privazer vs bleachbit  - Activators Patch

As an alternative to the CCleaner, the PrivaZer is positioned, which the manufacturer often makes happy with updates. Ideally, they should accept SIM activation and top-up from the country you live in free space of the disk using a utility such as BleachBit or PrivaZer. Download Patch Auslogics Windows Slimmer Crack When the available space in PrivaZer permanently and irretrievably erases unwanted traces of your past.

: Privazer vs bleachbit - Activators Patch

Privazer vs bleachbit - Activators Patch
Privazer vs bleachbit - Activators Patch
Privazer vs bleachbit - Activators Patch
(尽量)干净,带有惊喜的scoop bucket6512021‑11‑1945.dooteeen/scoop-for-jp: Scoop bucket for ALL Japanese users.911121‑10‑2946.snaphat/alias-additions: Additional aliases for scoop to ease updating and searching for apps.111121‑07‑1647.lptstr/lptstr-scoop: The Scoop bucket for LPTSTR projects.810321‑10‑0848.Ash258/Scoop-NirSoft: WIP: All NirSoft applications and utilities25010121‑11‑1749.wzv5/ScoopBucket: A bucket for Scoop.5110021‑11‑1850.ChungZH/peach: 🍑 A sweet Scoop bucket.

The popular CCleaner is plagued by malware and espionage scandals – plus adware pop-ups. The alternatives offered here sometimes do a lot more.

The CCleaner has gotten out of the negative headlines that overshadowed it in 2018 – but still, not all is well. The manufacturer gave the tool an annoying additional function in 2020 with the “Health Check”. This replaces the classic cleanup. The CCleaner will still be an advertising tool in 2021, as it displays pop-ups. There are also more and more functions that advertise the fee-based CCleaner Professional and that cannot be used with the CCleaner Free, the keywords are the software updater and the driver updater.

The CCleaner has been part of Avast for a long time; the Czech antivirus provider recently became the property of the US antivirus company NortonLifeLock.Even loyal CCleaner fans could have lost their trust in the tuning tool or they could be bothered by the developments. A group of alternative cleanup tools promptly comes to the rescue. Below is a selection to thoroughly clean up Windows 10 and Windows 7 / 8.1.

Alternative registry cleaners often track down more baggage because they also take into account empty registry keys. If you combine several tools, you will even get significantly better cleaning results in total. Incidentally, the tips are ideal in combination with the CCleaner – according to the motto: garbage that one tool cannot find, the other may discover.

As an alternative to the CCleaner, the PrivaZer is positionedwhich the manufacturer often makes happy with updates. The latest version 4.0.30 brings an improved user interface.

CCleaner

CCleaner alternative: WinOptimizer for free

Winoptimizer

Ashampoo WinOptimizer 18 is extensive and thorough(AWO 18),users receive the optimization suite exclusively as a free full version. Equipped with more functions than CCleaner, the program practically follows in the footsteps of the AVG software PC TuneUp. The latter is available for a fee as a subscription – and is based on the TuneUp Utilities set (which were free of subscription fees).

The AVG product is only partially suitable as a CCleaner alternative: If you have lost trust in the CCleaner / Piriform owner Avast, you should avoid it – AVG is ultimately part of Avast due to a takeover. The Ashampoo Winoptimizer 18 costs EUR 49.99. It finds all kinds of junk data, tidies up the Windows startup and services configuration and changes numerous system settings – a separate module configures Windows 10 privacy.

PrivaZer: More privacy by tidying up

With the portable PrivaZer you can scan devices of all kinds for ballast and clear them out. There are scan modes for “Computer”, “Internal storage drive / HDD / SSD”, “External storage drive / HDD / SSD”, “USB stick”, “iPod”, “MP3 player”, “SD memory card” and “Network Storage, NAS”. The tool deletes the contents of the Windows Recent folder, for example.

This shows which files you have recently opened. The removal of the RunMRU chronicle is also beneficial to privacy; Windows uses this to record in the registry which run dialog commands (Windows key and R) have been entered.

In addition to native tools, you can wipe through third-party programs such as Microsoft Edge, Internet Explorer, Firefox, Chrome, Safari, Skype, Trillian, TeamSpeak, Pidgin, Xfire, BurnAware Free, ImgBurn, Acronis True Image and Active ISO Burner. On request, the software sends the TRIM command to SSDs in order to keep the write performance permanently high.

BleachBit: open source software against data garbage

BleachBit is an open source solution for eliminating junk data. A registry cleaner module is missing in the program, which skeptics of such tools should welcome. In CCleaner style, you can free whole or partial areas of your internal hard drive / SSD from ballast. Before you initiate an optimization, a previous scan is recommended. A shredder can be reached via the menu icon at the top left, with which you can call up an open dialog for permanently deleting files and folders. What is interesting about BleachBit is that it allows the compression of program data from Firefox and Google Chrome; theoretically this speeds up the browser start.

Glary Utilities Pro as a free full version

The Glary Utilities Pro are comparable to the AWO 18. What is special here is the 1-click maintenance, which, in addition to standard maintenance, includes an adware and spyware search. If you wish, Windows will shut down automatically after the optimization – useful for saving energy.

FileFusion: More storage space without deleting

FileFusion seems downright magicalon: Without deleting files, the program recovers storage space. For this purpose, the Abelssoft tool identifies so-called duplicates – i.e. multiple existing files. The software removes the doppelgangers, but this content is not lost. Because an automatic system replaces the identified wasted storage space with tricky hard links. Such Windows file system references redirect to the original NTFS drive resource.

In practice, the treated duplicate files work as usual – Windows behaves differently in the background, but users do not notice anything. Normally, hard links are set with command line commands, FileFusion does this for you at the push of a button – you should allow a few seconds to minutes to wait.

Additional cleaners for the file system and registry

The Wise Disk Cleaner helps against memory loss by removing temporary files and cleaning up Windows standard tools. A special feature is the removal of Windows-specific files: if you separate yourself from background images and help files, you will gain the last bit of free space. Glary Disk Cleaner is comparable and automatically begins to search for unnecessary itemssaving time.

Wise Registry Cleaner is recommended as a replacement for the registry cleaner in the CCleaner(WRC). With one of three selectable thoroughness levels, you can find ballast from uninstalled programs, for example, in order to delete them. Changeable system settings (tweaks) promise more speed and stability; Similar to AWO 18 and Glary Utilities Pro, the registry can be defragmented with the WRC.

The Wise Registry Cleaner isn’t the only tweaking tool, there are other such programs – some are even better. In the article ” Windows tweaking: The best free tweaking tools for more individuality ” we go into the corresponding functionality of the WRC as well as the alternatives .

CCleaner: History of the Scandal

Anyone who installed CCleaner 5.33 or CCleaner Cloud in 2018 compromised Windows 32-bit with malicious code. This is not at all clear in a program, especially if it comes from an antivirus provider (Avast) like the CCleaner. A spy function in CCleaner 5.45 was questionable – the manufacturer removed it via an update after user protests; every trace of 5.45 disappeared from the changelog.

In terms of functions, current versions offer the new area “Tools> Software Updater” and the new standard view “Health Check” (previously called “Simple cleanup” and less advertising-intensive). If you want the good old cleaning with setting options, you have to switch to “Advanced cleaning” with a click or select it as the start view – both were unnecessary in the past. In addition, advertising windows are nerve-racking for the user community. This includes windows on Black Friday that already advertised a 50 percent discount.

A tip for the health check: If you want to deactivate it, this works via the Windows registry: Start the registry editor with Windows-R and regeditnavigate there with double- clicks to the key HKEY_LOCAL_MACHINE \ SOFTWARE \ Piriform \ CCleaner and change in the right area the value of the string entry “(Cfg) HealthCheck” from 1 to 0.

This returns the earlier “Simple cleanup” instead of the “Health Check”.Would you like to use the CCleaner with the health check and (!) The simple cleanup? Our exclusive CCleaner Health Check activation switch is recommended for this .

It was once necessary to make the then still hidden health check display available – it was not readily available, but is now used as a standard. The unlock tool is still useful, because it allows you to open two CCleaner windows in one go, one with the old and one with the new view.

CCleaner alternative for Mac

OnyXwhich cleans up the file systemis ideal for cleaning up Mac systems. Since macOS does not have a registry, there is no registry cleaning component.

Finally, as an alternative to CCleaner, Windows Disk Cleanup is an option. Functionally, the tool only offers lean food – but users who view tuning programs critically like that. The start works via Windows-R and cleanmgr .

Источник: https://technoeager.com/ccleaner-alternative-freeware-open-or-full-version/

Is It Time to Trust CCleaner Again?

CCleaner has been around longer than most Windows utility cleaners, and was a go-to recommendation for some time. However, starting in 2017, the software ran into several problems that tarnished its reputation.

This led to many, including us, to recommend that you stop using CCleaner. But that was years ago---how has the app changed, and is it worth using now? Let's take a fresh look.

A Brief History of CCleaner's Problems

In case you're not familiar, CCleaner's issues started in 2017 shortly after developer Piriform was bought by Avast. The 32-bit app version on CCleaner's website was hacked, adding a Trojan to the download, which the company thankfully caught before it became widespread.

Later, the company introduced an "Active Monitoring" feature that collected anonymized data about your usage. This is fairly standard, but the problem was that when you turned the setting off, it re-enabled itself upon a reboot. That update also made CCleaner difficult to close through standard methods.

Finally, in 2018 the app also started ignoring users' preference to disable automatic updates. On top of this, CCleaner's free version regularly nags you to upgrade to the paid version. Have a look at our guide to replacing CCleaner for more history and information.

All of these factors made it feel more like an unwanted program than something that benefits your computer. But now, are these problems cleaned up? And further, is CCleaner even worth using?

What Does CCleaner Offer?

You probably know CCleaner primarily for its PC cleaning capabilities, which is still the core of the software. However, it has several other features and has picked up a new trick or two in the last few years.

CCleaner's Health Check

The new Health Check is what you see upon opening CCleaner. This runs a scan on your PC to show "issues" in four areas:

  • Privacy
  • Space
  • Speed
  • Security

The final two categories are only fixable with a Pro subscription to CCleaner, which we'll discuss later.

Privacy cleans up cookies, browser history, and temporary internet files from the various browsers on your PC. Space cleans out the Recycle Bin, temporary app files, and temporary Windows system files.

Moving on, Speed analyzes startup programs and recommends you disable ones that make a big impact on startup speed. Finally, in Security, CCleaner will detect outdated apps on your system and update them to the latest versions.

You can uncheck specific actions in a category on its respective page if you want to exclude something. Hit Make it better when you're satisfied and CCleaner will process what you requested.

Custom Clean

If you're a CCleaner veteran, the Custom Clean tab will look familiar. This lets you pick and choose exactly what you want to clean up.

The Windows section has Edge and internet Explorer browser data, as well as Windows files like log data, thumbnail caches, and emptying the Recycle Bin. On Applications, you can clear temporary data for other browsers as well as apps like Steam, VLC, and TeamViewer.

Check everything you're interested in cleaning and hit Analyze to see how much space your action will save. If you're satisfied, click Run Cleaner.

The Registry Cleaner

This section is simple: you don't need to use Registry cleaners. While orphaned entries and other minor problems do occur in the Registry over time, there is no good evidence that cleaning the Registry will speed up your computer. In fact, if a Registry cleaner is too zealous, it can actually cause more problems than it solves.

While most people regard CCleaner's Registry cleaner as better than other random ones online, you still don't need to use it. Microsoft's official statement on Registry cleaners recommends staying away from them; don't even bother with this feature of CCleaner.

CCleaner Tools

Rounding out CCleaner's feature set is the Tools tab. Here you'll find several additional utilities of varying usefulness.

The Uninstall tab duplicates the methods for uninstalling provided in Windows, though it does make it easy to save all your installed programs to a text file. Software Updater is another panel for accessing the function mentioned above.

On Startup you can manage your startup items, though it doesn't recommend disabling specific entries like Health Check does. The highlight here is Context Menu, which lets you disable entries from the right-click menu in File Explorer.

Browser Plugins lets you manage extensions in each browser, which is something you can do in your browser already. Disk Analyzer is a basic tool to show where your computer's space is being used, while Duplicate Finder does just what it says.

System Restore simply lets you erase System Restore points. While this is potentially useful for reclaiming space, it's better to just let Windows handle them. And finally, Drive Wiper gives you options to fully erase everything on any drive connected to your PC.

Issues With CCleaner in 2020

After a look around, and a statement from CCleaner's general manager about the company taking cybercrime seriously, we don't have any serious objections to CCleaner's behavior in the latest release. However, there are a few annoyances worth mentioning.

First, when we installed CCleaner's free version, it prompted us to also install AVG Antivirus. While not a malicious program, it's unsavory to have software foisted on you like this. This is especially odd to see since a lot of free software has stopped offering bundled crapware in recent years.

In fact, Microsoft now categorizes CCleaner as a PUA (Potentially Unwanted Application) because of this behavior. Microsoft says that bundling software from other companies "can result in unexpected software activity that can negatively impact user experiences."

While the software updater is one of the best features of CCleaner Professional, it isn't perfect. Because it's not fully automated, you have to click Next in a bunch of dialog boxes to install updates. Also, when we ran the software updater, it worked on WireShark, but upon trying to update Speccy (another product by Piriform) Windows Security blocked CCleaner's action.

The Smart Cleaning feature in CCleaner Professional cleans up files for you at a certain threshold. While convenient, this feature by default also displays a popup box when you close any browser, offering to automatically clean its data. This goes away when you choose an action for the browser at Options > Smart Cleaning, but it's still annoying to see from premium software.

CCleaner Free vs. Professional

We had access to the Professional version of CCleaner for testing, and compared it to the free edition installed on another PC. CCleaner Professional usually costs $24.95 and unlocks several of the features mentioned above.

You need Pro for the following:

  • Disabling startup programs and using the auto-app updater in Health Check
  • Using the Software Updater tool catia v5 torrentz2 - Free Activators
  • Running CCleaner on a schedule
  • Changing Smart Cleaning options, including automatic browser cleaning privazer vs bleachbit - Activators Patch
  • Changing what users CCleaner manages
  • Automatically applying product updates
  • Unchecking the Show offers for our other products option in Privacy

In summary, CCleaner Pro's two biggest draws are automated cleaning and software updating. But do you need those?

Is CCleaner Worth Using?

Aside from the privacy and security issues, most of what we said about CCleaner in 2018 (in the article mentioned earlier) still stands. The only all-new feature, Health Check, is just a more convenient way to clean up data you can select manually in Custom Clean.

To be fair, there is some use to CCleaner. For instance, if you use multiple browsers, it's convenient to remove temporary files from all of them at once. And the Drive Wiper and Software Updater (if you pay for Pro) are useful.

However, you can access a lot of CCleaner's features in other utilities and software. Many of these are free and often do a better job than CCleaner.

For example, Windows's Disk Cleanup handles a lot of what CCleaner's cleaning tools do. TreeSize is a much better disk analyzer and Patch My PC is better at updating software. And some CCleaner tools, like Uninstall and Startup, just duplicate Windows functionality and are thus of little use.

So whether you should use CCleaner depends on your needs. If you rarely run low on disk space, only use one browser, and don't mind updating software manually, then there's really no need for you to use it. You can use Windows cleaning options and other third-party tools that do a better job at tasks like finding duplicate files.

In short: CCleaner isn't worthless, but most users probably don't need it. We don't plan to keep it on our system after this review.

Keep Your PC Clean

We've evaluated CCleaner for use in 2020, but keep in mind it's far from the only tool for PC cleanup. If you insist on using an all-in-one utility, BleachBit is a solid alternative that's completely free.

Otherwise, follow our step-by-step guide to cleaning Windows 10 and you should have no problem keeping your PC free of unnecessary files.

Image Credit: focal point/Shutterstock

The 7 Best Smart TVs in 2021

Although most TVs are now Smart TVs, some are better than others. We've found the best Smart TVs to get you started.

Read Next

ShareTweetEmail

About The Author
Ben Stegner (1785 Articles Published)

Ben is a Deputy Editor and the Onboarding Manager at MakeUseOf. He left his IT job to write full-time in 2016 and has never looked back. He's been covering tech tutorials, video game recommendations, and more as a professional writer for over seven years.

More From Ben Stegner

Subscribe to our newsletter

Join our newsletter for tech tips, reviews, free ebooks, and exclusive deals!

Click here to subscribe

Источник: https://www.makeuseof.com/tag/time-trust-ccleaner/

The Hitchhiker’s Guide to Online Anonymity - Version 0.9.4 - May 2021 [Version 0.9.4, Version 0.9.4 ed.] 1234950554

File loading please wait.
Citation preview

The Hitchhiker’s Guide to Online Anonymity (Or “How I learned to start worrying and love privacy”) Version 0.9.4 (draft), May 2021 by AnonymousPlanet. This guide is a draft work in progress. While I am working constantly to improve the content, general structure, and readability, it will never be “done” and some parts might be incomplete as of this release. Remember to check frequently for a new version of this guide. This guide is a non-profit open-source initiative, licensed under Creative Commons Attribution 4.0 International (ccby-4.0 [Archive.org]). Find it online at: • Original: https://anonymousplanet.org [Archive.org] [Archive.today] • Mirror: https://mirror.anonymousplanet.org [Archive.org] [Archive.today] • Tor Mirror: http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion • Archive.today over Tor: http://archivecaslytosk.onion/anonymousplanet.org/guide.html PDF versions (best format for the best readability) of this guide at: • Light Theme: https://anonymousplanet.org/guide.pdf [Mirror] [Archive org] [Tor Mirror] • Dark Theme: https://anonymousplanet.org/guide-dark.pdf [Mirror] [Archive.org] [Tor Mirror] • Both at CryptPad.fr https://cryptpad.fr/drive/#/2/drive/view/Ughm9CjQJCwB8BIppdtvj5zy4PyE8Gxn11x9zaqJLI/ Feel free to submit issues using GitHub Issues at: https://github.com/AnonymousPlanet/thgtoa/issues Feel free to discuss ideas at: • GitHub Discussions: https://github.com/AnonymousPlanet/thgtoa/discussions • Reddit: https://old.reddit.com/r/thgtoa/ • Matrix/Element: ```#online-anonymity:matrix.org``` • Telegram Channel: https://t.me/thgtoa • Discord Server: https://discord.gg/XGFfGtJmXd (Note that none of these are actively moderated or end-to-end encrypted, be careful) Follow me on: • •

Twitter at https://twitter.com/AnonyPla (cannot guarantee this account will stay up for long tho) Mastodon at https://mastodon.online/@anonypla.

There are several ways you could read this guide: •

• •

You want to understand the current state of online privacy and anonymity not necessarily get too technical about it: Just read the Introduction, Requirements, Understanding some basics of how some information can lead back to you and how to mitigate those and A final editorial note sections. You want to do the above but also learn how to remove some online information about you: Just read the above and add the Removing some traces of your identities on search engines and various platforms. You want to do the above and create online anonymous identities online safely and securely: Read the whole guide.

Please note that: •

This guide does mention and even recommends some commercial services in some sections (such as VPNs, CDNs, and hosting providers) but is not endorsed or sponsored by any of them in any way. There are no referral links and no commercial ties with any of these providers. This project is 100% non-profit.







All external links to Documents/Files have an [Archive.org] link next to them for accessing content through Archive.org for increased privacy and in case the content goes missing. It is possible some links are not yet archived or outdated on archive.org in which case I encourage you to ask a new save if possible. See the live addresses for up-to-date information. All external links to YouTube Videos have an [Invidious] link next to them for accessing content through an Invidious Instance (in this case yewtu.be hosted in the NL) for increased privacy. See https://github.com/ivorg/invidious [Archive.org] for more information. If you are reading this in PDF format, you will be seeing plenty of ``` in place of double quotes (“”). These ``` should be ignored and are just there to facilitate conversion into Markdown/HTML format for on-line viewing.

Table of Contents Requirements: . 7 Introduction: . 7 Understanding some basics of how some information can lead back to you and how to mitigate some: . 10 Your Network: . 10 Your IP address:. 10 Your DNS requests: . 11 Your RFID enabled devices: . 15 The Wi-Fis and Bluetooth devices around you: . 15 Malicious/Rogue Wi-Fi Access Points: . 16 Your Anonymized Tor/VPN traffic: . 17 Some Devices can be tracked even when offline: . 19 Your Hardware Identifiers: . 19 Your IMEI and IMSI (and by extension, your phone number): . 19 Your Wi-Fi or Ethernet MAC address: . 21 Your Bluetooth MAC address: . 21 Your CPU: . 22 Your Operating Systems and Apps telemetry services: . 22 Your Smart devices in general: . 23 Yourself: . 24 Your Metadata including your Geo-Location: . 24 Your Digital Fingerprint, Footprint, and Online Behavior: . 24 Your Clues about your Real Life and OSINT: . 26 Your Face, Voice, Biometrics and Pictures: . 26 Phishing and Social Engineering: . 28 Malware, exploits, and viruses: . 28 Malware in your files/documents/e-mails: . 28 Malware and Exploits in your apps and services: . 29 Malicious USB devices: . 29 Your files, documents, pictures, and videos: . 30 Properties and Metadata: . 30 Watermarking: . 31 Pixelized or Blurred Information: . 31 Your Crypto currencies transactions: . 33 Your Cloud backups/sync services: . 34 Your Browser and Device GridinSoft Anti-Malware Free Activate . 34 Local Data Leaks and Forensics: . 35

Bad Cryptography: . 35 No logging but logging anyway policies: . 36 Some Advanced targeted techniques: . 37 Some bonus resources: . 38 Notes: . 39 General Preparations: . 39 Picking your route: . 39 Timing limitations:. 40 Budget/Material limitations: . 40 Skills:. 41 Adversaries (threats): . 41 Steps for all routes: . 42 Get an anonymous Phone number: . 42 Get an USB key: . 44 Find some safe places with decent public Wi-Fi: . 44 The TAILS route: . 45 Persistent Plausible Deniability using Whonix within TAILS:. 45 Steps for all other routes: . 47 Get a dedicated laptop for your sensitive activities:. 47 Some laptop recommendations: . 48 Bios/UEFI/Firmware Settings of your laptop: . 49 Physically Tamper protect your laptop: . 50 The Whonix route: . 51 Picking your Host OS (the OS installed on your laptop): . 51 Linux Host OS: . 55 MacOS Host OS: . 56 Windows Host OS: . 58 Virtualbox on your Host OS: . 66 Pick your connectivity method:. 67 Get an anonymous VPN/Proxy: . 72 Whonix: . 72 Tor over VPN: . 74 Whonix Virtual Machines: . 74 Pick your guest workstation Virtual Machine: . 75 If you can use Tor: . 75 If you cannot use Tor: . 75 Linux Virtual Machine (Whonix or Linux): . 75 Windows 10 Virtual Machine: . 76 Android Virtual Machine: . 78 MacOS Virtual Machine: . 78 KeepassXC: . 80 VPN client installation (cash/Monero paid): . 80 Final steps: . 80 The Qubes Route:. 80 Pick your connectivity method:. 81 Get an anonymous VPN/Proxy: . 86 Installation: . 86 Lid Closure Behavior:. 86 Connect to a Public Wi-Fi: . 86 Update Qube OS: . 86 Setup the VPN ProxyVM:. 87

Setup a safe Browser within Qube OS (optional but recommended): . 90 Setup an Android VM: . 90 KeePassXC: . 91 Creating your anonymous online identities: . 92 Understanding the methods used to prevent anonymity and verify identity: . 92 Phone verification: . 93 E-Mail verification: . 93 User details checking: . 93 Proof of ID verification: . 93 IP Filters: . 94 Browser and Device Fingerprinting: . 94 Human interaction: . 95 User Moderation: . 95 Behavioral Analysis: . 95 Financial transactions:. 95 Sign-in with some platform: . 96 Live Face recognition and biometrics (again):. 96 Manual reviews: . 97 Getting Online: . 97 Creating new identities: . 98 The Real-Name System: . 101 Overview: . 101 How to share files or chat anonymously: . 112 Redacting Documents/Pictures/Videos/Audio safely: . 116 Communicating sensitive information to various known organizations: . 117 Maintenance tasks: . 118 Backing-up your work securely: . 118 Offline Backups: . 118 Selected Files Backups: . 118 Full Disk/System Backups: . 120 Online Backups: . 121 Synchronizing your files between devices Online: . 122 Covering your tracks:. 122 Understanding HDD vs SSD:. 122 Wear-Leveling. . 123 Trim Operations: . 124 Garbage Collection: . 125 Conclusion: . 125 How to securely wipe your whole Laptop/Drives if you want to erase everything: . 125 Linux (all versions including Qubes OS):. 126 Windows: . 127 MacOS: . 128 How to securely delete specific files/folders/data on your HDD/SDD and Thumb drives: . 128 Windows: . 129 Linux (non Qubes OS): . 130 Linux (Qubes OS): . 132 MacOS: . 133 Some additional measures against forensics: . 134 Removing Metadata from Files/Documents/Pictures: . 135 TAILS: . 136

Whonix: . 137 MacOS: . 137 Linux (Qubes OS): . 139 Linux (non-Qubes): . 139 Windows: . 139 Removing some traces of your identities on search engines and various platforms: . 143 Google: . 144 Bing: . 144 DuckDuckGo: . 144 Yandex: . 144 Qwant: . 144 Yahoo Search: . 144 Baidu: . 144 Wikipedia: . 145 Internet Archive: . 145 Some low-tech old-school tricks: . 145 Hidden communications in plain sight:. 145 How to spot if someone has been searching your stuff: . 146 Some last OPSEC thoughts:. 146 If you think you got burned: . 147 If you have some time:. 147 If you have no time: . 147 A small final editorial note: . 147 Donations: . 148 Acknowledgements: . 148 Appendix A: Windows Installation . 149 Installation: . 149 Privacy Settings: . 150 Appendix B: Windows Additional Privacy Settings . 151 Appendix C: Windows Installation Media Creation . 151 Appendix D: Using System Rescue to securely wipe an SSD drive. . 152 Appendix E: Clonezilla . 152 Appendix F: Diskpart . 153 Appendix G: Safe Browser on the Host OS . 153 If you can use Tor:. 153 If you cannot use Tor: . 153 Appendix H: Windows Cleaning Tools . 154 Appendix I: Using ShredOS to securely wipe an HDD drive: . 154 Windows: . 155

Linux: . 155 Appendix J: Manufacturer tools for Wiping HDD and SSD drives: . 155 Tools that provide a boot disk for wiping from boot: . 155 Tools that provide only support from running OS (for external drives). . 155 Appendix K: Considerations for using external SSD drives . 155 Windows: . 156 Trim Support: . 156 ATA/NVMe Operations (Secure Erase/Sanitize): . 156 Linux: . 156 Trim Support: . 156 ATA/NVMe Operations (Secure Erase/Sanitize): . 156 MacOS: . 156 Trim Support: . 156 ATA/NVMe Operations (Secure Erase/Sanitize): . 157 Appendix L: Creating a mat2-web guest VM for removing metadata from files. 157 Appendix M: BIOS/UEFI options to wipe disks in various Brands . 159 Appendix N: Warning about smartphones and smart devices . 159 Appendix O: Get an anonymous VPN/Proxy . 159 Cash/Monero-Paid VPN (preferred): . 159 Self-hosted VPN/Proxy on a Monero/Cash-paid VPS (for skilled users familiar with Linux): . 160 VPN VPS:. 160 Socks Proxy VPS:. 160 Appendix P: Accessing the internet as safely as possible when Tor and VPNs are not an option . 162 Appendix Q: Using long range Antenna to connect to Public Wi-Fis from a safe distance: . 163 Appendix R: Installing a VPN on your VM or Host OS. . 165 Appendix S: Check your network for surveillance/censorship using OONI. 166 Appendix T: Checking files for malware . 166 Integrity (if available): . 166 Authenticity (if available): . 167 Security (checking for actual malware): . 168 Anti-Virus Software: . 168 Manual Reviews: . 169 Appendix U: How to bypass (some) local restrictions on supervised computers. 170 Portable Apps: . 170 Bootable Live Systems: . 171 Precautions: . 171 Appendix V: What browser to use in your Guest VM/Disposable VM . 171 Appendix W: Virtualization . 172

Appendix X: Using Tor bridges in hostile environments . 173 Appendix Y: Windows AME download and installation . 174 Download: . 175 Installation: . 175

Requirements: •

• • • • • •

Be a permanent Adult resident in Germany where the courts have upheld up the legality of not using real names on online platforms (§13 VI of the German Telemedia Act of 2007 1’ 2). Alternatively, be an Adult resident of any other country where you can validate and verify the legality of this guide yourself. This guide will assume you already have access to some personal (Windows/Linux/MacOS) laptop computer (ideally not a work/shared device). Have patience as this process could take several weeks to finalize if you want to go through all the content. Have a little budget to dedicate to this process (you will need at least budget for an USB key). Have some free time on your hands to dedicate to this process (or a lot depending on the route you pick). Be prepared to read a lot of references (do read them), guides (do not skip them) and follow a lot of how-to tutorials thoroughly (do not skip them either). Don’t be evil (for real this time) 3.

Introduction: TLDR for the whole guide: “A strange game. The only winning move is not to play” 4. Making a social media account with a pseudonym or artist/brand name is easy. And it is enough is most use cases to protect your identity as the next George Orwell. There are plenty of people using pseudonyms all over Facebook/Instagram/Twitter/LinkedIn/TikTok/Snapchat/Reddit/… But the vast majority of those are anything but anonymous and can easily be traced to their real identity by your local police officers, random people within the OSINT 5 (Open-Source Intelligence) community and trolls 6 on 4chan 7. This is a good thing as most criminals/trolls are not really tech savvy and will be identified with ease. But this is also a bad thing as most political dissidents, human rights activists and whistleblowers can also be tracked rather easily. This updated guide aims to provide introduction to various de-anonymization techniques, tracking techniques, id verification techniques and optional guidance to creating and maintaining reasonably anonymous identities online including social media accounts safely. This includes mainstream platforms and not only privacy friendly ones. It is important to understand that the purpose of this guide is anonymity and not just privacy but many of the guidance you will find here will also help you improve your privacy and security even if you are not interested in anonymity. There is an important overlap in techniques and tools used for privacy, security, and anonymity but they differ at some point: •

Privacy is about people knowing who you are but not knowing what you are doing.



Anonymity is about people knowing what you are doing but not knowing who you are 8

(illustration from 9)

Will this guide help you protect yourself from the NSA, the FSB, Mark Zuckerberg, or the Mossad if they are out to find you? Probably not … Mossad will be doing “Mossad things” 10 and will probably find you no matter how hard you try to hide 11. You must consider your threat model 12 before going further.

(Illustration by xkcd.com, licensed under CC BY-NC 2.5)

Will this guide help you protect your privacy from OSINT researchers like Bellingcat 13Doxing14 trolls on 4chan 15 and others that have no access to the NSA toolbox? More likely. Tho I would not be so sure about 4chan. Here is a basic simplified threat model for this guide:

(Note that the “magical amulets/submarine/fake your own death” jokes are quoted from 10) The EFF provides a few security scenarios of what you should consider depending on your activity. While some of those tips might not be within the scope of this guide (more about Privacy than Anonymity), they are still worth reading as examples. See https://ssd.eff.org/en/module-categories/security-scenarios [Archive.org]. There are also quite a few more serious ways of making your threat model such as: • • • •

LINDDUN https://www.linddun.org/ [Archive org] STRIDE https://en.wikipedia.org/wiki/STRIDE %28security%29 [Archive.org] DREAD https://en.wikipedia.org/wiki/DREAD %28risk assessment model%29 [Archive org] PASTA https://versprite.com/tag/pasta-threat-modeling/ [Archive.org]

You can find some introduction on these on these projects: • •

OWASP https://cheatsheetseries.owasp.org/cheatsheets/Threat Modeling Cheat Sheet.html [Archive.org] Online Operations Security https://github.com/devbret/online-opsec/ [Archive.org]

It is also important to understand this guide is the humble result of years of experience, learning and testing from a single individual (myself) and that many of those systems that aim to prevent anonymity are opaque proprietary closed-source systems. Many of those guidelines are based on experience, on referenced studies and recommendations by other people and projects. These experiences take a lot of time, resources and are sometimes far from being scientific. There might be some wrong or outdated information in this guide too because I am not omniscient (feel free to report any using GitHub Issues). Your mileage may vary (a lot). Use at your own risk. You might think this guide has no legitimate use but there are many 16’ 17’ 18’ 19’ 20’ 21’ 22 such as: • • • • • • • •

Evading Online Censorship Evading Online Oppression Evading Online Stalking, Doxxing, and Harassment Evading Online Unlawful Government Surveillance Anonymous Online Whistle Blowing Anonymous Online Activism Anonymous Online Journalism Anonymous Online Legal Practice

• •

Anonymous Online Academic Activities (For instance accessing scientific research where such resources are blocked). See note below. …

Note: that if you are having trouble accessing any of the many academic articles referenced in this guide, feel free to use Sci-Hub (https://en.wikipedia.org/wiki/Sci-Hub [Archive.org]) or LibGen (https://en.wikipedia.org/wiki/Library Genesis [Archive.org]) for finding and reading them. Because science should be free. All of it. This guide is written with hope for those good intended individuals who might not be knowledgeable enough to consider the big picture of online anonymity and privacy. This guide is not intended for: • • • •

Creating machine accounts of any kind (bots). Creating impersonation accounts of existing people (such as identity theft). Helping malicious actors conduct unlawful or unethical activities (such as trolling, stalking, disinformation, misinformation, harassment, or any criminal activity). Use by minors.

Feel free to report issues, recommend improvements or start a discussion on the GitHub repository if you want. Use at your own risk. Anything in here is not legal advice and you should verify compliance with your local law before use (IANAL 23). “Trust but verify” 24 all the information yourself (or even better, “Never Trust, always verify”326).

Understanding some basics of how some information can lead back to you and how to mitigate some: There are many ways you can be tracked besides browser cookies and ads, your e-mail, and your phone number. And if you think only the Mossad or the NSA/FSB can find you, you would be terribly wrong. You might consider viewing this good YouTube playlist as an introduction before going further: https://www.youtube.com/playlist?list=PL3KeV6Ui 4CayDGHw64OFXEPHgXLkrtJO [Invidious] (from the Go Incognito project https://github.com/techlore-official/go-incognito [Archive.org]). This guide will cover many of those topics with more details and references as well as some additional topics not covered within that series but I would recommend the series as an introduction and it will just take you 2 or 3 hours to watch it all. Now, here is a non-exhaustive list of some of the many ways you could be tracked and de-anonymized:

Your Network: Your IP address: Disclaimer: this whole paragraph is about your public facing Internet IP and not your local network IP Your IP address 25 is the most known and obvious way you can be tracked. That IP is the IP you are using at the source. This is where you connect to the internet. That IP is usually provided by your ISP (Internet Service Provider) (xDSL, Mobile, Cable, Fiber, Cafe, Bar, Friend, Neighbor). Most countries have data retention regulations 26 which mandates keeping logs of who is using what IP at a certain time/date for up to several years or indefinitely. Your ISP can tell a third party that you were using a specific IP at a specific date and time, years after the fact. If that IP (the origin one) leaks at any point for any reason, it can be used to track down you directly. In many countries, you will not be able to have internet access without providing some form of identification to the provider (address, ID, real name, e-mail …). Useless to say that most platforms (such as social networks) will also keep (sometimes indefinitely) the IP addresses you used to sign-up and sign-in to their services. Here are some online resources you can use to find some information about your current public IP right now:



• •









Find your IP: o https://resolve.rs/ o https://www.dnsleaktest.com/ (Bonus, check your IP for DNS leaks) Find your IP location or the location of any IP: o https://resolve.rs/ip/geolocation.html Find if an IP is “suspicious” or has downloaded “things” on some public resources: o https://www.virustotal.com/gui/home/search o https://iknowwhatyoudownload.com Registration information of an IP (most likely your ISP or the ISP of your connection who most likely know who is using that IP at any time): o https://whois.domaintools.com/ Check for open-services or open-devices on an IP (especially if there are leaky Smart Devices on it): o https://www.shodan.io/host/185.220.101.134 (replace the IP by your IP or any other, or change in the search bow, this example IP is a Tor Exit node) Various tools to check your IP such as blacklists checkers and more: o https://www.whatismyip.com o https://browserleaks.com/ Would you like to know if you are connected through Tor? o https://check.torproject.org

For those reasons, we will need to obfuscate that origin IP (the one tied to your identification) or hide it as much as we can through a combination of various means: • Using a public Wi-Fi service (free). • Using the Tor Anonymity Network 27 (free). • Using VPN 28 services anonymously (anonymously paid with cash or Monero). All those will be explained later in this guide.

Your DNS requests: DNS stands for “Domain Name System” 29 and is a service used by your browser (and other apps) to find the IP addresses of a service. It is pretty much a huge “contact list” (phone book for older people) that works like asking it a name and it returns the number to call. Except it returns an IP instead. Every time your browser wants to access a certain service such as Google through www.google.com. Your Browser (Chrome or Firefox) will query a DNS service to find the IP addresses of the Google web servers. Here is a video explaining DNS visually if you are already lost: https://www.youtube.com/watch?v=vrxwXXytEuI

[Invidious]

Usually, the DNS service is provided by your ISP and automatically configured by the network you are connecting to. This DNS service could also be subject to data retention regulations or will just keep logs for other reasons (data collection for advertising purposes for instance). Therefore, this ISP will be capable of telling everything you did online just by looking at those logs which can in turn be provided to an adversary. Conveniently this also the easiest way for many adversaries to apply censoring or parental control by using DNS blocking 30. The provided DNS servers will give you a different address (than their real one) for some websites (like redirecting thepiratebay to some government website). Such blocking is widely applied worldwide for certain sites 31. Using a private DNS service or your own DNS service would mitigate these issues but the other problem is that most of those DNS requests are by default still sent in clear text (unencrypted) over the network. Even if you browse PornHub in an incognito Window, using HTTPS and using a private DNS service, chances are very high that your browser will send a clear text unencrypted DNS request to some DNS servers asking basically “So what’s the IP address of www.pornhub.com?”.

Because it is not encrypted, your ISP and/or any other adversary could still intercept (using a Man-in-the-middle attack86) your request will know and possibly log what your IP was looking for. The same ISP can also tamper with the DNS responses even if you are using a private DNS. Rendering the use of a private DNS service useless. As a bonus, many devices and apps will use hardcoded DNS servers bypassing any system setting you could set. This is for example the case with most (70%) Smart TVs and a large part (46%) of Game Consoles 32. For these devices, you will have to force them 33 to stop using their hardcoded DNS service which could make them stop working properly. A solution to this is to use encrypted DNS using DoH (DNS over HTTPS 34), DoT (DNS over TLS 35) with a private DNS server (this can be self-hosted locally with a solution like pi-hole 36, remotely hosted with a solution like nextdns.io or using the solutions provider by your VPN provider or the Tor network). This should prevent your ISP or some middleman from snooping on your requests … except it might not. Small in-between disclaimer: This guide does not necessarily endorse or recommends Cloudflare services even if it is mentioned several times in this section for technical understanding. Unfortunately, the TLS protocol used in most HTTPS connections in most Browsers (Chrome/Brave/UngoogledChromium among them) will leak the DNS again through SNI 37 handshakes (this can be checked here at Cloudflare: https://www.cloudflare.com/ssl/encrypted-sni/ [Archive.org] ). As of the writing of this guide, only Firefox based browsers supports ECH (Encrypted Client Hello38 previously known as eSNI 39) which will encrypt everything end to end (in addition to using a secure private DNS over TLS/HTTPS) and will allow you to hide your DNS requests from a third party 40. And this option is not enabled by default either so you will have to enable it yourself.

In addition to limited browser support, only Web Services and CDNs 41 behind Cloudflare CDN support ECH/eSNI at this stage 42. This means that ECH are eSNI are not supported (as of the writing of this guide) by most mainstream platforms such as: • Amazon (including AWS, Twitch…) • Microsoft (including Azure, OneDrive, Outlook, Office 365…)

• • • • • • • • •

Google (including Gmail, Google Cloud…) Apple (including iCloud, iMessage…) Reddit YouTube Facebook Instagram Twitter GitHub …

Some countries like Russia43 and China 44 will block ECH/eSNI handshakes at network level to allow snooping and prevent bypassing censorship. Meaning you will not be able to establish an HTTPS connection with a service if you do not allow them to see what it was. The issues do not end here. Part of the HTTPS TLS validation is called OCSP 45 and this protocol will leak metadata in the form of the serial number of the certificate of the website you are visiting. An adversary can then easily find which website you are visiting by matching the certificate number 46. This issue can be mitigated by using OCSP stapling 47 and fortunately this is enabled and enforced by default in Firefox/Tor Browser. But the website you are visiting must also be supporting it and not all do.

Finally, even if you use a custom encrypted DNS server (DoH or DoT) with ECH/eSNI support and OCSP stapling, it might still not be enough as traffic analysis studies 48 have shown it is still possible to reliably fingerprint and block unwanted requests. Only DNS over Tor was able to demonstrate efficient DNS Privacy in recent studies but even that can still be defeated by other means (see Your Anonymized Tor/VPN traffic). One could also decide to use a Tor Hidden DNS Service or ODoH (Oblivious DNS over HTTPS 49) to further increase privacy/anonymity but unfortunately, as far as I know, these methods are only provided by Cloudflare as of this writing (https://blog.cloudflare.com/welcome-hidden-resolver/ [Archive.org], https://blog.cloudflare.com/oblivious-dns/ [Archive org] ). I personally think these are viable and reasonably secure technical options but there is also a moral choice if you want to use Cloudflare or not (despite the risk posed by some researchers 50). Lastly, there is also this new option called DoHoT which stands for DNS over HTTPS over Tor which could also further increase your privacy/anonymity and which you could consider if you are more skilled with Linux. See

https://github.com/alecmuffett/dohot [Archive.org]. This guide will not help you with this one at this stage but it might be coming soon. Here is an illustration showing the current state of DNS privacy based on my current knowledge.

Therefore, to mitigate all these issues (as much as possible), this guide we will later recommend two solutions: Tor and a virtualized (See Appendix W: Virtualization) multi-layered solution of VPN over Tor which should mitigate most of the issues reasonably. Other options will also be explained (Tor over VPN, VPN only, No Tor/VPN) but are less recommended. As for your normal daily use (non-sensitive), remember that only Firefox based browsers support ECH (formerly eSNI) so far and that it is only useful with websites hosted behind Cloudflare CDN at this stage. Likewise, only Firefox based browsers will enforce OCSP stapling. If you prefer a Chrome based version (which is understandable for some due to some adobe acrobat pro dc serial number - Crack Key For U integrated features like on-the-fly Translation), then I would recommend the use of Brave instead which supports all Chrome extensions and offers much better privacy than Chrome. Alternatively, if you do not trust Brave, you could also use Ungoogled-Chromium (https://github.com/Eloston/ungoogled-chromium [Archive org] ).

Your RFID enabled devices: RFID stands for Radio-frequency identification 51, it is the technology used for instance for contactless payments and various identification systems. Of course, your smartphone is among those devices and has RFID contactless payment capabilities through NFC 52. As with everything else, such capabilities can be used for tracking by various actors. But unfortunately, this is not limited your smartphone and you also probably carry some amount of RFID enabled device with you all the time such as: • • • • • • • • •

Your contactless enabled credit/debit cards Your store loyalty cards Your transportation payment cards Your work-related access cards Your car keys Your national ID or driver license Your passport The price/anti-theft tags on object/clothing …

While all these cannot be used to de-anonymize you from a remote online adversary, they can be used to narrow down a search if your approximate location at a certain time is known. For instance, you cannot rule out that some stores will effectively scan (and log) all RFID chips passing through the door. They might be looking for their loyalty cards but are also logging others along the way. Such RFID tags could be traced to your identity and allow for deanonymization. More information over at Wikipedia: https://en.wikipedia.org/wiki/Radiofrequency identification#Security concerns [Archive.org] and https://en.wikipedia.org/wiki/Radiofrequency identification#Privacy [Archive.org] The only way to mitigate this problem is to have no RFID tags on you or to shield them again using a type of faraday cage. You could also use specialized wallets/pouches that specifically block RFID communications. Many of those are now made by well-known brands such as Samsonite 53. See Appendix N: Warning about smartphones and smart devices

The Wi-Fis and Bluetooth devices around you: Geolocation is not only done by using mobile antennas triangulation. It is also done using the Wi-Fis and Bluetooth devices around you. Operating systems makers like Google (Android 54) and Apple (IOS 55) maintain a convenient database of most Wi-Fi access points, Bluetooth devices and their location. When your Android smartphone or iPhone is on (and not in Plane mode), it will scan passively (unless you specifically disable this feature in the settings) Wi-Fi access points and Bluetooth devices around you and will be able to geolocate you with more precision than when using a GPS.

This allows them to provide accurate locations even when GPS is off but it also allows them to keep a convenient record of all Bluetooth devices all over the world. Which can then be accessed by them or third parties for tracking. Note: If you have an Android smartphone, Google probably knows where it is no matter what you do. You cannot really trust the settings. The whole operating system is built by a company that wants your data. Remember that if it is free then you are the product. But that is not what all those Wi-Fis access points can do. Recently developed techs could even allow someone to track your movements accurately just based on radio interferences. What this means is that it is possible to track your movement inside a room/building based on the radio signals passing through. This might seem like a tinfoil hat conspiracy theory claim but here are the references 56 with demonstrations showing this tech in action: http://rfpose.csail.mit.edu/ [Archive.org] and the video here: https://www.youtube.com/watch?v=HgDdaMy8KNE [Invidious] You could therefore imagine many uses cases for such technologies like recording who enters specific buildings/offices (hotels, hospitals, or embassies for instance) and then discover who meets who and where by tracking them from outside. Even if they have no smartphone on them.

Again, such issue could only be mitigated by being in room/building that would act as a faraday cage. Here is another video of the same kind of tech in action: https://www.youtube.com/watch?v=FDZ39h-kCS8 [Invidious] See Appendix N: Warning about smartphones and smart devices

Malicious/Rogue Wi-Fi Access Points: These have been used since at least since 2008 using an attack called “Jasager” 57 and can be done by anyone using self-built tools or using commercially available devices such as Wi-Fi Pineapple 58. Here are some videos explaining more about the topic: • •

HOPE 2020, https://archive.org/details/hopeconf2020/20200725 1800 Advanced WiFi Hacking With %245 Microcontrollers.mp4 YouTube, Hak5, Wi-Fi Pineapple Mark VII https://www.youtube.com/watch?v=7v3JR4Wlw4Q [Invidious]

These devices can fit in a small bag and can take over the Wi-Fi environment of any place within their range. For instance, a Bar/Restaurant/Café/Hotel Lobby. These devices can force Wi-Fi clients to disconnect from their current Wi-Fi (using de-authentication, disassociation attacks 59) while spoofing the normal Wi-Fi networks at the same location. They will continue to perform this attack until your computer or yourself decides to try to connect to the rogue AP.

These devices privazer vs bleachbit - Activators Patch then mimic a captive portal 60 with the exact same layout as the Wi-Fi you are trying to access (for instance an Airport Wi-Fi registration portal). Or they could just give you open access internet that they will themselves get from the same place. Once you are connected through the Rogue AP, this Privazer vs bleachbit - Activators Patch will be able to execute various man-in-the-middle attacks to perform analysis on your traffic. These could be malicious redirections or just simple traffic sniffing. These can then easily identify any client that would for instance try to connect to a VPN server or to the Tor Network. This can be useful when you know someone you want to de-anonymize is in a crowded place but you do not know who. This would allow such an adversary to possibly fingerprint any website you visit despite the use of HTTPS, DoT, DoH, ODoH, VPN or Tor using traffic analysis as pointed above in the DNS section. These can also be used to carefully craft and serve you advanced phishing webpages that would harvest your credentials or try to make you install a malicious certificate allowing them to see your encrypted traffic.

Your Anonymized Tor/VPN traffic: Tor and VPNs are not silver bullets. Many advanced techniques have been developed and studied to de-anonymize encrypted Tor traffic over the years 61. Most of those techniques are Correlation attacks that will correlate your network traffic in one way or another to logs or datasets. Here are some classic examples: •

Correlation Fingerprinting Attack: As illustrated (simplified) below, this attack will fingerprint 62 your encrypted traffic (like the websites you visited) just based on the analysis of your encrypted traffic (without decrypting it). It can do so with a whopping 96% success rate. Such fingerprinting can be used by an adversary that has access to your source network to figure out some of your encrypted activity (such as which websites you visited).



Correlation Timing Attacks: As illustrated (simplified) below, an adversary that has access to network connection logs (IP or DNS for instance, remember that most VPN servers and most Tor nodes are known and publicly listed) at the source and at the destination could correlate the timings to de-anonymize you without requiring any access to the Tor or VPN network in between. A real use case of this technique was done by the FBI in 2013 to de-anonymize 63 a bomb threat hoax at Harvard University.



Correlation Counting Attacks: As illustrated (simplified) below, an adversary that has no access to detailed connection logs (cannot see that you used Tor or Netflix) but has access to data counting logs could see that you have downloaded 600MB on a specific time/date that matches the 600MB upload at the destination. This correlation can then be used to de-anonymize you over time.

There are ways to mitigate these such as:



• •

Do not use Tor/VPNs to access services that are on the same network (ISP) as the destination service. For example, do not connect to Tor from your University Network to access a University Service anonymously. Instead use a different source point (such as a public Wi-Fi) that cannot be correlated easily by an adversary. Do not use Tor/VPN from an obviously monitored network (such as a corporate/governmental Network) but instead try to find an unmonitored network such as a public Wi-Fi or a residential Wi-Fi. Use multiple layers (such as what will be recommended in this guide later: VPN over Tor) so that an adversary might be able to see that someone connected to the service through Tor but will not be able to see that it was you because you were connected to a VPN and not the Tor Network.

Be aware again that this might not be enough against a motivated global adversary 64 with wide access to global mass surveillance. Such adversary might have access to logs no matter where you are and could use those to deanonymize you. Be also aware that all the other methods described in this guide such as Behavioral analysis can also be used to deanonymize Tor users indirectly (see further Your Digital Fingerprint, Footprint, and Online Behavior). I also strongly recommend reading this very good, complete and thorough guide on many Attack Vectors on Tor: https://github.com/Attacks-on-Tor/Attacks-on-Tor [Archive.org] as well as this recent research publication https://www.researchgate.net/publication/323627387 Shedding Light on the Dark Corners of the Internet A Survey of Tor Research [Archive.org] (In their defense, it should also be noted that Tor is not designed to protect against a Global adversary. For more information see https://svn-archive.torproject.org/svn/projects/design-paper/tor-design.pdf [Archive.org] and specifically, "Part 3. Design goals and assumptions.".) Lastly, do remember that using Tor can already be considered a suspicious activity 65 and its use could be considered malicious by some 66. This guide will later propose some solutions to such attacks by changing your origin from the start (using public wifi’s for instance).

Some Devices can be tracked even when offline: You have seen this in action/spy/Sci-Fi movies and shows, the protagonists always remove the battery of their phones to make sure it cannot be used. Most people would think that’s overkill. Well, unfortunately no, this is now becoming true at least for some devices: • • •

iPhones and iPads (IOS 13 and above) 67’ 68 Samsung Phones (Android 10 and above) 69 MacBooks (MacOS 10.15 and above) 70

Such devices will continue to broadcast identity information to nearby devices even when offline using Bluetooth Low-Energy 71. They do not have access to the devices directly (which are not connected to the internet) but instead use BLE to find them through other nearby devices 72. They are basically using peer-to-peer short-range Bluetooth communication to broadcast their status through nearby online devices. They could now locate such devices and keep the location in some database that could then be used by third parties or themselves for various purposes (including analytics, advertising or evidence/intelligence gathering). See Appendix N: Warning about smartphones and smart devices

Your Hardware Identifiers: Your IMEI and IMSI (and by extension, your phone number): The IMEI (International Mobile Equipment Identity 73) and the IMSI (International Mobile Subscriber Identity 74) are unique numbers created by mobile phone manufacturers and mobile phone operators. The IMEI is tied directly to the phone you are using. This number is known and tracked by the mobile phone operators and known by the manufacturers. Every time your phone connects to the mobile network, it will register the IMEI on the network along the IMSI (if a SIM card is inserted but that is not even needed). It is also used by many

applications (Banking apps abusing the phone permission on Android for instance 75) and smartphone Operating Systems (Android/IOS) for identification of the device 76. It is possible but difficult (and not illegal in many jurisdictions 77) to change the IMEI on a phone but it is probably easier and cheaper to just find and buy some old (working) Burner phone for a few Euros (this guide is for Germany remember) at a flea market or at some random small shop. The IMSI is tied directly to the mobile subscription or pre-paid plan you are using and is basically tied to your phone number by your mobile provider. The IMSI is hardcoded directly on the SIM card and cannot be changed. Remember that every time your phone connects to the mobile network, it will also register the IMSI on the network along the IMEI. Like the IMEI, the IMSI is also being used by some applications and smartphone Operating systems for identification and are being tracked. Some countries in the EU for instance maintain a database of IMEI/IMSI associations for easy querying by Law Enforcement. Today, giving away your (real) phone number is basically the same or better than giving away your Social Security number/Passport ID/National ID. The IMEI and IMSI can be traced back to you by at least 6 ways: •











The mobile operator subscriber logs which will usually store the IMEI along the IMSI and their subscriber information database. If you use a prepaid anonymous SIM (anonymous IMSI but with a known IMEI), they can see this cell belongs to you if you used that cell phone before with a different SIM card (different anonymous IMSI but same known IMEI). The mobile operator antenna logs which will conveniently keep a log of which IMEI and IMSI also keep some connection data. They know and log for instance that a phone with this IMEI/IMSI combination connected to a set of Mobile antennas and how powerful the signal to each of those antennas was allowing easy triangulation/geolocation of the signal. They also know which other phones (your real one for instance) connected at the same time to the same antennas with the same signal which would make it possible to know precisely that this “burner phone” was always connected at the same place/time than this other “known phone” which shows up every time the burner phone is being used. This information can be used by various third parties to geolocate/track you quite precisely 78’ 79. The manufacturer of the Phone can trace back the sale of the phone using the IMEI if that phone was bought in a non-anonymous way. Indeed, they will have logs of each phone sale (including serial number and IMEI), to which shop/person it was sold to. And if you are using a phone that you bought online (or from someone that knows you). It can be traced to you using that information. Even if they do not find you on CCTV 80 and you bought the phone cash, they can still find what other phone (your real one in your pocket) was there (in that shop) at that time/date by using the antenna logs. The IMSI alone can be used to find you as well because most countries now require customers to provide an ID when buying a SIM card (subscription or pre-paid). The IMSI is then tied to the identity of the buyer of the card. In the countries where the SIM can still be bought with cash (like the UK), they still know where (which shop) it was bought and when. This information can then be used to retrieve information from the shop itself (such as CCTV footage as for the IMEI case). Or again the antenna logs can also be used to figure out which other phone was there at the moment of the sale. The smartphone OS makers (Google/Apple for Android/IOs) also keep logs of IMEI/IMSI identifications tied to Google/Apple accounts and which user has been using them. They too can trace back the history of the phone and to which accounts it was tied in the past 81. Government agencies around the world interested in your phone number can and do use 82 special devices called “IMSI catchers” 83 like the Stingray 84 or more recently the Nyxcell 85. These devices can impersonate (to spoof) a cell phone Antenna and force a specific IMSI (your phone) to connect to it to access the cell network. Once they do, they will be able to use various MITM 86 (Man-In-The-Middle Attacks) that will allow them to: o Tap your phone (voice calls and SMS). o Sniff and examine your data traffic. o Impersonate your phone number without controlling your phone. o …

Here is also a good YouTube video on this topic: DEFCON Safe Mode - Cooper Quintin - Detecting Fake 4G Base Stations in Real Time https://www.youtube.com/watch?v=siCk4pGGcqA [Invidious] For these reasons, it is crucial to get dedicated an anonymous phone number and/or an anonymous burner phone with an anonymous pre-paid sim card that are not tied to you in any way (past or present) for conducting sensitive activities (See more practical guidance in Get an anonymous Phone number section). While there are some smartphones manufacturers like Purism with their Librem series 87 who claim to have your privacy in mind, they still do not allow IMEI randomization which I believe is a key anti-tracking feature that should be provided by such manufacturers. While this measure will not prevent IMSI tracking within the SIM card, it would at least allow you to keep the same “burner phone” and only switch SIM cards instead of having to switch both for privacy. See Appendix N: Warning about smartphones and smart devices

Your Wi-Fi or Ethernet MAC address: The MAC address 88 is a unique identifier tied to your physical Network Interface (Wired Ethernet or Wi-Fi) and could of course be used to track you if it is not randomized. As it was the case with the IMEI, manufacturers of computers and network cards usually keep logs of their sales (usually including things like: Serial number, IMEI, Mac Addresses, …) and it is possible again for them to track where and when the computer with the MAC address in question was sold and to whom. Even if you bought it with cash in a supermarket, the supermarket might still have CCTV (or a CCTV just outside that shop) and again the time/date of sale could be used to find out who was there using the Mobile Provider antenna logs at that time (IMEI/IMSI). Operating Systems makers (Google/Microsoft/Apple) will also keep logs of devices and their MAC addresses in their logs for device identification (Find my device type services for example). Apple can tell that the MacBook with this specific MAC address was tied to a specific Apple Account before. Maybe yours before you decided to use the MacBook for sensitive activities. Maybe to a different user who sold it to you but remembers your e-mail/number from when the sale happened. Your home router/Wi-Fi access point keeps logs of devices that registered on the Wi-Fi and these can be accessed too to find out who has been using your Wi-Fi. Sometimes this can be done remotely (and silently) by the ISP depending if that router/Wi-Fi access point is being “managed” remotely by the ISP (which is often the case when they provide the router to their customers). Some commercial devices will keep record of MAC addresses roaming around for various purposes such as road congestion 89. So, it is important again not to bring your phone along when/where you conduct sensitive activities. If you use your own laptop, then it is crucial to hide that MAC address (and Bluetooth address) anywhere you use it and be extra careful not to leak any information. Thankfully many recent OSes now feature or allow the option to randomize MAC addresses (Android, IOS, Linux and Windows 10) with the notable exception of MacOS which does not support this feature even in its latest Big Sur version. See Appendix N: Warning about smartphones and smart devices

Your Bluetooth MAC address: Your Bluetooth MAC is like the previous MAC address except it is for Bluetooth. Again, it can be used to track you as manufacturers and operating system makers keep logs of such information. It could be tied to a sale place/time/date or accounts and then could be used to track you with such information, the shop billing information, the CCTV, or the mobile antenna logs in correlation. Operating systems have protections in place to randomize those addresses but are still subject to vulnerabilities 90. For this reason, and unless you really need those, you should just disable Bluetooth completely in the BIOS/UEFI settings if possible or in the Operating System otherwise.

On Windows 10, you will need to disable and enable the Bluetooth device in the device manager itself to force a randomization of the address for next use and prevent tracking. See Appendix N: Warning about smartphones and smart devices

Your CPU: All modern CPUs 91 are now integrating hidden management platforms such as the now infamous Intel Management Engine 92 and the AMD Platform Security Processor 93. Those management platforms are basically small operating systems running directly on your CPU as long as they have power. These systems have full access to your computer’s network and could be accessed by an adversary to de-anonymize you in various ways (using direct access or using malware for instance) as shown in this enlightening video: BlackHat, How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine https://www.youtube.com/watch?v=mYsTBPqbya8 [Invidious]. These have already been affected by several security vulnerabilities in the past 94 that allowed malware to gain control of target systems. These are also accused by many privacy actors including the EFF and Libreboot of being a backdoor into any system 95. There are some not so easy ways 96 to disable the Intel IME on some CPUs and you should do so if you can. For some AMD laptops, you can disable it within the BIOS settings by disabling PSP. Note that to AMD’s defense, so far and AFAIK, there were no security vulnerabilities found for ASP and no backdoors eithers: See https://www.youtube.com/watch?v=bKH5nGLgi08&t=2834s [Invidious]. If you are feeling a bit more adventurous, you could install your own BIOS using Libreboot 97 or Coreboot245 if your laptop supports it. In addition, some CPUs have unfixable flaws (especially Intel CPUs) that could be exploited by various malware. Here is a good current list of such vulnerabilities affecting recent widespread CPUs: https://en.wikipedia.org/wiki/Transient execution CPU vulnerability [Archive.org] •



If you are using Linux you can check the vulnerability status of your CPU to Spectre/Meltdown attacks by using https://github.com/speed47/spectre-meltdown-checker [Archive.org] which is available as a package for most Linux distros including Whonix. If you are using Windows, you can check the vulnerability status of your CPU using inSpectre https://www.grc.com/inspectre.htm [Archive org]

Some of these can be avoided using Virtualization Software settings that can mitigate such exploits. See this guide for more information https://www.whonix.org/wiki/Spectre Meltdown [Archive.org] (warning: these can severely impact the performance of your VMs). I will therefore mitigate some of these issues in this guide by recommending the use of virtual machines on a dedicated anonymous laptop for your sensitive activities that will only be used from an anonymous public network.

Your Operating Systems and Apps telemetry services: Whether it is Android, iOS, Windows, MacOS or even Ubuntu. Most popular Operating Systems now collect telemetry information by default even if you never opt-in or opted-out100 from the start. Some like Windows will not even allow disabling telemetry completely without some technical tweaks. This information collection can be extensive and include a staggering number of details (metadata and data) on your devices and their usage. Here are good overviews of what is being collected by those 5 popular OSes in their last versions: •

Android/Google: o Just have a read at their privacy policy https://policies.google.com/privacy [Archive.org] o School of Computer Science & Statistics, Trinity College Dublin, Ireland Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google https://www.scss.tcd.ie/doug.leith/apple google.pdf [Archive.org]









IOS/Apple: o More information at https://www.apple.com/legal/privacy/en-ww/ [Archive.org] and https://support.apple.com/en-us/HT202100 [Archive.org] o School of Computer Science & Statistics, Trinity College Dublin, Ireland Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google https://www.scss.tcd.ie/doug.leith/apple google.pdf [Archive.org] o Apple does claim 98 that they anonymize this data using differential privacy 99 but you will have to trust them on that. Windows/Microsoft: o Full list of required diagnostic data: https://docs.microsoft.com/en-us/windows/privacy/requiredwindows-diagnostic-data-events-and-fields-2004 [Archive.org] o Full list of optional diagnostic data: https://docs.microsoft.com/en-us/windows/privacy/windowsdiagnostic-data [Archive.org] MacOS: o More details on https://support.apple.com/guide/mac-help/share-analytics-information-mac-applemh27990/mac [Archive.org] Ubuntu: o Ubuntu despite being a Linux distribution also collects Telemetry Data nowadays. This data however is quite limited compared to the others. More details on https://ubuntu.com/desktop/statistics [Archive org]

Not only are Operating Systems gathering telemetry services but so are Apps themselves like Browsers, Mail Clients, and Social Networking Apps installed on your system. It is important to understand that this telemetry data can be tied to your device and help de-anonymizing you and subsequently can be used against you by an adversary that would get access to this data. This does not mean for example that Apple devices are terrible choices for good Privacy but they certainly not the best choices for (relative) Anonymity. They might protect you from third parties knowing what you are doing but not from themselves. In all likelihood, they certainly know who you are. Later in this guide, we will use all the means at our disposal to disable and block as much telemetry as possible to mitigate this attack vector in the Operating Systems supported in this guide. See Appendix N: Warning about smartphones and smart devices

Your Smart devices in general: You got it; your smartphone is an advanced spying/tracking device that: • • • • • • •

Records everything you say at any time (“Hey Siri”, “Hey Google”). Records your location everywhere you go. Always records other devices around you (Bluetooth devices, Wi-Fi Access points). Records your habits and health data (steps, screen time, exposure to diseases, connected devices data) Records all your network locations. Records all your pictures and videos (and most likely where they were taken). Has most likely access to most of your known accounts including Social Media, Messaging and Financial accounts.

Data is being transmitted even if you opt-out 100, processed, and stored indefinitely (most likely unencrypted 101) by various third parties 102. But that is not all, this section is not called “Smartphones” but “Smart devices” because it is not only your smartphone spying on you. It is also every other smart device you could have. • •

Your Smart Watch? (Apple Watch, Android Smartwatch …) Your Fitness Devices and Apps 103? (Strava 104’ 105, Fitbit 106, Garmin, Polar 107, …)

• • • •

Your Smart Speaker? (Amazon Alexa 108, Google Echo, Apple Homepod …) Your Smart Transportation? (Car? Scooter?) Your Smart Tags? (Apple AirTag, Galaxy SmartTag, Tile…) Any other Smart device? There is even a convenient search engine dedicated to finding them online: https://www.shodan.io/ [Archive.org]

See Appendix N: Warning about smartphones and smart devices

Yourself: Your Metadata including your Geo-Location: Your metadata is all the information about your activities without the actual content of those activities. For instance, it is like knowing you had a call from an oncologist before then calling your family and friends successively. You do not know what was said during the conversation but you can guess what it was just from the metadata 109. This Wise Registry Cleaner Pro 10.3.5 Crack Plus Key Free will also often include your location that is being harvested by Smartphones, Operating Systems (Android 110/IOS), Browsers, Apps, Websites. Odds are there are several companies knowing exactly where you are at any time 111 because of your smartphone 112. This location data has been used in many judicial cases 113 already as part of “geofence warrants” 114 that allows law enforcement to ask companies (such as Google/Apple) a list of all devices present at a certain location at a certain time. In addition, this location data is even sold by private companies to the military who can then use it conveniently 115. Now let us say you are using a VPN to hide your IP. The social media platform knows you were active on that account on November 4th from 8am to 1pm with that VPN IP. The VPN allegedly keeps no logs and cannot trace back that VPN IP to your IP. Your ISP however knows (or at least can know) you were connected to that same VPN provider on November 4th from 7:30am to 2pm but does not know what you were doing with it. The question is: Is there someone somewhere that would possibly have both pieces of information available 116 for correlation in a convenient database? Have you heard of Edward Snowden 117? Now is the time to google him and read his book 118. Also read about XKEYSCORE 119’ 120, MUSCULAR 121, SORM 122 and PRISM 123. See “We kill people based on Metadata” 124 or this famous tweet from the IDF privazer vs bleachbit - Activators Patch [Archive.org]. See Appendix N: Warning about smartphones and smart devices

Your Digital Fingerprint, Footprint, and Online Behavior: This is the part where you should watch the documentary “The Social Dilemma” 125 on Netflix as they cover this topic much better than anyone else IMHO. This includes is the way you write 126’ 127, the way you behave 128’ 129. The way you click. The way you browse. The fonts you use on your browser 130. Fingerprinting is being used to guess who someone is by the way that user is behaving. You might be using specific pedantic words or making specific spelling mistakes that could give you away using a simple Google search for similar features because you typed in a similar way on some Reddit post 5 years ago using a not so anonymous Reddit account 131. Social Media platforms such as Facebook/Google can go a step further and can register your behavior in the browser itself. For instance, they can register everything you type even if you do not send it / save it. Think of when you write an e-mail in Gmail. It is saved automatically as you type. They can register your clicks and cursor movements as well. All they need to achieve this in most cases is Javascript enabled in your Browser (which is the case in most Browsers including Tor Browser by default).

While these methods are usually used for marketing purposes and advertising, they can also be a useful tool for fingerprinting users. This is because your behavior is most likely quite unique or unique enough that over time, you could be de-anonymized. Here are some examples: •



For example, as a basis of authentication, a user's typing speed, keystroke depressions, patterns of error (say accidentally hitting an “l” instead of a “k” on three out of every seven transactions) and mouse movements establishes that person’s unique pattern of behavior 132. Some commercial services such as TypingDNA (https://www.typingdna.com/ [Archive org]) even offer such analysis as a replacement for two factor authentications.

Analysis algorithms could then be used to match these patterns with other users and match you to a different known user. It is unclear if such data is already used or not by Governments and Law Enforcements agencies but it might be in the future. It could and probably will be used for investigations in the short or mid-term future to deanonymize users. Here is a fun example you try yourself to see some of those things in action: https://clickclickclick.click (no archive links for this one sorry). You will see it becoming interesting over time (this requires Javascript enabled). Here is also a recent example just showing what Google Chrome collects on you: https://web.archive.org/web/https://pbs.twimg.com/media/EwiUNH0UYAgLY7V?format=jpg&name=4096x4096 Here are some other resources on topic if you cannot see this documentary: •

2017, Behavior Analysis in Social Networks, https://link.springer.com/10.1007/978-1-4614-7163-9 110198-1

[Archive org]







2017, Social Networks and Positive and Negative Affect https://www.sciencedirect.com/science/article/pii/S1877042811013747/pdf?md5=253d8f1bb615d5dee195 d353dc077d46&pid=1-s2.0-S1877042811013747-main.pdf [Archive.org] 2015, Using Social Networks Data for Behavior and Sentiment Analysis https://www.researchgate.net/publication/300562034 Using Social Networks Data for Behavior and Se ntiment Analysis [Archive.org] 2016, A Survey on User Behavior Analysis in Social Networks https://www.academia.edu/30936118/A Survey on User Behaviour Analysis in Social Networks [Archive org]



2019, Influence and Behavior Analysis in Social Networks and Social Media https://sci-hub.do/10.1007/9783-030-02592-2 [Archive.org]

So, how can you mitigate this these? • •

This guide will provide some technical mitigations using Fingerprinting resistant tools but those might not be sufficient. You should apply common sense and try to identify your own patterns in your behavior and behave differently when using anonymous identities. This includes: o The way you type (speed, accuracy…). o The words you use (be careful with your usual expressions). o The type of response you use (if you are sarcastic by default, try to have a different approach with your identities). o …

Ultimately, this is mostly up to you to fool those algorithms by adopting new habits and not revealing real information when using your anonymous identities.

Your Clues about your Real Life and OSINT: These are clues you might give over time that could point to your real identity. You might be talking to someone or posting on some board/forum/Reddit. In those posts you might over time leak some information about your real life. These might be memories, experiences or clues you shared that could then allow a motivated adversary to build a profile to narrow their search. A real use and well-documented case of this was the arrest of the hacker Jeremy Hammond 133 who shared over time several details about his past and was later discovered. There are also a few cases involving OSINT at Bellingcat 134.Have a look at their very informative toolkit here: https://docs.google.com/spreadsheets/d/18rtqh8EG2q1xBo2cLNyhIDuK9jrPGwYr9DI2UncoqJQ/edit#gid=930747607 [Archive org]

You can also view a very convenient list of available OSINT tools here https://github.com/jivoi/awesome-osint [Archive org] and here https://jakecreps.com/tag/osint-tools/ [Archive.org] if you feel like trying some on yourself. As well as this interesting Playlist on YouTube: https://www.youtube.com/playlist?list=PLrFPX1Vfqk3ehZKSFeb9pVIHqxqrNW8Sy [Invidious] You should never ever share real personal experiences/details that could later lead to you using anonymous identities.

Your Face, Voice, Biometrics and Pictures: “Hell is other people”, even if you evade every method listed above, you are not out of the woods yet thanks to the widespread use of advanced Face recognition by everyone. Companies like Facebook have used advanced face recognition for years 135’ 136 and have been using other means (Satellite imagery) to create maps of “people” around the world 137. This evolution has been going on for years to the point we can now say “We lost control of our faces” 138. If you are walking in a touristy place, you will most likely appear in someone’s selfie within minutes without knowing it. That person will then proceed to upload that selfie to various platforms (Twitter, Google Photos, Instagram, Facebook, Snapchat …). Those platforms will then apply face recognition algorithms to those pictures under the pretext of allowing better/easier tagging or to better organize your photo library. In addition to this, the same picture will provide a precise timestamp and in most cases geolocation of where it was taken. Even if the person does not provide a timestamp and geolocation, it can still be guessed with other means 139’ 140. Here are a few resources for even trying this yourself: •





• •

Bellingcat, Guide To Using Reverse Image Search For Investigations: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-forinvestigations/ [Archive.org] Bellingcat, Using the New Russian Facial Recognition Site SearchFace https://www.bellingcat.com/resources/how-tos/2019/02/19/using-the-new-russian-facial-recognition-sitesearchface-ru/ [Archive.org] Bellingcat, Dali, Warhol, Boshirov: Determining the Time of an Alleged Photograph from Skripal Suspect Chepiga https://www.bellingcat.com/resources/how-tos/2018/10/24/dali-warhol-boshirov-determiningtime-alleged-photograph-skripal-suspect-chepiga/ [Archive.org] Bellingcat, Advanced Guide on Verifying Video Content https://www.bellingcat.com/resources/howtos/2017/06/30/advanced-guide-verifying-video-content/ [Archive.org] Bellingcat, Using the Sun and the Shadows for Geolocation https://www.bellingcat.com/resources/2020/12/03/using-the-sun-and-the-shadows-for-geolocation/ [Archive org]





• • •

Bellingcat, Navalny Poison Squad Implicated in Murders of Three Russian Activists https://www.bellingcat.com/news/uk-and-europe/2021/01/27/navalny-poison-squad-implicated-inmurders-of-three-russian-activists/ [Archive org] Bellingcat, Berlin Assassination: New Evidence on Suspected FSB Hitman Passed to German Investigators https://www.bellingcat.com/news/2021/03/19/berlin-assassination-new-evidence-on-suspected-fsbhitman-passed-to-german-investigators/ [Archive org] Bellingcat, Digital Research Tutorial: Investigating a Saudi-Led Coalition Bombing of a Yemen Hospital https://www.youtube.com/watch?v=cAVZaPiVArA [Invidious] Bellingcat, Digital Research Tutorial: Using Facial Recognition in Investigations https://www.youtube.com/watch?v=awY87q2Mr0E [Invidious] Bellingcat, Digital Research Tutorial: Geolocating (Allegedly) Corrupt Venezuelan Officials in Europe https://www.youtube.com/watch?v=bS6gYWM4kzY [Invidious]

Even if you are privazer vs bleachbit - Activators Patch looking at the camera, they can still figure out who you are 141, make out your emotions 142, analyze your gait 143 and probably guess your political affiliation 144’ 145.

Those platforms (Google/Facebook) already know who you are for a few reasons: • • • •

Because you have or had a profile with them and you identified yourself. Even if you never made a profile on those platforms, you still have one without even knowing it 146’ 147’ 148’ 149’ 150. Because other people have tagged you or identified you in their holidays/party pictures. Because other people have put a picture of you in their contact list which they then shared with them.

Here is also an insightful demo of Microsoft Azure you can try for yourself at https://azure.microsoft.com/enus/services/cognitive-services/face/#demo where you can detect emotions and compare faces from different pictures. Governments already know who you are because they have your ID/Passport/Driving License pictures and often added biometrics (Fingerprints) in their database. Those same governments are integrating those technologies (often provided by private companies such as the Israeli AnyVision 151, Clearview AI 152, or NEC 153) in their CCTV networks to look for “persons of interest” 154. And some heavily surveilled states like China have implemented widespread use of Facial Recognition for various purposes 155 including possibly identifying ethnic minorities 156. A simple face recognition error by some algorithm can ruin your life 157. Here are some resources detailing some techniques used by Law Enforcement today: • •

CCC video explaining current Law Enforcement surveillance capabilities: https://media.ccc.de/v/rc3-11406spot the surveillance#t=761 [Archive.org] EFF SLS: https://www.eff.org/sls [Archive.org]

Apple is making FaceID mainstream and pushing its use it to log you in in various services including the Banking systems.

Same goes with fingerprint authentication being mainstreamed by many smartphone makers to authenticate yourself. A simple picture where your fingers appear can be used to de-anonymize you 158. Same goes with your voice which can be analyzed by for various purposes as shown in the recent Spotify patent 159. We can safely imagine a near future where you will not be able to create accounts or sign-in anywhere without providing unique biometrics (A good time to re-watch Gattaca 160, Person of Interest 161 and Minority Report 162). And you can safely imagine how useful these large biometrics databases could be to some interested third parties. In addition, all this information can also be used against you (if you are already de-anonymized) using deepfake 163 by crafting false information (Pictures, Videos, Voice Recordings 164…) and have already been used for such purposes 165’ 166. There are even commercial services for this readily available such as https://www.respeecher.com/ [Archive org] and https://www.descript.com/overdub [Archive org]. See this demo: https://www.youtube.com/watch?v=t5yw5cR79VA [Invidious] At this time, there are a few steps 167 you can use to mitigate (and only mitigate) face recognition when conducting sensitive activities where CCTV might be present: • • • •

Wear a facemask as they have been proven to defeat some face recognition technologies 168 but not all 169. Wear a baseball cap or hat to mitigate identification from high angle CCTVs (filming from above) from recording your face. Remember this will not help against front-facing cameras. Wear sunglasses in addition to the facemask and baseball cap to mitigate identification from your eye’s features. Consider wearing special sunglasses (expensive unfortunately) called “Reflectacles” https://www.reflectacles.com/ [Archive org]. There was a small study showing their efficiency against IBM and Amazon facial recognition 170.

(Note that if you intend to use these where advanced facial recognition systems have been installed, these measures could also flag as you as suspicious by themselves and trigger a human check)

Phishing and Social Engineering: Phishing 171 is a social engineering 172 type of attack where an adversary could try to extract information from you by pretending or impersonating something/someone else. A typical case is an adversary using a man-in-the-middle86 attack or a fake e-mail/call to ask your credential for a service. This could for example be through e-mail or through impersonating financial services. Such attacks can also be used to de-anonymize someone by tricking them into downloading malware or revealing personal information over time. These have been used countless times since the early days of the internet and the usual one is called the “419 scam” (see https://en.wikipedia.org/wiki/Advance-fee scam [Archive.org]). Here is a good video if you want to learn a bit more about phishing types: Black Hat, Ichthyology: Phishing as a Science https://www.youtube.com/watch?v=Z20XNp-luNA [Invidious].

Malware, exploits, and viruses: Malware in your files/documents/e-mails: Using steganography or other techniques, it is easy to embed malware into common file formats such as Office Documents, Pictures, Videos, PDF documents… These can be as simple as HTML tracking links or complex targeted malware. These could be simple pixel sized images 173 hidden in your e-mails that would call a remote server to try and get your IP address. These could be exploiting a vulnerability in an outdated format or outdated reader. Such exploits could then be used to compromise your system.

See these good videos for more explanations on the matter: • •

What is a File Format? https://www.youtube.com/watch?v=VVdmmN0su6E [Invidious] Ange Albertini: Funky File Formats: https://www.youtube.com/watch?v=hdCs6bPM4is [Invidious]

You should always use extreme caution. To mitigate these attacks, this guide will later recommend the use of virtualization (See Appendix W: Virtualization) to mitigate leaking any information even in case of opening such a malicious file. If you want to learn how to try detecting such malware, see Appendix T: Checking files for malware

Malware and Exploits in your apps and services: So, you are using Tor Browser or Brave Browser over Tor. You could be using those over a VPN for added security. But you should keep in mind that there are exploits 174 (hacks) that could be known by an adversary (but unknown to the App/Browser provider). Such exploits could be used to compromise your system and reveal details to deanonymize you such as your IP address or other details. A real use case of this technique was the Freedom Hosting 175 case in 2013 where the FBI inserted malware 176 using a Firefox browser exploit on a Tor website. This exploit allowed them to reveal details of some Nitro Pro 13.42.3.855 Crack With Latest Activation Key [Latest 2021]. More recently, there was the notable SolarWinds 177 hack that breached several US government institutions by inserting malware into an official software update server. In some countries, Malware is just mandatory and/or distributed by the state itself. This is the case for instance in China with WeChat 178 which can then be used in combination with other data for state surveillance 179. There are countless examples of malicious browser extensions, smartphone apps and various apps that have been infiltrated with malware over the years. Here are some steps to mitigate this type of attack: • • •

You should never have 100% trust in the apps you are using. You should always check that you are using the updated version of such apps before use and ideally validate each download using their signature if available. You should not use such apps directly from a hardware system but instead use a Virtual Machine for compartmentalization.

To reflect these recommendations, this guide will therefore later guide you in the use of Virtualization (See Appendix W: Virtualization) so that even if your Browser/Apps get compromised by a skilled adversary, that adversary will find himself stuck in a sandbox 180 without being able to access identifying information, or compromise your system.

Malicious USB devices: There are readily available commercial and cheap “badUSB” 181devices that can take deploy malware, log your typing, geolocate you, listen to you or gain control of your laptop just by plugging them in. Here are some examples that you can already buy yourself. • • • •

Hak5, USB Rubber Ducky https://shop.hak5.org/products/usb-rubber-ducky-deluxe [Archive.org] Hak5, O.MG Cable https://www.youtube.com/watch?v=V5mBJHotZv0 [Invidious] Keelog https://www.keelog.com/ [Archive.org] AliExpress https://www.aliexpress.com/i/4000710369016.html [Archive.org]

Such devices can be implanted anywhere (charging cable, mouse, keyboard, USB key …) by an adversary and can be used to track you or compromise your computer or smartphone. The most notable example of such attacks is probably Stuxnet 182 in 2005. While you could inspect an USB key physically, scan it with various utilities, check the various components to see if they are genuine, you will most likely never be able to discover complex malware embedded in genuine parts of a genuine USB key by a skilled adversary without advanced forensics equipment 183.

To mitigate this, you should never trust such devices and plug them into sensitive equipment. If you use a charging device, you should consider the use of an USB data blocking device that will only allow charging but not any data transfer. Such data blocking devices are now readily available in many online shops. You should also consider disabling USB ports completely within the BIOS of your computer unless you need them (if you can).

Your files, documents, pictures, and videos: Properties and Metadata: This can be obvious to many but not to all. Most files have metadata attached to them. A good example are pictures which store EXIF 184 information which can contain a lot of information such as GPS coordinates, which camera/phone model took it and when it was taken precisely. While this information might not directly give out who you are, it could tell exactly where you were at a certain moment which could allow others to use different sources to find you (CCTV or other footage taken at the same place at the same time during a protest for instance). It is important that you verify any file you would put on those platforms for any properties that might contain any information that might lead back to you. Here is an example of EXIF data that could be on a picture:

(Illustration from Wikipedia)

By the way, this also works for videos. Yes, videos too have geo-tagging and many are very unaware of this. Here Is for instance a very convenient tool to geo-locate YouTube videos: https://mattw.io/youtube-geofind/location [Archive org]

For this reason, you will always have to be very careful when uploading files using your anonymous identities and check the metadata of those files. Even if you publish a simple text file, you should always double or triple check it for any information leakage before publishing. You will find some guidance about this in the Some additional measures against forensics section at the end of the guide.

Watermarking: Pictures/Videos/Audio: Pictures/Videos often contain visible watermarks indicating who is the owner/creator but there are also invisible watermarks in various products aiming at identifying the viewer itself. So, if you are a whistleblower and thinking about leaking some picture/audio/video file. Think twice. There are chances that those might contain invisible watermarking within them that would include information about you as a viewer. Such watermarks can be enabled with a simple switch in like Zoom (Video 185 or Audio 186) or with extensions 187 for popular apps such as Adobe Premiere Pro. These can be inserted by various content management systems. For a recent example where someone leaking a Zoom meeting recording was caught because it was watermarked: https://theintercept.com/2021/01/18/leak-zoom-meeting/ [Archive.org] Such watermarks can be inserted by various products 188’ 189’ 190’ 191 using Steganography 192 and can resist compression 193 and re-encoding 194’ 195. These iSeePassword Windows Password Recovery Pro 2.6.2.2 Crack Download 2021 are not easily detectable and could allow identification of the source despite all efforts. In addition to watermarks, the camera used for filming (and therefore the device used for filming) a video can also be identified using various techniques such as lens identification 196 which could lead to de-anonymization. Be extremely careful when publishing videos/pictures/audio files from known commercial platforms as they might contain such invisible watermarks in addition to details in the images themselves. Printing Watermarking: Did you know your printer is most likely spying on you too? Even if it is not connected to any network? This is usually a known fact by many people in the IT community but few outside people. Yes … Your printers can be used to de-anonymize you as well as explained by the EFF here https://www.eff.org/issues/printers [Archive.org] With this (old but still relevant) video explaining how from the EFF as well: https://www.youtube.com/watch?v=izMGMsIZK4U [Invidious] Basically, many printers will print an invisible watermark allowing for identification of the printer on every printed page. This is called Printer Steganography 197.There is no real way to mitigate this but to inform yourself on your printer and make sure it does not print any invisible watermark. This is obviously important if you intend to print anonymously. Here is an (old but still relevant) list of printers and brands who do not print such tracking dots provided by the EFF https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots privazer vs bleachbit - Activators Patch Here are also some tips from the Whonix documentation (https://www.whonix.org/wiki/Printing and Scanning [Archive org] ): Do not ever print in Color, usually watermarkings are not present without color toners/cartridges 198.

Pixelized or Blurred Information: Did you ever see a document with blurred text? Did you ever make fun of those movies/series where they “enhance” an image to recover seemingly impossible to read information? Well, there are techniques for recovering information from such documents, videos, and pictures. Here is for example an open-source project you could use yourself for recovering text from some blurred images yourself: https://github.com/beurtschipper/Depix [Archive.org]

This is of course an open-source project available for all to use. But you can probably imagine that such techniques have probably been used before by other adversaries. These could be used to reveal blurred information from published documents that could then be used to de-anonymize you. There are also tutorials for using such techniques using Photo Editing tools such as GIMP such as: https://medium.com/@somdevsangwan/unblurring-images-for-osint-and-more-part-1-5ee36db6a70b [Archive.org] followed by https://medium.com/@somdevsangwan/deblurring-images-for-osint-part-2-ba564af8eb5d [Archive.org]

Finally, you will find plenty of deblurring resources here: https://github.com/subeeshvasu/Awesome-Deblurring

[Archive org]

Some online services could even help you do this automatically to some extent like MyHeritage.com enhance tool: https://www.myheritage.com/photo-enhancer [Archive org] Here is the result of the above image:

Of course, this tool is more like “guessing” than really deblurring at this point but it could be enough to find you using various reverse image searching services. For this reason, it is always extremely important that you correctly redact and curate any document you might want to publish. Blurring is not enough and you should always completely blacken/remove any sensitive data to avoid any attempt at recovering data from any adversary.

Your Crypto currencies transactions: Contrary to popular belief, Crypto transactions (such as Bitcoin and Ethereum) are not anonymous 199. Most crypto currencies can be tracked accurately through various methods 200. Remember what they say on their own page: https://bitcoin.org/en/you-need-to-know [Archive.org] and https://bitcoin.org/en/protect-your-privacy [Archive.org]: “Bitcoin is not anonymous “ The main issue is not setting up a random Crypto wallet to receive some currency behind a VPN/Tor address (at this point, the wallet is anonymous). The issue is mainly when you want to convert Fiat money (Euros, Dollars …) to Crypto and then when you want to cash in your Crypto. You will have few realistic options but to transfer those to an exchange (such as Coinbase/Kraken/Bitstamp/Binance). Those exchanges have known wallet addresses and will keep detailed logs (due to KYC 201 financial regulations) and can then trace back those crypto transactions to you using the financial system 202. There are some crypto currencies with privacy/anonymity in mind like Monero but even those have some and warnings to consider 203’ 204. Even if you use Mixers or Tumblers 205 (services that specialize in “anonymizing” crypto currencies by “mixing them”), keep in mind this is only obfuscation 206 and not actual anonymity 207. Not only are they only obfuscation but they could also put you in trouble as you might end up exchanging your crypto against “dirty” crypto that was used in various questionable contexts 208. This does not mean you cannot use Bitcoin anonymously at all. You can actually use Bitcoin anonymously as long as you do not convert it to actual currency and use a Bitcoin wallet from a safe anonymous network. Meaning you should avoid KYC/AML regulations by various exchanges and avoid using the Bitcoin network from any known IP address. This also means you will not be able to convert these Bitcoin from/to real currency easily and without involving some risks. Overall, IMHO, the best option for using Crypto with reasonable anonymity and privacy is still Monero and you should ideally not use any other for sensitive transactions unless you are aware of the limitations.

Your Cloud backups/sync services: All companies are advertising their use of end-to-end encryption (E2EE). This is true for almost every messaging app and website (HTTPS). Apple and Google are advertising their use of encryption on their Android devices and their iPhones. But what about your backups? Those automated iCloud/google drive backups you have? Well, you should probably know that most of those backups are not fully end to end encrypted and will contain some of your information readily available for a third party. You will see their claims that data is encrypted at rest and safe from anyone … Except they usually do keep a key to access some of the data themselves. These keys are used for them indexing your content, recover your account, collecting various analytics. There are specialized commercial forensics solutions available (Magnet Axiom 209, Cellebrite Cloud 210) that will help an adversary analyze your cloud data with ease. Notable Examples: •







Apple iCloud: https://support.apple.com/en-us/HT202303 [Archive.org] : “Messages in iCloud also uses end-toend encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices. “. Google Drive and WhatsApp: https://faq.whatsapp.com/android/chats/about-google-drive-backups/ [Archive org] : “Media and messages you back up aren't protected by WhatsApp end-to-end encryption while in Google Drive. “. Dropbox: https://www.dropbox.com/privacy#terms [Archive.org] “To provide these and other features, Dropbox accesses, stores, and scans Your Stuff. You give us permission to do those things, and this permission extends to our affiliates and trusted third parties we work with”. Microsoft OneDrive: https://privacy.microsoft.com/en-us/privacystatement [Archive.org] : Productivity and communications products, “When you use OneDrive, we collect data about your usage of the service, as well as the content you store, to provide, improve, and protect the services. Examples include indexing the contents of your OneDrive documents so that you can search for them later and using location information to enable you to search for photos based on where the photo was taken”.

You should not trust cloud providers with your (not previously and locally encrypted) sensitive data and you should be wary of their privacy claims. In most cases they can access your data and provide it to a third party. The only way to mitigate this is to encrypt yourself your data on your side and then only upload it to such service.

Your Browser and Device Fingerprints: Your Browser and Device Fingerprints317 are set of properties/capabilities of your System/Browser. These are used on most websites for invisible user tracking but also to adapt the website user experience depending on their browser. For instance, websites will be able to provide a “mobile experience” if you are using a mobile browser or propose a specific language/geographic version depending on your fingerprint. Most of those techniques work with recent Browsers like Chromium 211 based browsers (such as Chrome) or Firefox 212 unless taking special measures. You can find a lot of detailed information and publications about this on these resources: • •

https://amiunique.org/links [Archive.org] https://brave.com/brave-fingerprinting-and-privacy-budgets/ [Archive.org]

Most of the time, those fingerprints will unfortunately be unique or nearly unique to your Browser/System. This means that even If you log out from a website and then log back in using a different username, your fingerprint might remain the same if you did not take precautionary measures. An adversary could then use such fingerprints to track you across multiple services even if you have no account on any of them and are using ad blocking. These fingerprints could in turn be used to de-anonymize you if you keep the same fingerprint between services.

It should also be noted that while some browsers and extensions will offer fingerprint resistance, this resistance in itself can also be used to fingerprint you as explained here https://palant.info/2020/12/10/how-anti-fingerprintingextensions-tend-to-make-fingerprinting-easier/ [Archive.org] This guide will mitigate these issues by mitigating, obfuscating, and randomizing many of those fingerprinting identifiers by using Virtualization (See Appendix W: Virtualization) and using by fingerprinting resistant Browsers.

Local Data Leaks and Forensics: Most of you have probably seen enough Crime dramas on Netflix or TV to know what forensics are. These are technicians (usually working for law enforcement) that will perform various analysis of evidence. This of course could include your smartphone or laptop. While these might be done by an adversary when you already got “burned”, these might also be done randomly during a routine control or a border check. These unrelated checks might reveal secret information to adversaries that had no prior knowledge of such activities. Forensics techniques are now very advanced and can reveal a staggering amount information from your devices even if they are encrypted213. These techniques are widely used by law enforcement all over the world and should be considered. Here are some recent resources you should read about your smartphone: • • •

UpTurn, The Widespread Power of U.S. Law Enforcement to Search Mobile Phones https://www.upturn.org/reports/2020/mass-extraction/ [Archive.org] New-York Times, The Police Can Probably Break Into Your Phone https://www.nytimes.com/2020/10/21/technology/iphone-encryption-police.html [Archive org] Vice, Cops Around the Country Can Now Unlock iPhones, Records Show https://www.vice.com/en/article/vbxxxd/unlock-iphone-ios11-graykey-grayshift-police [Archive org]

I also highly recommend that you read some documents from a forensics examiner perspective such as: •

• •

EnCase Forensic User Guide, http://encasedocs.opentext.com/documentation/encase/forensic/8.07/Content/Resources/External%20Files/EnCase%20 Forensic%20v8.07%20User%20Guide.pdf [Archive.org] FTK Forensic Toolkit, https://accessdata.com/products-services/forensic-toolkit-ftk [Archive.org] SANS Digital Forensics and Incident Response Videos, https://www.youtube.com/c/SANSDigitalForensics/videos

And finally, here is this very instructive detailed paper on the current state of IOS/Android security from the John Hopkins University: https://securephones.io/main.html 214. When it comes to your laptop, the forensics techniques are many and widespread. Many of those issues can be mitigated by using full disk encryption, virtualization (See Appendix W: Virtualization), and compartmentalization. This guide will later detail such threats and techniques to mitigate them.

Bad Cryptography: There is a frequent adage among the infosec community: “Don’t roll your own crypto!”. And there are reasons 215’ 216’ 217 for that: Personally, I would not want people discouraged from studying and innovating in the crypto field because of that adage. Drive SnapShot 1.48.0.18904 Crack + Keygen [Latest Version] 2021 Instead, I would recommend people to be cautious with “Roll your own crypto” because it is not necessarily good crypto. • • • •

Good cryptography is not easy and usually takes years of research to develop and fine-tune. Good cryptography is transparent and not proprietary/closed-source so it can be reviewed. Good cryptography is developed carefully, slowly, and rarely alone. Good cryptography is usually presented and discussed in conferences, and published on various journals.

• •

Good cryptography is extensively peer reviewed before it is released for use into the wild. Using and implementing existing good cryptography correctly is already a challenge.

Yet, this is not stopping some from doing it anyway and publishing various production Apps/Services using their own self-made cryptography or proprietary closed-source methods. •

• • •

You should apply caution when using Apps/Services using closed-source or proprietary encryption methods. All the good crypto standards are public and peer reviewed and there should be no issue disclosing the one you use. You should be wary of Apps/Services using a “modified” or proprietary cryptographic method 218. By default, you should not trust any “Roll your own crypto” until it was audited, peer-reviewed, vetted, and accepted by the cryptography community 219’ 220. There is no such thing as “military grade crypto” 221’ 222’ 223.

Cryptography is a complex topic and bad cryptography could easily lead to your de-anonymization. In the context of this guide, I recommend sticking to Apps/Services using well established, published, and peer reviewed methods. So, what to prefer and what to avoid as of 2021? You will have to look up for yourself to get the technical details of each app and see if they are using “bad crypto” or “good crypto”. Once you get the technical details, you could check this page for seeing what it is worth: https://latacora.micro.blog/2018/04/03/cryptographic-right-answers.html [Archive org]

Here are some examples: •







Hashes: o Prefer: SHA256 or SHA512 o Avoid: SHA-1, MD5, CRC, MD6 File/Disk Encryption: o Prefer: AES 256 Bits with HMAC-SHA-2 or HMAC-SHA-3 (This is what Veracrypt, Bitlocker, Filevault 2, KeepassXC, and LUKS use) o Avoid: Anything else Password Storage: o Prefer: argon2, scrypt, bcrypt or if not possible at least PBKDF2 (only as a last resort) o Avoid: SHA-3, naked SHA-2, SHA-1, MD5 Browser Security (HTTPS): o Prefer: TLS 1.3 (ideally TLS 1.3 with eSNI/ECH support) o Avoid: Anything Else

Here are some real cases of issues bad cryptography: • • •

Telegram: https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-the-mostbackdoor-looking/ [Archive.org] Cryptocat: https://web.archive.org/web/20130705051050/https://blog.crypto.cat/2013/07/new-criticalvulnerability-in-cryptocat-details/ Some other examples can be found here: https://www.cryptofails.com/ [Archive org]

No logging but logging anyway policies: Many people have the idea that privacy-oriented services such as VPN or E-Mail providers are safe due to their no logging policies or their encryption schemes. Unfortunately, many of those same people forget that all those providers are legal commercial entities subject to the laws of the countries in which they operate. Any of those providers can be forced to silently (without your knowing (using for example a court order with a gag order 224 or a national security letter 225) log your activity to de-anonymize you. There have been several recent examples of those:

• • • • •

2020, The Germany based mail provider Tutanota was forced to implement a backdoor to save unencrypted copies of the e-mails of one user 226. 2017, PureVPN was forced to disclose information of one user to the FBI 227. 2014, EarthVPN user was arrested based on logs provider to the Dutch Police 228. 2014, HideMyAss user was de-anonymized and logs were provided to the FBI 229. 2013, Secure E-Mail provider Lavabit shuts down after fighting a secret gag order 230.

Some providers have implemented the use of a Warrant Canary 231 that would allow their users to find out if they have been compromised by such orders but this has not been tested yet as far as I know. Finally, it is now well known that some companies might be sponsored front-ends for some state adversaries (see the Crypto AG story 232 and Omnisec story 233). For these reasons, it is important that you do not trust such providers for your privacy despite all their claims. In most cases, you will be the last person to know if any of your account was targeted by such orders and you might never know at all. To mitigate this, in cases where you want to use a VPN, I will recommend the use of a cash/Monero-paid VPN provider over Tor to prevent the VPN service from knowing any identifiable information about you.

Some Advanced targeted techniques:

(illustration: excellent movie I highly recommend: Das Leben der Anderen 234) There are many advanced techniques that can be used by skilled adversaries 235 to bypass your security measures provided they already know where your devices are. Many of those techniques are detailed here https://cyber.bgu.ac.il/advanced-cyber/airgap [Archive.org] (Air-Gap Research Page, Cyber-Security Research Center, Ben-Gurion University of the Negev, Israel) and include: •

Attacks that require a malware implanted in some device: o Exfiltration of Data through a Malware infected Router: https://www.youtube.com/watch?v=mSNt4h7EDKo [Invidious] o Exfiltration of Data through observation of Light variation in privazer vs bleachbit - Activators Patch Backlit keyboard with a compromised camera: https://www.youtube.com/watch?v=1kBGDHVr7x0 [Invidious]  Exfiltration of Data through a compromised Security Camera (that could first use the previous attack) https://www.youtube.com/watch?v=om5fNqKjj2M [Invidious]  Communication from outsider to compromised Security Cameras through IR light signals: https://www.youtube.com/watch?v=auoYKSzdOj4 [Invidious] o Exfiltration of data from a compromised air-gapped computer through acoustic analysis of the FAN noises with a smartphone https://www.youtube.com/watch?v=v2 sZIfZkDQ [Invidious] o Exfiltration of data from a malware infected air-gapped computer through HD Leds with a Drone https://www.youtube.com/watch?v=4vIu8ld68fc [Invidious]

Exfiltration of data from a USB malware on an air-gapped computer through electromagnetic interferences https://www.youtube.com/watch?v=E28V1t-k8Hk [Invidious] o Exfiltration of data from a malware infected HDD drive through covert acoustic noise https://www.youtube.com/watch?v=H7lQXmSLiP8 [Invidious] o Exfiltration of data through GSM frequencies from a compromised (with malware) air-gapped computer https://www.youtube.com/watch?v=RChj7Mg3rC4 [Invidious] o Exfiltration of data through electromagnetic emissions from a compromised Display device https://www.youtube.com/watch?v=2OzTWiGl1rM&t=20s [Invidious] o Exfiltration of data through magnetic waves from a compromised air-gapped computer to a Smartphone stored inside a Faraday bag https://www.youtube.com/watch?v=yz8E5n1Tzlo [Invidious] o Communication between two compromised air-gapped computers using ultrasonic soundwaves https://www.youtube.com/watch?v=yz8E5n1Tzlo [Invidious] o Exfiltration of Bitcoin Wallet from a compromised air-gapped computer to a smartphone https://www.youtube.com/watch?v=2WtiHZNeveY [Invidious] o Exfiltration of Data from a compromised air-gapped computer using display brightness https://www.youtube.com/watch?v=ZrkZUO2g4DE [Invidious] o Exfiltration of Data from a compromised air-gapped computer through vibrations https://www.youtube.com/watch?v=XGD343nq1dg [Invidious] o Exfiltration of Data from a compromised air-gapped computer by turning RAM into a Wi-Fi emitter https://www.youtube.com/watch?v=vhNnc0ln63c [Invidious] o Exfiltration of Data from a compromised air-gapped computer through power lines https://arxiv.org/abs/1804.04014 [Archive.org] Attacks that require no malware: o Observing a light bulb from a distance to listen to the sound in the room 236 without any malware: Demonstration: https://www.youtube.com/watch?v=t32QvpfOHqw [Invidious] o



Here is also a good video from the same authors to explain those topics: Black Hat, The Air-Gap Jumpers https://www.youtube.com/watch?v=YKRtFgunyj4 [Invidious] Realistically, this guide will be of little help against such adversaries as these malwares could be implanted on the devices by a manufacturer speedify vpn cracked apk anyone in the middle or by anyone with physical access to the air-gapped computer but there are still some ways to mitigate such techniques: • • • • • • •

Do not conduct sensitive activity while connected to an untrusted/unsecure power line to prevent power line leaks. Do not use your devices in front of a camera that could be compromised. Use your devices in a soundproofed room to prevent sound leaks. Use your devices in faraday cage to prevent electromagnetic leaks. Do not talk sensitive information where lightbulbs could be observed from outside. Buy your devices from different/unpredictable/offline places (shops) where the probability of them being infected with such malware is lower. Do not let anyone access your air-gapped computers except trusted people.

Some bonus resources: • • • • •

Have a look at the Whonix Documentation concerning Data Collection techniques here: https://www.whonix.org/wiki/Data Collection Techniques [Archive.org] You might also enjoy looking at this service https://tosdr.org/ [Archive.org] (Terms of Services, Didn’t Read) that will give you a good overview of the various ToS of many services. Have a look at https://www.eff.org/issues/privacy [Archive.org] for some more resources. Have a look at https://en.wikipedia.org/wiki/List of government mass surveillance projects [Archive org] to have an overview of all known mass-surveillance projects, current and past. Have a look at https://www.gwern.net/Death-Note-Anonymity [Archive org] (even if you don’t know about Death Note).



Consider finding and reading Michael Bazzell’s book “Open Source Intelligence Techniques” (8th edition as of this writing to find out more about recent OSINT techniques) https://inteltechniques.com/book1.html

[Archive org]



Finally, check https://www.freehaven.net/anonbib/date.html [Archive.org] for the latest academic papers related to Online Anonymity.

Notes: If you still do not think such information can be used by various actors to track you, you can see some statistics for yourself for some platforms and keep in mind those are only accounting for the lawful data requests and will not count things like PRISM, MUSCULAR, SORM or XKEYSCORE explained earlier: • • • • • • • • • • • • •

Google Transparency Report https://transparencyreport.google.com/user-data/overview [Archive org] Facebook Transparency Report https://transparency.facebook.com/ [Archive.org] Apple Transparency Report https://www.apple.com/legal/transparency/ [Archive org] Cloudflare Transparency Report https://www.cloudflare.com/transparency/ [Archive org] Snapchat Transparency Report https://www.snap.com/en-US/privacy/transparency [Archive.org] Telegram Transparency Report https://t.me/transparency [Archive org] (requires telegram installed) Microsoft Transparency Report https://www.microsoft.com/en-us/corporate-responsibility/lawenforcement-requests-report [Archive.org] Amazon Transparency Report https://www.amazon.com/gp/help/customer/display.html?nodeId=GYSDRGWQ2C2CRYEF [Archive.org] Dropbox Transparency Report https://www.dropbox.com/transparency [Archive.org] Discord Transparency Report https://blog.discord.com/discord-transparency-report-jan-june-20202ef4a3ee346d [Archive.org] GitHub Transparency Report https://github.blog/2021-02-25-2020-transparency-report/ [Archive.org] Snapchat Transparency Report https://www.snap.com/en-US/privacy/transparency/ [Archive.org] TikTok Transparency Report https://www.tiktok.com/safety/resources/transparency-report?lang=en [Archive org]

• •

Reddit Transparency Report https://www.reddit.com/wiki/transparency [Archive.org] Twitter Transparency Report https://transparency.twitter.com/ [Archive.org]

General Preparations: Personally, in the context of this guide, it is also interesting to have a look at your security model. And in this context, I only have one to recommend: Zero-Trust Security326 (“Never trust, always verify”). Here are some various resources about what is Zero-Trust Security: • •

DEFCON, Zero Trust a Vision for Securing Cloud, https://www.youtube.com/watch?v=euSsqXO53GY [Invidious] From the NSA themselves, Embracing a Zero Trust Security Model, https://media.defense.gov/2021/Feb/25/2002588479/-1/1/0/CSI EMBRACING ZT SECURITY MODEL UOO115131-21.PDF [Archive.org]

Picking your route: Here is a small basic UML diagram showing your options. See the details below.

Timing limitations: •



You have very limited time to learn and need a fast-working solution: o Your best option is to go for the TAILS route (excluding the persistent plausible deniability section). You have time and more importantly will to learn: o Go with any route.

Budget/Material limitations: •



You only have one laptop available and cannot afford anything else. You use this laptop for either work, family, or your personal stuff (or both): o Your best option is to go for the TAILS route. You can afford a spare dedicated unsupervised/unmonitored laptop for your sensitive activities: o But it is old, slow and has bad specs (less than 6GB of RAM, less than 250GB disk space, old/slow CPU):  You should go for the TAILS route.

o o o

It is not that old and it has decent specs (at least 6GB of RAM, 250GB of disk space or more, decent CPU):  You could go for TAILS, Whonix routes. It is new and it has great specs (more than 8GB of RAM, >250GB of disk space, recent fast CPU):  You could go for any route but I would recommend Qubes OS if your threat model allows it. If it is an ARM based M1 Mac:  Not possible currently for these reasons: • Virtualization of x86 images on ARM M1 Macs is still limited to commercial software (Parallels) which is not supported by Whonix yet. • Virtualbox is not available for ARM architecture yet. • Whonix is not supported on ARM architecture yet. • TAILS is not supported on ARM architecture yet. • Qubes OS is not supported on ARM architecture yet.

Your only option on M1 Macs is probably to stick with Tor Browses for now. But I would guess that if you can afford an M1 Mac you should probably get a dedicated x86 laptop for more sensitive activities.

Skills: • • • •

You have no IT skills at all the content of this guide looks like an alien language to you? o You should go with the TAILS route (excluding the persistent plausible deniability section). You have some IT skills and mostly understand this guide so far o You should go with TAILS (including the persistent plausible deniability section) or Whonix routes. You have moderate to high IT skills and you are already familiar with some of the content of this guide o You could go with anything you like but I would strongly recommend Qubes OS. You are a l33T hacker, “there is no spoon”, “the cake is a lie”, you have been using “doas” for years and “all your base are belong to us”, and you have strong opinions on systemd. o This guide is not really meant for you and will not help you with your hardened OpenBSD on your hardened Libreboot laptop ;-)

Adversaries (threats): • •





If your main concern is forensic examination of your devices: o You should go with the TAILS route (with optional persistent plausible deniability). If your main concerns are remote adversaries that might uncover your online identity in various platforms: o You could go with the Whonix or Qubes OS routes. o You could also go with TAILS (with optional persistent plausible deniability). If you absolutely want system IVT BlueSoleil 10.0.498.0 Crack With Serial Key Download Free 2021 plausible deniability254’ 237 despite the risks 238’257: o You could go with the TAILS Route including the persistent plausible deniability section. o You could go with the Whonix Route (on Windows Host OS only within the scope of this guide). If you are in a hostile environment where Tor/VPN usage alone is impossible/dangerous/suspicious: o You could go with the TAILS route (without using Tor). o You could go with the Whonix or Qubes OS route (without actually using Whonix).

In all cases, you should read these two pages from the Whonix documentation that will give you in depth insight about your Download Managers - Crack Key For U • • •

https://www.whonix.org/wiki/Warning [Archive.org] https://www.whonix.org/wiki/Dev/Threat Model [Archive.org] https://www.whonix.org/wiki/Comparison with Others [Archive org]

You might be asking yourself: “How do I know if I’m in a hostile online environment where activities are actively monitored and blocked?” •

First read more about it at the EFF here: https://ssd.eff.org/en/module/understanding-and-circumventingnetwork-censorship [Archive.org]

• • •

Check some data yourself here on the Tor Project OONI 239 (Open Observatory of Network Interference) website: https://explorer.ooni.org/ [Archive.org] Have a look at https://censoredplanet.org/ [Archive.org] and see if they have data about your country. Test for yourself using OONI (this can be risky in a hostile environment).

Steps for all routes: Always use passphrases instead of passwords and use a different one for each service. Do not make it easy for an adversary to access all your information because you used the same password everywhere248.

(Illustration by xkcd.com, licensed under CC BY-NC 2.5)

Get an anonymous Phone number: Skip this step if you have no intention of creating anonymous accounts on most mainstream platforms but just want anonymous browsing or if the platforms you will use allow registration without a phone number. Physical Burner Phone and prepaid SIM card: Get a burner phone: This is rather easy. Leave your smartphone off or power it off before leaving. Have some cash and go to some random flea market or small shop (ideally one without CCTV inside or outside and while avoiding being photographed/filmed) and just buy the cheapest phone you can find with cash and without providing any personal information. It only needs to be in working order. Personally, I would recommend getting an old “dumbphone” with a removable battery (old Nokia if your mobile networks still allow those to connect as some countries phased out 1G-2G completely). This is to avoid the automatic

sending/gathering of any telemetry/diagnostic data on the phone itself. You should never connect that phone to any Wi-Fi. It will also be crucial not to power on that burner phone ever (not even without the SIM card) in any geographical location that could lead to you (at your home/work for instance) and never ever at the same location as your other known smartphone (because that one has an IMEI/IMSI that will easily lead to you). This might seem like a big burden but it is not as these phones are only being used during the setup/sign-up process and for verification from time to time. See Appendix N: Warning about smartphones and smart devices You should test that the phone is in working order before going to the next step. But I will repeat myself and state again that it is important to leave your smartphone at home when going (or turn it off before leaving if you must keep it) and that you test the phone at a random location that cannot be tracked back to you (and again, do not do that in front of a CCTV, avoid cameras, be aware of your surroundings). No need for Wi-Fi at this place either. When you are certain the phone is in working order, disable Bluetooth then power it off (remove the battery if you can) and go back home and resume your normal activities. Go to the next step. Get an anonymous pre-paid SIM card: This is the hardest part of the whole guide. It is a SPOF (Single Point of Failure). The places where you can still buy prepaid SIM cards without ID registration are getting increasingly limited due to various KYC type regulations 240. So here is a list of places where you can still get them now: https://prepaid-data-simcard.fandom.com/wiki/Registration Policies Per Country [Archive.org] You should be able to find a place that is “not too far” and just go there physically to buy some pre-paid cards and top-up vouchers with cash. Do verify that no law was passed before going that would make registration mandatory (in case the above wiki was not updated). Try to avoid CCTV and cameras and do not forget to buy a Top Up voucher with the SIM card (if it is not a package) as most pre-paid cards will require a top-up before use. See Appendix N: Warning about smartphones and smart devices Double-check that the mobile operators selling the pre-paid SIM cards will accept the SIM activation and top-up without any ID registration of any kind before going there. Ideally, they should accept SIM activation and top-up from the country you reside in. Personally, I would recommend GiffGaff in the UK as they are “affordable”, do not require identification for activation and top-up and will even allow you to change your number up to 2 times from their website. One GiffGaff prepaid SIM card will therefore grant you 3 numbers to use for your needs. Power off the phone after activation/top-up and before going home. Do not ever power it on again unless you are not at a place that can be used to reveal your identity and unless your smartphone is powered off before going to that “not your home” place. Online Phone Number (less recommended): DISCLAIMER: Do not attempt this until you are done setting up a secure environment according to one of the selected routes. This step will require online access and should only be done from an anonymous network. Do not do this from any known/unsecure environment. Skip this until you have finished one of the routes. There are many commercial services offering numbers to receive SMS messages online but most of those have basically no anonymity/privacy and can be of no help as most Social Media platforms place a limit on how many times a phone number can be used for registration. There are some forums and subreddits (like r/phoneverification/) where users will offer the service of receiving such SMS messages for you for a small fee (using PayPal or some crypto payment). Unfortunately, these are full of scammer and very risky in terms of anonymity. You should not use those under any circumstance.

To this date, I do not know any reputable service that would offer this service and accept cash payments (by post for instance) like some VPN providers. But there are a few services providing online phone numbers and do accept Monero which could be reasonably anonymous (yet less recommended than that physical way in the previous chapter) that you could consider: •



Recommended: Do not require any identification (even e-mail): o (UK based) https://dtmf.io/ [Archive org] preferred because they even provide an onion hidden service address for direct access through the Tor Network at http://dtmfiovjh42uviqez6qn75igbagtiyo724hy3rdxm77dy2m5tt7lbaqd.onion/ o (Iceland based) https://crypton.sh [Archive org] o (Ukraine based) https://virtualsim.net/ [Archive.org] Do require identification (valid e-mail): o (Germany based) https://www.sms77.io/ [Archive.org] o (Russia based) https://onlinesim.ru/ [Archive.org]

There are some other possibilities listed here https://cryptwerk.com/companies/sms/xmr/ [Archive org]. Use at your own risk. DISCLAIMER: I cannot vouch for any of these providers and therefore I will still recommend doing it yourself physically. In this case you will have to rely on the anonymity of Monero and you should not use any service that requires any kind of identification using your real identity. Therefore IMHO, it is probably just more convenient, cheaper, and less risky to just get a pre-paid SIM card from one of the physical places who still sell them for cash without requiring ID registration. But at least there is an alternative if you have no other option.

Get an USB key: Get at least one or two decent size generic USB keys (at least 16GB but I would recommend 32GB). Please do not buy or use gimmicky self-encrypting devices such as these: https://syscall.eu/blog/2018/03/12/aigo part1/ [Archive.org] Some might be very efficient 241 but many are gimmicky gadgets that offer no real protection 242.

Find some safe places with decent public Wi-Fi: You need to find safe places where you will be able to do your sensitive activities using some publicly accessible WiFi (without any account/ID registration, avoid CCTVs). This can be anywhere that will not be tied to you directly (your home/work) and where you can use the Wi-Fi for a while without being bothered. But also, a place where you can do this without being “noticed” by anyone. If you think Starbucks is a good idea, you may reconsider: • •

They probably have CCTVs in all their shops and keep those recordings for an unknown amount of time. You will need to buy a coffee to get the Wi-Fi access code in most. If you pay this coffee with an electronic method, they will be able to tie your Wi-Fi access with your identity.

Situational awareness is key and you should be constantly aware of your surroundings and avoid touristy places like it was plagued by Ebola. You want to avoid appearing on any picture/video of anyone while someone is taking a selfie, making a TikTok video or posting some travel picture on their Instagram. If you do, remember chances are high that those pictures will end up online (publicly or privately) with full metadata attached to them (time/date/geolocation) and your face. Remember these can and will be indexed by Facebook/Google/Yandex/Apple and probably all 3 letters agencies. While this will not be available yet to your local police officers, it could be in the near future. You will ideally need a set of 3-5 different places such as this to avoid using the same place twice. Several trips will be required over the weeks for the various steps in this guide.

You could also consider connect to these places from a safe distance for added security. See Appendix Q: Using long range Antenna to connect to Public Wi-Fis from a safe distance.

The TAILS route: This part of the guide will help you in setting up TAILS if one of the following is true: o o o o

You cannot afford a dedicated laptop Your dedicated laptop is just too old and too slow You have very low IT skills You decide to go with TAILS anyway

TAILS 243 stands for The Amnesic Incognito Live System. It is a bootable Live Operating System running from a USB key that is designed for leaving no traces and forcing all connections through the Tor network. You pretty much insert the Tails USB key into your laptop, boot from it and you have a full operating system running with privacy and anonymity in mind. As soon as you shut down the computer, everything will be gone unless you saved it somewhere. Tails is a very easy way to get going in no time with what you have and without much learning. It has extensive documentation and tutorials. It does however have some drawbacks: •

• • • • •

Tails uses Tor and therefore you will be using Tor to access any resource on the internet. This alone will make you suspicious to most platforms where you want to create anonymous accounts (this will be explained in more details later). Your ISP (whether it is yours or some public Wi-Fi) will also see that you are using Tor and this could make you suspicious in itself. Tails does not include (natively) some of the software you might want to use later which will complicate things quite a bit if you want to run some specific things (Android Emulators for instance). Tails uses Tor Browser which while it is very secure will be detected as well by most platforms and will hinder you in creating anonymous identities on many platforms. Tails will not protect you more from the 5$ wrench11. Tor in itself might not be enough to protect you from an adversary with enough resources as explained earlier.

Important Note: If your laptop is monitored/supervised and some local restrictions are in place, please read Appendix U: How to bypass (some) local restrictions on supervised computers. You should also read Tails Documentation, Warnings, and limitations, before going further https://tails.boum.org/doc/about/warning/index.en.html [Archive.org] Taking all this into account and the fact that their documentation is great, I will just redirect you towards their wellmade and well-maintained tutorial: https://tails.boum.org/install/index.en.html [Archive.org]pick your flavor and proceed. When you are done and have a working Tails on your laptop, go to the Creating your anonymous online identities step much further in this guide. If you’re having issue accessing Tor due to censorship or other issues, you can try using Tor Bridges by following this TAILS tutorial: https://tails.boum.org/doc/first steps/welcome screen/bridge mode/index.en.html [Archive.org] and find more information about these on Tor Documentation https://2019.www.torproject.org/docs/bridges [Archive.org] If you think using Tor alone is dangerous/suspicious, see Appendix P: Accessing the internet as safely as possible when Tor/VPN is not an option

Persistent Plausible Deniability using Whonix within TAILS: Consider checking the https://github.com/aforensics/HiddenVM [Archive.org] project for TAILS.

This project is a clever idea of a one click self-contained VM solution that you could store on an encrypted disk using plausible deniability254 (see The Whonix route: first chapters and also for some explanations about Plausible deniability, as well as the How to securely delete specific files/folders/data on your HDD/SDD and Thumb drives: section at the end of this guide for more understanding). This would allow the creation of a hybrid system mixing TAILS with the Virtualization options of the Whonix route in this guide.

Note: See Pick your connectivity method in the Whonix Route for more explanations about Stream Isolation In short: • • •

You could run non-persistent TAILS from one USB key (following their recommendations) You could store persistent VMs within a secondary contained that could be encrypted normally or using Veracrypt plausible deniability feature (these could be Whonix VMs for instance or any other). You do benefit from the added Tor Stream Isolation feature (see Tor over VPN for mor info about stream isolation).

In that case as the project outlines it, there should be no traces of any of your activities on your computer and the sensitive work could be done from VMs stored into a Hidden container that should not be easily discoverable by a soft adversary. This option is particularly interesting for “traveling light” and to mitigate forensics attacks while keeping persistence on your work. You only need 2 USB keys (one with TAILS and one with a Veracrypt container containing persistent Whonix). The first USB key will appear to contain just TAILS and the second USB will appear to contain just random garbage but will have a decoy volume which you can show for plausible deniability. You might also wonder if this will result in a “Tor over Tor” setup but it will not. The Whonix VMs will be accessing the network directly through clearnet and not through TAILS Onion Routing. In the future, this could also be supported by the Whonix project themselves as explained here: https://www.whonix.org/wiki/Whonix-Host [Archive.org] but it not yet recommended as of now for end-users. Remember that encryption with or without plausible deniability is not a silver bullet and will be of little use in case of torture11. As a matter a fact, depending on who your adversary would be (your threat model), it might be wise not to use Veracrypt (formerly TrueCrypt) at all as shown in this demonstration: https://defuse.ca/truecrypt-plausibledeniability-useless-by-game-theory.htm [Archive org] Plausible deniability is only effective against soft lawful adversaries that will not resort to physical means.

See https://en.wikipedia.org/wiki/Rubber-hose cryptanalysis [Archive.org] CAUTION: Please see Appendix K: Considerations for using external SSD privazer vs bleachbit - Activators Patch and Understanding HDD vs SSD sections if you consider storing such hidden VMs on an external SSD drive: • • •

Do not use hidden volumes on SSD drives as this is not supported/recommended by Veracrypt 244. Use instead file containers instead of encrypted volumes. Make sure you do know how to clean data from an external SSD drive properly.

Here is my guide on how to achieve this: First Run: • Download the latest HiddenVM release from https://github.com/aforensics/HiddenVM/releases [Archive.org] • Download the latest Whonix XFCE release from https://www.whonix.org/wiki/VirtualBox/XFCE [Archive.org] • Prepare a USB Key/Drive with Veracrypt o Create a Hidden Volume on the USB/Key Drive (I would recommend at least 16GB for the hidden volume) o In the Outer Volume, place some decoy files o In the Hidden Volume, place the HiddenVM appimage file o In the Hidden Volume, place the Whonix XFCE ova file • Boot into TAILS • Setup the Keyboard layout as you want. • Select Additional Settings and set an administrator (root) password (needed for installing HiddenVM) • Start Tails • Connect to a safe wi-fi (this is a required step for the rest to work) • Go into Utilities and Unlock your Veracrypt (hidden) Volume (do not forget to check the hidden volume checkbox) • Launch the HiddenVM appimage • When prompted to select a folder, select the Root of the Hidden volume (where the Whonix OVA and HiddenVM app image files are). • Let it do its thing (This will basically install Virtualbox within Tails with one click) • When it is done, it should automatically start Virtualbox Manager. • Import the Whonix OVA files (see Whonix Virtual Machines:) Note, if during the import privazer vs bleachbit - Activators Patch are having issues such as “NS_ERROR_INVALID_ARG (0x80070057)”, this is probably because there is not enough disk space on your Hidden volume for Whonix. Whonix themselves recommend 32GB of free space but that’s probably not necessary and 10GB should be enough for a start. You can try working around this error by renaming the Whonix *.OVA file to *.TAR and decompressing it within TAILS. When you are done with decompression, delete the OVA file and Import the other files with the Import wizard. This time it might work. Subsequent Runs: • Boot into TAILS • Connect to Wi-Fi • Unlock your Hidden Volume • Launch the HiddenVM App • This should automatically open VirtualBox manager and show your previous VMs from the first run

Steps for all other routes: Get a dedicated laptop for your sensitive activities: Ideally, you should get a dedicated laptop that will not be tied to you in any easy way (ideally paid with cash anonymously and using the same precautions as previously mentioned for the phone and the SIM card). It is recommended but not mandatory because this guide will help you harden your laptop as much as possible to prevent data leaks through various means. There will be several lines of defense standing between your online

identities and yourself that should prevent most adversaries from de-anonymizing you besides state/global actors with considerable resources. This laptop should ideally be a clean freshly installed Laptop (Running Windows, Linux or MacOS), clean of your normal day to day activities and offline (never connected to the network yet). In the case of a Windows laptop, and if you used it before such a clean install, it should also not be activated (re-installed without a product key). Specifically in the case of MacBooks, it should never have been tied to your identity before in any means. So, buy second-hand with cash from an unknown stranger who does not know your identity This is to mitigate some future issues in case of online leaks (including telemetry from your OS or Apps) that could compromise any unique identifiers of the laptop while using it (MAC Address, Bluetooth Address, and Product key …). But also, to avoid being tracked back if you need to dispose of the laptop. If you used this laptop before for different purposes (like your day-to-day activities), all its hardware identifiers are probably known and registered by Microsoft or Apple. If later any of those identifiers is compromised (by malware, telemetry, exploits, human errors …) they could lead back to you. The laptop should have at least 250GB of Disk Space at least 6GB (ideally 8GB or 16GB) of RAM and should be able to run a couple of Virtual Machines at the same time. It should have a working battery that lasts a few hours. This laptop could have an HDD (7200rpm) or an SSD/NVMe drive. Both possibilities have their benefits and issues that will be detailed later. All future online steps performed with this laptop should ideally be done from a safe network such as a Public Wi-Fi in a safe place (see Find some safe places with decent public Wi-Fi). But several steps will have to be taken offline first.

Some laptop recommendations: If you can afford it, you might consider getting a Purism Librem laptop (https://puri.sm [Archive.org]) or System76 laptops (https://system76.com/ [Archive org]) while using Coreboot 245 (where Intel IME is disabled from factory). In other cases, I would strongly recommend getting Business grade laptops (meaning not consumer/gaming grade laptops) if you can. For instance, some ThinkPad from Lenovo (my personal favorite). Here are lists of laptops currently supporting Libreboot and others where you can flash Coreboot yourself (that will allow you to disable Intel IME or AMD PSP): • • •

https://freundschafter.com/research/system-alternatives-without-intel-me-iamt-and-amd-psp-securetechnology/ [Archive.org] https://libreboot.org/docs/hardware/ [Archive.org] https://coreboot.org/status/board-status.html [Archive.org]

This is because those business laptops usually offer better and more customizable security features (especially in the BIOS/UEFI settings) with longer support than most consumer laptops (Asus, MSI, Gigabyte, Acer…). The interesting features to look for are IMHO: • • •

• • •

Better custom Secure Boot settings (where you can selectively manage all the keys and not just use the Standard ones) HDD/SDD passwords in addition to just BIOS/UEFI passwords. AMD laptops could be more interesting as some provide the ability to disable AMD PSP (the AMD equivalent of Intel IME) from the BIOS/UEFI settings by default. And, because AFAIK, AMD PSP was audited and contrary to IME was not found to have any “evil” functionalities 246. However, if you are going for the Qubes OS Route consider Intel as they do not support AMD with their anti-evil-maid system 247. Secure Wipe tools from the BIOS (especially useful for SDD/NVMe drives, see Appendix M: BIOS/UEFI options to wipe disks in various Brands). Better control over the disabling/enabling of select peripherals (USB ports, Wi-Fis, Bluetooth, Camera, Microphone …). Better security features with Virtualization.

• • •

Native anti-tampering protections. Longer support with BIOS/UEFI updates (and subsequent BIOS/UEFI security updates). Some are supported by Libreboot

Bios/UEFI/Firmware Settings of your laptop: PC: These settings can be accessed through the boot menu of your laptop. Here is a good tutorial from HP explaining all the ways to access the BIOS on various computers: https://store.hp.com/us/en/tech-takes/how-to-enter-bios-setupwindows-pcs [Archive.org] Usually how to access it is pressing a specific key (F1, F2 or Del) at boot (before your OS). Once you are in there, you will need to apply a few recommended settings: • • • •



• • • • • •

Disable Bluetooth completely if you can. Disable Biometrics (fingerprint scanners) if you have any if you can. However, you could add a biometric additional check for booting only (pre-boot) but not for accessing the BIOS/UEFI settings. Disable the Webcam and Microphone if you can. Enable BIOS/UEFI password and use a long passphrase 248 instead of a password if you can and make sure this password is required for: o Accessing the BIOS/UEFI settings themselves o Changing the Boot order o Startup/Power-on of the device Enable HDD/SDD password if the feature is available. This feature will add another password on the HDD/SDD itself (not in the BIOS/UEFI firmware) that will prevent this HDD/SDD from being used in a different computer without the password. Note that this feature is also specific to some manufacturers and could require specific software to unlock this disk from a completely different computer. Prevent accessing the boot options (the boot order) without providing the BIOS/UEFI password if you can. Disable USB/HDMI or any other port (Ethernet, Firewire, SD card …) if you can. Disable Intel ME if you can. Disable AMD PSP if you can (AMD’s equivalent to IME, see Your CPU) Disable Secure Boot if you intend to use QubesOS as they do not support it out of the box 249. Keep it on if you intend to use Linux/Windows. Check if your laptop BIOS has a secure erase option for your HDD/SDD that could be convenient in case of need.

Only enable those on a “need to use” basis and disable then again after use. This can help mitigate some attacks in case your laptop is seized while locked but still on OR if you had to shut it down rather quickly and someone took possession of it (this topic will be explained later in this guide). About Secure boot: So, what is Secure Boot 250? In short, it is a UEFI security feature designed to prevent your computer from booting an operating system from which the bootloader was not signed by specific keys stored in the UEFI firmware of your laptop. Basically, when the Operating Systems (or the Bootloader 251) supports it, you can store the keys of your bootloader in your UEFI firmware and this will prevent booting up any unauthorized Operating System (such as a live OS USB or anything similar). Secure Boot settings are protected be the password you setup to access the BIOS/UEFI settings. If you have that password, you can disable Secure Boot and allow unsigned OSes to boot on your system. This can help mitigate some Evil-Maid attacks (explained later in this guide). In most cases Secure Boot is disabled by default or is enabled but in “setup” mode which will allow any system to boot. For Secure Boot to work, your Operating System will have support it and then sign its bootloader and push

those signing keys to your UEFI firmware. After that you will have to go to your BIOS/UEFI settings and save those pushed keys from your OS and change the Secure Boot from setup to user mode (or custom mode in some cases). After doing that step, only the Operating Systems from which your UEFI firmware can verify the integrity of the bootloader will be able to boot. Most laptops will have some default keys already stored in the secure boot settings. Usually those from the manufacturer itself or from some companies such as Microsoft. So, this means that by default, it will always be possible to boot some USB disks even with secure boot. These includes Windows, Fedora, Ubuntu, Mint, Debian, CentOS, OpenSUSE, TAILS, Clonezilla and many others. Secure Boot is however not supported at all by QubesOS at this point. In some laptops, you can manage those keys and remove the ones you do not want with a “custom mode” to only authorize your own bootloader that you could sign yourself if you really want to. So, what is Secure Boot protecting you from? It will protect your laptop from booting unsigned bootloaders (by the OS provider) with for instance injected malware. What is Secure Boot not protecting you from? • •



Secure Boot is not encrypting your disk and an adversary can still just remove the disk from your laptop and extract data from it using a different machine. Secure Boot is therefore useless without full disk encryption. Secure Boot is not protecting you from a signed bootloader that would be compromised and signed by the manufacturer itself (Microsoft for example in the case of Windows). Most mainstream Linux distributions are signed these days and will boot with Secure Boot enabled. Secure Boot can have flaws and exploits like any other system. If you are running an old laptop that does not benefit from new BIOS/UEFI updates, these can be left unfixed.

Additionally, there are number of attacks that could be possible against Secure Boot as explained (in depth) in these technical videos: • •

Defcon 22, https://www.youtube.com/watch?v=QDSlWa9xQuA [Invidious] BlackHat 2016, https://www.youtube.com/watch?v=0fZdL3ufVOI [Invidious]

Источник: https://ebin.pub/the-hitchhikers-guide-to-online-anonymity-version-094-may-2021-version-094-version-094nbsped-1234950554.html
你在想屁吃?
189321‑11‑1751.AStupidBear/scoop-bear: Scoop bucket for niche apps589221‑10‑1352.uranusjr/pipx-standalone: Build script and manifest to publish pipx to Scoop18021‑06‑0753.nueko/scoop-php: PHP Bucket for http://scoop.sh4387320‑12‑0954.excitoon/scoop-user: User Scoop repository677321‑04‑1055.naderi/scoop-bucket: My scoop bucket2457221‑11‑1956.BjoernPetersen/scoop-misc-bucket: A scoop bucket containing some useful programs missing in the default buckets107121‑11‑1057.42wim/scoop-bucket: Personal scoop bucket. Support for chrome and ms edge.166221‑11‑1958.Darkatse/Scoop-Darkatse: Personal bucket with wide variety of applications of all kind.206121‑11‑1959.secrethub/scoop-secrethub: Scoop bucket with a collection of SecretHub tools.16121‑11‑0860.jfut/scoop-jfut: 📦 “jfut” bucket for http://scoop.sh356021‑11‑1961.krproject/qi-windows: 器,工欲善其事,必先利其器!Windows Scoop Bucket146021‑04‑0362.ChinLong/scoop-customize: It is customize for scoop-extras136021‑04‑1663.Apocalypsor/My-Scoop-Bucket: My Scoop Bucket116021‑11‑1964.hoilc/scoop-lemon: 🍋Yet Another Personal Bucket for Scoop2765421‑11‑1965.batkiz/backit: a scoop bucket1455221‑11‑1966.mogeko/scoop-sysinternals: Install Sysinternals via scoop755121‑09‑0967.Velgus/Scoop-Portapps: A Scoop bucket for the Portapps collection605121‑11‑1068.MCOfficer/scoop-bucket: My personal scoop bucket.555121‑11‑1969.iquiw/scoop-bucket: My personal scoop bucket295121‑11‑1770.yuanying1199/scoopbucket: my scoop bucket195121‑11‑1871.liaoya/scoop-bucket: Tom’s scoop bucket which contain the software does not exist in main and extras scoop bucket165121‑09‑0972.nickbudi/scoop-bucket: Scoop bucket for portableapps.com apps, games, and other packages I use that aren’t found in the main or known buckets (yet).375021‑11‑1473.Darkatse/Scoop-KanColle: A scoop bucket for KanColle players135021‑11‑0274.chatterzhao/Scoop-bucket-cn: Scoop-bucket-cn115021‑11‑1675.trizau/scoop-bucket: scoop应用汇总 - windows应用下载器85020‑12‑0476.snyk/scoop-snyk: A Scoop Bucket for Snyk, making installation on Windows easier24821‑11‑1877.Rigellute/scoop-bucket: Scoop bucket for spotify-tui14321‑09‑2778.rivy/scoop-bucket3494221‑11‑1379.hulucc/bucket: my scoop bucket154121‑11‑0580.Velgus/Scoop-Velgus: A Scoop bucket with a few applications84121‑11‑0781.onlyice/scoop-bucket: Scoop bucket containing useful tools24118‑11‑1482.jfut/scoop-pleiades: 📦 A Scoop Bucket for Pleiades All in One Eclipse2164021‑11‑1383.littleli/Scoop-littleli: Littleli’s personal scoop bucket384021‑11‑1984.yuusakuri/scoop-bucket264021‑11‑1385.se35710/scoop-ibm: Scoop bucket for IBM WebSphere Liberty144021‑10‑2886.FDUZS/spoon: A Scoop bucket for personal use.104021‑11‑1987.comp500/scoop-comp500: General Scoop bucket for programs I use74021‑11‑0388.goreleaser/scoop-bucket: Scoop bucket for @goreleaser binaries, powered by @goreleaser34021‑11‑1489.alphagocc/lampyridae: My scoop bucket34021‑10‑0390.star2000/scoop-ext-laragon: Manage laragon app from scoop14020‑09‑2391.stripe/scoop-stripe-cli131021‑11‑0992.nueko/php-ext-bucket: Scoop Bucket for PHP Extensions543318‑06‑1493.alextwothousand/scoop-bucket: A scoop bucket containing all sorts I find useful.133321‑07‑0294.NSIS-Dev/scoop-nsis: NSIS bucket for scoop, a command-line installer for Windows673221‑09‑3095.raisercostin/raiser-scoop-bucket: My scoop installable scripts - https://github.com/lukesampson/scoop/wiki/Buckets183221‑05‑0396.TianXiaTech/scoop-txt: A new bucket for scoop which contains chinese applications163221‑11‑1997.tokiedokie/scoop-search: yet another scoop search13221‑10‑1498.red/scoop-bucket13220‑10‑2499.ACooper81/scoop-apps: A personal bucket for http://scoop.sh2983121‑11‑19100.jingyu9575/scoop-jingyu9575: Personal bucket for Scoop.sh453121‑11‑14101.huangnauh/carrot: huangnauh’s personal scoop bucket913021‑11‑19102.Deide/deide-bucket: Personal bucket for Scoop.sh613021‑11‑12103.starise/Scoop-Confetti: Bucket of Confetti 🎊 for Scoop: command-line installer for Windows.513021‑11‑19104.seumsc/scoop-seu: Another Scoop bucket.283021‑11‑19105.ProfElements/EmulatorBucket: A bucket full of emulators273021‑04‑14106.Pengxn/xn: :package: A personal bucket for scoop.73021‑11‑16107.TonyZYT2000/scoop-Andromeda: A Scoop bucket containing softwares I like.63021‑10‑01108.Faustvii/scoop-bucket: Scoop bucket for some of my custom tools or apps I need23021‑04‑12109.wsdjeg/scoop-neovim-dev13021‑10‑06110.twpayne/scoop-bucket: Scoop bucket, see https://scoop.sh.13021‑11‑07111.ScoopInstaller/Nightlies: 📦 A Scoop bucket for nightly versions of apps. (scoop’s built-in bucket ‘nightlies’)12421‑08‑10112.janet-lang/scoop: Scoop bucket for janet12321‑10‑14113.maman/scoop-bucket: Additional buckets for scoop - homebrew for windows72217‑05‑26114.dmeiners88/my-scoops: My personal scoop app manifests. See https://scoop.sh/.72221‑11‑13115.jmcarbo/scoopbucket: Scoop bucket install definitions62220‑01‑20116.dzxs/scoop-dzxs52220‑04‑25117.replit/scoop-bucket: Scoop bucket for Repl.it open-source.12221‑04‑09118.ShuguangSun/sgs-scoop-bucket: scoop bucket532121‑11‑19119.ondr3j/scoop-misc: My “Miscellaneous” bucket for Scoop382120‑12‑25120.ddavness/scoop-roblox: Useful command-line utilities for Roblox Development102121‑08‑07121.netlify/scoop-netlifyctl12120‑08‑07122.DopplerHQ/scoop-doppler: Package Manager Doppler CLI for Windows12121‑11‑18123.athrunsun/scoop-bucket: Personal scoop bucket.522021‑11‑19124.tobyvin/scoop-tobyvin: My personal Scoop bucket262021‑09‑22125.Milo123459/cone: Personal Scoop bucket252021‑11‑19126.lurdan/scoop-bucket242021‑09‑01127.ba230t/scoop-bucket: My personal scoop bucket.222021‑11‑19128.littleli/Scoop-AtariEmulators: The most complete collection of Atari computer and console emulators152021‑11‑17129.BlueHeaven1969/rsp-scoop: My scoop bucket142021‑11‑13130.wenmin92/scoop-wenmin92: my favorite apps that not on known bucket82021‑11‑12131.NyaMisty/scoop_bucket_misty52021‑11‑19132.pigsflew/scoop-arbitrariae: This is a scoop bucket for things I use which are not currently in other buckets. Pull requests happily accepted.42021‑05‑08133.GreatGodApollo/trough: The Brett Bender Scoop bucket42021‑04‑26134.dschaefer/scoop-tools816: Scoop bucket for emulators and tools for the Commander X1642019‑06‑06135.Dragon1573/Scoop-Bucket: Personal Scoop Bucket (Rarely used apps only)42021‑11‑19136.lesstif/scoop-bucket-for-korean: 네이버 나눔 폰트 scoop 버킷.22020‑05‑24137.tangramdotdev/scoop: Install Tangram with Scoop.12021‑08‑17138.supabase/scoop-bucket12021‑11‑11139.ory/scoop-ory12021‑10‑27140.ory/scoop-kratos12021‑10‑28141.ethersphere/scoop: Scoop repo for Ethersphere12021‑11‑04142.dotenv-linter/scoop: 💻 Scoop manifest for dotenv-linter ⚡️12021‑08‑25143.ory/scoop-hydra11321‑10‑27144.owenvoke/scoop-bucket: A custom bucket for Scoop.141221‑11‑16145.rohitnarayanan/scoop-apps: private bucket for scoop apps not available in public buckets71219‑04‑15146.WiiDatabase/scoop-bucket: WiiDatabase scoop.sh bucket641121‑11‑04147.CALMorACT/hola_bucket: Use for scoop to store my useful apps271121‑11‑18148.MarkMichaelis/ScoopBucket251121‑11‑18149.Mushus/scoop-bucket: scoop bucket vstプラグインだけで分けたほうが良さそうなのでリポジトリ移動するかも。131119‑04‑02150.guitarrapc/scoop-bucket: A bucket for https://github.com/lukesampson/scoop111121‑11‑16151.MarksonHon/repo: A Scoop bucket81121‑08‑20152.Sandex/scoop-supernova: Scoop bucket61118‑05‑04153.Kazanami/zeus-bucket: My Original Bucket61121‑09‑04154.wrokred/phpdev-scoop-bucket: Basic Scoop bucket to manage installs needed for modern php framework.51117‑05‑31155.tilt-dev/scoop-bucket: Tilt releases for the Scoop package manager21121‑11‑12156.keys-pub/scoop-bucket21121‑07‑09157.wareismymind/wareismy-scoop: Scoop bucket for wimm cli tools11121‑10‑30158.frostming/scoop-frostming: My personal scoop bucket11121‑11‑18159.p8rdev/scoop-portableapps: a soop bucket for software hosted in https://portableapps.com/4401021‑03‑24160.brave-simpletons/scoop-the-business: Another bucket for scoop751021‑11‑19161.warexify/scoop-edk2-buildtools: Scoop bucket for installing edk2-buildtools691021‑11‑19162.ACooper81/scoop-shortcuts: A personal bucket for http://scoop.sh631021‑04‑29163.davidxuang/scoop-type: Scoop bucket for fonts.531021‑11‑07164.jonz94/scoop-sarasa-nerd-fonts: 📦 A scoop bucket for installing Sarasa Gothic nerd fonts481021‑11‑08165.aoisummer/scoop-bucket: A personal bucket for scoop.351021‑11‑07166.eamat-dot/scoop: my scoop bucket (Japanese)311021‑10‑29167.pfmoore/scoop-enk: Scoop Bucket291021‑11‑14168.digrouz/scoop-digrouz: Scoop bucket with stuff that could not be merged in official buckets.291021‑11‑18169.hirsaeki/scoop-sup: scoop manifests personally nessesary271021‑11‑07170.vidarkongsli/vidars-scoop-bucket201018‑08‑05171.kltk/scoop-bucket201021‑11‑19172.littleli/scoop-garage: Scoop bucket with experimental manifests.191021‑11‑03173.jonisb/Misc-scoops: My https://scoop.sh bucket of misc apps161021‑11‑15174.fredjoseph/scoop-bucket: bucket for Scoop installer161021‑11‑14175.DavidBrockmeier/bucket: scoop bucket121021‑10‑25176.DimiG/dgBucket: Scoop personal bucket111021‑06‑24177.starise/Scoop-Gaming: Scoop Bucket of 🕹️ PC Gaming apps for video gamers.101021‑11‑17178.Bennett-Yang/bencket: a small bucket for Scoop101021‑11‑19179.yutahaga/scoop-bucket: my scoop bucket91019‑04‑07180.pyspa/pyspa-bucket: pyspa scoop bucket91020‑06‑24181.tkit1994/scoop_bucket: My custom scoop bucket81021‑11‑16182.shacal/scoop-bucket: Scoop bucket list of apps to install81021‑01‑12183.wsw0108/scoop-bucket: Scoop bucket, see https://scoop.sh.71021‑11‑10184.TangentFoxy/ScoopBucket-ThirdParty: Bucket for Scoop to install cool stuff I didn’t make. (http://scoop.sh)71018‑02‑01185.specter119/dsms: Scoop bucket for data science and materials science, even personal use71021‑11‑19186.PorridgePi/scoop-bucket71021‑06‑11187.ktos/scoop: My Scoop bucket71021‑09‑05188.jovercao/scoop-bucket-jover: scoop bucket by jover71021‑08‑24189.jazzwang/scoop-bucket: A bucket for http://scoop.sh71021‑10‑05190.tehbilly/scoop-bucket61019‑04‑28191.rkolka/scoop-manifold: Scoop bucket for Manifold software (using Ash258/GenericBucket template)61021‑11‑10192.pcrama/scoop-buckets: Bucket of extra software to install using scoop61020‑04‑04193.patrick330602/pkscbk: Scoop buckets of mine - apps I use personally in scoop61019‑11‑11194.noquierouser/nqu-scoop: My own Scoop bucket61020‑09‑20195.legion-labs/scoop-bucket: Legion Labs scoop bucket61021‑11‑15196.icedream/scoop-bucket: Scoop packages maintained by me.61020‑05‑18197.hibikine/scoop-bucket51019‑03‑28198.oduboevi/scoop-bucket: Personal scoop bucket41021‑06‑24199.mmichaelis/scoop-bucket: My scoop bucket as extension to default and extras bucket. For details see http://scoop.sh/41019‑01‑23200.DStalkerBR/stalkerbucket: My custom bucket for scoop package manager41020‑09‑23201.82p/scoop-yubico-bucket: scoop bucket of yubico tools41021‑01‑17202.xfournet/scoop-sboot: A Scoop bucket for sboot31021‑02‑22203.Witchilich/scoop-witchilich: A Scoop bucket31021‑10‑18204.prantlf/scoop-bucket: Scoop buckets with saz-tools and others31021‑05‑07205.icetee/icetee-bucket: My custom manifests for Scoop31016‑11‑26206.Hsins/yogurt: 🍨 A sweet Scoop bucket.31020‑12‑11207.Greydus/weeb-bucket: A corel paintshop pro - Crack Key For U bucket containing various utilities that I use31018‑07‑30208.DessertArbiter/dessertarbiter-shovel: My new personal bucket for Scoop31021‑11‑18209.bandithedoge/scoop-switch: Scoop bucket with various Nintendo Switch utilities31021‑05‑22210.upyun/carrot: UPYUN scoop packages21021‑03‑11211.dduan/scoop-bucket: Scoop (https://scoop.sh) apps.21020‑06‑16212.ayoisaiah/scoop-bucket21021‑11‑03213.wangcheng/scoop-bucket-dogfight360: Scoop bucket for tools from dogfight36011021‑08‑22214.terraform-docs/scoop-bucket: Scoop package manager for terraform-docs11021‑10‑05215.scyv/meteor-scoop-bucket: A bucket for scoop to install meteor11020‑07‑28216.railwayapp/scoop-railway: Scoop bucket for Railway Windows CLI installation11021‑11‑13217.prezesp/scoop-viewer-bucket11020‑05‑21218.planetscale/scoop-bucket: Scoop bucket for PlanetScale CLI binaries.11021‑10‑26219.philippgille/scoop-bucket: Scoop bucket for my apps11019‑12‑03220.morapet/scoop-bucket: synergy11019‑03‑21221.Kore-Development/scoop-bucket: A Scoop bucket11019‑02‑27222.kdash-rs/scoop-kdash: Scoop bucket for KDash11021‑09‑27223.jerson/scoop-bucket11021‑11‑11224.jbangdev/scoop-bucket: Bucket to use with scoop.sh containing jbang11021‑11‑13225.get-woke/scoop-bucket: Install on Windows with 11021‑11‑18226.Doublemine/scoops: a buckets to collection some application for scoop11017‑12‑25227.cidertool/scoop-bucket: Scoop bucket for Cider releases11021‑04‑25228.Bios-Marcel/scoopbucket: My scoop bucket11020‑11‑22229.ACooper81/Scoop-SystemInstalls: Install software for all users. Remove Desktop shortcuts and disable auto update checks and downloads.150419‑12‑27230.scalacenter/scoop-bloop10421‑11‑02231.lyineee/scoop-bucket180221‑11‑19232.kentork/scoop-leaky-bucket: my scoop bucket30220‑07‑17233.instrumenta/scoop-instrumenta: Scoop bucket for instrumenta tools, easy installation for Windows users20221‑01‑09234.XeroAPI/scoop-bucket10220‑09‑01235.giantswarm/scoop-bucket: App manifests for simple Windows installs using scoop10221‑11‑04236.KnotUntied/scoop-knotuntied: Personal Scoop bucket930121‑11‑19237.zeero/scoop-my-bucket: My scoop bucket json files.250116‑12‑20238.tinymce/scoop-bucket: Bucket of random packages for scoop package manager240121‑10‑25239.Br1ght0ne/scoop-bucket: Scoop bucket for Rust, CLI, and other stuff190121‑09‑07240.acdzh/zpt120121‑05‑29241.earnestma/scoop-earne: Personal scoop bucket100121‑08‑03242.shana/scoop-bucket90121‑10‑07243.monotykamary/toms-scoop-bucket90118‑05‑28244.yanshibin/scoop: Fork from h404bi/dorado ZvonimirSun/scoop-iszy80119‑12‑09245.DiXN/scoop80121‑11‑19246.minorgod/scoop-minorgod: A scoop bucket for some random packages I wanted to install through scoop.70120‑07‑09247.kkwpsv/ScoopBucket70121‑09‑02248.zt-luo/bucket-luo: The “bucket-luo” bucket for Scoop.60119‑01‑22249.jsorah/jsorah-scoop-bucket: My personal scoop bucket, use at your own risk.60119‑02‑01250.Jokler/scoop-bucket: My bucket for programs not in the official buckets60
Источник: https://rasa.github.io/scoop-directory/by-score.html

CCleaner is a utility software that clears your online tracks, frees up space, and helps you manage your machine, so it increases the speed of your PC so that it runs faster. However, Piriform CCleaner has some limitations, like it cannot wipe every deleted file from your hard disk due to the way Windows operating system stores various files. Moreover as CCleaner review, it also updates itself without your acknowledgment and runs forcefully in the background.

Here, is a curated list of top tools that are capable of replacing CCleaner. The list contains both open source(free) and commercial(paid) software.

1) Restoro

Restoro is a software that helps you to clean your registry with no hassle. This application can stop the computer from freezing and crashing. It can quickly secure and safely repairs your computer to an optimized state.

Restoro

Features:

  • Restoro can fix error messages.
  • It allows you to repair damages made by the virus.
  • Provides convenient PC repair at any time.
  • This application can repair and rebuild Windows OS
  • It can restore and replace DLL files.
  • Detects dangerous websites
  • Free precious disk space
  • It can find threatening apps before they damage your PC.

Restoro


2) Advanced SystemCare (ASC)

Advanced SystemCare (ASC)

IObit Advanced SystemCare is a simple and easy-to-use software to clean, speed up, optimize, protect your system, as well as secure your online privacy.

Features:

  • This tool helps you to free up your disk space by cleaning junk files.
  • It manages startup items in order to boost computer startup.
  • IObit Advanced SystemCare increase system security and refresh your web browsing.
  • With this tool, you can keep your contacts, blocks untrusted programs, and local email information secure.

Advanced SystemCare (ASC)


3) Iolo System Mechanic

Iolo System Mechanic

Iolo System Mechanic supports a personalized report detailing problems and list of recommended fixe. This tool improves PC boot time, Internet download speed, CPU performance, drivers, and RAM.

Features:

  • It automatically increases the speed of CPU, hard drive, and RAM.
  • Finds an unwanted startup program that slows down your computer.
  • It finds and repairs more than 30,000 various problems.
  • Optimizes hidden Internet settings for faster page loads and downloads.
  • Safely wipes browsing history and patches windows security vulnerabilities which may harm your computer.
  • Removes over 50 various junk files and free up disk space.

Iolo System Mechanic


4) Avira

Avira

Avira Free Security is an all-in-one security tool for Windows, Mac, Android, and iOS that that keeps your devices free of viruses, ransomware, and spyware. Powered by a smart scan, it scans your devices for threats, unsecure networks, software vulnerabilities, and performance optimizations, then fixes issues with one click.

Feature:

  • Award-winning antivirus scanner
  • Free VPN (500MB/month on Windows and Mac, 100MB/day on mobile)
  • Password Manager
  • Junk file cleaner and duplicate file finder
  • Software Updater
  • Browser tracking blocker and ad blocker

Avira


5) Outbyte PC Repair

Outbyte PC Repair

Outbyte PC Repair is a window repair pc optimizer tool that allows you to see a quick performance overview of your computer. It helps you to identify and resolve performance issues that might be affecting your PC.

Features:

  • dentify and remove unused temporary or cached files
  • It helps you to prioritize specific apps for CPU processor time
  • Enables you to control the privacy of your data by disabling Windows telemetry features.
  • Helps you to solve hundreds of the most common PC issues
  • Supported platform: Windows.

Outbyte PC Repair


6) AVG PC Tuneup for PC, Mac, and Android

AVG PC Tuneup

AVG PC TuneUp tool helps you to make your old PC run faster. This tool has sleep mode technology to increase your PC performance, browsing speed, and faster disk clean-up process.

Features:

  • The tool automatically fixes bugs, crashes, and maintains your computer.
  • It finds and removes junk programs and bloatware.
  • It allows you to clean up more than 200 apps.
  • Deep-clean your hard drive with Disk Cleaner
  • Surf lighter and faster with Browser Cleaner.
  • AVG PC TuneUp cleans registry automatically.
  • Helps you to keep your program up to date with just one click.
  • Update all program with one click.

AVG PC Tuneup


7) Glary Utilities

Glary Utilities

Glary Utilities provides multiple system tools to maintain, fix, and protect your computer system. It provides a registry cleaner, spyware detections, disc cleanup, memory optimizer, etc.

Features:

  • Provides an authoritative and all-in-one utility for cleaning your PC.
  • This tool fixes frustrating crashes and errors.
  • It has automated and secure options.
  • Maximize your PC performance.
  • Glary Utilities has easy to use and intuitive interface.
  • It includes more than 20 system utilities to increase computer performance.
  • It scans and analyses PC issues.

Glary Utilities


8) Winzip System Utilities Suite

Winzip System Utilities Suite

Winzip is a utility suite that clean, protect, and optimize your system. This suite includes more than 20 tools that are needed for your PC.

Features:

  • Registry enhancers
  • Windows optimizers
  • Security & privacy tools
  • Common problem fixers
  • Junk cleaner

Winzip System Utilities Suite


9) Ashampoo WinOptimizer

Ashampoo WinOptimizer

Ashampoo WinOptimizer version tool helps you to cleans and optimizes the performance of your Windows system far beyond what built-in tools can deliver.

Features:

  • It removes internet traces.
  • Ashampoo WinOptimizer finds invalid software shortcuts.
  • This tool provides an innovative hard disk benchmark with detailed results.
  • You can view and manage running process in your system.
  • It allows you to customize the Windows context menu.
  • With this tool, you can manage installed fonts.

Ashampoo WinOptimizer


10) Filecleaner

Filecleaner

FileCleaner is a Windows cleanup software that keeps your PC fast error-free and secure. It automatically fixes PC issues, deletes system junk, and protects your privacy.

Features:

  • It provides customize scan schedule.
  • This tool offers real time optimization.
  • FileCleaner deletes browser toolbar.
  • Uninstall any program in less time.
  • It has file shredder that erases files permanently.
  • You can effectively manage your files.

Filecleaner


11) Wisecleaner

Wisecleaner

Easy pc optimizer is a system maintenance tool that securely cleans up un unusable files boost your computer speed up the performance. It also provides many custom selection options that allow you to clean up files they don’t need.

Features:

  • Cleans Internet History and Other Traces on available your computer; thus, it protects your privacy.
  • Increase computer performance by defragging and re-arranging files on your hard disk.
  • It scheduled automatic disk cleaning.
  • Automatically update software.

Wisecleaner


12) Avast cleanup

Avast cleanup

Avast cleanup speedup and cleans your computer. This tool helps you to update your software, fix annoying problems, and removes bloatware.

Features:

  • The tool removes broken shortcuts.
  • It removes your registry.
  • Avast cleanup automatically updates your applications.
  • Provides a quick overview of computer health.
  • It detects and removes unwanted third-party toolbars and ads.
  • This software has a Patented tuneup method that puts all resource-draining applications in sleep mode to increase the speed.

Avast cleanup


13) CleanMyPC

CleanMyPC

CleanMyPC software product keeps your PC clean and running like a new one. It scans your computer system to boost its speed, clean up junk files, and increase its performance.

Features:

  • With a few clicks, you can find useless files and removes them securely.
  • It allows the user to clean the registry on your computer.
  • Uninstall the Windows apps in the right way along with their leftovers.
  • This tool provides an easy way to speed up computer startup.
  • It identifies add-ons which are not needed and turn them off.
  • CleanMyPC maintains your online privacy.
  • You can easily get rid of the hibernation files.

Download Link: https://macpaw.com/cleanmypc


14) Clean Master Official

Clean Master Official

Clean Master Official offers you powerful privacy protection and junk cleaning. It has the capability to scan more than 1000 programs. You can make your computer junk free with just one click.

Features:

  • This CCleaner alternative enables you to remove risky browsing records.
  • You can stop unnecessary startup programs, increase boot time, and optimize your system.
  • It supports scanning and fixing more than 5,000,000 drivers and devises.
  • It checks junk files and cleans them automatically.
  • This tool is better than CCleaner which securely destroys sensitive files.

Download Link: https://www.cleanmasterofficial.com/en-us/


15) Jv16 PowerTools

Jv16 PowerTools

Jv16 PowerTools is a software which works by cleaning the Windows registry, unwanted files and data. It is one of the best CCleaner alternatives that fixes system error automatically and applies optimization to your PC.

Features:

  • It speeds up computer startup.
  • Jv16 PowerTools enable you to uninstall any software and remove its leftovers.
  • This software is compatible with Windows XP, Vista, 7, 8, 10, and 11.
  • It can be used in various languages like English, Dutch, Deutsch, Francis, etc.

Download Link:https://www.macecraft.com


16) System Ninja

System Ninja

System Ninja is a fast-effective PC optimization solution designed for Windows. It removes unnecessary files, fixes problems, improves the system speed.

Features:

  • It cleans junk of Chrome, Opera, Mozilla Firefox, Internet Explorer, etc.
  • With this alternative to CCleaner software, you can control startup times, delete unwanted apps, and manipulate the running process.
  • It provides one-click optimization.

Download Link:https://singularlabs.com/software/system-ninja/


17) Ace Utilities

Ace Utilities

Ace Utilities is a collection of tools that can be used to optimize and clean your computer. It is one of the programs like CCleaner that allows you to run your system smoothly without any error.

Features:

  • It increases disk space by removing junk files.
  • This tool provides a detailed analysis of drive contents.
  • It helps you to duplicate file and folders.
  • Fix invalid shortcuts on your desktop, start menu and removable media.
  • It cleans the registry.
  • This tool removes internet browser cache and history.

Download Link:https://www.acelogix.com


18) Winutilities Pro

Winutilities Pro

WinUtilities Pro is an easy to use system utility software. It is one of the best alternatives to CCleaner that provides an effective solution to improve your computer’s performance.

Features:

  • It cleans disks from information that reduces the performance of your system.
  • This tool deletes all traces of activity on your PC.
  • You can password protects executable files.
  • Effectively manage the memory of windows.
  • It manages your Windows settings.
  • With this software, you can schedule cleaning task.

Download Link:https://www.pcclean.io/winutilities-pro/download/


19) Treesize

Treesize

TreeSize Professional is a flexible hard disk space managing tool for all Windows and client/server. You can visualize your hard disk space usage.

Features:

  • This tool offers plenty of file exporting options.
  • It enables you to copy, archive, or move files.
  • This utility software search for a duplicate file.
  • Scan SharePoint servers and FTP.
  • It provides a detailed analysis of files and folders
  • With this software, you can manage disk space on mobile devices and smartphones.

Download Link:https://www.jam-software.com/treesize/


20) Privazer

Privazer

PrivaZer is a free utility software that permanently removes unwanted traces of your past activity on your PC.

Features:

  • You can securely clean your PC with just one click.
  • This free CCleaner alternative enables you to free up your disk space and keep your PC fit.
  • You can see what can be recovered further according to your past activities.
  • This tool prevents recovery of your activities.

Download Link:https://privazer.com/en/

FAQ:

❓ What is CCleaner?

A CCleaner is a utility software that helps you to clean and optimize your computer to improve its performance. It scans and removes junk files, temporary files, unnecessary files, cache, browser cookies, etc., from your system and enhances the performance by eliminating these unnecessary files from your system.

💻 Which are the Best CCleaner Alternatives Software?

Here are some of the best CCleaner Alternatives software:
  • Restoro
  • Advanced SystemCare (ASC)
  • Iolo System Mechanic
  • Avira
  • Outbyte PC Repair
  • AVG PC TuneUp
  • Glary Utilities

⚡ What are the features of good utility software?

Following are the features of utility software:
  • It provides standard privacy protection.
  • The software product optimizes your Internet speed and your computer.
  • Tools faster startup and provide better performance.
  • Customize cleaning to your business needs.
  • Boost security and stay compliant.
Источник: https://www.guru99.com/ccleaner-alternatives.html
START HERE▶ Click here to browse all download categories.
 Click here browse the video game categories.


Most Downloaded Files Today (Click for full description)

#1 Malwarebytes AdwCleaner v8.3.0- Free app removes adware/toolbars/malware.#2 Malwarebytes Anti-Malware v4.4.11.149- Removes malware, viruses & more.#3 SUPERAntiSpyware Free v10.0.1236- Removes malware other programs miss.#4
  LibreOffice Portable Fresh v7.2.2- Run LibreOffice from cloud folder/ext. drive.#5
 McAfee Stinger v12.2.0.347- Free program to remove viruses & malware.#6 NirLauncher v1.23.53- A free Swiss Army Knife of tools for computer techs. #7 Hiren’s BootCD PE x64 v1.0.1- FL Studio Fruity Crack boot disk based on Win 10 PE x64.#8 Windows/Office ISO Download Tool v8.46- Download Windows/Office from MS.#9 Windows Repair v4.12.0- All of the tools to fix most Windows issues.#10  Ultimate Boot CD v5.3.9 ISO- Every tool you need in a bootable image..
.
  Log of updated or added files by date (Click for full description)
 UPDATED 11/19  Malwarebytes Anti-Malware v4.4.11.149- Removes malware, spyware, etc. UPDATED 11/19  KillEmAll (command line) v21.11.12.1- Terminates all non-essential programs.
 UPDATED 11/19  KillEmAll (last GUI version) v21.2.16- Terminates all non-essential programs. UPDATED 11/19  ClickMonitorDDC v7.2- Adjust monitor contrast/brightness from System Tray. UPDATED 11/19  Viewlens Portable v4- A free screen magnifier with mirroring and color filtering. UPDATED 11/19  Telegram Desktop v3.2.5- Messaging app focused on speed/security. UPDATED 11/19  WizTree v4.06- World's fastest, free hard disk space analyzer. UPDATED 11/19  Tweakeze v2.03.1013- Portable program to stop unwanted system changes.
 UPDATED 11/18  ReadySunValley v0.70.0- Check if your system is ready for Windows 11. UPDATED 11/18  ThisIsWin11 v0.91.30- An open source project similar to Power Toys for Win11.  NEW 11/18  Oubliette Portable v1.9.5- Password manager with encryption that stores locally.
 UPDATED 11/18  Wireless Network Watcher v2.26- Monitor who connects to your wifi. UPDATED 11/17  Pixelscope v8- Free, portable desktop screen magnifier with many options. UPDATED 11/17  BiglyBT v2.8- Feature filled, open source, ad-free, bittorrent client. UPDATED 11/17  Keppi v3.82- A free, simple music visualizer written in the C# language. UPDATED 11/17  Malwarebytes Support Tool v1.8.9.924- Fixes issues with Malwarebytes. NEW 11/17  Imbricker v0.3.0.0- A free Tetris clone for Windows, Linux ytd downloader 5.9 11 - Crack Key For U Raspberry Pi.
 UPDATED 11/17  FurMark v1.29.0.0- A free, intensive OpenGL benchmark for graphics cards. UPDATED 11/17  Audacity v3.1.2- Free multi-track audio editor and recorder. UPDATED 11/16  AMD Clean Uninstall Utility v21.20- Completely removes all AMD drivers.
 UPDATED 11/16  McAfee Stinger v12.2.0.347- Free program to remove viruses & malware. NEW 11/16  TCPConnectProblemView v1.01- Displays an alert when a TCP connection fails.
 NEW 11/16  InstalledAppView v1.01- Shows info of apps installed on local/external systems.
 NEW 11/16  Product Key Scanner v1.00- Finds product keys in Windows & external drives.
 UPDATED 11/15  Quick Any2Ico v2.5.0.0- Portable tool to make icons out of anything for any use. UPDATED 11/15  Q-Dir v9.99- Free, quadro-view file management system. UPDATED 11/15  IsMyHdOK v3.44- Free, super fast, super tiny hard drive tester. UPDATED 11/15  Cherrytree v0.99.43- A free, hierarchical note taking app and todo list.  NEW 11/15  ShareWatch v1.0- See who's connected and what files they are accessing.
 NEW 11/15  PureText v6.2- Tray utility to remove text formatting & paste from the clipboard.
 UPDATED 11/14  Notepad++ v8.1.9.1- A free, open source, multi-language source code editor. NEW 11/13  RunCat_for_windows v1.9- You don't need this. Keep scrolling.
 UPDATED 11/13  HiBit Uninstaller v2.6.25- Completely removes Windows programs and apps. UPDATED 11/13  QuickMemoryTestOK v3.44- Small, free program to check RAM for errors. UPDATED 11/13  DesktopNoteOK v3.22- A free, very decorative desktop sticky notes program.
 UPDATED 11/13  SIV (System Information Viewer) v5.61- Complete computer/network info.  UPDATED 11/12  Kaspersky Virus Removal Tool v20.0.10.0 db11.11 Free tool to remove malware. UPDATED 11/12  Pale Moon v29.4.2.1- An Open Source, Goanna-based web browser. UPDATED 11/12  Ventoy v1.0.60- An open source tool to create a bootable USB drive for ISO files. UPDATED 11/12  Great Cow BASIC v0.98.07- BASIC compiler for 8 bit Microchip PIC/Atmel AVR.
 NEW 11/11  Microsoft Support & Recovery Assistant v17.0.7513.7- Fixes Microsoft issues.
 UPDATED 11/11  WSCC v7.0.0.0- The free tools you need to repair Windows in one portable app. NEW 11/11  ConfigureDefender v3.0.1.0- View/configure important Defender settings.
 UPDATED 11/11  LibreOffice Portable Fresh v7.2.2- Run LibreOffice from cloud folder/ext. drive. UPDATED 11/11  Apache OpenOffice Portable v4.1.10- Run OpenOffice from cloud or flash drive. UPDATED 11/11  Apache OpenOffice v4.1.11- Free office suite for Windows, MacOS and Linux. UPDATED 11/10  Windows Repair v4.12.0- All of the tools to fix most Windows issues. NEW 11/10  BetterDummy v1.0.9- Virtual dummy display to use as a mirror main on Macs.
 NEW 11/10  MonitorControl v4.0.1- Control external Apple display's brightness/ volume.
 NEW 11/10  Libre Hardware Monitor v0.8.9- Monitors temp, fans, volts, load & clock speeds.
 UPDATED 11/10  FanCtrl v1.4.4- Free tool to automatically control the fan speed on your PC.
 UPDATED 11/10  ocenaudio v3.10.14- Free, fast and feature-packed audio editor. UPDATED 11/09  foobar2000 v1.6.8- An advanced, freeware audio player for Windows & MacOS. NEW 11/09  CrowdInspect v1.7.0.0- Detects the presence of potential malware on networks.
 UPDATED 11/09  Personal Backup v6.2.7.0- A completely free backup program for Windows.  UPDATED 11/08  SmartSystemMenu v2.13.0- Extends system menu of all windows in the system. UPDATED 11/08  PrivaZer v4.0.34- Clean your computer usage tracks in one click for free.
 UPDATED 11/08  CrystalDiskInfo v8.12.12- Monitors disk health, status, temp, S.M.A.R.T. info.
 UPDATED 11/06  SuperTuxKart v1.3- A free kart racing game featuring Tux and friends. UPDATED 11/06  PEAnatomist v0.2.5- Shows known data structures in a PE file with analytics. NEW 11/05  Super Grate v1.3.2.1- Remote execution of Microsoft's USMT on domain PCs.
 UPDATED 11/05  Terasology v5.1.1- Minecraft-inspired, open source survival & discovery game. UPDATED 11/05  Amidst v4.7- Free tool to display an overview of a Minecraft world from a seed. UPDATED 11/05  Quick Access Popup v11.5.2- Multi-purpose launcher and folder switcher. UPDATED 11/04  phpMyAdmin v5.1.1- Free software tool for administration of MySQL on the web. UPDATED 11/04  QuickTextPaste v7.51- Insert pre-defined text into programs with hotkeys. NEW 11/04  Mihov Gallery Creator v0.9.2- A program for creating web image galleries.
 NEW 11/04  Heimer v2.8.0- Free, cross-platform mind map, diagram, and note-taking tool.
 UPDATED 11/04  PhotoDemon v8.4- A free, open source & portable photo editor. UPDATED 11/04  Godot Game Engine v3.3.4- Open source game engine to create 2D/3D games. UPDATED 11/04  HWMonitor v1.45- Reads PC's main health sensors: voltages/temp/fans speed.
 NEW 11/03  OpenBoardView v8.0- Viewer for .brd files (layouts of a circuit boards).
 UPDATED 11/03  x64dbg v2021-11-03_11-01- An open-source x64/x32 debugger for windows. UPDATED 11/03  Don't Sleep v8.51- Prevents shutdown, restart, sleep and hibernate. UPDATED 11/03  StressMyPC v4.84- Free stress-testing software for your PC.
 UPDATED 11/03  DesktopOK v9.31- Saves the position of your desktop icons and more. NEW 11/03  Migration Assistant v2.4.0.0- Move your data from a Windows PC to a Mac.
 UPDATED 11/02  Chrono Tracker v3.6.12- A free time tracking application for Windows. UPDATED 11/02  O&O ShutUp10++ v1.9.1426- Free tool to stop Win 10 & 11 from spying on you. UPDATED 11/02  WebChangeMonitor v21.10- Monitors multiple web pages and tracks changes. UPDATED 11/02  HWiNFO v7.14- Free hardware information & diagnostic tool for Windows.
 UPDATED 11/02  MyFolders v7.0.4.82- Right-click to copy/move items to your favorite folders. NEW 11/01  FileTool v1.0.0.814- Create a lot of files, or a few big ones for testing purposes.
 UPDATED 11/01  CryptSync v1.4.2- Synchronizes multiple folders, keeping one of pair encrypted. NEW 11/01  Autorun Organizer v5.12- Windows startup manager with VirusTotal scanning.
 NEW 11/01  EverythingToolbar v0.7.3- Everything integration for the Windows taskbar.
 UPDATED 11/01  Shotcut v21.10.31- A free, open source, cross-platform video editor.
 UPDATED 10/31  MakeMKV v1.16.4- Convert videos you own into an unencumbered file format.
 UPDATED 10/31  WindowTextExtractor v1.9.0- Extracts text from any window & behind asterisks.
 UPDATED 10/31  AwesomeWallpaper v1.5.2- Show videos, images & system info on desktop.
 UPDATED 10/31  WordWeb Free v9.2- A one-click look-up English thesaurus and dictionary. NEW 10/31  USB Low-Level Format v5.00- Repair USB flash drives with low-level formatting.
 NEW 10/31  USB Drive Factory Reset Tool v3.00- Restores USB flash drives to full capacity.
 REFRESH 10/30  AutoStarter X4.2- Create a list of items to launch in a single batch file.
 UPDATED 10/30  Antivirus Removal Tool 2021.10- Completely removes antivirus software.
 UPDATED 10/30  Windows Repair Toolbox v3.0.3.4- Fastest way to download your repair tools.  NEW 10/29  Colora v0.3.1- Free Color converter/color picker/color palettes for Windows.
 NEW 10/29  Screen Ruler v0.9.1- A free, portable ruler for the Windows Desktop.
 UPDATED 10/29  NewFileTime v5.66- Manipulate the timestamp of any file or folder. UPDATED 10/29  0 A.D. v25b- A free, open-source, historical real-time strategy (RTS) game.  UPDATED 10/29  Social Network Visualizer v3.0.4- Free social network analysis/visualization app.  UPDATED 10/29  Inkscape v1.1.1- Free, open source, pro-quality vector graphics software. UPDATED 10/29  Tixati v2.86 (Windows/Linux)- Free file sharing using the BitTorrent protocol.  UPDATED 10/28  BeeBEEP v5.8.4- An open source, secure peer to peer office messenger. UPDATED 10/28  Zint Barcode Generator v2.10.0- Free barcode generator for 50+ symbologies. UPDATED 10/28  RegRun Reanimator v13.0.2021.1004- Removes adware/spyware/malware.  UPDATED 10/28  SoundVolumeView v2.25- Info for all active sound components on system. UPDATED 10/28  29 Avast Ransomware Decryption Tools- Decrypt files after ransomware. REMOVED  WinPass11 v0.1.2- No longer a functional tool. UPDATED 10/27  User Profile Wizard v24.0- Move user profiles between computers and domains. UPDATED 10/27  Transwiz v1.19- Transfer your personal data and settings to a new computer. UPDATED 10/27  Windows Key Viewer v1.3.0.18- Displays the product key of Windows 7, 8 & 10. UPDATED 10/27  RapydMark v1.2a- A free, portable computer benchmarking tool for Windows. NEW 10/27  PHPeasy v1.0- A light PHP code editor for Windows and Linux.
 NEW 10/27  LazLock v2.6.4.2- Light, portable password manager for Windows & Linux.
 UPDATED 10/27  FileZilla Client Portable v3.56.1- Portable version of the popular FTP client. UPDATED 10/27  Microsoft Autoruns v14.06- Shows and disables programs that run at boot. NEW 10/26  Process Hacker v2.39- Tool to monitor system, debug and detect malware.
 NEW 10/26  DiscordChatExporter v2.30.1- Extract message history from a Discord channel.
 UPDATED 10/26  LightBulb v2.3.3- Reduces eyestrain from staring at a computer screen. UPDATED 10/26  Revo Uninstaller Free v2.3.5- A free utility to remove stubborn programs.
 UPDATED 10/25  Gophish v0.11.0- Test your organization's ability to NOT open phishing emails. UPDATED 10/25  NirLauncher v1.23.53- A free Swiss Army Knife of tools for computer techs. NEW 10/25  Multiscreen Blank v2.6.0.0- Blank, dim, mirror your multi-monitor screens.
 NEW 10/25  ElemenTable v0.2- Simple colored and interactive Periodic Table of Elements.
 UPDATED 10/25  MeinPlatz v7.22- Free program to scan the hard disk for lost disk space.  UPDATED 10/25  Registry Finder v2.52- Free replacement for the Windows registry editor. UPDATED 10/23  PySolFC v2.14.0- A free collection of more than 1000 solitaire card games. UPDATED 10/23  Domination (Risk Board Game) v1.2.3- A free Risk clone with hundreds of maps. NEW 10/23  Golly v4.0- An open source app/game for exploring types of cellular automata.
 UPDATED 10/23  NoMachine v7.7.4- Free, full-featured, multi-platform remote desktop software. UPDATED 10/22  PrivateWin10 v0.85- A free, advanced privacy tool for Windows. UPDATED 10/22  System Ninja 3.2.10 Remove junk files, improve system speed & fix problems. UPDATED 10/22  ContaCam v9.9.19- Free video surveillance/live webcam software for Windows.
 UPDATED 10/22 Brave v1.31.87- Free Chromium-based browser w/ unmatched speed, security.
 UPDATED 10/22  Buttercup v2.12.0- Open-source password manager based on NodeJS.
 NEW 10/21  Isomorphism- Mathematics of Programming- Book about math & programming. NEW 10/21  DNSLookupView v1.01- View DNS queries sent through DNS Client service. NEW 10/21  IPNeighborsView v1.00- Displays the IP neighbor table of your local computer. NEW 10/21  FreeSpaceLogView v1.00- Displays a log of free disk space on your system. NEW 10/21  Classic Calculator- Miss the old Windows Calculator? Get it back! UPDATED 10/20  SuperDuper v3.3.1/v3.5 Beta- Free program to repair/backup/clone your Mac. UPDATED 10/20  Network Drive Control v1.56- Auto-map network drives for different networks.   NEW 10/20  Trick or Treat Desktop Theme- Get your desktop ready for Halloween! NEW 10/20  Wintry Webs Desktop Theme- The beauty of spider webs in the winter. UPDATED 10/20  Spooky's Jump Scare Mansion v3.0.2- A fun, scary game for #Halloween!
 UPDATED 10/20  Ticket to Fear Halloween Desktop Theme- Creepy desktop theme for Halloween.
 UPDATED 10/20  Halloween Knight 2 v0.1.0- A free platformer for your #Halloween enjoyment!
 UPDATED 10/20  Eerie Autumn Desktop Theme- A creepy, dark desktop theme for #Halloween. UPDATED 10/20  Creepy Cobwebs Desktop Theme- Spider/web desktop theme for #Halloween. UPDATED 10/20  Logyx Pack v24.02- 150 games for Windows, mostly logic, under one window. UPDATED 10/20  SyMenu v6.16.7962- The largest suite of utilities ever made for your flash drive. UPDATED 10/19  Windows 7 Games For Windows 10/11 v3- Install Win7 games in Win10 & Win11. NEW 10/19  Speed Reader Enhanced v4.0.4- Suppress sub-vocalization for speed reading. NEW 10/19  Snipe-IT v5.3.0- A free, open source IT asset/license management system. NEW 10/19  CID v1.1.6- Bash scripts for inserting/managing Linux computers in AD. UPDATED 10/19  BibDesk v1.8.7- A free graphical bibTeX bibliography manager for Mac OS X.
 UPDATED 10/18  Ultimate Settings Panel v6.6- 295 configurations for Windows, Office, & more. UPDATED 10/18  GParted Live v1.3.1-1- Free, bootable partition editor for Windows, Dropbox 117.3.350 Crack Keygen 2021 - Free Activators & Linux. UPDATED 10/18  FreeCol v2021-04-04- Privazer vs bleachbit - Activators Patch turn-based strategy game based on Colonization. UPDATED 10/18  Freeciv v3.0.0- Free turn-based multiplayer strategy game based on Civilization. UPDATED 10/18  OpenLoco v21.10- Re-implementation of Chris Sawyer's Locomotion game. UPDATED 10/18  OpenTTD v12.0- Open source recreation of Transport Tycoon Deluxe. UPDATED 10/18  Linux Reader v4.9- Get access to files on a Linux partition using Windows. NEW 10/17  Open Source Point of Sale v3.3.5- A free web-based point of sale application. UPDATED 10/17  Dual Monitor Tools v2.8- Free tools for Windows users with multiple monitors.
 UPDATED 10/17  TinyNvidiaUpdateChecker v1.14.5- Nvidia updates without GeForce Experience.
 UPDATED 10/17  ThisIsMyFile v3.77- Unlock/delete locked files with this free portable app. NEW 10/16  80 Emsisoft Ransomware Decryption Tools- Decrypt files after ransomware. UPDATED 10/16  Google Drive v51.0.16.0- Free cloud storage program from Google.
 UPDATED 10/16  FolderChangesView v2.32- Monitors folders or disks for changes. UPDATED 10/16  Sandboxie-Plus v0.9.8- Run programs in a sandbox for security & testing.
 UPDATED 10/16  Sandboxie-Classic v5.53.0- Run programs in a sandbox for security & testing.  NEW 10/15  PinWin v0.2.2- Pin any window to be always on top of the screen. NEW 10/15  MPos v0.4- Displays mouse coordinates & DPI info/logging on the desktop.  UPDATED 10/15  XTrkCAD Model RR Track Planner v5.2.1- Free model railroad layout designer. UPDATED 10/15  GO Contact Sync Mod v4.1.15- Sync Outlook contacts/calendars with Google. UPDATED 10/15  ElevenClock v2.1.1- A secondary clock for secondary taskbars on Windows 11. UPDATED 10/14  LibreOffice Productivity Suite v7.2.2- Free, open source office suite. UPDATED 10/14  WildGem v1.60- Free, fast, portable app to find and replace text.
 UPDATED 10/14  Taskbar11 v3.0.0- Portable app to change position/size of the Win11 taskbar. UPDATED 10/14  AIMP v5.00- A free multimedia player, converter, recorder and tag editor.
 UPDATED 10/14  AllDup v4.5.0- A freeware tool to find & remove duplicate files in Windows. UPDATED 10/13  Rufus v3.16- Create bootable USB flash drives for any operating system.
 NEW 10/13  Network Security Toolkit (NST) v34-  ISO image with the best security apps. UPDATED 10/13  Dead Deer v3.12.8.2021- Free 3D modeler, game maker, demo maker. NEW 10/13  MediaCreationTool.bat 2021.10.09- Script to download any version of win10/11. UPDATED 10/13  Microsoft Sysinternals Suite Oct. 12, 2021-  Bundle of troubleshooting utilities. UPDATED 10/13 
Источник: https://www.oldergeeks.com/
privazer vs bleachbit  - Activators Patch

Privazer vs bleachbit - Activators Patch -

scoop-directory

1.ScoopInstaller/Extras: 📦 The Extras bucket for Scoop. (scoop’s built-in bucket ‘extras’)1274116186221‑11‑192.ScoopInstaller/Main: 📦 The default bucket for Scoop. (scoop’s built-in bucket ‘main’)89480752421‑11‑193.chawyehsu/dorado: 🐟 Yet Another bucket for lovely Scoop2105857321‑11‑194.Ash258/Shovel-Ash258: Personal Shovel bucket with a wide variety of applications of all kinds.3081922421‑11‑195.matthewjberger/scoop-nerd-fonts: A scoop bucket for installing nerd fonts (scoop’s built-in bucket ‘nerd-fonts’)1891773021‑11‑186.TheRandomLabs/Scoop-Spotify: A Scoop bucket for Spotify, Spicetify and related packages.101321121‑11‑197.ScoopInstaller/Java: 📦 A bucket for Scoop, for Oracle Java, OpenJDK, Eclipse Temurin, IBM Semeru, Zulu, ojdkbuild, Amazon Corretto, BellSoft Liberica, SapMachine and Microsoft JDK. (scoop’s built-in bucket ‘java’)1961274921‑11‑198.Calinou/scoop-games: Scoop bucket for open source/freeware games and game-related tools (scoop’s built-in bucket ‘games’)1941155421‑11‑199.borger/scoop-galaxy-integrations: Provides an easy way to install, attach and update the GOG Galaxy 2 Integrations27115521‑11‑1610.TheRandomLabs/scoop-nonportable: A Scoop bucket for nonportable applications. (scoop’s built-in bucket ‘nonportable’)801144121‑11‑1911.TheCjw/scoop-retools: Scoop bucket for reverse engineering tools291011621‑11‑1412.ivaquero/scoopet: 🚀 A Scoop bucket for facilitating academic research.35851021‑11‑1713.kodybrown/scoop-nirsoft: A Scoop bucket of useful NirSoft utilities (scoop’s built-in bucket ‘nirsoft’)270782521‑11‑1914.Ash258/Scoop-JetBrains: All JetBrains Utilities and IDEs (scoop’s built-in bucket ‘jetbrains’)95731021‑11‑1915.ScoopInstaller/Versions: 📦 A Scoop bucket for alternative versions of apps. (scoop’s built-in bucket ‘versions’)159697921‑11‑1916.Moeologist/scoop-completion: scoop tab completion, work with powershell168721‑11‑0417.kidonng/sushi: 🍣 A tasty and inclusive Scoop bucket55601521‑11‑1918.L-Trump/scoop-raresoft: 提供许多破解版的应用87601021‑11‑0719.littleli/scoop-clojure: Install Clojure on Windows with Scoop1958521‑11‑1920.rasa/scoops: 📦 A bucket of tasty scoop flavored apps.70551221‑11‑1821.MCOfficer/scoop-nirsoft: My own shot at a nirsoft.net-bucket. Contains all 250+ programs.26042621‑09‑2722.everyx/scoop-bucket: my bucket for scoop3631221‑10‑2723.KNOXDEV/wsl: A scoop bucket for Window Subsystem for Linux distros. No Windows Store necessary. mirror of: https://git.irs.sh/KNOXDEV/wsl1130421‑11‑1824.echoiron/echo-scoop: A bucket of commonly used portable(green) software7230121‑11‑1925.hermanjustnu/scoop-emulators: Scoop bucket for emulators3829421‑11‑1926.Ash258/Scoop-Sysinternals: All Sysinternals tools separately.7429221‑10‑2627.cli/scoop-gh: scoop packaging for the github cli1262821‑11‑1828.kkzzhizhou/scoop-zapps: 自用Scoop仓库,使用Github Action自动更新16825521‑11‑1829.tetradice/scoop-iyokan-jp: 日本語環境に最適化されたscoop bucket2325521‑11‑1430.TheRandomLabs/Scoop-Bucket: My personal Scoop bucket.1325021‑11‑1731.cderv/r-bucket: Personal scoop bucket I use as an R user and software engineer1324221‑11‑1932.wangzq/scoop-bucket: A bucket for http://scoop.sh18219821‑11‑1633.Qv2ray/mochi: 🍡Mochi: A Tasty Solution for Chinese Scoop Users1519421‑11‑1934.ZvonimirSun/scoop-iszy: Scoop bucket for ZvonimirSun2018221‑11‑1835.zhoujin7/tomato: My personal scoop bucket.4017521‑11‑1936.rkbk60/scoop-for-jp: Scoop bucket for ALL Japanese users.917521‑11‑1437.dodorz/scoop57316921‑11‑1438.ScoopInstaller/PHP: 📦 PHP Bucket for Scoop (scoop’s built-in bucket ‘php’)38116321‑11‑1739.meshery/scoop-bucket: Scoop Apps for Layer5 command line clients115921‑11‑1440.kiennq/scoop-misc: Miscellaneous scoop packages1814121‑11‑1841.TheRandomLabs/Scoop-Python: A Scoop bucket for Python applications that do not provide standalone executables.2514021‑11‑1942.borger/scoop-emulators: Provides an easy way to install and update the best emulators2513321‑11‑1943.scoopcn/scoopcn: Mostly Chinese applications / 大多是国内应用程序2313321‑11‑1944.Paxxs/Cluttered-bucket: 🍺 Scoop bucket

The Hitchhiker’s Guide to Online Anonymity - Version 0.9.4 - May 2021 [Version 0.9.4, Version 0.9.4 ed.] 1234950554

File loading please wait...
Citation preview

The Hitchhiker’s Guide to Online Anonymity (Or “How I learned to start worrying and love privacy”) Version 0.9.4 (draft), May 2021 by AnonymousPlanet. This guide is a draft work in progress. While I am working constantly to improve the content, general structure, and readability, it will never be “done” and some parts might be incomplete as of this release. Remember to check frequently for a new version of this guide. This guide is a non-profit open-source initiative, licensed under Creative Commons Attribution 4.0 International (ccby-4.0 [Archive.org]). Find it online at: • Original: https://anonymousplanet.org [Archive.org] [Archive.today] • Mirror: https://mirror.anonymousplanet.org [Archive.org] [Archive.today] • Tor Mirror: http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion • Archive.today over Tor: http://archivecaslytosk.onion/anonymousplanet.org/guide.html PDF versions (best format for the best readability) of this guide at: • Light Theme: https://anonymousplanet.org/guide.pdf [Mirror] [Archive org] [Tor Mirror] • Dark Theme: https://anonymousplanet.org/guide-dark.pdf [Mirror] [Archive.org] [Tor Mirror] • Both at CryptPad.fr https://cryptpad.fr/drive/#/2/drive/view/Ughm9CjQJCwB8BIppdtvj5zy4PyE8Gxn11x9zaqJLI/ Feel free to submit issues using GitHub Issues at: https://github.com/AnonymousPlanet/thgtoa/issues Feel free to discuss ideas at: • GitHub Discussions: https://github.com/AnonymousPlanet/thgtoa/discussions • Reddit: https://old.reddit.com/r/thgtoa/ • Matrix/Element: ```#online-anonymity:matrix.org``` • Telegram Channel: https://t.me/thgtoa • Discord Server: https://discord.gg/XGFfGtJmXd (Note that none of these are actively moderated or end-to-end encrypted, be careful) Follow me on: • •

Twitter at https://twitter.com/AnonyPla (cannot guarantee this account will stay up for long tho) Mastodon at https://mastodon.online/@anonypla.

There are several ways you could read this guide: •

• •

You want to understand the current state of online privacy and anonymity not necessarily get too technical about it: Just read the Introduction, Requirements, Understanding some basics of how some information can lead back to you and how to mitigate those and A final editorial note sections. You want to do the above but also learn how to remove some online information about you: Just read the above and add the Removing some traces of your identities on search engines and various platforms. You want to do the above and create online anonymous identities online safely and securely: Read the whole guide.

Please note that: •

This guide does mention and even recommends some commercial services in some sections (such as VPNs, CDNs, and hosting providers) but is not endorsed or sponsored by any of them in any way. There are no referral links and no commercial ties with any of these providers. This project is 100% non-profit.







All external links to Documents/Files have an [Archive.org] link next to them for accessing content through Archive.org for increased privacy and in case the content goes missing. It is possible some links are not yet archived or outdated on archive.org in which case I encourage you to ask a new save if possible. See the live addresses for up-to-date information. All external links to YouTube Videos have an [Invidious] link next to them for accessing content through an Invidious Instance (in this case yewtu.be hosted in the NL) for increased privacy. See https://github.com/ivorg/invidious [Archive.org] for more information. If you are reading this in PDF format, you will be seeing plenty of ``` in place of double quotes (“”). These ``` should be ignored and are just there to facilitate conversion into Markdown/HTML format for on-line viewing.

Table of Contents Requirements: ............................................................................................................................................................................ 7 Introduction: .............................................................................................................................................................................. 7 Understanding some basics of how some information can lead back to you and how to mitigate some: ................................. 10 Your Network: ............................................................................................................................................................................... 10 Your IP address:........................................................................................................................................................................ 10 Your DNS requests: .................................................................................................................................................................. 11 Your RFID enabled devices: ...................................................................................................................................................... 15 The Wi-Fis and Bluetooth devices around you: ....................................................................................................................... 15 Malicious/Rogue Wi-Fi Access Points: ..................................................................................................................................... 16 Your Anonymized Tor/VPN traffic: ........................................................................................................................................... 17 Some Devices can be tracked even when offline: .................................................................................................................... 19 Your Hardware Identifiers: ........................................................................................................................................................... 19 Your IMEI and IMSI (and by extension, your phone number): ................................................................................................. 19 Your Wi-Fi or Ethernet MAC address: ...................................................................................................................................... 21 Your Bluetooth MAC address: .................................................................................................................................................. 21 Your CPU: ...................................................................................................................................................................................... 22 Your Operating Systems and Apps telemetry services: ................................................................................................................. 22 Your Smart devices in general: ..................................................................................................................................................... 23 Yourself: ........................................................................................................................................................................................ 24 Your Metadata including your Geo-Location: .......................................................................................................................... 24 Your Digital Fingerprint, Footprint, and Online Behavior: ....................................................................................................... 24 Your Clues about your Real Life and OSINT: ............................................................................................................................ 26 Your Face, Voice, Biometrics and Pictures: .............................................................................................................................. 26 Phishing and Social Engineering: .............................................................................................................................................. 28 Malware, exploits, and viruses: .................................................................................................................................................... 28 Malware in your files/documents/e-mails: .............................................................................................................................. 28 Malware and Exploits in your apps and services: .................................................................................................................... 29 Malicious USB devices: ............................................................................................................................................................. 29 Your files, documents, pictures, and videos: ................................................................................................................................. 30 Properties and Metadata: ........................................................................................................................................................ 30 Watermarking: ......................................................................................................................................................................... 31 Pixelized or Blurred Information: ............................................................................................................................................. 31 Your Crypto currencies transactions: ............................................................................................................................................ 33 Your Cloud backups/sync services: ............................................................................................................................................... 34 Your Browser and Device Fingerprints: ......................................................................................................................................... 34 Local Data Leaks and Forensics: ................................................................................................................................................... 35

Bad Cryptography: ........................................................................................................................................................................ 35 No logging but logging anyway policies: ...................................................................................................................................... 36 Some Advanced targeted techniques: .......................................................................................................................................... 37 Some bonus resources: ................................................................................................................................................................. 38 Notes: ........................................................................................................................................................................................... 39 General Preparations: .............................................................................................................................................................. 39 Picking your route: ........................................................................................................................................................................ 39 Timing limitations:.................................................................................................................................................................... 40 Budget/Material limitations: .................................................................................................................................................... 40 Skills:......................................................................................................................................................................................... 41 Adversaries (threats): ............................................................................................................................................................... 41 Steps for all routes: ....................................................................................................................................................................... 42 Get an anonymous Phone number: ......................................................................................................................................... 42 Get an USB key: ........................................................................................................................................................................ 44 Find some safe places with decent public Wi-Fi: ..................................................................................................................... 44 The TAILS route: ............................................................................................................................................................................ 45 Persistent Plausible Deniability using Whonix within TAILS:.................................................................................................... 45 Steps for all other routes: ............................................................................................................................................................. 47 Get a dedicated laptop for your sensitive activities:................................................................................................................ 47 Some laptop recommendations: .............................................................................................................................................. 48 Bios/UEFI/Firmware Settings of your laptop: .......................................................................................................................... 49 Physically Tamper protect your laptop: ................................................................................................................................... 50 The Whonix route: ........................................................................................................................................................................ 51 Picking your Host OS (the OS installed on your laptop): .......................................................................................................... 51 Linux Host OS: .......................................................................................................................................................................... 55 MacOS Host OS: ....................................................................................................................................................................... 56 Windows Host OS: .................................................................................................................................................................... 58 Virtualbox on your Host OS: ..................................................................................................................................................... 66 Pick your connectivity method:................................................................................................................................................ 67 Get an anonymous VPN/Proxy: ................................................................................................................................................ 72 Whonix: .................................................................................................................................................................................... 72 Tor over VPN: ................................................................................................................................................................................ 74 Whonix Virtual Machines: ............................................................................................................................................................ 74 Pick your guest workstation Virtual Machine: .............................................................................................................................. 75 If you can use Tor: .................................................................................................................................................................... 75 If you cannot use Tor: .............................................................................................................................................................. 75 Linux Virtual Machine (Whonix or Linux): ................................................................................................................................ 75 Windows 10 Virtual Machine: .................................................................................................................................................. 76 Android Virtual Machine: ......................................................................................................................................................... 78 MacOS Virtual Machine: .......................................................................................................................................................... 78 KeepassXC: ............................................................................................................................................................................... 80 VPN client installation (cash/Monero paid): ............................................................................................................................ 80 Final steps: ............................................................................................................................................................................... 80 The Qubes Route:.......................................................................................................................................................................... 80 Pick your connectivity method:................................................................................................................................................ 81 Get an anonymous VPN/Proxy: ................................................................................................................................................ 86 Installation: .............................................................................................................................................................................. 86 Lid Closure Behavior:................................................................................................................................................................ 86 Connect to a Public Wi-Fi: ........................................................................................................................................................ 86 Update Qube OS: ..................................................................................................................................................................... 86 Setup the VPN ProxyVM:.......................................................................................................................................................... 87

Setup a safe Browser within Qube OS (optional but recommended): ..................................................................................... 90 Setup an Android VM: .............................................................................................................................................................. 90 KeePassXC: ............................................................................................................................................................................... 91 Creating your anonymous online identities: ............................................................................................................................. 92 Understanding the methods used to prevent anonymity and verify identity: .............................................................................. 92 Phone verification: ................................................................................................................................................................... 93 E-Mail verification: ................................................................................................................................................................... 93 User details checking: .............................................................................................................................................................. 93 Proof of ID verification: ............................................................................................................................................................ 93 IP Filters: ................................................................................................................................................................................... 94 Browser and Device Fingerprinting: ......................................................................................................................................... 94 Human interaction: .................................................................................................................................................................. 95 User Moderation: ..................................................................................................................................................................... 95 Behavioral Analysis: ................................................................................................................................................................. 95 Financial transactions:.............................................................................................................................................................. 95 Sign-in with some platform: ..................................................................................................................................................... 96 Live Face recognition and biometrics (again):.......................................................................................................................... 96 Manual reviews: ....................................................................................................................................................................... 97 Getting Online: ............................................................................................................................................................................. 97 Creating new identities: ........................................................................................................................................................... 98 The Real-Name System: ......................................................................................................................................................... 101 Overview: ............................................................................................................................................................................... 101 How to share files or chat anonymously: ............................................................................................................................... 112 Redacting Documents/Pictures/Videos/Audio safely: ........................................................................................................... 116 Communicating sensitive information to various known organizations: ............................................................................... 117 Maintenance tasks: ................................................................................................................................................................ 118 Backing-up your work securely: .............................................................................................................................................. 118 Offline Backups: .......................................................................................................................................................................... 118 Selected Files Backups: .......................................................................................................................................................... 118 Full Disk/System Backups: ...................................................................................................................................................... 120 Online Backups: .......................................................................................................................................................................... 121 Synchronizing your files between devices Online: ...................................................................................................................... 122 Covering your tracks:.............................................................................................................................................................. 122 Understanding HDD vs SSD:........................................................................................................................................................ 122 Wear-Leveling. ....................................................................................................................................................................... 123 Trim Operations: .................................................................................................................................................................... 124 Garbage Collection: ................................................................................................................................................................ 125 Conclusion: ............................................................................................................................................................................. 125 How to securely wipe your whole Laptop/Drives if you want to erase everything: .................................................................... 125 Linux (all versions including Qubes OS):................................................................................................................................. 126 Windows: ............................................................................................................................................................................... 127 MacOS: ................................................................................................................................................................................... 128 How to securely delete specific files/folders/data on your HDD/SDD and Thumb drives: .......................................................... 128 Windows: ............................................................................................................................................................................... 129 Linux (non Qubes OS): ............................................................................................................................................................ 130 Linux (Qubes OS): ................................................................................................................................................................... 132 MacOS: ................................................................................................................................................................................... 133 Some additional measures against forensics: ............................................................................................................................ 134 Removing Metadata from Files/Documents/Pictures: .......................................................................................................... 135 TAILS: ...................................................................................................................................................................................... 136

Whonix: .................................................................................................................................................................................. 137 MacOS: ................................................................................................................................................................................... 137 Linux (Qubes OS): ................................................................................................................................................................... 139 Linux (non-Qubes): ................................................................................................................................................................. 139 Windows: ............................................................................................................................................................................... 139 Removing some traces of your identities on search engines and various platforms: ................................................................. 143 Google: ................................................................................................................................................................................... 144 Bing: ....................................................................................................................................................................................... 144 DuckDuckGo: .......................................................................................................................................................................... 144 Yandex: ................................................................................................................................................................................... 144 Qwant: .................................................................................................................................................................................... 144 Yahoo Search: ......................................................................................................................................................................... 144 Baidu: ..................................................................................................................................................................................... 144 Wikipedia: .............................................................................................................................................................................. 145 Internet Archive: .................................................................................................................................................................... 145 Some low-tech old-school tricks: ............................................................................................................................................ 145 Hidden communications in plain sight:....................................................................................................................................... 145 How to spot if someone has been searching your stuff: ............................................................................................................. 146 Some last OPSEC thoughts:..................................................................................................................................................... 146 If you think you got burned: ................................................................................................................................................... 147 If you have some time:................................................................................................................................................................ 147 If you have no time: .................................................................................................................................................................... 147 A small final editorial note: .................................................................................................................................................... 147 Donations: .............................................................................................................................................................................. 148 Acknowledgements: ............................................................................................................................................................... 148 Appendix A: Windows Installation ......................................................................................................................................... 149 Installation: ................................................................................................................................................................................. 149 Privacy Settings: ......................................................................................................................................................................... 150 Appendix B: Windows Additional Privacy Settings ................................................................................................................. 151 Appendix C: Windows Installation Media Creation ................................................................................................................ 151 Appendix D: Using System Rescue to securely wipe an SSD drive. .......................................................................................... 152 Appendix E: Clonezilla ............................................................................................................................................................ 152 Appendix F: Diskpart .............................................................................................................................................................. 153 Appendix G: Safe Browser on the Host OS .............................................................................................................................. 153 If you can use Tor:....................................................................................................................................................................... 153 If you cannot use Tor: ................................................................................................................................................................. 153 Appendix H: Windows Cleaning Tools .................................................................................................................................... 154 Appendix I: Using ShredOS to securely wipe an HDD drive: .................................................................................................... 154 Windows: .................................................................................................................................................................................... 155

Linux: .......................................................................................................................................................................................... 155 Appendix J: Manufacturer tools for Wiping HDD and SSD drives: ........................................................................................... 155 Tools that provide a boot disk for wiping from boot: ................................................................................................................. 155 Tools that provide only support from running OS (for external drives). ..................................................................................... 155 Appendix K: Considerations for using external SSD drives ...................................................................................................... 155 Windows: .................................................................................................................................................................................... 156 Trim Support: ......................................................................................................................................................................... 156 ATA/NVMe Operations (Secure Erase/Sanitize): ................................................................................................................... 156 Linux: .......................................................................................................................................................................................... 156 Trim Support: ......................................................................................................................................................................... 156 ATA/NVMe Operations (Secure Erase/Sanitize): ................................................................................................................... 156 MacOS: ....................................................................................................................................................................................... 156 Trim Support: ......................................................................................................................................................................... 156 ATA/NVMe Operations (Secure Erase/Sanitize): ................................................................................................................... 157 Appendix L: Creating a mat2-web guest VM for removing metadata from files...................................................................... 157 Appendix M: BIOS/UEFI options to wipe disks in various Brands ........................................................................................... 159 Appendix N: Warning about smartphones and smart devices ................................................................................................ 159 Appendix O: Get an anonymous VPN/Proxy ........................................................................................................................... 159 Cash/Monero-Paid VPN (preferred): .......................................................................................................................................... 159 Self-hosted VPN/Proxy on a Monero/Cash-paid VPS (for skilled users familiar with Linux): ...................................................... 160 VPN VPS:................................................................................................................................................................................. 160 Socks Proxy VPS:..................................................................................................................................................................... 160 Appendix P: Accessing the internet as safely as possible when Tor and VPNs are not an option ............................................ 162 Appendix Q: Using long range Antenna to connect to Public Wi-Fis from a safe distance: ...................................................... 163 Appendix R: Installing a VPN on your VM or Host OS. ............................................................................................................ 165 Appendix S: Check your network for surveillance/censorship using OONI.............................................................................. 166 Appendix T: Checking files for malware .................................................................................................................................. 166 Integrity (if available): ................................................................................................................................................................ 166 Authenticity (if available): .......................................................................................................................................................... 167 Security (checking for actual malware): ..................................................................................................................................... 168 Anti-Virus Software: ............................................................................................................................................................... 168 Manual Reviews: .................................................................................................................................................................... 169 Appendix U: How to bypass (some) local restrictions on supervised computers..................................................................... 170 Portable Apps: ............................................................................................................................................................................ 170 Bootable Live Systems: ............................................................................................................................................................... 171 Precautions: ................................................................................................................................................................................ 171 Appendix V: What browser to use in your Guest VM/Disposable VM .................................................................................... 171 Appendix W: Virtualization .................................................................................................................................................... 172

Appendix X: Using Tor bridges in hostile environments .......................................................................................................... 173 Appendix Y: Windows AME download and installation .......................................................................................................... 174 Download: .................................................................................................................................................................................. 175 Installation: ................................................................................................................................................................................. 175

Requirements: •

• • • • • •

Be a permanent Adult resident in Germany where the courts have upheld up the legality of not using real names on online platforms (§13 VI of the German Telemedia Act of 2007 1’ 2). Alternatively, be an Adult resident of any other country where you can validate and verify the legality of this guide yourself. This guide will assume you already have access to some personal (Windows/Linux/MacOS) laptop computer (ideally not a work/shared device). Have patience as this process could take several weeks to finalize if you want to go through all the content. Have a little budget to dedicate to this process (you will need at least budget for an USB key). Have some free time on your hands to dedicate to this process (or a lot depending on the route you pick). Be prepared to read a lot of references (do read them), guides (do not skip them) and follow a lot of how-to tutorials thoroughly (do not skip them either). Don’t be evil (for real this time) 3.

Introduction: TLDR for the whole guide: “A strange game. The only winning move is not to play” 4. Making a social media account with a pseudonym or artist/brand name is easy. And it is enough is most use cases to protect your identity as the next George Orwell. There are plenty of people using pseudonyms all over Facebook/Instagram/Twitter/LinkedIn/TikTok/Snapchat/Reddit/… But the vast majority of those are anything but anonymous and can easily be traced to their real identity by your local police officers, random people within the OSINT 5 (Open-Source Intelligence) community and trolls 6 on 4chan 7. This is a good thing as most criminals/trolls are not really tech savvy and will be identified with ease. But this is also a bad thing as most political dissidents, human rights activists and whistleblowers can also be tracked rather easily. This updated guide aims to provide introduction to various de-anonymization techniques, tracking techniques, id verification techniques and optional guidance to creating and maintaining reasonably anonymous identities online including social media accounts safely. This includes mainstream platforms and not only privacy friendly ones. It is important to understand that the purpose of this guide is anonymity and not just privacy but many of the guidance you will find here will also help you improve your privacy and security even if you are not interested in anonymity. There is an important overlap in techniques and tools used for privacy, security, and anonymity but they differ at some point: •

Privacy is about people knowing who you are but not knowing what you are doing.



Anonymity is about people knowing what you are doing but not knowing who you are 8

(illustration from 9)

Will this guide help you protect yourself from the NSA, the FSB, Mark Zuckerberg, or the Mossad if they are out to find you? Probably not … Mossad will be doing “Mossad things” 10 and will probably find you no matter how hard you try to hide 11. You must consider your threat model 12 before going further.

(Illustration by xkcd.com, licensed under CC BY-NC 2.5)

Will this guide help you protect your privacy from OSINT researchers like Bellingcat 13 , Doxing14 trolls on 4chan 15 and others that have no access to the NSA toolbox? More likely. Tho I would not be so sure about 4chan. Here is a basic simplified threat model for this guide:

(Note that the “magical amulets/submarine/fake your own death” jokes are quoted from 10) The EFF provides a few security scenarios of what you should consider depending on your activity. While some of those tips might not be within the scope of this guide (more about Privacy than Anonymity), they are still worth reading as examples. See https://ssd.eff.org/en/module-categories/security-scenarios [Archive.org]. There are also quite a few more serious ways of making your threat model such as: • • • •

LINDDUN https://www.linddun.org/ [Archive org] STRIDE https://en.wikipedia.org/wiki/STRIDE %28security%29 [Archive.org] DREAD https://en.wikipedia.org/wiki/DREAD %28risk assessment model%29 [Archive org] PASTA https://versprite.com/tag/pasta-threat-modeling/ [Archive.org]

You can find some introduction on these on these projects: • •

OWASP https://cheatsheetseries.owasp.org/cheatsheets/Threat Modeling Cheat Sheet.html [Archive.org] Online Operations Security https://github.com/devbret/online-opsec/ [Archive.org]

It is also important to understand this guide is the humble result of years of experience, learning and testing from a single individual (myself) and that many of those systems that aim to prevent anonymity are opaque proprietary closed-source systems. Many of those guidelines are based on experience, on referenced studies and recommendations by other people and projects. These experiences take a lot of time, resources and are sometimes far from being scientific. There might be some wrong or outdated information in this guide too because I am not omniscient (feel free to report any using GitHub Issues). Your mileage may vary (a lot). Use at your own risk. You might think this guide has no legitimate use but there are many 16’ 17’ 18’ 19’ 20’ 21’ 22 such as: • • • • • • • •

Evading Online Censorship Evading Online Oppression Evading Online Stalking, Doxxing, and Harassment Evading Online Unlawful Government Surveillance Anonymous Online Whistle Blowing Anonymous Online Activism Anonymous Online Journalism Anonymous Online Legal Practice

• •

Anonymous Online Academic Activities (For instance accessing scientific research where such resources are blocked). See note below. …

Note: that if you are having trouble accessing any of the many academic articles referenced in this guide, feel free to use Sci-Hub (https://en.wikipedia.org/wiki/Sci-Hub [Archive.org]) or LibGen (https://en.wikipedia.org/wiki/Library Genesis [Archive.org]) for finding and reading them. Because science should be free. All of it. This guide is written with hope for those good intended individuals who might not be knowledgeable enough to consider the big picture of online anonymity and privacy. This guide is not intended for: • • • •

Creating machine accounts of any kind (bots). Creating impersonation accounts of existing people (such as identity theft). Helping malicious actors conduct unlawful or unethical activities (such as trolling, stalking, disinformation, misinformation, harassment, or any criminal activity). Use by minors.

Feel free to report issues, recommend improvements or start a discussion on the GitHub repository if you want. Use at your own risk. Anything in here is not legal advice and you should verify compliance with your local law before use (IANAL 23). “Trust but verify” 24 all the information yourself (or even better, “Never Trust, always verify”326).

Understanding some basics of how some information can lead back to you and how to mitigate some: There are many ways you can be tracked besides browser cookies and ads, your e-mail, and your phone number. And if you think only the Mossad or the NSA/FSB can find you, you would be terribly wrong. You might consider viewing this good YouTube playlist as an introduction before going further: https://www.youtube.com/playlist?list=PL3KeV6Ui 4CayDGHw64OFXEPHgXLkrtJO [Invidious] (from the Go Incognito project https://github.com/techlore-official/go-incognito [Archive.org]). This guide will cover many of those topics with more details and references as well as some additional topics not covered within that series but I would recommend the series as an introduction and it will just take you 2 or 3 hours to watch it all. Now, here is a non-exhaustive list of some of the many ways you could be tracked and de-anonymized:

Your Network: Your IP address: Disclaimer: this whole paragraph is about your public facing Internet IP and not your local network IP Your IP address 25 is the most known and obvious way you can be tracked. That IP is the IP you are using at the source. This is where you connect to the internet. That IP is usually provided by your ISP (Internet Service Provider) (xDSL, Mobile, Cable, Fiber, Cafe, Bar, Friend, Neighbor). Most countries have data retention regulations 26 which mandates keeping logs of who is using what IP at a certain time/date for up to several years or indefinitely. Your ISP can tell a third party that you were using a specific IP at a specific date and time, years after the fact. If that IP (the origin one) leaks at any point for any reason, it can be used to track down you directly. In many countries, you will not be able to have internet access without providing some form of identification to the provider (address, ID, real name, e-mail …). Useless to say that most platforms (such as social networks) will also keep (sometimes indefinitely) the IP addresses you used to sign-up and sign-in to their services. Here are some online resources you can use to find some information about your current public IP right now:



• •









Find your IP: o https://resolve.rs/ o https://www.dnsleaktest.com/ (Bonus, check your IP for DNS leaks) Find your IP location or the location of any IP: o https://resolve.rs/ip/geolocation.html Find if an IP is “suspicious” or has downloaded “things” on some public resources: o https://www.virustotal.com/gui/home/search o https://iknowwhatyoudownload.com Registration information of an IP (most likely your ISP or the ISP of your connection who most likely know who is using that IP at any time): o https://whois.domaintools.com/ Check for open-services or open-devices on an IP (especially if there are leaky Smart Devices on it): o https://www.shodan.io/host/185.220.101.134 (replace the IP by your IP or any other, or change in the search bow, this example IP is a Tor Exit node) Various tools to check your IP such as blacklists checkers and more: o https://www.whatismyip.com o https://browserleaks.com/ Would you like to know if you are connected through Tor? o https://check.torproject.org

For those reasons, we will need to obfuscate that origin IP (the one tied to your identification) or hide it as much as we can through a combination of various means: • Using a public Wi-Fi service (free). • Using the Tor Anonymity Network 27 (free). • Using VPN 28 services anonymously (anonymously paid with cash or Monero). All those will be explained later in this guide.

Your DNS requests: DNS stands for “Domain Name System” 29 and is a service used by your browser (and other apps) to find the IP addresses of a service. It is pretty much a huge “contact list” (phone book for older people) that works like asking it a name and it returns the number to call. Except it returns an IP instead. Every time your browser wants to access a certain service such as Google through www.google.com. Your Browser (Chrome or Firefox) will query a DNS service to find the IP addresses of the Google web servers. Here is a video explaining DNS visually if you are already lost: https://www.youtube.com/watch?v=vrxwXXytEuI

[Invidious]

Usually, the DNS service is provided by your ISP and automatically configured by the network you are connecting to. This DNS service could also be subject to data retention regulations or will just keep logs for other reasons (data collection for advertising purposes for instance). Therefore, this ISP will be capable of telling everything you did online just by looking at those logs which can in turn be provided to an adversary. Conveniently this also the easiest way for many adversaries to apply censoring or parental control by using DNS blocking 30. The provided DNS servers will give you a different address (than their real one) for some websites (like redirecting thepiratebay to some government website). Such blocking is widely applied worldwide for certain sites 31. Using a private DNS service or your own DNS service would mitigate these issues but the other problem is that most of those DNS requests are by default still sent in clear text (unencrypted) over the network. Even if you browse PornHub in an incognito Window, using HTTPS and using a private DNS service, chances are very high that your browser will send a clear text unencrypted DNS request to some DNS servers asking basically “So what’s the IP address of www.pornhub.com?”.

Because it is not encrypted, your ISP and/or any other adversary could still intercept (using a Man-in-the-middle attack86) your request will know and possibly log what your IP was looking for. The same ISP can also tamper with the DNS responses even if you are using a private DNS. Rendering the use of a private DNS service useless. As a bonus, many devices and apps will use hardcoded DNS servers bypassing any system setting you could set. This is for example the case with most (70%) Smart TVs and a large part (46%) of Game Consoles 32. For these devices, you will have to force them 33 to stop using their hardcoded DNS service which could make them stop working properly. A solution to this is to use encrypted DNS using DoH (DNS over HTTPS 34), DoT (DNS over TLS 35) with a private DNS server (this can be self-hosted locally with a solution like pi-hole 36, remotely hosted with a solution like nextdns.io or using the solutions provider by your VPN provider or the Tor network). This should prevent your ISP or some middleman from snooping on your requests … except it might not. Small in-between disclaimer: This guide does not necessarily endorse or recommends Cloudflare services even if it is mentioned several times in this section for technical understanding. Unfortunately, the TLS protocol used in most HTTPS connections in most Browsers (Chrome/Brave/UngoogledChromium among them) will leak the DNS again through SNI 37 handshakes (this can be checked here at Cloudflare: https://www.cloudflare.com/ssl/encrypted-sni/ [Archive.org] ). As of the writing of this guide, only Firefox based browsers supports ECH (Encrypted Client Hello38 previously known as eSNI 39) which will encrypt everything end to end (in addition to using a secure private DNS over TLS/HTTPS) and will allow you to hide your DNS requests from a third party 40. And this option is not enabled by default either so you will have to enable it yourself.

In addition to limited browser support, only Web Services and CDNs 41 behind Cloudflare CDN support ECH/eSNI at this stage 42. This means that ECH are eSNI are not supported (as of the writing of this guide) by most mainstream platforms such as: • Amazon (including AWS, Twitch…) • Microsoft (including Azure, OneDrive, Outlook, Office 365…)

• • • • • • • • •

Google (including Gmail, Google Cloud…) Apple (including iCloud, iMessage…) Reddit YouTube Facebook Instagram Twitter GitHub …

Some countries like Russia43 and China 44 will block ECH/eSNI handshakes at network level to allow snooping and prevent bypassing censorship. Meaning you will not be able to establish an HTTPS connection with a service if you do not allow them to see what it was. The issues do not end here. Part of the HTTPS TLS validation is called OCSP 45 and this protocol will leak metadata in the form of the serial number of the certificate of the website you are visiting. An adversary can then easily find which website you are visiting by matching the certificate number 46. This issue can be mitigated by using OCSP stapling 47 and fortunately this is enabled and enforced by default in Firefox/Tor Browser. But the website you are visiting must also be supporting it and not all do.

Finally, even if you use a custom encrypted DNS server (DoH or DoT) with ECH/eSNI support and OCSP stapling, it might still not be enough as traffic analysis studies 48 have shown it is still possible to reliably fingerprint and block unwanted requests. Only DNS over Tor was able to demonstrate efficient DNS Privacy in recent studies but even that can still be defeated by other means (see Your Anonymized Tor/VPN traffic). One could also decide to use a Tor Hidden DNS Service or ODoH (Oblivious DNS over HTTPS 49) to further increase privacy/anonymity but unfortunately, as far as I know, these methods are only provided by Cloudflare as of this writing (https://blog.cloudflare.com/welcome-hidden-resolver/ [Archive.org], https://blog.cloudflare.com/oblivious-dns/ [Archive org] ). I personally think these are viable and reasonably secure technical options but there is also a moral choice if you want to use Cloudflare or not (despite the risk posed by some researchers 50). Lastly, there is also this new option called DoHoT which stands for DNS over HTTPS over Tor which could also further increase your privacy/anonymity and which you could consider if you are more skilled with Linux. See

https://github.com/alecmuffett/dohot [Archive.org]. This guide will not help you with this one at this stage but it might be coming soon. Here is an illustration showing the current state of DNS privacy based on my current knowledge.

Therefore, to mitigate all these issues (as much as possible), this guide we will later recommend two solutions: Tor and a virtualized (See Appendix W: Virtualization) multi-layered solution of VPN over Tor which should mitigate most of the issues reasonably. Other options will also be explained (Tor over VPN, VPN only, No Tor/VPN) but are less recommended. As for your normal daily use (non-sensitive), remember that only Firefox based browsers support ECH (formerly eSNI) so far and that it is only useful with websites hosted behind Cloudflare CDN at this stage. Likewise, only Firefox based browsers will enforce OCSP stapling. If you prefer a Chrome based version (which is understandable for some due to some better integrated features like on-the-fly Translation), then I would recommend the use of Brave instead which supports all Chrome extensions and offers much better privacy than Chrome. Alternatively, if you do not trust Brave, you could also use Ungoogled-Chromium (https://github.com/Eloston/ungoogled-chromium [Archive org] ).

Your RFID enabled devices: RFID stands for Radio-frequency identification 51, it is the technology used for instance for contactless payments and various identification systems. Of course, your smartphone is among those devices and has RFID contactless payment capabilities through NFC 52. As with everything else, such capabilities can be used for tracking by various actors. But unfortunately, this is not limited your smartphone and you also probably carry some amount of RFID enabled device with you all the time such as: • • • • • • • • •

Your contactless enabled credit/debit cards Your store loyalty cards Your transportation payment cards Your work-related access cards Your car keys Your national ID or driver license Your passport The price/anti-theft tags on object/clothing …

While all these cannot be used to de-anonymize you from a remote online adversary, they can be used to narrow down a search if your approximate location at a certain time is known. For instance, you cannot rule out that some stores will effectively scan (and log) all RFID chips passing through the door. They might be looking for their loyalty cards but are also logging others along the way. Such RFID tags could be traced to your identity and allow for deanonymization. More information over at Wikipedia: https://en.wikipedia.org/wiki/Radiofrequency identification#Security concerns [Archive.org] and https://en.wikipedia.org/wiki/Radiofrequency identification#Privacy [Archive.org] The only way to mitigate this problem is to have no RFID tags on you or to shield them again using a type of faraday cage. You could also use specialized wallets/pouches that specifically block RFID communications. Many of those are now made by well-known brands such as Samsonite 53. See Appendix N: Warning about smartphones and smart devices

The Wi-Fis and Bluetooth devices around you: Geolocation is not only done by using mobile antennas triangulation. It is also done using the Wi-Fis and Bluetooth devices around you. Operating systems makers like Google (Android 54) and Apple (IOS 55) maintain a convenient database of most Wi-Fi access points, Bluetooth devices and their location. When your Android smartphone or iPhone is on (and not in Plane mode), it will scan passively (unless you specifically disable this feature in the settings) Wi-Fi access points and Bluetooth devices around you and will be able to geolocate you with more precision than when using a GPS.

This allows them to provide accurate locations even when GPS is off but it also allows them to keep a convenient record of all Bluetooth devices all over the world. Which can then be accessed by them or third parties for tracking. Note: If you have an Android smartphone, Google probably knows where it is no matter what you do. You cannot really trust the settings. The whole operating system is built by a company that wants your data. Remember that if it is free then you are the product. But that is not what all those Wi-Fis access points can do. Recently developed techs could even allow someone to track your movements accurately just based on radio interferences. What this means is that it is possible to track your movement inside a room/building based on the radio signals passing through. This might seem like a tinfoil hat conspiracy theory claim but here are the references 56 with demonstrations showing this tech in action: http://rfpose.csail.mit.edu/ [Archive.org] and the video here: https://www.youtube.com/watch?v=HgDdaMy8KNE [Invidious] You could therefore imagine many uses cases for such technologies like recording who enters specific buildings/offices (hotels, hospitals, or embassies for instance) and then discover who meets who and where by tracking them from outside. Even if they have no smartphone on them.

Again, such issue could only be mitigated by being in room/building that would act as a faraday cage. Here is another video of the same kind of tech in action: https://www.youtube.com/watch?v=FDZ39h-kCS8 [Invidious] See Appendix N: Warning about smartphones and smart devices

Malicious/Rogue Wi-Fi Access Points: These have been used since at least since 2008 using an attack called “Jasager” 57 and can be done by anyone using self-built tools or using commercially available devices such as Wi-Fi Pineapple 58. Here are some videos explaining more about the topic: • •

HOPE 2020, https://archive.org/details/hopeconf2020/20200725 1800 Advanced WiFi Hacking With %245 Microcontrollers.mp4 YouTube, Hak5, Wi-Fi Pineapple Mark VII https://www.youtube.com/watch?v=7v3JR4Wlw4Q [Invidious]

These devices can fit in a small bag and can take over the Wi-Fi environment of any place within their range. For instance, a Bar/Restaurant/Café/Hotel Lobby. These devices can force Wi-Fi clients to disconnect from their current Wi-Fi (using de-authentication, disassociation attacks 59) while spoofing the normal Wi-Fi networks at the same location. They will continue to perform this attack until your computer or yourself decides to try to connect to the rogue AP.

These devices can then mimic a captive portal 60 with the exact same layout as the Wi-Fi you are trying to access (for instance an Airport Wi-Fi registration portal). Or they could just give you open access internet that they will themselves get from the same place. Once you are connected through the Rogue AP, this AP will be able to execute various man-in-the-middle attacks to perform analysis on your traffic. These could be malicious redirections or just simple traffic sniffing. These can then easily identify any client that would for instance try to connect to a VPN server or to the Tor Network. This can be useful when you know someone you want to de-anonymize is in a crowded place but you do not know who. This would allow such an adversary to possibly fingerprint any website you visit despite the use of HTTPS, DoT, DoH, ODoH, VPN or Tor using traffic analysis as pointed above in the DNS section. These can also be used to carefully craft and serve you advanced phishing webpages that would harvest your credentials or try to make you install a malicious certificate allowing them to see your encrypted traffic.

Your Anonymized Tor/VPN traffic: Tor and VPNs are not silver bullets. Many advanced techniques have been developed and studied to de-anonymize encrypted Tor traffic over the years 61. Most of those techniques are Correlation attacks that will correlate your network traffic in one way or another to logs or datasets. Here are some classic examples: •

Correlation Fingerprinting Attack: As illustrated (simplified) below, this attack will fingerprint 62 your encrypted traffic (like the websites you visited) just based on the analysis of your encrypted traffic (without decrypting it). It can do so with a whopping 96% success rate. Such fingerprinting can be used by an adversary that has access to your source network to figure out some of your encrypted activity (such as which websites you visited).



Correlation Timing Attacks: As illustrated (simplified) below, an adversary that has access to network connection logs (IP or DNS for instance, remember that most VPN servers and most Tor nodes are known and publicly listed) at the source and at the destination could correlate the timings to de-anonymize you without requiring any access to the Tor or VPN network in between. A real use case of this technique was done by the FBI in 2013 to de-anonymize 63 a bomb threat hoax at Harvard University.



Correlation Counting Attacks: As illustrated (simplified) below, an adversary that has no access to detailed connection logs (cannot see that you used Tor or Netflix) but has access to data counting logs could see that you have downloaded 600MB on a specific time/date that matches the 600MB upload at the destination. This correlation can then be used to de-anonymize you over time.

There are ways to mitigate these such as:



• •

Do not use Tor/VPNs to access services that are on the same network (ISP) as the destination service. For example, do not connect to Tor from your University Network to access a University Service anonymously. Instead use a different source point (such as a public Wi-Fi) that cannot be correlated easily by an adversary. Do not use Tor/VPN from an obviously monitored network (such as a corporate/governmental Network) but instead try to find an unmonitored network such as a public Wi-Fi or a residential Wi-Fi. Use multiple layers (such as what will be recommended in this guide later: VPN over Tor) so that an adversary might be able to see that someone connected to the service through Tor but will not be able to see that it was you because you were connected to a VPN and not the Tor Network.

Be aware again that this might not be enough against a motivated global adversary 64 with wide access to global mass surveillance. Such adversary might have access to logs no matter where you are and could use those to deanonymize you. Be also aware that all the other methods described in this guide such as Behavioral analysis can also be used to deanonymize Tor users indirectly (see further Your Digital Fingerprint, Footprint, and Online Behavior). I also strongly recommend reading this very good, complete and thorough guide on many Attack Vectors on Tor: https://github.com/Attacks-on-Tor/Attacks-on-Tor [Archive.org] as well as this recent research publication https://www.researchgate.net/publication/323627387 Shedding Light on the Dark Corners of the Internet A Survey of Tor Research [Archive.org] (In their defense, it should also be noted that Tor is not designed to protect against a Global adversary. For more information see https://svn-archive.torproject.org/svn/projects/design-paper/tor-design.pdf [Archive.org] and specifically, "Part 3. Design goals and assumptions.".) Lastly, do remember that using Tor can already be considered a suspicious activity 65 and its use could be considered malicious by some 66. This guide will later propose some solutions to such attacks by changing your origin from the start (using public wifi’s for instance).

Some Devices can be tracked even when offline: You have seen this in action/spy/Sci-Fi movies and shows, the protagonists always remove the battery of their phones to make sure it cannot be used. Most people would think that’s overkill. Well, unfortunately no, this is now becoming true at least for some devices: • • •

iPhones and iPads (IOS 13 and above) 67’ 68 Samsung Phones (Android 10 and above) 69 MacBooks (MacOS 10.15 and above) 70

Such devices will continue to broadcast identity information to nearby devices even when offline using Bluetooth Low-Energy 71. They do not have access to the devices directly (which are not connected to the internet) but instead use BLE to find them through other nearby devices 72. They are basically using peer-to-peer short-range Bluetooth communication to broadcast their status through nearby online devices. They could now locate such devices and keep the location in some database that could then be used by third parties or themselves for various purposes (including analytics, advertising or evidence/intelligence gathering). See Appendix N: Warning about smartphones and smart devices

Your Hardware Identifiers: Your IMEI and IMSI (and by extension, your phone number): The IMEI (International Mobile Equipment Identity 73) and the IMSI (International Mobile Subscriber Identity 74) are unique numbers created by mobile phone manufacturers and mobile phone operators. The IMEI is tied directly to the phone you are using. This number is known and tracked by the mobile phone operators and known by the manufacturers. Every time your phone connects to the mobile network, it will register the IMEI on the network along the IMSI (if a SIM card is inserted but that is not even needed). It is also used by many

applications (Banking apps abusing the phone permission on Android for instance 75) and smartphone Operating Systems (Android/IOS) for identification of the device 76. It is possible but difficult (and not illegal in many jurisdictions 77) to change the IMEI on a phone but it is probably easier and cheaper to just find and buy some old (working) Burner phone for a few Euros (this guide is for Germany remember) at a flea market or at some random small shop. The IMSI is tied directly to the mobile subscription or pre-paid plan you are using and is basically tied to your phone number by your mobile provider. The IMSI is hardcoded directly on the SIM card and cannot be changed. Remember that every time your phone connects to the mobile network, it will also register the IMSI on the network along the IMEI. Like the IMEI, the IMSI is also being used by some applications and smartphone Operating systems for identification and are being tracked. Some countries in the EU for instance maintain a database of IMEI/IMSI associations for easy querying by Law Enforcement. Today, giving away your (real) phone number is basically the same or better than giving away your Social Security number/Passport ID/National ID. The IMEI and IMSI can be traced back to you by at least 6 ways: •











The mobile operator subscriber logs which will usually store the IMEI along the IMSI and their subscriber information database. If you use a prepaid anonymous SIM (anonymous IMSI but with a known IMEI), they can see this cell belongs to you if you used that cell phone before with a different SIM card (different anonymous IMSI but same known IMEI). The mobile operator antenna logs which will conveniently keep a log of which IMEI and IMSI also keep some connection data. They know and log for instance that a phone with this IMEI/IMSI combination connected to a set of Mobile antennas and how powerful the signal to each of those antennas was allowing easy triangulation/geolocation of the signal. They also know which other phones (your real one for instance) connected at the same time to the same antennas with the same signal which would make it possible to know precisely that this “burner phone” was always connected at the same place/time than this other “known phone” which shows up every time the burner phone is being used. This information can be used by various third parties to geolocate/track you quite precisely 78’ 79. The manufacturer of the Phone can trace back the sale of the phone using the IMEI if that phone was bought in a non-anonymous way. Indeed, they will have logs of each phone sale (including serial number and IMEI), to which shop/person it was sold to. And if you are using a phone that you bought online (or from someone that knows you). It can be traced to you using that information. Even if they do not find you on CCTV 80 and you bought the phone cash, they can still find what other phone (your real one in your pocket) was there (in that shop) at that time/date by using the antenna logs. The IMSI alone can be used to find you as well because most countries now require customers to provide an ID when buying a SIM card (subscription or pre-paid). The IMSI is then tied to the identity of the buyer of the card. In the countries where the SIM can still be bought with cash (like the UK), they still know where (which shop) it was bought and when. This information can then be used to retrieve information from the shop itself (such as CCTV footage as for the IMEI case). Or again the antenna logs can also be used to figure out which other phone was there at the moment of the sale. The smartphone OS makers (Google/Apple for Android/IOs) also keep logs of IMEI/IMSI identifications tied to Google/Apple accounts and which user has been using them. They too can trace back the history of the phone and to which accounts it was tied in the past 81. Government agencies around the world interested in your phone number can and do use 82 special devices called “IMSI catchers” 83 like the Stingray 84 or more recently the Nyxcell 85. These devices can impersonate (to spoof) a cell phone Antenna and force a specific IMSI (your phone) to connect to it to access the cell network. Once they do, they will be able to use various MITM 86 (Man-In-The-Middle Attacks) that will allow them to: o Tap your phone (voice calls and SMS). o Sniff and examine your data traffic. o Impersonate your phone number without controlling your phone. o …

Here is also a good YouTube video on this topic: DEFCON Safe Mode - Cooper Quintin - Detecting Fake 4G Base Stations in Real Time https://www.youtube.com/watch?v=siCk4pGGcqA [Invidious] For these reasons, it is crucial to get dedicated an anonymous phone number and/or an anonymous burner phone with an anonymous pre-paid sim card that are not tied to you in any way (past or present) for conducting sensitive activities (See more practical guidance in Get an anonymous Phone number section). While there are some smartphones manufacturers like Purism with their Librem series 87 who claim to have your privacy in mind, they still do not allow IMEI randomization which I believe is a key anti-tracking feature that should be provided by such manufacturers. While this measure will not prevent IMSI tracking within the SIM card, it would at least allow you to keep the same “burner phone” and only switch SIM cards instead of having to switch both for privacy. See Appendix N: Warning about smartphones and smart devices

Your Wi-Fi or Ethernet MAC address: The MAC address 88 is a unique identifier tied to your physical Network Interface (Wired Ethernet or Wi-Fi) and could of course be used to track you if it is not randomized. As it was the case with the IMEI, manufacturers of computers and network cards usually keep logs of their sales (usually including things like: Serial number, IMEI, Mac Addresses, …) and it is possible again for them to track where and when the computer with the MAC address in question was sold and to whom. Even if you bought it with cash in a supermarket, the supermarket might still have CCTV (or a CCTV just outside that shop) and again the time/date of sale could be used to find out who was there using the Mobile Provider antenna logs at that time (IMEI/IMSI). Operating Systems makers (Google/Microsoft/Apple) will also keep logs of devices and their MAC addresses in their logs for device identification (Find my device type services for example). Apple can tell that the MacBook with this specific MAC address was tied to a specific Apple Account before. Maybe yours before you decided to use the MacBook for sensitive activities. Maybe to a different user who sold it to you but remembers your e-mail/number from when the sale happened. Your home router/Wi-Fi access point keeps logs of devices that registered on the Wi-Fi and these can be accessed too to find out who has been using your Wi-Fi. Sometimes this can be done remotely (and silently) by the ISP depending if that router/Wi-Fi access point is being “managed” remotely by the ISP (which is often the case when they provide the router to their customers). Some commercial devices will keep record of MAC addresses roaming around for various purposes such as road congestion 89. So, it is important again not to bring your phone along when/where you conduct sensitive activities. If you use your own laptop, then it is crucial to hide that MAC address (and Bluetooth address) anywhere you use it and be extra careful not to leak any information. Thankfully many recent OSes now feature or allow the option to randomize MAC addresses (Android, IOS, Linux and Windows 10) with the notable exception of MacOS which does not support this feature even in its latest Big Sur version. See Appendix N: Warning about smartphones and smart devices

Your Bluetooth MAC address: Your Bluetooth MAC is like the previous MAC address except it is for Bluetooth. Again, it can be used to track you as manufacturers and operating system makers keep logs of such information. It could be tied to a sale place/time/date or accounts and then could be used to track you with such information, the shop billing information, the CCTV, or the mobile antenna logs in correlation. Operating systems have protections in place to randomize those addresses but are still subject to vulnerabilities 90. For this reason, and unless you really need those, you should just disable Bluetooth completely in the BIOS/UEFI settings if possible or in the Operating System otherwise.

On Windows 10, you will need to disable and enable the Bluetooth device in the device manager itself to force a randomization of the address for next use and prevent tracking. See Appendix N: Warning about smartphones and smart devices

Your CPU: All modern CPUs 91 are now integrating hidden management platforms such as the now infamous Intel Management Engine 92 and the AMD Platform Security Processor 93. Those management platforms are basically small operating systems running directly on your CPU as long as they have power. These systems have full access to your computer’s network and could be accessed by an adversary to de-anonymize you in various ways (using direct access or using malware for instance) as shown in this enlightening video: BlackHat, How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine https://www.youtube.com/watch?v=mYsTBPqbya8 [Invidious]. These have already been affected by several security vulnerabilities in the past 94 that allowed malware to gain control of target systems. These are also accused by many privacy actors including the EFF and Libreboot of being a backdoor into any system 95. There are some not so easy ways 96 to disable the Intel IME on some CPUs and you should do so if you can. For some AMD laptops, you can disable it within the BIOS settings by disabling PSP. Note that to AMD’s defense, so far and AFAIK, there were no security vulnerabilities found for ASP and no backdoors eithers: See https://www.youtube.com/watch?v=bKH5nGLgi08&t=2834s [Invidious]. If you are feeling a bit more adventurous, you could install your own BIOS using Libreboot 97 or Coreboot245 if your laptop supports it. In addition, some CPUs have unfixable flaws (especially Intel CPUs) that could be exploited by various malware. Here is a good current list of such vulnerabilities affecting recent widespread CPUs: https://en.wikipedia.org/wiki/Transient execution CPU vulnerability [Archive.org] •



If you are using Linux you can check the vulnerability status of your CPU to Spectre/Meltdown attacks by using https://github.com/speed47/spectre-meltdown-checker [Archive.org] which is available as a package for most Linux distros including Whonix. If you are using Windows, you can check the vulnerability status of your CPU using inSpectre https://www.grc.com/inspectre.htm [Archive org]

Some of these can be avoided using Virtualization Software settings that can mitigate such exploits. See this guide for more information https://www.whonix.org/wiki/Spectre Meltdown [Archive.org] (warning: these can severely impact the performance of your VMs). I will therefore mitigate some of these issues in this guide by recommending the use of virtual machines on a dedicated anonymous laptop for your sensitive activities that will only be used from an anonymous public network.

Your Operating Systems and Apps telemetry services: Whether it is Android, iOS, Windows, MacOS or even Ubuntu. Most popular Operating Systems now collect telemetry information by default even if you never opt-in or opted-out100 from the start. Some like Windows will not even allow disabling telemetry completely without some technical tweaks. This information collection can be extensive and include a staggering number of details (metadata and data) on your devices and their usage. Here are good overviews of what is being collected by those 5 popular OSes in their last versions: •

Android/Google: o Just have a read at their privacy policy https://policies.google.com/privacy [Archive.org] o School of Computer Science & Statistics, Trinity College Dublin, Ireland Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google https://www.scss.tcd.ie/doug.leith/apple google.pdf [Archive.org]









IOS/Apple: o More information at https://www.apple.com/legal/privacy/en-ww/ [Archive.org] and https://support.apple.com/en-us/HT202100 [Archive.org] o School of Computer Science & Statistics, Trinity College Dublin, Ireland Mobile Handset Privacy: Measuring The Data iOS and Android Send to Apple And Google https://www.scss.tcd.ie/doug.leith/apple google.pdf [Archive.org] o Apple does claim 98 that they anonymize this data using differential privacy 99 but you will have to trust them on that. Windows/Microsoft: o Full list of required diagnostic data: https://docs.microsoft.com/en-us/windows/privacy/requiredwindows-diagnostic-data-events-and-fields-2004 [Archive.org] o Full list of optional diagnostic data: https://docs.microsoft.com/en-us/windows/privacy/windowsdiagnostic-data [Archive.org] MacOS: o More details on https://support.apple.com/guide/mac-help/share-analytics-information-mac-applemh27990/mac [Archive.org] Ubuntu: o Ubuntu despite being a Linux distribution also collects Telemetry Data nowadays. This data however is quite limited compared to the others. More details on https://ubuntu.com/desktop/statistics [Archive org]

Not only are Operating Systems gathering telemetry services but so are Apps themselves like Browsers, Mail Clients, and Social Networking Apps installed on your system. It is important to understand that this telemetry data can be tied to your device and help de-anonymizing you and subsequently can be used against you by an adversary that would get access to this data. This does not mean for example that Apple devices are terrible choices for good Privacy but they certainly not the best choices for (relative) Anonymity. They might protect you from third parties knowing what you are doing but not from themselves. In all likelihood, they certainly know who you are. Later in this guide, we will use all the means at our disposal to disable and block as much telemetry as possible to mitigate this attack vector in the Operating Systems supported in this guide. See Appendix N: Warning about smartphones and smart devices

Your Smart devices in general: You got it; your smartphone is an advanced spying/tracking device that: • • • • • • •

Records everything you say at any time (“Hey Siri”, “Hey Google”). Records your location everywhere you go. Always records other devices around you (Bluetooth devices, Wi-Fi Access points). Records your habits and health data (steps, screen time, exposure to diseases, connected devices data) Records all your network locations. Records all your pictures and videos (and most likely where they were taken). Has most likely access to most of your known accounts including Social Media, Messaging and Financial accounts.

Data is being transmitted even if you opt-out 100, processed, and stored indefinitely (most likely unencrypted 101) by various third parties 102. But that is not all, this section is not called “Smartphones” but “Smart devices” because it is not only your smartphone spying on you. It is also every other smart device you could have. • •

Your Smart Watch? (Apple Watch, Android Smartwatch …) Your Fitness Devices and Apps 103? (Strava 104’ 105, Fitbit 106, Garmin, Polar 107, …)

• • • •

Your Smart Speaker? (Amazon Alexa 108, Google Echo, Apple Homepod …) Your Smart Transportation? (Car? Scooter?) Your Smart Tags? (Apple AirTag, Galaxy SmartTag, Tile…) Any other Smart device? There is even a convenient search engine dedicated to finding them online: https://www.shodan.io/ [Archive.org]

See Appendix N: Warning about smartphones and smart devices

Yourself: Your Metadata including your Geo-Location: Your metadata is all the information about your activities without the actual content of those activities. For instance, it is like knowing you had a call from an oncologist before then calling your family and friends successively. You do not know what was said during the conversation but you can guess what it was just from the metadata 109. This metadata will also often include your location that is being harvested by Smartphones, Operating Systems (Android 110/IOS), Browsers, Apps, Websites. Odds are there are several companies knowing exactly where you are at any time 111 because of your smartphone 112. This location data has been used in many judicial cases 113 already as part of “geofence warrants” 114 that allows law enforcement to ask companies (such as Google/Apple) a list of all devices present at a certain location at a certain time. In addition, this location data is even sold by private companies to the military who can then use it conveniently 115. Now let us say you are using a VPN to hide your IP. The social media platform knows you were active on that account on November 4th from 8am to 1pm with that VPN IP. The VPN allegedly keeps no logs and cannot trace back that VPN IP to your IP. Your ISP however knows (or at least can know) you were connected to that same VPN provider on November 4th from 7:30am to 2pm but does not know what you were doing with it. The question is: Is there someone somewhere that would possibly have both pieces of information available 116 for correlation in a convenient database? Have you heard of Edward Snowden 117? Now is the time to google him and read his book 118. Also read about XKEYSCORE 119’ 120, MUSCULAR 121, SORM 122 and PRISM 123. See “We kill people based on Metadata” 124 or this famous tweet from the IDF https://twitter.com/idf/status/1125066395010699264 [Archive.org]. See Appendix N: Warning about smartphones and smart devices

Your Digital Fingerprint, Footprint, and Online Behavior: This is the part where you should watch the documentary “The Social Dilemma” 125 on Netflix as they cover this topic much better than anyone else IMHO. This includes is the way you write 126’ 127, the way you behave 128’ 129. The way you click. The way you browse. The fonts you use on your browser 130. Fingerprinting is being used to guess who someone is by the way that user is behaving. You might be using specific pedantic words or making specific spelling mistakes that could give you away using a simple Google search for similar features because you typed in a similar way on some Reddit post 5 years ago using a not so anonymous Reddit account 131. Social Media platforms such as Facebook/Google can go a step further and can register your behavior in the browser itself. For instance, they can register everything you type even if you do not send it / save it. Think of when you write an e-mail in Gmail. It is saved automatically as you type. They can register your clicks and cursor movements as well. All they need to achieve this in most cases is Javascript enabled in your Browser (which is the case in most Browsers including Tor Browser by default).

While these methods are usually used for marketing purposes and advertising, they can also be a useful tool for fingerprinting users. This is because your behavior is most likely quite unique or unique enough that over time, you could be de-anonymized. Here are some examples: •



For example, as a basis of authentication, a user's typing speed, keystroke depressions, patterns of error (say accidentally hitting an “l” instead of a “k” on three out of every seven transactions) and mouse movements establishes that person’s unique pattern of behavior 132. Some commercial services such as TypingDNA (https://www.typingdna.com/ [Archive org]) even offer such analysis as a replacement for two factor authentications.

Analysis algorithms could then be used to match these patterns with other users and match you to a different known user. It is unclear if such data is already used or not by Governments and Law Enforcements agencies but it might be in the future. It could and probably will be used for investigations in the short or mid-term future to deanonymize users. Here is a fun example you try yourself to see some of those things in action: https://clickclickclick.click (no archive links for this one sorry). You will see it becoming interesting over time (this requires Javascript enabled). Here is also a recent example just showing what Google Chrome collects on you: https://web.archive.org/web/https://pbs.twimg.com/media/EwiUNH0UYAgLY7V?format=jpg&name=4096x4096 Here are some other resources on topic if you cannot see this documentary: •

2017, Behavior Analysis in Social Networks, https://link.springer.com/10.1007/978-1-4614-7163-9 110198-1

[Archive org]







2017, Social Networks and Positive and Negative Affect https://www.sciencedirect.com/science/article/pii/S1877042811013747/pdf?md5=253d8f1bb615d5dee195 d353dc077d46&pid=1-s2.0-S1877042811013747-main.pdf [Archive.org] 2015, Using Social Networks Data for Behavior and Sentiment Analysis https://www.researchgate.net/publication/300562034 Using Social Networks Data for Behavior and Se ntiment Analysis [Archive.org] 2016, A Survey on User Behavior Analysis in Social Networks https://www.academia.edu/30936118/A Survey on User Behaviour Analysis in Social Networks [Archive org]



2019, Influence and Behavior Analysis in Social Networks and Social Media https://sci-hub.do/10.1007/9783-030-02592-2 [Archive.org]

So, how can you mitigate this these? • •

This guide will provide some technical mitigations using Fingerprinting resistant tools but those might not be sufficient. You should apply common sense and try to identify your own patterns in your behavior and behave differently when using anonymous identities. This includes: o The way you type (speed, accuracy…). o The words you use (be careful with your usual expressions). o The type of response you use (if you are sarcastic by default, try to have a different approach with your identities). o …

Ultimately, this is mostly up to you to fool those algorithms by adopting new habits and not revealing real information when using your anonymous identities.

Your Clues about your Real Life and OSINT: These are clues you might give over time that could point to your real identity. You might be talking to someone or posting on some board/forum/Reddit. In those posts you might over time leak some information about your real life. These might be memories, experiences or clues you shared that could then allow a motivated adversary to build a profile to narrow their search. A real use and well-documented case of this was the arrest of the hacker Jeremy Hammond 133 who shared over time several details about his past and was later discovered. There are also a few cases involving OSINT at Bellingcat 134.Have a look at their very informative toolkit here: https://docs.google.com/spreadsheets/d/18rtqh8EG2q1xBo2cLNyhIDuK9jrPGwYr9DI2UncoqJQ/edit#gid=930747607 [Archive org]

You can also view a very convenient list of available OSINT tools here https://github.com/jivoi/awesome-osint [Archive org] and here https://jakecreps.com/tag/osint-tools/ [Archive.org] if you feel like trying some on yourself. As well as this interesting Playlist on YouTube: https://www.youtube.com/playlist?list=PLrFPX1Vfqk3ehZKSFeb9pVIHqxqrNW8Sy [Invidious] You should never ever share real personal experiences/details that could later lead to you using anonymous identities.

Your Face, Voice, Biometrics and Pictures: “Hell is other people”, even if you evade every method listed above, you are not out of the woods yet thanks to the widespread use of advanced Face recognition by everyone. Companies like Facebook have used advanced face recognition for years 135’ 136 and have been using other means (Satellite imagery) to create maps of “people” around the world 137. This evolution has been going on for years to the point we can now say “We lost control of our faces” 138. If you are walking in a touristy place, you will most likely appear in someone’s selfie within minutes without knowing it. That person will then proceed to upload that selfie to various platforms (Twitter, Google Photos, Instagram, Facebook, Snapchat …). Those platforms will then apply face recognition algorithms to those pictures under the pretext of allowing better/easier tagging or to better organize your photo library. In addition to this, the same picture will provide a precise timestamp and in most cases geolocation of where it was taken. Even if the person does not provide a timestamp and geolocation, it can still be guessed with other means 139’ 140. Here are a few resources for even trying this yourself: •





• •

Bellingcat, Guide To Using Reverse Image Search For Investigations: https://www.bellingcat.com/resources/how-tos/2019/12/26/guide-to-using-reverse-image-search-forinvestigations/ [Archive.org] Bellingcat, Using the New Russian Facial Recognition Site SearchFace https://www.bellingcat.com/resources/how-tos/2019/02/19/using-the-new-russian-facial-recognition-sitesearchface-ru/ [Archive.org] Bellingcat, Dali, Warhol, Boshirov: Determining the Time of an Alleged Photograph from Skripal Suspect Chepiga https://www.bellingcat.com/resources/how-tos/2018/10/24/dali-warhol-boshirov-determiningtime-alleged-photograph-skripal-suspect-chepiga/ [Archive.org] Bellingcat, Advanced Guide on Verifying Video Content https://www.bellingcat.com/resources/howtos/2017/06/30/advanced-guide-verifying-video-content/ [Archive.org] Bellingcat, Using the Sun and the Shadows for Geolocation https://www.bellingcat.com/resources/2020/12/03/using-the-sun-and-the-shadows-for-geolocation/ [Archive org]





• • •

Bellingcat, Navalny Poison Squad Implicated in Murders of Three Russian Activists https://www.bellingcat.com/news/uk-and-europe/2021/01/27/navalny-poison-squad-implicated-inmurders-of-three-russian-activists/ [Archive org] Bellingcat, Berlin Assassination: New Evidence on Suspected FSB Hitman Passed to German Investigators https://www.bellingcat.com/news/2021/03/19/berlin-assassination-new-evidence-on-suspected-fsbhitman-passed-to-german-investigators/ [Archive org] Bellingcat, Digital Research Tutorial: Investigating a Saudi-Led Coalition Bombing of a Yemen Hospital https://www.youtube.com/watch?v=cAVZaPiVArA [Invidious] Bellingcat, Digital Research Tutorial: Using Facial Recognition in Investigations https://www.youtube.com/watch?v=awY87q2Mr0E [Invidious] Bellingcat, Digital Research Tutorial: Geolocating (Allegedly) Corrupt Venezuelan Officials in Europe https://www.youtube.com/watch?v=bS6gYWM4kzY [Invidious]

Even if you are not looking at the camera, they can still figure out who you are 141, make out your emotions 142, analyze your gait 143 and probably guess your political affiliation 144’ 145.

Those platforms (Google/Facebook) already know who you are for a few reasons: • • • •

Because you have or had a profile with them and you identified yourself. Even if you never made a profile on those platforms, you still have one without even knowing it 146’ 147’ 148’ 149’ 150. Because other people have tagged you or identified you in their holidays/party pictures. Because other people have put a picture of you in their contact list which they then shared with them.

Here is also an insightful demo of Microsoft Azure you can try for yourself at https://azure.microsoft.com/enus/services/cognitive-services/face/#demo where you can detect emotions and compare faces from different pictures. Governments already know who you are because they have your ID/Passport/Driving License pictures and often added biometrics (Fingerprints) in their database. Those same governments are integrating those technologies (often provided by private companies such as the Israeli AnyVision 151, Clearview AI 152, or NEC 153) in their CCTV networks to look for “persons of interest” 154. And some heavily surveilled states like China have implemented widespread use of Facial Recognition for various purposes 155 including possibly identifying ethnic minorities 156. A simple face recognition error by some algorithm can ruin your life 157. Here are some resources detailing some techniques used by Law Enforcement today: • •

CCC video explaining current Law Enforcement surveillance capabilities: https://media.ccc.de/v/rc3-11406spot the surveillance#t=761 [Archive.org] EFF SLS: https://www.eff.org/sls [Archive.org]

Apple is making FaceID mainstream and pushing its use it to log you in in various services including the Banking systems.

Same goes with fingerprint authentication being mainstreamed by many smartphone makers to authenticate yourself. A simple picture where your fingers appear can be used to de-anonymize you 158. Same goes with your voice which can be analyzed by for various purposes as shown in the recent Spotify patent 159. We can safely imagine a near future where you will not be able to create accounts or sign-in anywhere without providing unique biometrics (A good time to re-watch Gattaca 160, Person of Interest 161 and Minority Report 162). And you can safely imagine how useful these large biometrics databases could be to some interested third parties. In addition, all this information can also be used against you (if you are already de-anonymized) using deepfake 163 by crafting false information (Pictures, Videos, Voice Recordings 164…) and have already been used for such purposes 165’ 166. There are even commercial services for this readily available such as https://www.respeecher.com/ [Archive org] and https://www.descript.com/overdub [Archive org]. See this demo: https://www.youtube.com/watch?v=t5yw5cR79VA [Invidious] At this time, there are a few steps 167 you can use to mitigate (and only mitigate) face recognition when conducting sensitive activities where CCTV might be present: • • • •

Wear a facemask as they have been proven to defeat some face recognition technologies 168 but not all 169. Wear a baseball cap or hat to mitigate identification from high angle CCTVs (filming from above) from recording your face. Remember this will not help against front-facing cameras. Wear sunglasses in addition to the facemask and baseball cap to mitigate identification from your eye’s features. Consider wearing special sunglasses (expensive unfortunately) called “Reflectacles” https://www.reflectacles.com/ [Archive org]. There was a small study showing their efficiency against IBM and Amazon facial recognition 170.

(Note that if you intend to use these where advanced facial recognition systems have been installed, these measures could also flag as you as suspicious by themselves and trigger a human check)

Phishing and Social Engineering: Phishing 171 is a social engineering 172 type of attack where an adversary could try to extract information from you by pretending or impersonating something/someone else. A typical case is an adversary using a man-in-the-middle86 attack or a fake e-mail/call to ask your credential for a service. This could for example be through e-mail or through impersonating financial services. Such attacks can also be used to de-anonymize someone by tricking them into downloading malware or revealing personal information over time. These have been used countless times since the early days of the internet and the usual one is called the “419 scam” (see https://en.wikipedia.org/wiki/Advance-fee scam [Archive.org]). Here is a good video if you want to learn a bit more about phishing types: Black Hat, Ichthyology: Phishing as a Science https://www.youtube.com/watch?v=Z20XNp-luNA [Invidious].

Malware, exploits, and viruses: Malware in your files/documents/e-mails: Using steganography or other techniques, it is easy to embed malware into common file formats such as Office Documents, Pictures, Videos, PDF documents… These can be as simple as HTML tracking links or complex targeted malware. These could be simple pixel sized images 173 hidden in your e-mails that would call a remote server to try and get your IP address. These could be exploiting a vulnerability in an outdated format or outdated reader. Such exploits could then be used to compromise your system.

See these good videos for more explanations on the matter: • •

What is a File Format? https://www.youtube.com/watch?v=VVdmmN0su6E [Invidious] Ange Albertini: Funky File Formats: https://www.youtube.com/watch?v=hdCs6bPM4is [Invidious]

You should always use extreme caution. To mitigate these attacks, this guide will later recommend the use of virtualization (See Appendix W: Virtualization) to mitigate leaking any information even in case of opening such a malicious file. If you want to learn how to try detecting such malware, see Appendix T: Checking files for malware

Malware and Exploits in your apps and services: So, you are using Tor Browser or Brave Browser over Tor. You could be using those over a VPN for added security. But you should keep in mind that there are exploits 174 (hacks) that could be known by an adversary (but unknown to the App/Browser provider). Such exploits could be used to compromise your system and reveal details to deanonymize you such as your IP address or other details. A real use case of this technique was the Freedom Hosting 175 case in 2013 where the FBI inserted malware 176 using a Firefox browser exploit on a Tor website. This exploit allowed them to reveal details of some users. More recently, there was the notable SolarWinds 177 hack that breached several US government institutions by inserting malware into an official software update server. In some countries, Malware is just mandatory and/or distributed by the state itself. This is the case for instance in China with WeChat 178 which can then be used in combination with other data for state surveillance 179. There are countless examples of malicious browser extensions, smartphone apps and various apps that have been infiltrated with malware over the years. Here are some steps to mitigate this type of attack: • • •

You should never have 100% trust in the apps you are using. You should always check that you are using the updated version of such apps before use and ideally validate each download using their signature if available. You should not use such apps directly from a hardware system but instead use a Virtual Machine for compartmentalization.

To reflect these recommendations, this guide will therefore later guide you in the use of Virtualization (See Appendix W: Virtualization) so that even if your Browser/Apps get compromised by a skilled adversary, that adversary will find himself stuck in a sandbox 180 without being able to access identifying information, or compromise your system.

Malicious USB devices: There are readily available commercial and cheap “badUSB” 181devices that can take deploy malware, log your typing, geolocate you, listen to you or gain control of your laptop just by plugging them in. Here are some examples that you can already buy yourself. • • • •

Hak5, USB Rubber Ducky https://shop.hak5.org/products/usb-rubber-ducky-deluxe [Archive.org] Hak5, O.MG Cable https://www.youtube.com/watch?v=V5mBJHotZv0 [Invidious] Keelog https://www.keelog.com/ [Archive.org] AliExpress https://www.aliexpress.com/i/4000710369016.html [Archive.org]

Such devices can be implanted anywhere (charging cable, mouse, keyboard, USB key …) by an adversary and can be used to track you or compromise your computer or smartphone. The most notable example of such attacks is probably Stuxnet 182 in 2005. While you could inspect an USB key physically, scan it with various utilities, check the various components to see if they are genuine, you will most likely never be able to discover complex malware embedded in genuine parts of a genuine USB key by a skilled adversary without advanced forensics equipment 183.

To mitigate this, you should never trust such devices and plug them into sensitive equipment. If you use a charging device, you should consider the use of an USB data blocking device that will only allow charging but not any data transfer. Such data blocking devices are now readily available in many online shops. You should also consider disabling USB ports completely within the BIOS of your computer unless you need them (if you can).

Your files, documents, pictures, and videos: Properties and Metadata: This can be obvious to many but not to all. Most files have metadata attached to them. A good example are pictures which store EXIF 184 information which can contain a lot of information such as GPS coordinates, which camera/phone model took it and when it was taken precisely. While this information might not directly give out who you are, it could tell exactly where you were at a certain moment which could allow others to use different sources to find you (CCTV or other footage taken at the same place at the same time during a protest for instance). It is important that you verify any file you would put on those platforms for any properties that might contain any information that might lead back to you. Here is an example of EXIF data that could be on a picture:

(Illustration from Wikipedia)

By the way, this also works for videos. Yes, videos too have geo-tagging and many are very unaware of this. Here Is for instance a very convenient tool to geo-locate YouTube videos: https://mattw.io/youtube-geofind/location [Archive org]

For this reason, you will always have to be very careful when uploading files using your anonymous identities and check the metadata of those files. Even if you publish a simple text file, you should always double or triple check it for any information leakage before publishing. You will find some guidance about this in the Some additional measures against forensics section at the end of the guide.

Watermarking: Pictures/Videos/Audio: Pictures/Videos often contain visible watermarks indicating who is the owner/creator but there are also invisible watermarks in various products aiming at identifying the viewer itself. So, if you are a whistleblower and thinking about leaking some picture/audio/video file. Think twice. There are chances that those might contain invisible watermarking within them that would include information about you as a viewer. Such watermarks can be enabled with a simple switch in like Zoom (Video 185 or Audio 186) or with extensions 187 for popular apps such as Adobe Premiere Pro. These can be inserted by various content management systems. For a recent example where someone leaking a Zoom meeting recording was caught because it was watermarked: https://theintercept.com/2021/01/18/leak-zoom-meeting/ [Archive.org] Such watermarks can be inserted by various products 188’ 189’ 190’ 191 using Steganography 192 and can resist compression 193 and re-encoding 194’ 195. These watermarks are not easily detectable and could allow identification of the source despite all efforts. In addition to watermarks, the camera used for filming (and therefore the device used for filming) a video can also be identified using various techniques such as lens identification 196 which could lead to de-anonymization. Be extremely careful when publishing videos/pictures/audio files from known commercial platforms as they might contain such invisible watermarks in addition to details in the images themselves. Printing Watermarking: Did you know your printer is most likely spying on you too? Even if it is not connected to any network? This is usually a known fact by many people in the IT community but few outside people. Yes … Your printers can be used to de-anonymize you as well as explained by the EFF here https://www.eff.org/issues/printers [Archive.org] With this (old but still relevant) video explaining how from the EFF as well: https://www.youtube.com/watch?v=izMGMsIZK4U [Invidious] Basically, many printers will print an invisible watermark allowing for identification of the printer on every printed page. This is called Printer Steganography 197.There is no real way to mitigate this but to inform yourself on your printer and make sure it does not print any invisible watermark. This is obviously important if you intend to print anonymously. Here is an (old but still relevant) list of printers and brands who do not print such tracking dots provided by the EFF https://www.eff.org/pages/list-printers-which-do-or-do-not-display-tracking-dots [Archive.org] Here are also some tips from the Whonix documentation (https://www.whonix.org/wiki/Printing and Scanning [Archive org] ): Do not ever print in Color, usually watermarkings are not present without color toners/cartridges 198.

Pixelized or Blurred Information: Did you ever see a document with blurred text? Did you ever make fun of those movies/series where they “enhance” an image to recover seemingly impossible to read information? Well, there are techniques for recovering information from such documents, videos, and pictures. Here is for example an open-source project you could use yourself for recovering text from some blurred images yourself: https://github.com/beurtschipper/Depix [Archive.org]

This is of course an open-source project available for all to use. But you can probably imagine that such techniques have probably been used before by other adversaries. These could be used to reveal blurred information from published documents that could then be used to de-anonymize you. There are also tutorials for using such techniques using Photo Editing tools such as GIMP such as: https://medium.com/@somdevsangwan/unblurring-images-for-osint-and-more-part-1-5ee36db6a70b [Archive.org] followed by https://medium.com/@somdevsangwan/deblurring-images-for-osint-part-2-ba564af8eb5d [Archive.org]

Finally, you will find plenty of deblurring resources here: https://github.com/subeeshvasu/Awesome-Deblurring

[Archive org]

Some online services could even help you do this automatically to some extent like MyHeritage.com enhance tool: https://www.myheritage.com/photo-enhancer [Archive org] Here is the result of the above image:

Of course, this tool is more like “guessing” than really deblurring at this point but it could be enough to find you using various reverse image searching services. For this reason, it is always extremely important that you correctly redact and curate any document you might want to publish. Blurring is not enough and you should always completely blacken/remove any sensitive data to avoid any attempt at recovering data from any adversary.

Your Crypto currencies transactions: Contrary to popular belief, Crypto transactions (such as Bitcoin and Ethereum) are not anonymous 199. Most crypto currencies can be tracked accurately through various methods 200. Remember what they say on their own page: https://bitcoin.org/en/you-need-to-know [Archive.org] and https://bitcoin.org/en/protect-your-privacy [Archive.org]: “Bitcoin is not anonymous “ The main issue is not setting up a random Crypto wallet to receive some currency behind a VPN/Tor address (at this point, the wallet is anonymous). The issue is mainly when you want to convert Fiat money (Euros, Dollars …) to Crypto and then when you want to cash in your Crypto. You will have few realistic options but to transfer those to an exchange (such as Coinbase/Kraken/Bitstamp/Binance). Those exchanges have known wallet addresses and will keep detailed logs (due to KYC 201 financial regulations) and can then trace back those crypto transactions to you using the financial system 202. There are some crypto currencies with privacy/anonymity in mind like Monero but even those have some and warnings to consider 203’ 204. Even if you use Mixers or Tumblers 205 (services that specialize in “anonymizing” crypto currencies by “mixing them”), keep in mind this is only obfuscation 206 and not actual anonymity 207. Not only are they only obfuscation but they could also put you in trouble as you might end up exchanging your crypto against “dirty” crypto that was used in various questionable contexts 208. This does not mean you cannot use Bitcoin anonymously at all. You can actually use Bitcoin anonymously as long as you do not convert it to actual currency and use a Bitcoin wallet from a safe anonymous network. Meaning you should avoid KYC/AML regulations by various exchanges and avoid using the Bitcoin network from any known IP address. This also means you will not be able to convert these Bitcoin from/to real currency easily and without involving some risks. Overall, IMHO, the best option for using Crypto with reasonable anonymity and privacy is still Monero and you should ideally not use any other for sensitive transactions unless you are aware of the limitations.

Your Cloud backups/sync services: All companies are advertising their use of end-to-end encryption (E2EE). This is true for almost every messaging app and website (HTTPS). Apple and Google are advertising their use of encryption on their Android devices and their iPhones. But what about your backups? Those automated iCloud/google drive backups you have? Well, you should probably know that most of those backups are not fully end to end encrypted and will contain some of your information readily available for a third party. You will see their claims that data is encrypted at rest and safe from anyone … Except they usually do keep a key to access some of the data themselves. These keys are used for them indexing your content, recover your account, collecting various analytics. There are specialized commercial forensics solutions available (Magnet Axiom 209, Cellebrite Cloud 210) that will help an adversary analyze your cloud data with ease. Notable Examples: •







Apple iCloud: https://support.apple.com/en-us/HT202303 [Archive.org] : “Messages in iCloud also uses end-toend encryption. If you have iCloud Backup turned on, your backup includes a copy of the key protecting your Messages. This ensures you can recover your Messages if you lose access to iCloud Keychain and your trusted devices. “. Google Drive and WhatsApp: https://faq.whatsapp.com/android/chats/about-google-drive-backups/ [Archive org] : “Media and messages you back up aren't protected by WhatsApp end-to-end encryption while in Google Drive. “. Dropbox: https://www.dropbox.com/privacy#terms [Archive.org] “To provide these and other features, Dropbox accesses, stores, and scans Your Stuff. You give us permission to do those things, and this permission extends to our affiliates and trusted third parties we work with”. Microsoft OneDrive: https://privacy.microsoft.com/en-us/privacystatement [Archive.org] : Productivity and communications products, “When you use OneDrive, we collect data about your usage of the service, as well as the content you store, to provide, improve, and protect the services. Examples include indexing the contents of your OneDrive documents so that you can search for them later and using location information to enable you to search for photos based on where the photo was taken”.

You should not trust cloud providers with your (not previously and locally encrypted) sensitive data and you should be wary of their privacy claims. In most cases they can access your data and provide it to a third party. The only way to mitigate this is to encrypt yourself your data on your side and then only upload it to such service.

Your Browser and Device Fingerprints: Your Browser and Device Fingerprints317 are set of properties/capabilities of your System/Browser. These are used on most websites for invisible user tracking but also to adapt the website user experience depending on their browser. For instance, websites will be able to provide a “mobile experience” if you are using a mobile browser or propose a specific language/geographic version depending on your fingerprint. Most of those techniques work with recent Browsers like Chromium 211 based browsers (such as Chrome) or Firefox 212 unless taking special measures. You can find a lot of detailed information and publications about this on these resources: • •

https://amiunique.org/links [Archive.org] https://brave.com/brave-fingerprinting-and-privacy-budgets/ [Archive.org]

Most of the time, those fingerprints will unfortunately be unique or nearly unique to your Browser/System. This means that even If you log out from a website and then log back in using a different username, your fingerprint might remain the same if you did not take precautionary measures. An adversary could then use such fingerprints to track you across multiple services even if you have no account on any of them and are using ad blocking. These fingerprints could in turn be used to de-anonymize you if you keep the same fingerprint between services.

It should also be noted that while some browsers and extensions will offer fingerprint resistance, this resistance in itself can also be used to fingerprint you as explained here https://palant.info/2020/12/10/how-anti-fingerprintingextensions-tend-to-make-fingerprinting-easier/ [Archive.org] This guide will mitigate these issues by mitigating, obfuscating, and randomizing many of those fingerprinting identifiers by using Virtualization (See Appendix W: Virtualization) and using by fingerprinting resistant Browsers.

Local Data Leaks and Forensics: Most of you have probably seen enough Crime dramas on Netflix or TV to know what forensics are. These are technicians (usually working for law enforcement) that will perform various analysis of evidence. This of course could include your smartphone or laptop. While these might be done by an adversary when you already got “burned”, these might also be done randomly during a routine control or a border check. These unrelated checks might reveal secret information to adversaries that had no prior knowledge of such activities. Forensics techniques are now very advanced and can reveal a staggering amount information from your devices even if they are encrypted213. These techniques are widely used by law enforcement all over the world and should be considered. Here are some recent resources you should read about your smartphone: • • •

UpTurn, The Widespread Power of U.S. Law Enforcement to Search Mobile Phones https://www.upturn.org/reports/2020/mass-extraction/ [Archive.org] New-York Times, The Police Can Probably Break Into Your Phone https://www.nytimes.com/2020/10/21/technology/iphone-encryption-police.html [Archive org] Vice, Cops Around the Country Can Now Unlock iPhones, Records Show https://www.vice.com/en/article/vbxxxd/unlock-iphone-ios11-graykey-grayshift-police [Archive org]

I also highly recommend that you read some documents from a forensics examiner perspective such as: •

• •

EnCase Forensic User Guide, http://encasedocs.opentext.com/documentation/encase/forensic/8.07/Content/Resources/External%20Files/EnCase%20 Forensic%20v8.07%20User%20Guide.pdf [Archive.org] FTK Forensic Toolkit, https://accessdata.com/products-services/forensic-toolkit-ftk [Archive.org] SANS Digital Forensics and Incident Response Videos, https://www.youtube.com/c/SANSDigitalForensics/videos

And finally, here is this very instructive detailed paper on the current state of IOS/Android security from the John Hopkins University: https://securephones.io/main.html 214. When it comes to your laptop, the forensics techniques are many and widespread. Many of those issues can be mitigated by using full disk encryption, virtualization (See Appendix W: Virtualization), and compartmentalization. This guide will later detail such threats and techniques to mitigate them.

Bad Cryptography: There is a frequent adage among the infosec community: “Don’t roll your own crypto!”. And there are reasons 215’ 216’ 217 for that: Personally, I would not want people discouraged from studying and innovating in the crypto field because of that adage. So Instead, I would recommend people to be cautious with “Roll your own crypto” because it is not necessarily good crypto. • • • •

Good cryptography is not easy and usually takes years of research to develop and fine-tune. Good cryptography is transparent and not proprietary/closed-source so it can be reviewed. Good cryptography is developed carefully, slowly, and rarely alone. Good cryptography is usually presented and discussed in conferences, and published on various journals.

• •

Good cryptography is extensively peer reviewed before it is released for use into the wild. Using and implementing existing good cryptography correctly is already a challenge.

Yet, this is not stopping some from doing it anyway and publishing various production Apps/Services using their own self-made cryptography or proprietary closed-source methods. •

• • •

You should apply caution when using Apps/Services using closed-source or proprietary encryption methods. All the good crypto standards are public and peer reviewed and there should be no issue disclosing the one you use. You should be wary of Apps/Services using a “modified” or proprietary cryptographic method 218. By default, you should not trust any “Roll your own crypto” until it was audited, peer-reviewed, vetted, and accepted by the cryptography community 219’ 220. There is no such thing as “military grade crypto” 221’ 222’ 223.

Cryptography is a complex topic and bad cryptography could easily lead to your de-anonymization. In the context of this guide, I recommend sticking to Apps/Services using well established, published, and peer reviewed methods. So, what to prefer and what to avoid as of 2021? You will have to look up for yourself to get the technical details of each app and see if they are using “bad crypto” or “good crypto”. Once you get the technical details, you could check this page for seeing what it is worth: https://latacora.micro.blog/2018/04/03/cryptographic-right-answers.html [Archive org]

Here are some examples: •







Hashes: o Prefer: SHA256 or SHA512 o Avoid: SHA-1, MD5, CRC, MD6 File/Disk Encryption: o Prefer: AES 256 Bits with HMAC-SHA-2 or HMAC-SHA-3 (This is what Veracrypt, Bitlocker, Filevault 2, KeepassXC, and LUKS use) o Avoid: Anything else Password Storage: o Prefer: argon2, scrypt, bcrypt or if not possible at least PBKDF2 (only as a last resort) o Avoid: SHA-3, naked SHA-2, SHA-1, MD5 Browser Security (HTTPS): o Prefer: TLS 1.3 (ideally TLS 1.3 with eSNI/ECH support) o Avoid: Anything Else

Here are some real cases of issues bad cryptography: • • •

Telegram: https://buttondown.email/cryptography-dispatches/archive/cryptography-dispatches-the-mostbackdoor-looking/ [Archive.org] Cryptocat: https://web.archive.org/web/20130705051050/https://blog.crypto.cat/2013/07/new-criticalvulnerability-in-cryptocat-details/ Some other examples can be found here: https://www.cryptofails.com/ [Archive org]

No logging but logging anyway policies: Many people have the idea that privacy-oriented services such as VPN or E-Mail providers are safe due to their no logging policies or their encryption schemes. Unfortunately, many of those same people forget that all those providers are legal commercial entities subject to the laws of the countries in which they operate. Any of those providers can be forced to silently (without your knowing (using for example a court order with a gag order 224 or a national security letter 225) log your activity to de-anonymize you. There have been several recent examples of those:

• • • • •

2020, The Germany based mail provider Tutanota was forced to implement a backdoor to save unencrypted copies of the e-mails of one user 226. 2017, PureVPN was forced to disclose information of one user to the FBI 227. 2014, EarthVPN user was arrested based on logs provider to the Dutch Police 228. 2014, HideMyAss user was de-anonymized and logs were provided to the FBI 229. 2013, Secure E-Mail provider Lavabit shuts down after fighting a secret gag order 230.

Some providers have implemented the use of a Warrant Canary 231 that would allow their users to find out if they have been compromised by such orders but this has not been tested yet as far as I know. Finally, it is now well known that some companies might be sponsored front-ends for some state adversaries (see the Crypto AG story 232 and Omnisec story 233). For these reasons, it is important that you do not trust such providers for your privacy despite all their claims. In most cases, you will be the last person to know if any of your account was targeted by such orders and you might never know at all. To mitigate this, in cases where you want to use a VPN, I will recommend the use of a cash/Monero-paid VPN provider over Tor to prevent the VPN service from knowing any identifiable information about you.

Some Advanced targeted techniques:

(illustration: excellent movie I highly recommend: Das Leben der Anderen 234) There are many advanced techniques that can be used by skilled adversaries 235 to bypass your security measures provided they already know where your devices are. Many of those techniques are detailed here https://cyber.bgu.ac.il/advanced-cyber/airgap [Archive.org] (Air-Gap Research Page, Cyber-Security Research Center, Ben-Gurion University of the Negev, Israel) and include: •

Attacks that require a malware implanted in some device: o Exfiltration of Data through a Malware infected Router: https://www.youtube.com/watch?v=mSNt4h7EDKo [Invidious] o Exfiltration of Data through observation of Light variation in a Backlit keyboard with a compromised camera: https://www.youtube.com/watch?v=1kBGDHVr7x0 [Invidious]  Exfiltration of Data through a compromised Security Camera (that could first use the previous attack) https://www.youtube.com/watch?v=om5fNqKjj2M [Invidious]  Communication from outsider to compromised Security Cameras through IR light signals: https://www.youtube.com/watch?v=auoYKSzdOj4 [Invidious] o Exfiltration of data from a compromised air-gapped computer through acoustic analysis of the FAN noises with a smartphone https://www.youtube.com/watch?v=v2 sZIfZkDQ [Invidious] o Exfiltration of data from a malware infected air-gapped computer through HD Leds with a Drone https://www.youtube.com/watch?v=4vIu8ld68fc [Invidious]

Exfiltration of data from a USB malware on an air-gapped computer through electromagnetic interferences https://www.youtube.com/watch?v=E28V1t-k8Hk [Invidious] o Exfiltration of data from a malware infected HDD drive through covert acoustic noise https://www.youtube.com/watch?v=H7lQXmSLiP8 [Invidious] o Exfiltration of data through GSM frequencies from a compromised (with malware) air-gapped computer https://www.youtube.com/watch?v=RChj7Mg3rC4 [Invidious] o Exfiltration of data through electromagnetic emissions from a compromised Display device https://www.youtube.com/watch?v=2OzTWiGl1rM&t=20s [Invidious] o Exfiltration of data through magnetic waves from a compromised air-gapped computer to a Smartphone stored inside a Faraday bag https://www.youtube.com/watch?v=yz8E5n1Tzlo [Invidious] o Communication between two compromised air-gapped computers using ultrasonic soundwaves https://www.youtube.com/watch?v=yz8E5n1Tzlo [Invidious] o Exfiltration of Bitcoin Wallet from a compromised air-gapped computer to a smartphone https://www.youtube.com/watch?v=2WtiHZNeveY [Invidious] o Exfiltration of Data from a compromised air-gapped computer using display brightness https://www.youtube.com/watch?v=ZrkZUO2g4DE [Invidious] o Exfiltration of Data from a compromised air-gapped computer through vibrations https://www.youtube.com/watch?v=XGD343nq1dg [Invidious] o Exfiltration of Data from a compromised air-gapped computer by turning RAM into a Wi-Fi emitter https://www.youtube.com/watch?v=vhNnc0ln63c [Invidious] o Exfiltration of Data from a compromised air-gapped computer through power lines https://arxiv.org/abs/1804.04014 [Archive.org] Attacks that require no malware: o Observing a light bulb from a distance to listen to the sound in the room 236 without any malware: Demonstration: https://www.youtube.com/watch?v=t32QvpfOHqw [Invidious] o



Here is also a good video from the same authors to explain those topics: Black Hat, The Air-Gap Jumpers https://www.youtube.com/watch?v=YKRtFgunyj4 [Invidious] Realistically, this guide will be of little help against such adversaries as these malwares could be implanted on the devices by a manufacturer or anyone in the middle or by anyone with physical access to the air-gapped computer but there are still some ways to mitigate such techniques: • • • • • • •

Do not conduct sensitive activity while connected to an untrusted/unsecure power line to prevent power line leaks. Do not use your devices in front of a camera that could be compromised. Use your devices in a soundproofed room to prevent sound leaks. Use your devices in faraday cage to prevent electromagnetic leaks. Do not talk sensitive information where lightbulbs could be observed from outside. Buy your devices from different/unpredictable/offline places (shops) where the probability of them being infected with such malware is lower. Do not let anyone access your air-gapped computers except trusted people.

Some bonus resources: • • • • •

Have a look at the Whonix Documentation concerning Data Collection techniques here: https://www.whonix.org/wiki/Data Collection Techniques [Archive.org] You might also enjoy looking at this service https://tosdr.org/ [Archive.org] (Terms of Services, Didn’t Read) that will give you a good overview of the various ToS of many services. Have a look at https://www.eff.org/issues/privacy [Archive.org] for some more resources. Have a look at https://en.wikipedia.org/wiki/List of government mass surveillance projects [Archive org] to have an overview of all known mass-surveillance projects, current and past. Have a look at https://www.gwern.net/Death-Note-Anonymity [Archive org] (even if you don’t know about Death Note).



Consider finding and reading Michael Bazzell’s book “Open Source Intelligence Techniques” (8th edition as of this writing to find out more about recent OSINT techniques) https://inteltechniques.com/book1.html

[Archive org]



Finally, check https://www.freehaven.net/anonbib/date.html [Archive.org] for the latest academic papers related to Online Anonymity.

Notes: If you still do not think such information can be used by various actors to track you, you can see some statistics for yourself for some platforms and keep in mind those are only accounting for the lawful data requests and will not count things like PRISM, MUSCULAR, SORM or XKEYSCORE explained earlier: • • • • • • • • • • • • •

Google Transparency Report https://transparencyreport.google.com/user-data/overview [Archive org] Facebook Transparency Report https://transparency.facebook.com/ [Archive.org] Apple Transparency Report https://www.apple.com/legal/transparency/ [Archive org] Cloudflare Transparency Report https://www.cloudflare.com/transparency/ [Archive org] Snapchat Transparency Report https://www.snap.com/en-US/privacy/transparency [Archive.org] Telegram Transparency Report https://t.me/transparency [Archive org] (requires telegram installed) Microsoft Transparency Report https://www.microsoft.com/en-us/corporate-responsibility/lawenforcement-requests-report [Archive.org] Amazon Transparency Report https://www.amazon.com/gp/help/customer/display.html?nodeId=GYSDRGWQ2C2CRYEF [Archive.org] Dropbox Transparency Report https://www.dropbox.com/transparency [Archive.org] Discord Transparency Report https://blog.discord.com/discord-transparency-report-jan-june-20202ef4a3ee346d [Archive.org] GitHub Transparency Report https://github.blog/2021-02-25-2020-transparency-report/ [Archive.org] Snapchat Transparency Report https://www.snap.com/en-US/privacy/transparency/ [Archive.org] TikTok Transparency Report https://www.tiktok.com/safety/resources/transparency-report?lang=en [Archive org]

• •

Reddit Transparency Report https://www.reddit.com/wiki/transparency [Archive.org] Twitter Transparency Report https://transparency.twitter.com/ [Archive.org]

General Preparations: Personally, in the context of this guide, it is also interesting to have a look at your security model. And in this context, I only have one to recommend: Zero-Trust Security326 (“Never trust, always verify”). Here are some various resources about what is Zero-Trust Security: • •

DEFCON, Zero Trust a Vision for Securing Cloud, https://www.youtube.com/watch?v=euSsqXO53GY [Invidious] From the NSA themselves, Embracing a Zero Trust Security Model, https://media.defense.gov/2021/Feb/25/2002588479/-1/1/0/CSI EMBRACING ZT SECURITY MODEL UOO115131-21.PDF [Archive.org]

Picking your route: Here is a small basic UML diagram showing your options. See the details below.

Timing limitations: •



You have very limited time to learn and need a fast-working solution: o Your best option is to go for the TAILS route (excluding the persistent plausible deniability section). You have time and more importantly will to learn: o Go with any route.

Budget/Material limitations: •



You only have one laptop available and cannot afford anything else. You use this laptop for either work, family, or your personal stuff (or both): o Your best option is to go for the TAILS route. You can afford a spare dedicated unsupervised/unmonitored laptop for your sensitive activities: o But it is old, slow and has bad specs (less than 6GB of RAM, less than 250GB disk space, old/slow CPU):  You should go for the TAILS route.

o o o

It is not that old and it has decent specs (at least 6GB of RAM, 250GB of disk space or more, decent CPU):  You could go for TAILS, Whonix routes. It is new and it has great specs (more than 8GB of RAM, >250GB of disk space, recent fast CPU):  You could go for any route but I would recommend Qubes OS if your threat model allows it. If it is an ARM based M1 Mac:  Not possible currently for these reasons: • Virtualization of x86 images on ARM M1 Macs is still limited to commercial software (Parallels) which is not supported by Whonix yet. • Virtualbox is not available for ARM architecture yet. • Whonix is not supported on ARM architecture yet. • TAILS is not supported on ARM architecture yet. • Qubes OS is not supported on ARM architecture yet.

Your only option on M1 Macs is probably to stick with Tor Browses for now. But I would guess that if you can afford an M1 Mac you should probably get a dedicated x86 laptop for more sensitive activities.

Skills: • • • •

You have no IT skills at all the content of this guide looks like an alien language to you? o You should go with the TAILS route (excluding the persistent plausible deniability section). You have some IT skills and mostly understand this guide so far o You should go with TAILS (including the persistent plausible deniability section) or Whonix routes. You have moderate to high IT skills and you are already familiar with some of the content of this guide o You could go with anything you like but I would strongly recommend Qubes OS. You are a l33T hacker, “there is no spoon”, “the cake is a lie”, you have been using “doas” for years and “all your base are belong to us”, and you have strong opinions on systemd. o This guide is not really meant for you and will not help you with your hardened OpenBSD on your hardened Libreboot laptop ;-)

Adversaries (threats): • •





If your main concern is forensic examination of your devices: o You should go with the TAILS route (with optional persistent plausible deniability). If your main concerns are remote adversaries that might uncover your online identity in various platforms: o You could go with the Whonix or Qubes OS routes. o You could also go with TAILS (with optional persistent plausible deniability). If you absolutely want system wide plausible deniability254’ 237 despite the risks 238’257: o You could go with the TAILS Route including the persistent plausible deniability section. o You could go with the Whonix Route (on Windows Host OS only within the scope of this guide). If you are in a hostile environment where Tor/VPN usage alone is impossible/dangerous/suspicious: o You could go with the TAILS route (without using Tor). o You could go with the Whonix or Qubes OS route (without actually using Whonix).

In all cases, you should read these two pages from the Whonix documentation that will give you in depth insight about your choices: • • •

https://www.whonix.org/wiki/Warning [Archive.org] https://www.whonix.org/wiki/Dev/Threat Model [Archive.org] https://www.whonix.org/wiki/Comparison with Others [Archive org]

You might be asking yourself: “How do I know if I’m in a hostile online environment where activities are actively monitored and blocked?” •

First read more about it at the EFF here: https://ssd.eff.org/en/module/understanding-and-circumventingnetwork-censorship [Archive.org]

• • •

Check some data yourself here on the Tor Project OONI 239 (Open Observatory of Network Interference) website: https://explorer.ooni.org/ [Archive.org] Have a look at https://censoredplanet.org/ [Archive.org] and see if they have data about your country. Test for yourself using OONI (this can be risky in a hostile environment).

Steps for all routes: Always use passphrases instead of passwords and use a different one for each service. Do not make it easy for an adversary to access all your information because you used the same password everywhere248.

(Illustration by xkcd.com, licensed under CC BY-NC 2.5)

Get an anonymous Phone number: Skip this step if you have no intention of creating anonymous accounts on most mainstream platforms but just want anonymous browsing or if the platforms you will use allow registration without a phone number. Physical Burner Phone and prepaid SIM card: Get a burner phone: This is rather easy. Leave your smartphone off or power it off before leaving. Have some cash and go to some random flea market or small shop (ideally one without CCTV inside or outside and while avoiding being photographed/filmed) and just buy the cheapest phone you can find with cash and without providing any personal information. It only needs to be in working order. Personally, I would recommend getting an old “dumbphone” with a removable battery (old Nokia if your mobile networks still allow those to connect as some countries phased out 1G-2G completely). This is to avoid the automatic

sending/gathering of any telemetry/diagnostic data on the phone itself. You should never connect that phone to any Wi-Fi. It will also be crucial not to power on that burner phone ever (not even without the SIM card) in any geographical location that could lead to you (at your home/work for instance) and never ever at the same location as your other known smartphone (because that one has an IMEI/IMSI that will easily lead to you). This might seem like a big burden but it is not as these phones are only being used during the setup/sign-up process and for verification from time to time. See Appendix N: Warning about smartphones and smart devices You should test that the phone is in working order before going to the next step. But I will repeat myself and state again that it is important to leave your smartphone at home when going (or turn it off before leaving if you must keep it) and that you test the phone at a random location that cannot be tracked back to you (and again, do not do that in front of a CCTV, avoid cameras, be aware of your surroundings). No need for Wi-Fi at this place either. When you are certain the phone is in working order, disable Bluetooth then power it off (remove the battery if you can) and go back home and resume your normal activities. Go to the next step. Get an anonymous pre-paid SIM card: This is the hardest part of the whole guide. It is a SPOF (Single Point of Failure). The places where you can still buy prepaid SIM cards without ID registration are getting increasingly limited due to various KYC type regulations 240. So here is a list of places where you can still get them now: https://prepaid-data-simcard.fandom.com/wiki/Registration Policies Per Country [Archive.org] You should be able to find a place that is “not too far” and just go there physically to buy some pre-paid cards and top-up vouchers with cash. Do verify that no law was passed before going that would make registration mandatory (in case the above wiki was not updated). Try to avoid CCTV and cameras and do not forget to buy a Top Up voucher with the SIM card (if it is not a package) as most pre-paid cards will require a top-up before use. See Appendix N: Warning about smartphones and smart devices Double-check that the mobile operators selling the pre-paid SIM cards will accept the SIM activation and top-up without any ID registration of any kind before going there. Ideally, they should accept SIM activation and top-up from the country you reside in. Personally, I would recommend GiffGaff in the UK as they are “affordable”, do not require identification for activation and top-up and will even allow you to change your number up to 2 times from their website. One GiffGaff prepaid SIM card will therefore grant you 3 numbers to use for your needs. Power off the phone after activation/top-up and before going home. Do not ever power it on again unless you are not at a place that can be used to reveal your identity and unless your smartphone is powered off before going to that “not your home” place. Online Phone Number (less recommended): DISCLAIMER: Do not attempt this until you are done setting up a secure environment according to one of the selected routes. This step will require online access and should only be done from an anonymous network. Do not do this from any known/unsecure environment. Skip this until you have finished one of the routes. There are many commercial services offering numbers to receive SMS messages online but most of those have basically no anonymity/privacy and can be of no help as most Social Media platforms place a limit on how many times a phone number can be used for registration. There are some forums and subreddits (like r/phoneverification/) where users will offer the service of receiving such SMS messages for you for a small fee (using PayPal or some crypto payment). Unfortunately, these are full of scammer and very risky in terms of anonymity. You should not use those under any circumstance.

To this date, I do not know any reputable service that would offer this service and accept cash payments (by post for instance) like some VPN providers. But there are a few services providing online phone numbers and do accept Monero which could be reasonably anonymous (yet less recommended than that physical way in the previous chapter) that you could consider: •



Recommended: Do not require any identification (even e-mail): o (UK based) https://dtmf.io/ [Archive org] preferred because they even provide an onion hidden service address for direct access through the Tor Network at http://dtmfiovjh42uviqez6qn75igbagtiyo724hy3rdxm77dy2m5tt7lbaqd.onion/ o (Iceland based) https://crypton.sh [Archive org] o (Ukraine based) https://virtualsim.net/ [Archive.org] Do require identification (valid e-mail): o (Germany based) https://www.sms77.io/ [Archive.org] o (Russia based) https://onlinesim.ru/ [Archive.org]

There are some other possibilities listed here https://cryptwerk.com/companies/sms/xmr/ [Archive org]. Use at your own risk. DISCLAIMER: I cannot vouch for any of these providers and therefore I will still recommend doing it yourself physically. In this case you will have to rely on the anonymity of Monero and you should not use any service that requires any kind of identification using your real identity. Therefore IMHO, it is probably just more convenient, cheaper, and less risky to just get a pre-paid SIM card from one of the physical places who still sell them for cash without requiring ID registration. But at least there is an alternative if you have no other option.

Get an USB key: Get at least one or two decent size generic USB keys (at least 16GB but I would recommend 32GB). Please do not buy or use gimmicky self-encrypting devices such as these: https://syscall.eu/blog/2018/03/12/aigo part1/ [Archive.org] Some might be very efficient 241 but many are gimmicky gadgets that offer no real protection 242.

Find some safe places with decent public Wi-Fi: You need to find safe places where you will be able to do your sensitive activities using some publicly accessible WiFi (without any account/ID registration, avoid CCTVs). This can be anywhere that will not be tied to you directly (your home/work) and where you can use the Wi-Fi for a while without being bothered. But also, a place where you can do this without being “noticed” by anyone. If you think Starbucks is a good idea, you may reconsider: • •

They probably have CCTVs in all their shops and keep those recordings for an unknown amount of time. You will need to buy a coffee to get the Wi-Fi access code in most. If you pay this coffee with an electronic method, they will be able to tie your Wi-Fi access with your identity.

Situational awareness is key and you should be constantly aware of your surroundings and avoid touristy places like it was plagued by Ebola. You want to avoid appearing on any picture/video of anyone while someone is taking a selfie, making a TikTok video or posting some travel picture on their Instagram. If you do, remember chances are high that those pictures will end up online (publicly or privately) with full metadata attached to them (time/date/geolocation) and your face. Remember these can and will be indexed by Facebook/Google/Yandex/Apple and probably all 3 letters agencies. While this will not be available yet to your local police officers, it could be in the near future. You will ideally need a set of 3-5 different places such as this to avoid using the same place twice. Several trips will be required over the weeks for the various steps in this guide.

You could also consider connect to these places from a safe distance for added security. See Appendix Q: Using long range Antenna to connect to Public Wi-Fis from a safe distance.

The TAILS route: This part of the guide will help you in setting up TAILS if one of the following is true: o o o o

You cannot afford a dedicated laptop Your dedicated laptop is just too old and too slow You have very low IT skills You decide to go with TAILS anyway

TAILS 243 stands for The Amnesic Incognito Live System. It is a bootable Live Operating System running from a USB key that is designed for leaving no traces and forcing all connections through the Tor network. You pretty much insert the Tails USB key into your laptop, boot from it and you have a full operating system running with privacy and anonymity in mind. As soon as you shut down the computer, everything will be gone unless you saved it somewhere. Tails is a very easy way to get going in no time with what you have and without much learning. It has extensive documentation and tutorials. It does however have some drawbacks: •

• • • • •

Tails uses Tor and therefore you will be using Tor to access any resource on the internet. This alone will make you suspicious to most platforms where you want to create anonymous accounts (this will be explained in more details later). Your ISP (whether it is yours or some public Wi-Fi) will also see that you are using Tor and this could make you suspicious in itself. Tails does not include (natively) some of the software you might want to use later which will complicate things quite a bit if you want to run some specific things (Android Emulators for instance). Tails uses Tor Browser which while it is very secure will be detected as well by most platforms and will hinder you in creating anonymous identities on many platforms. Tails will not protect you more from the 5$ wrench11. Tor in itself might not be enough to protect you from an adversary with enough resources as explained earlier.

Important Note: If your laptop is monitored/supervised and some local restrictions are in place, please read Appendix U: How to bypass (some) local restrictions on supervised computers. You should also read Tails Documentation, Warnings, and limitations, before going further https://tails.boum.org/doc/about/warning/index.en.html [Archive.org] Taking all this into account and the fact that their documentation is great, I will just redirect you towards their wellmade and well-maintained tutorial: https://tails.boum.org/install/index.en.html [Archive.org] , pick your flavor and proceed. When you are done and have a working Tails on your laptop, go to the Creating your anonymous online identities step much further in this guide. If you’re having issue accessing Tor due to censorship or other issues, you can try using Tor Bridges by following this TAILS tutorial: https://tails.boum.org/doc/first steps/welcome screen/bridge mode/index.en.html [Archive.org] and find more information about these on Tor Documentation https://2019.www.torproject.org/docs/bridges [Archive.org] If you think using Tor alone is dangerous/suspicious, see Appendix P: Accessing the internet as safely as possible when Tor/VPN is not an option

Persistent Plausible Deniability using Whonix within TAILS: Consider checking the https://github.com/aforensics/HiddenVM [Archive.org] project for TAILS.

This project is a clever idea of a one click self-contained VM solution that you could store on an encrypted disk using plausible deniability254 (see The Whonix route: first chapters and also for some explanations about Plausible deniability, as well as the How to securely delete specific files/folders/data on your HDD/SDD and Thumb drives: section at the end of this guide for more understanding). This would allow the creation of a hybrid system mixing TAILS with the Virtualization options of the Whonix route in this guide.

Note: See Pick your connectivity method in the Whonix Route for more explanations about Stream Isolation In short: • • •

You could run non-persistent TAILS from one USB key (following their recommendations) You could store persistent VMs within a secondary contained that could be encrypted normally or using Veracrypt plausible deniability feature (these could be Whonix VMs for instance or any other). You do benefit from the added Tor Stream Isolation feature (see Tor over VPN for mor info about stream isolation).

In that case as the project outlines it, there should be no traces of any of your activities on your computer and the sensitive work could be done from VMs stored into a Hidden container that should not be easily discoverable by a soft adversary. This option is particularly interesting for “traveling light” and to mitigate forensics attacks while keeping persistence on your work. You only need 2 USB keys (one with TAILS and one with a Veracrypt container containing persistent Whonix). The first USB key will appear to contain just TAILS and the second USB will appear to contain just random garbage but will have a decoy volume which you can show for plausible deniability. You might also wonder if this will result in a “Tor over Tor” setup but it will not. The Whonix VMs will be accessing the network directly through clearnet and not through TAILS Onion Routing. In the future, this could also be supported by the Whonix project themselves as explained here: https://www.whonix.org/wiki/Whonix-Host [Archive.org] but it not yet recommended as of now for end-users. Remember that encryption with or without plausible deniability is not a silver bullet and will be of little use in case of torture11. As a matter a fact, depending on who your adversary would be (your threat model), it might be wise not to use Veracrypt (formerly TrueCrypt) at all as shown in this demonstration: https://defuse.ca/truecrypt-plausibledeniability-useless-by-game-theory.htm [Archive org] Plausible deniability is only effective against soft lawful adversaries that will not resort to physical means.

See https://en.wikipedia.org/wiki/Rubber-hose cryptanalysis [Archive.org] CAUTION: Please see Appendix K: Considerations for using external SSD drives and Understanding HDD vs SSD sections if you consider storing such hidden VMs on an external SSD drive: • • •

Do not use hidden volumes on SSD drives as this is not supported/recommended by Veracrypt 244. Use instead file containers instead of encrypted volumes. Make sure you do know how to clean data from an external SSD drive properly.

Here is my guide on how to achieve this: First Run: • Download the latest HiddenVM release from https://github.com/aforensics/HiddenVM/releases [Archive.org] • Download the latest Whonix XFCE release from https://www.whonix.org/wiki/VirtualBox/XFCE [Archive.org] • Prepare a USB Key/Drive with Veracrypt o Create a Hidden Volume on the USB/Key Drive (I would recommend at least 16GB for the hidden volume) o In the Outer Volume, place some decoy files o In the Hidden Volume, place the HiddenVM appimage file o In the Hidden Volume, place the Whonix XFCE ova file • Boot into TAILS • Setup the Keyboard layout as you want. • Select Additional Settings and set an administrator (root) password (needed for installing HiddenVM) • Start Tails • Connect to a safe wi-fi (this is a required step for the rest to work) • Go into Utilities and Unlock your Veracrypt (hidden) Volume (do not forget to check the hidden volume checkbox) • Launch the HiddenVM appimage • When prompted to select a folder, select the Root of the Hidden volume (where the Whonix OVA and HiddenVM app image files are). • Let it do its thing (This will basically install Virtualbox within Tails with one click) • When it is done, it should automatically start Virtualbox Manager. • Import the Whonix OVA files (see Whonix Virtual Machines:) Note, if during the import you are having issues such as “NS_ERROR_INVALID_ARG (0x80070057)”, this is probably because there is not enough disk space on your Hidden volume for Whonix. Whonix themselves recommend 32GB of free space but that’s probably not necessary and 10GB should be enough for a start. You can try working around this error by renaming the Whonix *.OVA file to *.TAR and decompressing it within TAILS. When you are done with decompression, delete the OVA file and Import the other files with the Import wizard. This time it might work. Subsequent Runs: • Boot into TAILS • Connect to Wi-Fi • Unlock your Hidden Volume • Launch the HiddenVM App • This should automatically open VirtualBox manager and show your previous VMs from the first run

Steps for all other routes: Get a dedicated laptop for your sensitive activities: Ideally, you should get a dedicated laptop that will not be tied to you in any easy way (ideally paid with cash anonymously and using the same precautions as previously mentioned for the phone and the SIM card). It is recommended but not mandatory because this guide will help you harden your laptop as much as possible to prevent data leaks through various means. There will be several lines of defense standing between your online

identities and yourself that should prevent most adversaries from de-anonymizing you besides state/global actors with considerable resources. This laptop should ideally be a clean freshly installed Laptop (Running Windows, Linux or MacOS), clean of your normal day to day activities and offline (never connected to the network yet). In the case of a Windows laptop, and if you used it before such a clean install, it should also not be activated (re-installed without a product key). Specifically in the case of MacBooks, it should never have been tied to your identity before in any means. So, buy second-hand with cash from an unknown stranger who does not know your identity This is to mitigate some future issues in case of online leaks (including telemetry from your OS or Apps) that could compromise any unique identifiers of the laptop while using it (MAC Address, Bluetooth Address, and Product key …). But also, to avoid being tracked back if you need to dispose of the laptop. If you used this laptop before for different purposes (like your day-to-day activities), all its hardware identifiers are probably known and registered by Microsoft or Apple. If later any of those identifiers is compromised (by malware, telemetry, exploits, human errors …) they could lead back to you. The laptop should have at least 250GB of Disk Space at least 6GB (ideally 8GB or 16GB) of RAM and should be able to run a couple of Virtual Machines at the same time. It should have a working battery that lasts a few hours. This laptop could have an HDD (7200rpm) or an SSD/NVMe drive. Both possibilities have their benefits and issues that will be detailed later. All future online steps performed with this laptop should ideally be done from a safe network such as a Public Wi-Fi in a safe place (see Find some safe places with decent public Wi-Fi). But several steps will have to be taken offline first.

Some laptop recommendations: If you can afford it, you might consider getting a Purism Librem laptop (https://puri.sm [Archive.org]) or System76 laptops (https://system76.com/ [Archive org]) while using Coreboot 245 (where Intel IME is disabled from factory). In other cases, I would strongly recommend getting Business grade laptops (meaning not consumer/gaming grade laptops) if you can. For instance, some ThinkPad from Lenovo (my personal favorite). Here are lists of laptops currently supporting Libreboot and others where you can flash Coreboot yourself (that will allow you to disable Intel IME or AMD PSP): • • •

https://freundschafter.com/research/system-alternatives-without-intel-me-iamt-and-amd-psp-securetechnology/ [Archive.org] https://libreboot.org/docs/hardware/ [Archive.org] https://coreboot.org/status/board-status.html [Archive.org]

This is because those business laptops usually offer better and more customizable security features (especially in the BIOS/UEFI settings) with longer support than most consumer laptops (Asus, MSI, Gigabyte, Acer…). The interesting features to look for are IMHO: • • •

• • •

Better custom Secure Boot settings (where you can selectively manage all the keys and not just use the Standard ones) HDD/SDD passwords in addition to just BIOS/UEFI passwords. AMD laptops could be more interesting as some provide the ability to disable AMD PSP (the AMD equivalent of Intel IME) from the BIOS/UEFI settings by default. And, because AFAIK, AMD PSP was audited and contrary to IME was not found to have any “evil” functionalities 246. However, if you are going for the Qubes OS Route consider Intel as they do not support AMD with their anti-evil-maid system 247. Secure Wipe tools from the BIOS (especially useful for SDD/NVMe drives, see Appendix M: BIOS/UEFI options to wipe disks in various Brands). Better control over the disabling/enabling of select peripherals (USB ports, Wi-Fis, Bluetooth, Camera, Microphone …). Better security features with Virtualization.

• • •

Native anti-tampering protections. Longer support with BIOS/UEFI updates (and subsequent BIOS/UEFI security updates). Some are supported by Libreboot

Bios/UEFI/Firmware Settings of your laptop: PC: These settings can be accessed through the boot menu of your laptop. Here is a good tutorial from HP explaining all the ways to access the BIOS on various computers: https://store.hp.com/us/en/tech-takes/how-to-enter-bios-setupwindows-pcs [Archive.org] Usually how to access it is pressing a specific key (F1, F2 or Del) at boot (before your OS). Once you are in there, you will need to apply a few recommended settings: • • • •



• • • • • •

Disable Bluetooth completely if you can. Disable Biometrics (fingerprint scanners) if you have any if you can. However, you could add a biometric additional check for booting only (pre-boot) but not for accessing the BIOS/UEFI settings. Disable the Webcam and Microphone if you can. Enable BIOS/UEFI password and use a long passphrase 248 instead of a password if you can and make sure this password is required for: o Accessing the BIOS/UEFI settings themselves o Changing the Boot order o Startup/Power-on of the device Enable HDD/SDD password if the feature is available. This feature will add another password on the HDD/SDD itself (not in the BIOS/UEFI firmware) that will prevent this HDD/SDD from being used in a different computer without the password. Note that this feature is also specific to some manufacturers and could require specific software to unlock this disk from a completely different computer. Prevent accessing the boot options (the boot order) without providing the BIOS/UEFI password if you can. Disable USB/HDMI or any other port (Ethernet, Firewire, SD card …) if you can. Disable Intel ME if you can. Disable AMD PSP if you can (AMD’s equivalent to IME, see Your CPU) Disable Secure Boot if you intend to use QubesOS as they do not support it out of the box 249. Keep it on if you intend to use Linux/Windows. Check if your laptop BIOS has a secure erase option for your HDD/SDD that could be convenient in case of need.

Only enable those on a “need to use” basis and disable then again after use. This can help mitigate some attacks in case your laptop is seized while locked but still on OR if you had to shut it down rather quickly and someone took possession of it (this topic will be explained later in this guide). About Secure boot: So, what is Secure Boot 250? In short, it is a UEFI security feature designed to prevent your computer from booting an operating system from which the bootloader was not signed by specific keys stored in the UEFI firmware of your laptop. Basically, when the Operating Systems (or the Bootloader 251) supports it, you can store the keys of your bootloader in your UEFI firmware and this will prevent booting up any unauthorized Operating System (such as a live OS USB or anything similar). Secure Boot settings are protected be the password you setup to access the BIOS/UEFI settings. If you have that password, you can disable Secure Boot and allow unsigned OSes to boot on your system. This can help mitigate some Evil-Maid attacks (explained later in this guide). In most cases Secure Boot is disabled by default or is enabled but in “setup” mode which will allow any system to boot. For Secure Boot to work, your Operating System will have support it and then sign its bootloader and push

those signing keys to your UEFI firmware. After that you will have to go to your BIOS/UEFI settings and save those pushed keys from your OS and change the Secure Boot from setup to user mode (or custom mode in some cases). After doing that step, only the Operating Systems from which your UEFI firmware can verify the integrity of the bootloader will be able to boot. Most laptops will have some default keys already stored in the secure boot settings. Usually those from the manufacturer itself or from some companies such as Microsoft. So, this means that by default, it will always be possible to boot some USB disks even with secure boot. These includes Windows, Fedora, Ubuntu, Mint, Debian, CentOS, OpenSUSE, TAILS, Clonezilla and many others. Secure Boot is however not supported at all by QubesOS at this point. In some laptops, you can manage those keys and remove the ones you do not want with a “custom mode” to only authorize your own bootloader that you could sign yourself if you really want to. So, what is Secure Boot protecting you from? It will protect your laptop from booting unsigned bootloaders (by the OS provider) with for instance injected malware. What is Secure Boot not protecting you from? • •



Secure Boot is not encrypting your disk and an adversary can still just remove the disk from your laptop and extract data from it using a different machine. Secure Boot is therefore useless without full disk encryption. Secure Boot is not protecting you from a signed bootloader that would be compromised and signed by the manufacturer itself (Microsoft for example in the case of Windows). Most mainstream Linux distributions are signed these days and will boot with Secure Boot enabled. Secure Boot can have flaws and exploits like any other system. If you are running an old laptop that does not benefit from new BIOS/UEFI updates, these can be left unfixed.

Additionally, there are number of attacks that could be possible against Secure Boot as explained (in depth) in these technical videos: • •

Defcon 22, https://www.youtube.com/watch?v=QDSlWa9xQuA [Invidious] BlackHat 2016, https://www.youtube.com/watch?v=0fZdL3ufVOI [Invidious]

Источник: https://ebin.pub/the-hitchhikers-guide-to-online-anonymity-version-094-may-2021-version-094-version-094nbsped-1234950554.html

Adguard issue with lifetime license

Chinaski

Chinaski

Quality Assurance
@LetsFixTheNet

Hello there!


First, try to reinstall the application using this utility.

If the problem repeats itself, you should pay attention to the host's file:
  1. Press Windows+R on your keyboard. When the Run window opens, type in the following command: %systemroot%\system32\drivers\etc\hosts and press OK or Enter
  2. Windows will display a prompt asking you what program should be used to open the file. Select Notepad and press OK
  3. If your hosts file contains these records, please delete them and press Ctrl+S to save the file:
    • 127.0.0.1 api.adguard.com
    • 127.0.0.1 api-b.adguard.com
    • 127.0.0.1 api-c.adguard.com
    • 127.0.0.1 api-d.adguard.com
  4. Close Notepad, reboot your PC and check if the issue persists;
Источник: https://forum.adguard.com/index.php?threads/adguard-issue-with-lifetime-license.35901/

The Best PC Cleaner Software

Why You Should Trust Me



Hi, my name is Thomas Boldt, and I’ve been a PC user since the days of Windows 3.1 and MS-DOS. Admittedly, there wasn’t much you could do with Windows back then (and I was a kid), but starting that early has given me a broad perspective on what’s possible with the PC environment and how far we’ve come since the early days.

In more modern times, I build all of my desktop computers myself from individual components, and I apply that same meticulous care to making sure they operate at peak performance on the software side of things as well. I use my desktops both for work and for play, and I expect the very best from them no matter what I’m doing.

I’ve tried a range of PC cleaning and optimization apps over the course of my hobby and my career, with varying degrees of success – some are useful, and others are a waste of time. I bring all that knowledge and experience to this review so that you won’t have to spend years learning everything you’ll need to know to separate the good programs from the bad.

Note: none of the companies mentioned in this review have provided me with special consideration or compensation for writing this roundup review. All the opinions and experiences are my own. The test computer used is relatively new, but has been in heavy usage and has not been cleaned recently.

The Truth About PC Cleaning Apps

There is a fairly large industry built around programs that claim to speed up your PC by cleaning out old files, registry entries, and other miscellaneous junk that supposedly builds up over time from normal daily computer use. It makes a certain amount of logical sense on the surface, but do the claims really hold up under investigation?

The fact is, your PC doesn’t slow down because your hard drive has become ‘cluttered’ with miscellaneous, unknown files. If you’re experiencing slower than usual boot times and unresponsive programs, there are other culprits that lurk behind the scenes causing these frustrating issues.

Registry cleaning is one of the major features of many PC cleaners, but it has never really been proven to do anything to speed up your PC. Some people, including the excellent anti-malware developer MalwareBytes, have even gone so far as to call registry cleaners ‘digital snake oil’. If you use a low-quality registry cleaner, there’s even the possibility of completely ruining your operating system and having to reinstall everything from the ground up. Microsoft used to make one, discontinued it, and eventually issued a statement about them:

“Microsoft is not responsible for issues caused by using a registry cleaning utility. We strongly recommend that you only change values in the registry that you understand or have been instructed to change by a source you trust, and that you back up the registry before making any changes. Microsoft cannot guarantee that problems resulting from the use of a registry cleaning utility can be solved. Issues caused by these utilities may not be repairable and lost data may not be recoverable.” – Source: Microsoft Support

Despite that warning, all of the major PC cleaners include some type of registry cleaning feature, but we also recommend that you do not use these tools no matter who developed them.

As if that wasn’t enough to make you wonder about PC cleaners in general, there’s also the fact that the marketing hype often tries to sell you on having a computer that ‘runs like new’. Unfortunately, this is mostly exaggeration – you can’t usually have a computer that runs like new and still has all your files and software installed on it. Part of the reason they run so well when they’re brand new is that they’re a blank slate, and as soon as you start installing programs and customizing things, you’re asking it to do more work.

That doesn’t mean that PC cleaning apps are useless, though – far from it! It’s just important to manage your expectations. Even though the marketing hype is usually over the top and very dramatic, you can still do a lot to improve your PC’s performance. You’ll definitely be able to free up some storage space and speed up your Windows loading time with the right program, and many of the apps come with some other great features such as privacy cleaners, duplicate file checkers, and secure delete functions.

An Important Note About Security

Most software developers are interested in creating the best possible program, but not everyone is so admirable. Some developers are merely interested in making money, and a few try so hard to make sales that their tactics wind up uncomfortably close to the tactics used by scammers. Whenever you’re downloading a new piece of software, you should always scan it with your trusty (and updated) antivirus/anti-malware security program to make sure it’s safe to install.

During the course of my testing, several of the programs that I considered reviewing were flagged by Windows Defender and/or MalwareBytes AntiMalware. There was one that wouldn’t even finish downloading before Windows Defender blocked it! But don’t worry – all of the programs included in the published version of this review passed all available security scans. It just goes to show you the importance of having good security practices!

Who Will (and Who Won’t) Benefit From Using a PC Cleaner

This is a bit of a difficult question to answer because people use their PCs in very different ways. Some people are comfortable using system tools, command lines, and editing registry entries, while others are content to check their email and watch cat videos without knowing (or caring) what a command line is.

If you’re a casual user who browses the web, checks email/social media, and does a bit of basic word processing, you might not find much benefit from an expensive PC cleaning app. It might be useful for helping you free up some storage space and ensuring that you’re not leaving any personally identifiable information on your computer, but you can usually accomplish the same thing without having to pay for it.

That being said, it can be much easier to have a single program that handles all the little maintenance tasks easily for you. If you’re uncomfortable tracking and managing all the different areas to clean yourself, it can be very useful to have a single program that brings all of your cleaning options together in one spot.

If you’re someone who likes to tinker with things, uses a PC professionally or you’re a seriously dedicated gamer, you’re probably going to get some more tangible benefits. Ensuring that you have plenty of free space on your main operating system drive is very helpful for scratch space and page files, and ensuring that your old hardware drivers don’t cause problems with the next update can save a great deal of time in advance. Almost all of these PC cleaning app functions can be handled using other aspects of Windows, but it is still helpful to have them all in one place.

If you’re someone who constantly installs and uninstalls new programs (such as a software review writer, for instance), you might even find that there actually are some leftover ‘junk’ files from previous program installations!

How We Tested and Selected

With so many different ways to “clean” a PC, it was important to standardize the way we looked at the programs involved. Here’s a rundown of the criteria we used to make our final selections:

They need comprehensive options.

Many PC cleaning apps claim they can speed up your PC dramatically, but the reality is that there are usually several small issues that can be fixed and monitored. Individually, none of them are that serious, but when they all start to have problems at once, your PC’s performance can really start to be affected. That makes it essential for a PC cleaning app to cover a wide range of options, from managing your startup programs to helping maximize your available storage space. Having a few extra functions like duplicate file checking and full uninstallation management can be very useful too!

They should be easy to use.

Windows already lets you manage most (if not all) of the functions offered by PC cleaning apps, but it can be finicky and time-consuming to handle things that way. A good cleaning app will bring all those functions together in a single place, and make the whole process easy to manage. Otherwise, you’re better off saving your money and learning how to do it all yourself.

They should get updated regularly.

Since your computer is constantly being updated (or at least it should be), it’s important that your cleaning app gets updated regularly too. Some more basic functions like duplicate file searching and free space recovery won’t change much from version to version, but if your PC cleaning app also has virus scanning or driver management features, regular updates are necessary to keep things running smoothly and effectively.

They must not try to scare you into buying them.

A lot of PC users aren’t very comfortable with the technical details of how their computers work. Some shady software developers try to take advantage of that fact by scaring users into thinking something is going desperately wrong unless you buy their software this very second. This is the equivalent of an unreliable auto mechanic piling repair charges onto your bill that you don’t really need. No good mechanic would do that, and no good software developer would either.

They must be affordable if you decide to purchase.

Most PC cleaning apps don’t need to be run regularly unless you’re using your PC constantly every day. Even then, they’ll probably still do a great job if you only run them a couple of times per year. That means that affordability is key and that any developer trying to offer users a yearly subscription to their program might not be offering the best value for money. Some dedicated developers do regularly update their programs enough to make a subscription model worthwhile, you just make sure that you’re getting enough benefit to make the ongoing cost worthwhile.

They must be compatible with all recent Windows versions.

Windows has gone through a number of different versions lately, and many people are still running Windows 7, Windows 8 or 8.1. Since upgrading can be expensive, the same household will often have multiple computers running different versions. A good PC cleaning app that offers a multi-computer license should support all the recent versions of Windows (including Windows 10) so that you don’t have to buy a different program for each computer.

The Winner’s Circle

Best for Casual Users: CleanMyPC

($39.95 single computer license, $59.95 for two computers, $89.95 for five computers)

A simple interface makes cleaning tasks easy, whether you’re freeing up space or managing startup programs

CleanMyPC is one of the few Windows apps produced by MacPaw, a developer who typically makes programs for (you guessed it) the macOS environment. It offers a decent set of cleaning features such as free space, startup program and uninstall management wrapped up in an easy-to-use interface. It also throws in browser extension management and privacy cleaning, as well as a secure delete feature.

As you might expect from a developer who works primarily with Macs, the interface design is simple and clean, and it doesn’t overwhelm users with too much detail. A quick click on the ‘Scan’ button, an optional review of the content and a click on the ‘Clean’ button and you’ve freed up some space.
The rest of the tools are just as easy to use, although it’s debatable whether or not the Registry Maintenance section will really do any good. It’s a common claim among PC cleaning apps that it will help, and all of them seem to include it in one form or another, so I’ve decided not to hold it against any of them.

In addition to offering on-demand cleaning, CleanMyPC also has some excellent background monitoring options. It keeps track of space being used by your Recycle Bin and whether or not a new program adds itself to your Windows startup sequence. Many programs don’t ask for permission before adding themselves, and it’s nice to be able to easily keep tabs on this in automatically when you install a new program.

CleanMyPC is available as a free trial, and as you can see in the screenshots, MacPaw doesn’t try any scare tactics to get you to purchase the full version. Instead, they simply limit the amount of free space you can clear to 500 MB while letting you test out the other features. It’s also regularly updated and compatible with Windows 7, 8 and 10, ensuring that it will run smoothly on any modern PC. If you’re still using Windows Vista or XP, you’re going to need to do a lot more than run a PC cleaner!

On the downside, it’s a bit expensive, especially if you want to use one program to clean an entire household full of computers. However, it’s also one of the simplest programs to use that includes the most important features of a good PC cleaner, making it perfect for the casual home user who wants to do the occasional maintenance.

Download CleanMyPC

Best for Enthusiast Users: AVG PC TuneUp

($49.99 yearly for unlimited Windows/Mac/Android licenses, on sale for $37.49 per year)

AVG first rose to prominence with their much-loved free antivirus software, and they have since expanded into a full range of PC system tools. TuneUp offers an impressive set of features in a simple, well-designed interface centered around the various tasks that you might want to perform: Maintenance, Speed Up, Free Up Space, and Fix Problems. Each of these sections runs a number of tools automatically for you, while the ‘All Functions’ section offers you a breakdown of all the tools available for individual use.

AVG PC TuneUp offers everything you’d expect from an enthusiast-level cleaning app: startup management, disk management tools, and program management. There’s also the obligatory registry tools, although again, there is little data to suggest that these help much on their own and they can actually do harm.

AVG has also packed in secure delete features, browser cleanup options and a set of live optimization modes. This is a great feature that is primarily intended for laptops, allowing you to manage your background applications and connected devices on the fly with a single click. If you’re trying to squeeze every last compute cycle of performance out of your device, you can disable background apps to keep the focus on the task at hand. If you’re worried about every last nanosecond of battery life, you can set the optimization mode to Economy, disabling powered connected devices and programs that chew through your battery in the background.

Unfortunately, the slick grey interface disappears once you get down into the detail views of each of the tools, but they still provide an excellent level of control, as you would expect from an enthusiast-level app. Even on a basic free space cleanup, it probed impressively deep into my file structure, uncovering issues such as leftover Steam redistributable that even I didn’t know about.

AVG doesn’t use any dodgy scare tactics to get you to purchase the full version subscription, and TuneUp has an impressive level of compatibility. One of the best features of AVG TuneUp is that you can install it on as many devices as you like, including all versions of Windows from XP onwards, macOS and even Android smartphones and tablets – all using the same subscription! No other program I looked at had that level of compatibility and unlimited licensing, and it’s a big part of what makes AVG TuneUp the best enthusiast cleaner. You can learn more from our full AVG TuneUp review.

Get AVG TuneUp

The Awkward Runner-Up: Avast CCleaner

(formerly owned and developed by Piriform, free.)

CCleaner has been one of the most widely-used free PC cleaning apps for over a decade, but despite its popularity and capabilities, I can’t include it in the final winner list with a clear conscience. The CCleaner team had a major security and PR disaster in September 2017, when it was discovered that the version of the program available on the official download server had been infected with Floxif trojan malware. For those of you who don’t know the story, JP has written a comprehensive overview of the situation available here.

It’s important to point out that the CCleaner team did everything right when it came to fixing the problem – they announced the vulnerability, and quickly patched the program to prevent future issues. When you compare that response to companies who experience data breaches but don’t inform affected users until months or even years after the fact, you can see that they reacted as well as they could have.

That being said, it’s still hard to recommend it until the developers make certain that their security procedures have been improved to prevent this from happening again. If you’re comfortable taking the risk and you promise not to blame me, JP, or SoftwareHow if anything at all goes wrong, you can download the latest (malware free) version here.

The Paid Competition

Glary Utilities PRO

($39.99 yearly for 3 computer license, on sale for $11.99)

If you’re an enthusiast user who doesn’t mind taking the time to learn a program, Glary Utilities might be for you. It’s got an impressively comprehensive set of options, and each one can be deeply customized to fit almost any situation. In addition to some of the more standard cleaning tools like startup program management, registry cleaning and complete management for uninstalling programs, there are a huge number of other tools packed in here.

The one thing that I find most deeply frustrating about this program is the interface. It’s got excellent capabilities, but they are buried in one of the most confusingly-designed interfaces I’ve seen in a long time. Three separate menus – along the top, along the bottom, and in the ‘Menu’ button – all lead to similar places, but with slightly different variations. There’s no logic to what goes where, or why it goes there, and each tool opens up in a new window without indicating how to go back to the main dashboard. Amusingly enough, this is their ‘new and innovative’ interface.

If you can get past the interface issues, there’s a lot to like about this program. It’s regularly updated and is compatible with all versions of Windows from Vista onwards. They don’t use scare tactics to get you to buy the pro version, and in fact, they even offer a free version which we included in the ‘Free Alternatives’ section. If the interface was updated to something more rational and user-friendly, it would be a much stronger contender.

Norton Utilities

($49.99 for 3 computer license)

Norton Utilities provides an excellent range of features in an easy-to-use interface. 1-Click Optimization makes it extremely simple to keep your PC clean, and they have bundled together an impressive number of additional features, from duplicate file checkers to lost file recovery and secure deletion.

I did notice that after running the 1-Click Optimization all caching on my browser had been temporarily disabled, and all of my cached CSS files had been removed. These files are not exactly space-hogs, so I’m not sure why they would be included in an automatic cleaning process. This had the side effect of breaking every website I visited until I did a hard refresh to fix them, but the broken web pages might have confused an inexperienced user.

There are a couple of other things that keep Norton out of the winner’s circle. It’s one of the more expensive cleaning apps in this review, at $49.99, and you’re limited to installing on just 3 PCs. This means that it’s not exactly right for the winning the enthusiast category, as enthusiasts usually have at least 3 PCs in the house, and it’s a bit too complex for winning in the casual user category. It’s still an excellent choice from a feature standpoint, though, if you’re not a fan of our chosen winners – or if you want to avoid a yearly subscription fee!

Norton no longer offers a free trial on their website, but you can still find a copy of the free trial here. If you want to go ahead and buy right away, you can do so directly from Norton below.

Comodo PC TuneUp

($19.99 per year subscription)

Comodo PC TuneUp is a bit of a strange entry in the list. It covers some of the more basic PC cleaning functions such as searching for junk files and the obligatory/useless registry fixes, but it also includes a malware scanner, a Windows event log scanner, and a rather vague ‘security scanner’. Comodo also includes a duplicate file scanner, a registry defragmenter and a unique ‘force delete’ tool that allows you to defer deletion of files that are in use until your next restart.

It’s been fairly amusing to see what the different cleaning programs consider to be problems. Comodo didn’t find any issues with my Windows registry, despite the fact that the other programs I tested did. I never run any of the registry tools (apart from scanning) and you shouldn’t either, but it’s worth pointing out that there is evidently some disagreement about what causes problems.

Even more amusingly, the two security scanner results were both from entries in the registry, despite the fact that the registry scanner said everything was fine. I’m not sure what to make of that, but it doesn’t exactly fill me with confidence in its cleaning abilities. It also found the least amount of junk files at 488 MB, a sharp contrast to the potential 19 GB found by AVG PC TuneUp.

While it has good Windows compatibility, regular updates and a streamlined interface, the strange mix of tools and lackluster search performance means that this tool isn’t quite ready for the spotlight just yet. If you want to try it out anyways, you can download the free trial of Comodo PC TuneUp here by clicking the ‘Instant Scan’ button.

iolo System Mechanic

($49.95, licensed for all computers in a single household)

iolo has received a lot of recognition for its PC cleaner app, but my experience didn’t really live up to the expectations. I almost removed it from the review entirely, but so many people recommend it that I thought it was worth sharing my experience. It has a fairly standard set of options for managing PC cleaning and offers a range of ‘boosts’ intended to optimize everything from CPU speed to network speed, although it’s quite vague on how exactly it accomplishes this.

These issues are overshadowed by a much larger problem, however, as before I could even finish testing I ran into some trouble. Regular updating is one of the criteria we used to assess the available PC cleaners, and System Mechanic actually received an update while I was in the process of testing it. I thought it was a perfect change to test how well it handled updates, so I let it go ahead. It automatically uninstalled the old version, restarted my computer and installed the new version, but I ran into a problem immediately:

As you can see, the entire UI looks modernized after the update, but it’s entirely possible that it downloaded the wrong version of the software since everything went haywire and became totally unusable

I was only using the trial version, so I’m not exactly sure how it could possibly think that I had violated any license. I thought I could solve the problem by uninstalling and reinstalling, but when I tried to use the trial activation key that iolo emailed me, it told me that it was not valid for that program and was intended for another – even though I was just following its own update process!

It’s possible that your mileage may vary, but I wouldn’t trust my PC maintenance to a company that messes up its own product launches. Let this be a cautionary tale about the importance of choosing a quality software developer, even among those that have been recommended by others!

You can download System Mechanic from iolo here.

The Free Alternatives

In most cases, free software alternatives don’t offer quite the same level of comprehensive cleaning options or automatic management as paid software, but they can still be very useful.

Glary Utilities Free

This is one of the exceptions to the rule, of course. The free version of Glary Utilities provides some excellent features that make it a great choice for those who don’t have the budget or the need for the Pro version. Most of what’s left out of the free version has to do with automatic maintenance and “deep cleaning”, although unfortunately, both versions share the same bizarre interface.

Keen-eyed readers will note that my boot time has improved by 17 seconds since I reviewed the Pro version!

Many users who are considering the Pro version will probably be satisfied with the Free version, and they both share the same regular updates and extensive Windows compatibility.

You can download the free version of Glary Utilities here, and also see a comparison between the free and pro versions.

Duplicate Cleaner

This program is firmly at the very basic end of the PC cleaning spectrum, as it really only does what the name suggests: search out duplicate files. This can be a major help when it comes to freeing up storage space, especially if you’re using a new laptop with a relatively small solid state drive. Running out of storage space can dramatically reduce the speed of your computer, and duplicate file searching is one cleaning function that isn’t built into Windows.

There is also a Pro version of Duplicate Cleaner available.

You can download the free version of Duplicate Cleaner here.

BleachBit

The open source PC cleaner BleachBit is sort of a balance between the two previous free options, offering a range of disk space cleaning tools and secure delete options. Like most free software that doesn’t have a paid counterpart, the interface for BleachBit leaves a great deal to be desired – but at least you can’t call it confusing.

It doesn’t really offer the same functionality as any of the more comprehensive options, but it does have decent support and regular updates. It also is the only program we looked at that has a Linux version, as well as a few additional tools that are only available in the Linux environment.

BleachBit is available for download here.

A Final Word

PC cleaning apps have come a long way since the early days, even though some of the tools they’ve included are a bit dubious (I’m looking at you, registry “cleaners”!). When you’re selecting and using a PC cleaner, be sure to remember that they are all designed to make you feel like you’d be lost without them. When they tell you that you’ve got 1729 issues to be corrected, don’t get frantic – they’re usually just counting every single file that could be deleted, not saying that your computer is about to break down.

Do you have a favorite PC cleaning app that I left out of this review? Let me know in the comments below and I’ll take a look!

Источник: https://www.softwarehow.com/best-pc-cleaner/

Is It Time to Trust CCleaner Again?

CCleaner has been around longer than most Windows utility cleaners, and was a go-to recommendation for some time. However, starting in 2017, the software ran into several problems that tarnished its reputation.

This led to many, including us, to recommend that you stop using CCleaner. But that was years ago---how has the app changed, and is it worth using now? Let's take a fresh look.

A Brief History of CCleaner's Problems

In case you're not familiar, CCleaner's issues started in 2017 shortly after developer Piriform was bought by Avast. The 32-bit app version on CCleaner's website was hacked, adding a Trojan to the download, which the company thankfully caught before it became widespread.

Later, the company introduced an "Active Monitoring" feature that collected anonymized data about your usage. This is fairly standard, but the problem was that when you turned the setting off, it re-enabled itself upon a reboot. That update also made CCleaner difficult to close through standard methods.

Finally, in 2018 the app also started ignoring users' preference to disable automatic updates. On top of this, CCleaner's free version regularly nags you to upgrade to the paid version. Have a look at our guide to replacing CCleaner for more history and information.

All of these factors made it feel more like an unwanted program than something that benefits your computer. But now, are these problems cleaned up? And further, is CCleaner even worth using?

What Does CCleaner Offer?

You probably know CCleaner primarily for its PC cleaning capabilities, which is still the core of the software. However, it has several other features and has picked up a new trick or two in the last few years.

CCleaner's Health Check

The new Health Check is what you see upon opening CCleaner. This runs a scan on your PC to show "issues" in four areas:

  • Privacy
  • Space
  • Speed
  • Security

The final two categories are only fixable with a Pro subscription to CCleaner, which we'll discuss later.

Privacy cleans up cookies, browser history, and temporary internet files from the various browsers on your PC. Space cleans out the Recycle Bin, temporary app files, and temporary Windows system files.

Moving on, Speed analyzes startup programs and recommends you disable ones that make a big impact on startup speed. Finally, in Security, CCleaner will detect outdated apps on your system and update them to the latest versions.

You can uncheck specific actions in a category on its respective page if you want to exclude something. Hit Make it better when you're satisfied and CCleaner will process what you requested.

Custom Clean

If you're a CCleaner veteran, the Custom Clean tab will look familiar. This lets you pick and choose exactly what you want to clean up.

The Windows section has Edge and internet Explorer browser data, as well as Windows files like log data, thumbnail caches, and emptying the Recycle Bin. On Applications, you can clear temporary data for other browsers as well as apps like Steam, VLC, and TeamViewer.

Check everything you're interested in cleaning and hit Analyze to see how much space your action will save. If you're satisfied, click Run Cleaner.

The Registry Cleaner

This section is simple: you don't need to use Registry cleaners. While orphaned entries and other minor problems do occur in the Registry over time, there is no good evidence that cleaning the Registry will speed up your computer. In fact, if a Registry cleaner is too zealous, it can actually cause more problems than it solves.

While most people regard CCleaner's Registry cleaner as better than other random ones online, you still don't need to use it. Microsoft's official statement on Registry cleaners recommends staying away from them; don't even bother with this feature of CCleaner.

CCleaner Tools

Rounding out CCleaner's feature set is the Tools tab. Here you'll find several additional utilities of varying usefulness.

The Uninstall tab duplicates the methods for uninstalling provided in Windows, though it does make it easy to save all your installed programs to a text file. Software Updater is another panel for accessing the function mentioned above.

On Startup you can manage your startup items, though it doesn't recommend disabling specific entries like Health Check does. The highlight here is Context Menu, which lets you disable entries from the right-click menu in File Explorer.

Browser Plugins lets you manage extensions in each browser, which is something you can do in your browser already. Disk Analyzer is a basic tool to show where your computer's space is being used, while Duplicate Finder does just what it says.

System Restore simply lets you erase System Restore points. While this is potentially useful for reclaiming space, it's better to just let Windows handle them. And finally, Drive Wiper gives you options to fully erase everything on any drive connected to your PC.

Issues With CCleaner in 2020

After a look around, and a statement from CCleaner's general manager about the company taking cybercrime seriously, we don't have any serious objections to CCleaner's behavior in the latest release. However, there are a few annoyances worth mentioning.

First, when we installed CCleaner's free version, it prompted us to also install AVG Antivirus. While not a malicious program, it's unsavory to have software foisted on you like this. This is especially odd to see since a lot of free software has stopped offering bundled crapware in recent years.

In fact, Microsoft now categorizes CCleaner as a PUA (Potentially Unwanted Application) because of this behavior. Microsoft says that bundling software from other companies "can result in unexpected software activity that can negatively impact user experiences."

While the software updater is one of the best features of CCleaner Professional, it isn't perfect. Because it's not fully automated, you have to click Next in a bunch of dialog boxes to install updates. Also, when we ran the software updater, it worked on WireShark, but upon trying to update Speccy (another product by Piriform) Windows Security blocked CCleaner's action.

The Smart Cleaning feature in CCleaner Professional cleans up files for you at a certain threshold. While convenient, this feature by default also displays a popup box when you close any browser, offering to automatically clean its data. This goes away when you choose an action for the browser at Options > Smart Cleaning, but it's still annoying to see from premium software.

CCleaner Free vs. Professional

We had access to the Professional version of CCleaner for testing, and compared it to the free edition installed on another PC. CCleaner Professional usually costs $24.95 and unlocks several of the features mentioned above.

You need Pro for the following:

  • Disabling startup programs and using the auto-app updater in Health Check
  • Using the Software Updater tool
  • Running CCleaner on a schedule
  • Changing Smart Cleaning options, including automatic browser cleaning
  • Changing what users CCleaner manages
  • Automatically applying product updates
  • Unchecking the Show offers for our other products option in Privacy

In summary, CCleaner Pro's two biggest draws are automated cleaning and software updating. But do you need those?

Is CCleaner Worth Using?

Aside from the privacy and security issues, most of what we said about CCleaner in 2018 (in the article mentioned earlier) still stands. The only all-new feature, Health Check, is just a more convenient way to clean up data you can select manually in Custom Clean.

To be fair, there is some use to CCleaner. For instance, if you use multiple browsers, it's convenient to remove temporary files from all of them at once. And the Drive Wiper and Software Updater (if you pay for Pro) are useful.

However, you can access a lot of CCleaner's features in other utilities and software. Many of these are free and often do a better job than CCleaner.

For example, Windows's Disk Cleanup handles a lot of what CCleaner's cleaning tools do. TreeSize is a much better disk analyzer and Patch My PC is better at updating software. And some CCleaner tools, like Uninstall and Startup, just duplicate Windows functionality and are thus of little use.

So whether you should use CCleaner depends on your needs. If you rarely run low on disk space, only use one browser, and don't mind updating software manually, then there's really no need for you to use it. You can use Windows cleaning options and other third-party tools that do a better job at tasks like finding duplicate files.

In short: CCleaner isn't worthless, but most users probably don't need it. We don't plan to keep it on our system after this review.

Keep Your PC Clean

We've evaluated CCleaner for use in 2020, but keep in mind it's far from the only tool for PC cleanup. If you insist on using an all-in-one utility, BleachBit is a solid alternative that's completely free.

Otherwise, follow our step-by-step guide to cleaning Windows 10 and you should have no problem keeping your PC free of unnecessary files.

Image Credit: focal point/Shutterstock

The 7 Best Smart TVs in 2021

Although most TVs are now Smart TVs, some are better than others. We've found the best Smart TVs to get you started.

Read Next

ShareTweetEmail

About The Author
Ben Stegner (1785 Articles Published)

Ben is a Deputy Editor and the Onboarding Manager at MakeUseOf. He left his IT job to write full-time in 2016 and has never looked back. He's been covering tech tutorials, video game recommendations, and more as a professional writer for over seven years.

More From Ben Stegner

Subscribe to our newsletter

Join our newsletter for tech tips, reviews, free ebooks, and exclusive deals!

Click here to subscribe

Источник: https://www.makeuseof.com/tag/time-trust-ccleaner/

5 Replies to “Privazer vs bleachbit - Activators Patch”

  1. Are you saying that charging 27-75$ for a 5000$ electronic transfer is "too good to be true"? I've personally used all 3 services mentioned in the video and never had any issues.

  2. Got Chase Freedom with 0 credit history... 2 months after I opened checking account with Chase....

Leave a Reply

Your email address will not be published. Required fields are marked *