Previous Page
Shifting To An Anonymous Persona Setup
In this tutorial we're going to look at how you can move from a public persona to an anonymous one online along with the process behind it.
In this tutorial we're going to look at how you can move from a public persona to an anonymous one online along with the process behind it.
Let's first assume that you have a public internet presence online, you have a domain name registered to your name, and you host some services online.
Let's also assume that you have followed the previous tutorials, meaning you now have whonix VMs in a veracrypt hidden partition that you can deny the existance of (reminder: do NOT use SSDs, use HDDs otherwise devices that use wear-leveling can reveal the existance of a hidden partition).
So from now on your publicly you're going to PGP sign a message for everyone to see that you wish to sell the domain and all of it's subdomain services to someone else, and to message you over email/ or a chatrom for the price. The message can look as follows:
Hi all, planning to stop all of my services soon due to lack of interest / or X Y Z.
Please note that i'm ready to take offers as i'm selling the domain and all of it's underlying services to the highest bidder.
Contact me at email@example.com to discuss this offer if you're interested.
Basically here you're going to want someone anonymous to buy your services, officially. Secretely you will simply have moved to an anonymous way of operating.
Unless if you're hosting something incredible, Most likely noone will answer, but in the meantime you're going to audit your infrastructure on the following points:
-How is your domain accessed ?
-Did you register your domain under your own name ?
-Did you buy your domain using monero ?
-How are your servers accessed ?
-Did you ever not access those servers locally or through tor alone (ssh through tor)?
-Did you rent those servers under your own name ?
-Did you ever pay for those servers without using monero ?
-Do you have any services hosted at home ?
-if so, are they accessible through your public home IP ?
-if not, are they all accessible through a remote VPN gateway ?
-if not, are they all accessible through tor alone (via a .onion link) ?
-are they behind an open-source router such as pfsense ?
-Did you implement the recommended physical security measures in the previous tutorials?
-for any local home server: movement detection, usb changes, unauthorized login attempts, secret maintenance procedure ?
-for any client device (laptop/mainpc/phone):
-is the host OS of those devices open source ? (linux for pcs, grapheneOS for phone ?)
-are they all tampered protected ?
-Did you implement a secure OPSEC for your online accesses to services ?
- did you ever reuse a password on a closed-source OS ?
- did you ever reuse a password at all for an online service ?
- did you ever use your public IP, or a VPN IP to create an online email account that you've used in the past ?
- did you ever try to do any anonymous activity using that email account ?
Once you have the answer to all these questions, you're going to need to formulate a plan to move all of those services to their anonymous counterpart. Yes, sacrifices will need to be made.
-If you have any public domains, you're going to transfer it to a non-KYC domain name registrar or reseller, one that accepts monero and tor traffic, such as https://nicevps.net
-If you have any public servers, you're going to need to transfer all of your services to another server that will be bought with monero and accessed through tor alone. such as https://servers.guru
-If you have any servers at home, you're going to need to make sure that no traffic ever goes to and from your public servers without going through Tor first-hand.
-If you have any servers at home, you're going to need to make sure that they're behind an open-source router such as pfsense. (because closed-source routers cannot be trusted due to government pressures.
-If you have not implemented the required physical security measures for your client and home server devices, apply them as listed above.
-If you have ever used a password or an email with bad OPSEC as listed above, consider it burned and immediately give up using those moving forward.
-You must have an email address for public activities, and another for anonymous activities.
-You must have a master password for a keepass databse for public activities, and another for private activities, and another for anonymous activities.
Here's how your ideal infrastructure must look like, if you want to maintain anonymity online:
Once the plan is clear to you, it's time to implement it. This whole anonymization process can be disguised as a "i've sold all of my services to this anonymous guy online" scenario, while "This anonymous guy online" is secretely you, from the Whonix VMs inside of your hidden veracrypt partitions. A typical anonymization of your services would look like this:
Conversation on email / in a chatroom:
A: Hey i want to buy your services, i can pay 2 XMR
you: sure, here's my XMR address:
A:payment sent, awaiting accesses
you: ok payment recieved, here is the domain transfer code for domainexample.com: mkmkkljnnuju, i made sure it was unlocked
A: ok i've created the transfer request on nicevps.net, it will get transfered in a few days (can take 2 weeks for example). Please send me the accesses to your public servers.
you: here is SSH root access for server A, B, and C (typically the 2 dns servers, and the main public server)
A: ok i changed all of the accesses, please send me the files for the X Y Z services that you host at home. i've created a temporary user you can SSH with to copy the files in /tmp/
you: ok i just SCP'd (sent via SSH) the files in /tmp/
A: recieved, thanks.
you: Please publicly state, and PGP-sign that the domain, and all of it's servers have been bought by you, by mentionning the new name, email and the plan moving forward.
A: Domain has been successfully transfered to nicevps.net, all good thanks.
A: done, and added to the public page as an announcement, thanks.
Make sure that you save the proof of the transaction (the whole chatlog, and the monero transaction ID), and that you sign it with you PGP key just in case if an adversary asks if you still are the owner of those services.
As a result, publicly you will now state that you no longer offer any of the services you were doing previously, and that someone else took over the website and services after buying it.
While secretely onwards, these services will all be accessed, paid for and administered anonymously by you from the Whonix VMs you have inside your hidden veracrypt partition.
Until there is Nothing left.
Donate XMR: 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8
Contact: nihilist@nihilism.network (PGP)