NoGoolag
4.79K subscribers
23K photos
13.2K videos
852 files
22.3K links
Live free!

📡 @NoGoolag

FAQ:
http://t.me/NoGoolag/169

★Group:
https://t.me/joinchat/nMOOE4YJPDFhZjZk

📡 @Libreware

📚 @SaveAlexandria

📡 @BallMemes

FORWARDS ARE NOT ENDORSEMENTS

💯 % satire OSRET
Download Telegram
Media is too big
VIEW IN TELEGRAM
You can hack anything - you just shouldn't get caught - #OpSec for data travellers

In this introductory talk we give an overview of the #risks of the #hacking #hobby: doors that are broken in, house searches and high legal fees obscure the enjoyment of free hacking.

Here it is worthwhile for the #hacking offspring to learn from the mistakes of others. We give classic examples of mistakes in #operational #security so that you don't have to make them.

📺 🇬🇧 🇫🇷 🇩🇪
https://media.ccc.de/v/35c3-9716-du_kannst_alles_hacken_du_darfst_dich_nur_nicht_erwischen_lassen

#video #CCC #Linus
📡@cRyPtHoN_INFOSEC_DE
📡
@cRyPtHoN_INFOSEC_EN
📡
@BlackBox_Archiv
avoidthehack@mastodon.social What data are you exposing to the web?

Fingerprinting uses many different methods to pull unique characteristics about your device/browser - especially since browsers tend to be "leaky."

So, what is your device/browser sharing? This page gives you an idea. + some extras services

Privacy Tools
URL Cleaner
Password Tools
Autofill Check
Personaldata.info Searx instance
Personaldata.info Whoogle instance
Tracking Company Finder Bookmarklet

https://personaldata.info/

#privacy #privacymatters #opsec #browser #fingerprinting
Forwarded from Fury Road Intel
#OPSEC #Cybersecurity

So ive been doing a little research that was kicked off by listening to this 🔽 podcast posted in other channels.

https://t.me/FuryRoad_Intel/38724


https://podcast.app/anonymous-mobile-devices-e140593630/

From journalist:

It seems there is a way, albeit slightly convoluted to get an anonymous phone and messaging services. It requires a google phone bought with cash, swapped to grapheneOS, a prepaid cellular data plan and then getting a VOIP service. Im still fuzzy on the detail exactly, but using VOIP means that the number isnt tied to you and you never actually use the number that is tied to the sim card. If a cell towers sees the phone, it doesnt know who the phone belongs to. Then you would use signal for messaging also. Again if the communications were intercepted, they wouldnt know who the device belonged to. Could they figure it out? probably, but it requires more man hours and leg work. GrapheneOS doesnt call back home like android and apple do.

I listened to a podcast from the same guy from above and it was about how they caught people from Jan 6th. A lot of it was pretty common sense shit, like social media posts, facebook and google handing over all the data they have on a person or phone number. One guy they caught in part because of a news interview he gave in 2012 which gave them a very close name match and a voice match and tattoo match to a person they were looking for. Its crazy, no matter how innocuous you think something is it can be used against you a decade later.
SignalGate Is Driving the Most US Downloads of Signal Ever | WIRED

Since the news broke on Monday that senior Trump administration cabinet members accidentally included the editor in chief of The Atlantic in a group chat on the Signal encrypted messaging platform where the officials were making secret plans to bomb Yemen, the ensuing news cycle and the constant mentions of Signal have led to the encrypted messaging platform doubling its usual rate of new downloads, the nonprofit organization that runs Signal tells WIRED.

Reminders :
How CIA created Signal app
Signal was funded by #glowies all along https://kitklarenberg.substack.com/p/signal-facing-collapse-after-cia

Sidenote on the so called "SignalGate":
If this was a genuine accident, it means the US is run by low IQ, emoji-using men-children who are as basic in their understanding of the world as they are incompetent with opsec..

#SignalGate #Signal #Opsec
Forwarded from 0•Bytes•1
Enjoy your tea, Hatters🎩

Today I want to share an interesting project with you: Ermine OS 🗻🦦. It’s a private live system based on Debian, created specifically for secure crypto operations 💲 and anonymous web browsing (for example, visiting forums)🌐.

Here is the repository: https://github.com/ermiusio/ermine_os

In addition to the system itself, the author has written a fairly long article that provides a detailed analysis of popular privacy-focused live distributions.

I particularly liked the breakdown of Tails OS🧅.
It explains the inner workings of the system "related to privacy"⚙️

For example, at the level of systemd services, scripts, and iptables, it shows how the killswitch works. It also covers issues with video memory (yes, this was a known problem, but I hadn't seen a breakdown of it in other reviews before). It even explains why Persistent Storage partially undermines the Tails concept itself and analyzes how application protection is implemented via AppArmor. It's a shame the author didn't go even deeper (for example, looking for backdoors in the source code), but overall, I hadn't seen such a high-quality review in Russian available publicly before.

The article also covers other "private live" systems like Whonix Live, Heads, Kicksecure Live, and so on.

And now about Ermine OS 🦦 itself:
The system runs entirely from a USB drive and writes almost nothing to the disk. All traffic goes exclusively through Tor with a kill-switch (if Tor were to suddenly fail, the network simply shuts down). There is an automatic MAC address and hostname changer. Among the applications, it includes Tor Browser with the author's own Fingerprint Spoofer plugin, a separate browser for I2P🚦, a separate i2pd with a GUI using zenity, and Cake Wallet.

Regarding security: it has custom AppArmor policies for all programs🔒, kernel hardening via sysctl, protection against cold-boot attacks using sdmem, and a completely disabled swap.

Additionally, the author has created an experimental option - RAM-mode which can be selected at boot. In this mode, the system continues to work even after the USB stick is removed, staying entirely within RAM.

The author has also prepared a detailed step-by-step guide on how to build your own live system in the second part of the article, plus they tested the killswitch and other important features.

The project looks quite interesting. Yes, it is still a bit rough around the edges, but as an article with a working example of a private live system, it is already excellent material.
It will be especially useful for beginners who want to build their own distribution for privacy purposes 🧩. There aren't many projects like this with decent articles and guides.

Of course, Heads also has documentation, but it's from 2017 and lacks such an in-depth comparison with other systems.

In general, big thanks to the author
☝️ I don't understand why the repository is still so niche; in my opinion, it deserves much more attention. Alas, the article is written in Russian, and the author did not provide a translation. But I have translated it into English for them; enjoy it🌟

P.S. I only translated the md, the images are not included, but you can view the original tests and images in the github.

I hope you find it useful too ❤️

#anonymous_networks #crypto_protection #browsers #OPSEC #linux #i2p #privacy #tools #tor
Forwarded from 0•Bytes•1
README_en.pdf
1.3 MB
Аrticle about private live Linux from the repository ermine_os translated into English

#anonymous_networks #OPSEC #linux #i2p #privacy #tools