Department_of_Internautics/field_guide
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

draft of field manua

Browse Source
This commit is contained in:
Sparticus
2025-08-29 06:58:56 -04:00
parent d28218de89
commit 4a6b9f922f
33 changed files with 15554 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
_site/assets/css/main.css
+411
View File
@@ -0,0 +1,411 @@
* {
box-sizing: border-box;
margin: 0;
padding: 0;
}
html {
font-size: 16px;
scroll-behavior: smooth;
}
body {
font-family: "Courier New", "Monaco", "Menlo", monospace;
font-size: 16px;
line-height: 1.6;
color: #ffffff;
background-color: #000000;
min-height: 100vh;
}
h1, h2, h3, h4, h5, h6 {
font-family: "Arial", "Helvetica", sans-serif;
font-weight: bold;
margin-bottom: 1rem;
line-height: 1.2;
}
h1 {
font-size: 2.5rem;
color: #00ff00;
text-align: center;
margin-bottom: 2rem;
text-transform: uppercase;
letter-spacing: 2px;
}
h2 {
font-size: 2rem;
color: #0066ff;
border-bottom: 2px solid #0066ff;
padding-bottom: 0.5rem;
margin-top: 2rem;
margin-bottom: 1.5rem;
}
h3 {
font-size: 1.5rem;
color: #00ff00;
margin-top: 1.5rem;
margin-bottom: 1rem;
}
h4 {
font-size: 1.25rem;
color: #ffffff;
margin-top: 1rem;
margin-bottom: 0.75rem;
}
p {
margin-bottom: 1rem;
}
a {
color: #0066ff;
text-decoration: none;
transition: color 0.3s ease;
}
a:hover {
color: #00ff00;
text-decoration: underline;
}
a:visited {
color: #66a3ff;
}
ul, ol {
margin-bottom: 1rem;
padding-left: 2rem;
}
ul li, ol li {
margin-bottom: 0.5rem;
}
code {
background-color: #1a1a1a;
color: #00ff00;
padding: 0.2rem 0.4rem;
border-radius: 3px;
font-family: "Courier New", "Monaco", "Menlo", monospace;
font-size: 0.9rem;
}
pre {
background-color: #1a1a1a;
color: #ffffff;
padding: 1rem;
border-radius: 5px;
overflow-x: auto;
margin-bottom: 1rem;
border-left: 4px solid #00ff00;
}
pre code {
background: none;
padding: 0;
color: inherit;
}
table {
width: 100%;
border-collapse: collapse;
margin-bottom: 1rem;
background-color: #1a1a1a;
}
table th, table td {
padding: 0.75rem;
text-align: left;
border-bottom: 1px solid #333333;
}
table th {
background-color: #333333;
color: #00ff00;
font-weight: bold;
}
table tr:hover {
background-color: #272727;
}
.container {
max-width: 1200px;
margin: 0 auto;
padding: 0 1rem;
}
.header {
background-color: #000000;
border-bottom: 2px solid #00ff00;
padding: 1rem 0;
position: sticky;
top: 0;
z-index: 100;
}
.header .header-content {
display: flex;
justify-content: space-between;
align-items: center;
}
.header .logo {
display: flex;
align-items: center;
font-size: 1.5rem;
font-weight: bold;
color: #00ff00;
}
.header .logo .omega {
font-size: 2rem;
margin-right: 0.5rem;
}
.header .nav-toggle {
display: none;
background: none;
border: none;
color: #ffffff;
font-size: 1.5rem;
cursor: pointer;
}
.main-layout {
display: flex;
min-height: calc(100vh - 80px);
}
.sidebar {
width: 300px;
background-color: #0d0d0d;
border-right: 1px solid #333333;
padding: 2rem 1rem;
overflow-y: auto;
position: sticky;
top: 80px;
height: calc(100vh - 80px);
}
.sidebar .nav-section {
margin-bottom: 2rem;
}
.sidebar .nav-section h3 {
color: #00ff00;
font-size: 1rem;
margin-bottom: 0.5rem;
text-transform: uppercase;
letter-spacing: 1px;
}
.sidebar .nav-section ul {
list-style: none;
padding: 0;
}
.sidebar .nav-section ul li {
margin-bottom: 0.25rem;
}
.sidebar .nav-section ul li a {
display: block;
padding: 0.5rem;
border-radius: 3px;
transition: background-color 0.3s ease;
}
.sidebar .nav-section ul li a:hover {
background-color: #333333;
text-decoration: none;
}
.sidebar .nav-section ul li a.active {
background-color: #0066ff;
color: #000000;
}
.sidebar .nav-section ul li ul {
margin-left: 1rem;
margin-top: 0.5rem;
}
.sidebar .nav-section ul li ul a {
font-size: 0.9rem;
color: white;
}
.content {
flex: 1;
padding: 2rem;
max-width: calc(100% - 300px);
}
.content .content-header {
margin-bottom: 2rem;
padding-bottom: 1rem;
border-bottom: 1px solid #333333;
}
.content .content-header .manual-designation {
color: #00ff00;
font-size: 0.9rem;
text-transform: uppercase;
letter-spacing: 1px;
margin-bottom: 0.5rem;
}
.content .content-header .classification {
color: #ffaa00;
font-size: 0.8rem;
text-transform: uppercase;
font-weight: bold;
}
.content .section-nav {
display: flex;
justify-content: space-between;
margin-top: 3rem;
padding-top: 2rem;
border-top: 1px solid #333333;
}
.content .section-nav .nav-link {
display: flex;
align-items: center;
padding: 0.75rem 1.5rem;
background-color: #1a1a1a;
border: 1px solid #333333;
border-radius: 5px;
transition: all 0.3s ease;
}
.content .section-nav .nav-link:hover {
background-color: #0066ff;
color: #000000;
text-decoration: none;
}
.content .section-nav .nav-link .arrow {
font-size: 1.2rem;
margin: 0 0.5rem;
}
.warning-box {
background-color: rgba(255, 170, 0, 0.1);
border-left: 4px solid #ffaa00;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
}
.warning-box .warning-title {
color: #ffaa00;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.info-box {
background-color: rgba(0, 102, 255, 0.1);
border-left: 4px solid #0066ff;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
}
.info-box .info-title {
color: #0066ff;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.success-box {
background-color: rgba(0, 255, 0, 0.1);
border-left: 4px solid #00ff00;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
}
.success-box .success-title {
color: #00ff00;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.do-dont-list {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 1rem;
margin: 1rem 0;
}
.do-dont-list .do-list, .do-dont-list .dont-list {
padding: 1rem;
border-radius: 5px;
}
.do-dont-list .do-list h4, .do-dont-list .dont-list h4 {
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.do-dont-list .do-list ul, .do-dont-list .dont-list ul {
margin: 0;
padding-left: 1.5rem;
}
.do-dont-list .do-list {
background-color: rgba(0, 255, 0, 0.1);
border: 1px solid #00ff00;
}
.do-dont-list .do-list h4 {
color: #00ff00;
}
.do-dont-list .dont-list {
background-color: rgba(255, 0, 0, 0.1);
border: 1px solid #ff0000;
}
.do-dont-list .dont-list h4 {
color: #ff0000;
}
.footer {
background-color: #333333;
padding: 2rem 0;
margin-top: 4rem;
text-align: center;
border-top: 2px solid #00ff00;
}
.footer .footer-content {
color: white;
font-size: 0.9rem;
}
.footer .footer-content .organization {
color: #00ff00;
font-weight: bold;
}
@media (max-width: 768px) {
.header .nav-toggle {
display: block;
}
.main-layout {
flex-direction: column;
}
.sidebar {
width: 100%;
position: static;
height: auto;
display: none;
}
.sidebar.active {
display: block;
}
.content {
max-width: 100%;
padding: 1rem;
}
.do-dont-list {
grid-template-columns: 1fr;
}
h1 {
font-size: 2rem;
}
h2 {
font-size: 1.5rem;
}
}
@media print {
body {
background: white;
color: black;
}
.header, .sidebar, .footer, .section-nav {
display: none;
}
.content {
max-width: 100%;
padding: 0;
}
a {
color: black;
text-decoration: underline;
}
}
/*# sourceMappingURL=main.css.map */
_site/assets/css/main.css.map
+1
View File
File diff suppressed because one or more lines are too long
_site/assets/js/main.js
+166
View File
@@ -0,0 +1,166 @@
// Field Guide for Subversives - Main JavaScript
document.addEventListener('DOMContentLoaded', function() {
// Mobile navigation toggle
const navToggle = document.getElementById('nav-toggle');
const sidebar = document.getElementById('sidebar');
if (navToggle && sidebar) {
navToggle.addEventListener('click', function() {
sidebar.classList.toggle('active');
});
}
// Smooth scrolling for anchor links
const anchorLinks = document.querySelectorAll('a[href^="#"]');
anchorLinks.forEach(link => {
link.addEventListener('click', function(e) {
e.preventDefault();
const target = document.querySelector(this.getAttribute('href'));
if (target) {
target.scrollIntoView({
behavior: 'smooth',
block: 'start'
});
}
});
});
// Add security warning for external links
const externalLinks = document.querySelectorAll('a[href^="http"]:not([href*="' + window.location.hostname + '"])');
externalLinks.forEach(link => {
link.addEventListener('click', function(e) {
if (!confirm('You are about to visit an external site. Ensure you are using secure browsing practices. Continue?')) {
e.preventDefault();
}
});
// Add visual indicator for external links
link.setAttribute('title', 'External link - opens in new tab');
link.setAttribute('target', '_blank');
link.setAttribute('rel', 'noopener noreferrer');
});
// Keyboard navigation
document.addEventListener('keydown', function(e) {
// Alt + Left Arrow: Previous page
if (e.altKey && e.key === 'ArrowLeft') {
const prevLink = document.querySelector('.section-nav .nav-link:first-child');
if (prevLink && prevLink.href) {
window.location.href = prevLink.href;
}
}
// Alt + Right Arrow: Next page
if (e.altKey && e.key === 'ArrowRight') {
const nextLink = document.querySelector('.section-nav .nav-link:last-child');
if (nextLink && nextLink.href) {
window.location.href = nextLink.href;
}
}
// Escape: Close mobile menu
if (e.key === 'Escape' && sidebar && sidebar.classList.contains('active')) {
sidebar.classList.remove('active');
}
});
// Print functionality
function addPrintButton() {
const contentHeader = document.querySelector('.content-header');
if (contentHeader) {
const printButton = document.createElement('button');
printButton.textContent = 'Print Section';
printButton.className = 'print-button';
printButton.style.cssText = `
background: #333;
color: #00ff00;
border: 1px solid #00ff00;
padding: 0.5rem 1rem;
border-radius: 3px;
cursor: pointer;
font-family: inherit;
margin-top: 1rem;
`;
printButton.addEventListener('click', function() {
window.print();
});
contentHeader.appendChild(printButton);
}
}
addPrintButton();
// Security reminder
function showSecurityReminder() {
const reminder = document.createElement('div');
reminder.style.cssText = `
position: fixed;
bottom: 20px;
right: 20px;
background: rgba(255, 170, 0, 0.9);
color: #000;
padding: 1rem;
border-radius: 5px;
max-width: 300px;
font-size: 0.9rem;
z-index: 1000;
display: none;
`;
reminder.innerHTML = `
<strong>Security Reminder:</strong> Ensure you're using Tails OS or a secure browser when accessing this guide.
<button onclick="this.parentElement.style.display='none'" style="float: right; background: none; border: none; font-size: 1.2rem; cursor: pointer;">×</button>
`;
document.body.appendChild(reminder);
// Show reminder after 30 seconds
setTimeout(() => {
reminder.style.display = 'block';
}, 30000);
// Auto-hide after 10 seconds
setTimeout(() => {
reminder.style.display = 'none';
}, 40000);
}
// Only show security reminder on first visit
if (!localStorage.getItem('security_reminder_shown')) {
showSecurityReminder();
localStorage.setItem('security_reminder_shown', 'true');
}
// Add copy-to-clipboard functionality for code blocks
const codeBlocks = document.querySelectorAll('pre code');
codeBlocks.forEach(block => {
const button = document.createElement('button');
button.textContent = 'Copy';
button.className = 'copy-button';
button.style.cssText = `
position: absolute;
top: 0.5rem;
right: 0.5rem;
background: #333;
color: #00ff00;
border: 1px solid #00ff00;
padding: 0.25rem 0.5rem;
border-radius: 3px;
cursor: pointer;
font-size: 0.8rem;
`;
const pre = block.parentElement;
pre.style.position = 'relative';
pre.appendChild(button);
button.addEventListener('click', function() {
navigator.clipboard.writeText(block.textContent).then(() => {
button.textContent = 'Copied!';
setTimeout(() => {
button.textContent = 'Copy';
}, 2000);
});
});
});
});
_site/chapters/chapter-1/index.html
+716
View File
@@ -0,0 +1,716 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Chapter 1: Core Security Principles - Field Manual for Resistance Operations</title>
<meta name="description" content="The five fundamental principles that must guide all resistance security decisions">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" class="active">Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Network Resilience</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Quick Reference</a></li>
<li><a href="/appendices/tools/" >Tool Guides</a></li>
<li><a href="/appendices/resources/" >External Resources</a></li>
<li><a href="/appendices/glossary/" >Glossary</a></li>
</ul>
</div>
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
<div class="section-number">Section 1-1 to 1-5</div>
</div>
<h1 id="chapter-1-core-security-principles">Chapter 1: Core Security Principles</h1>
<h2 id="chapter-overview">Chapter Overview</h2>
<p>This chapter establishes the five fundamental principles that must guide all resistance security decisions. These principles, derived from decades of resistance experience and modern security research, provide the conceptual framework for evaluating threats, designing countermeasures, and making operational decisions under pressure.</p>
<p><strong>Sections in this chapter:</strong></p>
<ul>
<li>1-1: Principle of Least Privilege</li>
<li>1-2: Need-to-Know Basis</li>
<li>1-3: Compartmentalization and Cell Structure</li>
<li>1-4: Zero Trust Verification</li>
<li>1-5: Metadata Minimization</li>
</ul>
<hr />
<h2 id="section-1-1-principle-of-least-privilege">Section 1-1: Principle of Least Privilege</h2>
<h3 id="definition">Definition</h3>
<p>The Principle of Least Privilege states that every person, process, and system should have access only to the minimum resources necessary to perform their legitimate function. In resistance operations, this means limiting access to information, tools, and capabilities to the smallest set required for operational effectiveness.</p>
<h3 id="application-in-resistance-operations">Application in Resistance Operations</h3>
<h4 id="information-access">Information Access</h4>
<ul>
<li><strong>Operational details</strong> are shared only with those who need them for their specific role</li>
<li><strong>Contact information</strong> is limited to direct operational relationships</li>
<li><strong>Strategic plans</strong> are known only to leadership and those implementing specific components</li>
<li><strong>Technical details</strong> are restricted to those responsible for implementation and maintenance</li>
</ul>
<h4 id="system-access">System Access</h4>
<ul>
<li><strong>Communication platforms</strong> grant access only to relevant channels and groups</li>
<li><strong>File repositories</strong> provide access only to documents needed for specific roles</li>
<li><strong>Administrative privileges</strong> are limited to the minimum number of trusted individuals</li>
<li><strong>Backup systems</strong> are accessible only to designated recovery personnel</li>
</ul>
<h4 id="physical-access">Physical Access</h4>
<ul>
<li><strong>Meeting locations</strong> are known only to attendees and necessary support personnel</li>
<li><strong>Safe houses</strong> are accessed only by those with operational need</li>
<li><strong>Equipment storage</strong> is limited to those responsible for specific tools or supplies</li>
<li><strong>Document storage</strong> is restricted to those who create, maintain, or use specific materials</li>
</ul>
<h3 id="implementation-guidelines">Implementation Guidelines</h3>
<div class="do-dont-list">
<div class="do-list">
<h4>DO</h4>
<ul>
<li>Regularly review and audit access permissions</li>
<li>Remove access immediately when roles change</li>
<li>Document access decisions and their justifications</li>
<li>Use role-based access control when possible</li>
<li>Implement time-limited access for temporary needs</li>
</ul>
</div>
<div class="dont-list">
<h4>DON'T</h4>
<ul>
<li>Grant access "just in case" it might be needed</li>
<li>Share credentials or allow access sharing</li>
<li>Assume that trust equals need for access</li>
<li>Delay removing access when it's no longer needed</li>
<li>Grant broad access to avoid managing specific permissions</li>
</ul>
</div>
</div>
<h3 id="common-violations-and-consequences">Common Violations and Consequences</h3>
<p><strong>Violation:</strong> Sharing operational plans with all cell members regardless of their role
<strong>Consequence:</strong> Compromise of one member leads to exposure of entire operation</p>
<p><strong>Violation:</strong> Using shared accounts for multiple purposes
<strong>Consequence:</strong> Inability to track access or revoke permissions for specific individuals</p>
<p><strong>Violation:</strong> Granting administrative access to avoid permission requests
<strong>Consequence:</strong> Accidental or malicious damage to critical systems</p>
<hr />
<h2 id="section-1-2-need-to-know-basis">Section 1-2: Need-to-Know Basis</h2>
<h3 id="definition-1">Definition</h3>
<p>Need-to-Know is an information security principle that restricts access to sensitive information to only those individuals who require it to perform their duties. Unlike Least Privilege, which focuses on access controls, Need-to-Know addresses the content and scope of information sharing.</p>
<h3 id="information-classification">Information Classification</h3>
<h4 id="operational-classifications">Operational Classifications</h4>
<p><strong>CRITICAL</strong> - Information whose compromise would cause immediate operational failure</p>
<ul>
<li>Real names and personal details of participants</li>
<li>Specific operational plans and timelines</li>
<li>Location and access details for safe houses</li>
<li>Technical vulnerabilities and exploitation methods</li>
</ul>
<p><strong>SENSITIVE</strong> - Information whose compromise would significantly impact operations</p>
<ul>
<li>Communication protocols and procedures</li>
<li>General operational capabilities and resources</li>
<li>Training materials and educational content</li>
<li>Historical operational data and lessons learned</li>
</ul>
<p><strong>RESTRICTED</strong> - Information whose compromise would cause limited damage</p>
<ul>
<li>General security guidelines and best practices</li>
<li>Public-facing materials and propaganda</li>
<li>Non-sensitive logistical information</li>
<li>Educational resources available from public sources</li>
</ul>
<p><strong>UNCLASSIFIED</strong> - Information that can be shared without operational impact</p>
<ul>
<li>Publicly available tools and software</li>
<li>General security awareness materials</li>
<li>Historical information about resistance movements</li>
<li>Legal and political analysis available from public sources</li>
</ul>
<h3 id="information-sharing-protocols">Information Sharing Protocols</h3>
<h4 id="vertical-information-flow">Vertical Information Flow</h4>
<ul>
<li><strong>Upward reporting</strong> includes only information necessary for decision-making</li>
<li><strong>Downward direction</strong> provides only information necessary for task execution</li>
<li><strong>Status updates</strong> focus on operational requirements rather than comprehensive briefings</li>
<li><strong>Emergency communications</strong> may temporarily bypass normal restrictions</li>
</ul>
<h4 id="horizontal-information-flow">Horizontal Information Flow</h4>
<ul>
<li><strong>Peer coordination</strong> shares only information necessary for joint operations</li>
<li><strong>Cross-cell communication</strong> is limited to specific operational requirements</li>
<li><strong>Resource sharing</strong> includes only information necessary for effective utilization</li>
<li><strong>Mutual support</strong> provides assistance without unnecessary information disclosure</li>
</ul>
<h3 id="implementation-in-practice">Implementation in Practice</h3>
<h4 id="meeting-protocols">Meeting Protocols</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Before sharing information in any meeting:
1. Identify who needs this specific information
2. Determine the minimum detail level required
3. Consider whether the information can be compartmentalized
4. Verify that all attendees have operational need for the information
5. Document what was shared and with whom
</code></pre></div></div>
<h4 id="communication-guidelines">Communication Guidelines</h4>
<ul>
<li>Use <strong>coded language</strong> for sensitive topics even in secure channels</li>
<li><strong>Separate conversations</strong> by topic and participant need</li>
<li><strong>Time-limit</strong> access to sensitive information when possible</li>
<li><strong>Verify recipient identity</strong> before sharing sensitive information</li>
</ul>
<div class="warning-box">
<div class="warning-title">Information Discipline</div>
<p>The natural human tendency is to share information to build trust and demonstrate competence. In resistance operations, this tendency must be consciously overcome. Information discipline requires constant vigilance and may feel antisocial, but it is essential for operational security.</p>
</div>
<hr />
<h2 id="section-1-3-compartmentalization-and-cell-structure">Section 1-3: Compartmentalization and Cell Structure</h2>
<h3 id="definition-2">Definition</h3>
<p>Compartmentalization is the practice of isolating information, people, and operations into discrete units (cells) that can function independently and have limited knowledge of other units. This structure prevents the compromise of one element from cascading through the entire organization.</p>
<h3 id="cell-structure-design">Cell Structure Design</h3>
<h4 id="basic-cell-characteristics">Basic Cell Characteristics</h4>
<ul>
<li><strong>Size limitation</strong>: 3-7 members for optimal security and effectiveness</li>
<li><strong>Functional focus</strong>: Each cell has a specific operational purpose</li>
<li><strong>Limited connectivity</strong>: Minimal connections to other cells</li>
<li><strong>Independent capability</strong>: Can operate without external support for extended periods</li>
<li><strong>Redundant skills</strong>: Multiple members can perform critical functions</li>
</ul>
<h4 id="cell-types">Cell Types</h4>
<p><strong>Operational Cells</strong></p>
<ul>
<li>Execute specific resistance activities</li>
<li>Have detailed knowledge of their operations only</li>
<li>Receive direction through secure channels</li>
<li>Report results through established protocols</li>
</ul>
<p><strong>Support Cells</strong></p>
<ul>
<li>Provide specialized services (technical, logistical, financial)</li>
<li>Have broad knowledge of capabilities but limited operational details</li>
<li>Serve multiple operational cells without knowing their specific activities</li>
<li>Maintain strict separation between different support functions</li>
</ul>
<p><strong>Communication Cells</strong></p>
<ul>
<li>Facilitate secure communication between other cells</li>
<li>Know communication protocols but not operational content</li>
<li>Provide technical infrastructure and training</li>
<li>Maintain multiple redundant communication channels</li>
</ul>
<p><strong>Leadership Cells</strong></p>
<ul>
<li>Coordinate strategic direction and resource allocation</li>
<li>Have broad operational awareness but limited tactical details</li>
<li>Make decisions based on summarized reports rather than raw intelligence</li>
<li>Maintain multiple independent communication channels</li>
</ul>
<h3 id="inter-cell-communication">Inter-Cell Communication</h3>
<h4 id="communication-protocols">Communication Protocols</h4>
<ul>
<li><strong>Scheduled contacts</strong> at predetermined intervals</li>
<li><strong>Emergency procedures</strong> for urgent communication needs</li>
<li><strong>Authentication methods</strong> to verify identity and message integrity</li>
<li><strong>Fallback procedures</strong> when primary communication channels fail</li>
</ul>
<h4 id="information-flow-management">Information Flow Management</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Standard Communication Flow:
Operational Cell → Support Cell → Leadership Cell
Emergency Communication Flow:
Any Cell → Emergency Contact → Leadership Cell
Cross-Cell Coordination:
Cell A → Leadership Cell → Cell B
(Direct cell-to-cell communication only for specific authorized operations)
</code></pre></div></div>
<h4 id="security-measures">Security Measures</h4>
<ul>
<li><strong>Unique communication methods</strong> for each cell relationship</li>
<li><strong>Time-delayed communication</strong> to prevent real-time tracking</li>
<li><strong>Multiple authentication factors</strong> for sensitive communications</li>
<li><strong>Regular communication schedule changes</strong> to prevent pattern analysis</li>
</ul>
<h3 id="compromise-response">Compromise Response</h3>
<h4 id="isolation-procedures">Isolation Procedures</h4>
<p>When a cell is compromised:</p>
<ol>
<li><strong>Immediate isolation</strong> - Cut all communication with compromised cell</li>
<li><strong>Damage assessment</strong> - Determine what information was exposed</li>
<li><strong>Notification protocol</strong> - Alert affected cells through secure channels</li>
<li><strong>Operational adjustment</strong> - Modify plans based on exposed information</li>
<li><strong>Recovery planning</strong> - Develop procedures for reconstituting capabilities</li>
</ol>
<h4 id="continuity-planning">Continuity Planning</h4>
<ul>
<li><strong>Redundant capabilities</strong> across multiple cells</li>
<li><strong>Succession planning</strong> for key roles and functions</li>
<li><strong>Resource distribution</strong> to prevent single points of failure</li>
<li><strong>Alternative communication channels</strong> for emergency coordination</li>
</ul>
<div class="info-box">
<div class="info-title">Cell Discipline</div>
<p>Effective compartmentalization requires strict discipline from all participants. The temptation to share information across cell boundaries for efficiency or social reasons must be resisted. Remember: the inconvenience of compartmentalization is far less than the consequences of cascade compromise.</p>
</div>
<hr />
<h2 id="section-1-4-zero-trust-verification">Section 1-4: Zero Trust Verification</h2>
<h3 id="definition-3">Definition</h3>
<p>Zero Trust is a security model that assumes no user, device, or communication can be trusted by default, even if they are inside the organizations network or have been previously verified. Every access request must be authenticated, authorized, and continuously validated.</p>
<h3 id="core-zero-trust-principles">Core Zero Trust Principles</h3>
<h4 id="never-trust-always-verify">Never Trust, Always Verify</h4>
<ul>
<li><strong>Identity verification</strong> required for every access request</li>
<li><strong>Device authentication</strong> before allowing network access</li>
<li><strong>Continuous monitoring</strong> of user and system behavior</li>
<li><strong>Regular re-authentication</strong> for ongoing access</li>
</ul>
<h4 id="assume-breach">Assume Breach</h4>
<ul>
<li><strong>Design systems</strong> to function even when partially compromised</li>
<li><strong>Limit blast radius</strong> of any potential compromise</li>
<li><strong>Monitor for indicators</strong> of compromise continuously</li>
<li><strong>Plan response procedures</strong> for various compromise scenarios</li>
</ul>
<h4 id="verify-explicitly">Verify Explicitly</h4>
<ul>
<li><strong>Multi-factor authentication</strong> for all sensitive access</li>
<li><strong>Behavioral analysis</strong> to detect anomalous activity</li>
<li><strong>Contextual verification</strong> based on location, time, and access patterns</li>
<li><strong>Cryptographic verification</strong> of message and file integrity</li>
</ul>
<h3 id="implementation-in-resistance-operations">Implementation in Resistance Operations</h3>
<h4 id="identity-verification">Identity Verification</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Standard Verification Process:
1. Something you know (password, passphrase, coded response)
2. Something you have (device, token, physical key)
3. Something you are (biometric, behavioral pattern)
4. Somewhere you are (location verification, network analysis)
5. Someone you know (trusted introducer, mutual contact)
</code></pre></div></div>
<h4 id="communication-verification">Communication Verification</h4>
<ul>
<li><strong>Message authentication codes</strong> to verify sender identity</li>
<li><strong>Forward secrecy</strong> to limit damage from key compromise</li>
<li><strong>Out-of-band verification</strong> for critical communications</li>
<li><strong>Regular key rotation</strong> to limit exposure windows</li>
</ul>
<h4 id="device-trust">Device Trust</h4>
<ul>
<li><strong>Device registration</strong> and authentication before network access</li>
<li><strong>Regular security updates</strong> and vulnerability patching</li>
<li><strong>Behavioral monitoring</strong> for signs of compromise</li>
<li><strong>Remote wipe capabilities</strong> for lost or stolen devices</li>
</ul>
<h4 id="network-segmentation">Network Segmentation</h4>
<ul>
<li><strong>Micro-segmentation</strong> to limit lateral movement</li>
<li><strong>Encrypted communications</strong> for all network traffic</li>
<li><strong>Access logging</strong> and monitoring for all network activity</li>
<li><strong>Regular network topology changes</strong> to prevent mapping</li>
</ul>
<h3 id="continuous-verification">Continuous Verification</h3>
<h4 id="behavioral-monitoring">Behavioral Monitoring</h4>
<ul>
<li><strong>Baseline establishment</strong> for normal user behavior</li>
<li><strong>Anomaly detection</strong> for unusual access patterns</li>
<li><strong>Risk scoring</strong> based on multiple behavioral factors</li>
<li><strong>Adaptive authentication</strong> based on risk assessment</li>
</ul>
<h4 id="regular-re-authentication">Regular Re-authentication</h4>
<ul>
<li><strong>Time-based re-authentication</strong> for ongoing access</li>
<li><strong>Activity-based verification</strong> for sensitive operations</li>
<li><strong>Location-based challenges</strong> for access from new locations</li>
<li><strong>Privilege escalation verification</strong> for administrative functions</li>
</ul>
<div class="warning-box">
<div class="warning-title">Paranoia vs. Security</div>
<p>Zero Trust may seem paranoid, but it reflects the reality of operating in a hostile environment where compromise is not a matter of if, but when. The goal is not to prevent all compromise, but to limit its impact and maintain operational capability even under adverse conditions.</p>
</div>
<hr />
<h2 id="section-1-5-metadata-minimization">Section 1-5: Metadata Minimization</h2>
<h3 id="definition-4">Definition</h3>
<p>Metadata is “data about data” - information that describes the characteristics of communications and activities without revealing their content. In resistance operations, metadata analysis can reveal operational patterns, network structures, and behavioral indicators even when all content is encrypted.</p>
<h3 id="types-of-metadata">Types of Metadata</h3>
<h4 id="communication-metadata">Communication Metadata</h4>
<ul>
<li><strong>Sender and recipient</strong> identities and addresses</li>
<li><strong>Timestamps</strong> of message creation, transmission, and receipt</li>
<li><strong>Message size</strong> and format information</li>
<li><strong>Routing information</strong> including intermediate servers and networks</li>
<li><strong>Device information</strong> including hardware and software details</li>
</ul>
<h4 id="location-metadata">Location Metadata</h4>
<ul>
<li><strong>GPS coordinates</strong> from mobile devices and applications</li>
<li><strong>Network location</strong> data from Wi-Fi and cellular connections</li>
<li><strong>Movement patterns</strong> derived from sequential location data</li>
<li><strong>Association patterns</strong> based on co-location with other devices</li>
</ul>
<h4 id="behavioral-metadata">Behavioral Metadata</h4>
<ul>
<li><strong>Usage patterns</strong> including timing and frequency of activities</li>
<li><strong>Application usage</strong> and feature utilization patterns</li>
<li><strong>Network traffic patterns</strong> including volume and timing</li>
<li><strong>Device interaction patterns</strong> including typing and usage behaviors</li>
</ul>
<h4 id="financial-metadata">Financial Metadata</h4>
<ul>
<li><strong>Transaction timing</strong> and frequency patterns</li>
<li><strong>Payment methods</strong> and account relationships</li>
<li><strong>Geographic patterns</strong> of financial activity</li>
<li><strong>Association patterns</strong> with other financial accounts</li>
</ul>
<h3 id="metadata-analysis-capabilities">Metadata Analysis Capabilities</h3>
<h4 id="pattern-recognition">Pattern Recognition</h4>
<p>Modern data analysis can identify:</p>
<ul>
<li><strong>Communication networks</strong> and hierarchical structures</li>
<li><strong>Operational cycles</strong> and planning timelines</li>
<li><strong>Geographic patterns</strong> and safe house locations</li>
<li><strong>Behavioral signatures</strong> unique to specific individuals</li>
</ul>
<h4 id="predictive-analysis">Predictive Analysis</h4>
<p>Metadata can be used to:</p>
<ul>
<li><strong>Predict future activities</strong> based on historical patterns</li>
<li><strong>Identify key individuals</strong> based on network centrality</li>
<li><strong>Detect operational planning</strong> through communication pattern changes</li>
<li><strong>Locate physical meetings</strong> through device co-location analysis</li>
</ul>
<h3 id="minimization-strategies">Minimization Strategies</h3>
<h4 id="communication-minimization">Communication Minimization</h4>
<div class="do-dont-list">
<div class="do-list">
<h4>DO</h4>
<ul>
<li>Use different communication methods for different purposes</li>
<li>Vary timing and frequency of communications</li>
<li>Use intermediary systems to break direct connections</li>
<li>Employ time-delayed communication when possible</li>
<li>Use broadcast methods for one-to-many communication</li>
</ul>
</div>
<div class="dont-list">
<h4>DON'T</h4>
<ul>
<li>Use the same communication channel for all purposes</li>
<li>Maintain regular communication schedules</li>
<li>Allow direct communication between all network members</li>
<li>Use personal devices for resistance communications</li>
<li>Ignore the metadata implications of communication choices</li>
</ul>
</div>
</div>
<h4 id="location-minimization">Location Minimization</h4>
<ul>
<li><strong>Disable location services</strong> on all devices used for resistance activities</li>
<li><strong>Use public Wi-Fi</strong> from locations unconnected to your identity</li>
<li><strong>Vary locations</strong> for different types of activities</li>
<li><strong>Avoid patterns</strong> in movement and location choices</li>
<li><strong>Use transportation methods</strong> that dont create digital records</li>
</ul>
<h4 id="temporal-minimization">Temporal Minimization</h4>
<ul>
<li><strong>Randomize timing</strong> of communications and activities</li>
<li><strong>Use time delays</strong> to break real-time correlation</li>
<li><strong>Avoid regular schedules</strong> that create predictable patterns</li>
<li><strong>Coordinate timing</strong> to create false patterns when beneficial</li>
<li><strong>Use automated systems</strong> to decouple activity timing from human schedules</li>
</ul>
<h4 id="technical-minimization">Technical Minimization</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Technical Metadata Reduction:
1. Use Tor or similar anonymization networks
2. Employ VPNs with no-logging policies
3. Use disposable email addresses and accounts
4. Regularly change device identifiers when possible
5. Use different devices for different operational purposes
</code></pre></div></div>
<h3 id="metadata-aware-operational-planning">Metadata-Aware Operational Planning</h3>
<h4 id="communication-planning">Communication Planning</h4>
<ul>
<li><strong>Map metadata exposure</strong> for all planned communications</li>
<li><strong>Design communication flows</strong> to minimize revealing patterns</li>
<li><strong>Plan for metadata analysis</strong> by adversaries</li>
<li><strong>Develop cover stories</strong> for unavoidable metadata patterns</li>
</ul>
<h4 id="activity-planning">Activity Planning</h4>
<ul>
<li><strong>Consider metadata implications</strong> of all operational activities</li>
<li><strong>Design operations</strong> to create misleading metadata when possible</li>
<li><strong>Plan timing</strong> to minimize correlation opportunities</li>
<li><strong>Coordinate activities</strong> to distribute metadata across multiple participants</li>
</ul>
<div class="success-box">
<div class="success-title">Metadata Discipline</div>
<p>Effective metadata minimization requires thinking about the digital traces of every action before taking it. This becomes second nature with practice, but initially requires conscious effort and planning. The investment in metadata discipline pays dividends in operational security and longevity.</p>
</div>
<hr />
<h2 id="chapter-summary">Chapter Summary</h2>
<p>The five core security principles covered in this chapter provide the foundation for all resistance security operations:</p>
<ol>
<li><strong>Least Privilege</strong> limits access to the minimum necessary for operational effectiveness</li>
<li><strong>Need-to-Know</strong> restricts information sharing to operational requirements</li>
<li><strong>Compartmentalization</strong> isolates operations to prevent cascade compromise</li>
<li><strong>Zero Trust</strong> assumes compromise and requires continuous verification</li>
<li><strong>Metadata Minimization</strong> reduces digital traces that reveal operational patterns</li>
</ol>
<p>These principles must be applied consistently across all aspects of resistance operations, from technical tool selection to operational planning to daily security practices. They are not merely guidelines but operational requirements for survival in a hostile environment.</p>
<h3 id="integration-and-balance">Integration and Balance</h3>
<p>While each principle is important individually, their real power comes from integrated application. Effective resistance security requires balancing these principles against operational requirements and human limitations. Perfect adherence to all principles simultaneously may be impossible, but conscious application of each principle to every security decision will dramatically improve operational security.</p>
<h3 id="next-steps">Next Steps</h3>
<p>Chapter 2 builds on these foundational principles by providing systematic approaches to threat assessment and operational environment analysis. Understanding these principles is essential preparation for the practical threat modeling exercises that follow.</p>
<hr />
<p><strong>Next:</strong> <a href="/chapters/chapter-2/">Chapter 2: Threat Assessment and Operational Environment →</a></p>
<nav class="section-nav">
<a href="/parts/part-1/" class="nav-link">
<span class="arrow"></span>
<span>Part I: Foundations</span>
</a>
<a href="/chapters/chapter-2/" class="nav-link">
<span>Chapter 2: Threat Assessment</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/chapters/chapter-2/index.html
+971
View File
@@ -0,0 +1,971 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Chapter 2: Threat Assessment and Operational Environment - Field Manual for Resistance Operations</title>
<meta name="description" content="Systematic approaches to understanding and responding to threats in resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" class="active">Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Network Resilience</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Quick Reference</a></li>
<li><a href="/appendices/tools/" >Tool Guides</a></li>
<li><a href="/appendices/resources/" >External Resources</a></li>
<li><a href="/appendices/glossary/" >Glossary</a></li>
</ul>
</div>
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
<div class="section-number">Section 2-1 to 2-4</div>
</div>
<h1 id="chapter-2-threat-assessment-and-operational-environment">Chapter 2: Threat Assessment and Operational Environment</h1>
<h2 id="chapter-overview">Chapter Overview</h2>
<p>This chapter provides systematic methodologies for understanding and responding to threats in resistance operations. Effective threat assessment is the foundation of all security planning, enabling resistance practitioners to allocate resources appropriately and design countermeasures that address actual rather than imagined risks.</p>
<p><strong>Sections in this chapter:</strong></p>
<ul>
<li>2-1: Understanding Your Adversary</li>
<li>2-2: Threat Model Development</li>
<li>2-3: Risk Assessment Framework</li>
<li>2-4: Operational Security (OpSec) Fundamentals</li>
</ul>
<hr />
<h2 id="section-2-1-understanding-your-adversary">Section 2-1: Understanding Your Adversary</h2>
<h3 id="definition">Definition</h3>
<p>Adversary analysis is the systematic study of hostile forces to understand their capabilities, motivations, limitations, and likely courses of action. In resistance operations, this analysis must encompass both state and non-state actors who pose threats to operational security and participant safety.</p>
<h3 id="adversary-categories">Adversary Categories</h3>
<h4 id="state-security-services">State Security Services</h4>
<p><strong>Capabilities:</strong></p>
<ul>
<li>Mass surveillance infrastructure and legal authorities</li>
<li>Advanced technical capabilities including cyber operations</li>
<li>Extensive human intelligence networks and informant recruitment</li>
<li>Legal powers including arrest, detention, and asset seizure</li>
<li>International cooperation and intelligence sharing agreements</li>
</ul>
<p><strong>Motivations:</strong></p>
<ul>
<li>Maintaining regime stability and suppressing dissent</li>
<li>Protecting state secrets and critical infrastructure</li>
<li>Demonstrating effectiveness to political leadership</li>
<li>Career advancement and institutional prestige</li>
</ul>
<p><strong>Limitations:</strong></p>
<ul>
<li>Bureaucratic constraints and inter-agency competition</li>
<li>Resource limitations and competing priorities</li>
<li>Legal and political constraints (even in authoritarian systems)</li>
<li>Technical limitations and skill gaps</li>
<li>Public scrutiny and accountability mechanisms</li>
</ul>
<h4 id="law-enforcement-agencies">Law Enforcement Agencies</h4>
<p><strong>Capabilities:</strong></p>
<ul>
<li>Local surveillance and investigation resources</li>
<li>Access to criminal justice system and prosecution powers</li>
<li>Community informant networks and public cooperation</li>
<li>Specialized units for cybercrime and domestic terrorism</li>
<li>Coordination with federal and international agencies</li>
</ul>
<p><strong>Motivations:</strong></p>
<ul>
<li>Enforcing existing laws and maintaining public order</li>
<li>Responding to political pressure and public concerns</li>
<li>Protecting institutional reputation and effectiveness</li>
<li>Career advancement and performance metrics</li>
</ul>
<p><strong>Limitations:</strong></p>
<ul>
<li>Legal constraints and constitutional protections</li>
<li>Resource limitations and competing priorities</li>
<li>Training gaps in technical and political areas</li>
<li>Public accountability and oversight mechanisms</li>
<li>Jurisdictional limitations and coordination challenges</li>
</ul>
<h4 id="private-intelligence-contractors">Private Intelligence Contractors</h4>
<p><strong>Capabilities:</strong></p>
<ul>
<li>Specialized technical capabilities and cutting-edge tools</li>
<li>Flexibility and rapid response capabilities</li>
<li>Access to commercial data sources and partnerships</li>
<li>International operations with minimal oversight</li>
<li>Experienced personnel recruited from government agencies</li>
</ul>
<p><strong>Motivations:</strong></p>
<ul>
<li>Financial profit and contract renewal</li>
<li>Demonstrating value to government and corporate clients</li>
<li>Expanding market share and capabilities</li>
<li>Maintaining competitive advantage</li>
</ul>
<p><strong>Limitations:</strong></p>
<ul>
<li>Profit motive may conflict with thoroughness</li>
<li>Limited legal authorities and powers</li>
<li>Dependence on client relationships and contracts</li>
<li>Potential for exposure and public scrutiny</li>
<li>Competition with other contractors and agencies</li>
</ul>
<h4 id="hostile-political-organizations">Hostile Political Organizations</h4>
<p><strong>Capabilities:</strong></p>
<ul>
<li>Grassroots networks and community presence</li>
<li>Media access and propaganda capabilities</li>
<li>Political influence and institutional connections</li>
<li>Volunteer networks and ideological motivation</li>
<li>Potential for violence and intimidation</li>
</ul>
<p><strong>Motivations:</strong></p>
<ul>
<li>Advancing political ideology and agenda</li>
<li>Suppressing opposition movements and activities</li>
<li>Demonstrating power and influence</li>
<li>Protecting organizational interests and reputation</li>
</ul>
<p><strong>Limitations:</strong></p>
<ul>
<li>Limited resources compared to state actors</li>
<li>Legal constraints and public scrutiny</li>
<li>Internal divisions and competing priorities</li>
<li>Dependence on volunteer networks and public support</li>
<li>Vulnerability to infiltration and disruption</li>
</ul>
<h3 id="capability-assessment-framework">Capability Assessment Framework</h3>
<h4 id="technical-capabilities">Technical Capabilities</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Assessment Matrix:
1. Surveillance Infrastructure
- Mass data collection capabilities
- Real-time monitoring systems
- Data analysis and correlation tools
- International cooperation agreements
2. Cyber Operations
- Offensive cyber capabilities
- Defensive monitoring systems
- Technical expertise and resources
- Legal authorities and constraints
3. Human Intelligence
- Informant recruitment and management
- Infiltration capabilities
- Social engineering expertise
- Community presence and influence
</code></pre></div></div>
<h4 id="operational-capabilities">Operational Capabilities</h4>
<ul>
<li><strong>Geographic reach</strong> and jurisdictional authority</li>
<li><strong>Response time</strong> and deployment capabilities</li>
<li><strong>Coordination mechanisms</strong> between different agencies</li>
<li><strong>Resource allocation</strong> and priority setting processes</li>
<li><strong>Legal authorities</strong> and operational constraints</li>
</ul>
<h4 id="intelligence-capabilities">Intelligence Capabilities</h4>
<ul>
<li><strong>Collection methods</strong> and information sources</li>
<li><strong>Analysis capabilities</strong> and expertise levels</li>
<li><strong>Dissemination networks</strong> and information sharing</li>
<li><strong>Retention policies</strong> and data management systems</li>
<li><strong>Quality control</strong> and verification processes</li>
</ul>
<h3 id="motivation-analysis">Motivation Analysis</h3>
<h4 id="primary-motivations">Primary Motivations</h4>
<p>Understanding what drives adversary actions helps predict their behavior and identify potential vulnerabilities:</p>
<p><strong>Institutional Interests:</strong></p>
<ul>
<li>Organizational survival and growth</li>
<li>Budget allocation and resource competition</li>
<li>Performance metrics and success measures</li>
<li>Reputation and public perception</li>
</ul>
<p><strong>Individual Motivations:</strong></p>
<ul>
<li>Career advancement and professional recognition</li>
<li>Financial incentives and job security</li>
<li>Ideological commitment and personal beliefs</li>
<li>Social pressure and peer expectations</li>
</ul>
<p><strong>Political Factors:</strong></p>
<ul>
<li>Electoral considerations and public opinion</li>
<li>Policy priorities and resource allocation</li>
<li>International relationships and obligations</li>
<li>Crisis response and emergency authorities</li>
</ul>
<h3 id="limitation-assessment">Limitation Assessment</h3>
<h4 id="resource-constraints">Resource Constraints</h4>
<ul>
<li><strong>Budget limitations</strong> and competing priorities</li>
<li><strong>Personnel shortages</strong> and skill gaps</li>
<li><strong>Technical limitations</strong> and equipment constraints</li>
<li><strong>Time pressures</strong> and operational demands</li>
</ul>
<h4 id="legal-and-political-constraints">Legal and Political Constraints</h4>
<ul>
<li><strong>Constitutional protections</strong> and legal precedents</li>
<li><strong>Oversight mechanisms</strong> and accountability requirements</li>
<li><strong>Public scrutiny</strong> and media attention</li>
<li><strong>Political considerations</strong> and policy constraints</li>
</ul>
<h4 id="operational-constraints">Operational Constraints</h4>
<ul>
<li><strong>Bureaucratic processes</strong> and approval requirements</li>
<li><strong>Coordination challenges</strong> between agencies</li>
<li><strong>Information sharing</strong> limitations and restrictions</li>
<li><strong>Geographic limitations</strong> and jurisdictional boundaries</li>
</ul>
<div class="info-box">
<div class="info-title">Intelligence Gathering</div>
<p>Adversary analysis requires ongoing intelligence collection through open sources, operational observation, and network reporting. This information must be systematically collected, analyzed, and updated to maintain accuracy and relevance.</p>
</div>
<hr />
<h2 id="section-2-2-threat-model-development">Section 2-2: Threat Model Development</h2>
<h3 id="definition-1">Definition</h3>
<p>A threat model is a structured representation of potential threats to an organization, operation, or individual, including the assets being protected, potential attackers, attack vectors, and consequences of successful attacks. Threat modeling provides the analytical foundation for security planning and resource allocation.</p>
<h3 id="threat-modeling-process">Threat Modeling Process</h3>
<h4 id="step-1-asset-identification">Step 1: Asset Identification</h4>
<p><strong>Information Assets:</strong></p>
<ul>
<li>Operational plans and strategic documents</li>
<li>Communication records and contact information</li>
<li>Financial records and resource information</li>
<li>Technical documentation and system configurations</li>
<li>Personal information about participants and supporters</li>
</ul>
<p><strong>Physical Assets:</strong></p>
<ul>
<li>Personnel safety and freedom</li>
<li>Equipment and technology resources</li>
<li>Financial resources and funding sources</li>
<li>Safe houses and meeting locations</li>
<li>Communication infrastructure and networks</li>
</ul>
<p><strong>Operational Assets:</strong></p>
<ul>
<li>Network relationships and trust connections</li>
<li>Operational capabilities and expertise</li>
<li>Reputation and public support</li>
<li>Legal protections and political cover</li>
<li>Time and opportunity windows</li>
</ul>
<h4 id="step-2-threat-actor-identification">Step 2: Threat Actor Identification</h4>
<p>For each asset category, identify potential threat actors:</p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Threat Actor Analysis Template:
Actor: [Name/Type]
Motivation: [Why they would target this asset]
Capability: [What they can do to compromise it]
Opportunity: [When/how they could act]
Impact: [Consequences of successful attack]
Likelihood: [Probability assessment]
</code></pre></div></div>
<h4 id="step-3-attack-vector-analysis">Step 3: Attack Vector Analysis</h4>
<p><strong>Technical Attack Vectors:</strong></p>
<ul>
<li>Network intrusion and system compromise</li>
<li>Communication interception and analysis</li>
<li>Device compromise and malware deployment</li>
<li>Data theft and information exfiltration</li>
<li>Service disruption and denial of service</li>
</ul>
<p><strong>Human Attack Vectors:</strong></p>
<ul>
<li>Social engineering and manipulation</li>
<li>Infiltration and insider threats</li>
<li>Coercion and blackmail</li>
<li>Recruitment and turning of participants</li>
<li>Information gathering through relationships</li>
</ul>
<p><strong>Physical Attack Vectors:</strong></p>
<ul>
<li>Surveillance and tracking</li>
<li>Search and seizure operations</li>
<li>Physical intimidation and violence</li>
<li>Asset seizure and resource disruption</li>
<li>Location compromise and raid operations</li>
</ul>
<h4 id="step-4-impact-assessment">Step 4: Impact Assessment</h4>
<p><strong>Immediate Impacts:</strong></p>
<ul>
<li>Operational disruption and mission failure</li>
<li>Personnel safety and security compromise</li>
<li>Resource loss and financial damage</li>
<li>Information disclosure and intelligence loss</li>
<li>Legal consequences and prosecution</li>
</ul>
<p><strong>Long-term Impacts:</strong></p>
<ul>
<li>Network compromise and relationship damage</li>
<li>Reputation loss and public support erosion</li>
<li>Capability degradation and skill loss</li>
<li>Strategic disadvantage and position weakness</li>
<li>Movement suppression and broader impact</li>
</ul>
<h3 id="threat-modeling-methodologies">Threat Modeling Methodologies</h3>
<h4 id="stride-framework">STRIDE Framework</h4>
<p><strong>Spoofing:</strong> Impersonating legitimate users or systems
<strong>Tampering:</strong> Modifying data or systems without authorization
<strong>Repudiation:</strong> Denying actions or transactions
<strong>Information Disclosure:</strong> Exposing sensitive information
<strong>Denial of Service:</strong> Preventing legitimate access to resources
<strong>Elevation of Privilege:</strong> Gaining unauthorized access or permissions</p>
<h4 id="pasta-process-for-attack-simulation-and-threat-analysis">PASTA (Process for Attack Simulation and Threat Analysis)</h4>
<ol>
<li><strong>Define Objectives:</strong> Establish scope and goals</li>
<li><strong>Define Technical Scope:</strong> Identify systems and components</li>
<li><strong>Application Decomposition:</strong> Break down into components</li>
<li><strong>Threat Analysis:</strong> Identify potential threats</li>
<li><strong>Weakness and Vulnerability Analysis:</strong> Find security gaps</li>
<li><strong>Attack Modeling:</strong> Simulate attack scenarios</li>
<li><strong>Risk and Impact Analysis:</strong> Assess consequences</li>
</ol>
<h4 id="octave-operationally-critical-threat-asset-and-vulnerability-evaluation">OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation)</h4>
<ul>
<li><strong>Organizational View:</strong> Internal security practices and policies</li>
<li><strong>Technological View:</strong> Technical vulnerabilities and weaknesses</li>
<li><strong>Strategy and Plan View:</strong> Risk mitigation and security strategy</li>
</ul>
<h3 id="threat-scenario-development">Threat Scenario Development</h3>
<h4 id="scenario-template">Scenario Template</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Threat Scenario: [Descriptive Name]
Background:
- Current operational context
- Recent events and triggers
- Adversary capabilities and motivations
Attack Sequence:
1. Initial access or opportunity
2. Escalation and exploitation
3. Impact and consequences
4. Potential responses and countermeasures
Indicators:
- Early warning signs
- Detection opportunities
- Confirmation methods
Mitigation:
- Preventive measures
- Response procedures
- Recovery plans
</code></pre></div></div>
<h4 id="example-scenarios">Example Scenarios</h4>
<p><strong>Scenario 1: Communication Compromise</strong></p>
<ul>
<li>Adversary intercepts encrypted communications</li>
<li>Traffic analysis reveals network structure</li>
<li>Key participants identified and targeted</li>
<li>Operational plans exposed and disrupted</li>
</ul>
<p><strong>Scenario 2: Infiltration Operation</strong></p>
<ul>
<li>Hostile agent joins resistance network</li>
<li>Gains trust and access over time</li>
<li>Collects intelligence on operations and participants</li>
<li>Provides information for coordinated arrests</li>
</ul>
<p><strong>Scenario 3: Technical Surveillance</strong></p>
<ul>
<li>Mass surveillance system deployed</li>
<li>Communication metadata collected and analyzed</li>
<li>Behavioral patterns identified and tracked</li>
<li>Predictive analysis enables preemptive action</li>
</ul>
<div class="warning-box">
<div class="warning-title">Scenario Planning</div>
<p>Threat scenarios should be realistic and based on actual adversary capabilities and historical precedents. Avoid both underestimating threats (leading to inadequate security) and overestimating them (leading to paralysis and ineffective operations).</p>
</div>
<hr />
<h2 id="section-2-3-risk-assessment-framework">Section 2-3: Risk Assessment Framework</h2>
<h3 id="definition-2">Definition</h3>
<p>Risk assessment is the systematic evaluation of potential threats to determine their likelihood and impact, enabling informed decisions about security investments and operational procedures. Risk assessment translates threat models into actionable priorities for security planning.</p>
<h3 id="risk-calculation-methodology">Risk Calculation Methodology</h3>
<h4 id="basic-risk-formula">Basic Risk Formula</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Risk = Threat × Vulnerability × Impact
Where:
- Threat = Likelihood of attack occurring
- Vulnerability = Probability of attack succeeding
- Impact = Consequences of successful attack
</code></pre></div></div>
<h4 id="qualitative-risk-assessment">Qualitative Risk Assessment</h4>
<p><strong>Likelihood Scale:</strong></p>
<ul>
<li><strong>Very High (5):</strong> Almost certain to occur within 1 month</li>
<li><strong>High (4):</strong> Likely to occur within 6 months</li>
<li><strong>Medium (3):</strong> Possible within 1 year</li>
<li><strong>Low (2):</strong> Unlikely within 2 years</li>
<li><strong>Very Low (1):</strong> Rare or theoretical</li>
</ul>
<p><strong>Impact Scale:</strong></p>
<ul>
<li><strong>Critical (5):</strong> Mission failure, life-threatening consequences</li>
<li><strong>High (4):</strong> Major operational disruption, serious legal consequences</li>
<li><strong>Medium (3):</strong> Moderate disruption, manageable consequences</li>
<li><strong>Low (2):</strong> Minor inconvenience, limited impact</li>
<li><strong>Very Low (1):</strong> Negligible impact</li>
</ul>
<p><strong>Risk Matrix:</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Impact → VL L M H C
Likelihood ↓
Very High M H H C C
High L M H H C
Medium L L M H H
Low VL L L M H
Very Low VL VL L L M
Legend: VL=Very Low, L=Low, M=Medium, H=High, C=Critical
</code></pre></div></div>
<h3 id="risk-assessment-process">Risk Assessment Process</h3>
<h4 id="step-1-threat-inventory">Step 1: Threat Inventory</h4>
<p>Create comprehensive list of identified threats from threat modeling process:</p>
<ul>
<li>Categorize by threat actor and attack vector</li>
<li>Document current intelligence and evidence</li>
<li>Assess threat actor capabilities and motivations</li>
<li>Identify information gaps and uncertainties</li>
</ul>
<h4 id="step-2-vulnerability-assessment">Step 2: Vulnerability Assessment</h4>
<p>For each threat, assess organizational vulnerabilities:</p>
<p><strong>Technical Vulnerabilities:</strong></p>
<ul>
<li>Unpatched software and system weaknesses</li>
<li>Insecure configurations and default settings</li>
<li>Weak encryption and authentication mechanisms</li>
<li>Inadequate monitoring and detection capabilities</li>
</ul>
<p><strong>Procedural Vulnerabilities:</strong></p>
<ul>
<li>Inadequate security policies and procedures</li>
<li>Insufficient training and awareness programs</li>
<li>Poor access control and permission management</li>
<li>Weak incident response and recovery capabilities</li>
</ul>
<p><strong>Human Vulnerabilities:</strong></p>
<ul>
<li>Social engineering susceptibility</li>
<li>Insider threat potential</li>
<li>Security culture weaknesses</li>
<li>Stress and pressure responses</li>
</ul>
<h4 id="step-3-impact-analysis">Step 3: Impact Analysis</h4>
<p>Assess potential consequences of successful attacks:</p>
<p><strong>Operational Impact:</strong></p>
<ul>
<li>Mission disruption and failure</li>
<li>Capability loss and degradation</li>
<li>Resource depletion and damage</li>
<li>Timeline delays and setbacks</li>
</ul>
<p><strong>Security Impact:</strong></p>
<ul>
<li>Personnel safety and freedom</li>
<li>Information disclosure and intelligence loss</li>
<li>Network compromise and relationship damage</li>
<li>Legal consequences and prosecution</li>
</ul>
<p><strong>Strategic Impact:</strong></p>
<ul>
<li>Movement effectiveness and credibility</li>
<li>Public support and political position</li>
<li>Long-term viability and sustainability</li>
<li>Broader resistance movement impact</li>
</ul>
<h4 id="step-4-risk-prioritization">Step 4: Risk Prioritization</h4>
<p>Rank risks based on calculated scores and strategic importance:</p>
<p><strong>Priority Categories:</strong></p>
<ul>
<li><strong>Critical Risks:</strong> Immediate attention required</li>
<li><strong>High Risks:</strong> Address within 30 days</li>
<li><strong>Medium Risks:</strong> Address within 90 days</li>
<li><strong>Low Risks:</strong> Address as resources permit</li>
<li><strong>Accepted Risks:</strong> Monitor but no immediate action</li>
</ul>
<h3 id="risk-treatment-strategies">Risk Treatment Strategies</h3>
<h4 id="risk-mitigation">Risk Mitigation</h4>
<p>Reduce likelihood or impact through security controls:</p>
<ul>
<li><strong>Preventive Controls:</strong> Block or deter attacks</li>
<li><strong>Detective Controls:</strong> Identify attacks in progress</li>
<li><strong>Corrective Controls:</strong> Respond to and recover from attacks</li>
<li><strong>Compensating Controls:</strong> Alternative measures when primary controls fail</li>
</ul>
<h4 id="risk-transfer">Risk Transfer</h4>
<p>Shift risk to other parties or systems:</p>
<ul>
<li><strong>Insurance:</strong> Financial protection against losses</li>
<li><strong>Outsourcing:</strong> Transfer operational risks to service providers</li>
<li><strong>Partnerships:</strong> Share risks with allied organizations</li>
<li><strong>Legal Protections:</strong> Use legal mechanisms to limit exposure</li>
</ul>
<h4 id="risk-acceptance">Risk Acceptance</h4>
<p>Consciously accept certain risks:</p>
<ul>
<li><strong>Residual Risk:</strong> Remaining risk after mitigation measures</li>
<li><strong>Strategic Risk:</strong> Risks necessary for mission accomplishment</li>
<li><strong>Resource Constraints:</strong> Risks that cannot be addressed with available resources</li>
<li><strong>Temporary Acceptance:</strong> Short-term acceptance pending future mitigation</li>
</ul>
<h4 id="risk-avoidance">Risk Avoidance</h4>
<p>Eliminate risk by avoiding the activity:</p>
<ul>
<li><strong>Operational Changes:</strong> Modify operations to eliminate risk</li>
<li><strong>Technology Alternatives:</strong> Use different tools or methods</li>
<li><strong>Geographic Relocation:</strong> Move operations to safer locations</li>
<li><strong>Timing Adjustments:</strong> Delay operations until risks decrease</li>
</ul>
<div class="success-box">
<div class="success-title">Risk Management</div>
<p>Effective risk management is an ongoing process that requires regular review and updates. Risk assessments should be updated whenever significant changes occur in the threat environment, organizational capabilities, or operational requirements.</p>
</div>
<hr />
<h2 id="section-2-4-operational-security-opsec-fundamentals">Section 2-4: Operational Security (OpSec) Fundamentals</h2>
<h3 id="definition-3">Definition</h3>
<p>Operational Security (OpSec) is the process of protecting critical information and activities from adversary intelligence collection and analysis. OpSec focuses on identifying and controlling information that could be used to compromise operations, rather than just protecting classified information.</p>
<h3 id="opsec-process">OpSec Process</h3>
<h4 id="step-1-identify-critical-information">Step 1: Identify Critical Information</h4>
<p><strong>Critical Information Categories:</strong></p>
<ul>
<li><strong>Who:</strong> Personnel identities, roles, and relationships</li>
<li><strong>What:</strong> Operational objectives, methods, and capabilities</li>
<li><strong>When:</strong> Timing, schedules, and deadlines</li>
<li><strong>Where:</strong> Locations, routes, and geographic areas</li>
<li><strong>Why:</strong> Motivations, strategies, and decision-making processes</li>
<li><strong>How:</strong> Methods, procedures, and technical details</li>
</ul>
<p><strong>Critical Information Examples:</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Personnel Information:
- Real names and personal details
- Communication addresses and identifiers
- Role assignments and responsibilities
- Skill sets and expertise areas
- Personal vulnerabilities and pressure points
Operational Information:
- Mission objectives and success criteria
- Operational timelines and milestones
- Resource requirements and allocations
- Coordination mechanisms and protocols
- Contingency plans and alternatives
Technical Information:
- Communication methods and frequencies
- Security procedures and protocols
- Equipment specifications and capabilities
- Software configurations and vulnerabilities
- Network architecture and access points
</code></pre></div></div>
<h4 id="step-2-analyze-threats">Step 2: Analyze Threats</h4>
<p>Apply threat modeling to identify how adversaries might collect and use critical information:</p>
<p><strong>Collection Methods:</strong></p>
<ul>
<li><strong>Technical Collection:</strong> Electronic surveillance and monitoring</li>
<li><strong>Human Collection:</strong> Informants, infiltration, and social engineering</li>
<li><strong>Open Source Collection:</strong> Public information and social media</li>
<li><strong>Physical Collection:</strong> Surveillance and document recovery</li>
</ul>
<p><strong>Analysis Capabilities:</strong></p>
<ul>
<li><strong>Pattern Analysis:</strong> Identifying trends and behaviors</li>
<li><strong>Network Analysis:</strong> Mapping relationships and structures</li>
<li><strong>Predictive Analysis:</strong> Forecasting future activities</li>
<li><strong>Correlation Analysis:</strong> Connecting disparate information sources</li>
</ul>
<h4 id="step-3-analyze-vulnerabilities">Step 3: Analyze Vulnerabilities</h4>
<p>Identify how critical information might be exposed:</p>
<p><strong>Information Leakage Points:</strong></p>
<ul>
<li><strong>Communication Channels:</strong> Insecure or monitored communications</li>
<li><strong>Behavioral Patterns:</strong> Predictable activities and routines</li>
<li><strong>Physical Evidence:</strong> Documents, equipment, and traces</li>
<li><strong>Social Interactions:</strong> Casual conversations and relationships</li>
<li><strong>Digital Footprints:</strong> Online activities and data trails</li>
</ul>
<p><strong>Vulnerability Assessment Questions:</strong></p>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>For each piece of critical information:
1. Who has access to this information?
2. How is this information stored and transmitted?
3. What activities might reveal this information?
4. What patterns might indicate this information?
5. How could an adversary collect this information?
6. What would an adversary do with this information?
</code></pre></div></div>
<h4 id="step-4-assess-risk">Step 4: Assess Risk</h4>
<p>Evaluate the likelihood and impact of information compromise:</p>
<p><strong>Risk Factors:</strong></p>
<ul>
<li><strong>Information Value:</strong> How useful is this to adversaries?</li>
<li><strong>Collection Difficulty:</strong> How hard is it for adversaries to obtain?</li>
<li><strong>Analysis Complexity:</strong> How difficult is it to interpret and use?</li>
<li><strong>Operational Impact:</strong> What happens if this is compromised?</li>
<li><strong>Mitigation Cost:</strong> How expensive is it to protect?</li>
</ul>
<h4 id="step-5-apply-countermeasures">Step 5: Apply Countermeasures</h4>
<p>Implement measures to protect critical information:</p>
<p><strong>Information Control Measures:</strong></p>
<ul>
<li><strong>Classification:</strong> Formal information protection levels</li>
<li><strong>Compartmentalization:</strong> Limiting access on need-to-know basis</li>
<li><strong>Sanitization:</strong> Removing sensitive details from communications</li>
<li><strong>Disinformation:</strong> Providing false information to confuse adversaries</li>
</ul>
<p><strong>Activity Control Measures:</strong></p>
<ul>
<li><strong>Pattern Breaking:</strong> Varying routines and procedures</li>
<li><strong>Timing Control:</strong> Coordinating activities to minimize exposure</li>
<li><strong>Location Security:</strong> Protecting meeting places and safe houses</li>
<li><strong>Communication Security:</strong> Using secure channels and protocols</li>
</ul>
<h3 id="opsec-planning">OpSec Planning</h3>
<h4 id="opsec-plan-template">OpSec Plan Template</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>1. Mission Overview
- Objectives and scope
- Timeline and milestones
- Success criteria
2. Critical Information List
- Information categories
- Sensitivity levels
- Access requirements
3. Threat Assessment
- Adversary capabilities
- Collection methods
- Analysis capabilities
4. Vulnerability Analysis
- Exposure points
- Risk factors
- Mitigation priorities
5. Countermeasure Plan
- Protective measures
- Implementation timeline
- Responsibility assignments
6. Monitoring and Review
- Effectiveness metrics
- Review schedule
- Update procedures
</code></pre></div></div>
<h4 id="implementation-guidelines">Implementation Guidelines</h4>
<p><strong>Training and Awareness:</strong></p>
<ul>
<li><strong>OpSec Education:</strong> Understanding principles and importance</li>
<li><strong>Threat Briefings:</strong> Current adversary capabilities and methods</li>
<li><strong>Procedure Training:</strong> Specific protective measures and protocols</li>
<li><strong>Regular Updates:</strong> Ongoing education and reinforcement</li>
</ul>
<p><strong>Monitoring and Enforcement:</strong></p>
<ul>
<li><strong>Compliance Monitoring:</strong> Checking adherence to OpSec procedures</li>
<li><strong>Incident Reporting:</strong> Documenting OpSec failures and near-misses</li>
<li><strong>Corrective Action:</strong> Addressing violations and weaknesses</li>
<li><strong>Continuous Improvement:</strong> Updating procedures based on experience</li>
</ul>
<p><strong>Integration with Operations:</strong></p>
<ul>
<li><strong>Planning Integration:</strong> OpSec considerations in all operational planning</li>
<li><strong>Execution Monitoring:</strong> Real-time OpSec awareness during operations</li>
<li><strong>Post-Operation Review:</strong> Analyzing OpSec effectiveness and lessons learned</li>
<li><strong>Feedback Loop:</strong> Incorporating lessons into future planning</li>
</ul>
<div class="warning-box">
<div class="warning-title">OpSec Discipline</div>
<p>OpSec is only as strong as its weakest link. All participants must understand and consistently apply OpSec principles. A single careless action can compromise an entire operation and endanger all participants.</p>
</div>
<hr />
<h2 id="chapter-summary">Chapter Summary</h2>
<p>Chapter 2 has provided the analytical framework necessary for understanding and responding to threats in resistance operations:</p>
<p><strong>Section 2-1</strong> established methodologies for analyzing adversary capabilities, motivations, and limitations across different threat actor categories.</p>
<p><strong>Section 2-2</strong> introduced systematic threat modeling approaches for identifying and analyzing potential attacks against resistance operations.</p>
<p><strong>Section 2-3</strong> provided risk assessment frameworks for prioritizing threats and allocating security resources effectively.</p>
<p><strong>Section 2-4</strong> covered operational security fundamentals for protecting critical information and activities from adversary intelligence collection.</p>
<h3 id="integration-with-security-planning">Integration with Security Planning</h3>
<p>The threat assessment and OpSec methodologies covered in this chapter provide the analytical foundation for all subsequent security planning and implementation. The communication systems, operational procedures, and advanced techniques covered in later parts of this manual should be selected and configured based on the threat assessment and risk analysis conducted using these frameworks.</p>
<h3 id="continuous-process">Continuous Process</h3>
<p>Threat assessment and OpSec are not one-time activities but ongoing processes that must be regularly updated as the operational environment changes. New threats emerge, adversary capabilities evolve, and operational requirements shift, requiring continuous monitoring and adaptation of security measures.</p>
<hr />
<p><strong>Next:</strong> <a href="/parts/part-2/">Part II: Secure Communication Systems →</a></p>
<nav class="section-nav">
<a href="/chapters/chapter-1/" class="nav-link">
<span class="arrow"></span>
<span>Chapter 1: Core Security Principles</span>
</a>
<a href="/parts/part-2/" class="nav-link">
<span>Part II: Communication Systems</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/chapters/chapter-3/index.html
+1243
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-4/index.html
+1687
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-5/index.html
+1443
View File
File diff suppressed because it is too large Load Diff
_site/feed.xml
+1
View File
@@ -0,0 +1 @@
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="4.4.1">Jekyll</generator><link href="https://guide.resist.is/feed.xml" rel="self" type="application/atom+xml" /><link href="https://guide.resist.is/" rel="alternate" type="text/html" /><updated>2025-08-28T19:48:01-04:00</updated><id>https://guide.resist.is/feed.xml</id><title type="html">Field Manual for Resistance Operations</title><subtitle>A comprehensive guide to secure communication and operational security for newcomers to resistance movements</subtitle></feed>
_site/index.html
+343
View File
@@ -0,0 +1,343 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Table of Contents - Field Manual for Resistance Operations</title>
<meta name="description" content="Field Manual for Resistance Operations - A comprehensive guide to secure communication and operational security for decentralized resistance movements">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" class="active">Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Network Resilience</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Quick Reference</a></li>
<li><a href="/appendices/tools/" >Tool Guides</a></li>
<li><a href="/appendices/resources/" >External Resources</a></li>
<li><a href="/appendices/glossary/" >Glossary</a></li>
</ul>
</div>
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="field-manual-for-resistance-operations">Field Manual for Resistance Operations</h1>
<div class="manual-designation" style="text-align: center; margin-bottom: 2rem;">
<div style="font-size: 1.2rem; color: #00ff00;">FM-R1</div>
<div style="font-size: 1rem; color: #ffffff;">FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div style="font-size: 0.9rem; color: #0066ff; margin-top: 1rem;">Department of Internautics</div>
<div style="font-size: 0.9rem; color: #0066ff;">Bureau of Decentralized Resistance</div>
<div style="font-size: 0.8rem; color: #ffaa00; margin-top: 1rem;">UNCLASSIFIED</div>
<div style="font-size: 0.8rem; color: #ffffff;">Version 1.0 - 2025-08-28</div>
</div>
<hr />
<h2 id="table-of-contents">Table of Contents</h2>
<h3 id="front-matter">Front Matter</h3>
<ul>
<li><strong><a href="/preface/">Preface</a></strong> - Purpose, scope, and how to use this manual</li>
<li><strong><a href="/introduction/">Introduction</a></strong> - Threat landscape and security fundamentals</li>
</ul>
<h3 id="part-i-foundations-of-resistance-security">Part I: Foundations of Resistance Security</h3>
<ul>
<li><strong><a href="/parts/part-1/">Part I Overview</a></strong> - Core principles and threat assessment
<ul>
<li><strong><a href="/chapters/chapter-1/">Chapter 1: Core Security Principles</a></strong> (1-1 to 1-5)
<ul>
<li>1-1: Principle of Least Privilege</li>
<li>1-2: Need-to-Know Basis</li>
<li>1-3: Compartmentalization and Cell Structure</li>
<li>1-4: Zero Trust Verification</li>
<li>1-5: Metadata Minimization</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-2/">Chapter 2: Threat Assessment and Operational Environment</a></strong> (2-1 to 2-4)
<ul>
<li>2-1: Understanding Your Adversary</li>
<li>2-2: Threat Model Development</li>
<li>2-3: Risk Assessment Framework</li>
<li>2-4: Operational Security (OpSec) Fundamentals</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="part-ii-secure-communication-systems">Part II: Secure Communication Systems</h3>
<ul>
<li><strong><a href="/parts/part-2/">Part II Overview</a></strong> - Multi-layer communication architecture
<ul>
<li><strong><a href="/chapters/chapter-3/">Chapter 3: Communication Layer Architecture</a></strong> (3-1 to 3-6)
<ul>
<li>3-1: Multi-Layer Communication Strategy</li>
<li>3-2: High-Risk Real-Time Communication (Layer 1)</li>
<li>3-3: Secure Collaboration Systems (Layer 2)</li>
<li>3-4: Failsafe and Offline Methods (Layer 3)</li>
<li>3-5: Anonymous Broadcasting (Layer 4)</li>
<li>3-6: Communication Protocol Selection</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-4/">Chapter 4: Secure Messaging and Voice Communications</a></strong> (4-1 to 4-8)
<ul>
<li>4-1: Session Messenger Configuration</li>
<li>4-2: Element/Matrix Self-Hosted Setup</li>
<li>4-3: Briar Peer-to-Peer Messaging</li>
<li>4-4: Signal Security Best Practices</li>
<li>4-5: Voice Communication Security</li>
<li>4-6: Group Communication Management</li>
<li>4-7: Message Verification and Authentication</li>
<li>4-8: Communication Scheduling and Protocols</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-5/">Chapter 5: File Sharing and Collaboration</a></strong> (5-1 to 5-6)
<ul>
<li>5-1: CryptPad Secure Document Collaboration</li>
<li>5-2: OnionShare Anonymous File Transfer</li>
<li>5-3: Encrypted Cloud Storage (Mega/Proton)</li>
<li>5-4: Digital Dead Drops</li>
<li>5-5: Version Control for Sensitive Documents</li>
<li>5-6: Collaborative Security Protocols</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="part-iii-operational-security-procedures">Part III: Operational Security Procedures</h3>
<ul>
<li><strong><a href="/parts/part-3/">Part III Overview</a></strong> - Hardware, digital hygiene, and operational procedures
<ul>
<li><strong><a href="/chapters/chapter-6/">Chapter 6: Hardware and Infrastructure Security</a></strong> (6-1 to 6-8)
<ul>
<li>6-1: Untraceable Hardware Acquisition</li>
<li>6-2: Tails OS Installation and Configuration</li>
<li>6-3: Device Compartmentalization</li>
<li>6-4: Physical Security Measures</li>
<li>6-5: Network Access Security</li>
<li>6-6: Hardware Disposal and Sanitization</li>
<li>6-7: Faraday Cage and Signal Blocking</li>
<li>6-8: Power and Charging Security</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-7/">Chapter 7: Digital Hygiene and Privacy</a></strong> (7-1 to 7-6)
<ul>
<li>7-1: Browser Security Configuration</li>
<li>7-2: Search Engine Privacy</li>
<li>7-3: VPN and Tor Usage</li>
<li>7-4: Social Media Operational Security</li>
<li>7-5: Email Security and Anonymous Accounts</li>
<li>7-6: Digital Footprint Minimization</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-8/">Chapter 8: Operational Procedures</a></strong> (8-1 to 8-8)
<ul>
<li>8-1: Cell Organization and Management</li>
<li>8-2: Meeting Security Protocols</li>
<li>8-3: Coded Language and Communication</li>
<li>8-4: Surveillance Detection and Evasion</li>
<li>8-5: Emergency Procedures and Protocols</li>
<li>8-6: Information Sanitization</li>
<li>8-7: Operational Planning Security</li>
<li>8-8: Post-Operation Security Review</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="part-iv-advanced-resistance-operations">Part IV: Advanced Resistance Operations</h3>
<ul>
<li><strong><a href="/parts/part-4/">Part IV Overview</a></strong> - Network resilience and counter-intelligence
<ul>
<li><strong><a href="/chapters/chapter-9/">Chapter 9: Network Resilience and Redundancy</a></strong> (9-1 to 9-5)
<ul>
<li>9-1: Mesh Network Implementation</li>
<li>9-2: Offline Communication Systems</li>
<li>9-3: Emergency Communication Protocols</li>
<li>9-4: Network Failure Recovery</li>
<li>9-5: Distributed Infrastructure Planning</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-10/">Chapter 10: Counter-Intelligence and Security Culture</a></strong> (10-1 to 10-6)
<ul>
<li>10-1: Infiltration Detection and Prevention</li>
<li>10-2: Information Verification Procedures</li>
<li>10-3: Security Culture Development</li>
<li>10-4: Compartmentalized Knowledge Management</li>
<li>10-5: Trust Networks and Verification</li>
<li>10-6: Operational Security Training</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="appendices">Appendices</h3>
<ul>
<li><strong><a href="/appendices/">Appendix A: Quick Reference Guides</a></strong> - Emergency checklists and procedures</li>
<li><strong><a href="/appendices/tools/">Appendix B: Tool Configuration Guides</a></strong> - Step-by-step setup instructions</li>
<li><strong><a href="/appendices/resources/">Appendix C: External Resources and Links</a></strong> - Recommended tools and organizations</li>
<li><strong><a href="/appendices/glossary/">Appendix D: Glossary of Terms</a></strong> - Definitions and terminology</li>
</ul>
<hr />
<div class="warning-box">
<div class="warning-title">Security Notice</div>
<p>This manual contains sensitive information about resistance operations and security practices. Ensure you are accessing this content through secure channels (Tails OS, Tor Browser, or other anonymizing tools) and following proper operational security protocols.</p>
</div>
<div class="info-box">
<div class="info-title">For Newcomers</div>
<p>If you are new to resistance operations, start with the <strong>Preface</strong> and <strong>Introduction</strong>, then proceed through <strong>Part I: Foundations</strong> before advancing to more technical sections. Each chapter builds upon previous knowledge.</p>
</div>
<hr />
<p><strong>Distribution:</strong> This manual is designed for decentralized distribution through secure channels. Share responsibly and only with trusted individuals who have a legitimate need for this information.</p>
<p><strong>Updates:</strong> This manual will be updated regularly as new threats emerge and technologies evolve. Check the source repository for the latest version.</p>
<p><strong>Support:</strong> For questions or contributions, contact the Bureau of Decentralized Resistance through secure channels only.</p>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/introduction/index.html
+392
View File
@@ -0,0 +1,392 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Introduction - Field Manual for Resistance Operations</title>
<meta name="description" content="Threat landscape overview and fundamental security concepts for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" class="active">Introduction</a></li>
</ul>
</div>
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Network Resilience</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Quick Reference</a></li>
<li><a href="/appendices/tools/" >Tool Guides</a></li>
<li><a href="/appendices/resources/" >External Resources</a></li>
<li><a href="/appendices/glossary/" >Glossary</a></li>
</ul>
</div>
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="introduction">Introduction</h1>
<h2 id="the-modern-resistance-environment">The Modern Resistance Environment</h2>
<p>Resistance movements in the 21st century face unprecedented challenges. Unlike historical resistance operations that primarily contended with human intelligence networks and physical surveillance, modern movements must operate within a digital panopticon of mass surveillance, algorithmic analysis, and predictive policing.</p>
<p>The scenario addressed in this manual—resistance against a technologically advanced authoritarian regime—represents the ultimate stress test for operational security. The adversary possesses:</p>
<ul>
<li><strong>Total spectrum surveillance</strong> across digital communications</li>
<li><strong>Massive data processing capabilities</strong> for pattern recognition and network analysis</li>
<li><strong>Legal and extralegal powers</strong> to compel cooperation from technology companies</li>
<li><strong>Advanced persistent threat capabilities</strong> for targeted device compromise</li>
<li><strong>Extensive human intelligence networks</strong> including informants and infiltrators</li>
</ul>
<h3 id="the-digital-battlefield">The Digital Battlefield</h3>
<p>Every digital action creates metadata that can be analyzed to reveal:</p>
<ul>
<li><strong>Communication patterns</strong> - who talks to whom, when, and how frequently</li>
<li><strong>Location data</strong> - movement patterns and association networks</li>
<li><strong>Behavioral profiles</strong> - interests, habits, and predictive models</li>
<li><strong>Social graphs</strong> - relationship mapping and influence networks</li>
<li><strong>Operational indicators</strong> - planning cycles and activity patterns</li>
</ul>
<div class="warning-box">
<div class="warning-title">Critical Understanding</div>
<p>The most dangerous misconception in modern resistance is believing that encryption alone provides security. While encryption protects content, metadata analysis can reveal operational structures, timing, and relationships even when communications are encrypted.</p>
</div>
<h2 id="fundamental-security-concepts">Fundamental Security Concepts</h2>
<h3 id="defense-in-depth">Defense in Depth</h3>
<p>No single security measure is sufficient. Effective resistance security requires multiple overlapping layers:</p>
<ol>
<li><strong>Technical measures</strong> - Encryption, anonymization, secure hardware</li>
<li><strong>Operational procedures</strong> - Compartmentalization, communication protocols, meeting security</li>
<li><strong>Human factors</strong> - Training, security culture, psychological resilience</li>
<li><strong>Physical security</strong> - Safe houses, surveillance detection, document security</li>
</ol>
<h3 id="threat-modeling">Threat Modeling</h3>
<p>Before implementing any security measures, you must understand:</p>
<p><strong>Assets</strong> - What are you protecting?</p>
<ul>
<li>Lives and freedom of participants</li>
<li>Operational plans and intelligence</li>
<li>Communication networks and infrastructure</li>
<li>Financial resources and supplies</li>
</ul>
<p><strong>Adversaries</strong> - Who are you protecting against?</p>
<ul>
<li>State security services and law enforcement</li>
<li>Private intelligence contractors</li>
<li>Informants and infiltrators</li>
<li>Hostile political organizations</li>
</ul>
<p><strong>Capabilities</strong> - What can your adversaries do?</p>
<ul>
<li>Technical surveillance and cyber operations</li>
<li>Physical surveillance and infiltration</li>
<li>Legal powers and extrajudicial actions</li>
<li>Resource advantages and institutional support</li>
</ul>
<p><strong>Consequences</strong> - What happens if security fails?</p>
<ul>
<li>Arrest, prosecution, and imprisonment</li>
<li>Physical harm or assassination</li>
<li>Network compromise and operational failure</li>
<li>Broader movement suppression</li>
</ul>
<h3 id="the-security-usability-balance">The Security-Usability Balance</h3>
<p>Perfect security is incompatible with operational effectiveness. Every security measure introduces complexity, reduces convenience, and creates potential failure points. The art of resistance security lies in finding the optimal balance between:</p>
<ul>
<li><strong>Security requirements</strong> based on threat assessment</li>
<li><strong>Operational needs</strong> for communication and coordination</li>
<li><strong>Human limitations</strong> in following complex procedures</li>
<li><strong>Resource constraints</strong> in time, money, and technical expertise</li>
</ul>
<h2 id="core-principles-for-resistance-operations">Core Principles for Resistance Operations</h2>
<h3 id="1-assume-compromise">1. Assume Compromise</h3>
<p>Operate under the assumption that some level of compromise is inevitable:</p>
<ul>
<li>Design systems that remain functional even if partially compromised</li>
<li>Limit the damage any single compromise can cause</li>
<li>Plan for detection and response to security breaches</li>
<li>Maintain operational capability under surveillance</li>
</ul>
<h3 id="2-minimize-attack-surface">2. Minimize Attack Surface</h3>
<p>Reduce the number of ways you can be compromised:</p>
<ul>
<li>Use the minimum number of tools and platforms necessary</li>
<li>Limit the amount of sensitive data stored or transmitted</li>
<li>Reduce the number of people with access to critical information</li>
<li>Eliminate unnecessary digital and physical traces</li>
</ul>
<h3 id="3-compartmentalization">3. Compartmentalization</h3>
<p>Organize information and access on a need-to-know basis:</p>
<ul>
<li>Structure operations in independent cells</li>
<li>Limit cross-cell knowledge and communication</li>
<li>Use different tools and identities for different purposes</li>
<li>Prevent single points of failure from compromising entire networks</li>
</ul>
<h3 id="4-operational-discipline">4. Operational Discipline</h3>
<p>Maintain consistent security practices:</p>
<ul>
<li>Follow established procedures even when inconvenient</li>
<li>Resist the temptation to take shortcuts under pressure</li>
<li>Regularly review and update security practices</li>
<li>Train all participants in proper security procedures</li>
</ul>
<h3 id="5-continuous-adaptation">5. Continuous Adaptation</h3>
<p>Security is not a destination but an ongoing process:</p>
<ul>
<li>Monitor for new threats and vulnerabilities</li>
<li>Update tools and procedures as technology evolves</li>
<li>Learn from security incidents and near-misses</li>
<li>Share knowledge and best practices across the movement</li>
</ul>
<h2 id="the-human-element">The Human Element</h2>
<p>Technology can only provide the foundation for security—human behavior determines whether that foundation holds. The most sophisticated technical measures are worthless if participants:</p>
<ul>
<li>Use personal devices for resistance activities</li>
<li>Discuss sensitive matters in insecure environments</li>
<li>Fail to follow established communication protocols</li>
<li>Compromise operational security for convenience</li>
</ul>
<h3 id="building-security-culture">Building Security Culture</h3>
<p>Effective resistance security requires developing a culture where:</p>
<ul>
<li>Security consciousness becomes second nature</li>
<li>Participants understand the reasoning behind security measures</li>
<li>Peer accountability reinforces proper procedures</li>
<li>Security education is ongoing and practical</li>
<li>Mistakes are treated as learning opportunities rather than failures</li>
</ul>
<h2 id="scope-of-this-manual">Scope of This Manual</h2>
<p>This manual provides practical guidance for implementing the security concepts outlined above. It is organized to support both learning and reference use:</p>
<p><strong>Part I: Foundations</strong> establishes the theoretical framework and threat assessment methodologies that inform all subsequent technical recommendations.</p>
<p><strong>Part II: Communication Systems</strong> provides detailed guidance for implementing secure communication networks using proven tools and techniques.</p>
<p><strong>Part III: Operational Security</strong> covers the human and procedural elements necessary to maintain security in practice.</p>
<p><strong>Part IV: Advanced Operations</strong> addresses specialized topics for mature resistance networks operating under extreme threat conditions.</p>
<p><strong>Appendices</strong> provide quick reference materials, detailed configuration guides, and external resources for continued learning.</p>
<h2 id="getting-started">Getting Started</h2>
<p>The journey from security novice to competent resistance operator requires patience, practice, and mentorship. This manual provides the roadmap, but you must walk the path:</p>
<ol>
<li><strong>Master the fundamentals</strong> before attempting advanced techniques</li>
<li><strong>Practice in safe environments</strong> before operational deployment</li>
<li><strong>Seek guidance</strong> from experienced practitioners</li>
<li><strong>Start with basic security measures</strong> and gradually increase complexity</li>
<li><strong>Maintain operational security</strong> throughout your learning process</li>
</ol>
<div class="info-box">
<div class="info-title">Learning Path</div>
<p>New practitioners should follow this sequence:</p>
<ol>
<li><strong>Part I</strong> - Understand core principles and threat assessment</li>
<li><strong>Chapter 6</strong> - Set up secure hardware and Tails OS</li>
<li><strong>Chapter 4</strong> - Configure basic secure messaging</li>
<li><strong>Chapter 7</strong> - Implement digital hygiene practices</li>
<li><strong>Remaining chapters</strong> - Add capabilities as needed</li>
</ol>
</div>
<h2 id="a-note-on-courage">A Note on Courage</h2>
<p>Resistance requires courage—not the absence of fear, but action in spite of fear. The security measures in this manual cannot eliminate risk; they can only manage it. Every person who chooses resistance accepts some level of danger in service of a greater cause.</p>
<p>This manual honors that courage by providing the best possible guidance for staying safe while fighting for justice. Use it wisely, share it responsibly, and remember that your security protects not just yourself, but everyone who depends on you.</p>
<hr />
<p><strong>The stakes are high. The tools are available. The choice is yours.</strong></p>
<p><strong>Next:</strong> <a href="/parts/part-1/">Part I: Foundations of Resistance Security →</a></p>
<nav class="section-nav">
<a href="/preface/" class="nav-link">
<span class="arrow"></span>
<span>Preface</span>
</a>
<a href="/parts/part-1/" class="nav-link">
<span>Part I: Foundations</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/parts/part-1/index.html
+312
View File
@@ -0,0 +1,312 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Part I: Foundations of Resistance Security - Field Manual for Resistance Operations</title>
<meta name="description" content="Core security principles and threat assessment methodologies for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" class="active">Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Network Resilience</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Quick Reference</a></li>
<li><a href="/appendices/tools/" >Tool Guides</a></li>
<li><a href="/appendices/resources/" >External Resources</a></li>
<li><a href="/appendices/glossary/" >Glossary</a></li>
</ul>
</div>
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="part-i-foundations-of-resistance-security">Part I: Foundations of Resistance Security</h1>
<h2 id="overview">Overview</h2>
<p>Part I establishes the theoretical and practical foundations necessary for all resistance security operations. Before implementing any technical measures or operational procedures, resistance practitioners must understand the fundamental principles that govern security in hostile environments and develop the analytical skills necessary to assess threats and design appropriate countermeasures.</p>
<p>This part addresses the most critical question in resistance security: <strong>How do you think about security in a way that leads to effective protection?</strong></p>
<h2 id="learning-objectives">Learning Objectives</h2>
<p>Upon completing Part I, you will be able to:</p>
<ul>
<li>Apply core security principles to evaluate and design resistance operations</li>
<li>Conduct systematic threat assessments for your specific operational environment</li>
<li>Develop risk management strategies appropriate to your threat level</li>
<li>Understand the relationship between security measures and operational effectiveness</li>
<li>Recognize common security failures and their underlying causes</li>
</ul>
<h2 id="chapter-overview">Chapter Overview</h2>
<h3 id="chapter-1-core-security-principles-1-1-to-1-5">Chapter 1: Core Security Principles (1-1 to 1-5)</h3>
<p>The five fundamental principles that must guide all resistance security decisions:</p>
<p><strong>1-1: Principle of Least Privilege</strong> - Limiting access to the minimum necessary for operational effectiveness</p>
<p><strong>1-2: Need-to-Know Basis</strong> - Compartmentalizing information to prevent cascade failures</p>
<p><strong>1-3: Compartmentalization and Cell Structure</strong> - Organizing resistance networks to contain compromise</p>
<p><strong>1-4: Zero Trust Verification</strong> - Assuming compromise and requiring continuous authentication</p>
<p><strong>1-5: Metadata Minimization</strong> - Reducing the digital traces that reveal operational patterns</p>
<h3 id="chapter-2-threat-assessment-and-operational-environment-2-1-to-2-4">Chapter 2: Threat Assessment and Operational Environment (2-1 to 2-4)</h3>
<p>Systematic approaches to understanding and responding to threats:</p>
<p><strong>2-1: Understanding Your Adversary</strong> - Analyzing capabilities, motivations, and limitations of hostile forces</p>
<p><strong>2-2: Threat Model Development</strong> - Creating structured assessments of risks and vulnerabilities</p>
<p><strong>2-3: Risk Assessment Framework</strong> - Quantifying and prioritizing security investments</p>
<p><strong>2-4: Operational Security (OpSec) Fundamentals</strong> - Translating threat assessments into practical procedures</p>
<h2 id="the-security-mindset">The Security Mindset</h2>
<p>Before diving into specific principles and procedures, its essential to understand the fundamental shift in thinking required for effective resistance security. This shift involves:</p>
<h3 id="from-convenience-to-security">From Convenience to Security</h3>
<p>In normal life, we optimize for convenience, efficiency, and ease of use. In resistance operations, security becomes the primary consideration, with convenience secondary. This doesnt mean making things unnecessarily difficult, but rather accepting that some inconvenience is the price of safety.</p>
<h3 id="from-trust-to-verification">From Trust to Verification</h3>
<p>Normal social and professional relationships operate on trust and good faith. Resistance operations must assume that trust can be compromised, either through infiltration or coercion, and build verification mechanisms into all critical processes.</p>
<h3 id="from-reactive-to-proactive">From Reactive to Proactive</h3>
<p>Most people respond to security threats after they become apparent. Resistance operations must anticipate threats and implement countermeasures before theyre needed, because by the time a threat is obvious, it may be too late to respond effectively.</p>
<h3 id="from-individual-to-collective">From Individual to Collective</h3>
<p>Personal security practices focus on protecting yourself. Resistance security must consider how your actions affect the safety of others in your network, and how their actions affect your safety.</p>
<h2 id="common-misconceptions">Common Misconceptions</h2>
<h3 id="encryption-solves-everything">“Encryption Solves Everything”</h3>
<p>While encryption is essential, it only protects the content of communications, not the metadata that reveals who is talking to whom, when, and from where. Metadata analysis can reveal network structures and operational patterns even when all communications are encrypted.</p>
<h3 id="if-you-have-nothing-to-hide">“If You Have Nothing to Hide…”</h3>
<p>This argument fundamentally misunderstands the nature of authoritarian surveillance. The goal is not just to find evidence of wrongdoing, but to map networks, predict behavior, and suppress dissent before it becomes effective.</p>
<h3 id="theyre-too-powerful-to-resist">“Theyre Too Powerful to Resist”</h3>
<p>While authoritarian regimes have significant advantages, they also have limitations and vulnerabilities. Understanding both their capabilities and their constraints is essential for developing effective resistance strategies.</p>
<h3 id="perfect-security-is-possible">“Perfect Security is Possible”</h3>
<p>No security system is perfect, and pursuing perfect security often leads to systems so complex and restrictive that they cannot be used effectively. The goal is appropriate security for your specific threat environment and operational requirements.</p>
<h2 id="integration-with-subsequent-parts">Integration with Subsequent Parts</h2>
<p>The principles and methodologies covered in Part I provide the foundation for all subsequent technical and operational guidance:</p>
<ul>
<li><strong>Part II</strong> applies these principles to design secure communication systems</li>
<li><strong>Part III</strong> translates them into practical operational security procedures</li>
<li><strong>Part IV</strong> extends them to advanced scenarios and specialized threats</li>
</ul>
<p>Each technical recommendation and operational procedure in later parts derives from the fundamental principles established here. Understanding these foundations is essential for adapting the manuals guidance to your specific circumstances and for making sound security decisions when facing novel situations.</p>
<h2 id="study-approach">Study Approach</h2>
<h3 id="for-individual-study">For Individual Study</h3>
<ol>
<li><strong>Read each section completely</strong> before moving to the next</li>
<li><strong>Take notes</strong> on how principles apply to your specific situation</li>
<li><strong>Work through examples</strong> using scenarios relevant to your operations</li>
<li><strong>Review regularly</strong> as these concepts must become second nature</li>
</ol>
<h3 id="for-group-study">For Group Study</h3>
<ol>
<li><strong>Discuss each principle</strong> and its implications for your organization</li>
<li><strong>Develop case studies</strong> based on your operational environment</li>
<li><strong>Practice threat modeling</strong> for actual or hypothetical operations</li>
<li><strong>Create reference materials</strong> summarizing key concepts for quick review</li>
</ol>
<h3 id="for-training-others">For Training Others</h3>
<ol>
<li><strong>Use concrete examples</strong> rather than abstract concepts</li>
<li><strong>Connect principles to practical consequences</strong> of security failures</li>
<li><strong>Encourage questions</strong> and discussion of edge cases</li>
<li><strong>Provide opportunities to practice</strong> threat assessment skills</li>
</ol>
<div class="warning-box">
<div class="warning-title">Foundation First</div>
<p>Do not skip Part I to get to "more practical" technical content. The principles covered here determine whether technical measures will be effective or merely provide a false sense of security. Every security failure can be traced back to a violation of these fundamental principles.</p>
</div>
<hr />
<p><strong>Ready to begin?</strong> Start with <a href="/chapters/chapter-1/">Chapter 1: Core Security Principles →</a></p>
<nav class="section-nav">
<a href="/introduction/" class="nav-link">
<span class="arrow"></span>
<span>Introduction</span>
</a>
<a href="/chapters/chapter-1/" class="nav-link">
<span>Chapter 1: Core Security Principles</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/parts/part-2/index.html
+462
View File
@@ -0,0 +1,462 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Part II: Secure Communication Systems - Field Manual for Resistance Operations</title>
<meta name="description" content="Multi-layer communication architectures and secure messaging systems for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" class="active">Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Network Resilience</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Quick Reference</a></li>
<li><a href="/appendices/tools/" >Tool Guides</a></li>
<li><a href="/appendices/resources/" >External Resources</a></li>
<li><a href="/appendices/glossary/" >Glossary</a></li>
</ul>
</div>
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="part-ii-secure-communication-systems">Part II: Secure Communication Systems</h1>
<h2 id="overview">Overview</h2>
<p>Part II addresses the critical challenge of maintaining secure communications within resistance networks operating under advanced surveillance. This part provides comprehensive guidance for implementing multi-layer communication architectures that balance security requirements with operational effectiveness.</p>
<p>Communication security is the backbone of resistance operations. Without secure communications, resistance networks cannot coordinate activities, share intelligence, or maintain operational security. However, communication also represents the greatest vulnerability, as every communication creates metadata that can be analyzed to reveal network structures, operational patterns, and individual behaviors.</p>
<h2 id="learning-objectives">Learning Objectives</h2>
<p>Upon completing Part II, you will be able to:</p>
<ul>
<li>Design and implement multi-layer communication architectures appropriate to your threat environment</li>
<li>Configure and operate secure messaging systems including Session, Element/Matrix, Briar, and Signal</li>
<li>Establish secure file sharing and collaboration systems using CryptPad, OnionShare, and encrypted cloud storage</li>
<li>Implement communication protocols that minimize metadata exposure and maximize operational security</li>
<li>Develop contingency communication plans for various compromise and failure scenarios</li>
</ul>
<h2 id="the-communication-security-challenge">The Communication Security Challenge</h2>
<h3 id="the-metadata-problem">The Metadata Problem</h3>
<p>Modern surveillance systems focus less on communication content (which can be encrypted) and more on communication metadata (which reveals patterns even when content is protected). Every digital communication generates metadata including:</p>
<ul>
<li><strong>Sender and recipient identities</strong> and network addresses</li>
<li><strong>Timing information</strong> including send/receive timestamps</li>
<li><strong>Location data</strong> from device GPS and network connections</li>
<li><strong>Communication patterns</strong> including frequency and duration</li>
<li><strong>Device information</strong> including hardware and software details</li>
</ul>
<p>This metadata can be analyzed to:</p>
<ul>
<li>Map network structures and identify key participants</li>
<li>Predict operational activities and timing</li>
<li>Locate physical meetings and safe houses</li>
<li>Identify behavioral patterns and vulnerabilities</li>
</ul>
<h3 id="the-usability-security-tension">The Usability-Security Tension</h3>
<p>Perfect communication security would require:</p>
<ul>
<li>No digital communications whatsoever</li>
<li>Face-to-face meetings only in secure locations</li>
<li>Perfect operational security from all participants</li>
<li>No time-sensitive coordination requirements</li>
</ul>
<p>Perfect operational effectiveness would require:</p>
<ul>
<li>Instant communication between all participants</li>
<li>Rich multimedia sharing and collaboration</li>
<li>Real-time coordination and decision-making</li>
<li>Seamless integration with existing tools and workflows</li>
</ul>
<p>Practical resistance communications must balance these competing requirements through carefully designed architectures that provide appropriate security for specific use cases while maintaining operational effectiveness.</p>
<h2 id="multi-layer-communication-strategy">Multi-Layer Communication Strategy</h2>
<p>Part II is organized around a four-layer communication architecture that provides different security levels for different operational requirements:</p>
<h3 id="layer-1-high-risk-real-time-communication">Layer 1: High-Risk Real-Time Communication</h3>
<p><strong>Use Case:</strong> Time-sensitive coordination during active operations
<strong>Security Level:</strong> Maximum security, minimal metadata
<strong>Tools:</strong> Session Messenger, Briar mesh networking
<strong>Characteristics:</strong></p>
<ul>
<li>Onion routing and metadata protection</li>
<li>Peer-to-peer architecture with no central servers</li>
<li>Ephemeral messaging with automatic deletion</li>
<li>Offline capability and mesh networking</li>
</ul>
<h3 id="layer-2-secure-collaboration-systems">Layer 2: Secure Collaboration Systems</h3>
<p><strong>Use Case:</strong> Planning, document sharing, and ongoing coordination
<strong>Security Level:</strong> High security with collaboration features
<strong>Tools:</strong> Element/Matrix (self-hosted), CryptPad
<strong>Characteristics:</strong></p>
<ul>
<li>End-to-end encryption with forward secrecy</li>
<li>Self-hosted infrastructure under resistance control</li>
<li>Rich collaboration features including file sharing</li>
<li>Persistent storage with secure access controls</li>
</ul>
<h3 id="layer-3-failsafe-and-offline-methods">Layer 3: Failsafe and Offline Methods</h3>
<p><strong>Use Case:</strong> Emergency communications and backup channels
<strong>Security Level:</strong> Maximum reliability and availability
<strong>Tools:</strong> OnionShare, encrypted email, physical dead drops
<strong>Characteristics:</strong></p>
<ul>
<li>No dependence on internet infrastructure</li>
<li>Asynchronous communication with time delays</li>
<li>Multiple redundant channels and methods</li>
<li>Resistance to network disruption and censorship</li>
</ul>
<h3 id="layer-4-anonymous-broadcasting">Layer 4: Anonymous Broadcasting</h3>
<p><strong>Use Case:</strong> Public communications and propaganda distribution
<strong>Security Level:</strong> Sender anonymity and censorship resistance
<strong>Tools:</strong> Tor hidden services, distributed publishing platforms
<strong>Characteristics:</strong></p>
<ul>
<li>One-to-many communication model</li>
<li>Strong sender anonymity protection</li>
<li>Censorship resistance and availability</li>
<li>Public accessibility without authentication</li>
</ul>
<h2 id="chapter-overview">Chapter Overview</h2>
<h3 id="chapter-3-communication-layer-architecture-3-1-to-3-6">Chapter 3: Communication Layer Architecture (3-1 to 3-6)</h3>
<p>Establishes the theoretical framework and practical implementation of multi-layer communication systems:</p>
<p><strong>3-1: Multi-Layer Communication Strategy</strong> - Overall architecture and layer selection criteria</p>
<p><strong>3-2: High-Risk Real-Time Communication (Layer 1)</strong> - Maximum security for time-sensitive operations</p>
<p><strong>3-3: Secure Collaboration Systems (Layer 2)</strong> - Balancing security with collaboration needs</p>
<p><strong>3-4: Failsafe and Offline Methods (Layer 3)</strong> - Backup and emergency communication channels</p>
<p><strong>3-5: Anonymous Broadcasting (Layer 4)</strong> - Public communications and information distribution</p>
<p><strong>3-6: Communication Protocol Selection</strong> - Choosing appropriate tools and methods for specific scenarios</p>
<h3 id="chapter-4-secure-messaging-and-voice-communications-4-1-to-4-8">Chapter 4: Secure Messaging and Voice Communications (4-1 to 4-8)</h3>
<p>Provides detailed configuration and operational guidance for secure messaging systems:</p>
<p><strong>4-1: Session Messenger Configuration</strong> - Maximum security messaging with onion routing</p>
<p><strong>4-2: Element/Matrix Self-Hosted Setup</strong> - Secure collaboration platform implementation</p>
<p><strong>4-3: Briar Peer-to-Peer Messaging</strong> - Decentralized messaging without servers</p>
<p><strong>4-4: Signal Security Best Practices</strong> - Operational security for mainstream secure messaging</p>
<p><strong>4-5: Voice Communication Security</strong> - Secure voice calls and audio communications</p>
<p><strong>4-6: Group Communication Management</strong> - Security protocols for multi-participant communications</p>
<p><strong>4-7: Message Verification and Authentication</strong> - Ensuring message integrity and sender verification</p>
<p><strong>4-8: Communication Scheduling and Protocols</strong> - Operational procedures for secure communications</p>
<h3 id="chapter-5-file-sharing-and-collaboration-5-1-to-5-6">Chapter 5: File Sharing and Collaboration (5-1 to 5-6)</h3>
<p>Covers secure systems for document collaboration and file sharing:</p>
<p><strong>5-1: CryptPad Secure Document Collaboration</strong> - Real-time collaborative editing with encryption</p>
<p><strong>5-2: OnionShare Anonymous File Transfer</strong> - Secure file sharing over Tor network</p>
<p><strong>5-3: Encrypted Cloud Storage (Mega/Proton)</strong> - Secure cloud storage for resistance operations</p>
<p><strong>5-4: Digital Dead Drops</strong> - Asynchronous file sharing without direct contact</p>
<p><strong>5-5: Version Control for Sensitive Documents</strong> - Managing document versions and changes securely</p>
<p><strong>5-6: Collaborative Security Protocols</strong> - Operational procedures for secure collaboration</p>
<h2 id="implementation-approach">Implementation Approach</h2>
<h3 id="progressive-implementation">Progressive Implementation</h3>
<p>Part II is designed for progressive implementation, allowing resistance networks to start with basic secure communications and gradually add more sophisticated capabilities:</p>
<p><strong>Phase 1: Basic Secure Messaging</strong></p>
<ul>
<li>Implement Signal or Session for basic communications</li>
<li>Establish basic operational security procedures</li>
<li>Train participants in secure communication practices</li>
</ul>
<p><strong>Phase 2: Collaboration Infrastructure</strong></p>
<ul>
<li>Deploy self-hosted Matrix server for group communications</li>
<li>Implement CryptPad for document collaboration</li>
<li>Establish file sharing protocols using OnionShare</li>
</ul>
<p><strong>Phase 3: Advanced Architecture</strong></p>
<ul>
<li>Implement full multi-layer communication strategy</li>
<li>Deploy Briar for high-security scenarios</li>
<li>Establish emergency and backup communication channels</li>
</ul>
<p><strong>Phase 4: Operational Integration</strong></p>
<ul>
<li>Integrate communication systems with operational planning</li>
<li>Implement advanced security protocols and procedures</li>
<li>Establish training and support systems for network participants</li>
</ul>
<h3 id="security-considerations">Security Considerations</h3>
<p>Each communication system and protocol covered in Part II includes specific security considerations:</p>
<p><strong>Technical Security:</strong></p>
<ul>
<li>Encryption strength and implementation quality</li>
<li>Metadata protection and anonymity features</li>
<li>Infrastructure security and server hardening</li>
<li>Software updates and vulnerability management</li>
</ul>
<p><strong>Operational Security:</strong></p>
<ul>
<li>User authentication and access control</li>
<li>Communication protocols and procedures</li>
<li>Incident response and compromise recovery</li>
<li>Training and security awareness</li>
</ul>
<p><strong>Strategic Security:</strong></p>
<ul>
<li>Threat model alignment and risk assessment</li>
<li>Backup and redundancy planning</li>
<li>Legal considerations and jurisdiction issues</li>
<li>Long-term sustainability and maintenance</li>
</ul>
<div class="warning-box">
<div class="warning-title">Communication Discipline</div>
<p>The most sophisticated communication systems are worthless without proper operational discipline. All participants must understand and consistently follow communication protocols, security procedures, and operational security practices.</p>
</div>
<h2 id="integration-with-other-parts">Integration with Other Parts</h2>
<p>Part II builds directly on the foundational principles and threat assessment methodologies covered in Part I:</p>
<ul>
<li><strong>Core Security Principles</strong> guide the selection and configuration of communication systems</li>
<li><strong>Threat Assessment</strong> determines appropriate security levels and tool selection</li>
<li><strong>Risk Assessment</strong> informs decisions about acceptable trade-offs between security and usability</li>
<li><strong>OpSec Fundamentals</strong> provide the procedural framework for secure communication operations</li>
</ul>
<p>Part II also provides the foundation for the operational security procedures covered in Part III and the advanced techniques covered in Part IV.</p>
<h2 id="getting-started">Getting Started</h2>
<h3 id="for-technical-implementation">For Technical Implementation</h3>
<ol>
<li><strong>Start with threat assessment</strong> to determine appropriate security levels</li>
<li><strong>Begin with basic tools</strong> (Signal or Session) before implementing complex systems</li>
<li><strong>Test all systems thoroughly</strong> in safe environments before operational use</li>
<li><strong>Implement gradually</strong> with proper training and support for all participants</li>
</ol>
<h3 id="for-operational-planning">For Operational Planning</h3>
<ol>
<li><strong>Map communication requirements</strong> to the four-layer architecture</li>
<li><strong>Develop communication protocols</strong> appropriate to your threat environment</li>
<li><strong>Establish training programs</strong> for all communication tools and procedures</li>
<li><strong>Plan for contingencies</strong> including system compromise and failure scenarios</li>
</ol>
<h3 id="for-network-leadership">For Network Leadership</h3>
<ol>
<li><strong>Assess current communication practices</strong> against security requirements</li>
<li><strong>Develop implementation timeline</strong> for improved communication security</li>
<li><strong>Allocate resources</strong> for infrastructure, training, and ongoing maintenance</li>
<li><strong>Establish governance</strong> for communication system management and security</li>
</ol>
<div class="info-box">
<div class="info-title">Implementation Priority</div>
<p>Focus first on implementing basic secure messaging (Chapter 4) before attempting to deploy complex multi-layer architectures. Solid implementation of fundamental tools is more valuable than poorly implemented advanced systems.</p>
</div>
<hr />
<p><strong>Ready to begin?</strong> Start with <a href="/chapters/chapter-3/">Chapter 3: Communication Layer Architecture →</a></p>
<nav class="section-nav">
<a href="/chapters/chapter-2/" class="nav-link">
<span class="arrow"></span>
<span>Chapter 2: Threat Assessment</span>
</a>
<a href="/chapters/chapter-3/" class="nav-link">
<span>Chapter 3: Communication Architecture</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/preface/index.html
+328
View File
@@ -0,0 +1,328 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Preface - Field Manual for Resistance Operations</title>
<meta name="description" content="Purpose, scope, and guidance for using the Field Manual for Resistance Operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" class="active">Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Network Resilience</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Quick Reference</a></li>
<li><a href="/appendices/tools/" >Tool Guides</a></li>
<li><a href="/appendices/resources/" >External Resources</a></li>
<li><a href="/appendices/glossary/" >Glossary</a></li>
</ul>
</div>
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="preface">Preface</h1>
<h2 id="purpose">Purpose</h2>
<p>This Field Manual (FM-R1) provides comprehensive guidance for establishing and maintaining secure communication networks within decentralized resistance movements. It is specifically designed for individuals and groups operating under the threat of an authoritarian regime with advanced surveillance capabilities.</p>
<p>The manual synthesizes proven operational security practices, modern cryptographic tools, and time-tested resistance strategies into a coherent framework that can be implemented by newcomers to resistance operations while remaining valuable to experienced practitioners.</p>
<h2 id="scope">Scope</h2>
<p>This manual covers:</p>
<ul>
<li><strong>Core security principles</strong> fundamental to all resistance operations</li>
<li><strong>Threat assessment methodologies</strong> for understanding your operational environment</li>
<li><strong>Multi-layer communication architectures</strong> for different security requirements</li>
<li><strong>Specific tool configurations</strong> for secure messaging, file sharing, and collaboration</li>
<li><strong>Operational security procedures</strong> for maintaining security discipline</li>
<li><strong>Advanced techniques</strong> for network resilience and counter-intelligence</li>
</ul>
<p>This manual does <strong>not</strong> cover:</p>
<ul>
<li>Specific tactical operations or direct action planning</li>
<li>Legal advice or guidance on laws in specific jurisdictions</li>
<li>Physical security beyond basic operational security measures</li>
<li>Weapons, explosives, or other kinetic capabilities</li>
</ul>
<h2 id="target-audience">Target Audience</h2>
<h3 id="primary-audience">Primary Audience</h3>
<ul>
<li><strong>Newcomers to resistance operations</strong> who need foundational knowledge</li>
<li><strong>Cell leaders and coordinators</strong> responsible for communication security</li>
<li><strong>Technical personnel</strong> implementing secure infrastructure</li>
<li><strong>Training coordinators</strong> developing security education programs</li>
</ul>
<h3 id="secondary-audience">Secondary Audience</h3>
<ul>
<li><strong>Experienced activists</strong> seeking to improve their security practices</li>
<li><strong>Journalists and researchers</strong> working in high-risk environments</li>
<li><strong>Civil liberties organizations</strong> operating under surveillance</li>
<li><strong>International solidarity groups</strong> supporting resistance movements</li>
</ul>
<h2 id="how-to-use-this-manual">How to Use This Manual</h2>
<h3 id="for-newcomers">For Newcomers</h3>
<ol>
<li><strong>Start with the fundamentals</strong>: Read the Introduction and Part I completely before proceeding</li>
<li><strong>Follow the progressive structure</strong>: Each chapter builds upon previous knowledge</li>
<li><strong>Practice in safe environments</strong>: Test tools and procedures before operational use</li>
<li><strong>Seek mentorship</strong>: Connect with experienced practitioners through secure channels</li>
<li><strong>Start simple</strong>: Implement basic security measures before advancing to complex systems</li>
</ol>
<h3 id="for-experienced-practitioners">For Experienced Practitioners</h3>
<ul>
<li>Use as a <strong>reference guide</strong> for specific tools and procedures</li>
<li><strong>Adapt recommendations</strong> to your specific threat environment</li>
<li><strong>Contribute improvements</strong> through secure feedback channels</li>
<li><strong>Train others</strong> using this manual as a curriculum foundation</li>
</ul>
<h3 id="for-technical-implementation">For Technical Implementation</h3>
<ul>
<li>Follow <strong>configuration guides</strong> in the appendices exactly</li>
<li><strong>Test all systems</strong> thoroughly before deployment</li>
<li><strong>Maintain operational security</strong> during setup and maintenance</li>
<li><strong>Document customizations</strong> securely for future reference</li>
</ul>
<h2 id="security-considerations-for-this-manual">Security Considerations for This Manual</h2>
<div class="warning-box">
<div class="warning-title">Operational Security Warning</div>
<p>Accessing, storing, or distributing this manual may be considered suspicious activity by hostile authorities. Take appropriate precautions:</p>
<ul>
<li>Access only through Tails OS, Tor Browser, or similar anonymizing tools</li>
<li>Do not store on personal devices connected to your real identity</li>
<li>Share only through secure channels with trusted individuals</li>
<li>Consider the legal implications in your jurisdiction</li>
</ul>
</div>
<h3 id="recommended-access-methods">Recommended Access Methods</h3>
<ol>
<li><strong>Tails OS</strong> - Boot from USB for maximum anonymity</li>
<li><strong>Tor Browser</strong> - Use on a dedicated, clean device</li>
<li><strong>Public Wi-Fi</strong> - Access from locations unconnected to your identity</li>
<li><strong>Printed copies</strong> - For offline reference, dispose of securely when no longer needed</li>
</ol>
<h3 id="distribution-guidelines">Distribution Guidelines</h3>
<ul>
<li>Share only with individuals who have demonstrated commitment to resistance operations</li>
<li>Use secure communication channels (Signal, Briar, OnionShare) for distribution</li>
<li>Verify recipient identity through trusted intermediaries</li>
<li>Consider compartmentalization - not everyone needs access to all sections</li>
</ul>
<h2 id="acknowledgments">Acknowledgments</h2>
<p>This manual builds upon decades of resistance experience and the work of countless individuals who have risked their freedom and lives for justice. Special recognition goes to:</p>
<ul>
<li><strong>Historical resistance movements</strong> whose strategies inform our approach</li>
<li><strong>Digital rights organizations</strong> developing the tools we depend on</li>
<li><strong>Security researchers</strong> who identify vulnerabilities and develop countermeasures</li>
<li><strong>Current practitioners</strong> who provide feedback and real-world testing</li>
</ul>
<h2 id="feedback-and-updates">Feedback and Updates</h2>
<p>This manual is a living document that must evolve with changing threats and technologies. Feedback is essential for maintaining its effectiveness and accuracy.</p>
<h3 id="secure-feedback-channels">Secure Feedback Channels</h3>
<ul>
<li><strong>Matrix</strong>: Contact @sparticus:weresist.is through Element</li>
<li><strong>OnionShare</strong>: Check resist.is for current feedback drop locations</li>
<li><strong>Dead drops</strong>: Physical and digital locations announced through secure channels</li>
</ul>
<h3 id="update-distribution">Update Distribution</h3>
<ul>
<li><strong>Primary source</strong>: git.hacker.supply/Department_of_Internautics/field_guide</li>
<li><strong>Mirror sites</strong>: Announced through resistance networks</li>
<li><strong>Version control</strong>: Each update includes detailed changelog and verification signatures</li>
</ul>
<h2 id="legal-disclaimer">Legal Disclaimer</h2>
<p>This manual is provided for educational purposes only. The authors and distributors:</p>
<ul>
<li>Do not advocate for illegal activities in any jurisdiction</li>
<li>Cannot be held responsible for how this information is used</li>
<li>Recommend consulting legal counsel familiar with your local laws</li>
<li>Emphasize that resistance activities carry inherent legal and physical risks</li>
</ul>
<p>Users are solely responsible for understanding and complying with applicable laws in their jurisdiction and for assessing the risks of their activities.</p>
<hr />
<div class="info-box">
<div class="info-title">Getting Started</div>
<p>Ready to begin? Proceed to the <strong>Introduction</strong> to understand the threat landscape and fundamental security concepts that underpin all resistance operations.</p>
</div>
<p><strong>Next:</strong> <a href="/introduction/">Introduction →</a></p>
<nav class="section-nav">
<div></div>
<a href="/introduction/" class="nav-link">
<span>Introduction</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/robots.txt
+1
View File
@@ -0,0 +1 @@
Sitemap: https://guide.resist.is/sitemap.xml
_site/sitemap.xml
+40
View File
@@ -0,0 +1,40 @@
<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd" xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://guide.resist.is/chapters/chapter-1/</loc>
<lastmod>2025-08-28T19:48:01-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-2/</loc>
<lastmod>2025-08-28T19:48:01-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-3/</loc>
<lastmod>2025-08-28T19:48:01-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-4/</loc>
<lastmod>2025-08-28T19:48:01-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-5/</loc>
<lastmod>2025-08-28T19:48:01-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/parts/part-1/</loc>
<lastmod>2025-08-28T19:48:01-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/parts/part-2/</loc>
<lastmod>2025-08-28T19:48:01-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/</loc>
</url>
<url>
<loc>https://guide.resist.is/introduction/</loc>
</url>
<url>
<loc>https://guide.resist.is/preface/</loc>
</url>
</urlset>