The Digital First Aid Kit!

The Digital First Aid Kit is a free resource to help rapid responders, digital security trainers, and tech-savvy activists to better protect themselves and the communities they support against the most common types of digital emergencies. It can also be used by activists, human rights defenders, bloggers, journalists or media activists who want to learn more about how they can protect themselves and support others. If you or someone you are assisting is experiencing a digital emergency, the Digital First Aid Kit will guide you in diagnosing the issues you are facing, and refer you to support providers for further help if needed.

👀 👉🏼 https://digitalfirstaid.org/en/index.html

👀 👉🏼 Digital Security Helpline
https://www.accessnow.org/help/

#data #digital #firstaid #security #help #toolkit #guide #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Locking down Signal

Concerned about the privacy and security of your communications? Follow our guide to locking down Signal.

The encrypted messaging app, Signal, is quickly becoming a newsroom staple for communicating with sources, accepting tips, talking to colleagues, and for regular old voice calls and messages. While it’s a practical tool for anyone concerned with the security and privacy of their conversations, people working in newsrooms are particularly interesting targets, and should benefit from locking down Signal.

💡 (If you’re not yet using it, learn how to get started here.)

Signal makes it easy to have a secure conversation without thinking about it. On its face, it looks and feels identical to your default text messaging app, but security experts so often recommend it because of what it does in the background.

First, Signal offers end-to-end encryption, meaning only conversational participants can read the messages. While regular phone calls or text messages allow your phone company to unscramble your conversations, even the team behind Signal can’t listen to them. You don’t need to take their word for it. Signal is open source, meaning the code is available for anyone to review. This also makes security audits simpler for independent specialists, who have torn apart the code and published findings that everything works as intended. Finally, Signal retains nearly no metadata — information about who spoke to whom, and when. (The developers proved as much in court.)

These are some of the advantages you want in an encrypted messaging app.

Because newsrooms can attract a lot of attention, journalists who already use Signal should consider hardening it against physical access, as well as unwanted remote access and network-based eavesdropping. So let’s talk about how.

👀 👉🏼 https://freedom.press/training/locking-down-signal/

#signal #encrypted #messaging #app #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Step-by-step guides and detailed information on secure messaging apps for Android, iOS, Windows, Mac and Linux.

💡 Apps are listed in order of:

✅✅ = "Highly Recommended"
✅ = "Worth a Try"
❌= "Not Recommended"

👀 👉🏼 https://securechatguide.org/centralizedapps.html

#secure #chat #messaging #apps #android #iOS #windows #mac #linux #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Protect your information from physical threats

💡 👉🏼 Table of Contents 👈🏼

👀 👉🏼 What you can learn from this guide

👀 👉🏼 Assessing your risks

👀 👉🏼 Creating your physical security policy

👀 👉🏼 Protecting your information from physical intruders

👀 👉🏼 Software and settings related to physical security

👀 👉🏼 Maintaining a healthy environment for your equipment

👀 👉🏼 Further reading

💡 👀 👉🏼 https://securityinabox.org/en/guide/physical/

#security #physical #information #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How to Secure Anything

Security engineering is the discipline of building secure systems.

Its lessons are not just applicable to computer security. In fact, in this repo, I aim to document a process for securing anything, whether it's a medieval castle, an art museum, or a computer network.

💡What is security engineering?

Security engineering isn't about adding a bunch of controls to something.

It's about coming up with security properties you'd like a system to have, choosing mechanisms that enforce these properties, and assuring yourself that your security properties hold.

👀 👉🏼 https://github.com/veeral-patel/how-to-secure-anything

#howto #guide #security #secure #anything
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How to use Whonix | TOR Tutorial Part 2

Whonix is the safest way to be online and surf the web. Learn how to be anonymous and private with Tor Tutorial Part 2.

📹 Watch it via:
YouTube || Invidious || BitChute

• Part 1 of TOR series: HERE

• Download Whonix: HERE

📡 @howtobeprivateonline
#TOR #Guide #Privacy #OS

How to compile Windows Server 2003 - and compile Windows XP, (part 1)

From source code to ISO. Sit back, relax, and witness the miracle of creating a new build of Windows :)
Just to be clear from the start: As of now, there is NO way to completely compile Windows from the Source code, as it lacks some stuff... However, this is pretty close.

👀 👉🏼 https://nitter.net/NTDEV_/

https://invidious.snopyta.org/watch?v=bO0daYbti5g

👀 👉🏼 Compiling Windows XP, part 1
https://invidious.snopyta.org/watch?v=8IyW-bwGQTQ

#windows #compiling #sourcecode #leak #video #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Awful AI

Awful AI is a curated list to track current scary usages of AI - hoping to raise awareness to its misuses in society

Artificial intelligence in its current state is unfair, easily susceptible to attacks and notoriously difficult to control. Often, AI systems and predictions amplify existing systematic biases even when the data is balanced. Nevertheless, more and more concerning the uses of AI technology are appearing in the wild. This list aims to track all of them. We hope that Awful AI can be a platform to spur discussion for the development of possible preventive technology (to fight back!).

➡️ Discrimination

➡️ Influencing, disinformation, and fakes

➡️ Surveillance

➡️ Social credit systems

➡️ Misleading platforms, and scams

➡️ Autonomous weapon systems and military

➡️ Awful research

👀 👉🏼 https://github.com/daviddao/awful-ai

#awful #ai #answers #guide #tool #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

All the ways your Phone tracks your location.

Your phone (Android or iPhone) is tracking your location even if you disable Location Services, turn on airplane mode, and disable Bluetooth. Learn how to stop it once and for all.

📹 Watch it via:
YouTube || Invidious

📡 @howtobeprivateonline
#Surveillance #Location #Privacy #Guide

How to use Tor on your phone

In this anonymity tutorial, you'll learn how to use Tor on your phone - both Tor Browser and Orbot on Android, and Onion Browser on iOS.

📹 Watch it via:
YouTube || Invidious

🌐 Get TOR for:
• Android via: Website || F-Droid || Play Store
• iOS via: Apple Store

📡 @howtobeprivateonline
#TOR #Privacy #Guide #Browser #VPN

Forensic guide to iMessage, WhatsApp, Telegram, Signal and Skype data acquisition

Instant messaging apps have become the de-facto standard of real-time, text-based communications. The acquisition of instant messaging chats and communication histories can be extremely important for an investigation. In this article, we compare the five top instant messaging apps for iOS in the context of their forensic analysis.

Acquisition and Extraction
Speaking of iOS, there are several methods to acquiring communications going through an instant messaging app. The MITM (man-in-the-middle) attack is practically out of the question for most modern instant messaging apps; if there are exceptions, we aren’t aware of those. Even on Android devices, a MITM attack would require installing a third-party SSL certificate, and even that may not work for some instant messengers.

The ability to obtain communication histories from the vendor is a great tool in the hands of the law enforcement. The policies of different vendors vary greatly from near-instant full disclosure to flat non-disclosure with stops in between. We’ll discuss it in detail for each of the messaging apps.

Cloud extraction may be possible from several sources, which include iCloud synchronized data (including end-to-end encrypted data), iCloud backups and stand-alone backups in iCloud Drive. It’s up to the vendor to decide where and how to store the data; more on that later.

Finally, the data can be extracted from the iPhone device itself. For some messaging apps, logical extraction via iTunes-style backups is enough, while some other messengers don’t store anything in local backups. Imaging the file system (and, in some cases, decrypting the keychain) is always enough to gain full access to conversation histories.

So let us see the different extraction options available for the five top instant messaging apps for iOS.

https://blog.elcomsoft.com/2020/04/forensic-guide-to-imessage-whatsapp-telegram-signal-and-skype-data-acquisition/

#forensic #guide #imessage #whatsapp #telegram #signal #skype
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

Madaidan's Linux Hardening Guide

https://madaidans-insecurities.github.io/guides/linux-hardening.html


#madaidan #Linux #Hardening #Guide

Welcome to Go Incognito, your guide to security, privacy & anonymity in our world. From digital protection, to physical safety, Go Incognito will cover all you need to advance through your privacy journey.

Topics include FOSS, metadata, password management, permissions, two-factor authentication, search engines, browser configuration, proxies, VPNs, antiviruses, encryption, communication, Tor, operating systems, cryptocurrencies, networking, activism, and so much more.

https://techlore.tech/goincognito.html

Watch it on:

https://tube.privacytools.io/accounts/techlore/video-channels

https://techlore.tech/assets/GoIncognito.torrent

https://www.youtube.com/watch?v=Y19RFmOxfVM

Text and link sources:
https://github.com/techlore-official/go-incognito


📡 @techloreofficial
👥 @techloregroup
#guide #goincognito #privacy #anonymity #security #techlore

Setup for testing Android app vulnerabilities

In the previous article I documented my approach for reverse engineering an Android game. But getting my hands on the code is only one part of security research. Once a potential issue is identified, I need to verify that it is actually exploitable. So there is no way around messing with an actual live app. Ideally that has to happen in a controlled environment with emulated hardware. As before, this is mostly me writing things down for my future self, but it might come useful for other people as well.

💡 Contents

✅ Choosing a virtualization approach

✅ Setting up Android SDK

✅ Minimal proof of concept Android app

✅ Adding debugging output to the target application

https://palant.info/2021/02/22/setup-for-testing-android-app-vulnerabilities/

#setup #testing #android #app #vulnerabilities #guide
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

How to turn off the ANDROID TRACKING SERVICES [ROOT required]

Let's start:

👉🏼 Download Termux from Google Playstore and install and open it.

Install Packages:

pkg install aapt jq tsu curl -y

( Asks for root privileges, allow this ❗️👇🏽)

cd /data/data/com.termux/files/usr/bin
cp -R aapt /system/xbin/aapt
cp -R jq /system/xbin/jq
cp  -R curl /system/xbin/curl
chmod +x /system/xbin/aapt
chmod +x /system/xbin/jq
chmod +x /system/xbin/curl

👉🏼 Download the script from here:
https://drive.google.com/drive/folders/1_G6-M8ToF0PsjY0HIrZIAVrTHT6nbptE

💡 (Please always use the latest version)

👉🏼 Unpack to 👉🏼 /sdcard and then enter the following command...:

termux-setup-storage (grant permission)

👉🏼 Then enter:

 cd /sdcard

(with root) 👇🏽

tsu

bash DisableTrackers.sh sys (Add ❗️)

After that, just reboot your device and the job is done.

#root #android #tracking #services #guide
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag

Broken-Phone-Recovery

A #guide how to #backup data from your locked android #phone if you broke your #screen (and more)

https://github.com/v1nc/Broken-Phone-Recovery

Anatomy of a Linux DNS Lookup – Part I – zwischenzugs – https://zwischenzugs.com/2018/06/08/anatomy-of-a-linux-dns-lookup-part-i/

Since i work a lot with clusteredVMs, I’ve ended up spending a lot of time trying to figure out how #DNS lookups work. I applied ‘fixes’ to my problems from StackOverflow without really understanding why they work (or don’t work) for some time.

Eventually I got fed up with this and decided to figure out how it all hangs together. I couldn’t find a complete guide for this anywhere online, and talking to colleagues they didn’t know of any (or really what happens in detail)

So I’m writing the #guide myself.

The Hitchhiker’s Guide to Online Anonymity

💡 TLDR: This is an open-source non-profit detailed and maintained guide on online anonymity (in addition to Privacy/Security). I've been writing/updating it for the past months. It covers Windows/Linux/MacOS/Whonix/TAILS/Qubes OS and more. It's written with hope for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed/censored anywhere!

The whole guide is backed up by many external references (over 500 external references, many of them academic) and is not sponsored by any commercial entity.

The guide is presented in a "book format" (Online ,or PDF with Light and Dark themes) and is quite a long read with over 180 pages of information (not counting the many 500+ external references). But there are ways you can read some parts and not others depending on your interest (and this is also explained in the introduction).

* Project Website: https://anonymousplanet.org
* Mirror: https://mirror.anonymousplanet.org
* Mirror: https://anonymousplanet.github.io/thgtoa/guide.html
* Tor Mirror: http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion


💡 Online Guide:

* Online Version (Dark Theme): https://anonymousplanet.org/guide.html
* Online Version Mirror (Dark Theme): https://mirror.anonymousplanet.org/guide.html
* Online Version Tor Mirror (Dark Theme): http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion/guide.html

💡 PDFs:

* PDF (Light Theme): https://anonymousplanet.org/guide.pdf
* PDF (Light Theme Mirror): https://mirror.anonymousplanet.org/guide.pdf
* PDF (Light Theme Tor Mirror): http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion/guide.pdf
* PDF (Dark Theme): https://anonymousplanet.org/guide-dark.pdf
* PDF (Dark Theme Mirror): https://mirror.anonymousplanet.org/guide-dark.pdf
* PDF (Dark Theme Tor Mirror): http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion/guide-dark.pdf

💡 Changelog:

* https://anonymousplanet.org/CHANGELOG.html
* https://mirror.anonymousplanet.org/CHANGELOG.html
* http://thgtoa7imksbg7rit4grgijl2ef6kc7b56bp56pmtta4g354lydlzkqd.onion/CHANGELOG.html

💡 Archives:

* Archive.org: https://web.archive.org/web/https://anonymousplanet.org/guide.html
* Archive.today: https://archive.fo/anonymousplanet.org/guide.html
* Archive.today over Tor: http://archivecaslytosk.onion/anonymousplanet.org/guide.html
* Cryptpad.fr: https://cryptpad.fr/drive/#/2/drive/view/Ughm9CjQJCwB8BIppdtvj5zy4PyE-8Gxn11x9zaqJLI/

Feel free to share and contribute through the repository at https://github.com/AnonymousPlanet/thgtoa

👉🏼 Follow me on:
* Mastodon: https://mastodon.online/@anonypla

Any constructive opinion/idea/criticism is welcome if you spot any issue. Many changes have been done based based on suggestions from redditors. Don't be too harsh tho. Remember it's still a "work in progress" draft.


📡 @NoGoolag 📡 @Libreware
#guide #anonymity #privacy #anonymousplanet

#Grow or Die: The Good #Guide to #Survival #Gardening

https://libgen.rs/book/index.php?md5=8288B0B474103D622152C9FD47F6C3D3
http://library.lol/main/8288B0B474103D622152C9FD47F6C3D3

written by David The Good https://www.youtube.com/channel/UC208478ECji1rdkDDbB0vHQ

Survival Gardening With David The Good - Ice Age Farmer Broadcast:
part 1 https://www.bitchute.com/video/5Caul0mPLNUu/
part 2 https://www.bitchute.com/video/nrGmjzf7cHuL/

#Android Smartphone #Hardening non-root #Guide 4.0
By @TheAnonymouseJoker

https://lemmy.ml/post/128667