Signed recent changes

export/guide.html

@@ -184,7 +184,7 @@
 <li><a href="#whonix-virtual-machines">Whonix Virtual Machines:</a></li>
 <li><a href="#pick-your-guest-workstation-virtual-machine">Pick your guest workstation Virtual Machine:</a></li>
 <li><a href="#linux-virtual-machine-whonix-or-linux">Linux Virtual Machine (Whonix or Linux):</a></li>
-<li><a href="#windows-10-virtual-machine">Windows 10 Virtual Machine:</a></li>
+<li><a href="#windows-1011-virtual-machine">Windows 10/11 Virtual Machine:</a></li>
 <li><a href="#android-virtual-machine">Android Virtual Machine:</a></li>
 <li><a href="#macos-virtual-machine">macOS Virtual Machine:</a></li>
 <li><a href="#keepassxc">KeepassXC:</a></li>
@@ -469,7 +469,7 @@
 <ul>
 <li><a href="#debian-11-vm">Debian 11 VM:</a></li>
 <li><a href="#ubuntu-20.0421.0421.10-vm">Ubuntu 20.04/21.04/21.10 VM:</a></li>
-<li>[Windows 10/11 VM:]</li>
+<li><a href="#windows-1011-vm">Windows 10/11 VM:</a></li>
 <li><a href="#whonix-workstation-16-vm">Whonix Workstation 16 VM:</a></li>
 </ul></li>
 <li><a href="#appendix-b1-checklist-of-things-to-verify-before-sharing-information">Appendix B1: Checklist of things to verify before sharing information:</a></li>
@@ -1532,6 +1532,7 @@
 <p>So, what is Tor Browser? Tor Browser (<a href="https://www.torproject.org/" class="uri">https://www.torproject.org/</a> <sup><a href="https://web.archive.org/web/https://www.torproject.org/">[Archive.org]</a></sup>) is a web browser like Safari/Firefox/Chrome/Edge/Brave designed with privacy and anonymity in mind.</p>
 <p>This browser is different from other browsers as it will connect to the internet through the Tor Network using Onion Routing. We first recommend that you watch this very nice introduction video by the Tor Project themselves: <a href="https://www.youtube.com/watch?v=JWII85UlzKw" class="uri">https://www.youtube.com/watch?v=JWII85UlzKw</a> <sup><a href="https://yewtu.be/watch?v=JWII85UlzKw">[Invidious]</a></sup>. After that, you should probably head over to their page to read their quick overview here: <a href="https://2019.www.torproject.org/about/overview.html.en" class="uri">https://2019.www.torproject.org/about/overview.html.en</a> <sup><a href="https://web.archive.org/web/https://2019.www.torproject.org/about/overview.html.en">[Archive.org]</a></sup>. Without going into too many technical details, Tor Browser is an easy and simple “fire and forget” solution to browse the web anonymously from pretty much any device. It is probably sufficient for most people and can be used from any computer or smartphone.</p>
 <p>Here are several ways to set it up for all main OSes.</p>
+<p><strong>Warning:</strong> You should avoid installing extensions in Tor Browser, as they can be used to fingerprint and identify you.</p>
 <h3 id="windows-linux-and-macos">Windows, Linux, and macOS:</h3>
 <p>Please see <a href="#appendix-y-installing-and-using-desktop-tor-browser">Appendix Y: Installing and using desktop Tor Browser</a>.</p>
 <h3 id="android">Android:</h3>
@@ -3978,6 +3979,8 @@
 <li><p>From the list of available applications, add KeePassXC to the list of selected applications.</p></li>
 </ul>
 <p>You are done and can now skip the rest to go to the “<a href="#creating-new-identities">Creating your anonymous online identities</a>” part.</p>
+<h3 id="tutorial-for-installing-windows-based-vms-on-qubes-os">Tutorial for installing Windows based VMs on Qubes OS:</h3>
+<p>See their tutorial here: <a href="https://github.com/Qubes-Community/Contents/blob/master/docs/os/windows/windows-tools41.md" class="uri">https://github.com/Qubes-Community/Contents/blob/master/docs/os/windows/windows-tools41.md</a> <sup><a href="https://web.archive.org/web/https://github.com/Qubes-Community/Contents/blob/master/docs/os/windows/windows-tools41.md">[Archive.org]</a></sup></p>
 <h1 id="quick-note-correlation-vs-attribution">Quick note: Correlation vs Attribution</h1>
 <p><strong>Correlation</strong> is a relationship between two or more variables or <strong><a href="https://www.digitalshadows.com/blog-and-research/cyber-attacks-the-challenge-of-attribution-and-response/">attributes</a></strong>. How are attributions determined? During digital forensic and incident response (DFIR), analysts typically look for indicators of compromise (IoCs) following events that call them to act. These indicators usually consist of IP addresses, names, databases; all of which can prescribe a certain behavioral “tag” to an individual or group. This is called attribution. A principal in statistics is that “correlation does not infer causality”. What this means is that, while you may leave certain traces on certain areas of a device or network, that only shows presence of action, i.e., not explicitly your presence. It doesn’t show who you are, it only resolves that something occurred and <em>someone</em> has done <em>something</em>.</p>
 <p>Attribution is required to prove fault or guilt, and is the prime reason why people using the Tor network to access the dark web have been compromised: they left traces that were shown to be connected to their real identities. Your IP can be — but is usually not — a large enough indicator to attribute guilt. This is shown in the infamous NotPetya cyber attacks against the U.S., which were later also released upon Ukraine. Though the White House never <em>said</em> it was Russia’s doing, they attributed the attack to Russia’s <a href="https://www.reuters.com/article/us-britain-russia-gru-factbox/what-is-russias-gru-military-intelligence-agency-idUSKCN1MF1VK">(GRU)</a> which is a direct office housing the Russian deniable warfare<a href="#fn382" class="footnote-ref" id="fnref382" role="doc-noteref"><sup>382</sup></a> cyber divisions, uncommonly referred to as “spy makers” in the intelligence community (IC).</p>
@@ -10190,6 +10193,7 @@ PDF-Redact Tools (L)
 </ul></li>
 </ul>
 <h3 id="advanced-settings">Advanced settings:</h3>
+<p>Consider <a href="https://github.com/arkenfox/user.js/">Arkenfox/user.js</a>, a heavily maintained and very easy to use browser config which uses a “user.js” to set all the privacy settings and disk avoidance values. Below we recommend that if you are not setting the Arkenfox config, at least setting the <strong>about:config</strong> values below. Arkenfox applies many others but these are the bare minimum for your protection while browsing. Remember: doing nothing and using a browser with its defaults will already be leaking many identifiable and trackable characteristics which are unique to you. See <a href="#browser-and-device-fingerprinting">Browser and Device Fingerprinting</a> for more details on why default settings in browsers are unsafe.</p>
 <p>Those settings are explained on the following resources in order of recommendation if you want more details about what each setting does:</p>
 <ol type="1">
 <li><p><a href="https://wiki.archlinux.org/title/Firefox/Privacy" class="uri">https://wiki.archlinux.org/title/Firefox/Privacy</a> <sup><a href="https://web.archive.org/web/https://wiki.archlinux.org/title/Firefox/Privacy">[Archive.org]</a></sup> <strong>(most recommended)</strong></p></li>
@@ -10311,30 +10315,29 @@ PDF-Redact Tools (L)
 <li><p>Set “privacy.trackingprotection.cryptomining.enabled” to true</p></li>
 <li><p>Set “privacy.trackingprotection.enabled” to true</p></li>
 <li><p>Set “browser.send_pings” to false</p></li>
-<li><p>Set “network.http.sendRefererHeader” to 0 (this might break plenty of websites)</p></li>
 <li><p>Set “change privacy.firstparty.isolate” to true</p></li>
+<li><p>Set “network.http.referer.XOriginPolicy” to “2” or use <strong>Smart Referer</strong> below</p></li>
 <li><p>Set “change network.cookie.lifetimePolicy” to 2 (this deletes all cookies after each session)</p></li>
-<li><p>Set “network.http.referer.XOriginPolicy” to 2 (Send Referer only when the full hostnames match)</p></li>
 </ul></li>
 </ul></li>
 </ul>
 <h3 id="addons-to-installconsider">Addons to install/consider:</h3>
 <ul>
 <li><p>uBlock Origin (<a href="https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/</a>)</p></li>
-<li><p>LocalCDN (<a href="https://addons.mozilla.org/en-US/firefox/addon/localcdn-fork-of-decentraleyes/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/localcdn-fork-of-decentraleyes/</a>)</p>
+<li><p>Smart Referer (<a href="https://addons.mozilla.org/firefox/addon/smart-referer/" class="uri">https://addons.mozilla.org/firefox/addon/smart-referer/</a>)</p>
 <ul>
-<li>Alternatively, Decentraleyes (<a href="https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/decentraleyes/</a>)</li>
+<li>Set “network.http.referer.XOriginPolicy” value of “2” to “0” (so the extension works). <strong>Disable</strong> the whitelist (uncheck the <strong>Use default whitelist</strong> box) and set <strong>Domain name matching</strong> to <strong>Strict</strong>.</li>
 </ul></li>
-<li><p>HTTPS Everywhere (<a href="https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/https-everywhere/</a>)</p></li>
 <li><p>NoScript (<a href="https://addons.mozilla.org/en-US/firefox/addon/noscript/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/noscript/</a>)</p>
 <ul>
-<li>Within the options, Change Default options to check everything except “Ping” and “Unrestricted CSS”</li>
+<li><p>Blocks <strong>all</strong> scripts by default, no exceptions. Necessary in regular browser if you want to block all script executions. Not necessary in Tor Browser.</p></li>
+<li><p>Within the options, change <strong>Default</strong> options to check everything except “ping”, “unrestricted CSS”, and “LAN”. This will re-enable JavaScript and other web features, to prevent many websites from breaking</p></li>
 </ul></li>
-<li><p>ClearURLs (<a href="https://addons.mozilla.org/en-US/firefox/addon/clearurls/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/clearurls/</a>)</p></li>
-<li><p>PrivacyBadger (<a href="https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/privacy-badger17/</a>)</p></li>
-<li><p>Temporary Containers (<a href="https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/temporary-containers/</a>)</p></li>
-<li><p>Privacy Settings (<a href="https://addons.mozilla.org/en-US/firefox/addon/privacy-settings/" class="uri">https://addons.mozilla.org/en-US/firefox/addon/privacy-settings/</a>)</p></li>
-<li><p>LibRedirect (<a href="https://libredirect.github.io/" class="uri">https://libredirect.github.io/</a>)</p></li>
+<li><p>LibRedirect (<a href="https://libredirect.github.io/" class="uri">https://libredirect.github.io/</a>)</p>
+<ul>
+<li>Redirect less privacy friendly websites like YouTube and Wikipedia to more privacy friendly open-source alternatives</li>
+</ul></li>
+<li><p>Skip Redirect (<a href="https://github.com/sblask/webextension-skip-redirect" class="uri">https://github.com/sblask/webextension-skip-redirect</a>)</p></li>
 </ul>
 <h3 id="bonus-resources">Bonus resources:</h3>
 <p>Here are also two recent guides to harden Firefox:</p>
@@ -10743,7 +10746,7 @@ PDF-Redact Tools (L)
 <li><p>Go to your download directory and run the following command (with the updated downloaded version if needed), for example: <code>sudo apt install ./Zecwallet_Lite_1.7.5_amd64.deb</code></p></li>
 <li><p>Click the upper left menu, find then launch ZecWallet Lite</p></li>
 </ul>
-<h2 id="windows-10-vm">Windows 10 VM:</h2>
+<h2 id="windows-1011-vm">Windows 10/11 VM:</h2>
 <ul>
 <li><p>Load the Windows VM</p></li>
 <li><p>Open a browser</p></li>