Welcome.
This is a maintained technical guide that aims to provide introduction to various online tracking techniques, online id verification techniques and guidance to creating and maintaining (truly) anonymous online identities including social media accounts safely and legally. No pre-requisites besides English reading are required.
This guide is an open-source non-profit initiative, licensed [Mirror] [Archive.org] under Creative Commons Attribution 4.0 International (cc-by-4.0) and is not sponsored/endorsed by any commercial/governmental entity.
The latest version is 0.8.7, See the CHANGELOG at https://anonymousplanet.org/CHANGELOG.html [Mirror]
- Latest Online HTML versions at:
- Main: https://anonymousplanet.org/guide.html [Mirror] [Archive.org] [Archive.today]
- Main over Tor via Archive.today: https://archivecaslytosk.onion/anonymousplanet.org/guide.html
The PDF files in this guide have been checked by VirusTotal and Hybrid-Analysis, see the links (Note that this guide does not endorse VirusTotal/Hybrid-Analysis at all and it should be used with extreme caution and never with any sensitive files due to their "privacy policy".)
- Latests PDF versions at:
- (Light) https://anonymousplanet.org/guide.pdf [Mirror] [Archive.org] [VirusTotal] [Hybrid-Analysis]
- (Dark) https://anonymousplanet.org/guide-dark.pdf [Mirror] [Archive.org] [VirusTotal] [Hybrid-Analysis]
- All latest PDFs are also available on CryptPad at https://cryptpad.fr/drive/#/2/drive/view/Ughm9CjQJCwB8BIppdtvj5zy4PyE-8Gxn11x9zaqJLI/
In addition, you can always double check them using PDFID which you can download at https://blog.didierstevens.com/programs/pdf-tools/
- Install latest 3.9.x version of Python, Download PDFID and run:
python pdfid.py file-to-check.pdf
And you should see these at 0:
/JS 0 #This indicates the presence of Javascript
/JavaScript 0 #This indicates the presence of Javascript
/AA 0 #This indicates the presence of automatic action on opening
/OpenAction 0 #This indicates the presence of automatic action on opening
/AcroForm 0 #This indicates the presence of AcroForm which could contain JavaScript
/JBIG2Decode 0 #This indicates the PDF uses JBIG2 compression which could be used for obfuscating malicious content
/RichMedia 0 #This indicates the presence rich media within the PDF such as Flash
/Launch 0 #This counts the launch actions
/EmbeddedFile 0 #This indicates there are embedded files within the PDF
/XFA 0 #This indicates the presence of XML Forms within the PDF
SHA256 Checksums of all the PDFs are available within https://anonymousplanet.org/sha256sum.txt [Mirror] SHA256 Checksums of the release files are available within the checksum file at https://github.com/AnonymousPlanet/thgtoa/releases/latest
To check the SHA256 Checksums please do the following:
Windows:
- From a command prompt, run
certutil -hashfile filename.txt sha256
- Compare the result with the hash in the checksum files. ^ MacOS:
- From a terminal, run
shasum -a 256 /full/path/to/your/file
- Compare the result with the hash in the checksum files.
Linux:
- From a terminal,
run sha256sum /full/path/to/your/file
- Compare the result with the hash in the checksum files.
All commits and releases on this repository are signed and verified using the same key. Check for the "Verified" tags.
PDFs, Images and release files are also signed separately using GPG (see the .asc files on the release page and within the repository).
If you don't know how to verify files with GGP signatures, you should first install gpg on your system:
- Windows: Install gpg4win from https://www.gpg4win.org/download.html
- MacOS: Install GPG Tools from https://gpgtools.org/
- Linux: gpg should be installed by default
Import the GPG key using the following command from a command prompt or terminal:
gpg --auto-key-locate nodefault,wkd --locate-keys 0xEB16B6AB4AB7BA61F33E2DFD0051E9A589DAB601
If it doesn't work, you can also download/view it directly from here: https://anonymousplanet.org/AnonymousPlanet_0x89DAB601_public.asc [Mirror]
And then import it manually by issuing the following command:
gpg --import AnonymousPlanet_0x89DAB601_public.asc
Finally verify the files by issuing the following commands:
gpg --verify guide.pdf.asc guide.pdf"
gpg --verify guide-p.pdf.asc guide-p.pdf"
gpg --verify guide-dark.pdf.asc guide-dark.pdf"
You can also verify the authenticity of this GPG signature using my Keybase.io profile https://keybase.io/anonymousplanet and the PGP key is also published on https://keys.gnupg.net/, https://pgp.mit.edu/, https://keys.openpgp.org and https://keyserver.ubuntu.com/ using the following PGP fingerprint: 0xEB16B6AB4AB7BA61F33E2DFD0051E9A589DAB601
Feel free to submit issues using Github Issues or discuss using Github Discussions.
If you'd like to make a donation to this project, you can do so from https://anonymousplanet.org/donations.html [Mirror].
Follow or contact me on:
- Twitter: https://twitter.com/AnonyPla (cannot guarantee this account will stay up for long tho)
- Mastodon: https://mastodon.online/@anonypla
- Element/Matrix.org:
@anonypla:privacytools.io
- Reddit: https://old.reddit.com/message/compose/?to=AnonyPla
- E-Mail: [email protected] (this is one-way only for now, I won't answer back through this channel)
Discussion Channels (be careful as none of those are actively moderated):
- Reddit: https://old.reddit.com/r/thgtoa/
- Discord Server: https://discord.gg/XGFfGtJmXd
- Github Discussions: https://github.com/AnonymousPlanet/thgtoa/discussions
Have a good read and feel free to share it!