Hack Liberty Privacy and Security Resources

A collection of privacy and security resources

Guides

  • Anonymous Planet - a community contributed online guide to anonymity written for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed, censored, harassed anywhere
  • Privacy Guides - a non-profit, socially motivated website that provides information for protecting your data security and privacy
  • Extreme Privacy 4th Edition - Michael Bazzell has helped hundreds of celebrities, billionaires, and everyday citizens disappear completely from public view.
  • Anonymous Land - a community dedicated to providing anonymity enhancing guides and services
  • No Trace Project - no trace, no case. a collection of tools to help anarchists and other rebels understand the capabilities of their enemies, undermine surveillance efforts, and ultimately act without getting caught
  • Qubes OS for Anarchists [Tor] - Qubes OS is a security-oriented operating system (OS), which means it is an operating system designed from the ground up to be more difficult to hack. Given that anarchists are regularly targeted for hacking in repressive investigations, Qubes OS is an excellent choice
  • GrapheneOS for Anarchists - [Tor] - anarchists should not have phones. if you must use a phone, make it as difficult as possible for an adversary to geotrack it, intercept its messages, or hack it. this means using grapheneos
  • Tails for Anarchists [Tor] - tails is an operating system that makes anonymous computer use accessible to everyone. tails is designed to leave no trace of your activity on your computer unless you explicitly configure it to save specific data
  • Tails Opsec for Anarchists [Tor] - additional precautions you can take that are relevant to an anarchist threat model - operational security for tails
  • Make Your Electronics Tamper-Evident [Tor] - if the police ever have physical access to an electronic device like a laptop, even for five minutes, they can install hardware keyloggers, create images of the storage media, or otherwise trivially compromise it at the hardware, firmware, or software level. one way to minimize this risk is to make it tamper-evident
  • Encrypted Messaging for Anarchists [Tor] - This article provides an overview and installation instructions for Tails, Qubes OS, and GrapheneOS encrypted messengers
  • The Cop in Your Pocket: Your Phone’s Location is tracked at ALL times [Tor] - your phone’s location is tracked at all times, and this data is harvested by private companies, allowing police to bypass laws requiring them to obtain a warrant
  • Remove Identifying Metadata From Files [Tor] - metadata is ‘data about data’ or ‘information about information’. in the context of files, this can mean information that is automatically embedded in the file, and this information can be used to deanonymize you
  • Defending against Stylometric attacks [Tor] - stylometric fingerprinting analyzes unique writing style (i.e., it uses stylometry) to identify the author of a work. it’s one of the most common techniques for de-anonymization, used by adversaries ranging from trolls to law enforcement
  • Prism Break - opt out of global data surveillance programs like prism, xkeyscore and tempora.
  • The New Oil [Tor] - the beginner’s guide to data privacy & cybersecurity
  • Techlore - a small team educating people about digital rights, privacy, security, digital control, and other important topics to push the world towards a safer internet
  • Into the Crypt - the art of anti-forensics
  • Advanced Privacy and Anonymity Using VMs, VPN’s, Tor - a series of guides that explains how to obtain vastly greater freedom, privacy and anonymity through compartmentalization and isolation through nested chains of VPNs and Tor
  • How to create anonymous Telegram and Signal accounts without a phone - a guide for using Whonix & Anbox to create anonymous mobile accounts without a phone
  • Security Tips & Devices for Digital Nomads - various tools and gadgets for OpSec, written with a preference for practical usability
  • Telegram Security Best Practices - quick tips that will help you sleep better at night when using Telegram
  • EFF Surveillance Self-Defense: The Basics - surveillance self-defense is a digital security guide that teaches you how to assess your personal risk from online spying. it can help protect you from surveillance by those who might want to find out your secrets, from petty criminals to nation states
  • EFF Surveillance Self-Defense: Tool Guides - step-by-step tutorials to help you install and use handy privacy and security tools

Android

Secure Messengers

Desktop

Tor and VPNs

General

Fingerprinting Articles


Fingerprinting Tests

  • TorZillaPrint - comprehensive, all-in-one, fingerprinting test suite
  • No-JS fingerprinting - demonstration of how fingerprinting can occur even in the absence of JavaScript
  • CSS Fingerprint - exploiting CSS to collect various characteristics about the visitor
  • CreepJS - creepy device and browser fingerprinting
  • Kloak - Kloak is a Keystroke Anonymization Tool
  • AudioContext Fingerprint - tests browser-fingerprinting using the AudioContext and Canvas API
  • Available Fonts - gets available fonts on browser without flash
  • Browser Fingerprinting - analysis of Bot Protection systems with available countermeasures
  • BrowserLeaks - a gallery of web technologies security testing tools
  • Canvas Test - checks if the addon CanvasBlocker can be detected by websites
  • CSS Exfil Vulnerability Tester - test to see if your browser is vulnerable to Cascading Style Sheets (CSS) data leakage
  • Device Info - a web browser security testing, privacy testing, and troubleshooting tool
  • DNS Cookie Demonstration - uses DNS caches as a side-channel to identify related network flows
  • EFF: Cover Your Tracks - understand how easy it is to identify and track your browser based on how it appears to websites
  • Epic Tracker - fingerprinting demo with some automated lookups using modern Javascript APIs
  • Extension Fingerprints - detecting Chrome extensions by fetching web accessible resources
  • Firefox Addon Detector - tracking 400+ firefox addons through chrome:// URI trickery!
  • Iphey - Browser Fingerprinter
  • Mouse Wheel Tracking Test - fingerprint based on tracking your mouse’s wheel
  • Nothing Private - proof of concept to show any website can identify and track you
  • PicassAuth - canvas fingerprinting
  • Pixelscan - basically a bot check
  • Privacy Check - this website aims to focus on each fingerprinting technique in detail
  • scheme flooding - this vulnerability uses information about installed apps on your computer to assign you a permanent unique identifier even if you switch browsers, use incognito mode, or use a VPN.
  • SuperCookie - uses favicons to assign a unique identifier to website visitors. this ID can be stored almost persistently and cannot be easily cleared by the user
  • Webgl Fingerprinting - uses different techniques to recognize whether a browser extension is spoofing the webgl fingerprint
  • Zardaxt.py - TCP/IP fingerprinting for VPN and Proxy Detection

Surveillance Technology

  • Ears and Eyes - searchable database of cases of physical surveillance devices (microphones, cameras, location trackers) hidden by law enforcement and intelligence agencies to surveil people or groups engaged in subversive activities
  • Bugged Planet - a wiki about signals intelligence (SIGINT), communication intelligence (COMINT), tactical and strategical measures used to intercept communications and the vendors and governmental and private operators of this technology
  • Harris: Wide Area Airborne Motion Imagery - wide-area motion imagery offers persistent, real-time surveillance for enhanced situation awareness through an intelligent, airborne sensor system
  • CRI LodeStar Wide Area Motion Imagery (WAMI) - a demonstration of cri lodestar wide area motion imagery (wami) system
  • Harris: Airborne Augmented Reality - video with augmented reality overlays enhances situation awareness for teams in the field, analysts and decision makers. overlays poi features, building names, and road names
  • Harris: Locate GPS Jamming - harris signal sentry 1000 is a gps interference detection and geolocation solution. it provides a web-based visualization tool to support timely and effective actionable intelligence.
  • Harris: Material Identification - harris material identification technology enables remote sensing systems to detect, identify and geolocate the presence of solid materials and gasses – on earth and in the atmosphere
  • Elbit Systems / SPECTRO XR - spectro xr integrates a wide range of digital imaging, high-definition optical sensors and advanced lasers, providing simultaneous multi-spectral observation capabilities and enabling ultra-long-range detection.
  • Police thermal imaging finds cannabis factory - It was a case of being caught red handed when the West Midlands Police helicopter found this cannabis factory using its thermal imaging camera
  • The Stingray: How Law Enforcement Can Track Your Every Move - a “cell site simulator” initially developed for military use, Stingrays have made their way into local police and sheriff’s departments around the country
  • How Police Cameras Recognize and Track You - wired spoke with several experts about the explosion of surveillance technology, how police use it, and what the dangers might be. as tech advances, street cameras can now employ facial recognition and even connect to the internet. what does this mean for the future of privacy?
  • How China’s Surveillance Is Growing More Invasive - analysis of over 100,000 government bidding documents found that China’s ambition to collect digital and biological data from its citizens is more expansive and invasive than previously known
  • Homeland Security Uses AI Tool to Analyze Social Media of U.S. Citizens and Refugees - babel x may provide to analysts a target’s name, date of birth, address, usernames, email address, phone number, social media content, images, IP address, Social Security number, driver’s license number, employment history, and location data based on geolocation tags and also cell phone gps tracking
2 Likes