>As the title of this section suggests, your dopamine levels (or mental energy to make it simpler) is just like having money, except the payday happens every day once you finish sleeping.</p>
+<img src="1.png" class="imgRz">
+<p>So you wake up, you got a good night sleep, and it's payday, you have 100% of your daily brain money to spend throughout the day. If you follow the <a href="../pomodoro/index.html">Pomodoro workflow</a> to the letter for 2 whole Working sessions, you should be able to work as described above, with a total of 8 Working Cycles, that are 25 minutes long each.</p>
+<p>In the end, <b>you responsibly spent your money gradually throughout the day</b>, because you didn't seek pleasure, you only worked and whenever you needed to rest you correctly did the mental reset to make sure you could do the next work cycle without overworking yourself.</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+  <div id="productivity2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>To seek pleasure, is to spend your money irresponsibly</b></h2> </br> </br>
+<p>Now it's the next day, you got a good night sleep and started to work, after a while you reset, then you work again, <b>but this time you take a wrong turn and you feel like you need to escape the discomfort.</b></p>
+<img src="2.png" class="imgRz">
+<p>This time you didn't correct yourself to switch back to the "I need to reset" mindset, you've entered the addiction cycle, <b>essentially you're giving in to the pursuit of pleasure</b>.</p>
+<img src="../pomodoro/7.png" class="imgRz">
+<p>The problem is that when you are seeking pleasure, when you do get that spike in dopamine (meaning you are feeling alot of pleasure in one go), <b>it's as if you are burning alot of money in one go.</b> After you've felt that big amount of pleasure, that mental money you had before is gone, <b>you now have to go through the day with less mental energy</b>. </p>
+<p>In other words, <b>by seeking pleasure you just spent your money irresponsibly</b>, and now it's going to be much harder and discouraging to keep working the rest of the day, unlike how it would have been if you didn't indulge in addiction.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="productivity1">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>How to invest the money and reap the benefits ?</b></h2> </br> </br>
+<p>Now it's the next day again, you got a good night sleep, you have 100% of your brain energy to use for the day. But there's an evolutionary trick that you can do to get even more money, at a cost. The trick is to do <a href="../coldshowers/index.html">cold exposure</a>, for example to take a cold shower right after waking up: </p>
+<img src="3.png" class="imgRz">
+<p>Essentially you can see this as <b>investing your brain money</b>, rather than burning it away. This damn cold shower definitely does not feel good, hence it temporarily lowers your dopamine levels, as if you were spending it, but rather you are investing it, <b>because you're going to reap the benefits of a 250% dopamine boost which will last for at least 2 hours</b> (<a href="https://www.psychologytoday.com/us/blog/talking-about-trauma/202408/ice-baths-for-mental-health-show-promise">source</a>). </p>
+<p>This means, that if you're willing to bear with that extra discomfort of the cold shower right after waking up, you're going to be able to start your day with more than twice more mental energy than you normally would, this means that you're going to be able to get alot more done during the day than you normally would if you hadn't taken the cold shower.</p>
+
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+	<!-- +++++ Footer Section +++++ -->
+
+	<div id="productivityb">
+		<div class="container">
+			<div class="row">
+				<div class="col-lg-4">
+					<h4>Nihilism</h4>
+          <p>
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
+						
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>My Links</h4>
+					<p>
+
+						<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://simplex.chat/contact#/?v=2-7&smp=smp%3A%2F%2FL5jrGV2L_Bb20Oj0aE4Gn-m5AHet9XdpYDotiqpcpGc%3D%40nowhere.moe%2FH4g7zPbitSLV5tDQ51Yz-R6RgOkMEeCc%23%2F%3Fv%3D1-3%26dh%3DMCowBQYDK2VuAyEAkts5T5AMxHGrZCCg12aeKxWcpXaxbB_XqjrXmcFYlDQ%253D&data=%7B%22type%22%3A%22group%22%2C%22groupLinkId%22%3A%22c3Y-iDaoDCFm6RhptSDOaw%3D%3D%22%7D">SimpleX Chat</a><br/>
+
+					</p>
+				</div><!-- /col-lg-4 -->
+
+				<div class="col-lg-4">
+					<h4>About nihilist</h4>
+					<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
+				</div><!-- /col-lg-4 -->
+
+			</div>
+
+		</div>
+	</div>
+
+
+    <!-- Bootstrap core JavaScript
+    ================================================== -->
+    <!-- Placed at the end of the document so the pages load faster -->
+    
+  </body>
+</html>
diff --git a/productivity/mentalopti/index.html b/productivity/mentalopti/index.html
index a8b7227..f45f0fd 100644
--- a/productivity/mentalopti/index.html
+++ b/productivity/mentalopti/index.html
@@ -198,7 +198,7 @@ PING youtube.com (127.0.0.1) 56(84) bytes of data.
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/microworkflow/index.html b/productivity/microworkflow/index.html
index 6ccd0cc..4c07233 100644
--- a/productivity/microworkflow/index.html
+++ b/productivity/microworkflow/index.html
@@ -200,7 +200,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/morningroutine/index.html b/productivity/morningroutine/index.html
index edd35b2..ae97ff3 100644
--- a/productivity/morningroutine/index.html
+++ b/productivity/morningroutine/index.html
@@ -65,6 +65,7 @@
 <p>To give you a little introduction on this routine, first note down that this is intentionally designed to be uncomfortable. I am aware that not everyone will want to wake up at 6 o clock in the morning on a sunday and take a cold shower at 7 o clock. But the reason i am doing this ties back to the <a href="../discipline/index.html">discipline</a> i am building and refining every day, see <a href="../opus-nihil/index.html">Opus Nihil</a>. </p>
 <p>We, as humans are different from animals because we are able to choose to go beyond our instincts, while animals are unable to. It is our ability to choose, and to use tools that is making us the peak of evolution on this planet. <b>But the less you are exerting your ability to choose, and to use your body and mind as your own tools, the less you are human</b>. We are "Human beings" only when we know how to be, if you don't know how to be, then you're just a "human creature", no different from the rest of the animal kingdom.</p>
 <p>This routine, although it may seem to be very simplistic, has 2 key elements in it. <b>You will wake up early every day, even on the weekends</b>, and you will take an <b>uncomfortably cold shower</b> shortly after waking up. Nobody in their right mind wants to do that right ?</p>
+<img src="../mentalenergy/3.png" class="imgRz">
 <p>The reason behind it is that the first thing you must do in the morning is <b>exert your ability to choose, no matter what the body or mind wants</b>, we are not talking about building habits in the conventional sense, <b>we are talking about dissolving habits</b>. Normally you would want to wake up later, you would want to turn up the heat. But doing so means that you are giving up control, That is why we are  <b>bringing back control, to dissolve your habits.</b> </p>
 
 <p>There is one thing you need to remember before you start. <b>The first step is the hardest, but the next one is easier, and the next one even easier.</b> Don't underestimate your body and mind's ability to adapt. Personally the hardest part for me was to wake up that early in the weekend, but now, 2 months in, there's nothing hard about it anymore, it is simply part of waking up now.</p>          
@@ -131,17 +132,17 @@ It is ME who must accept it.
 <p>In that situation of stress, see if you can breathe slowly, and through your nose only. If you want to dig deep into yourself, mentally (and slowly, following the breath), repeat the <a href="../nihilism/index.html">Nihilism mantras</a>:</p>
 <p><b><u>The Three Nihilism Mantras:</u></b></p>
 <pre><code class="nim">
-<a href="../sum-nihil/index.html">Sum Nihil:</a> to dissolve your identities
-Inhalation: I am nothing,
-Exhalation: I am noone
+<a href="../opus-nihil/index.html">Opus Nihil:</a> to dissolve your compulsions
+Inhalation: I want nothing,
+Exhalation: I need nothing
 
 <a href="../scio-nihil/index.html">Scio Nihil:</a> to dissolve your beliefs
 Inhalation: I know nothing,
 Exhalation: I know nothing else
 
-<a href="../opus-nihil/index.html">Opus Nihil:</a> to dissolve your compulsions
-Inhalation: I want nothing,
-Exhalation: I need nothing
+<a href="../sum-nihil/index.html">Sum Nihil:</a> to dissolve your identities
+Inhalation: I am nothing,
+Exhalation: I am noone
 
 </code></pre> 
 <p>You can repeat them a few times, then once you're done, it should be around 6h45, leaving you 15 minutes to get dressed and leave to go to work. </p>
@@ -160,7 +161,7 @@ Exhalation: I need nothing
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/nihilism/index.html b/productivity/nihilism/index.html
index 0c72cf0..4e90ddf 100644
--- a/productivity/nihilism/index.html
+++ b/productivity/nihilism/index.html
@@ -79,7 +79,7 @@
 <img src="1.png" class="imgRz">
 <pre><code class="nim">
 What you identify with
-What you believe
+What you believe in
 What your compulsions are
 	
 </code></pre>
@@ -139,18 +139,18 @@ After all, everyone's like that, why does it matter if i become like them aswell
 <p>It is composed of 3 Mantras, each are designed to dissolve a facet of your own current way of thinking and your current way of percieving things.</p>
 <p><b><u>The Three Nihilism Mantras:</u></b></p>
 <pre><code class="nim">
-<a href="../sum-nihil/index.html">Sum Nihil:</a> to dissolve your identities
-Inhalation: I am nothing,
-Exhalation: I am noone
+<a href="../opus-nihil/index.html">Opus Nihil:</a> to dissolve your compulsions
+Inhalation: I want nothing,
+Exhalation: I need nothing
 
 <a href="../scio-nihil/index.html">Scio Nihil:</a> to dissolve your beliefs
 Inhalation: I know nothing,
 Exhalation: I know nothing else
 
-<a href="../opus-nihil/index.html">Opus Nihil:</a> to dissolve your compulsions
-Inhalation: I want nothing,
-Exhalation: I need nothing
-	
+<a href="../sum-nihil/index.html">Sum Nihil:</a> to dissolve your identities
+Inhalation: I am nothing,
+Exhalation: I am noone
+
 </code></pre>
 <p>None of those sentences may make sense at first, but in their own way these are all deeply rooted in reality (<b>i have rewritten them more than 50 times over the course of the last 10 years, with daily use</b>). There is a way to percieve each mantra, in a way that makes sense, <u>to give it additional weight as a fundamental reality that shouldn't be forgotten</u>, upon mentally uttering them. </p>
 <ol>
@@ -179,7 +179,7 @@ Exhalation: I need nothing
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/opus-nihil/1.jpg b/productivity/opus-nihil/1.jpg
new file mode 100644
index 0000000..dc9f0a8
Binary files /dev/null and b/productivity/opus-nihil/1.jpg differ
diff --git a/productivity/opus-nihil/2.png b/productivity/opus-nihil/2.png
new file mode 100644
index 0000000..dd78f28
Binary files /dev/null and b/productivity/opus-nihil/2.png differ
diff --git a/productivity/opus-nihil/index.html b/productivity/opus-nihil/index.html
index f977b91..d387804 100644
--- a/productivity/opus-nihil/index.html
+++ b/productivity/opus-nihil/index.html
@@ -62,6 +62,8 @@
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a>
 <h1>Opus Nihil: Dissolving Compulsions </h1>
+<img src="1.jpg" class="imgRz">
+<p>In this tutorial we're going to take a look at the first Nihilism mantra that you need to know, as it is the one that will help you regain, maintain and reinforce your ability to control yourself, as it is a crucial tool to have in order to be able to unwind addictions, in order to move from compulsive behavior, towards conscious action.</p>
 <pre><code class="nim">
 Underground, I sat next to the crystal-clear lake, sublime, untouched, pure.
 It doesn't need anything, besides being contemplated for it's own beauty.
@@ -177,7 +179,7 @@ Exhalation: "I need nothing"
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/pomodoro/6.png b/productivity/pomodoro/6.png
new file mode 100644
index 0000000..d52cb55
Binary files /dev/null and b/productivity/pomodoro/6.png differ
diff --git a/productivity/pomodoro/7.png b/productivity/pomodoro/7.png
new file mode 100644
index 0000000..b821c57
Binary files /dev/null and b/productivity/pomodoro/7.png differ
diff --git a/productivity/pomodoro/index.html b/productivity/pomodoro/index.html
index 7ff8081..470041c 100644
--- a/productivity/pomodoro/index.html
+++ b/productivity/pomodoro/index.html
@@ -103,17 +103,18 @@ Recommended break:
 2) slow down and deepen your breath
 3) mentally, go over the 3 nihilism mantras for 5 minutes at least:
 
-<a href="../sum-nihil/index.html">Sum Nihil:</a> to dissolve your identities
-Inhalation: I am nothing,
-Exhalation: I am noone
+<a href="../opus-nihil/index.html">Opus Nihil:</a> to dissolve your compulsions
+Inhalation: I want nothing,
+Exhalation: I need nothing
 
 <a href="../scio-nihil/index.html">Scio Nihil:</a> to dissolve your beliefs
 Inhalation: I know nothing,
 Exhalation: I know nothing else
 
-<a href="../opus-nihil/index.html">Opus Nihil:</a> to dissolve your compulsions
-Inhalation: I want nothing,
-Exhalation: I need nothing
+<a href="../sum-nihil/index.html">Sum Nihil:</a> to dissolve your identities
+Inhalation: I am nothing,
+Exhalation: I am noone
+
 
 </pre></code>
 <p>In my opinion, this is the most efficient break you can take. As you are intentionally winding down your brain activity, on top of mentally dissolving what you were previously working on, and shifting your focus on something else (here, the slowing and deepening of breath and thoughts). If you do it right (meaning, if you managed to dig deep enough), <b>the moment you open your eyes again, you should rediscover what you were working on, as if it was the first time, with a completely fresh view on it.</b></p>
@@ -122,17 +123,37 @@ Exhalation: I need nothing
 			</div><!-- /row -->
 	    </div> <!-- /container -->
 	</div><!-- /white -->
-
-
   <!-- +++++ Second Post +++++ -->
 	<div id="productivity1">
 	    <div class="container">
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
-          <h2><b>How do i do it ?</b></h2> </br> </br>
-<p>To make it simple (and not require an actual timer), just look at the digital clock on your computer:</p>
+          <h2><b>There is no Escape</b></h2> </br> </br>
+<p>Now, you need to be extra-careful whenever you are finishing a work cycle, because this is when the discomfort is at it's peak, and that's where you are most likely to indulge in addiction:</p>
+<img src="6.png" class="imgRz">
+<p>This is going to require attention, and training but it will get easier over time, <b>you need to get over this habit of "wanting to escape the discomfort"</b>. Wanting to escape is weakness, it is giving up, it is failure, it is abandoning your duty. The "escape" can be many things, such as substance abuse (nicotine is most common), or simply social media, or viewing adult content, this is where you are suceptible to fall back into pleasure seeking, and right before you start to indulge in addictions, that is where <b>you need to make sure you do not enter the addiction cycle.</b></p>
+
+<p>You need to remind yourself, that there is no escape, there is no plan B, <b>the only way out of this, is through</b>. One way or another, you're going to finish the work, but to do that, you need to take a break, or in other words you first <b>need to reset the mind.</b></b></p>
+<img src="7.png" class="imgRz">
+
+<p>Whenever you are finishing a work cycle, if you're still returning to <b>"i want to escape"</b>, you need to consciously shift your thinking to <b>"there is no escape"</b>, to <b>"i need to reset"</b></p>
+<p>With enough training, once you have accepted that there is no way out, your thinking pattern should go working <b>Working</b>, to <b>"I need to reset"</b>, performing your mental reset, <b>and then going back to Work.</b>  That way you are cutting out all possibility of addiction, especially when you are comfronting yourself with discomfort.</p>
+				</div>
+			</div><!-- /row -->
+	    </div> <!-- /container -->
+	</div><!-- /white -->
+
+
+
+  <!-- +++++ Second Post +++++ -->
+	<div id="productivity2">
+	    <div class="container">
+			<div class="row">
+				<div class="col-lg-8 col-lg-offset-2">
+          <h2><b>How do i know i need to take a break ?</b></h2> </br> </br>
+<p>Either you are self-aware enough to know when you are feeling overworked, and you'd do the reset instinctiviely, or if you're not self-aware enough i recommend to just look at the nearest clock:</p>
 <img src="4.png" class="imgRz">
-<p>Whenever it strikes <b>"minute 55"</b> or <b>"minute 25"</b> it is time to take a break. </p>
+<p>Whenever it strikes <b>"minute 55"</b> or <b>"minute 25"</b> it is time to take a 5 minute break. </p>
 <img src="5.png" class="imgRz">
 <p><b>The first 3 breaks</b> will last <b>5 minutes</b>, and if it is your <b>fourth break</b>, it will last <b>35 minutes</b>.</p>
 <pre><code class="nim">
@@ -150,7 +171,7 @@ FIRST WORKING SESSION:
 -8h55 : 35 minute long break
 	
 </code></pre>
-<p>During the long break i also recommend doing the nihilism meditation, in order to dig deep into yourself, to recover on a deeper level. Another way of doing it is to go out for a walk, as the reasoning is the same, you are intentionally changing the context, changing what you are doing, and lowering the mental effort as much as possible, so that your brain may integrate what you were doing, and recover from it.</p>
+<p>During the each break recommend doing the nihilism meditation, in order to dig deep into yourself, and to recover on a deeper level. Another way of doing it is to go out for a walk, as the reasoning is the same, you are intentionally changing the context, changing what you are doing, and lowering the mental effort as much as possible, so that your brain may integrate what you were doing, and recover from it.</p>
 
 <p>And then you can repeat the working cycle once again after the 35 minute break is over:</p>
 <pre><code class="nim">
@@ -175,6 +196,7 @@ SECOND WORKING SESSION:
 	    </div> <!-- /container -->
 	</div><!-- /white -->
 
+
 	<!-- +++++ Footer Section +++++ -->
 
 	<div id="productivityb">
@@ -183,7 +205,7 @@ SECOND WORKING SESSION:
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/productivity2.png b/productivity/productivity2.png
index a55b061..3995f0e 100644
Binary files a/productivity/productivity2.png and b/productivity/productivity2.png differ
diff --git a/productivity/reflecting/index.html b/productivity/reflecting/index.html
index 9bb156e..894a419 100644
--- a/productivity/reflecting/index.html
+++ b/productivity/reflecting/index.html
@@ -163,7 +163,7 @@ To be showcased:
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/rightthing/index.html b/productivity/rightthing/index.html
index 0803ce1..fab7057 100644
--- a/productivity/rightthing/index.html
+++ b/productivity/rightthing/index.html
@@ -123,18 +123,16 @@
 	-Substance abuse (alcohol / smoking / drugs)
 	-Shopping
 -To Control:
-	-Sports
-	-Voting
-	-Activism
 	-Running an online community
 	-Regulating / Passing Laws / Enforcing laws (for governments)
+	-Acting like a dictator with your own relatives
 
 </code></pre>
 <p>No shame in acting out of self interest, but you need to realize what it ultimately is about.</p>
 <p>Acting out of survival is the most common thing to do, and it's not just us humans, literally every living being out there is doing it. But there has been an unecessary glorification of survival that has been going around, humanity has been raising the bar for it's own survival for no reason, it's been raised so much that people need to work their entire lives for someone else just to keep their right to live. Surviving is a trivial thing even for the smallest creatures on the planet, don't make such a big fuss about it.</p>
 <p>To indulge in pleasure is the next best thing that people know, and that is what is preventing them from doing anything meaningful their whole lives. One extreme example is opioid addiction, the feeling you get during that first high is so unbelievably pleasant, it feels like arriving in heaven, nothing comes close to it. <b>But to chase that high everyday is going to cost you everything, and you will keep trying to fill that insatiable addiction even when you end up on the streets.</b> Now you may not have chosen that kind of a caliber to feel pleasure, but you may have found some smaller weapons to shoot yourself in the foot with, such as junk food, nsfw content, ligher substance abuses, or just video games. make no mistake you can remain hooked on those your entire life.</p>
 
-<p>And lastly, you may have chosen to indulge in trying to extend your Control, it can take many forms such as trying to control your body and brain with sports, to trying to control what's around you by doing activism, or running an online community. Or if you are in the governmental / law enforcement sector it could just be making efforts to control the public order. </p>
+<p>And lastly, you may have chosen to indulge in trying to extend your Control, it can take many forms such as trying to control what's around you by doing activism, or running an online community. Or if you are in the governmental / law enforcement sector it could just be making efforts to control the public order, some act like dictators on their own relatives too! </p>
 <pre><code class="nim">
 "We buy things we don’t need, with money we don’t have, to impress people we don’t like.”
 
@@ -200,7 +198,7 @@ Honorable reasons:
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/scio-nihil/3.jpg b/productivity/scio-nihil/3.jpg
new file mode 100644
index 0000000..882341b
Binary files /dev/null and b/productivity/scio-nihil/3.jpg differ
diff --git a/productivity/scio-nihil/index.html b/productivity/scio-nihil/index.html
index 9009294..4c45180 100644
--- a/productivity/scio-nihil/index.html
+++ b/productivity/scio-nihil/index.html
@@ -62,6 +62,8 @@
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a>
 <h1>Scio Nihil: Dissolving Beliefs </h1>
+<img src="3.jpg" class="imgRz">
+<p>In this tutorial we're going to take a look at the second Nihilism mantra that you need to know, as it is the one that will ensure you remain open to the possibility of knowing. It is used to trim away beliefs, to be able to undo all distortions that one may have upon his own perception.</p>
 <pre><code class="nim">
 One day, Aristotle was walking on the beach. A glorious sunset was happening, but he had no time for such petty daily events. He was thinking seriously about some great problem of existence, because for Aristotle, existence is a problem, and he believes he is going to solve it. Thinking seriously, he was walking up and down the beach. There was another man on the beach who was doing something very intensely – so intensely that even Aristotle could not ignore him.
 
@@ -172,7 +174,7 @@ Exhalation: "I know nothing else"
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/sum-nihil/1.png b/productivity/sum-nihil/1.png
new file mode 100644
index 0000000..e308b90
Binary files /dev/null and b/productivity/sum-nihil/1.png differ
diff --git a/productivity/sum-nihil/index.html b/productivity/sum-nihil/index.html
index ad901a3..7dd8976 100644
--- a/productivity/sum-nihil/index.html
+++ b/productivity/sum-nihil/index.html
@@ -62,7 +62,8 @@
 				<div class="col-lg-8 col-lg-offset-2">
   					<a href="../index.html">Previous Page</a>
 <h1>Sum Nihil: Dissolving the Self </h1>
-<p>As the intellect is the knife, the identities that you have picked up are the hands that wield that knife.</p>
+<img src="../opus-nihil/2.png" class="imgRz">
+<p>In this tutorial we're going to take a look at the third nihilism mantra, which the most important one. It's purpose is manifold, where you are trimming away all of the false identities you have picked up, releasing your intellect from being a chaotic mess, and undoing the remaining perception distortions you may still have, to restore the clarity you once had.</p>
 <pre><code class="nim">
 Just because it’s sharp, it does not mean it’ll be effective because sharp intellect or a sharp knife can cause any amount of damage to you. 
 If you have a sharp knife and you don’t have a steady hand, you will cut yourself all over the place. 
@@ -79,6 +80,7 @@ somehow to take away the sharpness because the damn thing hurts.
 It hurts not because that’s its nature; it hurts because you do not know how to hold it.
 
 </pre></code>
+<p>As the intellect is the knife, the identities that you have picked up are the hands that wield that knife.</p>
           
 	       </div>
 			</div><!-- /row -->
@@ -159,7 +161,7 @@ Exhalation: I am noone
 			<div class="row">
 				<div class="col-lg-8 col-lg-offset-2">
           <h2><b>Anonymity, when you don't matter anymore.</b></h2> </br> </br>
-<p>Suppose you want to start your own blog like i did, what are you doing it for? <a href="../rightthing/index.html">what is the reason behind it ?</a> Are you doing this out of self interest, to grow your fame a little, to get recognition, applause, external validation, squeezing money out of your viewers, or perhaps improving your CV for your IRL carrier ? <b>Or are you doing it because this work needs to be done ?</b></p>
+<p>Suppose you want to start your own blog like i did, what are you doing it for? <a href="../rightthing/index.html">what is the reason behind it ?</a> Are you doing this out of self interest, to grow your fame a little, to get recognition, applause, external validation, squeezing money out of your viewers, or perhaps improving your CV for your IRL career ? <b>Or are you doing it because this work needs to be done ?</b></p>
 <p>Who are you ? Are you someone that works for personal gain ? Or are you someone that works because the work needs to get done ?</p>
 <p>If you go through my blog a bit, you may stumble on anonymous contributions, people that contributed to the blog anonymously. <b>For them, it doesn't matter who did the work, all that matters is that the work gets done.</b> </p>
 <p>This also means that they are not looking for fame, recognition, applause, external validation. After all if you know you are right, why does it matter if people agree or disagree ?</p>
@@ -178,7 +180,7 @@ Exhalation: I am noone
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/yoga/index.html b/productivity/yoga/index.html
index dc23cf2..eedcc49 100644
--- a/productivity/yoga/index.html
+++ b/productivity/yoga/index.html
@@ -131,7 +131,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/productivity/zeroemail/index.html b/productivity/zeroemail/index.html
index 78f7486..c5a0b02 100644
--- a/productivity/zeroemail/index.html
+++ b/productivity/zeroemail/index.html
@@ -149,7 +149,7 @@
 				<div class="col-lg-4">
 					<h4>Nihilism</h4>
           <p>
-						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: No Rights Reserved</br><img src="\CC0.png">
+						Until there is Nothing left.</p></br></br><p>Creative Commons Zero: <a href="../../../../opsec/runtheblog/index.html">No Rights Reserved</a></br><img src="\CC0.png">
 						
 					</p>
 				</div><!-- /col-lg-4 -->
diff --git a/pull.sh b/pull.sh
old mode 100755
new mode 100644
diff --git a/push.sh b/push.sh
index 6c20af7..dfc78fd 100755
--- a/push.sh
+++ b/push.sh
@@ -1,6 +1,5 @@
 #!/bin/bash
-#sudo chown -R nihilist: .
-git config --global user.email "nihilist@contact.nihilism.network"
+git config --global user.email "nihilist@contact.nowhere.moe"
 git config --global user.name "nihilist"
 
 git add -A
diff --git a/pushtoprod.sh b/pushtoprod.sh
old mode 100755
new mode 100644