Department_of_Internautics/field_guide
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Department_of_Internautics/field_guide:d28218de89252f2f1145e6ca031ac4715e853925
Branches Tags
Department_of_Internautics/field_guide:main
..
compare: Department_of_Internautics/field_guide:main
Branches Tags
Department_of_Internautics/field_guide:main

17 Commits
d28218de89 .. main

Author SHA1 Message Date
sparticus 9f5a876fc5 Merge pull request 'remove tracking' (#8) from track-remove into main 
Reviewed-on: #8
 2025-09-30 01:31:32 +00:00
sparticus 6f259ac336 remove tracking 2025-09-29 21:27:58 -04:00
sparticus 2c9bbc699e Merge pull request 'adding headers' (#7) from headers into main 
Reviewed-on: #7
 2025-09-01 06:30:50 +00:00
sparticus 144ade04d7 adding headers 2025-09-01 02:23:51 -04:00
sparticus 064c83e18b Merge pull request 'Some wording' (#6) from reconcile into main 
Reviewed-on: #6
 2025-08-29 20:27:22 +00:00
sparticus e09a215113 Some wording 2025-08-29 16:26:03 -04:00
sparticus 373b8d6db6 Merge pull request 'Fixing navigation' (#5) from reconcile into main 
Reviewed-on: #5
 2025-08-29 19:10:18 +00:00
sparticus fe173b196d Fixing navigation 2025-08-29 15:01:59 -04:00
sparticus 16472e09df Merge pull request 'Jekyll build' (#4) from part4 into main 
Reviewed-on: #4
 2025-08-29 17:23:45 +00:00
sparticus 55bf439dcc Jekyll build 2025-08-29 13:22:32 -04:00
sparticus 078636b306 Merge pull request 'Adding Part 4 draft' (#3) from part4 into main 
Reviewed-on: #3
 2025-08-29 17:20:43 +00:00
sparticus 3fb8d6e9eb Adding Part 4 draft 2025-08-29 13:18:53 -04:00
sparticus d8573f5fb6 Merge pull request 'part3' (#2) from part3 into main 
Reviewed-on: #2
 2025-08-29 16:25:50 +00:00
sparticus c897797227 Part 3 2025-08-29 12:17:48 -04:00
sparticus 7fe6cf5381 Section 3 added 2025-08-29 10:49:48 -04:00
sparticus afb6a875ad Merge pull request 'draft of field manua' (#1) from second_draft into main 
Reviewed-on: #1
 2025-08-29 11:10:54 +00:00
sparticus 4a6b9f922f draft of field manua 2025-08-29 06:58:56 -04:00
60 changed files with 41519 additions and 0 deletions
Expand all files Collapse all files
Gemfile
+24
View File
@@ -0,0 +1,24 @@
source "https://rubygems.org"
gem "jekyll", "~> 4.4"
gem "minima", "~> 2.5"
group :jekyll_plugins do
gem "jekyll-feed", "~> 0.12"
gem "jekyll-sitemap"
end
# Windows and JRuby does not include zoneinfo files, so bundle the tzinfo-data gem
# and associated library.
platforms :mingw, :x64_mingw, :mswin, :jruby do
gem "tzinfo", ">= 1", "< 3"
gem "tzinfo-data"
end
# Performance-booster for watching directories on Windows
gem "wdm", "~> 0.1.1", :platforms => [:mingw, :x64_mingw, :mswin]
# Lock `http_parser.rb` gem to `v0.6.x` on JRuby builds since newer versions of the gem
# do not have a Java counterpart.
gem "http_parser.rb", "~> 0.6.0", :platforms => [:jruby]
Gemfile.lock
+107
View File
@@ -0,0 +1,107 @@
GEM
remote: https://rubygems.org/
specs:
addressable (2.8.7)
public_suffix (>= 2.0.2, < 7.0)
base64 (0.3.0)
colorator (1.1.0)
concurrent-ruby (1.3.5)
csv (3.3.5)
em-websocket (0.5.3)
eventmachine (>= 0.12.9)
http_parser.rb (~> 0)
eventmachine (1.2.7)
ffi (1.17.2)
ffi (1.17.2-arm64-darwin)
ffi (1.17.2-x86_64-darwin)
forwardable-extended (2.6.0)
google-protobuf (3.25.8)
google-protobuf (3.25.8-arm64-darwin)
google-protobuf (3.25.8-x86_64-darwin)
google-protobuf (3.25.8-x86_64-linux)
http_parser.rb (0.8.0)
i18n (1.14.7)
concurrent-ruby (~> 1.0)
jekyll (4.4.1)
addressable (~> 2.4)
base64 (~> 0.2)
colorator (~> 1.0)
csv (~> 3.0)
em-websocket (~> 0.5)
i18n (~> 1.0)
jekyll-sass-converter (>= 2.0, < 4.0)
jekyll-watch (~> 2.0)
json (~> 2.6)
kramdown (~> 2.3, >= 2.3.1)
kramdown-parser-gfm (~> 1.0)
liquid (~> 4.0)
mercenary (~> 0.3, >= 0.3.6)
pathutil (~> 0.9)
rouge (>= 3.0, < 5.0)
safe_yaml (~> 1.0)
terminal-table (>= 1.8, < 4.0)
webrick (~> 1.7)
jekyll-feed (0.17.0)
jekyll (>= 3.7, < 5.0)
jekyll-sass-converter (3.0.0)
sass-embedded (~> 1.54)
jekyll-seo-tag (2.8.0)
jekyll (>= 3.8, < 5.0)
jekyll-sitemap (1.4.0)
jekyll (>= 3.7, < 5.0)
jekyll-watch (2.2.1)
listen (~> 3.0)
json (2.13.2)
kramdown (2.5.1)
rexml (>= 3.3.9)
kramdown-parser-gfm (1.1.0)
kramdown (~> 2.0)
liquid (4.0.4)
listen (3.9.0)
rb-fsevent (~> 0.10, >= 0.10.3)
rb-inotify (~> 0.9, >= 0.9.10)
mercenary (0.4.0)
minima (2.5.2)
jekyll (>= 3.5, < 5.0)
jekyll-feed (~> 0.9)
jekyll-seo-tag (~> 2.1)
pathutil (0.16.2)
forwardable-extended (~> 2.6)
public_suffix (6.0.2)
rake (13.3.0)
rb-fsevent (0.11.2)
rb-inotify (0.11.1)
ffi (~> 1.0)
rexml (3.4.2)
rouge (4.6.0)
safe_yaml (1.0.5)
sass-embedded (1.69.5)
google-protobuf (~> 3.23)
rake (>= 13.0.0)
sass-embedded (1.69.5-arm64-darwin)
google-protobuf (~> 3.23)
sass-embedded (1.69.5-x86_64-darwin)
google-protobuf (~> 3.23)
terminal-table (3.0.2)
unicode-display_width (>= 1.1.1, < 3)
unicode-display_width (2.6.0)
webrick (1.9.1)
PLATFORMS
arm64-darwin
ruby
x86_64-darwin
x86_64-linux
DEPENDENCIES
http_parser.rb (~> 0.6.0)
jekyll (~> 4.4)
jekyll-feed (~> 0.12)
jekyll-sitemap
minima (~> 2.5)
tzinfo (>= 1, < 3)
tzinfo-data
wdm (~> 0.1.1)
BUNDLED WITH
2.5.23
_appendices/appendices.md
+180
View File
@@ -0,0 +1,180 @@
---
layout: default
title: "Appendices"
description: "Reference materials, tools, legal guidance, and emergency procedures"
prev_page:
title: "Chapter 10: Counter-Intelligence"
url: "/chapters/chapter-10/"
next_page:
title: "Appendix A: Essential Tools"
url: "/appendices/appendix-a/"
---
# Appendices
## Overview
The appendices provide essential reference materials, tools, legal guidance, and emergency procedures to support resistance operations. These resources complement the main field manual content with practical tools, comprehensive references, and critical support information.
**Appendices included:**
- **Appendix A**: Essential Tools and Resources
- **Appendix B**: Legal Considerations and Rights
- **Appendix C**: Emergency Procedures and Crisis Response
- **Appendix D**: Glossary and References
---
## Appendix Contents
### [Appendix A: Essential Tools and Resources](/appendices/appendix-a/)
Comprehensive directory of security tools, hardware recommendations, and operational resources essential for resistance operations.
**Contents include:**
- **Digital Security Tools**: 50+ vetted applications for encryption, communication, and privacy
- **Hardware Recommendations**: Secure devices, networking equipment, and operational hardware
- **Operational Resources**: Legal support organizations, emergency contacts, and support networks
- **Security Checklists**: Step-by-step procedures for common security operations
**Key tool categories:**
- Communication and messaging platforms
- File sharing and collaboration tools
- Privacy and anonymity software
- Network security and monitoring tools
- Digital forensics and investigation tools
- Hardware security and protection devices
---
### [Appendix B: Legal Considerations and Rights](/appendices/appendix-b/)
Comprehensive legal framework covering constitutional rights, common charges, legal procedures, and support resources for resistance activities.
**Contents include:**
- **Constitutional Rights**: First, Fourth, Fifth, and Sixth Amendment protections
- **Common Legal Charges**: Protest-related, technology-related, and federal charges with typical penalties
- **Legal Rights During Encounters**: Police encounters, arrests, searches, and detention procedures
- **Legal Support Resources**: Organizations, attorneys, bail funds, and emergency legal assistance
**Key legal areas:**
- Know your rights during police encounters
- Arrest and detention procedures and rights
- Legal support organizations and resources
- International legal considerations
- Post-arrest procedures and long-term strategy
---
### [Appendix C: Emergency Procedures and Crisis Response](/appendices/appendix-c/)
Comprehensive emergency response procedures and crisis management protocols for various emergency scenarios affecting resistance operations.
**Contents include:**
- **Emergency Response Framework**: Threat classification system and response activation procedures
- **Surveillance and Compromise Response**: Detection procedures and network security protocols
- **Arrest and Detention Response**: Pre-arrest preparation, during-arrest procedures, and post-release protocols
- **Communication System Failures**: Backup systems and alternative communication methods
**Key emergency scenarios:**
- Surveillance detection and compromise response
- Arrest and detention emergency procedures
- Communication system failures and alternatives
- Medical emergencies during operations
- Natural disasters and infrastructure failures
- Network penetration and security breaches
---
### [Appendix D: Glossary and References](/appendices/appendix-d/)
Comprehensive glossary of technical terms and extensive reference materials for continued learning and operational support.
**Contents include:**
- **Comprehensive Glossary**: 100+ technical and operational terms with clear definitions
- **Essential References**: Books, guides, and resources for security, privacy, and resistance operations
- **Organizations and Networks**: Digital rights, legal support, and security organizations
- **Additional Reading**: Academic journals, research publications, and specialized resources
**Key reference categories:**
- Security and privacy guides and resources
- Legal support organizations and resources
- Technical security tools and documentation
- Historical resistance and intelligence references
- Academic and research publications
- Training and education resources
---
## Using the Appendices
### Quick Reference Guide
**For immediate operational needs:**
1. **Security Tools**: Appendix A for software and hardware recommendations
2. **Legal Emergency**: Appendix B for rights and legal support contacts
3. **Crisis Response**: Appendix C for emergency procedures and protocols
4. **Term Definitions**: Appendix D for glossary and technical definitions
### Comprehensive Study
**For thorough preparation:**
1. **Study all appendices** systematically before engaging in resistance activities
2. **Practice emergency procedures** from Appendix C regularly
3. **Establish relationships** with legal and support organizations from Appendices A and B
4. **Continue learning** using resources from Appendix D
### Operational Integration
**For ongoing operations:**
- **Reference tools and procedures** from appendices during operation planning
- **Maintain emergency contacts** and procedures from Appendices B and C
- **Update tools and techniques** based on new resources from Appendix D
- **Share knowledge** from appendices with trusted network members
---
## Security Considerations for Appendices
### Information Security
**Protecting appendix information:**
- **Secure storage** of appendix materials and references
- **Compartmentalized access** to sensitive tools and procedures
- **Regular updates** of tools, contacts, and procedures
- **Operational security** when accessing and using appendix resources
### Practical Application
**Safe use of appendix resources:**
- **Verify tool authenticity** before downloading and using security software
- **Test procedures** in safe environments before operational use
- **Maintain current information** for legal contacts and emergency procedures
- **Practice emergency procedures** regularly to ensure effectiveness
### Continuous Improvement
**Keeping appendices current:**
- **Regular review** and update of all appendix materials
- **Community feedback** and improvement suggestions
- **New tool evaluation** and integration into recommendations
- **Lessons learned** integration from operational experience
---
<div class="info-box">
<div class="info-title">Appendix Importance</div>
<p>The appendices provide critical support information that complements the main field manual content. Regular study and practice with appendix materials significantly improves operational security and effectiveness.</p>
</div>
<div class="success-box">
<div class="success-title">Comprehensive Reference</div>
<p>These appendices represent years of collective knowledge and experience in resistance operations. They provide both immediate operational support and long-term learning resources for developing advanced capabilities.</p>
</div>
---
**Navigation:**
- **Next**: [Appendix A: Essential Tools and Resources](/appendices/appendix-a/)
- **Previous**: [Chapter 10: Counter-Intelligence and Security Operations](/chapters/chapter-10/)
- **Home**: [Field Manual FM-R1 Main Index](/)
_appendices/appendix-a.md
+419
View File
@@ -0,0 +1,419 @@
---
layout: default
title: "Appendix A: Essential Tools and Resources"
description: "Comprehensive directory of tools, software, and resources for resistance operations"
appendix: "A"
prev_page:
title: "Chapter 12: Direct Action Planning"
url: "/chapters/chapter-12/"
next_page:
title: "Appendix B: Legal Considerations"
url: "/appendices/appendix-b/"
---
# Appendix A: Essential Tools and Resources
## Overview
This appendix provides a comprehensive directory of essential tools, software, hardware, and resources for resistance operations. All recommendations prioritize security, reliability, and operational effectiveness while considering accessibility and cost constraints.
---
## A.1 Secure Communication Tools
### Messaging Applications
#### Signal Private Messenger
- **Purpose**: End-to-end encrypted messaging and voice calls
- **Security Features**: Perfect forward secrecy, disappearing messages, sealed sender
- **Platform Support**: iOS, Android, Desktop (Windows, macOS, Linux)
- **Website**: [signal.org](https://signal.org)
- **Operational Notes**: Industry standard for secure messaging, regularly audited
- **Setup Guide**: Enable disappearing messages, verify safety numbers, use registration lock
#### Session Messenger
- **Purpose**: Decentralized encrypted messaging without phone numbers
- **Security Features**: Onion routing, no metadata collection, anonymous accounts
- **Platform Support**: iOS, Android, Desktop (Windows, macOS, Linux)
- **Website**: [getsession.org](https://getsession.org)
- **Operational Notes**: No phone number required, routes through Tor-like network
- **Setup Guide**: Generate Session ID, configure privacy settings, use disappearing messages
#### Briar Messenger
- **Purpose**: Peer-to-peer encrypted messaging without servers
- **Security Features**: Direct device-to-device communication, no central servers
- **Platform Support**: Android (primary), desktop versions in development
- **Website**: [briarproject.org](https://briarproject.org)
- **Operational Notes**: Works without internet via Bluetooth/WiFi, perfect for protests
- **Setup Guide**: Add contacts via QR codes, configure transport settings
### Voice Communication
#### Jami (GNU Ring)
- **Purpose**: Distributed voice and video calling
- **Security Features**: End-to-end encryption, no central servers, peer-to-peer
- **Platform Support**: All major platforms
- **Website**: [jami.net](https://jami.net)
- **Operational Notes**: No account registration required, works over Tor
- **Setup Guide**: Generate account locally, share Jami ID securely
#### Mumble
- **Purpose**: Low-latency voice chat for groups
- **Security Features**: Strong encryption, self-hosted servers possible
- **Platform Support**: All major platforms
- **Website**: [mumble.info](https://mumble.info)
- **Operational Notes**: Excellent for real-time coordination, can run over Tor
- **Setup Guide**: Connect to trusted servers, configure push-to-talk
### Email Security
#### ProtonMail
- **Purpose**: End-to-end encrypted email service
- **Security Features**: Zero-access encryption, Swiss privacy laws, Tor support
- **Platform Support**: Web, iOS, Android, desktop bridge
- **Website**: [protonmail.com](https://protonmail.com)
- **Operational Notes**: Free tier available, supports custom domains
- **Setup Guide**: Enable two-factor authentication, use Tor browser for access
#### Tutanota
- **Purpose**: Encrypted email with calendar and contacts
- **Security Features**: End-to-end encryption, anonymous signup, open source
- **Platform Support**: Web, iOS, Android, desktop
- **Website**: [tutanota.com](https://tutanota.com)
- **Operational Notes**: Quantum-resistant encryption, German privacy laws
- **Setup Guide**: Create account over Tor, enable two-factor authentication
---
## A.2 Privacy and Anonymity Tools
### Web Browsers
#### Tor Browser
- **Purpose**: Anonymous web browsing and access to .onion sites
- **Security Features**: Onion routing, traffic encryption, fingerprint resistance
- **Platform Support**: Windows, macOS, Linux, Android
- **Website**: [torproject.org](https://torproject.org)
- **Operational Notes**: Essential for anonymous research and communication
- **Setup Guide**: Download from official site, configure security level, use bridges if needed
#### Firefox with Privacy Extensions
- **Purpose**: Privacy-hardened web browsing
- **Security Features**: Tracking protection, fingerprint resistance, extension support
- **Platform Support**: All major platforms
- **Website**: [firefox.com](https://firefox.com)
- **Operational Notes**: Highly customizable, good balance of security and usability
- **Setup Guide**: Install uBlock Origin, NoScript, ClearURLs, configure about:config
### VPN Services
#### Mullvad VPN
- **Purpose**: Anonymous VPN service with strong privacy protections
- **Security Features**: No logging, anonymous accounts, WireGuard support
- **Platform Support**: All major platforms
- **Website**: [mullvad.net](https://mullvad.net)
- **Operational Notes**: Pay with cryptocurrency, no personal information required
- **Setup Guide**: Create anonymous account, configure kill switch, use WireGuard
#### IVPN
- **Purpose**: Privacy-focused VPN with transparency reports
- **Security Features**: No logging, anonymous accounts, multi-hop connections
- **Platform Support**: All major platforms
- **Website**: [ivpn.net](https://ivpn.net)
- **Operational Notes**: Regular security audits, supports Tor over VPN
- **Setup Guide**: Anonymous signup, enable firewall, configure multi-hop
### Operating Systems
#### Tails (The Amnesic Incognito Live System)
- **Purpose**: Amnesic operating system for maximum privacy
- **Security Features**: Routes through Tor, leaves no traces, cryptographic tools included
- **Platform Support**: Live USB/DVD for any computer
- **Website**: [tails.boum.org](https://tails.boum.org)
- **Operational Notes**: Essential for high-security operations, resets after each use
- **Setup Guide**: Create persistent storage, verify downloads, configure additional software
#### Qubes OS
- **Purpose**: Security through isolation using virtual machines
- **Security Features**: Compartmentalized computing, Xen hypervisor, template system
- **Platform Support**: x86_64 computers with VT-x/AMD-V
- **Website**: [qubes-os.org](https://qubes-os.org)
- **Operational Notes**: Steep learning curve but excellent security model
- **Setup Guide**: Hardware compatibility check, create security domains, configure templates
---
## A.3 File Security and Storage
### Encryption Tools
#### VeraCrypt
- **Purpose**: Full disk and file container encryption
- **Security Features**: Strong encryption algorithms, hidden volumes, plausible deniability
- **Platform Support**: Windows, macOS, Linux
- **Website**: [veracrypt.fr](https://veracrypt.fr)
- **Operational Notes**: Successor to TrueCrypt, regularly updated
- **Setup Guide**: Create encrypted containers, use hidden volumes for sensitive data
#### 7-Zip with Strong Encryption
- **Purpose**: File compression and encryption
- **Security Features**: AES-256 encryption, open source, command line support
- **Platform Support**: Windows, Linux (p7zip), macOS (via Homebrew)
- **Website**: [7-zip.org](https://7-zip.org)
- **Operational Notes**: Simple encryption for individual files and archives
- **Setup Guide**: Use strong passwords, enable AES-256 encryption
### Secure File Sharing
#### OnionShare
- **Purpose**: Anonymous file sharing over Tor network
- **Security Features**: Tor hidden services, no third-party servers, automatic deletion
- **Platform Support**: Windows, macOS, Linux
- **Website**: [onionshare.org](https://onionshare.org)
- **Operational Notes**: Perfect for one-time secure file transfers
- **Setup Guide**: Configure Tor connection, set auto-stop timer, share .onion links securely
#### SecureDrop
- **Purpose**: Anonymous document submission system
- **Security Features**: Tor-based, air-gapped servers, journalist verification
- **Platform Support**: Web-based (Tor Browser required)
- **Website**: [securedrop.org](https://securedrop.org)
- **Operational Notes**: Used by major news organizations for whistleblowing
- **Setup Guide**: Access via Tor Browser, follow submission guidelines
### Cloud Storage Security
#### Cryptomator
- **Purpose**: Client-side encryption for cloud storage
- **Security Features**: Transparent encryption, filename obfuscation, open source
- **Platform Support**: Windows, macOS, Linux, iOS, Android
- **Website**: [cryptomator.org](https://cryptomator.org)
- **Operational Notes**: Works with any cloud provider, zero-knowledge encryption
- **Setup Guide**: Create vault, configure cloud sync, use strong vault passwords
---
## A.4 Digital Security Tools
### Password Management
#### Bitwarden
- **Purpose**: Open source password manager
- **Security Features**: End-to-end encryption, self-hosting option, security audits
- **Platform Support**: All major platforms, browser extensions
- **Website**: [bitwarden.com](https://bitwarden.com)
- **Operational Notes**: Free tier available, can be self-hosted
- **Setup Guide**: Enable two-factor authentication, use strong master password, organize with folders
#### KeePassXC
- **Purpose**: Offline password manager
- **Security Features**: Local database, strong encryption, no cloud dependency
- **Platform Support**: Windows, macOS, Linux
- **Website**: [keepassxc.org](https://keepassxc.org)
- **Operational Notes**: Completely offline, database can be synced manually
- **Setup Guide**: Create strong database password, configure auto-type, backup database
### Two-Factor Authentication
#### Aegis Authenticator (Android)
- **Purpose**: Open source TOTP authenticator
- **Security Features**: Encrypted vault, biometric unlock, backup/restore
- **Platform Support**: Android
- **Website**: [getaegis.app](https://getaegis.app)
- **Operational Notes**: No cloud dependency, encrypted local storage
- **Setup Guide**: Set vault password, backup vault file, import existing accounts
#### Tofu (iOS)
- **Purpose**: Simple TOTP authenticator for iOS
- **Security Features**: Local storage, no cloud sync, open source
- **Platform Support**: iOS
- **Website**: Available on App Store
- **Operational Notes**: Minimal, focused on security and privacy
- **Setup Guide**: Add accounts via QR code, enable Face/Touch ID
### System Security
#### ClamAV
- **Purpose**: Open source antivirus engine
- **Security Features**: Regular signature updates, command line interface, cross-platform
- **Platform Support**: Linux, Windows, macOS
- **Website**: [clamav.net](https://clamav.net)
- **Operational Notes**: Lightweight, good for server environments
- **Setup Guide**: Install via package manager, configure automatic updates
#### Lynis
- **Purpose**: Security auditing tool for Unix-based systems
- **Security Features**: Comprehensive system scanning, hardening suggestions
- **Platform Support**: Linux, macOS, Unix variants
- **Website**: [cisofy.com/lynis](https://cisofy.com/lynis)
- **Operational Notes**: Excellent for hardening systems and finding vulnerabilities
- **Setup Guide**: Run security scan, review recommendations, implement hardening
---
## A.5 Research and Investigation Tools
### Open Source Intelligence (OSINT)
#### Maltego
- **Purpose**: Link analysis and data visualization for investigations
- **Security Features**: Local processing, extensive data sources, relationship mapping
- **Platform Support**: Windows, macOS, Linux
- **Website**: [maltego.com](https://maltego.com)
- **Operational Notes**: Community edition available, powerful for network analysis
- **Setup Guide**: Create account, install transforms, configure data sources
#### Shodan
- **Purpose**: Search engine for Internet-connected devices
- **Security Features**: API access, extensive device database, security research
- **Platform Support**: Web-based, API, command line tools
- **Website**: [shodan.io](https://shodan.io)
- **Operational Notes**: Valuable for reconnaissance and security research
- **Setup Guide**: Create account, obtain API key, use filters effectively
#### TheHarvester
- **Purpose**: Information gathering tool for penetration testing
- **Security Features**: Multiple data sources, email/subdomain enumeration
- **Platform Support**: Linux, Python-based
- **Website**: [github.com/laramies/theHarvester](https://github.com/laramies/theHarvester)
- **Operational Notes**: Command line tool, good for initial reconnaissance
- **Setup Guide**: Install via pip, configure API keys, use appropriate data sources
### Social Media Analysis
#### Twint
- **Purpose**: Twitter scraping tool without API limitations
- **Security Features**: No authentication required, extensive filtering options
- **Platform Support**: Python-based, cross-platform
- **Website**: [github.com/twintproject/twint](https://github.com/twintproject/twint)
- **Operational Notes**: Useful for social media intelligence gathering
- **Setup Guide**: Install via pip, configure output formats, use search filters
---
## A.6 Hardware Recommendations
### Secure Computing Hardware
#### Laptops for Security Operations
- **Recommended Models**: ThinkPad X1 Carbon, System76 laptops, Purism Librem series
- **Key Features**: Hardware kill switches, open firmware support, good Linux compatibility
- **Security Considerations**: Disable Intel ME/AMD PSP, use full disk encryption
- **Operational Notes**: Dedicated hardware for sensitive operations recommended
#### Mobile Devices
- **Recommended**: Google Pixel phones (for GrapheneOS), PinePhone (Linux mobile)
- **Key Features**: Unlockable bootloaders, custom ROM support, hardware security features
- **Security Considerations**: Install privacy-focused ROMs, disable unnecessary radios
- **Operational Notes**: Use separate devices for different operational roles
### Networking Hardware
#### Secure Routers
- **Recommended**: Devices supporting OpenWrt, pfSense boxes, GL.iNet travel routers
- **Key Features**: Open source firmware, VPN support, advanced firewall capabilities
- **Security Considerations**: Change default passwords, disable WPS, use strong encryption
- **Operational Notes**: Separate networks for different security levels
#### USB Security Keys
- **Recommended**: YubiKey 5 series, SoloKeys, Nitrokey
- **Key Features**: FIDO2/WebAuthn support, OpenPGP compatibility, hardware security
- **Security Considerations**: Use for two-factor authentication and encryption keys
- **Operational Notes**: Have backup keys stored securely
---
## A.7 Legal and Safety Resources
### Legal Support Organizations
#### Electronic Frontier Foundation (EFF)
- **Purpose**: Digital rights advocacy and legal support
- **Services**: Legal guidance, privacy tools, digital security training
- **Website**: [eff.org](https://eff.org)
- **Resources**: Surveillance Self-Defense guide, legal observer training
#### National Lawyers Guild
- **Purpose**: Legal support for activists and protesters
- **Services**: Legal observers, jail support, know-your-rights training
- **Website**: [nlg.org](https://nlg.org)
- **Resources**: Local chapters, legal hotlines, protest legal support
### Digital Security Training
#### Security Education Companion
- **Purpose**: Digital security curriculum for trainers
- **Content**: Lesson plans, activities, threat modeling guides
- **Website**: [securityeducationcompanion.org](https://securityeducationcompanion.org)
- **Resources**: Trainer guides, participant handouts, assessment tools
#### Level Up
- **Purpose**: Digital security training resources for civil society
- **Content**: Training curricula, facilitation guides, security planning
- **Website**: [level-up.cc](https://level-up.cc)
- **Resources**: Holistic security approach, trauma-informed training
---
## A.8 Emergency Resources
### Crisis Communication
#### Bridgefy
- **Purpose**: Offline messaging via Bluetooth mesh networks
- **Security Features**: End-to-end encryption, no internet required
- **Platform Support**: iOS, Android
- **Use Case**: Communication during internet shutdowns or emergencies
#### Amateur Radio
- **Purpose**: Emergency communication when other systems fail
- **Requirements**: FCC license (in US), appropriate equipment
- **Resources**: ARRL.org for licensing, local clubs for training
- **Operational Notes**: Legal requirement for licensing, but valuable backup communication
### Emergency Contacts
#### Digital Security Helplines
- **Access Now Digital Security Helpline**: [accessnow.org/help](https://accessnow.org/help)
- **Rapid Response Network**: For urgent digital security incidents
- **Local Legal Hotlines**: Research and document local legal support numbers
#### Medical and Safety
- **Street Medic Training**: [riotmedicine.net](https://riotmedicine.net)
- **Protest Safety Resources**: Know your local legal observers and jail support
---
## A.9 Operational Security Checklists
### Pre-Operation Security Checklist
- [ ] Threat model assessment completed
- [ ] Communication security protocols established
- [ ] Equipment security verified and tested
- [ ] Emergency procedures and contacts prepared
- [ ] Legal support and bail fund information available
- [ ] Operational security briefing conducted
- [ ] Counter-surveillance measures planned
- [ ] Information sanitization procedures ready
### Post-Operation Security Checklist
- [ ] Secure communication channels used for debriefing
- [ ] Equipment sanitized and secured
- [ ] Information properly compartmentalized and stored
- [ ] Security incidents documented and analyzed
- [ ] Lessons learned captured and shared appropriately
- [ ] Follow-up security measures implemented
- [ ] Next operation security planning initiated
---
<div class="info-box">
<div class="info-title">Tool Selection Criteria</div>
<p>When selecting tools for resistance operations, prioritize: 1) Open source software with public security audits, 2) Strong encryption and privacy protections, 3) Decentralized architecture when possible, 4) Active development and security updates, 5) Compatibility with operational security requirements.</p>
</div>
<div class="warning-box">
<div class="warning-title">Tool Security Warning</div>
<p>No tool provides perfect security. Always use defense in depth with multiple layers of protection, keep software updated, and regularly reassess your security posture. Tools are only as secure as their implementation and operational security practices.</p>
</div>
_appendices/appendix-b.md
+413
View File
@@ -0,0 +1,413 @@
---
layout: default
title: "Appendix B: Legal Considerations and Rights"
description: "Legal framework, rights, and considerations for resistance activities"
appendix: "B"
prev_page:
title: "Appendix A: Essential Tools"
url: "/appendices/appendix-a/"
next_page:
title: "Appendix C: Emergency Procedures"
url: "/appendices/appendix-c/"
---
# Appendix B: Legal Considerations and Rights
## Overview
This appendix provides essential legal information for resistance activities, including constitutional rights, legal protections, potential charges, and legal support resources. This information is primarily focused on United States law but includes general principles applicable in other jurisdictions.
**⚠️ Legal Disclaimer**: This information is for educational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change frequently. Always consult with qualified legal counsel for specific legal situations.
---
## B.1 Constitutional Rights and Protections
### First Amendment Rights (United States)
#### Freedom of Speech
- **Protected Activities**: Political expression, criticism of government, symbolic speech
- **Limitations**: True threats, incitement to imminent lawless action, fighting words
- **Digital Context**: Online speech generally protected, but platform terms of service may apply
- **Operational Considerations**: Document violations of speech rights, know local protest ordinances
#### Freedom of Assembly
- **Protected Activities**: Peaceful protests, demonstrations, rallies, meetings
- **Permit Requirements**: May be required for large gatherings or use of public spaces
- **Time, Place, Manner Restrictions**: Content-neutral restrictions may be constitutional
- **Private Property**: Property owners may restrict assembly on private land
#### Freedom of Association
- **Protected Activities**: Joining organizations, political parties, advocacy groups
- **Limitations**: Organizations engaged in illegal activities may lose protection
- **Surveillance Concerns**: Government monitoring of associations may violate rights
- **Operational Security**: Balance association rights with operational security needs
#### Right to Petition Government
- **Protected Activities**: Lobbying, filing complaints, requesting information
- **FOIA Rights**: Freedom of Information Act requests for government documents
- **Whistleblower Protections**: Limited protections for government employees
- **Retaliation Protections**: Illegal for government to retaliate for protected petitioning
### Fourth Amendment Rights
#### Protection Against Unreasonable Searches
- **Warrant Requirements**: Generally required for searches of homes, personal effects
- **Exceptions**: Consent, exigent circumstances, plain view, search incident to arrest
- **Digital Devices**: Warrant generally required for cell phone searches
- **Border Searches**: Reduced protections at international borders
#### Electronic Surveillance
- **Wiretapping**: Warrant required for real-time interception of communications
- **Stored Communications**: Different standards for stored vs. real-time communications
- **Metadata**: Less protection for metadata than content of communications
- **Third-Party Doctrine**: Information shared with third parties may lose protection
### Fifth Amendment Rights
#### Right Against Self-Incrimination
- **Miranda Rights**: Right to remain silent during custodial interrogation
- **Testimonial vs. Physical**: Protection applies to testimonial evidence, not physical
- **Password Protection**: Uncertain protection for passwords vs. biometric unlocking
- **Document Production**: May be required to produce documents under subpoena
#### Due Process Rights
- **Procedural Due Process**: Right to fair legal procedures
- **Substantive Due Process**: Protection of fundamental rights from government interference
- **Equal Protection**: Government must treat similarly situated people equally
- **Vagueness Doctrine**: Laws must be clear enough for people to understand
### Sixth Amendment Rights
#### Right to Counsel
- **Criminal Proceedings**: Right to attorney in criminal cases
- **Custodial Interrogation**: Right to have attorney present during questioning
- **Quality of Representation**: Right to effective assistance of counsel
- **Self-Representation**: Right to represent yourself (not recommended)
#### Right to Fair Trial
- **Speedy Trial**: Right to trial without unreasonable delay
- **Public Trial**: Generally right to public proceedings
- **Impartial Jury**: Right to jury free from bias and prejudice
- **Confrontation**: Right to cross-examine witnesses
---
## B.2 Common Legal Charges and Penalties
### Protest-Related Charges
#### Disorderly Conduct
- **Definition**: Behavior that disturbs public peace or order
- **Typical Penalties**: Fines, short jail sentences, community service
- **Defense Strategies**: First Amendment protections, vague statute challenges
- **Operational Notes**: Often used as catch-all charge for protest activities
#### Unlawful Assembly
- **Definition**: Gathering of people for illegal purpose or in illegal manner
- **Typical Penalties**: Misdemeanor charges, fines, possible jail time
- **Defense Strategies**: Challenge basis for unlawful determination
- **Operational Notes**: May be applied to otherwise legal gatherings
#### Trespassing
- **Definition**: Unlawfully entering or remaining on property
- **Typical Penalties**: Fines, possible jail time, civil liability
- **Defense Strategies**: Lack of notice, public forum doctrine, necessity defense
- **Operational Notes**: Know property boundaries and access rights
#### Obstruction of Justice
- **Definition**: Interfering with law enforcement or judicial proceedings
- **Typical Penalties**: Serious misdemeanor or felony charges
- **Defense Strategies**: Lack of intent, First Amendment protections
- **Operational Notes**: Broad statute often used against activists
### Technology-Related Charges
#### Computer Fraud and Abuse Act (CFAA) Violations
- **Definition**: Unauthorized access to computers or exceeding authorized access
- **Typical Penalties**: Significant fines and prison sentences
- **Defense Strategies**: Challenge authorization definitions, proportionality arguments
- **Operational Notes**: Extremely broad statute with severe penalties
#### Wire Fraud
- **Definition**: Using electronic communications to commit fraud
- **Typical Penalties**: Up to 20 years in prison, significant fines
- **Defense Strategies**: Challenge intent element, lack of materiality
- **Operational Notes**: Often used in cases involving online activities
#### Identity Theft
- **Definition**: Unlawfully using another person's identifying information
- **Typical Penalties**: Significant fines and prison sentences
- **Defense Strategies**: Lack of intent, authorized use
- **Operational Notes**: May apply to use of pseudonyms or false information
### Surveillance and Privacy Charges
#### Wiretapping Violations
- **Definition**: Illegally intercepting communications
- **Typical Penalties**: Fines and possible prison time
- **Defense Strategies**: Consent of parties, public place exception
- **Operational Notes**: Laws vary significantly by state
#### Recording Laws
- **Definition**: Illegally recording conversations or activities
- **Typical Penalties**: Varies by jurisdiction, civil and criminal liability
- **Defense Strategies**: One-party consent states, public place recordings
- **Operational Notes**: Know local recording laws before documenting activities
### Federal Charges
#### Domestic Terrorism
- **Definition**: Activities dangerous to human life intended to intimidate or coerce
- **Typical Penalties**: Life imprisonment or death penalty in extreme cases
- **Defense Strategies**: Challenge intent element, First Amendment protections
- **Operational Notes**: Extremely serious charges with severe consequences
#### Seditious Conspiracy
- **Definition**: Conspiracy to overthrow government or oppose its authority by force
- **Typical Penalties**: Up to 20 years in prison
- **Defense Strategies**: Challenge conspiracy elements, First Amendment protections
- **Operational Notes**: Rarely prosecuted but carries severe penalties
#### RICO Violations
- **Definition**: Racketeering activities as part of ongoing criminal enterprise
- **Typical Penalties**: Significant prison sentences and asset forfeiture
- **Defense Strategies**: Challenge enterprise element, pattern of activity
- **Operational Notes**: May be applied to activist organizations
---
## B.3 Legal Rights During Encounters
### Police Encounters
#### Traffic Stops
- **Required Actions**: Provide license, registration, insurance if driving
- **Optional Actions**: Answering questions beyond identification
- **Rights**: Remain silent, refuse consent to search, ask if free to leave
- **Operational Notes**: Document interactions, remain calm and respectful
#### Street Encounters
- **Required Actions**: Generally none unless under arrest
- **Optional Actions**: Providing identification (varies by state)
- **Rights**: Ask if free to leave, remain silent, refuse consent to search
- **Operational Notes**: Know local stop-and-identify laws
#### Protests and Demonstrations
- **Rights**: First Amendment protections, right to observe and record
- **Limitations**: Lawful police orders, permit requirements
- **Operational Notes**: Legal observers, know dispersal procedures
### Arrest Procedures
#### During Arrest
- **Rights**: Remain silent, request attorney, refuse consent to search
- **Required Actions**: Comply with physical arrest, provide identification
- **Prohibited Actions**: Resisting arrest, providing false information
- **Operational Notes**: Document badge numbers, witness information
#### Custodial Interrogation
- **Rights**: Miranda warnings, right to attorney, right to remain silent
- **Strategies**: Invoke rights clearly, do not waive rights
- **Operational Notes**: Anything said can be used against you
#### Booking and Processing
- **Required Actions**: Fingerprinting, photographing, basic information
- **Optional Actions**: Answering investigative questions
- **Rights**: Medical attention, phone calls, attorney contact
- **Operational Notes**: Know jail support procedures
### Search and Seizure Rights
#### Home Searches
- **Warrant Requirements**: Generally required unless exigent circumstances
- **Consent**: Can refuse consent to search
- **Scope**: Search limited to areas specified in warrant
- **Operational Notes**: Request to see warrant, document search
#### Vehicle Searches
- **Probable Cause**: Required for search without consent
- **Consent**: Can refuse consent to search
- **Inventory Searches**: May occur during impoundment
- **Operational Notes**: Keep vehicles clean of sensitive materials
#### Digital Device Searches
- **Warrant Requirements**: Generally required for cell phone searches
- **Border Exceptions**: Reduced protections at international borders
- **Consent**: Can refuse consent to unlock devices
- **Operational Notes**: Use strong passwords, consider device encryption
---
## B.4 Legal Support and Resources
### Finding Legal Representation
#### Criminal Defense Attorneys
- **Specializations**: Look for attorneys experienced in protest law, civil rights
- **Consultation**: Many offer free initial consultations
- **Payment**: Public defenders available for indigent defendants
- **Operational Notes**: Establish attorney relationships before needed
#### Civil Rights Organizations
- **ACLU**: American Civil Liberties Union - [aclu.org](https://aclu.org)
- **EFF**: Electronic Frontier Foundation - [eff.org](https://eff.org)
- **National Lawyers Guild**: [nlg.org](https://nlg.org)
- **Center for Constitutional Rights**: [ccrjustice.org](https://ccrjustice.org)
#### Legal Observers
- **Training**: Many organizations provide legal observer training
- **Role**: Document police behavior, provide witness testimony
- **Rights**: Generally same as other protesters, special press protections may apply
- **Operational Notes**: Wear identifying clothing, maintain neutrality
### Bail and Jail Support
#### Bail Funds
- **Purpose**: Provide bail money for arrested activists
- **Local Funds**: Research local bail funds before actions
- **National Funds**: Some organizations provide national support
- **Operational Notes**: Know contact information, have emergency contacts
#### Jail Support
- **Purpose**: Provide support for people being released from jail
- **Services**: Transportation, food, emotional support, legal information
- **Organization**: Usually coordinated by local activist groups
- **Operational Notes**: Establish jail support before actions
### Know Your Rights Training
#### Legal Clinics
- **Content**: Rights during police encounters, protest law, digital security
- **Providers**: Legal organizations, activist groups, law schools
- **Format**: Workshops, online resources, printed materials
- **Operational Notes**: Regular training updates as laws change
#### Digital Security Training
- **Content**: Privacy rights, surveillance law, device security
- **Providers**: EFF, digital rights organizations, security trainers
- **Resources**: Surveillance Self-Defense guide, Security Education Companion
- **Operational Notes**: Integrate legal and technical security training
---
## B.5 International Considerations
### Cross-Border Activities
#### Jurisdiction Issues
- **Multiple Laws**: Activities may be subject to laws of multiple countries
- **Extradition**: Possibility of extradition for serious crimes
- **Diplomatic Immunity**: Limited protections for most activists
- **Operational Notes**: Research laws in all relevant jurisdictions
#### Travel Considerations
- **Border Searches**: Enhanced search powers at international borders
- **Visa Requirements**: Political activities may affect visa eligibility
- **Surveillance**: Increased surveillance of international travelers
- **Operational Notes**: Use clean devices when crossing borders
### International Law
#### Human Rights Law
- **Universal Declaration**: Fundamental rights recognized internationally
- **Regional Systems**: European, Inter-American, African human rights systems
- **Enforcement**: Limited enforcement mechanisms for violations
- **Operational Notes**: Document human rights violations
#### Diplomatic Protections
- **Consular Services**: Limited assistance from home country consulates
- **Political Asylum**: Possible protection for political persecution
- **Refugee Status**: Protection for those fleeing persecution
- **Operational Notes**: Know consular contact information
---
## B.6 Legal Risk Assessment
### Risk Factors
#### Activity-Based Risks
- **Type of Activity**: Different activities carry different legal risks
- **Location**: Laws vary significantly by jurisdiction
- **Participants**: Number and background of participants affects risk
- **Timing**: Current political climate affects enforcement
#### Personal Risk Factors
- **Criminal History**: Prior arrests may affect treatment and sentencing
- **Immigration Status**: Non-citizens face additional risks including deportation
- **Employment**: Some jobs may be affected by arrests or convictions
- **Family Situation**: Dependents may be affected by legal consequences
### Risk Mitigation Strategies
#### Legal Preparation
- **Know Your Rights**: Understand legal rights and protections
- **Legal Contacts**: Establish relationships with attorneys before needed
- **Bail Planning**: Arrange bail funds and jail support in advance
- **Documentation**: Prepare legal documents and emergency contacts
#### Operational Security
- **Compartmentalization**: Limit knowledge of illegal activities
- **Communication Security**: Use secure communication methods
- **Evidence Management**: Minimize creation and retention of evidence
- **Identity Protection**: Protect real identities when possible
---
## B.7 Post-Arrest Procedures
### Immediate Actions
#### During Detention
- **Invoke Rights**: Clearly invoke right to remain silent and right to attorney
- **Document Everything**: Remember details of arrest and treatment
- **Medical Attention**: Request medical attention if needed
- **Contact Information**: Provide emergency contact information
#### Communication with Outside
- **Phone Calls**: Use phone calls to contact attorney and jail support
- **Visitors**: Limit visitors to attorney and essential support people
- **Mail**: Be aware that jail mail may be monitored
- **Operational Notes**: Assume all communications are monitored except attorney calls
### Legal Strategy
#### Initial Court Appearance
- **Arraignment**: First court appearance, charges formally read
- **Bail Hearing**: Determination of bail amount and conditions
- **Plea**: Generally advisable to plead not guilty initially
- **Attorney**: Essential to have attorney representation
#### Case Development
- **Discovery**: Review evidence against you
- **Motions**: Challenge evidence and procedures
- **Negotiations**: Possible plea negotiations
- **Trial**: Jury trial if case proceeds
### Long-Term Considerations
#### Conviction Consequences
- **Criminal Record**: Permanent criminal record for convictions
- **Employment**: May affect current and future employment
- **Immigration**: Serious consequences for non-citizens
- **Civil Rights**: May lose certain civil rights (voting, gun ownership)
#### Appeals Process
- **Grounds**: Legal errors during trial or sentencing
- **Timing**: Strict deadlines for filing appeals
- **Representation**: Attorney essential for appeals process
- **Success Rates**: Appeals are difficult and rarely successful
---
<div class="warning-box">
<div class="warning-title">Legal Risk Warning</div>
<p>Resistance activities carry significant legal risks including arrest, prosecution, and imprisonment. Laws are complex and change frequently. This information is not a substitute for qualified legal advice. Always consult with an attorney before engaging in activities that may have legal consequences.</p>
</div>
<div class="info-box">
<div class="info-title">Legal Support Importance</div>
<p>Establishing relationships with legal support organizations and attorneys before engaging in resistance activities is crucial. Legal preparation and know-your-rights training significantly improve outcomes during legal encounters.</p>
</div>
_appendices/appendix-c.md
+772
View File
@@ -0,0 +1,772 @@
---
layout: default
title: "Appendix C: Emergency Procedures and Crisis Response"
description: "Comprehensive emergency response procedures for resistance operations"
appendix: "C"
prev_page:
title: "Appendix B: Legal Considerations"
url: "/appendices/appendix-b/"
next_page:
title: "Appendix D: Glossary and References"
url: "/appendices/appendix-d/"
---
# Appendix C: Emergency Procedures and Crisis Response
## Overview
This appendix provides comprehensive emergency procedures and crisis response protocols for resistance operations. These procedures are designed to protect personnel, minimize damage, and maintain operational security during various emergency scenarios.
**Emergency situations covered:**
- Surveillance detection and compromise
- Arrest and detention scenarios
- Communication system failures
- Physical security breaches
- Medical emergencies during operations
- Natural disasters and infrastructure failures
- Infiltration and counter-intelligence threats
---
## C.1 Emergency Response Framework
### Crisis Classification System
#### Threat Level Classifications
```
Emergency Threat Levels:
Level 1 - Low Risk:
- Routine surveillance detected
- Minor operational security lapses
- Non-critical communication failures
- Minor injuries or medical issues
Level 2 - Moderate Risk:
- Targeted surveillance confirmed
- Operational security compromises
- Critical communication system failures
- Serious injuries requiring medical attention
Level 3 - High Risk:
- Active law enforcement investigation
- Network compromise suspected
- Multiple system failures
- Life-threatening medical emergencies
Level 4 - Critical Risk:
- Imminent arrest or raid
- Confirmed network infiltration
- Complete communication breakdown
- Mass casualty incidents
```
#### Response Activation Triggers
```
Automatic Response Triggers:
1. Surveillance Detection:
- Multiple surveillance teams identified
- Electronic surveillance indicators detected
- Unusual law enforcement activity in operational areas
- Compromise of surveillance detection protocols
2. Communication Failures:
- Primary communication systems compromised
- Unusual communication patterns detected
- Missing check-ins from critical personnel
- Interception of sensitive communications
3. Personnel Issues:
- Arrest of network members
- Disappearance of key personnel
- Suspected infiltration or compromise
- Medical emergencies during operations
4. Operational Compromises:
- Safe house discovery or compromise
- Equipment seizure or discovery
- Operational plan exposure
- Identity compromise of key personnel
```
### Emergency Command Structure
#### Crisis Response Team Roles
```
Emergency Response Organization:
1. Crisis Commander:
- Overall emergency response coordination
- Strategic decision-making authority
- Resource allocation and prioritization
- External communication and liaison
2. Security Coordinator:
- Threat assessment and analysis
- Counter-surveillance operations
- Operational security enforcement
- Intelligence gathering and analysis
3. Communications Coordinator:
- Emergency communication systems management
- Information flow coordination
- External communication security
- Backup communication system activation
4. Logistics Coordinator:
- Resource mobilization and allocation
- Transportation and evacuation coordination
- Safe house and facility management
- Supply and equipment management
5. Medical Coordinator:
- Medical emergency response
- Casualty assessment and treatment
- Medical evacuation coordination
- Psychological support and counseling
```
#### Decision-Making Protocols
```
Emergency Decision Framework:
1. Immediate Response (0-15 minutes):
- Threat assessment and classification
- Immediate safety measures implementation
- Emergency communication activation
- Initial resource mobilization
2. Short-term Response (15 minutes - 2 hours):
- Detailed situation analysis
- Response strategy development
- Resource allocation and deployment
- Coordination with external support
3. Medium-term Response (2-24 hours):
- Sustained response operations
- Damage assessment and control
- Recovery planning initiation
- Lessons learned documentation
4. Long-term Response (24+ hours):
- Recovery and reconstitution operations
- Security enhancement implementation
- Operational adjustment and improvement
- Post-incident analysis and reporting
```
---
## C.2 Surveillance and Compromise Response
### Surveillance Detection Response
#### Immediate Response Procedures
```
Surveillance Detection Protocol:
1. Confirmation Phase:
- Verify surveillance through multiple methods
- Document surveillance team characteristics
- Assess surveillance capabilities and intent
- Determine surveillance duration and scope
2. Notification Phase:
- Alert relevant personnel using secure channels
- Implement communication security protocols
- Activate counter-surveillance measures
- Coordinate response with security team
3. Evasion Phase:
- Execute pre-planned evasion routes
- Implement counter-surveillance techniques
- Vary patterns and behaviors
- Seek secure locations for assessment
4. Assessment Phase:
- Evaluate surveillance effectiveness and persistence
- Determine compromise level and implications
- Plan appropriate response measures
- Document incident for analysis
```
#### Counter-Surveillance Operations
```
Counter-Surveillance Framework:
1. Detection Operations:
- Deploy counter-surveillance teams
- Use technical surveillance detection equipment
- Monitor communication channels for interception
- Conduct pattern analysis and behavioral assessment
2. Disruption Operations:
- Implement surveillance disruption techniques
- Use decoy operations and misdirection
- Employ technical countermeasures
- Coordinate multi-team evasion operations
3. Intelligence Gathering:
- Identify surveillance personnel and capabilities
- Document surveillance methods and equipment
- Assess surveillance objectives and scope
- Gather intelligence on surveillance organization
4. Response Coordination:
- Coordinate with legal support organizations
- Implement media and public relations strategy
- Coordinate with other affected organizations
- Plan long-term counter-surveillance strategy
```
### Network Compromise Response
#### Compromise Assessment Procedures
```
Compromise Assessment Framework:
1. Initial Assessment:
- Identify scope and nature of compromise
- Assess immediate threats to personnel
- Evaluate operational security implications
- Determine response priority and urgency
2. Damage Control:
- Implement immediate security measures
- Isolate compromised systems and personnel
- Activate backup communication systems
- Secure sensitive materials and information
3. Investigation:
- Conduct detailed compromise analysis
- Identify compromise vectors and methods
- Assess ongoing threats and vulnerabilities
- Document findings for security improvement
4. Recovery Planning:
- Develop network reconstitution strategy
- Plan security enhancement measures
- Coordinate personnel safety and relocation
- Implement lessons learned and improvements
```
#### Information Sanitization Procedures
```
Emergency Sanitization Protocol:
1. Digital Information:
- Secure deletion of sensitive files
- Encryption key destruction and replacement
- Communication history sanitization
- Database and backup sanitization
2. Physical Materials:
- Document destruction using appropriate methods
- Equipment sanitization and disposal
- Location sanitization and cleanup
- Evidence removal and destruction
3. Communication Channels:
- Channel shutdown and replacement
- Key rotation and distribution
- Contact list sanitization
- Communication pattern modification
4. Personnel Information:
- Identity protection and modification
- Contact information updates
- Location changes and relocation
- Cover story development and implementation
```
---
## C.3 Arrest and Detention Response
### Pre-Arrest Procedures
#### Arrest Preparation Protocols
```
Arrest Preparation Framework:
1. Legal Preparation:
- Attorney contact information readily available
- Legal rights and procedures memorized
- Bail fund and jail support arrangements
- Emergency contact notification procedures
2. Operational Security:
- Sensitive information secured or destroyed
- Communication devices secured or sanitized
- Identity documents and cover materials prepared
- Emergency signal and notification procedures
3. Personal Preparation:
- Medical information and medications available
- Personal effects and comfort items prepared
- Family and dependent care arrangements
- Psychological preparation and stress management
4. Network Coordination:
- Arrest notification procedures established
- Backup leadership and succession planning
- Operational continuity procedures
- Support network activation protocols
```
#### Immediate Pre-Arrest Actions
```
Pre-Arrest Response Protocol:
1. Threat Recognition:
- Identify signs of imminent arrest
- Assess law enforcement presence and capabilities
- Evaluate escape and evasion options
- Determine appropriate response strategy
2. Information Security:
- Secure or destroy sensitive materials
- Sanitize communication devices
- Activate emergency communication protocols
- Notify relevant personnel of situation
3. Personal Security:
- Ensure personal safety and protection
- Prepare for potential use of force
- Document law enforcement actions
- Maintain calm and professional demeanor
4. Legal Preparation:
- Review legal rights and procedures
- Prepare for interrogation and questioning
- Ensure attorney contact information available
- Activate legal support network
```
### During Arrest Procedures
#### Arrest Response Protocol
```
During Arrest Framework:
1. Immediate Response:
- Comply with lawful orders and commands
- Clearly invoke right to remain silent
- Request attorney representation immediately
- Document badge numbers and officer information
2. Communication Management:
- Refuse to answer investigative questions
- Limit communication to essential information
- Avoid discussing operational matters
- Request private communication with attorney
3. Physical Security:
- Comply with search procedures
- Refuse consent to searches when possible
- Document any excessive force or misconduct
- Seek medical attention if injured
4. Information Protection:
- Provide only legally required identification
- Refuse to provide passwords or encryption keys
- Avoid discussing associates or activities
- Maintain operational security principles
```
#### Detention Procedures
```
Detention Response Framework:
1. Initial Processing:
- Provide required identification information
- Request medical attention if needed
- Exercise right to phone calls strategically
- Document treatment and conditions
2. Communication Strategy:
- Contact attorney as first priority
- Notify jail support and emergency contacts
- Coordinate with legal support organizations
- Maintain communication security protocols
3. Information Security:
- Refuse to discuss operational matters
- Avoid providing information about associates
- Maintain cover stories and operational security
- Document any interrogation attempts
4. Support Coordination:
- Coordinate with jail support network
- Arrange for legal representation
- Organize bail and release procedures
- Plan for post-release security measures
```
### Post-Release Procedures
#### Immediate Post-Release Actions
```
Post-Release Protocol:
1. Security Assessment:
- Evaluate surveillance and monitoring
- Assess operational security implications
- Determine safe locations and procedures
- Coordinate with security support team
2. Legal Coordination:
- Meet with attorney for case planning
- Review charges and legal strategy
- Coordinate with legal support organizations
- Plan for ongoing legal proceedings
3. Medical and Psychological Support:
- Seek medical attention if needed
- Access psychological support and counseling
- Address trauma and stress from detention
- Coordinate with support network
4. Operational Security:
- Implement enhanced security measures
- Modify operational patterns and procedures
- Update communication and contact information
- Coordinate with network security team
```
#### Long-term Recovery Planning
```
Recovery Planning Framework:
1. Security Enhancement:
- Implement lessons learned from arrest
- Enhance operational security procedures
- Modify communication and coordination methods
- Strengthen counter-surveillance capabilities
2. Legal Strategy:
- Develop comprehensive legal defense strategy
- Coordinate with legal support organizations
- Plan for trial and potential conviction
- Address immigration and employment implications
3. Network Coordination:
- Assess impact on network operations
- Implement operational continuity measures
- Coordinate support for affected personnel
- Plan for ongoing security and operations
4. Personal Recovery:
- Address physical and psychological impacts
- Rebuild personal and professional relationships
- Plan for ongoing legal and security challenges
- Develop long-term resilience and coping strategies
```
---
## C.4 Communication System Failures
### Communication Failure Response
#### Primary System Failure Procedures
```
Communication Failure Protocol:
1. Failure Detection:
- Identify nature and scope of communication failure
- Assess impact on ongoing operations
- Determine cause and potential duration
- Evaluate security implications
2. Backup System Activation:
- Activate pre-planned backup communication systems
- Notify personnel of system changes
- Implement alternative communication protocols
- Test backup system functionality and security
3. Information Management:
- Prioritize critical communications
- Implement information triage procedures
- Maintain communication logs and records
- Coordinate information flow and distribution
4. System Recovery:
- Assess primary system security and integrity
- Plan system restoration and recovery
- Implement security enhancements
- Test restored system functionality
```
#### Alternative Communication Methods
```
Backup Communication Framework:
1. Digital Alternatives:
- Secondary encrypted messaging platforms
- Alternative email and communication services
- Peer-to-peer communication networks
- Amateur radio and emergency communication
2. Physical Alternatives:
- Dead drop and physical message systems
- Courier and messenger networks
- Public meeting and coordination locations
- Signal and sign-based communication
3. Coded Communication:
- Pre-arranged coded language and signals
- Public communication channels with coding
- Social media and public platform communication
- Emergency signal and notification systems
4. Emergency Protocols:
- Crisis communication procedures
- Emergency contact and notification systems
- Coordination with external support organizations
- Public communication and media coordination
```
### Information Security During Failures
#### Security Protocols for Alternative Systems
```
Alternative System Security:
1. Encryption and Privacy:
- Implement encryption for all alternative communications
- Use secure and verified communication platforms
- Maintain privacy and anonymity protections
- Avoid compromised or insecure systems
2. Authentication and Verification:
- Verify identity of communication partners
- Use pre-arranged authentication procedures
- Implement message verification and integrity checks
- Detect and respond to impersonation attempts
3. Operational Security:
- Maintain compartmentalization and need-to-know
- Limit information sharing to essential communications
- Use coded language and operational security procedures
- Monitor for surveillance and interception
4. Recovery Planning:
- Plan for transition back to primary systems
- Implement security assessment of alternative systems
- Document lessons learned and improvements
- Enhance backup communication capabilities
```
---
## C.5 Medical Emergency Response
### Medical Emergency Protocols
#### Emergency Medical Response Framework
```
Medical Emergency Protocol:
1. Immediate Response:
- Assess medical situation and severity
- Provide immediate first aid and life support
- Coordinate with emergency medical services
- Implement operational security measures
2. Medical Coordination:
- Contact qualified medical personnel
- Coordinate transportation to medical facilities
- Provide medical history and information
- Coordinate with family and emergency contacts
3. Security Considerations:
- Protect operational security during medical emergency
- Coordinate with legal support if law enforcement involved
- Manage information sharing with medical personnel
- Plan for ongoing security during medical treatment
4. Follow-up Care:
- Coordinate ongoing medical treatment and care
- Address psychological and emotional support needs
- Plan for return to operational activities
- Document incident and lessons learned
```
#### Operational Medical Considerations
```
Operational Medical Framework:
1. Pre-Operation Medical Planning:
- Assess medical risks and requirements
- Identify medical personnel and resources
- Plan for medical emergency response
- Coordinate with emergency medical services
2. Medical Equipment and Supplies:
- Maintain first aid and medical supplies
- Train personnel in first aid and emergency response
- Coordinate with medical professionals
- Plan for medical equipment security and transport
3. Medical Information Security:
- Protect medical information and privacy
- Coordinate with medical personnel on security needs
- Plan for medical information sharing
- Address legal and ethical medical considerations
4. Psychological Support:
- Provide psychological first aid and support
- Coordinate with mental health professionals
- Address trauma and stress from operations
- Plan for ongoing psychological support and care
```
---
## C.6 Natural Disasters and Infrastructure Failures
### Disaster Response Procedures
#### Natural Disaster Response Framework
```
Disaster Response Protocol:
1. Immediate Safety:
- Ensure immediate safety of personnel
- Evacuate dangerous areas and locations
- Provide emergency shelter and protection
- Coordinate with emergency services
2. Communication and Coordination:
- Establish emergency communication systems
- Coordinate with disaster response organizations
- Maintain contact with network personnel
- Coordinate resource sharing and mutual aid
3. Operational Continuity:
- Assess impact on operational capabilities
- Implement operational continuity procedures
- Relocate operations to safe locations
- Maintain essential operational functions
4. Recovery and Reconstruction:
- Assess damage and recovery requirements
- Plan for operational reconstruction
- Coordinate with community recovery efforts
- Implement lessons learned and improvements
```
#### Infrastructure Failure Response
```
Infrastructure Failure Framework:
1. Power and Utility Failures:
- Implement backup power and utility systems
- Coordinate with utility companies and services
- Plan for extended outages and disruptions
- Maintain essential operations and communications
2. Transportation Disruptions:
- Implement alternative transportation methods
- Coordinate with transportation authorities
- Plan for personnel and resource movement
- Maintain operational coordination and communication
3. Communication Infrastructure Failures:
- Activate backup communication systems
- Coordinate with communication service providers
- Implement alternative communication methods
- Maintain operational coordination and security
4. Financial System Disruptions:
- Implement alternative financial and payment systems
- Coordinate with financial institutions
- Plan for resource allocation and distribution
- Maintain operational funding and support
```
---
## C.7 Emergency Contact Information
### Emergency Contact Templates
#### Personal Emergency Contacts
```
Personal Emergency Contact Information:
1. Legal Support:
- Primary Attorney: [Name, Phone, Email]
- Backup Attorney: [Name, Phone, Email]
- Legal Aid Organization: [Name, Phone, Email]
- Bail Fund Contact: [Name, Phone, Email]
2. Medical Support:
- Primary Care Physician: [Name, Phone, Email]
- Emergency Medical Contact: [Name, Phone, Email]
- Medical Insurance Information: [Policy, Group, Phone]
- Medical Conditions and Medications: [Details]
3. Personal Support:
- Emergency Contact 1: [Name, Relationship, Phone, Email]
- Emergency Contact 2: [Name, Relationship, Phone, Email]
- Family Care Coordinator: [Name, Phone, Email]
- Employer/School Contact: [Name, Phone, Email]
4. Financial Support:
- Bank and Account Information: [Bank, Account, Phone]
- Financial Power of Attorney: [Name, Phone, Email]
- Insurance Contacts: [Company, Policy, Phone]
- Financial Emergency Fund: [Contact, Phone, Email]
```
#### Operational Emergency Contacts
```
Operational Emergency Contact Information:
1. Network Leadership:
- Primary Coordinator: [Secure Contact Information]
- Backup Coordinator: [Secure Contact Information]
- Security Coordinator: [Secure Contact Information]
- Communications Coordinator: [Secure Contact Information]
2. External Support:
- Legal Observer Coordinator: [Contact Information]
- Jail Support Coordinator: [Contact Information]
- Media Relations Contact: [Contact Information]
- Community Support Coordinator: [Contact Information]
3. Technical Support:
- IT Security Specialist: [Secure Contact Information]
- Communication System Administrator: [Secure Contact Information]
- Equipment Specialist: [Secure Contact Information]
- Technical Emergency Support: [Secure Contact Information]
4. Specialized Support:
- Medical Coordinator: [Contact Information]
- Transportation Coordinator: [Contact Information]
- Safe House Coordinator: [Secure Contact Information]
- Resource Coordinator: [Secure Contact Information]
```
### Emergency Communication Procedures
#### Secure Emergency Communication
```
Emergency Communication Protocol:
1. Primary Communication:
- Use pre-arranged secure communication channels
- Implement emergency authentication procedures
- Use coded language and operational security
- Maintain communication logs and records
2. Backup Communication:
- Activate backup communication systems
- Use alternative communication methods
- Coordinate with external communication support
- Implement emergency signal and notification systems
3. Public Communication:
- Coordinate with media relations team
- Implement public communication strategy
- Coordinate with legal and public relations support
- Maintain operational security during public communication
4. External Coordination:
- Coordinate with legal support organizations
- Coordinate with community support networks
- Coordinate with emergency services when appropriate
- Maintain security and operational considerations
```
---
<div class="warning-box">
<div class="warning-title">Emergency Preparedness Critical</div>
<p>Emergency preparedness is essential for resistance operations. Regular training, drills, and updates to emergency procedures ensure effective response during actual crises. All personnel should be familiar with emergency procedures and contact information.</p>
</div>
<div class="success-box">
<div class="success-title">Crisis Response Benefits</div>
<p>Well-planned crisis response procedures minimize damage, protect personnel, and maintain operational security during emergencies. Regular practice and refinement of emergency procedures improves response effectiveness and reduces panic during actual crises.</p>
</div>
_appendices/appendix-d.md
+616
View File
@@ -0,0 +1,616 @@
---
layout: default
title: "Appendix D: Glossary and References"
description: "Comprehensive glossary of terms and reference materials"
appendix: "D"
prev_page:
title: "Appendix C: Emergency Procedures"
url: "/appendices/appendix-c/"
---
# Appendix D: Glossary and References
## Overview
This appendix provides a comprehensive glossary of terms used throughout the field guide, along with references to additional resources, organizations, and materials for further study and operational support.
---
## D.1 Glossary of Terms
### A
**Access Control**
: Security measures that restrict access to resources, systems, or information based on user identity and authorization levels.
**Adversary**
: Any individual, group, or organization that poses a threat to resistance operations or personnel.
**Air Gap**
: Physical separation between computer systems or networks to prevent unauthorized data transfer.
**Anonymity**
: The state of being unidentifiable within a set of subjects, providing protection against identification.
**Authentication**
: The process of verifying the identity of a user, device, or system before granting access to resources.
### B
**Backdoor**
: A hidden method of bypassing normal authentication or security controls in a computer system.
**Burner Device**
: A temporary communication device used for specific operations and then discarded to maintain security.
**Burner Identity**
: A temporary or false identity used for specific operations to protect real identity.
### C
**Cell Structure**
: Organizational method using small, independent groups to limit exposure and damage from compromise.
**Cipher**
: An algorithm for performing encryption or decryption of data.
**Clearnet**
: The publicly accessible internet, as opposed to darknets or private networks.
**Compartmentalization**
: Security practice of limiting access to information based on need-to-know principles.
**Compromise**
: The unauthorized disclosure of sensitive information or the loss of security integrity.
**Counter-Intelligence**
: Activities designed to prevent or thwart espionage, intelligence gathering, or sabotage by adversaries.
**Counter-Surveillance**
: Techniques and activities designed to detect, evade, or neutralize surveillance operations.
**Cover Story**
: A false but plausible explanation for activities, presence, or identity used to maintain operational security.
**Cryptography**
: The practice and study of techniques for secure communication in the presence of adversaries.
### D
**Dark Web**
: Encrypted online content that requires specific software, configurations, or authorization to access.
**Dead Drop**
: A method of espionage tradecraft used to pass items or information between two individuals without requiring them to meet directly.
**Deniability**
: The ability to deny involvement in or knowledge of particular activities or information.
**Digital Footprint**
: The trail of data created by online activities and digital interactions.
**Disinformation**
: False information deliberately spread to deceive or mislead.
### E
**Encryption**
: The process of converting information into a code to prevent unauthorized access.
**End-to-End Encryption (E2E)**
: A system of communication where only the communicating users can read the messages.
**Exfiltration**
: The unauthorized transfer of data from a computer or network.
### F
**False Flag**
: An operation designed to deceive by making it appear as though it was carried out by another party.
**Firewall**
: A network security system that monitors and controls incoming and outgoing network traffic.
**Forward Secrecy**
: A feature of specific key agreement protocols that ensures session keys will not be compromised even if private keys are compromised.
### G
**Gray Literature**
: Information produced outside traditional commercial or academic publishing channels.
### H
**Honeypot**
: A computer security mechanism set to detect, deflect, or counteract unauthorized use of information systems.
**HUMINT**
: Human Intelligence - intelligence gathered by means of interpersonal contact.
### I
**Identity Management**
: The security and business discipline that enables the right individuals to access the right resources at the right times.
**Infiltration**
: The practice of entering an organization or group covertly to gather intelligence or influence operations.
**Information Security (InfoSec)**
: The practice of protecting information by mitigating information risks.
### J
**Jail Support**
: Organized assistance provided to individuals who have been arrested, including legal, financial, and emotional support.
### K
**Key Management**
: The management of cryptographic keys in a cryptosystem, including generation, exchange, storage, use, and replacement.
### L
**Legal Observer**
: Trained volunteers who attend public demonstrations to monitor and document police behavior and potential civil rights violations.
**Livestreaming**
: Real-time broadcasting of video content over the internet.
### M
**Malware**
: Software designed to disrupt, damage, or gain unauthorized access to computer systems.
**Metadata**
: Data that provides information about other data, such as when a file was created or modified.
**Multi-Factor Authentication (MFA)**
: A security system that requires more than one method of authentication to verify user identity.
### N
**Network Security**
: Policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network.
**Need-to-Know**
: Security principle that restricts access to information to only those individuals who require it to perform their duties.
### O
**Operational Security (OPSEC)**
: A process that identifies critical information and analyzes friendly actions to determine if they can be observed by adversaries.
**OSINT**
: Open Source Intelligence - intelligence collected from publicly available sources.
### P
**Penetration Testing**
: Authorized simulated cyberattack on a computer system to evaluate security.
**Phishing**
: Fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity in electronic communication.
**Privacy**
: The right to be free from intrusion or interference in one's personal life and affairs.
**Pseudonym**
: A fictitious name used to conceal identity.
### Q
**Quarantine**
: Isolation of potentially compromised systems or information to prevent spread of security threats.
### R
**Risk Assessment**
: The identification and analysis of relevant risks to achieving objectives.
**Root Access**
: Administrative access to a computer system that allows complete control over the system.
### S
**Safe House**
: A secure location used for meetings, storage, or temporary shelter during operations.
**Security Culture**
: Shared practices, attitudes, and norms that prioritize security in all activities and communications.
**SIGINT**
: Signals Intelligence - intelligence derived from electronic signals and systems.
**Social Engineering**
: Psychological manipulation of people to perform actions or divulge confidential information.
**Steganography**
: The practice of concealing information within other non-secret text or data.
**Surveillance**
: Close observation of a person or group, especially one under suspicion.
### T
**Threat Model**
: A structured representation of all the information that affects the security of an application or system.
**Tor**
: Free and open-source software for enabling anonymous communication by directing internet traffic through a worldwide volunteer overlay network.
**Two-Factor Authentication (2FA)**
: Security process in which users provide two different authentication factors to verify themselves.
### U
**User Access Control**
: Security technique that regulates who or what can view or use resources in a computing environment.
### V
**Virtual Private Network (VPN)**
: Encrypted connection over the internet from a device to a network to ensure private data transmission.
**Vulnerability**
: A weakness in a system that can be exploited by threats to gain unauthorized access or perform unauthorized actions.
### W
**Whistleblowing**
: The activity of a person who exposes information or activity that is deemed illegal, unethical, or not correct within an organization.
### Z
**Zero-Day**
: A computer software vulnerability that is unknown to those who should be interested in mitigating the vulnerability.
**Zero-Knowledge**
: A method by which one party can prove to another party that they know a value without conveying any information apart from the fact that they know the value.
---
## D.2 Essential References and Resources
### Security and Privacy Guides
#### Digital Security Resources
- **Surveillance Self-Defense (EFF)**: [ssd.eff.org](https://ssd.eff.org)
- Comprehensive digital security guide for activists and journalists
- Threat modeling, secure communications, device security
- **Security Education Companion**: [securityeducationcompanion.org](https://securityeducationcompanion.org)
- Digital security training curricula and resources
- Trainer guides and participant materials
- **Level Up**: [level-up.cc](https://level-up.cc)
- Holistic security training resources for civil society
- Trauma-informed security training approaches
- **Tactical Technology Collective**: [tacticaltech.org](https://tacticaltech.org)
- Digital security and privacy tools for activists
- Research on surveillance and digital rights
#### Privacy and Anonymity Guides
- **Tor Project Documentation**: [tb-manual.torproject.org](https://tb-manual.torproject.org)
- Official Tor Browser user manual and security guidance
- Anonymity and privacy protection techniques
- **Tails Documentation**: [tails.boum.org/doc](https://tails.boum.org/doc)
- Comprehensive guide to using Tails operating system
- Amnesic and anonymous computing practices
- **Privacy International**: [privacyinternational.org](https://privacyinternational.org)
- Global privacy rights advocacy and research
- Surveillance technology analysis and countermeasures
### Legal Resources
#### Know Your Rights
- **ACLU Know Your Rights**: [aclu.org/know-your-rights](https://aclu.org/know-your-rights)
- Constitutional rights during police encounters
- Protest rights and legal protections
- **National Lawyers Guild Legal Observer Manual**: [nlg.org](https://nlg.org)
- Legal observer training and procedures
- Protest law and civil rights documentation
- **Electronic Frontier Foundation**: [eff.org](https://eff.org)
- Digital rights and privacy law resources
- Legal guides for technology users and activists
#### Legal Support Organizations
- **Center for Constitutional Rights**: [ccrjustice.org](https://ccrjustice.org)
- Civil rights litigation and advocacy
- Legal support for social justice movements
- **National Police Accountability Project**: [nlg-npap.org](https://nlg-npap.org)
- Police misconduct litigation and advocacy
- Legal resources for police accountability
### Technical Resources
#### Cryptography and Security
- **Applied Cryptography by Bruce Schneier**
- Comprehensive guide to cryptographic protocols and algorithms
- Practical cryptography implementation guidance
- **The Codebreakers by David Kahn**
- Historical perspective on cryptography and codebreaking
- Understanding cryptographic principles and applications
- **Computer Security: Art and Science by Matt Bishop**
- Academic treatment of computer security principles
- Comprehensive security theory and practice
#### Network Security
- **Wireshark Documentation**: [wireshark.org/docs](https://wireshark.org/docs)
- Network protocol analysis and security monitoring
- Traffic analysis and network security assessment
- **Nmap Documentation**: [nmap.org/docs.html](https://nmap.org/docs.html)
- Network discovery and security auditing
- Network mapping and vulnerability assessment
### Operational Security Resources
#### Intelligence and Surveillance
- **The Art of Intelligence by Henry A. Crumpton**
- Intelligence operations and analysis principles
- Understanding intelligence collection and analysis
- **Surveillance Countermeasures by Peter Jenkins**
- Practical surveillance detection and evasion techniques
- Counter-surveillance operations and procedures
#### Resistance and Activism
- **Rules for Radicals by Saul Alinsky**
- Community organizing and activism strategies
- Tactical approaches to social change
- **The Activist's Handbook by Randy Shaw**
- Practical guide to effective activism and organizing
- Campaign strategy and tactical planning
### Historical References
#### Resistance Movements
- **The Resistance by Matthew Cobb**
- French Resistance during World War II
- Organizational structures and operational security
- **A Force More Powerful by Peter Ackerman and Jack DuVall**
- Nonviolent resistance movements throughout history
- Strategic nonviolent action and civil resistance
#### Intelligence History
- **Legacy of Ashes by Tim Weiner**
- History of the CIA and intelligence operations
- Understanding intelligence capabilities and limitations
- **The Puzzle Palace by James Bamford**
- History and operations of the National Security Agency
- Electronic surveillance and signals intelligence
### Technical Manuals and Standards
#### Security Standards
- **NIST Cybersecurity Framework**: [nist.gov/cyberframework](https://nist.gov/cyberframework)
- Cybersecurity risk management framework
- Security controls and implementation guidance
- **ISO 27001/27002 Information Security Standards**
- International information security management standards
- Security controls and risk management frameworks
#### Cryptographic Standards
- **FIPS 140-2 Security Requirements for Cryptographic Modules**
- Federal standard for cryptographic module security
- Hardware and software security requirements
- **RFC Cryptographic Standards**: [tools.ietf.org/rfc](https://tools.ietf.org/rfc)
- Internet Engineering Task Force cryptographic protocols
- Standard cryptographic algorithms and implementations
---
## D.3 Organizations and Networks
### Digital Rights Organizations
#### International Organizations
- **Electronic Frontier Foundation (EFF)**: [eff.org](https://eff.org)
- Digital rights advocacy and legal support
- Privacy tools and digital security resources
- **Privacy International**: [privacyinternational.org](https://privacyinternational.org)
- Global privacy rights advocacy and research
- Surveillance technology analysis and policy advocacy
- **Access Now**: [accessnow.org](https://accessnow.org)
- Digital rights advocacy and emergency support
- Digital security helpline and rapid response
- **Article 19**: [article19.org](https://article19.org)
- Freedom of expression and information advocacy
- Digital rights and online freedom of expression
#### Regional Organizations
- **European Digital Rights (EDRi)**: [edri.org](https://edri.org)
- European digital rights advocacy network
- Privacy and digital rights policy advocacy
- **Derechos Digitales**: [derechosdigitales.org](https://derechosdigitales.org)
- Latin American digital rights advocacy
- Privacy and surveillance policy research
### Legal Support Organizations
#### Civil Rights Organizations
- **American Civil Liberties Union (ACLU)**: [aclu.org](https://aclu.org)
- Constitutional rights advocacy and litigation
- Know your rights resources and legal support
- **Center for Constitutional Rights**: [ccrjustice.org](https://ccrjustice.org)
- Civil rights litigation and advocacy
- Legal support for social justice movements
- **National Lawyers Guild**: [nlg.org](https://nlg.org)
- Legal support for activists and protesters
- Legal observer training and jail support
#### International Legal Support
- **Amnesty International**: [amnesty.org](https://amnesty.org)
- Human rights advocacy and legal support
- International human rights monitoring and advocacy
- **Human Rights Watch**: [hrw.org](https://hrw.org)
- Human rights research and advocacy
- International human rights monitoring and reporting
### Security and Privacy Organizations
#### Security Research Organizations
- **Citizen Lab**: [citizenlab.ca](https://citizenlab.ca)
- Digital surveillance and security research
- Targeted surveillance and digital espionage research
- **Tactical Technology Collective**: [tacticaltech.org](https://tacticaltech.org)
- Digital security tools and training for activists
- Surveillance and privacy research and advocacy
#### Privacy Advocacy Organizations
- **Electronic Privacy Information Center (EPIC)**: [epic.org](https://epic.org)
- Privacy rights advocacy and policy research
- Government surveillance and privacy policy advocacy
- **Fight for the Future**: [fightforthefuture.org](https://fightforthefuture.org)
- Digital rights activism and campaign organization
- Internet freedom and privacy advocacy campaigns
### Technical Security Organizations
#### Open Source Security Projects
- **Tor Project**: [torproject.org](https://torproject.org)
- Anonymous communication software and research
- Privacy and anonymity technology development
- **Guardian Project**: [guardianproject.info](https://guardianproject.info)
- Open source security and privacy tools for mobile devices
- Secure communication and privacy applications
- **Open Technology Fund**: [opentech.fund](https://opentech.fund)
- Internet freedom technology development and support
- Digital security and privacy tool funding and development
#### Security Training Organizations
- **Security Education Companion**: [securityeducationcompanion.org](https://securityeducationcompanion.org)
- Digital security training curricula and resources
- Security trainer development and support
- **Level Up**: [level-up.cc](https://level-up.cc)
- Holistic security training for civil society
- Trauma-informed security training and resources
---
## D.4 Additional Reading and Study Materials
### Essential Books
#### Security and Privacy
1. **"Data and Goliath" by Bruce Schneier**
- Surveillance capitalism and privacy protection
- Policy and technical approaches to privacy
2. **"The Age of Surveillance Capitalism" by Shoshana Zuboff**
- Economic analysis of surveillance and data extraction
- Understanding surveillance business models
3. **"No Place to Hide" by Glenn Greenwald**
- NSA surveillance revelations and implications
- Government surveillance capabilities and overreach
#### Resistance and Activism
1. **"From Dictatorship to Democracy" by Gene Sharp**
- Strategic nonviolent resistance theory and practice
- Political defiance and resistance strategy
2. **"The Politics of Nonviolent Action" by Gene Sharp**
- Comprehensive theory of nonviolent resistance
- Methods and dynamics of nonviolent struggle
3. **"Direct Action" by L.A. Kauffman**
- History of direct action and civil disobedience
- Tactical innovation in social movements
#### Intelligence and Security
1. **"The Art of War" by Sun Tzu**
- Classical strategic thinking and tactical principles
- Intelligence and strategic planning concepts
2. **"On War" by Carl von Clausewitz**
- Military strategy and tactical theory
- Understanding conflict and strategic thinking
3. **"The Craft of Intelligence" by Allen Dulles**
- Intelligence operations and analysis principles
- Understanding intelligence collection and analysis
### Academic Journals and Publications
#### Security and Privacy Research
- **IEEE Security & Privacy Magazine**
- Academic research on security and privacy topics
- Technical and policy analysis of security issues
- **ACM Transactions on Privacy and Security**
- Peer-reviewed research on privacy and security
- Technical advances in privacy and security technology
#### Social Movement Research
- **Social Movement Studies**
- Academic research on social movements and activism
- Theoretical and empirical analysis of resistance movements
- **Mobilization: An International Quarterly**
- Social movement theory and research
- Comparative analysis of social movements and activism
### Online Resources and Databases
#### Security and Privacy Resources
- **OWASP (Open Web Application Security Project)**: [owasp.org](https://owasp.org)
- Web application security resources and tools
- Security testing and vulnerability assessment
- **SANS Institute**: [sans.org](https://sans.org)
- Information security training and certification
- Security research and threat intelligence
#### Research and Analysis
- **Bellingcat**: [bellingcat.com](https://bellingcat.com)
- Open source investigation techniques and case studies
- Digital forensics and online investigation methods
- **Exposing the Invisible**: [exposingtheinvisible.org](https://exposingtheinvisible.org)
- Investigation techniques and tools for activists
- Digital security for investigators and researchers
---
<div class="info-box">
<div class="info-title">Continuous Learning</div>
<p>Security and resistance techniques evolve constantly. Regular study of new resources, techniques, and threat developments is essential for maintaining effective operational security and resistance capabilities.</p>
</div>
<div class="success-box">
<div class="success-title">Knowledge Sharing</div>
<p>Share knowledge and resources with trusted networks while maintaining operational security. Collective learning and skill development strengthen resistance capabilities and improve security for all participants.</p>
</div>
---
**End of Field Manual FM-R1**
*This field manual represents a comprehensive guide to resistance operations and security practices. Regular updates and revisions ensure continued relevance and effectiveness in changing operational environments.*
_chapters/chapter-1.md
+477
View File
@@ -0,0 +1,477 @@
---
layout: default
title: "Chapter 1: Core Security Principles"
description: "The five fundamental principles that must guide all resistance security decisions"
section_number: "1-1 to 1-5"
prev_page:
title: "Part I: Foundations"
url: "/parts/part-1/"
next_page:
title: "Chapter 2: Threat Assessment"
url: "/chapters/chapter-2/"
---
# Chapter 1: Core Security Principles
## Chapter Overview
This chapter establishes the five fundamental principles that must guide all resistance security decisions. These principles, derived from decades of resistance experience and modern security research, provide the conceptual framework for evaluating threats, designing countermeasures, and making operational decisions under pressure.
**Sections in this chapter:**
- 1-1: Principle of Least Privilege
- 1-2: Need-to-Know Basis
- 1-3: Compartmentalization and Cell Structure
- 1-4: Zero Trust Verification
- 1-5: Metadata Minimization
---
## Section 1-1: Principle of Least Privilege
### Definition
The Principle of Least Privilege states that every person, process, and system should have access only to the minimum resources necessary to perform their legitimate function. In resistance operations, this means limiting access to information, tools, and capabilities to the smallest set required for operational effectiveness.
### Application in Resistance Operations
#### Information Access
- **Operational details** are shared only with those who need them for their specific role
- **Contact information** is limited to direct operational relationships
- **Strategic plans** are known only to leadership and those implementing specific components
- **Technical details** are restricted to those responsible for implementation and maintenance
#### System Access
- **Communication platforms** grant access only to relevant channels and groups
- **File repositories** provide access only to documents needed for specific roles
- **Administrative privileges** are limited to the minimum number of trusted individuals
- **Backup systems** are accessible only to designated recovery personnel
#### Physical Access
- **Meeting locations** are known only to attendees and necessary support personnel
- **Safe houses** are accessed only by those with operational need
- **Equipment storage** is limited to those responsible for specific tools or supplies
- **Document storage** is restricted to those who create, maintain, or use specific materials
### Implementation Guidelines
<div class="do-dont-list">
<div class="do-list">
<h4>DO</h4>
<ul>
<li>Regularly review and audit access permissions</li>
<li>Remove access immediately when roles change</li>
<li>Document access decisions and their justifications</li>
<li>Use role-based access control when possible</li>
<li>Implement time-limited access for temporary needs</li>
</ul>
</div>
<div class="dont-list">
<h4>DON'T</h4>
<ul>
<li>Grant access "just in case" it might be needed</li>
<li>Share credentials or allow access sharing</li>
<li>Assume that trust equals need for access</li>
<li>Delay removing access when it's no longer needed</li>
<li>Grant broad access to avoid managing specific permissions</li>
</ul>
</div>
</div>
### Common Violations and Consequences
**Violation:** Sharing operational plans with all cell members regardless of their role
**Consequence:** Compromise of one member leads to exposure of entire operation
**Violation:** Using shared accounts for multiple purposes
**Consequence:** Inability to track access or revoke permissions for specific individuals
**Violation:** Granting administrative access to avoid permission requests
**Consequence:** Accidental or malicious damage to critical systems
---
## Section 1-2: Need-to-Know Basis
### Definition
Need-to-Know is an information security principle that restricts access to sensitive information to only those individuals who require it to perform their duties. Unlike Least Privilege, which focuses on access controls, Need-to-Know addresses the content and scope of information sharing.
### Information Classification
#### Operational Classifications
**CRITICAL** - Information whose compromise would cause immediate operational failure
- Real names and personal details of participants
- Specific operational plans and timelines
- Location and access details for safe houses
- Technical vulnerabilities and exploitation methods
**SENSITIVE** - Information whose compromise would significantly impact operations
- Communication protocols and procedures
- General operational capabilities and resources
- Training materials and educational content
- Historical operational data and lessons learned
**RESTRICTED** - Information whose compromise would cause limited damage
- General security guidelines and best practices
- Public-facing materials and propaganda
- Non-sensitive logistical information
- Educational resources available from public sources
**UNCLASSIFIED** - Information that can be shared without operational impact
- Publicly available tools and software
- General security awareness materials
- Historical information about resistance movements
- Legal and political analysis available from public sources
### Information Sharing Protocols
#### Vertical Information Flow
- **Upward reporting** includes only information necessary for decision-making
- **Downward direction** provides only information necessary for task execution
- **Status updates** focus on operational requirements rather than comprehensive briefings
- **Emergency communications** may temporarily bypass normal restrictions
#### Horizontal Information Flow
- **Peer coordination** shares only information necessary for joint operations
- **Cross-cell communication** is limited to specific operational requirements
- **Resource sharing** includes only information necessary for effective utilization
- **Mutual support** provides assistance without unnecessary information disclosure
### Implementation in Practice
#### Meeting Protocols
```
Before sharing information in any meeting:
1. Identify who needs this specific information
2. Determine the minimum detail level required
3. Consider whether the information can be compartmentalized
4. Verify that all attendees have operational need for the information
5. Document what was shared and with whom
```
#### Communication Guidelines
- Use **coded language** for sensitive topics even in secure channels
- **Separate conversations** by topic and participant need
- **Time-limit** access to sensitive information when possible
- **Verify recipient identity** before sharing sensitive information
<div class="warning-box">
<div class="warning-title">Information Discipline</div>
<p>The natural human tendency is to share information to build trust and demonstrate competence. In resistance operations, this tendency must be consciously overcome. Information discipline requires constant vigilance and may feel antisocial, but it is essential for operational security.</p>
</div>
---
## Section 1-3: Compartmentalization and Cell Structure
### Definition
Compartmentalization is the practice of isolating information, people, and operations into discrete units (cells) that can function independently and have limited knowledge of other units. This structure prevents the compromise of one element from cascading through the entire organization.
### Cell Structure Design
#### Basic Cell Characteristics
- **Size limitation**: 3-7 members for optimal security and effectiveness
- **Functional focus**: Each cell has a specific operational purpose
- **Limited connectivity**: Minimal connections to other cells
- **Independent capability**: Can operate without external support for extended periods
- **Redundant skills**: Multiple members can perform critical functions
#### Cell Types
**Operational Cells**
- Execute specific resistance activities
- Have detailed knowledge of their operations only
- Receive direction through secure channels
- Report results through established protocols
**Support Cells**
- Provide specialized services (technical, logistical, financial)
- Have broad knowledge of capabilities but limited operational details
- Serve multiple operational cells without knowing their specific activities
- Maintain strict separation between different support functions
**Communication Cells**
- Facilitate secure communication between other cells
- Know communication protocols but not operational content
- Provide technical infrastructure and training
- Maintain multiple redundant communication channels
**Leadership Cells**
- Coordinate strategic direction and resource allocation
- Have broad operational awareness but limited tactical details
- Make decisions based on summarized reports rather than raw intelligence
- Maintain multiple independent communication channels
### Inter-Cell Communication
#### Communication Protocols
- **Scheduled contacts** at predetermined intervals
- **Emergency procedures** for urgent communication needs
- **Authentication methods** to verify identity and message integrity
- **Fallback procedures** when primary communication channels fail
#### Information Flow Management
```
Standard Communication Flow:
Operational Cell → Support Cell → Leadership Cell
Emergency Communication Flow:
Any Cell → Emergency Contact → Leadership Cell
Cross-Cell Coordination:
Cell A → Leadership Cell → Cell B
(Direct cell-to-cell communication only for specific authorized operations)
```
#### Security Measures
- **Unique communication methods** for each cell relationship
- **Time-delayed communication** to prevent real-time tracking
- **Multiple authentication factors** for sensitive communications
- **Regular communication schedule changes** to prevent pattern analysis
### Compromise Response
#### Isolation Procedures
When a cell is compromised:
1. **Immediate isolation** - Cut all communication with compromised cell
2. **Damage assessment** - Determine what information was exposed
3. **Notification protocol** - Alert affected cells through secure channels
4. **Operational adjustment** - Modify plans based on exposed information
5. **Recovery planning** - Develop procedures for reconstituting capabilities
#### Continuity Planning
- **Redundant capabilities** across multiple cells
- **Succession planning** for key roles and functions
- **Resource distribution** to prevent single points of failure
- **Alternative communication channels** for emergency coordination
<div class="info-box">
<div class="info-title">Cell Discipline</div>
<p>Effective compartmentalization requires strict discipline from all participants. The temptation to share information across cell boundaries for efficiency or social reasons must be resisted. Remember: the inconvenience of compartmentalization is far less than the consequences of cascade compromise.</p>
</div>
---
## Section 1-4: Zero Trust Verification
### Definition
Zero Trust is a security model that assumes no user, device, or communication can be trusted by default, even if they are inside the organization's network or have been previously verified. Every access request must be authenticated, authorized, and continuously validated.
### Core Zero Trust Principles
#### Never Trust, Always Verify
- **Identity verification** required for every access request
- **Device authentication** before allowing network access
- **Continuous monitoring** of user and system behavior
- **Regular re-authentication** for ongoing access
#### Assume Breach
- **Design systems** to function even when partially compromised
- **Limit blast radius** of any potential compromise
- **Monitor for indicators** of compromise continuously
- **Plan response procedures** for various compromise scenarios
#### Verify Explicitly
- **Multi-factor authentication** for all sensitive access
- **Behavioral analysis** to detect anomalous activity
- **Contextual verification** based on location, time, and access patterns
- **Cryptographic verification** of message and file integrity
### Implementation in Resistance Operations
#### Identity Verification
```
Standard Verification Process:
1. Something you know (password, passphrase, coded response)
2. Something you have (device, token, physical key)
3. Something you are (biometric, behavioral pattern)
4. Somewhere you are (location verification, network analysis)
5. Someone you know (trusted introducer, mutual contact)
```
#### Communication Verification
- **Message authentication codes** to verify sender identity
- **Forward secrecy** to limit damage from key compromise
- **Out-of-band verification** for critical communications
- **Regular key rotation** to limit exposure windows
#### Device Trust
- **Device registration** and authentication before network access
- **Regular security updates** and vulnerability patching
- **Behavioral monitoring** for signs of compromise
- **Remote wipe capabilities** for lost or stolen devices
#### Network Segmentation
- **Micro-segmentation** to limit lateral movement
- **Encrypted communications** for all network traffic
- **Access logging** and monitoring for all network activity
- **Regular network topology changes** to prevent mapping
### Continuous Verification
#### Behavioral Monitoring
- **Baseline establishment** for normal user behavior
- **Anomaly detection** for unusual access patterns
- **Risk scoring** based on multiple behavioral factors
- **Adaptive authentication** based on risk assessment
#### Regular Re-authentication
- **Time-based re-authentication** for ongoing access
- **Activity-based verification** for sensitive operations
- **Location-based challenges** for access from new locations
- **Privilege escalation verification** for administrative functions
<div class="warning-box">
<div class="warning-title">Paranoia vs. Security</div>
<p>Zero Trust may seem paranoid, but it reflects the reality of operating in a hostile environment where compromise is not a matter of if, but when. The goal is not to prevent all compromise, but to limit its impact and maintain operational capability even under adverse conditions.</p>
</div>
---
## Section 1-5: Metadata Minimization
### Definition
Metadata is "data about data" - information that describes the characteristics of communications and activities without revealing their content. In resistance operations, metadata analysis can reveal operational patterns, network structures, and behavioral indicators even when all content is encrypted.
### Types of Metadata
#### Communication Metadata
- **Sender and recipient** identities and addresses
- **Timestamps** of message creation, transmission, and receipt
- **Message size** and format information
- **Routing information** including intermediate servers and networks
- **Device information** including hardware and software details
#### Location Metadata
- **GPS coordinates** from mobile devices and applications
- **Network location** data from Wi-Fi and cellular connections
- **Movement patterns** derived from sequential location data
- **Association patterns** based on co-location with other devices
#### Behavioral Metadata
- **Usage patterns** including timing and frequency of activities
- **Application usage** and feature utilization patterns
- **Network traffic patterns** including volume and timing
- **Device interaction patterns** including typing and usage behaviors
#### Financial Metadata
- **Transaction timing** and frequency patterns
- **Payment methods** and account relationships
- **Geographic patterns** of financial activity
- **Association patterns** with other financial accounts
### Metadata Analysis Capabilities
#### Pattern Recognition
Modern data analysis can identify:
- **Communication networks** and hierarchical structures
- **Operational cycles** and planning timelines
- **Geographic patterns** and safe house locations
- **Behavioral signatures** unique to specific individuals
#### Predictive Analysis
Metadata can be used to:
- **Predict future activities** based on historical patterns
- **Identify key individuals** based on network centrality
- **Detect operational planning** through communication pattern changes
- **Locate physical meetings** through device co-location analysis
### Minimization Strategies
#### Communication Minimization
<div class="do-dont-list">
<div class="do-list">
<h4>DO</h4>
<ul>
<li>Use different communication methods for different purposes</li>
<li>Vary timing and frequency of communications</li>
<li>Use intermediary systems to break direct connections</li>
<li>Employ time-delayed communication when possible</li>
<li>Use broadcast methods for one-to-many communication</li>
</ul>
</div>
<div class="dont-list">
<h4>DON'T</h4>
<ul>
<li>Use the same communication channel for all purposes</li>
<li>Maintain regular communication schedules</li>
<li>Allow direct communication between all network members</li>
<li>Use personal devices for resistance communications</li>
<li>Ignore the metadata implications of communication choices</li>
</ul>
</div>
</div>
#### Location Minimization
- **Disable location services** on all devices used for resistance activities
- **Use public Wi-Fi** from locations unconnected to your identity
- **Vary locations** for different types of activities
- **Avoid patterns** in movement and location choices
- **Use transportation methods** that don't create digital records
#### Temporal Minimization
- **Randomize timing** of communications and activities
- **Use time delays** to break real-time correlation
- **Avoid regular schedules** that create predictable patterns
- **Coordinate timing** to create false patterns when beneficial
- **Use automated systems** to decouple activity timing from human schedules
#### Technical Minimization
```
Technical Metadata Reduction:
1. Use Tor or similar anonymization networks
2. Employ VPNs with no-logging policies
3. Use disposable email addresses and accounts
4. Regularly change device identifiers when possible
5. Use different devices for different operational purposes
```
### Metadata-Aware Operational Planning
#### Communication Planning
- **Map metadata exposure** for all planned communications
- **Design communication flows** to minimize revealing patterns
- **Plan for metadata analysis** by adversaries
- **Develop cover stories** for unavoidable metadata patterns
#### Activity Planning
- **Consider metadata implications** of all operational activities
- **Design operations** to create misleading metadata when possible
- **Plan timing** to minimize correlation opportunities
- **Coordinate activities** to distribute metadata across multiple participants
<div class="success-box">
<div class="success-title">Metadata Discipline</div>
<p>Effective metadata minimization requires thinking about the digital traces of every action before taking it. This becomes second nature with practice, but initially requires conscious effort and planning. The investment in metadata discipline pays dividends in operational security and longevity.</p>
</div>
---
## Chapter Summary
The five core security principles covered in this chapter provide the foundation for all resistance security operations:
1. **Least Privilege** limits access to the minimum necessary for operational effectiveness
2. **Need-to-Know** restricts information sharing to operational requirements
3. **Compartmentalization** isolates operations to prevent cascade compromise
4. **Zero Trust** assumes compromise and requires continuous verification
5. **Metadata Minimization** reduces digital traces that reveal operational patterns
These principles must be applied consistently across all aspects of resistance operations, from technical tool selection to operational planning to daily security practices. They are not merely guidelines but operational requirements for survival in a hostile environment.
### Integration and Balance
While each principle is important individually, their real power comes from integrated application. Effective resistance security requires balancing these principles against operational requirements and human limitations. Perfect adherence to all principles simultaneously may be impossible, but conscious application of each principle to every security decision will dramatically improve operational security.
### Next Steps
Chapter 2 builds on these foundational principles by providing systematic approaches to threat assessment and operational environment analysis. Understanding these principles is essential preparation for the practical threat modeling exercises that follow.
---
**Next:** [Chapter 2: Threat Assessment and Operational Environment →](/chapters/chapter-2/)
_chapters/chapter-10.md
+1587
View File
File diff suppressed because it is too large Load Diff
_chapters/chapter-2.md
+698
View File
@@ -0,0 +1,698 @@
---
layout: default
title: "Chapter 2: Threat Assessment and Operational Environment"
description: "Systematic approaches to understanding and responding to threats in resistance operations"
section_number: "2-1 to 2-4"
prev_page:
title: "Chapter 1: Core Security Principles"
url: "/chapters/chapter-1/"
next_page:
title: "Part II: Communication Systems"
url: "/parts/part-2/"
---
# Chapter 2: Threat Assessment and Operational Environment
## Chapter Overview
This chapter provides systematic methodologies for understanding and responding to threats in resistance operations. Effective threat assessment is the foundation of all security planning, enabling resistance practitioners to allocate resources appropriately and design countermeasures that address actual rather than imagined risks.
**Sections in this chapter:**
- 2-1: Understanding Your Adversary
- 2-2: Threat Model Development
- 2-3: Risk Assessment Framework
- 2-4: Operational Security (OpSec) Fundamentals
---
## Section 2-1: Understanding Your Adversary
### Definition
Adversary analysis is the systematic study of hostile forces to understand their capabilities, motivations, limitations, and likely courses of action. In resistance operations, this analysis must encompass both state and non-state actors who pose threats to operational security and participant safety.
### Adversary Categories
#### State Security Services
**Capabilities:**
- Mass surveillance infrastructure and legal authorities
- Advanced technical capabilities including cyber operations
- Extensive human intelligence networks and informant recruitment
- Legal powers including arrest, detention, and asset seizure
- International cooperation and intelligence sharing agreements
**Motivations:**
- Maintaining regime stability and suppressing dissent
- Protecting state secrets and critical infrastructure
- Demonstrating effectiveness to political leadership
- Career advancement and institutional prestige
**Limitations:**
- Bureaucratic constraints and inter-agency competition
- Resource limitations and competing priorities
- Legal and political constraints (even in authoritarian systems)
- Technical limitations and skill gaps
- Public scrutiny and accountability mechanisms
#### Law Enforcement Agencies
**Capabilities:**
- Local surveillance and investigation resources
- Access to criminal justice system and prosecution powers
- Community informant networks and public cooperation
- Specialized units for cybercrime and domestic terrorism
- Coordination with federal and international agencies
**Motivations:**
- Enforcing existing laws and maintaining public order
- Responding to political pressure and public concerns
- Protecting institutional reputation and effectiveness
- Career advancement and performance metrics
**Limitations:**
- Legal constraints and constitutional protections
- Resource limitations and competing priorities
- Training gaps in technical and political areas
- Public accountability and oversight mechanisms
- Jurisdictional limitations and coordination challenges
#### Private Intelligence Contractors
**Capabilities:**
- Specialized technical capabilities and cutting-edge tools
- Flexibility and rapid response capabilities
- Access to commercial data sources and partnerships
- International operations with minimal oversight
- Experienced personnel recruited from government agencies
**Motivations:**
- Financial profit and contract renewal
- Demonstrating value to government and corporate clients
- Expanding market share and capabilities
- Maintaining competitive advantage
**Limitations:**
- Profit motive may conflict with thoroughness
- Limited legal authorities and powers
- Dependence on client relationships and contracts
- Potential for exposure and public scrutiny
- Competition with other contractors and agencies
#### Hostile Political Organizations
**Capabilities:**
- Grassroots networks and community presence
- Media access and propaganda capabilities
- Political influence and institutional connections
- Volunteer networks and ideological motivation
- Potential for violence and intimidation
**Motivations:**
- Advancing political ideology and agenda
- Suppressing opposition movements and activities
- Demonstrating power and influence
- Protecting organizational interests and reputation
**Limitations:**
- Limited resources compared to state actors
- Legal constraints and public scrutiny
- Internal divisions and competing priorities
- Dependence on volunteer networks and public support
- Vulnerability to infiltration and disruption
### Capability Assessment Framework
#### Technical Capabilities
```
Assessment Matrix:
1. Surveillance Infrastructure
- Mass data collection capabilities
- Real-time monitoring systems
- Data analysis and correlation tools
- International cooperation agreements
2. Cyber Operations
- Offensive cyber capabilities
- Defensive monitoring systems
- Technical expertise and resources
- Legal authorities and constraints
3. Human Intelligence
- Informant recruitment and management
- Infiltration capabilities
- Social engineering expertise
- Community presence and influence
```
#### Operational Capabilities
- **Geographic reach** and jurisdictional authority
- **Response time** and deployment capabilities
- **Coordination mechanisms** between different agencies
- **Resource allocation** and priority setting processes
- **Legal authorities** and operational constraints
#### Intelligence Capabilities
- **Collection methods** and information sources
- **Analysis capabilities** and expertise levels
- **Dissemination networks** and information sharing
- **Retention policies** and data management systems
- **Quality control** and verification processes
### Motivation Analysis
#### Primary Motivations
Understanding what drives adversary actions helps predict their behavior and identify potential vulnerabilities:
**Institutional Interests:**
- Organizational survival and growth
- Budget allocation and resource competition
- Performance metrics and success measures
- Reputation and public perception
**Individual Motivations:**
- Career advancement and professional recognition
- Financial incentives and job security
- Ideological commitment and personal beliefs
- Social pressure and peer expectations
**Political Factors:**
- Electoral considerations and public opinion
- Policy priorities and resource allocation
- International relationships and obligations
- Crisis response and emergency authorities
### Limitation Assessment
#### Resource Constraints
- **Budget limitations** and competing priorities
- **Personnel shortages** and skill gaps
- **Technical limitations** and equipment constraints
- **Time pressures** and operational demands
#### Legal and Political Constraints
- **Constitutional protections** and legal precedents
- **Oversight mechanisms** and accountability requirements
- **Public scrutiny** and media attention
- **Political considerations** and policy constraints
#### Operational Constraints
- **Bureaucratic processes** and approval requirements
- **Coordination challenges** between agencies
- **Information sharing** limitations and restrictions
- **Geographic limitations** and jurisdictional boundaries
<div class="info-box">
<div class="info-title">Intelligence Gathering</div>
<p>Adversary analysis requires ongoing intelligence collection through open sources, operational observation, and network reporting. This information must be systematically collected, analyzed, and updated to maintain accuracy and relevance.</p>
</div>
---
## Section 2-2: Threat Model Development
### Definition
A threat model is a structured representation of potential threats to an organization, operation, or individual, including the assets being protected, potential attackers, attack vectors, and consequences of successful attacks. Threat modeling provides the analytical foundation for security planning and resource allocation.
### Threat Modeling Process
#### Step 1: Asset Identification
**Information Assets:**
- Operational plans and strategic documents
- Communication records and contact information
- Financial records and resource information
- Technical documentation and system configurations
- Personal information about participants and supporters
**Physical Assets:**
- Personnel safety and freedom
- Equipment and technology resources
- Financial resources and funding sources
- Safe houses and meeting locations
- Communication infrastructure and networks
**Operational Assets:**
- Network relationships and trust connections
- Operational capabilities and expertise
- Reputation and public support
- Legal protections and political cover
- Time and opportunity windows
#### Step 2: Threat Actor Identification
For each asset category, identify potential threat actors:
```
Threat Actor Analysis Template:
Actor: [Name/Type]
Motivation: [Why they would target this asset]
Capability: [What they can do to compromise it]
Opportunity: [When/how they could act]
Impact: [Consequences of successful attack]
Likelihood: [Probability assessment]
```
#### Step 3: Attack Vector Analysis
**Technical Attack Vectors:**
- Network intrusion and system compromise
- Communication interception and analysis
- Device compromise and malware deployment
- Data theft and information exfiltration
- Service disruption and denial of service
**Human Attack Vectors:**
- Social engineering and manipulation
- Infiltration and insider threats
- Coercion and blackmail
- Recruitment and turning of participants
- Information gathering through relationships
**Physical Attack Vectors:**
- Surveillance and tracking
- Search and seizure operations
- Physical intimidation and violence
- Asset seizure and resource disruption
- Location compromise and raid operations
#### Step 4: Impact Assessment
**Immediate Impacts:**
- Operational disruption and mission failure
- Personnel safety and security compromise
- Resource loss and financial damage
- Information disclosure and intelligence loss
- Legal consequences and prosecution
**Long-term Impacts:**
- Network compromise and relationship damage
- Reputation loss and public support erosion
- Capability degradation and skill loss
- Strategic disadvantage and position weakness
- Movement suppression and broader impact
### Threat Modeling Methodologies
#### STRIDE Framework
**Spoofing:** Impersonating legitimate users or systems
**Tampering:** Modifying data or systems without authorization
**Repudiation:** Denying actions or transactions
**Information Disclosure:** Exposing sensitive information
**Denial of Service:** Preventing legitimate access to resources
**Elevation of Privilege:** Gaining unauthorized access or permissions
#### PASTA (Process for Attack Simulation and Threat Analysis)
1. **Define Objectives:** Establish scope and goals
2. **Define Technical Scope:** Identify systems and components
3. **Application Decomposition:** Break down into components
4. **Threat Analysis:** Identify potential threats
5. **Weakness and Vulnerability Analysis:** Find security gaps
6. **Attack Modeling:** Simulate attack scenarios
7. **Risk and Impact Analysis:** Assess consequences
#### OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation)
- **Organizational View:** Internal security practices and policies
- **Technological View:** Technical vulnerabilities and weaknesses
- **Strategy and Plan View:** Risk mitigation and security strategy
### Threat Scenario Development
#### Scenario Template
```
Threat Scenario: [Descriptive Name]
Background:
- Current operational context
- Recent events and triggers
- Adversary capabilities and motivations
Attack Sequence:
1. Initial access or opportunity
2. Escalation and exploitation
3. Impact and consequences
4. Potential responses and countermeasures
Indicators:
- Early warning signs
- Detection opportunities
- Confirmation methods
Mitigation:
- Preventive measures
- Response procedures
- Recovery plans
```
#### Example Scenarios
**Scenario 1: Communication Compromise**
- Adversary intercepts encrypted communications
- Traffic analysis reveals network structure
- Key participants identified and targeted
- Operational plans exposed and disrupted
**Scenario 2: Infiltration Operation**
- Hostile agent joins resistance network
- Gains trust and access over time
- Collects intelligence on operations and participants
- Provides information for coordinated arrests
**Scenario 3: Technical Surveillance**
- Mass surveillance system deployed
- Communication metadata collected and analyzed
- Behavioral patterns identified and tracked
- Predictive analysis enables preemptive action
<div class="warning-box">
<div class="warning-title">Scenario Planning</div>
<p>Threat scenarios should be realistic and based on actual adversary capabilities and historical precedents. Avoid both underestimating threats (leading to inadequate security) and overestimating them (leading to paralysis and ineffective operations).</p>
</div>
---
## Section 2-3: Risk Assessment Framework
### Definition
Risk assessment is the systematic evaluation of potential threats to determine their likelihood and impact, enabling informed decisions about security investments and operational procedures. Risk assessment translates threat models into actionable priorities for security planning.
### Risk Calculation Methodology
#### Basic Risk Formula
```
Risk = Threat × Vulnerability × Impact
Where:
- Threat = Likelihood of attack occurring
- Vulnerability = Probability of attack succeeding
- Impact = Consequences of successful attack
```
#### Qualitative Risk Assessment
**Likelihood Scale:**
- **Very High (5):** Almost certain to occur within 1 month
- **High (4):** Likely to occur within 6 months
- **Medium (3):** Possible within 1 year
- **Low (2):** Unlikely within 2 years
- **Very Low (1):** Rare or theoretical
**Impact Scale:**
- **Critical (5):** Mission failure, life-threatening consequences
- **High (4):** Major operational disruption, serious legal consequences
- **Medium (3):** Moderate disruption, manageable consequences
- **Low (2):** Minor inconvenience, limited impact
- **Very Low (1):** Negligible impact
**Risk Matrix:**
```
Impact → VL L M H C
Likelihood ↓
Very High M H H C C
High L M H H C
Medium L L M H H
Low VL L L M H
Very Low VL VL L L M
Legend: VL=Very Low, L=Low, M=Medium, H=High, C=Critical
```
### Risk Assessment Process
#### Step 1: Threat Inventory
Create comprehensive list of identified threats from threat modeling process:
- Categorize by threat actor and attack vector
- Document current intelligence and evidence
- Assess threat actor capabilities and motivations
- Identify information gaps and uncertainties
#### Step 2: Vulnerability Assessment
For each threat, assess organizational vulnerabilities:
**Technical Vulnerabilities:**
- Unpatched software and system weaknesses
- Insecure configurations and default settings
- Weak encryption and authentication mechanisms
- Inadequate monitoring and detection capabilities
**Procedural Vulnerabilities:**
- Inadequate security policies and procedures
- Insufficient training and awareness programs
- Poor access control and permission management
- Weak incident response and recovery capabilities
**Human Vulnerabilities:**
- Social engineering susceptibility
- Insider threat potential
- Security culture weaknesses
- Stress and pressure responses
#### Step 3: Impact Analysis
Assess potential consequences of successful attacks:
**Operational Impact:**
- Mission disruption and failure
- Capability loss and degradation
- Resource depletion and damage
- Timeline delays and setbacks
**Security Impact:**
- Personnel safety and freedom
- Information disclosure and intelligence loss
- Network compromise and relationship damage
- Legal consequences and prosecution
**Strategic Impact:**
- Movement effectiveness and credibility
- Public support and political position
- Long-term viability and sustainability
- Broader resistance movement impact
#### Step 4: Risk Prioritization
Rank risks based on calculated scores and strategic importance:
**Priority Categories:**
- **Critical Risks:** Immediate attention required
- **High Risks:** Address within 30 days
- **Medium Risks:** Address within 90 days
- **Low Risks:** Address as resources permit
- **Accepted Risks:** Monitor but no immediate action
### Risk Treatment Strategies
#### Risk Mitigation
Reduce likelihood or impact through security controls:
- **Preventive Controls:** Block or deter attacks
- **Detective Controls:** Identify attacks in progress
- **Corrective Controls:** Respond to and recover from attacks
- **Compensating Controls:** Alternative measures when primary controls fail
#### Risk Transfer
Shift risk to other parties or systems:
- **Insurance:** Financial protection against losses
- **Outsourcing:** Transfer operational risks to service providers
- **Partnerships:** Share risks with allied organizations
- **Legal Protections:** Use legal mechanisms to limit exposure
#### Risk Acceptance
Consciously accept certain risks:
- **Residual Risk:** Remaining risk after mitigation measures
- **Strategic Risk:** Risks necessary for mission accomplishment
- **Resource Constraints:** Risks that cannot be addressed with available resources
- **Temporary Acceptance:** Short-term acceptance pending future mitigation
#### Risk Avoidance
Eliminate risk by avoiding the activity:
- **Operational Changes:** Modify operations to eliminate risk
- **Technology Alternatives:** Use different tools or methods
- **Geographic Relocation:** Move operations to safer locations
- **Timing Adjustments:** Delay operations until risks decrease
<div class="success-box">
<div class="success-title">Risk Management</div>
<p>Effective risk management is an ongoing process that requires regular review and updates. Risk assessments should be updated whenever significant changes occur in the threat environment, organizational capabilities, or operational requirements.</p>
</div>
---
## Section 2-4: Operational Security (OpSec) Fundamentals
### Definition
Operational Security (OpSec) is the process of protecting critical information and activities from adversary intelligence collection and analysis. OpSec focuses on identifying and controlling information that could be used to compromise operations, rather than just protecting classified information.
### OpSec Process
#### Step 1: Identify Critical Information
**Critical Information Categories:**
- **Who:** Personnel identities, roles, and relationships
- **What:** Operational objectives, methods, and capabilities
- **When:** Timing, schedules, and deadlines
- **Where:** Locations, routes, and geographic areas
- **Why:** Motivations, strategies, and decision-making processes
- **How:** Methods, procedures, and technical details
**Critical Information Examples:**
```
Personnel Information:
- Real names and personal details
- Communication addresses and identifiers
- Role assignments and responsibilities
- Skill sets and expertise areas
- Personal vulnerabilities and pressure points
Operational Information:
- Mission objectives and success criteria
- Operational timelines and milestones
- Resource requirements and allocations
- Coordination mechanisms and protocols
- Contingency plans and alternatives
Technical Information:
- Communication methods and frequencies
- Security procedures and protocols
- Equipment specifications and capabilities
- Software configurations and vulnerabilities
- Network architecture and access points
```
#### Step 2: Analyze Threats
Apply threat modeling to identify how adversaries might collect and use critical information:
**Collection Methods:**
- **Technical Collection:** Electronic surveillance and monitoring
- **Human Collection:** Informants, infiltration, and social engineering
- **Open Source Collection:** Public information and social media
- **Physical Collection:** Surveillance and document recovery
**Analysis Capabilities:**
- **Pattern Analysis:** Identifying trends and behaviors
- **Network Analysis:** Mapping relationships and structures
- **Predictive Analysis:** Forecasting future activities
- **Correlation Analysis:** Connecting disparate information sources
#### Step 3: Analyze Vulnerabilities
Identify how critical information might be exposed:
**Information Leakage Points:**
- **Communication Channels:** Insecure or monitored communications
- **Behavioral Patterns:** Predictable activities and routines
- **Physical Evidence:** Documents, equipment, and traces
- **Social Interactions:** Casual conversations and relationships
- **Digital Footprints:** Online activities and data trails
**Vulnerability Assessment Questions:**
```
For each piece of critical information:
1. Who has access to this information?
2. How is this information stored and transmitted?
3. What activities might reveal this information?
4. What patterns might indicate this information?
5. How could an adversary collect this information?
6. What would an adversary do with this information?
```
#### Step 4: Assess Risk
Evaluate the likelihood and impact of information compromise:
**Risk Factors:**
- **Information Value:** How useful is this to adversaries?
- **Collection Difficulty:** How hard is it for adversaries to obtain?
- **Analysis Complexity:** How difficult is it to interpret and use?
- **Operational Impact:** What happens if this is compromised?
- **Mitigation Cost:** How expensive is it to protect?
#### Step 5: Apply Countermeasures
Implement measures to protect critical information:
**Information Control Measures:**
- **Classification:** Formal information protection levels
- **Compartmentalization:** Limiting access on need-to-know basis
- **Sanitization:** Removing sensitive details from communications
- **Disinformation:** Providing false information to confuse adversaries
**Activity Control Measures:**
- **Pattern Breaking:** Varying routines and procedures
- **Timing Control:** Coordinating activities to minimize exposure
- **Location Security:** Protecting meeting places and safe houses
- **Communication Security:** Using secure channels and protocols
### OpSec Planning
#### OpSec Plan Template
```
1. Mission Overview
- Objectives and scope
- Timeline and milestones
- Success criteria
2. Critical Information List
- Information categories
- Sensitivity levels
- Access requirements
3. Threat Assessment
- Adversary capabilities
- Collection methods
- Analysis capabilities
4. Vulnerability Analysis
- Exposure points
- Risk factors
- Mitigation priorities
5. Countermeasure Plan
- Protective measures
- Implementation timeline
- Responsibility assignments
6. Monitoring and Review
- Effectiveness metrics
- Review schedule
- Update procedures
```
#### Implementation Guidelines
**Training and Awareness:**
- **OpSec Education:** Understanding principles and importance
- **Threat Briefings:** Current adversary capabilities and methods
- **Procedure Training:** Specific protective measures and protocols
- **Regular Updates:** Ongoing education and reinforcement
**Monitoring and Enforcement:**
- **Compliance Monitoring:** Checking adherence to OpSec procedures
- **Incident Reporting:** Documenting OpSec failures and near-misses
- **Corrective Action:** Addressing violations and weaknesses
- **Continuous Improvement:** Updating procedures based on experience
**Integration with Operations:**
- **Planning Integration:** OpSec considerations in all operational planning
- **Execution Monitoring:** Real-time OpSec awareness during operations
- **Post-Operation Review:** Analyzing OpSec effectiveness and lessons learned
- **Feedback Loop:** Incorporating lessons into future planning
<div class="warning-box">
<div class="warning-title">OpSec Discipline</div>
<p>OpSec is only as strong as its weakest link. All participants must understand and consistently apply OpSec principles. A single careless action can compromise an entire operation and endanger all participants.</p>
</div>
---
## Chapter Summary
Chapter 2 has provided the analytical framework necessary for understanding and responding to threats in resistance operations:
**Section 2-1** established methodologies for analyzing adversary capabilities, motivations, and limitations across different threat actor categories.
**Section 2-2** introduced systematic threat modeling approaches for identifying and analyzing potential attacks against resistance operations.
**Section 2-3** provided risk assessment frameworks for prioritizing threats and allocating security resources effectively.
**Section 2-4** covered operational security fundamentals for protecting critical information and activities from adversary intelligence collection.
### Integration with Security Planning
The threat assessment and OpSec methodologies covered in this chapter provide the analytical foundation for all subsequent security planning and implementation. The communication systems, operational procedures, and advanced techniques covered in later parts of this manual should be selected and configured based on the threat assessment and risk analysis conducted using these frameworks.
### Continuous Process
Threat assessment and OpSec are not one-time activities but ongoing processes that must be regularly updated as the operational environment changes. New threats emerge, adversary capabilities evolve, and operational requirements shift, requiring continuous monitoring and adaptation of security measures.
---
**Next:** [Part II: Secure Communication Systems →](/parts/part-2/)
_chapters/chapter-3.md
+980
View File
@@ -0,0 +1,980 @@
---
layout: default
title: "Chapter 3: Communication Layer Architecture"
description: "Multi-layer communication strategy and protocol selection for resistance operations"
section_number: "3-1 to 3-6"
prev_page:
title: "Part II: Communication Systems"
url: "/parts/part-2/"
next_page:
title: "Chapter 4: Secure Messaging"
url: "/chapters/chapter-4/"
---
# Chapter 3: Communication Layer Architecture
## Chapter Overview
This chapter establishes the multi-layer communication architecture that forms the backbone of secure resistance communications. Rather than relying on a single communication method, effective resistance networks employ multiple complementary systems, each optimized for specific security requirements and operational scenarios.
**Sections in this chapter:**
- 3-1: Multi-Layer Communication Strategy
- 3-2: High-Risk Real-Time Communication (Layer 1)
- 3-3: Secure Collaboration Systems (Layer 2)
- 3-4: Failsafe and Offline Methods (Layer 3)
- 3-5: Anonymous Broadcasting (Layer 4)
- 3-6: Communication Protocol Selection
---
## Section 3-1: Multi-Layer Communication Strategy
### Architectural Principles
The multi-layer communication architecture is based on several key principles derived from both historical resistance experience and modern security research:
#### Defense in Depth
No single communication system can address all security requirements and operational scenarios. Multiple layers provide redundancy and ensure that compromise of one system does not eliminate all communication capabilities.
#### Appropriate Security
Different communications require different security levels. Using maximum security for all communications is both unnecessary and operationally ineffective, while using insufficient security for critical communications is dangerous.
#### Operational Effectiveness
Communication systems must support actual operational requirements. Systems that are too complex, slow, or unreliable will be abandoned in favor of less secure but more usable alternatives.
#### Metadata Minimization
Each layer employs different strategies for minimizing metadata exposure, from onion routing to time delays to broadcast methods that eliminate recipient identification.
### Layer Selection Criteria
#### Security Requirements
```
Security Level Assessment:
1. Content Sensitivity
- Public information (low security)
- Internal coordination (medium security)
- Operational details (high security)
- Critical intelligence (maximum security)
2. Participant Risk
- Public supporters (low risk)
- Active participants (medium risk)
- Cell leaders (high risk)
- Key operatives (maximum risk)
3. Adversary Capabilities
- Local law enforcement (basic capabilities)
- Federal agencies (advanced capabilities)
- Intelligence services (sophisticated capabilities)
- Authoritarian regimes (comprehensive capabilities)
```
#### Operational Requirements
- **Timing:** Real-time vs. asynchronous communication needs
- **Participants:** One-to-one, small group, or broadcast requirements
- **Content:** Text, files, voice, or multimedia sharing needs
- **Reliability:** Tolerance for delays, failures, or service interruptions
- **Accessibility:** Technical skill requirements and device compatibility
#### Resource Constraints
- **Technical Resources:** Server infrastructure and maintenance capabilities
- **Financial Resources:** Software licensing and hosting costs
- **Human Resources:** Technical expertise and training requirements
- **Time Constraints:** Implementation timeline and operational deadlines
### Layer Architecture Overview
#### Layer 1: High-Risk Real-Time Communication
**Primary Tools:** Session Messenger, Briar
**Security Features:**
- Onion routing for metadata protection
- Peer-to-peer architecture with no central servers
- Ephemeral messaging with automatic deletion
- Offline mesh networking capabilities
**Use Cases:**
- Time-sensitive operational coordination
- Emergency communications during active operations
- High-risk participant communications
- Situations requiring maximum anonymity
#### Layer 2: Secure Collaboration Systems
**Primary Tools:** Element/Matrix (self-hosted), CryptPad
**Security Features:**
- End-to-end encryption with forward secrecy
- Self-hosted infrastructure under resistance control
- Rich collaboration features with security
- Persistent storage with access controls
**Use Cases:**
- Ongoing operational planning and coordination
- Document collaboration and version control
- Group communications and decision-making
- Resource sharing and logistical coordination
#### Layer 3: Failsafe and Offline Methods
**Primary Tools:** OnionShare, encrypted email, physical methods
**Security Features:**
- No dependence on internet infrastructure
- Asynchronous communication with time delays
- Multiple redundant channels and methods
- Resistance to network disruption and censorship
**Use Cases:**
- Emergency communications when other systems fail
- Backup channels for critical information
- Communications in areas with limited internet access
- Long-term information storage and retrieval
#### Layer 4: Anonymous Broadcasting
**Primary Tools:** Tor hidden services, distributed platforms
**Security Features:**
- Strong sender anonymity protection
- Censorship resistance and high availability
- One-to-many communication model
- Public accessibility without authentication
**Use Cases:**
- Public communications and propaganda
- Information distribution to supporters
- Coordination of public actions and events
- Counter-narrative and information warfare
### Implementation Strategy
#### Phased Deployment
```
Phase 1: Foundation (Weeks 1-4)
- Implement basic secure messaging (Signal/Session)
- Establish fundamental security procedures
- Train core participants in basic tools
Phase 2: Collaboration (Weeks 5-8)
- Deploy self-hosted Matrix server
- Implement CryptPad for document collaboration
- Establish group communication protocols
Phase 3: Advanced Security (Weeks 9-12)
- Implement Briar for high-risk scenarios
- Establish OnionShare for file transfers
- Deploy emergency communication channels
Phase 4: Full Architecture (Weeks 13-16)
- Integrate all layers into coherent system
- Implement advanced security protocols
- Establish training and support systems
```
#### Integration Planning
- **Tool Selection:** Choose specific tools for each layer based on requirements
- **Protocol Development:** Establish procedures for using each layer appropriately
- **Training Programs:** Ensure all participants can use required tools effectively
- **Maintenance Planning:** Establish ongoing support and update procedures
<div class="info-box">
<div class="info-title">Layer Coordination</div>
<p>The four layers are designed to work together, not in isolation. Effective implementation requires clear protocols for when to use each layer and how to coordinate between them while maintaining security.</p>
</div>
---
## Section 3-2: High-Risk Real-Time Communication (Layer 1)
### Purpose and Requirements
Layer 1 provides maximum security for time-sensitive communications during high-risk operations. This layer prioritizes security and anonymity over convenience and features, making it suitable for:
- Coordination during active operations
- Emergency communications under surveillance
- Communications between high-value targets
- Situations where compromise would have immediate severe consequences
### Technical Architecture
#### Onion Routing
Layer 1 systems use onion routing (similar to Tor) to protect communication metadata:
```
Communication Path:
User A → Entry Node → Middle Node → Exit Node → User B
Each hop only knows:
- Entry Node: User A's identity, Middle Node's identity
- Middle Node: Entry Node's identity, Exit Node's identity
- Exit Node: Middle Node's identity, User B's identity
No single node knows both sender and recipient
```
#### Peer-to-Peer Architecture
- **No Central Servers:** Eliminates single points of failure and control
- **Distributed Routing:** Messages route through multiple peer nodes
- **Mesh Networking:** Devices can communicate directly when in proximity
- **Offline Capability:** Store-and-forward messaging when network unavailable
#### Ephemeral Messaging
- **Automatic Deletion:** Messages deleted after reading or time expiration
- **No Persistent Storage:** No long-term message history maintained
- **Forward Secrecy:** Compromise of current keys doesn't expose past messages
- **Deniable Authentication:** Cannot prove who sent specific messages
### Primary Tools
#### Session Messenger
**Strengths:**
- Built on Signal Protocol with onion routing
- No phone number or personal information required
- Automatic message deletion and forward secrecy
- Desktop and mobile applications available
**Configuration:**
```
Security Settings:
- Enable disappearing messages (shortest duration)
- Disable read receipts and typing indicators
- Use random Session ID, not linked to identity
- Enable onion routing for all communications
- Disable message notifications and previews
```
**Operational Procedures:**
- Create new Session ID for each operation or role
- Use only on dedicated devices not linked to identity
- Communicate only through Tor or VPN connections
- Delete and recreate Session ID regularly
#### Briar Messenger
**Strengths:**
- True peer-to-peer with no servers required
- Bluetooth and WiFi direct communication capability
- Tor integration for internet communications
- Open source with strong security audit history
**Configuration:**
```
Network Settings:
- Enable Tor for internet connections
- Enable Bluetooth for local mesh networking
- Enable WiFi for local area networking
- Disable location services and contact access
```
**Operational Procedures:**
- Use only on dedicated devices with clean identities
- Enable mesh networking only in secure environments
- Regularly update contact lists and remove old contacts
- Use time-limited contact sharing for new connections
### Security Protocols
#### Identity Management
- **Compartmentalized Identities:** Different identities for different operations
- **Identity Rotation:** Regular creation of new identities and retirement of old ones
- **Identity Verification:** Out-of-band verification of contact identities
- **Identity Separation:** No linking between different operational identities
#### Communication Protocols
```
Standard Communication Protocol:
1. Verify recipient identity through out-of-band channel
2. Establish secure session using verified identity
3. Communicate using coded language even in encrypted channels
4. Confirm message receipt through separate channel if critical
5. Delete conversation and rotate identity if compromised
```
#### Emergency Procedures
- **Duress Codes:** Predetermined signals indicating compromise or coercion
- **Emergency Contacts:** Backup communication methods for crisis situations
- **Burn Procedures:** Rapid deletion of all communication evidence
- **Fallback Channels:** Alternative communication methods when primary fails
### Operational Considerations
#### Performance Limitations
- **Slower Message Delivery:** Onion routing introduces latency
- **Limited Features:** Focus on security over convenience features
- **Battery Drain:** Mesh networking and encryption consume more power
- **Network Dependencies:** Requires sufficient peer nodes for routing
#### Training Requirements
- **Technical Complexity:** Requires understanding of security concepts
- **Operational Discipline:** Strict adherence to security protocols required
- **Emergency Procedures:** All participants must know emergency protocols
- **Regular Practice:** Skills must be maintained through regular use
#### Use Case Guidelines
<div class="do-dont-list">
<div class="do-list">
<h4>DO Use Layer 1 For:</h4>
<ul>
<li>Time-sensitive operational coordination</li>
<li>Communications during active surveillance</li>
<li>High-risk participant communications</li>
<li>Emergency situations requiring maximum security</li>
<li>Coordination of sensitive operations</li>
</ul>
</div>
<div class="dont-list">
<h4>DON'T Use Layer 1 For:</h4>
<ul>
<li>Routine administrative communications</li>
<li>Large file transfers or media sharing</li>
<li>Group discussions with many participants</li>
<li>Long-term document storage or collaboration</li>
<li>Public or semi-public communications</li>
</ul>
</div>
</div>
---
## Section 3-3: Secure Collaboration Systems (Layer 2)
### Purpose and Requirements
Layer 2 balances security with collaboration functionality, providing encrypted group communications, file sharing, and document collaboration while maintaining strong security protections. This layer supports:
- Ongoing operational planning and coordination
- Secure document collaboration and version control
- Group decision-making and consensus building
- Resource sharing and logistical coordination
### Technical Architecture
#### Self-Hosted Infrastructure
Layer 2 systems use self-hosted infrastructure to maintain control over security and data:
```
Infrastructure Components:
- Matrix Homeserver (Element/Synapse)
- CryptPad Collaboration Server
- File Storage Server (Nextcloud/ownCloud)
- VPN Server for secure access
- Backup and Recovery Systems
```
#### End-to-End Encryption
- **Message Encryption:** All messages encrypted before leaving sender device
- **File Encryption:** Documents encrypted both in transit and at rest
- **Key Management:** Cryptographic keys managed by participants, not servers
- **Forward Secrecy:** Regular key rotation prevents retroactive decryption
#### Access Control
- **Role-Based Access:** Different permission levels for different participants
- **Room/Channel Security:** Separate encrypted spaces for different purposes
- **Invitation-Only:** New participants require invitation from existing members
- **Audit Logging:** Secure logging of access and administrative actions
### Primary Tools
#### Element/Matrix (Self-Hosted)
**Capabilities:**
- Encrypted group messaging and voice/video calls
- File sharing with encryption and access controls
- Room-based organization with different security levels
- Federation capability for connecting multiple servers
**Server Setup:**
```
Synapse Server Configuration:
- Deploy on dedicated server with full disk encryption
- Configure behind VPN with restricted access
- Enable end-to-end encryption for all rooms
- Disable federation with public Matrix servers
- Implement strong authentication and access controls
```
**Client Configuration:**
```
Element Security Settings:
- Enable cross-signing for device verification
- Verify all room participants and their devices
- Enable secure backup for encryption keys
- Disable read receipts and typing notifications
- Use strong, unique passwords with 2FA
```
#### CryptPad Collaboration Platform
**Capabilities:**
- Real-time collaborative document editing
- Spreadsheets, presentations, and forms
- File storage with encryption and sharing controls
- Anonymous usage without account requirements
**Server Setup:**
```
CryptPad Configuration:
- Self-host on secure server infrastructure
- Configure with strong encryption settings
- Disable analytics and external connections
- Implement access controls and user limits
- Regular security updates and monitoring
```
**Usage Protocols:**
```
Document Security Procedures:
1. Create documents only on self-hosted instance
2. Use strong passwords for document protection
3. Share access links only through secure channels
4. Regularly review and revoke document access
5. Export and backup important documents securely
```
### Security Protocols
#### Server Security
- **Hardened Operating System:** Minimal installation with security updates
- **Network Security:** Firewall configuration and intrusion detection
- **Access Control:** Strong authentication and limited administrative access
- **Monitoring:** Security logging and anomaly detection
- **Backup Security:** Encrypted backups with secure key management
#### Operational Security
```
Communication Security Procedures:
1. Verify participant identities before adding to groups
2. Use coded language for sensitive topics
3. Regularly rotate encryption keys and passwords
4. Monitor for unusual activity or access patterns
5. Implement incident response procedures for compromise
```
#### Data Management
- **Data Classification:** Different security levels for different information types
- **Retention Policies:** Automatic deletion of old messages and files
- **Export Controls:** Secure procedures for data export and migration
- **Sanitization:** Secure deletion of sensitive data when no longer needed
### Operational Procedures
#### Group Management
```
Secure Group Creation Process:
1. Define group purpose and security requirements
2. Identify necessary participants and their roles
3. Create encrypted room/channel with appropriate settings
4. Invite participants through secure out-of-band verification
5. Establish group communication protocols and procedures
6. Regular review of membership and access permissions
```
#### Document Collaboration
- **Version Control:** Track document changes and maintain version history
- **Access Management:** Control who can view, edit, and share documents
- **Review Processes:** Establish procedures for document review and approval
- **Security Marking:** Clear labeling of document sensitivity levels
#### File Sharing
- **Secure Upload:** Encrypt files before uploading to shared storage
- **Access Controls:** Limit file access to authorized participants only
- **Download Security:** Verify file integrity and scan for malware
- **Sharing Protocols:** Secure procedures for sharing files with external parties
<div class="warning-box">
<div class="warning-title">Server Compromise</div>
<p>Self-hosted infrastructure requires ongoing security maintenance and monitoring. Server compromise can expose all communications and files, making proper security hardening and incident response planning essential.</p>
</div>
---
## Section 3-4: Failsafe and Offline Methods (Layer 3)
### Purpose and Requirements
Layer 3 provides backup communication channels that function independently of internet infrastructure and resist network disruption, censorship, and surveillance. This layer ensures communication capability when other systems fail and provides:
- Emergency communications during network outages
- Backup channels for critical information transfer
- Communications in areas with limited internet access
- Long-term information storage and dead drop systems
### Technical Architecture
#### Asynchronous Communication
Layer 3 systems use store-and-forward methods that don't require simultaneous online presence:
```
Asynchronous Communication Flow:
Sender → Intermediate Storage → Recipient
Benefits:
- No real-time correlation between sender and recipient
- Resistance to network timing analysis
- Functionality during partial network outages
- Time delays that complicate surveillance
```
#### Multiple Transport Methods
- **Internet-Based:** OnionShare, encrypted email, file hosting
- **Physical Media:** USB drives, SD cards, printed materials
- **Radio Communications:** Shortwave, amateur radio, mesh networks
- **Human Couriers:** Trusted individuals carrying messages or media
#### Redundant Channels
- **Primary Channel:** Main method for routine backup communications
- **Secondary Channels:** Alternative methods for different scenarios
- **Emergency Channels:** Last-resort methods for crisis situations
- **Verification Channels:** Separate methods for confirming message receipt
### Primary Tools and Methods
#### OnionShare
**Capabilities:**
- Anonymous file sharing over Tor network
- No central servers or account requirements
- Automatic deletion after download or time expiration
- Website hosting for anonymous information distribution
**Configuration:**
```
OnionShare Security Settings:
- Use Tor Browser for all access
- Enable automatic shutdown after download
- Set short expiration times for shared files
- Use strong passwords for protected shares
- Access only from secure, anonymous devices
```
**Operational Procedures:**
```
Secure File Transfer Process:
1. Create encrypted archive of files to share
2. Generate OnionShare link with password protection
3. Share link and password through separate secure channels
4. Monitor for successful download and automatic shutdown
5. Verify receipt through separate communication channel
```
#### Encrypted Email Systems
**Recommended Services:**
- ProtonMail with Tor access
- Tutanota with anonymous signup
- Self-hosted email with PGP encryption
- Temporary email services for one-time use
**Security Configuration:**
```
Email Security Setup:
- Create accounts using Tor and anonymous information
- Use strong, unique passwords with 2FA when available
- Enable PGP encryption for all sensitive communications
- Configure automatic message deletion
- Access only through Tor or secure VPN
```
#### Physical Dead Drops
**Digital Dead Drops:**
- Hidden USB drives in public locations
- QR codes with encrypted data in public spaces
- Steganography in publicly posted images
- Data hidden in public file sharing services
**Physical Dead Drops:**
- Traditional spy craft methods adapted for resistance
- Predetermined locations for leaving messages or materials
- Signal systems for indicating message availability
- Security protocols for dead drop servicing
### Security Protocols
#### Time Delay Security
```
Operational Time Delays:
- Minimum 24-hour delay between message creation and pickup
- Random additional delays to prevent pattern analysis
- Staggered access times to avoid correlation
- Multiple intermediate steps to break timing chains
```
#### Channel Separation
- **Different Channels for Different Purposes:** No single channel used for multiple types of communication
- **Identity Separation:** Different identities and accounts for each channel
- **Geographic Separation:** Different physical locations for different channels
- **Temporal Separation:** Different time periods for different channel usage
#### Verification Procedures
```
Message Verification Process:
1. Cryptographic signatures to verify sender authenticity
2. Predetermined code words or phrases for verification
3. Separate channel confirmation of message receipt
4. Cross-reference with other intelligence sources
5. Verification of message integrity and completeness
```
### Operational Procedures
#### Emergency Communication Protocols
```
Emergency Communication Sequence:
1. Attempt primary communication channels (Layers 1-2)
2. If primary channels fail, activate Layer 3 protocols
3. Use predetermined emergency contact methods
4. Implement duress codes if under coercion
5. Activate backup communication networks
6. Establish new primary channels when possible
```
#### Dead Drop Management
- **Location Security:** Choose locations that are publicly accessible but not under surveillance
- **Servicing Protocols:** Establish regular schedules for checking and maintaining dead drops
- **Signal Systems:** Use predetermined signals to indicate message availability or compromise
- **Backup Locations:** Maintain multiple dead drop locations for redundancy
#### Long-Term Storage
- **Encrypted Archives:** Create encrypted backups of critical information
- **Distributed Storage:** Store copies in multiple secure locations
- **Access Procedures:** Establish protocols for accessing stored information
- **Update Procedures:** Regular updates and verification of stored information
<div class="success-box">
<div class="success-title">Resilience Planning</div>
<p>Layer 3 methods require advance planning and preparation. Emergency communication channels must be established and tested before they are needed, as crisis situations provide no time for setup and configuration.</p>
</div>
---
## Section 3-5: Anonymous Broadcasting (Layer 4)
### Purpose and Requirements
Layer 4 provides one-to-many communication capabilities with strong sender anonymity and censorship resistance. This layer supports public-facing communications while protecting the identity and location of the sender:
- Public communications and propaganda distribution
- Information sharing with supporters and sympathizers
- Coordination of public actions and demonstrations
- Counter-narrative and information warfare operations
### Technical Architecture
#### Anonymity Networks
Layer 4 systems use anonymity networks to protect sender identity:
```
Tor Hidden Services Architecture:
Publisher → Tor Network → Hidden Service → Public Access
Anonymity Features:
- Publisher identity hidden from readers
- Publisher location hidden from network operators
- Content hosted on distributed network
- Censorship resistance through multiple access points
```
#### Content Distribution Networks
- **Distributed Hosting:** Content replicated across multiple servers and networks
- **Mirror Sites:** Multiple copies of content on different platforms
- **Peer-to-Peer Distribution:** Content shared through BitTorrent and similar networks
- **Social Media Integration:** Automated posting to multiple social media platforms
#### Censorship Resistance
- **Domain Fronting:** Hide destination of web traffic behind legitimate services
- **Decentralized Platforms:** Use blockchain and peer-to-peer publishing platforms
- **Multiple Access Methods:** Provide various ways to access the same content
- **Rapid Migration:** Ability to quickly move content to new platforms
### Primary Tools and Platforms
#### Tor Hidden Services
**Capabilities:**
- Anonymous website hosting with .onion addresses
- Protection against traffic analysis and censorship
- No central authority or registration required
- Integration with standard web technologies
**Setup Procedures:**
```
Hidden Service Configuration:
1. Install and configure Tor on secure server
2. Generate .onion address and private keys
3. Configure web server to serve content locally
4. Test access through Tor Browser
5. Implement security hardening and monitoring
```
#### Distributed Publishing Platforms
**IPFS (InterPlanetary File System):**
- Decentralized file storage and distribution
- Content-addressed storage with cryptographic verification
- Peer-to-peer distribution without central servers
- Integration with blockchain naming systems
**Blockchain Platforms:**
- Ethereum-based publishing platforms
- Bitcoin blockchain data storage
- Decentralized autonomous organization (DAO) governance
- Cryptocurrency-based incentive systems
#### Social Media Automation
**Multi-Platform Publishing:**
- Automated posting to Twitter, Facebook, Telegram, etc.
- Content adaptation for different platform requirements
- Scheduled publishing and content calendars
- Analytics and engagement monitoring
**Account Management:**
```
Anonymous Account Creation:
1. Use Tor Browser for all account creation
2. Use temporary email addresses for registration
3. Provide minimal or false personal information
4. Use VPN or proxy for additional protection
5. Maintain separate identities for different purposes
```
### Security Protocols
#### Publisher Anonymity
- **Identity Separation:** Complete separation between publisher identity and real identity
- **Location Security:** Publish only from secure, anonymous locations
- **Device Security:** Use dedicated devices not linked to real identity
- **Network Security:** Always use Tor or VPN for all publishing activities
#### Content Security
```
Content Publication Security:
1. Remove metadata from all files before publication
2. Use generic writing style to avoid stylometric analysis
3. Avoid revealing specific knowledge or experiences
4. Use stock images or create original graphics
5. Review content for operational security implications
```
#### Platform Security
- **Account Security:** Strong passwords, 2FA, and secure recovery methods
- **Platform Diversity:** Use multiple platforms to avoid single points of failure
- **Backup Systems:** Maintain copies of all content and account information
- **Migration Planning:** Prepare for rapid migration if platforms are compromised
### Operational Procedures
#### Content Planning
```
Publication Planning Process:
1. Define target audience and communication objectives
2. Develop content calendar and publication schedule
3. Create content following security and anonymity guidelines
4. Review content for operational security implications
5. Coordinate publication across multiple platforms
6. Monitor engagement and adjust strategy as needed
```
#### Crisis Communication
- **Rapid Response:** Ability to quickly publish time-sensitive information
- **Emergency Protocols:** Predetermined procedures for crisis communications
- **Backup Channels:** Alternative publication methods if primary channels fail
- **Coordination:** Integration with other resistance communication efforts
#### Audience Engagement
- **Feedback Channels:** Secure methods for receiving audience feedback
- **Community Building:** Foster engagement while maintaining security
- **Information Verification:** Procedures for verifying and fact-checking information
- **Counter-Narrative:** Respond to hostile propaganda and disinformation
<div class="warning-box">
<div class="warning-title">Attribution Risk</div>
<p>Even with strong technical anonymity, writing style, content knowledge, and publication patterns can potentially identify authors. Careful attention to operational security is essential for maintaining publisher anonymity.</p>
</div>
---
## Section 3-6: Communication Protocol Selection
### Decision Framework
Selecting appropriate communication protocols requires systematic evaluation of security requirements, operational needs, and available resources. This section provides frameworks for making these decisions systematically rather than ad hoc.
### Security Requirements Assessment
#### Threat Level Analysis
```
Threat Level Matrix:
Low Medium High Critical
Content Risk L1-4 L1-3 L1-2 L1 Only
Participant L2-4 L1-3 L1-2 L1 Only
Timing Risk L2-4 L1-3 L1-2 L1 Only
Network Risk L3-4 L2-4 L1-3 L1-2
Legend: L1=Layer 1, L2=Layer 2, etc.
```
#### Risk Factor Evaluation
**Content Sensitivity:**
- **Public Information:** Can be disclosed without operational impact
- **Internal Coordination:** Useful to adversaries but not immediately damaging
- **Operational Details:** Could compromise specific operations if disclosed
- **Critical Intelligence:** Would cause immediate severe damage if compromised
**Participant Risk Level:**
- **Public Supporters:** Known association with resistance but not operational roles
- **Active Participants:** Involved in resistance activities but not leadership
- **Cell Leaders:** Responsible for operational coordination and planning
- **Key Operatives:** Critical to resistance operations and high-value targets
**Timing Sensitivity:**
- **Routine Communications:** No time pressure for delivery
- **Coordination Required:** Timely delivery important for effectiveness
- **Time-Critical Operations:** Immediate delivery required for success
- **Emergency Situations:** Delay could result in immediate harm
### Operational Requirements Assessment
#### Communication Characteristics
```
Requirement Assessment:
1. Participants
- One-to-one communication
- Small group (3-10 participants)
- Large group (10+ participants)
- Broadcast (one-to-many)
2. Content Type
- Text messages only
- File sharing required
- Voice/video communication
- Collaborative editing
3. Timing Requirements
- Real-time communication required
- Near real-time acceptable (minutes)
- Asynchronous acceptable (hours)
- Delayed acceptable (days)
4. Reliability Requirements
- Mission-critical (must not fail)
- Important (failure causes problems)
- Useful (failure is inconvenient)
- Optional (failure is acceptable)
```
#### Technical Constraints
- **Device Capabilities:** Smartphone, computer, or specialized hardware requirements
- **Network Requirements:** Internet, cellular, or offline capability needs
- **Technical Expertise:** User skill level and training requirements
- **Infrastructure:** Server hosting and maintenance capabilities
### Protocol Selection Matrix
#### Layer 1 Selection Criteria
**Use Layer 1 When:**
- Content sensitivity is high or critical
- Participants are high-risk or key operatives
- Real-time communication is required under surveillance
- Maximum anonymity and metadata protection needed
**Layer 1 Tool Selection:**
```
Session Messenger:
- Best for: Routine high-security communications
- Strengths: Easy to use, good mobile support
- Limitations: Requires internet connection
Briar:
- Best for: Offline and mesh networking scenarios
- Strengths: No servers, offline capability
- Limitations: More complex setup and usage
```
#### Layer 2 Selection Criteria
**Use Layer 2 When:**
- Collaboration features are required
- Group communication with multiple participants
- File sharing and document collaboration needed
- Persistent communication history is valuable
**Layer 2 Tool Selection:**
```
Element/Matrix:
- Best for: Group communications and coordination
- Strengths: Rich features, federation capability
- Limitations: Requires server infrastructure
CryptPad:
- Best for: Document collaboration and editing
- Strengths: Real-time collaboration, no accounts required
- Limitations: Limited to document-based collaboration
```
#### Layer 3 Selection Criteria
**Use Layer 3 When:**
- Backup communication channels needed
- Network disruption or censorship expected
- Asynchronous communication is acceptable
- Maximum reliability and availability required
#### Layer 4 Selection Criteria
**Use Layer 4 When:**
- Public communication and information distribution
- Sender anonymity is critical
- Censorship resistance is required
- One-to-many communication model needed
### Implementation Guidelines
#### Protocol Transition Procedures
```
Escalation Procedures:
Normal Operations → Layer 2 (Collaboration)
Increased Surveillance → Layer 1 (High Security)
Network Disruption → Layer 3 (Failsafe)
Public Communications → Layer 4 (Broadcasting)
De-escalation Procedures:
Emergency → Layer 3 → Layer 1 → Layer 2
Crisis → Layer 1 → Layer 2 → Normal Operations
```
#### Multi-Layer Coordination
- **Layer Integration:** Use multiple layers simultaneously for different purposes
- **Information Flow:** Establish procedures for moving information between layers
- **Verification:** Cross-verify critical information through multiple layers
- **Backup Activation:** Automatic failover to backup layers when primary fails
#### Training and Adoption
- **Progressive Training:** Start with basic tools before introducing complex systems
- **Scenario-Based Practice:** Train using realistic operational scenarios
- **Regular Exercises:** Maintain skills through regular practice and drills
- **Feedback Integration:** Incorporate user feedback into protocol refinement
<div class="info-box">
<div class="info-title">Protocol Evolution</div>
<p>Communication protocols must evolve as threats change, technology advances, and operational requirements shift. Regular review and updating of protocol selection criteria ensures continued effectiveness and security.</p>
</div>
---
## Chapter Summary
Chapter 3 has established the multi-layer communication architecture that provides the foundation for secure resistance communications:
**Section 3-1** introduced the strategic framework and principles underlying the multi-layer approach to communication security.
**Section 3-2** detailed Layer 1 systems for high-risk real-time communication with maximum security and anonymity protection.
**Section 3-3** covered Layer 2 systems that balance security with collaboration functionality for ongoing operational coordination.
**Section 3-4** described Layer 3 failsafe and offline methods that provide backup communication capabilities independent of internet infrastructure.
**Section 3-5** explained Layer 4 anonymous broadcasting systems for public communications with sender anonymity and censorship resistance.
**Section 3-6** provided systematic frameworks for selecting appropriate communication protocols based on security requirements and operational needs.
### Integration and Implementation
The multi-layer architecture provides a comprehensive framework for resistance communications, but effective implementation requires:
- **Systematic Assessment:** Regular evaluation of security requirements and operational needs
- **Progressive Implementation:** Gradual deployment starting with basic tools and building complexity
- **Ongoing Training:** Continuous education and skill development for all participants
- **Regular Review:** Periodic assessment and updating of communication protocols and procedures
### Next Steps
Chapter 4 builds on this architectural foundation by providing detailed configuration and operational guidance for the secure messaging systems that form the core of Layers 1 and 2. Understanding the architectural principles covered in this chapter is essential preparation for the practical implementation guidance that follows.
---
**Next:** [Chapter 4: Secure Messaging and Voice Communications →](/chapters/chapter-4/)
_chapters/chapter-4.md
+1592
View File
File diff suppressed because it is too large Load Diff
_chapters/chapter-5.md
+1323
View File
File diff suppressed because it is too large Load Diff
_chapters/chapter-6.md
+2120
View File
File diff suppressed because it is too large Load Diff
_chapters/chapter-7.md
+2025
View File
File diff suppressed because it is too large Load Diff
_chapters/chapter-8.md
+997
View File
@@ -0,0 +1,997 @@
---
layout: default
title: "Chapter 8: Operational Procedures"
description: "Comprehensive operational security procedures for resistance activities"
section_number: "8-1 to 8-8"
prev_page:
title: "Chapter 7: Digital Hygiene"
url: "/chapters/chapter-7/"
next_page:
title: "Part IV: Advanced Operations"
url: "/parts/part-4/"
---
# Chapter 8: Operational Procedures
## Chapter Overview
This chapter provides comprehensive operational procedures for conducting secure resistance activities. Operational procedures encompass the systematic approaches, protocols, and security measures required to plan, execute, and conclude resistance operations while maintaining security and minimizing risk exposure. These procedures form the practical foundation for all resistance activities covered in this manual.
**Sections in this chapter:**
- 8-1: Cell Organization and Structure
- 8-2: Meeting Security and Protocols
- 8-3: Coded Language and Communication
- 8-4: Surveillance Detection and Counter-Surveillance
- 8-5: Emergency Procedures and Protocols
- 8-6: Information Sanitization and Disposal
- 8-7: Operational Planning and Risk Assessment
- 8-8: Post-Operation Security Review
---
## Section 8-1: Cell Organization and Structure
### Overview
Cell organization represents the fundamental structural approach to resistance operations, providing security through compartmentalization while maintaining operational effectiveness. Proper cell structure minimizes exposure to surveillance, limits damage from compromises, and enables coordinated action across distributed networks. This section provides comprehensive guidance for establishing and maintaining secure cell-based resistance organizations.
### Cell Structure Principles
#### Basic Cell Architecture
**Cell Organization Framework:**
```
Cell Structure Hierarchy:
1. Individual Cell (3-5 members):
- Cell Leader (primary contact and coordinator)
- Operations Specialist (planning and execution)
- Communications Specialist (secure communications)
- Security Specialist (operational security)
- Support Member (logistics and backup)
2. Cell Network (3-7 cells):
- Network Coordinator (inter-cell communication)
- Specialized Cells (operations, intelligence, support)
- Backup Leadership (succession planning)
- Emergency Protocols (crisis response)
3. Regional Organization (multiple networks):
- Regional Command (strategic coordination)
- Network Liaisons (inter-network communication)
- Resource Coordination (logistics and support)
- Security Oversight (counter-intelligence)
```
#### Compartmentalization Strategies
**Information Compartmentalization:**
```
Compartmentalization Levels:
1. Need-to-Know Basis:
- Members know only information essential to their role
- Operational details shared on mission-specific basis
- Personal information limited to operational necessities
- Historical information restricted to relevant context
2. Role-Based Access:
- Cell leaders have broader operational knowledge
- Specialists know details relevant to their expertise
- Support members have limited operational information
- Network coordinators have inter-cell communication only
3. Temporal Compartmentalization:
- Information shared only when operationally necessary
- Historical operations kept separate from current activities
- Future planning limited to immediate participants
- Emergency information pre-positioned but secured
4. Geographic Compartmentalization:
- Local cells know only local operational areas
- Regional information limited to coordination needs
- Cross-regional knowledge restricted to leadership
- Safe house locations compartmentalized by function
```
### Cell Formation and Recruitment
#### Member Selection Criteria
**Recruitment Security Assessment:**
```
Member Evaluation Framework:
1. Security Assessment:
- Background verification and vetting procedures
- Social network analysis and risk evaluation
- Digital footprint assessment and exposure analysis
- Psychological stability and reliability evaluation
2. Operational Capability:
- Relevant skills and expertise assessment
- Physical and mental capability evaluation
- Availability and commitment level analysis
- Learning capacity and adaptability assessment
3. Ideological Alignment:
- Commitment to resistance objectives and values
- Understanding of operational security requirements
- Willingness to accept risks and consequences
- Long-term dedication and reliability assessment
4. Network Integration:
- Compatibility with existing cell members
- Potential for operational collaboration
- Communication skills and interpersonal abilities
- Leadership potential and development capacity
```
#### Recruitment Procedures
**Secure Recruitment Process:**
```
Recruitment Security Protocols:
1. Initial Contact:
- Approach through trusted intermediaries only
- Multiple verification of identity and background
- Gradual introduction to resistance concepts
- Assessment of interest and commitment level
2. Vetting Process:
- Comprehensive background investigation
- Reference checks through secure channels
- Observation period with limited exposure
- Security clearance and approval procedures
3. Integration Process:
- Gradual introduction to cell operations
- Training in operational security procedures
- Assignment of initial responsibilities and roles
- Mentoring by experienced cell members
4. Ongoing Assessment:
- Regular evaluation of performance and security
- Monitoring for signs of compromise or infiltration
- Adjustment of responsibilities based on capabilities
- Succession planning and leadership development
```
### Cell Leadership and Governance
#### Leadership Structure
**Cell Leadership Framework:**
```
Leadership Organization:
1. Cell Leader Responsibilities:
- Strategic planning and operational coordination
- Inter-cell communication and network liaison
- Resource allocation and logistics management
- Security oversight and risk assessment
2. Operational Leadership:
- Mission planning and execution oversight
- Tactical decision-making and adaptation
- Team coordination and task assignment
- Performance evaluation and improvement
3. Security Leadership:
- Operational security enforcement and monitoring
- Counter-surveillance and threat assessment
- Emergency response and crisis management
- Information security and compartmentalization
4. Support Leadership:
- Logistics coordination and resource management
- Communications infrastructure and maintenance
- Training and skill development programs
- Welfare and morale support for members
```
#### Decision-Making Processes
**Consensus and Command Structures:**
```
Decision-Making Protocols:
1. Operational Decisions:
- Cell leader authority for routine operations
- Consensus required for high-risk activities
- Specialist input for technical decisions
- Network coordination for inter-cell operations
2. Strategic Decisions:
- Network-level consultation and approval
- Risk assessment and security review
- Resource impact and availability analysis
- Long-term implications and consequences
3. Emergency Decisions:
- Pre-authorized response protocols
- Cell leader emergency authority
- Immediate security measures and procedures
- Post-emergency review and adjustment
4. Personnel Decisions:
- Recruitment approval and vetting oversight
- Role assignment and responsibility changes
- Disciplinary actions and security measures
- Succession planning and leadership development
```
### Cell Communication and Coordination
#### Internal Communication
**Cell Communication Protocols:**
```
Internal Communication Framework:
1. Regular Communications:
- Scheduled meetings and check-ins
- Secure messaging for routine coordination
- Information sharing and status updates
- Training and skill development sessions
2. Operational Communications:
- Mission-specific briefings and coordination
- Real-time tactical communication during operations
- Post-operation debriefing and analysis
- Emergency communication and response protocols
3. Security Communications:
- Threat assessment and warning systems
- Counter-surveillance coordination and reporting
- Security incident reporting and response
- Compromise procedures and damage control
4. Administrative Communications:
- Resource requests and logistics coordination
- Schedule coordination and availability management
- Training requirements and skill development
- Welfare and support coordination
```
#### Inter-Cell Coordination
**Network Communication Structure:**
```
Inter-Cell Communication:
1. Liaison Structure:
- Designated liaison officers for inter-cell communication
- Secure communication channels and protocols
- Information sharing agreements and procedures
- Coordination of joint operations and activities
2. Resource Sharing:
- Equipment and material sharing protocols
- Expertise and skill sharing arrangements
- Safe house and facility coordination
- Emergency support and backup procedures
3. Operational Coordination:
- Joint operation planning and execution
- Timing coordination and synchronization
- Geographic coordination and territory management
- Intelligence sharing and analysis
4. Security Coordination:
- Threat information sharing and analysis
- Counter-surveillance coordination and support
- Emergency response and mutual aid
- Compromise containment and damage control
```
### Cell Security Measures
#### Operational Security Protocols
**Cell-Level Security Framework:**
```
Cell Security Procedures:
1. Meeting Security:
- Secure location selection and rotation
- Counter-surveillance and security checks
- Communication security and encryption
- Emergency procedures and escape routes
2. Information Security:
- Document security and encryption procedures
- Information sharing and access controls
- Storage security and backup procedures
- Disposal and sanitization protocols
3. Personnel Security:
- Identity protection and cover maintenance
- Background monitoring and threat assessment
- Travel security and movement protocols
- Emergency contact and support procedures
4. Operational Security:
- Mission planning and risk assessment
- Equipment security and maintenance
- Communication security and monitoring
- Post-operation security and cleanup
```
#### Counter-Intelligence Measures
**Cell Counter-Intelligence:**
```
Counter-Intelligence Framework:
1. Infiltration Prevention:
- Recruitment vetting and background checks
- Ongoing monitoring and assessment procedures
- Behavioral analysis and anomaly detection
- Security clearance and access controls
2. Surveillance Detection:
- Counter-surveillance training and procedures
- Surveillance detection and reporting protocols
- Communication monitoring and analysis
- Physical surveillance countermeasures
3. Information Protection:
- Compartmentalization and need-to-know principles
- Disinformation and misdirection strategies
- Communication security and encryption
- Document security and access controls
4. Compromise Response:
- Incident detection and assessment procedures
- Damage control and containment measures
- Emergency communication and coordination
- Recovery and reconstitution planning
```
<div class="warning-box">
<div class="warning-title">Cell Security Risks</div>
<p>Cell-based organization provides significant security advantages but requires strict adherence to compartmentalization and security protocols. Poor operational security within cells can compromise entire networks and endanger all participants.</p>
</div>
---
## Section 8-2: Meeting Security and Protocols
### Overview
Meeting security represents one of the most critical aspects of resistance operations, as gatherings of cell members create concentrated vulnerability to surveillance and compromise. Proper meeting security protocols minimize exposure while enabling necessary coordination and planning activities. This section provides comprehensive procedures for conducting secure meetings across various operational contexts.
### Meeting Planning and Preparation
#### Location Selection Criteria
**Secure Meeting Location Assessment:**
```
Location Security Evaluation:
1. Physical Security:
- Multiple entry and exit routes for emergency evacuation
- Natural surveillance barriers and privacy protection
- Acoustic isolation to prevent eavesdropping
- Controlled access and perimeter security
2. Surveillance Considerations:
- Low surveillance environment with minimal monitoring
- Ability to detect and counter surveillance activities
- Natural cover for counter-surveillance operations
- Escape routes and emergency procedures
3. Operational Suitability:
- Appropriate capacity for meeting size and duration
- Technical requirements for equipment and materials
- Communication capabilities and connectivity
- Logistics support and resource availability
4. Cover and Concealment:
- Legitimate reason for gathering at location
- Natural cover story for participants' presence
- Minimal suspicious activity or attention
- Integration with normal location activities
```
#### Meeting Types and Security Levels
**Meeting Classification System:**
```
Meeting Security Classifications:
1. Routine Meetings (Low Security):
- Regular cell coordination and updates
- Training and skill development sessions
- Administrative and logistics coordination
- Social and morale support activities
2. Operational Meetings (Medium Security):
- Mission planning and preparation
- Intelligence sharing and analysis
- Resource coordination and allocation
- Inter-cell coordination and liaison
3. Critical Meetings (High Security):
- Strategic planning and decision-making
- Crisis response and emergency coordination
- High-risk operation planning
- Security incident response and investigation
4. Emergency Meetings (Maximum Security):
- Immediate threat response and coordination
- Compromise damage control and assessment
- Emergency evacuation and relocation
- Crisis communication and coordination
```
### Pre-Meeting Security Procedures
#### Participant Verification and Communication
**Meeting Security Protocols:**
```
Pre-Meeting Security Framework:
1. Participant Verification:
- Identity confirmation through secure channels
- Attendance verification and headcount management
- Security clearance and need-to-know verification
- Emergency contact and backup procedures
2. Communication Security:
- Secure meeting notification and coordination
- Coded language for meeting details and logistics
- Communication channel security and monitoring
- Emergency communication and cancellation procedures
3. Route Planning:
- Multiple route options for each participant
- Counter-surveillance route planning and execution
- Timing coordination and arrival procedures
- Emergency route and evacuation planning
4. Equipment and Materials:
- Required materials and equipment preparation
- Security screening and inspection procedures
- Transportation security and concealment
- Emergency disposal and sanitization procedures
```
#### Counter-Surveillance Operations
**Pre-Meeting Counter-Surveillance:**
```
Counter-Surveillance Procedures:
1. Location Surveillance:
- Advance surveillance detection and assessment
- Perimeter security and monitoring establishment
- Communication monitoring and analysis
- Threat assessment and risk evaluation
2. Route Surveillance:
- Participant route monitoring and security
- Counter-surveillance team deployment and coordination
- Communication interception detection and analysis
- Emergency response and intervention procedures
3. Participant Security:
- Individual counter-surveillance training and procedures
- Surveillance detection and reporting protocols
- Emergency communication and response procedures
- Backup and support team coordination
4. Environmental Security:
- Weather and environmental condition assessment
- Natural cover and concealment utilization
- Timing optimization for security and effectiveness
- Emergency weather and condition response procedures
```
### Meeting Execution Protocols
#### Arrival and Security Procedures
**Meeting Execution Framework:**
```
Meeting Security Execution:
1. Arrival Procedures:
- Staggered arrival times and coordination
- Security checkpoint and verification procedures
- Counter-surveillance confirmation and clearance
- Emergency procedures and contingency planning
2. Security Establishment:
- Perimeter security and lookout establishment
- Communication security and monitoring setup
- Emergency escape route confirmation and preparation
- Equipment security and inspection procedures
3. Meeting Conduct:
- Agenda management and time control
- Information sharing and security protocols
- Decision-making and consensus procedures
- Documentation and record-keeping security
4. Security Monitoring:
- Continuous surveillance detection and assessment
- Communication monitoring and threat analysis
- Environmental security and condition monitoring
- Emergency response and intervention readiness
```
#### Information Security During Meetings
**Meeting Information Security:**
```
Information Security Protocols:
1. Information Sharing:
- Need-to-know basis for all information sharing
- Compartmentalization and access control enforcement
- Verification and authentication of shared information
- Documentation and record security procedures
2. Discussion Security:
- Coded language and communication protocols
- Acoustic security and eavesdropping prevention
- Electronic surveillance countermeasures
- Information sanitization and protection procedures
3. Documentation Security:
- Minimal documentation and record-keeping
- Secure storage and transportation procedures
- Access control and distribution management
- Disposal and sanitization protocols
4. Memory Security:
- Information retention and recall procedures
- Security briefing and reminder protocols
- Post-meeting information security procedures
- Long-term information protection and management
```
### Post-Meeting Security Procedures
#### Departure and Cleanup
**Post-Meeting Security Framework:**
```
Post-Meeting Security Procedures:
1. Departure Security:
- Staggered departure times and coordination
- Route security and counter-surveillance procedures
- Emergency departure and evacuation protocols
- Post-departure communication and confirmation
2. Location Cleanup:
- Physical evidence removal and sanitization
- Electronic surveillance countermeasure removal
- Equipment and material security and removal
- Location restoration and normalization
3. Information Security:
- Meeting documentation security and disposal
- Information sharing follow-up and confirmation
- Security incident reporting and documentation
- Long-term information protection and security
4. Follow-Up Security:
- Participant security check and confirmation
- Surveillance detection and threat assessment
- Emergency response and support procedures
- Next meeting planning and coordination
```
#### Security Assessment and Review
**Meeting Security Evaluation:**
```
Security Assessment Framework:
1. Operational Assessment:
- Meeting objective achievement and effectiveness
- Security protocol compliance and performance
- Participant performance and security awareness
- Resource utilization and efficiency analysis
2. Security Evaluation:
- Surveillance detection and counter-surveillance effectiveness
- Communication security and protocol compliance
- Information security and compartmentalization maintenance
- Emergency preparedness and response capability
3. Threat Analysis:
- Surveillance activity detection and assessment
- Security incident identification and analysis
- Threat level evaluation and risk assessment
- Counter-intelligence and infiltration assessment
4. Improvement Planning:
- Security protocol refinement and enhancement
- Training and skill development requirements
- Resource and capability improvement needs
- Future meeting planning and security enhancement
```
### Emergency Meeting Procedures
#### Crisis Response Meetings
**Emergency Meeting Protocols:**
```
Emergency Meeting Framework:
1. Emergency Activation:
- Crisis identification and assessment procedures
- Emergency meeting activation and notification
- Participant mobilization and coordination
- Security protocol escalation and implementation
2. Rapid Response:
- Accelerated security procedures and protocols
- Emergency location selection and preparation
- Counter-surveillance and security establishment
- Crisis communication and coordination procedures
3. Crisis Management:
- Immediate threat assessment and response
- Emergency decision-making and coordination
- Resource mobilization and allocation
- Damage control and containment procedures
4. Recovery Planning:
- Post-crisis assessment and evaluation
- Recovery and reconstitution planning
- Security enhancement and improvement
- Long-term impact assessment and mitigation
```
#### Virtual Meeting Security
**Digital Meeting Security:**
```
Virtual Meeting Security Framework:
1. Platform Security:
- Secure communication platform selection and configuration
- Encryption and privacy protection implementation
- Access control and authentication procedures
- Monitoring and surveillance detection capabilities
2. Participant Security:
- Identity verification and authentication procedures
- Device security and configuration requirements
- Network security and VPN utilization
- Physical environment security and privacy
3. Information Security:
- End-to-end encryption and secure communication
- Screen sharing and document security protocols
- Recording and documentation security procedures
- Information disposal and sanitization protocols
4. Operational Security:
- Meeting scheduling and notification security
- Counter-surveillance and monitoring detection
- Emergency procedures and contingency planning
- Post-meeting security and cleanup procedures
```
<div class="success-box">
<div class="success-title">Meeting Security Benefits</div>
<p>Proper meeting security protocols significantly reduce surveillance exposure and protect operational security. Regular training and practice of meeting security procedures ensures effective implementation during actual operations.</p>
</div>
---
## Section 8-3: Coded Language and Communication
### Overview
Coded language and communication systems provide essential protection for resistance communications by obscuring meaning from surveillance and interception. Effective coding systems balance security with usability, ensuring that critical information can be transmitted securely while remaining accessible to authorized recipients. This section covers the development, implementation, and management of coded communication systems for resistance operations.
### Communication Security Principles
#### Threat Model for Communications
**Communication Surveillance Risks:**
```
Communication Threat Assessment:
1. Interception Risks:
- Electronic surveillance and signal interception
- Communication metadata analysis and correlation
- Network traffic analysis and pattern recognition
- Physical surveillance of communication activities
2. Analysis Capabilities:
- Automated content analysis and keyword detection
- Linguistic analysis and pattern recognition
- Behavioral analysis and communication profiling
- Cross-reference analysis with other intelligence sources
3. Compromise Consequences:
- Operational exposure and mission compromise
- Personnel identification and targeting
- Network mapping and relationship analysis
- Predictive analysis and future operation anticipation
4. Countermeasure Requirements:
- Content obfuscation and meaning concealment
- Pattern disruption and behavioral variation
- Channel security and transmission protection
- Operational security and compartmentalization
```
### Code Development and Implementation
#### Code System Design
**Coding System Framework:**
```
Code System Architecture:
1. Substitution Codes:
- Word and phrase substitution systems
- Number and symbol replacement codes
- Acronym and abbreviation systems
- Context-dependent meaning variations
2. Transposition Codes:
- Message structure rearrangement systems
- Character and word position modifications
- Temporal displacement and timing codes
- Spatial arrangement and formatting codes
3. Concealment Codes:
- Steganographic message hiding techniques
- Cover text and innocent message systems
- Multi-layer meaning and interpretation systems
- Context-dependent activation and interpretation
4. Dynamic Codes:
- Time-based code variation and rotation
- Event-triggered code changes and updates
- Adaptive coding based on threat levels
- Emergency code systems and fallback procedures
```
#### Code Book Development
**Code Book Creation Process:**
```
Code Book Development Framework:
1. Vocabulary Development:
- Operational terminology and concept mapping
- Cover vocabulary and innocent language selection
- Code word generation and assignment procedures
- Synonym and variation development for flexibility
2. Grammar and Syntax:
- Coded sentence structure and grammar rules
- Message formatting and presentation standards
- Punctuation and special character usage
- Context clues and interpretation guidelines
3. Security Features:
- Authentication and verification procedures
- Error detection and correction mechanisms
- Compromise detection and response protocols
- Emergency destruction and replacement procedures
4. Distribution and Management:
- Secure distribution and access control procedures
- Version control and update management
- Training and proficiency development programs
- Security audit and compliance monitoring
```
### Operational Code Systems
#### Mission-Specific Coding
**Operational Communication Codes:**
```
Mission Communication Framework:
1. Personnel Codes:
- Individual identification and role designation
- Skill and capability indication systems
- Status and availability communication codes
- Emergency and distress signal systems
2. Location Codes:
- Geographic reference and mapping systems
- Facility and infrastructure designation codes
- Route and movement indication systems
- Safe house and meeting location codes
3. Activity Codes:
- Operation type and objective designation
- Timeline and scheduling communication systems
- Resource and equipment requirement codes
- Status and progress reporting systems
4. Security Codes:
- Threat level and risk assessment communication
- Surveillance detection and warning systems
- Emergency response and evacuation codes
- Compromise indication and damage control signals
```
#### Temporal and Contextual Coding
**Dynamic Coding Systems:**
```
Adaptive Coding Framework:
1. Time-Based Codes:
- Daily, weekly, and monthly code rotations
- Event-triggered code changes and updates
- Seasonal and calendar-based variations
- Emergency time-sensitive code systems
2. Context-Dependent Codes:
- Location-specific code variations and adaptations
- Situation-dependent meaning and interpretation
- Audience-specific code selection and usage
- Multi-layer coding for different security levels
3. Progressive Codes:
- Escalating security levels and code complexity
- Threat-responsive code enhancement and modification
- Operational phase-specific code systems
- Long-term code evolution and development
4. Emergency Codes:
- Crisis-specific code activation and usage
- Rapid code change and distribution procedures
- Fallback and backup code systems
- Recovery and reconstitution code protocols
```
### Digital Communication Coding
#### Electronic Message Coding
**Digital Coding Systems:**
```
Electronic Communication Framework:
1. Text Message Codes:
- SMS and instant messaging code systems
- Social media communication coding protocols
- Email subject line and content coding systems
- Forum and public communication coding methods
2. Image and Media Codes:
- Steganographic image and video coding systems
- Metadata and file property coding methods
- Visual symbol and sign coding systems
- Audio and sound-based coding techniques
3. Network Communication Codes:
- Protocol and packet-level coding systems
- Traffic pattern and timing-based codes
- Network address and routing coding methods
- Distributed communication and coordination codes
4. Application-Specific Codes:
- Platform-specific coding and communication methods
- API and interface-based coding systems
- Database and storage coding techniques
- Automated and scripted coding systems
```
#### Cryptographic Integration
**Crypto-Coding Integration:**
```
Cryptographic Coding Framework:
1. Layered Security:
- Encryption combined with coding systems
- Multi-stage obfuscation and protection methods
- Redundant security and backup protection systems
- Integrated authentication and verification procedures
2. Key Management:
- Coding key generation and distribution systems
- Key rotation and update procedures
- Emergency key change and replacement protocols
- Compromise detection and response procedures
3. Algorithm Integration:
- Standard cryptographic algorithm utilization
- Custom coding algorithm development and implementation
- Hybrid systems combining multiple approaches
- Performance optimization and efficiency enhancement
4. Implementation Security:
- Secure coding implementation and deployment
- Vulnerability assessment and security testing
- Operational security and usage protocols
- Maintenance and update security procedures
```
### Code Training and Proficiency
#### Training Programs
**Code Training Framework:**
```
Training and Proficiency Development:
1. Basic Training:
- Code system introduction and overview
- Basic coding and decoding skill development
- Practice exercises and proficiency testing
- Security awareness and operational procedures
2. Advanced Training:
- Complex coding system mastery and expertise
- Multi-system integration and coordination
- Emergency and crisis coding procedures
- Training and instruction capability development
3. Specialized Training:
- Role-specific coding system training
- Technical and digital coding system expertise
- Counter-intelligence and security training
- Leadership and coordination training programs
4. Ongoing Training:
- Regular proficiency testing and assessment
- New system introduction and training
- Security update and enhancement training
- Cross-training and backup capability development
```
#### Proficiency Assessment
**Code Proficiency Evaluation:**
```
Proficiency Assessment Framework:
1. Skill Testing:
- Coding and decoding speed and accuracy testing
- Complex message interpretation and analysis
- Multi-system coordination and integration testing
- Emergency and stress condition performance evaluation
2. Security Assessment:
- Operational security compliance and awareness
- Counter-surveillance and detection capability
- Emergency response and crisis management skills
- Information security and compartmentalization adherence
3. Practical Application:
- Real-world scenario testing and evaluation
- Operational integration and coordination assessment
- Communication effectiveness and reliability testing
- Problem-solving and adaptation capability evaluation
4. Continuous Improvement:
- Performance feedback and improvement planning
- Advanced training and skill development programs
- Cross-training and capability expansion
- Leadership and mentoring skill development
```
### Code Security and Maintenance
#### Security Protocols
**Code Security Management:**
```
Code Security Framework:
1. Access Control:
- Code book and system access authorization
- Distribution control and tracking procedures
- Usage monitoring and audit procedures
- Unauthorized access detection and response
2. Compromise Detection:
- Usage pattern analysis and anomaly detection
- Communication interception and analysis monitoring
- Security incident investigation and assessment
- Compromise confirmation and response procedures
3. Emergency Procedures:
- Code system compromise response protocols
- Emergency code change and distribution procedures
- Damage assessment and containment measures
- Recovery and reconstitution planning and execution
4. Maintenance and Updates:
- Regular security assessment and improvement
- Code system update and enhancement procedures
- Training and proficiency maintenance programs
- Long-term evolution and development planning
```
<div class="info-box">
<div class="info-title">Code System Effectiveness</div>
<p>Effective coded communication systems require balance between security and usability. Regular training, practice, and security assessment ensure that coding systems provide reliable protection while maintaining operational effectiveness.</p>
</div>
_chapters/chapter-9.md
+1463
View File
File diff suppressed because it is too large Load Diff
_config.yml
+123
View File
@@ -0,0 +1,123 @@
# Field Guide for Subversives - Jekyll Configuration
title: "Field Manual for Resistance Operations"
subtitle: "FM-R1: Secure Communication Networks for Decentralized Resistance"
description: "A comprehensive guide to secure communication and operational security for newcomers to resistance movements"
baseurl: ""
url: "https://guide.resist.is"
# Organization info
organization: "Department of Internautics"
bureau: "Bureau of Decentralized Resistance"
manual_designation: "FM-R1"
classification: "UNCLASSIFIED"
version: "1.0"
date: "2025-08-28"
# Build settings
markdown: kramdown
highlighter: rouge
permalink: /:categories/:title/
# Collections
collections:
parts:
output: true
permalink: /:collection/:name/
chapters:
output: true
permalink: /:collection/:name/
sections:
output: true
permalink: /:collection/:name/
appendices:
output: true
permalink: /:collection/:name/
# Default layouts
defaults:
- scope:
path: ""
type: "pages"
values:
layout: "default"
- scope:
path: ""
type: "parts"
values:
layout: "part"
- scope:
path: ""
type: "chapters"
values:
layout: "chapter"
- scope:
path: ""
type: "sections"
values:
layout: "section"
- scope:
path: ""
type: "appendices"
values:
layout: "appendix"
# Navigation structure
navigation:
- title: "Table of Contents"
url: "/"
- title: "Preface"
url: "/preface/"
- title: "Introduction"
url: "/introduction/"
- title: "Part I: Foundations"
url: "/parts/part-1/"
children:
- title: "Chapter 1: Core Security Principles"
url: "/chapters/chapter-1/"
- title: "Chapter 2: Threat Assessment"
url: "/chapters/chapter-2/"
- title: "Part II: Communication Systems"
url: "/parts/part-2/"
children:
- title: "Chapter 3: Communication Architecture"
url: "/chapters/chapter-3/"
- title: "Chapter 4: Secure Messaging"
url: "/chapters/chapter-4/"
- title: "Chapter 5: File Sharing"
url: "/chapters/chapter-5/"
- title: "Part III: Operational Security"
url: "/parts/part-3/"
children:
- title: "Chapter 6: Hardware Security"
url: "/chapters/chapter-6/"
- title: "Chapter 7: Digital Hygiene"
url: "/chapters/chapter-7/"
- title: "Chapter 8: Operational Procedures"
url: "/chapters/chapter-8/"
- title: "Part IV: Advanced Operations"
url: "/parts/part-4/"
children:
- title: "Chapter 9: Network Resilience"
url: "/chapters/chapter-9/"
- title: "Chapter 10: Counter-Intelligence"
url: "/chapters/chapter-10/"
- title: "Appendices"
url: "/appendices/"
# Plugins
plugins:
- jekyll-sitemap
- jekyll-feed
# Exclude from processing
exclude:
- Gemfile
- Gemfile.lock
- node_modules
- vendor/bundle/
- vendor/cache/
- vendor/gems/
- vendor/ruby/
- README.md
_includes/navigation.html
+131
View File
@@ -0,0 +1,131 @@
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="{{ '/' | relative_url }}" {% if page.url == '/' %}class="active"{% endif %}>Table of Contents</a></li>
<li><a href="{{ '/preface/' | relative_url }}" {% if page.url == '/preface/' %}class="active"{% endif %}>Preface</a></li>
<li><a href="{{ '/introduction/' | relative_url }}" {% if page.url == '/introduction/' %}class="active"{% endif %}>Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="{{ '/parts/part-1/' | relative_url }}" {% if page.url contains '/parts/part-1' %}class="active"{% endif %}>Part Overview</a>
<ul>
<li><a href="{{ '/chapters/chapter-1/' | relative_url }}" {% if page.url contains '/chapters/chapter-1' %}class="active"{% endif %}>Ch 1: Core Security Principles</a></li>
<li><a href="{{ '/chapters/chapter-2/' | relative_url }}" {% if page.url contains '/chapters/chapter-2' %}class="active"{% endif %}>Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="{{ '/parts/part-2/' | relative_url }}" {% if page.url contains '/parts/part-2' %}class="active"{% endif %}>Part Overview</a>
<ul>
<li><a href="{{ '/chapters/chapter-3/' | relative_url }}" {% if page.url contains '/chapters/chapter-3' %}class="active"{% endif %}>Ch 3: Communication Architecture</a></li>
<li><a href="{{ '/chapters/chapter-4/' | relative_url }}" {% if page.url contains '/chapters/chapter-4' %}class="active"{% endif %}>Ch 4: Secure Messaging</a></li>
<li><a href="{{ '/chapters/chapter-5/' | relative_url }}" {% if page.url contains '/chapters/chapter-5' %}class="active"{% endif %}>Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="{{ '/parts/part-3/' | relative_url }}" {% if page.url contains '/parts/part-3' %}class="active"{% endif %}>Part Overview</a>
<ul>
<li><a href="{{ '/chapters/chapter-6/' | relative_url }}" {% if page.url contains '/chapters/chapter-6' %}class="active"{% endif %}>Ch 6: Hardware Security</a></li>
<li><a href="{{ '/chapters/chapter-7/' | relative_url }}" {% if page.url contains '/chapters/chapter-7' %}class="active"{% endif %}>Ch 7: Digital Hygiene</a></li>
<li><a href="{{ '/chapters/chapter-8/' | relative_url }}" {% if page.url contains '/chapters/chapter-8' %}class="active"{% endif %}>Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="{{ '/parts/part-4/' | relative_url }}" {% if page.url contains '/parts/part-4' %}class="active"{% endif %}>Part Overview</a>
<ul>
<li><a href="{{ '/chapters/chapter-9/' | relative_url }}" {% if page.url contains '/chapters/chapter-9' %}class="active"{% endif %}>Ch 9: Intelligence Gathering</a></li>
<li><a href="{{ '/chapters/chapter-10/' | relative_url }}" {% if page.url contains '/chapters/chapter-10' %}class="active"{% endif %}>Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="{{ '/appendices/' | relative_url }}" {% if page.url == '/appendices/' %}class="active"{% endif %}>Appendices Overview</a></li>
<li><a href="{{ '/appendices/appendix-a/' | relative_url }}" {% if page.url contains '/appendices/appendix-a' %}class="active"{% endif %}>Appendix A: Essential Tools</a></li>
<li><a href="{{ '/appendices/appendix-b/' | relative_url }}" {% if page.url contains '/appendices/appendix-b' %}class="active"{% endif %}>Appendix B: Legal Considerations</a></li>
<li><a href="{{ '/appendices/appendix-c/' | relative_url }}" {% if page.url contains '/appendices/appendix-c' %}class="active"{% endif %}>Appendix C: Emergency Procedures</a></li>
<li><a href="{{ '/appendices/appendix-d/' | relative_url }}" {% if page.url contains '/appendices/appendix-d' %}class="active"{% endif %}>Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="{{ '/appendices/appendix-a/' | relative_url }}" class="nav-emergency">Essential Tools</a></li>
<li><a href="{{ '/appendices/appendix-b/' | relative_url }}" class="nav-emergency">Legal Rights</a></li>
<li><a href="{{ '/appendices/appendix-c/' | relative_url }}" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="{{ '/appendices/appendix-d/' | relative_url }}" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">{{ site.time | date: "%Y" }}</div>
</div>
</div>
</nav>
_layouts/default.html
+111
View File
@@ -0,0 +1,111 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>{% if page.title %}{{ page.title }} - {% endif %}{{ site.title }}</title>
<meta name="description" content="{% if page.description %}{{ page.description }}{% else %}{{ site.description }}{% endif %}">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="{{ '/assets/images/favicon.ico' | relative_url }}">
<!-- Stylesheets -->
<link rel="stylesheet" href="{{ '/assets/css/main.css' | relative_url }}">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>{{ site.manual_designation }}</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
{% include navigation.html %}
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">{{ site.manual_designation }}: {{ site.subtitle }}</div>
<div class="classification">{{ site.classification }}</div>
{% if page.section_number %}
<div class="section-number">Section {{ page.section_number }}</div>
{% endif %}
</div>
{{ content }}
{% if page.prev_page or page.next_page %}
<nav class="section-nav">
{% if page.prev_page %}
<a href="{{ page.prev_page.url | relative_url }}" class="nav-link">
<span class="arrow"></span>
<span>{{ page.prev_page.title }}</span>
</a>
{% else %}
<div></div>
{% endif %}
{% if page.next_page %}
<a href="{{ page.next_page.url | relative_url }}" class="nav-link">
<span>{{ page.next_page.title }}</span>
<span class="arrow"></span>
</a>
{% else %}
<div></div>
{% endif %}
</nav>
{% endif %}
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">{{ site.organization }}</div>
<div>{{ site.bureau }}</div>
<div>{{ site.manual_designation }} - Version {{ site.version }} - {{ site.date }}</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="{{ '/assets/js/main.js' | relative_url }}"></script>
</body>
</html>
_parts/part-1.md
+138
View File
@@ -0,0 +1,138 @@
---
layout: default
title: "Part I: Foundations of Resistance Security"
description: "Core security principles and threat assessment methodologies for resistance operations"
prev_page:
title: "Introduction"
url: "/introduction/"
next_page:
title: "Chapter 1: Core Security Principles"
url: "/chapters/chapter-1/"
---
# Part I: Foundations of Resistance Security
## Overview
Part I establishes the theoretical and practical foundations necessary for all resistance security operations. Before implementing any technical measures or operational procedures, resistance practitioners must understand the fundamental principles that govern security in hostile environments and develop the analytical skills necessary to assess threats and design appropriate countermeasures.
This part addresses the most critical question in resistance security: **How do you think about security in a way that leads to effective protection?**
## Learning Objectives
Upon completing Part I, you will be able to:
- Apply core security principles to evaluate and design resistance operations
- Conduct systematic threat assessments for your specific operational environment
- Develop risk management strategies appropriate to your threat level
- Understand the relationship between security measures and operational effectiveness
- Recognize common security failures and their underlying causes
## Chapter Overview
### Chapter 1: Core Security Principles (1-1 to 1-5)
The five fundamental principles that must guide all resistance security decisions:
**1-1: Principle of Least Privilege** - Limiting access to the minimum necessary for operational effectiveness
**1-2: Need-to-Know Basis** - Compartmentalizing information to prevent cascade failures
**1-3: Compartmentalization and Cell Structure** - Organizing resistance networks to contain compromise
**1-4: Zero Trust Verification** - Assuming compromise and requiring continuous authentication
**1-5: Metadata Minimization** - Reducing the digital traces that reveal operational patterns
### Chapter 2: Threat Assessment and Operational Environment (2-1 to 2-4)
Systematic approaches to understanding and responding to threats:
**2-1: Understanding Your Adversary** - Analyzing capabilities, motivations, and limitations of hostile forces
**2-2: Threat Model Development** - Creating structured assessments of risks and vulnerabilities
**2-3: Risk Assessment Framework** - Quantifying and prioritizing security investments
**2-4: Operational Security (OpSec) Fundamentals** - Translating threat assessments into practical procedures
## The Security Mindset
Before diving into specific principles and procedures, it's essential to understand the fundamental shift in thinking required for effective resistance security. This shift involves:
### From Convenience to Security
In normal life, we optimize for convenience, efficiency, and ease of use. In resistance operations, security becomes the primary consideration, with convenience secondary. This doesn't mean making things unnecessarily difficult, but rather accepting that some inconvenience is the price of safety.
### From Trust to Verification
Normal social and professional relationships operate on trust and good faith. Resistance operations must assume that trust can be compromised, either through infiltration or coercion, and build verification mechanisms into all critical processes.
### From Reactive to Proactive
Most people respond to security threats after they become apparent. Resistance operations must anticipate threats and implement countermeasures before they're needed, because by the time a threat is obvious, it may be too late to respond effectively.
### From Individual to Collective
Personal security practices focus on protecting yourself. Resistance security must consider how your actions affect the safety of others in your network, and how their actions affect your safety.
## Common Misconceptions
### "Encryption Solves Everything"
While encryption is essential, it only protects the content of communications, not the metadata that reveals who is talking to whom, when, and from where. Metadata analysis can reveal network structures and operational patterns even when all communications are encrypted.
### "If You Have Nothing to Hide..."
This argument fundamentally misunderstands the nature of authoritarian surveillance. The goal is not just to find evidence of wrongdoing, but to map networks, predict behavior, and suppress dissent before it becomes effective.
### "They're Too Powerful to Resist"
While authoritarian regimes have significant advantages, they also have limitations and vulnerabilities. Understanding both their capabilities and their constraints is essential for developing effective resistance strategies.
### "Perfect Security is Possible"
No security system is perfect, and pursuing perfect security often leads to systems so complex and restrictive that they cannot be used effectively. The goal is appropriate security for your specific threat environment and operational requirements.
## Integration with Subsequent Parts
The principles and methodologies covered in Part I provide the foundation for all subsequent technical and operational guidance:
- **Part II** applies these principles to design secure communication systems
- **Part III** translates them into practical operational security procedures
- **Part IV** extends them to advanced scenarios and specialized threats
Each technical recommendation and operational procedure in later parts derives from the fundamental principles established here. Understanding these foundations is essential for adapting the manual's guidance to your specific circumstances and for making sound security decisions when facing novel situations.
## Study Approach
### For Individual Study
1. **Read each section completely** before moving to the next
2. **Take notes** on how principles apply to your specific situation
3. **Work through examples** using scenarios relevant to your operations
4. **Review regularly** as these concepts must become second nature
### For Group Study
1. **Discuss each principle** and its implications for your organization
2. **Develop case studies** based on your operational environment
3. **Practice threat modeling** for actual or hypothetical operations
4. **Create reference materials** summarizing key concepts for quick review
### For Training Others
1. **Use concrete examples** rather than abstract concepts
2. **Connect principles to practical consequences** of security failures
3. **Encourage questions** and discussion of edge cases
4. **Provide opportunities to practice** threat assessment skills
<div class="warning-box">
<div class="warning-title">Foundation First</div>
<p>Do not skip Part I to get to "more practical" technical content. The principles covered here determine whether technical measures will be effective or merely provide a false sense of security. Every security failure can be traced back to a violation of these fundamental principles.</p>
</div>
---
**Ready to begin?** Start with [Chapter 1: Core Security Principles →](/chapters/chapter-1/)
_parts/part-2.md
+258
View File
@@ -0,0 +1,258 @@
---
layout: default
title: "Part II: Secure Communication Systems"
description: "Multi-layer communication architectures and secure messaging systems for resistance operations"
prev_page:
title: "Chapter 2: Threat Assessment"
url: "/chapters/chapter-2/"
next_page:
title: "Chapter 3: Communication Architecture"
url: "/chapters/chapter-3/"
---
# Part II: Secure Communication Systems
## Overview
Part II addresses the critical challenge of maintaining secure communications within resistance networks operating under advanced surveillance. This part provides comprehensive guidance for implementing multi-layer communication architectures that balance security requirements with operational effectiveness.
Communication security is the backbone of resistance operations. Without secure communications, resistance networks cannot coordinate activities, share intelligence, or maintain operational security. However, communication also represents the greatest vulnerability, as every communication creates metadata that can be analyzed to reveal network structures, operational patterns, and individual behaviors.
## Learning Objectives
Upon completing Part II, you will be able to:
- Design and implement multi-layer communication architectures appropriate to your threat environment
- Configure and operate secure messaging systems including Session, Element/Matrix, Briar, and Signal
- Establish secure file sharing and collaboration systems using CryptPad, OnionShare, and encrypted cloud storage
- Implement communication protocols that minimize metadata exposure and maximize operational security
- Develop contingency communication plans for various compromise and failure scenarios
## The Communication Security Challenge
### The Metadata Problem
Modern surveillance systems focus less on communication content (which can be encrypted) and more on communication metadata (which reveals patterns even when content is protected). Every digital communication generates metadata including:
- **Sender and recipient identities** and network addresses
- **Timing information** including send/receive timestamps
- **Location data** from device GPS and network connections
- **Communication patterns** including frequency and duration
- **Device information** including hardware and software details
This metadata can be analyzed to:
- Map network structures and identify key participants
- Predict operational activities and timing
- Locate physical meetings and safe houses
- Identify behavioral patterns and vulnerabilities
### The Usability-Security Tension
Perfect communication security would require:
- No digital communications whatsoever
- Face-to-face meetings only in secure locations
- Perfect operational security from all participants
- No time-sensitive coordination requirements
Perfect operational effectiveness would require:
- Instant communication between all participants
- Rich multimedia sharing and collaboration
- Real-time coordination and decision-making
- Seamless integration with existing tools and workflows
Practical resistance communications must balance these competing requirements through carefully designed architectures that provide appropriate security for specific use cases while maintaining operational effectiveness.
## Multi-Layer Communication Strategy
Part II is organized around a four-layer communication architecture that provides different security levels for different operational requirements:
### Layer 1: High-Risk Real-Time Communication
**Use Case:** Time-sensitive coordination during active operations
**Security Level:** Maximum security, minimal metadata
**Tools:** Session Messenger, Briar mesh networking
**Characteristics:**
- Onion routing and metadata protection
- Peer-to-peer architecture with no central servers
- Ephemeral messaging with automatic deletion
- Offline capability and mesh networking
### Layer 2: Secure Collaboration Systems
**Use Case:** Planning, document sharing, and ongoing coordination
**Security Level:** High security with collaboration features
**Tools:** Element/Matrix (self-hosted), CryptPad
**Characteristics:**
- End-to-end encryption with forward secrecy
- Self-hosted infrastructure under resistance control
- Rich collaboration features including file sharing
- Persistent storage with secure access controls
### Layer 3: Failsafe and Offline Methods
**Use Case:** Emergency communications and backup channels
**Security Level:** Maximum reliability and availability
**Tools:** OnionShare, encrypted email, physical dead drops
**Characteristics:**
- No dependence on internet infrastructure
- Asynchronous communication with time delays
- Multiple redundant channels and methods
- Resistance to network disruption and censorship
### Layer 4: Anonymous Broadcasting
**Use Case:** Public communications and propaganda distribution
**Security Level:** Sender anonymity and censorship resistance
**Tools:** Tor hidden services, distributed publishing platforms
**Characteristics:**
- One-to-many communication model
- Strong sender anonymity protection
- Censorship resistance and availability
- Public accessibility without authentication
## Chapter Overview
### Chapter 3: Communication Layer Architecture (3-1 to 3-6)
Establishes the theoretical framework and practical implementation of multi-layer communication systems:
**3-1: Multi-Layer Communication Strategy** - Overall architecture and layer selection criteria
**3-2: High-Risk Real-Time Communication (Layer 1)** - Maximum security for time-sensitive operations
**3-3: Secure Collaboration Systems (Layer 2)** - Balancing security with collaboration needs
**3-4: Failsafe and Offline Methods (Layer 3)** - Backup and emergency communication channels
**3-5: Anonymous Broadcasting (Layer 4)** - Public communications and information distribution
**3-6: Communication Protocol Selection** - Choosing appropriate tools and methods for specific scenarios
### Chapter 4: Secure Messaging and Voice Communications (4-1 to 4-8)
Provides detailed configuration and operational guidance for secure messaging systems:
**4-1: Session Messenger Configuration** - Maximum security messaging with onion routing
**4-2: Element/Matrix Self-Hosted Setup** - Secure collaboration platform implementation
**4-3: Briar Peer-to-Peer Messaging** - Decentralized messaging without servers
**4-4: Signal Security Best Practices** - Operational security for mainstream secure messaging
**4-5: Voice Communication Security** - Secure voice calls and audio communications
**4-6: Group Communication Management** - Security protocols for multi-participant communications
**4-7: Message Verification and Authentication** - Ensuring message integrity and sender verification
**4-8: Communication Scheduling and Protocols** - Operational procedures for secure communications
### Chapter 5: File Sharing and Collaboration (5-1 to 5-6)
Covers secure systems for document collaboration and file sharing:
**5-1: CryptPad Secure Document Collaboration** - Real-time collaborative editing with encryption
**5-2: OnionShare Anonymous File Transfer** - Secure file sharing over Tor network
**5-3: Encrypted Cloud Storage (Mega/Proton)** - Secure cloud storage for resistance operations
**5-4: Digital Dead Drops** - Asynchronous file sharing without direct contact
**5-5: Version Control for Sensitive Documents** - Managing document versions and changes securely
**5-6: Collaborative Security Protocols** - Operational procedures for secure collaboration
## Implementation Approach
### Progressive Implementation
Part II is designed for progressive implementation, allowing resistance networks to start with basic secure communications and gradually add more sophisticated capabilities:
**Phase 1: Basic Secure Messaging**
- Implement Signal or Session for basic communications
- Establish basic operational security procedures
- Train participants in secure communication practices
**Phase 2: Collaboration Infrastructure**
- Deploy self-hosted Matrix server for group communications
- Implement CryptPad for document collaboration
- Establish file sharing protocols using OnionShare
**Phase 3: Advanced Architecture**
- Implement full multi-layer communication strategy
- Deploy Briar for high-security scenarios
- Establish emergency and backup communication channels
**Phase 4: Operational Integration**
- Integrate communication systems with operational planning
- Implement advanced security protocols and procedures
- Establish training and support systems for network participants
### Security Considerations
Each communication system and protocol covered in Part II includes specific security considerations:
**Technical Security:**
- Encryption strength and implementation quality
- Metadata protection and anonymity features
- Infrastructure security and server hardening
- Software updates and vulnerability management
**Operational Security:**
- User authentication and access control
- Communication protocols and procedures
- Incident response and compromise recovery
- Training and security awareness
**Strategic Security:**
- Threat model alignment and risk assessment
- Backup and redundancy planning
- Legal considerations and jurisdiction issues
- Long-term sustainability and maintenance
<div class="warning-box">
<div class="warning-title">Communication Discipline</div>
<p>The most sophisticated communication systems are worthless without proper operational discipline. All participants must understand and consistently follow communication protocols, security procedures, and operational security practices.</p>
</div>
## Integration with Other Parts
Part II builds directly on the foundational principles and threat assessment methodologies covered in Part I:
- **Core Security Principles** guide the selection and configuration of communication systems
- **Threat Assessment** determines appropriate security levels and tool selection
- **Risk Assessment** informs decisions about acceptable trade-offs between security and usability
- **OpSec Fundamentals** provide the procedural framework for secure communication operations
Part II also provides the foundation for the operational security procedures covered in Part III and the advanced techniques covered in Part IV.
## Getting Started
### For Technical Implementation
1. **Start with threat assessment** to determine appropriate security levels
2. **Begin with basic tools** (Signal or Session) before implementing complex systems
3. **Test all systems thoroughly** in safe environments before operational use
4. **Implement gradually** with proper training and support for all participants
### For Operational Planning
1. **Map communication requirements** to the four-layer architecture
2. **Develop communication protocols** appropriate to your threat environment
3. **Establish training programs** for all communication tools and procedures
4. **Plan for contingencies** including system compromise and failure scenarios
### For Network Leadership
1. **Assess current communication practices** against security requirements
2. **Develop implementation timeline** for improved communication security
3. **Allocate resources** for infrastructure, training, and ongoing maintenance
4. **Establish governance** for communication system management and security
<div class="info-box">
<div class="info-title">Implementation Priority</div>
<p>Focus first on implementing basic secure messaging (Chapter 4) before attempting to deploy complex multi-layer architectures. Solid implementation of fundamental tools is more valuable than poorly implemented advanced systems.</p>
</div>
---
**Ready to begin?** Start with [Chapter 3: Communication Layer Architecture →](/chapters/chapter-3/)
_parts/part-3.md
+323
View File
@@ -0,0 +1,323 @@
---
layout: default
title: "Part III: Operational Security Procedures"
description: "Hardware security, digital hygiene, and operational procedures for resistance operations"
prev_page:
title: "Chapter 5: File Sharing"
url: "/chapters/chapter-5/"
next_page:
title: "Chapter 6: Hardware Security"
url: "/chapters/chapter-6/"
---
# Part III: Operational Security Procedures
## Overview
Part III addresses the critical operational security (OpSec) procedures that protect resistance operations from detection, infiltration, and compromise. This part moves beyond communication systems to cover the broader operational environment, including hardware security, digital hygiene, and operational procedures that ensure resistance activities remain secure and effective.
Operational security is the discipline of protecting critical information and activities through systematic procedures and practices. Unlike technical security measures that rely on cryptography and secure systems, operational security focuses on human behavior, physical security, and procedural controls that prevent adversaries from gathering intelligence about resistance operations.
## Learning Objectives
Upon completing Part III, you will be able to:
- Implement comprehensive hardware security measures including untraceable acquisition and secure disposal
- Configure and operate Tails OS and other security-focused operating systems
- Establish device compartmentalization strategies for different operational roles
- Implement physical security measures for equipment, locations, and operations
- Practice effective digital hygiene to minimize online exposure and tracking
- Execute operational procedures that maintain security throughout resistance activities
## The Operational Security Challenge
### The Human Factor
Technical security systems are only as strong as the humans who operate them. The most sophisticated encryption and anonymity tools can be rendered useless by poor operational security practices. Common operational security failures include:
- **Behavioral Patterns**: Predictable activities that reveal operational timing and locations
- **Physical Evidence**: Documents, devices, and traces left behind after operations
- **Social Engineering**: Manipulation of human psychology to extract information
- **Procedural Violations**: Failure to follow established security protocols
- **Emergency Responses**: Poor decision-making under pressure or crisis conditions
### The Surveillance Environment
Modern resistance operations occur within a comprehensive surveillance environment that includes:
**Technical Surveillance:**
- Mass data collection from internet and telecommunications
- Automated analysis of behavioral patterns and anomalies
- Facial recognition and biometric identification systems
- Location tracking through mobile devices and vehicles
- Financial surveillance through banking and payment systems
**Human Surveillance:**
- Informant networks and community monitoring
- Undercover operations and infiltration attempts
- Social media monitoring and analysis
- Professional surveillance teams and techniques
- Crowd-sourced surveillance through public reporting
**Physical Surveillance:**
- CCTV networks and automated monitoring systems
- License plate readers and vehicle tracking
- Access control systems and entry monitoring
- Search and seizure operations
- Physical infiltration and monitoring
### The Compartmentalization Imperative
Effective operational security requires strict compartmentalization of information, activities, and identities. This includes:
**Information Compartmentalization:**
- Need-to-know basis for all sensitive information
- Separation of different operational activities
- Protection of sources and methods
- Isolation of compromise to minimize damage
**Identity Compartmentalization:**
- Separate identities for different operational roles
- Physical and digital separation of identities
- Consistent maintenance of identity boundaries
- Emergency procedures for identity compromise
**Activity Compartmentalization:**
- Separation of operational and personal activities
- Different locations for different types of operations
- Temporal separation of related activities
- Independent resource allocation and management
## Multi-Domain Security Strategy
Part III is organized around a three-domain security strategy that addresses different aspects of operational security:
### Domain 1: Hardware and Infrastructure Security
**Focus:** Physical devices, systems, and infrastructure
**Security Level:** Foundation-level security for all operations
**Tools:** Tails OS, hardware compartmentalization, secure disposal
**Characteristics:**
- Untraceable hardware acquisition and management
- Secure operating systems and configurations
- Physical security measures and protocols
- Proper disposal and sanitization procedures
### Domain 2: Digital Hygiene and Privacy
**Focus:** Online activities and digital footprint management
**Security Level:** Comprehensive privacy protection
**Tools:** Tor Browser, VPNs, anonymous accounts, search privacy
**Characteristics:**
- Browser security and privacy configuration
- Anonymous account creation and management
- Search engine privacy and information gathering
- Social media operational security
### Domain 3: Operational Procedures
**Focus:** Human behavior and procedural controls
**Security Level:** Comprehensive operational discipline
**Tools:** Cell organization, meeting protocols, surveillance detection
**Characteristics:**
- Cell organization and management structures
- Secure meeting and coordination protocols
- Surveillance detection and evasion techniques
- Emergency procedures and crisis response
## Chapter Overview
### Chapter 6: Hardware and Infrastructure Security (6-1 to 6-8)
Establishes the foundation of physical security for resistance operations:
**6-1: Untraceable Hardware Acquisition** - Methods for obtaining devices without creating paper trails
**6-2: Tails OS Installation and Configuration** - Complete setup guide for the amnesic operating system
**6-3: Device Compartmentalization** - Strategies for separating different operational roles across devices
**6-4: Physical Security Measures** - Protecting devices, locations, and operations from physical compromise
**6-5: Network Access Security** - Secure methods for accessing internet and communication networks
**6-6: Hardware Disposal and Sanitization** - Proper destruction and disposal of compromised or obsolete equipment
**6-7: Faraday Cage and Signal Blocking** - Techniques for preventing electronic surveillance and tracking
**6-8: Power and Charging Security** - Secure power management and charging procedures
### Chapter 7: Digital Hygiene and Privacy (7-1 to 7-6)
Covers comprehensive digital privacy and footprint management:
**7-1: Browser Security Configuration** - Hardening browsers for maximum privacy and security
**7-2: Search Engine Privacy** - Anonymous information gathering and research techniques
**7-3: VPN and Tor Usage** - Comprehensive guide to anonymity networks and VPN services
**7-4: Social Media Operational Security** - Managing online presence and social media security
**7-5: Email Security and Anonymous Accounts** - Creating and managing secure email and online accounts
**7-6: Digital Footprint Minimization** - Reducing and managing online traces and data exposure
### Chapter 8: Operational Procedures (8-1 to 8-8)
Provides comprehensive operational discipline and procedures:
**8-1: Cell Organization and Management** - Structures and procedures for resistance cell operations
**8-2: Meeting Security Protocols** - Secure procedures for in-person and virtual meetings
**8-3: Coded Language and Communication** - Development and use of coded communication systems
**8-4: Surveillance Detection and Evasion** - Techniques for detecting and avoiding surveillance
**8-5: Emergency Procedures and Protocols** - Crisis response and emergency security procedures
**8-6: Information Sanitization** - Procedures for protecting and sanitizing sensitive information
**8-7: Operational Planning Security** - Secure planning and coordination procedures
**8-8: Post-Operation Security Review** - Assessment and improvement procedures after operations
## Implementation Approach
### Progressive Implementation
Part III is designed for progressive implementation, building operational security capabilities systematically:
**Phase 1: Hardware Foundation**
- Acquire and configure secure hardware and operating systems
- Implement basic physical security measures
- Establish device compartmentalization strategies
**Phase 2: Digital Hygiene**
- Configure secure browsers and privacy tools
- Establish anonymous online presence and accounts
- Implement comprehensive digital privacy practices
**Phase 3: Operational Procedures**
- Develop cell organization and management procedures
- Implement meeting security and communication protocols
- Establish surveillance detection and evasion capabilities
**Phase 4: Advanced Operations**
- Integrate all operational security domains
- Implement advanced procedures and techniques
- Establish training and assessment programs
### Security Integration
Each operational security domain integrates with the communication systems from Part II:
**Hardware Security Integration:**
- Secure devices for communication system operation
- Physical protection for communication infrastructure
- Proper disposal of compromised communication equipment
**Digital Hygiene Integration:**
- Anonymous accounts for communication services
- Privacy protection for communication activities
- Footprint minimization for communication metadata
**Operational Procedures Integration:**
- Communication protocols within cell structures
- Meeting security for communication planning
- Emergency procedures for communication compromise
## Risk Management Framework
Part III employs a comprehensive risk management framework that addresses operational security risks:
### Risk Categories
**Technical Risks:**
- Device compromise and malware infection
- Network monitoring and traffic analysis
- Data recovery from disposed devices
- Electronic surveillance and tracking
**Physical Risks:**
- Device theft or seizure
- Physical surveillance and tracking
- Location compromise and raids
- Evidence discovery and analysis
**Human Risks:**
- Social engineering and manipulation
- Infiltration and informant recruitment
- Procedural violations and mistakes
- Stress and pressure responses
**Operational Risks:**
- Pattern analysis and behavioral profiling
- Timing correlation and activity mapping
- Resource allocation and logistics exposure
- Emergency response and crisis management
### Risk Mitigation Strategies
**Preventive Measures:**
- Proactive security measures to prevent compromise
- Training and awareness programs
- Regular security assessments and updates
- Redundant systems and backup procedures
**Detective Measures:**
- Monitoring and alerting systems
- Regular security audits and reviews
- Incident detection and analysis
- Behavioral anomaly detection
**Corrective Measures:**
- Incident response and recovery procedures
- Damage assessment and containment
- System restoration and improvement
- Lessons learned and process updates
<div class="warning-box">
<div class="warning-title">Operational Security Discipline</div>
<p>Operational security requires consistent discipline and attention to detail. A single procedural violation can compromise an entire operation and endanger all participants. All resistance practitioners must understand and consistently apply operational security principles.</p>
</div>
## Integration with Other Parts
Part III builds directly on the foundational principles from Part I and the communication systems from Part II:
- **Core Security Principles** provide the theoretical foundation for all operational procedures
- **Threat Assessment** informs the selection and implementation of operational security measures
- **Communication Systems** require operational security procedures for secure implementation and use
- **Advanced Operations** (Part IV) depend on the operational security foundation established in Part III
## Getting Started
### For New Practitioners
1. **Begin with hardware security** to establish a secure operational foundation
2. **Implement basic digital hygiene** practices before engaging in resistance activities
3. **Study operational procedures** thoroughly before participating in resistance operations
4. **Practice all procedures** in safe environments before operational implementation
### For Experienced Practitioners
1. **Assess current operational security** practices against the standards in this part
2. **Identify gaps and vulnerabilities** in existing procedures and practices
3. **Implement improvements systematically** with proper training and support
4. **Establish ongoing assessment** and improvement procedures
### For Network Leadership
1. **Develop comprehensive operational security** policies and procedures
2. **Establish training programs** for all operational security domains
3. **Implement assessment and compliance** monitoring systems
4. **Plan for continuous improvement** and adaptation to evolving threats
<div class="info-box">
<div class="info-title">Implementation Priority</div>
<p>Focus first on hardware security (Chapter 6) as the foundation for all other operational security measures. Secure hardware and operating systems are prerequisites for effective digital hygiene and operational procedures.</p>
</div>
---
**Ready to begin?** Start with [Chapter 6: Hardware and Infrastructure Security →](/chapters/chapter-6/)
_parts/part-4.md
+161
View File
@@ -0,0 +1,161 @@
---
layout: default
title: "Part IV: Advanced Resistance Operations"
description: "Advanced techniques and strategies for experienced resistance networks"
part_number: "IV"
prev_page:
title: "Chapter 8: Operational Procedures"
url: "/chapters/chapter-8/"
next_page:
title: "Chapter 9: Intelligence Gathering"
url: "/chapters/chapter-9/"
---
# Part IV: Advanced Resistance Operations
## Part Overview
Part IV covers advanced resistance operations for experienced networks that have mastered the foundational security principles and operational procedures covered in Parts I-III. These advanced techniques require significant operational security expertise and should only be attempted by well-established, security-conscious resistance networks with proven track records.
**Advanced operations covered in this part include:**
- **Intelligence Gathering and Analysis** - Systematic collection, verification, and analysis of actionable intelligence
- **Counter-Intelligence Operations** - Detection and neutralization of surveillance and infiltration attempts
- **Psychological Operations** - Information warfare and narrative influence campaigns
- **Direct Action Planning** - High-impact operations requiring extensive planning and coordination
- **Network Expansion and Coordination** - Scaling resistance activities across larger geographic areas
- **International Coordination** - Cross-border collaboration and resource sharing
## Security Prerequisites
Before engaging in advanced operations, resistance networks must demonstrate:
### Operational Security Mastery
- Consistent implementation of all foundational security practices
- Zero security incidents or compromises in the past 12 months
- Demonstrated proficiency in surveillance detection and counter-surveillance
- Secure communication systems with proven reliability
### Organizational Maturity
- Stable cell structure with experienced leadership
- Established training programs and knowledge transfer systems
- Proven ability to maintain operational security under pressure
- Effective crisis response and damage control capabilities
### Resource Capabilities
- Sufficient human resources for complex operations
- Financial resources for advanced equipment and operations
- Technical capabilities for sophisticated communication and security systems
- Logistical infrastructure for sustained operations
## Risk Assessment Framework
Advanced operations carry significantly higher risks than foundational activities:
### Increased Surveillance Risk
- Advanced operations attract more sophisticated surveillance
- State-level resources may be deployed against successful networks
- International intelligence sharing may target cross-border activities
- Technical surveillance capabilities require advanced countermeasures
### Operational Complexity
- Multi-stage operations with numerous failure points
- Coordination across multiple cells and geographic areas
- Integration of diverse skill sets and specialized knowledge
- Extended operational timelines increasing exposure windows
### Consequence Severity
- Legal consequences may include terrorism or national security charges
- Physical safety risks increase with operation complexity
- Network exposure risks affect larger numbers of participants
- International implications may involve multiple jurisdictions
## Chapter Overview
### Chapter 9: Intelligence Gathering and Analysis
Systematic approaches to collecting, verifying, and analyzing actionable intelligence for resistance operations. Covers human intelligence (HUMINT), signals intelligence (SIGINT), open source intelligence (OSINT), and technical intelligence gathering methods.
### Chapter 10: Counter-Intelligence Operations
Advanced techniques for detecting, analyzing, and neutralizing surveillance, infiltration, and intelligence gathering operations directed against resistance networks. Includes surveillance detection, infiltration prevention, and active counter-intelligence measures.
### Chapter 11: Psychological Operations
Information warfare techniques including narrative development, media manipulation, social engineering, and psychological influence campaigns. Covers both defensive measures against propaganda and offensive psychological operations.
### Chapter 12: Direct Action Planning
Comprehensive planning methodologies for high-impact resistance operations including target selection, operational planning, risk assessment, execution protocols, and post-operation security procedures.
## Implementation Guidelines
### Progressive Implementation
- Master each chapter's techniques before advancing to the next
- Conduct extensive training and simulation exercises
- Start with lower-risk operations to build experience and confidence
- Gradually increase operational complexity as capabilities develop
### Security Integration
- Integrate advanced techniques with existing security protocols
- Maintain foundational security practices throughout advanced operations
- Develop specialized security procedures for each type of advanced operation
- Regular security assessment and improvement of advanced capabilities
### Network Coordination
- Establish clear command and control structures for advanced operations
- Develop specialized roles and responsibilities for complex operations
- Create redundant communication and coordination systems
- Plan for operational security during multi-cell coordination
## Training and Development
### Specialized Training Programs
Advanced operations require specialized knowledge and skills:
- **Intelligence Analysis Training** - Methods for processing and analyzing collected intelligence
- **Technical Skills Development** - Advanced technical capabilities for sophisticated operations
- **Leadership Development** - Command and control skills for complex operations
- **Crisis Management Training** - Advanced crisis response and damage control capabilities
### Simulation and Exercise Programs
- Tabletop exercises for complex operational scenarios
- Field exercises with realistic opposition and surveillance
- Crisis response drills and emergency procedures
- Cross-training between different operational specialties
### Knowledge Management
- Documentation of lessons learned and best practices
- Knowledge transfer systems for organizational continuity
- Mentoring programs for developing advanced capabilities
- Regular assessment and improvement of training programs
## Legal and Ethical Considerations
### Legal Risk Assessment
Advanced operations may involve activities with severe legal consequences:
- Comprehensive legal risk assessment for all advanced operations
- Understanding of applicable laws and potential charges
- Legal support and representation planning
- International law considerations for cross-border activities
### Ethical Framework
Resistance networks must maintain ethical standards even in advanced operations:
- Clear ethical guidelines for all operational activities
- Prohibition of activities that harm innocent civilians
- Proportionality principles for operational planning
- Regular ethical review of operational objectives and methods
### Accountability Measures
- Clear command responsibility for operational decisions
- Documentation and review of operational activities
- Accountability mechanisms for ethical violations
- Transparency within the network regarding operational activities
---
**Proceed to:** [Chapter 9: Intelligence Gathering and Analysis →](/chapters/chapter-9/)
<div class="warning-box">
<div class="warning-title">Advanced Operations Warning</div>
<p>The techniques described in Part IV are intended for experienced resistance networks only. Attempting advanced operations without proper preparation, training, and security infrastructure significantly increases the risk of compromise, arrest, and harm to network participants.</p>
</div>
_site/LICENSE
+158
View File
@@ -0,0 +1,158 @@
Creative Commons Attribution-NonCommercial 4.0 International
Creative Commons Corporation (“Creative Commons”) is not a law firm and does not provide legal services or legal advice. Distribution of Creative Commons public licenses does not create a lawyer-client or other relationship. Creative Commons makes its licenses and related information available on an “as-is” basis. Creative Commons gives no warranties regarding its licenses, any material licensed under their terms and conditions, or any related information. Creative Commons disclaims all liability for damages resulting from their use to the fullest extent possible.
Using Creative Commons Public Licenses
Creative Commons public licenses provide a standard set of terms and conditions that creators and other rights holders may use to share original works of authorship and other material subject to copyright and certain other rights specified in the public license below. The following considerations are for informational purposes only, are not exhaustive, and do not form part of our licenses.
Considerations for licensors: Our public licenses are intended for use by those authorized to give the public permission to use material in ways otherwise restricted by copyright and certain other rights. Our licenses are irrevocable. Licensors should read and understand the terms and conditions of the license they choose before applying it. Licensors should also secure all rights necessary before applying our licenses so that the public can reuse the material as expected. Licensors should clearly mark any material not subject to the license. This includes other CC-licensed material, or material used under an exception or limitation to copyright. More considerations for licensors.
Considerations for the public: By using one of our public licenses, a licensor grants the public permission to use the licensed material under specified terms and conditions. If the licensors permission is not necessary for any reasonfor example, because of any applicable exception or limitation to copyrightthen that use is not regulated by the license. Our licenses grant only permissions under copyright and certain other rights that a licensor has authority to grant. Use of the licensed material may still be restricted for other reasons, including because others have copyright or other rights in the material. A licensor may make special requests, such as asking that all changes be marked or described. Although not required by our licenses, you are encouraged to respect those requests where reasonable. More considerations for the public.
Creative Commons Attribution-NonCommercial 4.0 International Public License
By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NonCommercial 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions.
Section 1 Definitions.
a. Adapted Material means material subject to Copyright and Similar Rights that is derived from or based upon the Licensed Material and in which the Licensed Material is translated, altered, arranged, transformed, or otherwise modified in a manner requiring permission under the Copyright and Similar Rights held by the Licensor. For purposes of this Public License, where the Licensed Material is a musical work, performance, or sound recording, Adapted Material is always produced where the Licensed Material is synched in timed relation with a moving image.
b. Adapter's License means the license You apply to Your Copyright and Similar Rights in Your contributions to Adapted Material in accordance with the terms and conditions of this Public License.
c. Copyright and Similar Rights means copyright and/or similar rights closely related to copyright including, without limitation, performance, broadcast, sound recording, and Sui Generis Database Rights, without regard to how the rights are labeled or categorized. For purposes of this Public License, the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights.
d. Effective Technological Measures means those measures that, in the absence of proper authority, may not be circumvented under laws fulfilling obligations under Article 11 of the WIPO Copyright Treaty adopted on December 20, 1996, and/or similar international agreements.
e. Exceptions and Limitations means fair use, fair dealing, and/or any other exception or limitation to Copyright and Similar Rights that applies to Your use of the Licensed Material.
f. Licensed Material means the artistic or literary work, database, or other material to which the Licensor applied this Public License.
g. Licensed Rights means the rights granted to You subject to the terms and conditions of this Public License, which are limited to all Copyright and Similar Rights that apply to Your use of the Licensed Material and that the Licensor has authority to license.
h. Licensor means the individual(s) or entity(ies) granting rights under this Public License.
i. NonCommercial means not primarily intended for or directed towards commercial advantage or monetary compensation. For purposes of this Public License, the exchange of the Licensed Material for other material subject to Copyright and Similar Rights by digital file-sharing or similar means is NonCommercial provided there is no payment of monetary compensation in connection with the exchange.
j. Share means to provide material to the public by any means or process that requires permission under the Licensed Rights, such as reproduction, public display, public performance, distribution, dissemination, communication, or importation, and to make material available to the public including in ways that members of the public may access the material from a place and at a time individually chosen by them.
k. Sui Generis Database Rights means rights other than copyright resulting from Directive 96/9/EC of the European Parliament and of the Council of 11 March 1996 on the legal protection of databases, as amended and/or succeeded, as well as other essentially equivalent rights anywhere in the world.
l. You means the individual or entity exercising the Licensed Rights under this Public License. Your has a corresponding meaning.
Section 2 Scope.
a. License grant.
1. Subject to the terms and conditions of this Public License, the Licensor hereby grants You a worldwide, royalty-free, non-sublicensable, non-exclusive, irrevocable license to exercise the Licensed Rights in the Licensed Material to:
A. reproduce and Share the Licensed Material, in whole or in part, for NonCommercial purposes only; and
B. produce, reproduce, and Share Adapted Material for NonCommercial purposes only.
2. Exceptions and Limitations. For the avoidance of doubt, where Exceptions and Limitations apply to Your use, this Public License does not apply, and You do not need to comply with its terms and conditions.
3. Term. The term of this Public License is specified in Section 6(a).
4. Media and formats; technical modifications allowed. The Licensor authorizes You to exercise the Licensed Rights in all media and formats whether now known or hereafter created, and to make technical modifications necessary to do so. The Licensor waives and/or agrees not to assert any right or authority to forbid You from making technical modifications necessary to exercise the Licensed Rights, including technical modifications necessary to circumvent Effective Technological Measures. For purposes of this Public License, simply making modifications authorized by this Section 2(a)(4) never produces Adapted Material.
5. Downstream recipients.
A. Offer from the Licensor Licensed Material. Every recipient of the Licensed Material automatically receives an offer from the Licensor to exercise the Licensed Rights under the terms and conditions of this Public License.
B. No downstream restrictions. You may not offer or impose any additional or different terms or conditions on, or apply any Effective Technological Measures to, the Licensed Material if doing so restricts exercise of the Licensed Rights by any recipient of the Licensed Material.
6. No endorsement. Nothing in this Public License constitutes or may be construed as permission to assert or imply that You are, or that Your use of the Licensed Material is, connected with, or sponsored, endorsed, or granted official status by, the Licensor or others designated to receive attribution as provided in Section 3(a)(1)(A)(i).
b. Other rights.
1. Moral rights, such as the right of integrity, are not licensed under this Public License, nor are publicity, privacy, and/or other similar personality rights; however, to the extent possible, the Licensor waives and/or agrees not to assert any such rights held by the Licensor to the limited extent necessary to allow You to exercise the Licensed Rights, but not otherwise.
2. Patent and trademark rights are not licensed under this Public License.
3. To the extent possible, the Licensor waives any right to collect royalties from You for the exercise of the Licensed Rights, whether directly or through a collecting society under any voluntary or waivable statutory or compulsory licensing scheme. In all other cases the Licensor expressly reserves any right to collect such royalties, including when the Licensed Material is used other than for NonCommercial purposes.
Section 3 License Conditions.
Your exercise of the Licensed Rights is expressly made subject to the following conditions.
a. Attribution.
1. If You Share the Licensed Material (including in modified form), You must:
A. retain the following if it is supplied by the Licensor with the Licensed Material:
i. identification of the creator(s) of the Licensed Material and any others designated to receive attribution, in any reasonable manner requested by the Licensor (including by pseudonym if designated);
ii. a copyright notice;
iii. a notice that refers to this Public License;
iv. a notice that refers to the disclaimer of warranties;
v. a URI or hyperlink to the Licensed Material to the extent reasonably practicable;
B. indicate if You modified the Licensed Material and retain an indication of any previous modifications; and
C. indicate the Licensed Material is licensed under this Public License, and include the text of, or the URI or hyperlink to, this Public License.
2. You may satisfy the conditions in Section 3(a)(1) in any reasonable manner based on the medium, means, and context in which You Share the Licensed Material. For example, it may be reasonable to satisfy the conditions by providing a URI or hyperlink to a resource that includes the required information.
3. If requested by the Licensor, You must remove any of the information required by Section 3(a)(1)(A) to the extent reasonably practicable.
4. If You Share Adapted Material You produce, the Adapter's License You apply must not prevent recipients of the Adapted Material from complying with this Public License.
Section 4 Sui Generis Database Rights.
Where the Licensed Rights include Sui Generis Database Rights that apply to Your use of the Licensed Material:
a. for the avoidance of doubt, Section 2(a)(1) grants You the right to extract, reuse, reproduce, and Share all or a substantial portion of the contents of the database for NonCommercial purposes only;
b. if You include all or a substantial portion of the database contents in a database in which You have Sui Generis Database Rights, then the database in which You have Sui Generis Database Rights (but not its individual contents) is Adapted Material; and
c. You must comply with the conditions in Section 3(a) if You Share all or a substantial portion of the contents of the database.
For the avoidance of doubt, this Section 4 supplements and does not replace Your obligations under this Public License where the Licensed Rights include other Copyright and Similar Rights.
Section 5 Disclaimer of Warranties and Limitation of Liability.
a. Unless otherwise separately undertaken by the Licensor, to the extent possible, the Licensor offers the Licensed Material as-is and as-available, and makes no representations or warranties of any kind concerning the Licensed Material, whether express, implied, statutory, or other. This includes, without limitation, warranties of title, merchantability, fitness for a particular purpose, non-infringement, absence of latent or other defects, accuracy, or the presence or absence of errors, whether or not known or discoverable. Where disclaimers of warranties are not allowed in full or in part, this disclaimer may not apply to You.
b. To the extent possible, in no event will the Licensor be liable to You on any legal theory (including, without limitation, negligence) or otherwise for any direct, special, indirect, incidental, consequential, punitive, exemplary, or other losses, costs, expenses, or damages arising out of this Public License or use of the Licensed Material, even if the Licensor has been advised of the possibility of such losses, costs, expenses, or damages. Where a limitation of liability is not allowed in full or in part, this limitation may not apply to You.
c. The disclaimer of warranties and limitation of liability provided above shall be interpreted in a manner that, to the extent possible, most closely approximates an absolute disclaimer and waiver of all liability.
Section 6 Term and Termination.
a. This Public License applies for the term of the Copyright and Similar Rights licensed here. However, if You fail to comply with this Public License, then Your rights under this Public License terminate automatically.
b. Where Your right to use the Licensed Material has terminated under Section 6(a), it reinstates:
1. automatically as of the date the violation is cured, provided it is cured within 30 days of Your discovery of the violation; or
2. upon express reinstatement by the Licensor.
For the avoidance of doubt, this Section 6(b) does not affect any right the Licensor may have to seek remedies for Your violations of this Public License.
c. For the avoidance of doubt, the Licensor may also offer the Licensed Material under separate terms or conditions or stop distributing the Licensed Material at any time; however, doing so will not terminate this Public License.
d. Sections 1, 5, 6, 7, and 8 survive termination of this Public License.
Section 7 Other Terms and Conditions.
a. The Licensor shall not be bound by any additional or different terms or conditions communicated by You unless expressly agreed.
b. Any arrangements, understandings, or agreements regarding the Licensed Material not stated herein are separate from and independent of the terms and conditions of this Public License.
Section 8 Interpretation.
a. For the avoidance of doubt, this Public License does not, and shall not be interpreted to, reduce, limit, restrict, or impose conditions on any use of the Licensed Material that could lawfully be made without permission under this Public License.
b. To the extent possible, if any provision of this Public License is deemed unenforceable, it shall be automatically reformed to the minimum extent necessary to make it enforceable. If the provision cannot be reformed, it shall be severed from this Public License without affecting the enforceability of the remaining terms and conditions.
c. No term or condition of this Public License will be waived and no failure to comply consented to unless expressly agreed to by the Licensor.
d. Nothing in this Public License constitutes or may be interpreted as a limitation upon, or waiver of, any privileges and immunities that apply to the Licensor or You, including from the legal processes of any jurisdiction or authority.
Creative Commons is not a party to its public licenses. Notwithstanding, Creative Commons may elect to apply one of its public licenses to material it publishes and in those instances will be considered the “Licensor.” Except for the limited purpose of indicating that material is shared under a Creative Commons public license or as otherwise permitted by the Creative Commons policies published at creativecommons.org/policies, Creative Commons does not authorize the use of the trademark “Creative Commons” or any other trademark or logo of Creative Commons without its prior written consent including, without limitation, in connection with any unauthorized modifications to any of its public licenses or any other arrangements, understandings, or agreements concerning use of licensed material. For the avoidance of doubt, this paragraph does not form part of the public licenses.
Creative Commons may be contacted at creativecommons.org.
_site/appendices/appendices/index.html
+436
View File
@@ -0,0 +1,436 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Appendices - Field Manual for Resistance Operations</title>
<meta name="description" content="Reference materials, tools, legal guidance, and emergency procedures">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="appendices">Appendices</h1>
<h2 id="overview">Overview</h2>
<p>The appendices provide essential reference materials, tools, legal guidance, and emergency procedures to support resistance operations. These resources complement the main field manual content with practical tools, comprehensive references, and critical support information.</p>
<p><strong>Appendices included:</strong></p>
<ul>
<li><strong>Appendix A</strong>: Essential Tools and Resources</li>
<li><strong>Appendix B</strong>: Legal Considerations and Rights</li>
<li><strong>Appendix C</strong>: Emergency Procedures and Crisis Response</li>
<li><strong>Appendix D</strong>: Glossary and References</li>
</ul>
<hr />
<h2 id="appendix-contents">Appendix Contents</h2>
<h3 id="appendix-a-essential-tools-and-resources"><a href="/appendices/appendix-a/">Appendix A: Essential Tools and Resources</a></h3>
<p>Comprehensive directory of security tools, hardware recommendations, and operational resources essential for resistance operations.</p>
<p><strong>Contents include:</strong></p>
<ul>
<li><strong>Digital Security Tools</strong>: 50+ vetted applications for encryption, communication, and privacy</li>
<li><strong>Hardware Recommendations</strong>: Secure devices, networking equipment, and operational hardware</li>
<li><strong>Operational Resources</strong>: Legal support organizations, emergency contacts, and support networks</li>
<li><strong>Security Checklists</strong>: Step-by-step procedures for common security operations</li>
</ul>
<p><strong>Key tool categories:</strong></p>
<ul>
<li>Communication and messaging platforms</li>
<li>File sharing and collaboration tools</li>
<li>Privacy and anonymity software</li>
<li>Network security and monitoring tools</li>
<li>Digital forensics and investigation tools</li>
<li>Hardware security and protection devices</li>
</ul>
<hr />
<h3 id="appendix-b-legal-considerations-and-rights"><a href="/appendices/appendix-b/">Appendix B: Legal Considerations and Rights</a></h3>
<p>Comprehensive legal framework covering constitutional rights, common charges, legal procedures, and support resources for resistance activities.</p>
<p><strong>Contents include:</strong></p>
<ul>
<li><strong>Constitutional Rights</strong>: First, Fourth, Fifth, and Sixth Amendment protections</li>
<li><strong>Common Legal Charges</strong>: Protest-related, technology-related, and federal charges with typical penalties</li>
<li><strong>Legal Rights During Encounters</strong>: Police encounters, arrests, searches, and detention procedures</li>
<li><strong>Legal Support Resources</strong>: Organizations, attorneys, bail funds, and emergency legal assistance</li>
</ul>
<p><strong>Key legal areas:</strong></p>
<ul>
<li>Know your rights during police encounters</li>
<li>Arrest and detention procedures and rights</li>
<li>Legal support organizations and resources</li>
<li>International legal considerations</li>
<li>Post-arrest procedures and long-term strategy</li>
</ul>
<hr />
<h3 id="appendix-c-emergency-procedures-and-crisis-response"><a href="/appendices/appendix-c/">Appendix C: Emergency Procedures and Crisis Response</a></h3>
<p>Comprehensive emergency response procedures and crisis management protocols for various emergency scenarios affecting resistance operations.</p>
<p><strong>Contents include:</strong></p>
<ul>
<li><strong>Emergency Response Framework</strong>: Threat classification system and response activation procedures</li>
<li><strong>Surveillance and Compromise Response</strong>: Detection procedures and network security protocols</li>
<li><strong>Arrest and Detention Response</strong>: Pre-arrest preparation, during-arrest procedures, and post-release protocols</li>
<li><strong>Communication System Failures</strong>: Backup systems and alternative communication methods</li>
</ul>
<p><strong>Key emergency scenarios:</strong></p>
<ul>
<li>Surveillance detection and compromise response</li>
<li>Arrest and detention emergency procedures</li>
<li>Communication system failures and alternatives</li>
<li>Medical emergencies during operations</li>
<li>Natural disasters and infrastructure failures</li>
<li>Network penetration and security breaches</li>
</ul>
<hr />
<h3 id="appendix-d-glossary-and-references"><a href="/appendices/appendix-d/">Appendix D: Glossary and References</a></h3>
<p>Comprehensive glossary of technical terms and extensive reference materials for continued learning and operational support.</p>
<p><strong>Contents include:</strong></p>
<ul>
<li><strong>Comprehensive Glossary</strong>: 100+ technical and operational terms with clear definitions</li>
<li><strong>Essential References</strong>: Books, guides, and resources for security, privacy, and resistance operations</li>
<li><strong>Organizations and Networks</strong>: Digital rights, legal support, and security organizations</li>
<li><strong>Additional Reading</strong>: Academic journals, research publications, and specialized resources</li>
</ul>
<p><strong>Key reference categories:</strong></p>
<ul>
<li>Security and privacy guides and resources</li>
<li>Legal support organizations and resources</li>
<li>Technical security tools and documentation</li>
<li>Historical resistance and intelligence references</li>
<li>Academic and research publications</li>
<li>Training and education resources</li>
</ul>
<hr />
<h2 id="using-the-appendices">Using the Appendices</h2>
<h3 id="quick-reference-guide">Quick Reference Guide</h3>
<p><strong>For immediate operational needs:</strong></p>
<ol>
<li><strong>Security Tools</strong>: Appendix A for software and hardware recommendations</li>
<li><strong>Legal Emergency</strong>: Appendix B for rights and legal support contacts</li>
<li><strong>Crisis Response</strong>: Appendix C for emergency procedures and protocols</li>
<li><strong>Term Definitions</strong>: Appendix D for glossary and technical definitions</li>
</ol>
<h3 id="comprehensive-study">Comprehensive Study</h3>
<p><strong>For thorough preparation:</strong></p>
<ol>
<li><strong>Study all appendices</strong> systematically before engaging in resistance activities</li>
<li><strong>Practice emergency procedures</strong> from Appendix C regularly</li>
<li><strong>Establish relationships</strong> with legal and support organizations from Appendices A and B</li>
<li><strong>Continue learning</strong> using resources from Appendix D</li>
</ol>
<h3 id="operational-integration">Operational Integration</h3>
<p><strong>For ongoing operations:</strong></p>
<ul>
<li><strong>Reference tools and procedures</strong> from appendices during operation planning</li>
<li><strong>Maintain emergency contacts</strong> and procedures from Appendices B and C</li>
<li><strong>Update tools and techniques</strong> based on new resources from Appendix D</li>
<li><strong>Share knowledge</strong> from appendices with trusted network members</li>
</ul>
<hr />
<h2 id="security-considerations-for-appendices">Security Considerations for Appendices</h2>
<h3 id="information-security">Information Security</h3>
<p><strong>Protecting appendix information:</strong></p>
<ul>
<li><strong>Secure storage</strong> of appendix materials and references</li>
<li><strong>Compartmentalized access</strong> to sensitive tools and procedures</li>
<li><strong>Regular updates</strong> of tools, contacts, and procedures</li>
<li><strong>Operational security</strong> when accessing and using appendix resources</li>
</ul>
<h3 id="practical-application">Practical Application</h3>
<p><strong>Safe use of appendix resources:</strong></p>
<ul>
<li><strong>Verify tool authenticity</strong> before downloading and using security software</li>
<li><strong>Test procedures</strong> in safe environments before operational use</li>
<li><strong>Maintain current information</strong> for legal contacts and emergency procedures</li>
<li><strong>Practice emergency procedures</strong> regularly to ensure effectiveness</li>
</ul>
<h3 id="continuous-improvement">Continuous Improvement</h3>
<p><strong>Keeping appendices current:</strong></p>
<ul>
<li><strong>Regular review</strong> and update of all appendix materials</li>
<li><strong>Community feedback</strong> and improvement suggestions</li>
<li><strong>New tool evaluation</strong> and integration into recommendations</li>
<li><strong>Lessons learned</strong> integration from operational experience</li>
</ul>
<hr />
<div class="info-box">
<div class="info-title">Appendix Importance</div>
<p>The appendices provide critical support information that complements the main field manual content. Regular study and practice with appendix materials significantly improves operational security and effectiveness.</p>
</div>
<div class="success-box">
<div class="success-title">Comprehensive Reference</div>
<p>These appendices represent years of collective knowledge and experience in resistance operations. They provide both immediate operational support and long-term learning resources for developing advanced capabilities.</p>
</div>
<hr />
<p><strong>Navigation:</strong></p>
<ul>
<li><strong>Next</strong>: <a href="/appendices/appendix-a/">Appendix A: Essential Tools and Resources</a></li>
<li><strong>Previous</strong>: <a href="/chapters/chapter-10/">Chapter 10: Counter-Intelligence and Security Operations</a></li>
<li><strong>Home</strong>: <a href="/">Field Manual FM-R1 Main Index</a></li>
</ul>
<nav class="section-nav">
<a href="/chapters/chapter-10/" class="nav-link">
<span class="arrow"></span>
<span>Chapter 10: Counter-Intelligence</span>
</a>
<a href="/appendices/appendix-a/" class="nav-link">
<span>Appendix A: Essential Tools</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/appendices/appendix-a/index.html
+726
View File
@@ -0,0 +1,726 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Appendix A: Essential Tools and Resources - Field Manual for Resistance Operations</title>
<meta name="description" content="Comprehensive directory of tools, software, and resources for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" class="active">Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="appendix-a-essential-tools-and-resources">Appendix A: Essential Tools and Resources</h1>
<h2 id="overview">Overview</h2>
<p>This appendix provides a comprehensive directory of essential tools, software, hardware, and resources for resistance operations. All recommendations prioritize security, reliability, and operational effectiveness while considering accessibility and cost constraints.</p>
<hr />
<h2 id="a1-secure-communication-tools">A.1 Secure Communication Tools</h2>
<h3 id="messaging-applications">Messaging Applications</h3>
<h4 id="signal-private-messenger">Signal Private Messenger</h4>
<ul>
<li><strong>Purpose</strong>: End-to-end encrypted messaging and voice calls</li>
<li><strong>Security Features</strong>: Perfect forward secrecy, disappearing messages, sealed sender</li>
<li><strong>Platform Support</strong>: iOS, Android, Desktop (Windows, macOS, Linux)</li>
<li><strong>Website</strong>: <a href="https://signal.org">signal.org</a></li>
<li><strong>Operational Notes</strong>: Industry standard for secure messaging, regularly audited</li>
<li><strong>Setup Guide</strong>: Enable disappearing messages, verify safety numbers, use registration lock</li>
</ul>
<h4 id="session-messenger">Session Messenger</h4>
<ul>
<li><strong>Purpose</strong>: Decentralized encrypted messaging without phone numbers</li>
<li><strong>Security Features</strong>: Onion routing, no metadata collection, anonymous accounts</li>
<li><strong>Platform Support</strong>: iOS, Android, Desktop (Windows, macOS, Linux)</li>
<li><strong>Website</strong>: <a href="https://getsession.org">getsession.org</a></li>
<li><strong>Operational Notes</strong>: No phone number required, routes through Tor-like network</li>
<li><strong>Setup Guide</strong>: Generate Session ID, configure privacy settings, use disappearing messages</li>
</ul>
<h4 id="briar-messenger">Briar Messenger</h4>
<ul>
<li><strong>Purpose</strong>: Peer-to-peer encrypted messaging without servers</li>
<li><strong>Security Features</strong>: Direct device-to-device communication, no central servers</li>
<li><strong>Platform Support</strong>: Android (primary), desktop versions in development</li>
<li><strong>Website</strong>: <a href="https://briarproject.org">briarproject.org</a></li>
<li><strong>Operational Notes</strong>: Works without internet via Bluetooth/WiFi, perfect for protests</li>
<li><strong>Setup Guide</strong>: Add contacts via QR codes, configure transport settings</li>
</ul>
<h3 id="voice-communication">Voice Communication</h3>
<h4 id="jami-gnu-ring">Jami (GNU Ring)</h4>
<ul>
<li><strong>Purpose</strong>: Distributed voice and video calling</li>
<li><strong>Security Features</strong>: End-to-end encryption, no central servers, peer-to-peer</li>
<li><strong>Platform Support</strong>: All major platforms</li>
<li><strong>Website</strong>: <a href="https://jami.net">jami.net</a></li>
<li><strong>Operational Notes</strong>: No account registration required, works over Tor</li>
<li><strong>Setup Guide</strong>: Generate account locally, share Jami ID securely</li>
</ul>
<h4 id="mumble">Mumble</h4>
<ul>
<li><strong>Purpose</strong>: Low-latency voice chat for groups</li>
<li><strong>Security Features</strong>: Strong encryption, self-hosted servers possible</li>
<li><strong>Platform Support</strong>: All major platforms</li>
<li><strong>Website</strong>: <a href="https://mumble.info">mumble.info</a></li>
<li><strong>Operational Notes</strong>: Excellent for real-time coordination, can run over Tor</li>
<li><strong>Setup Guide</strong>: Connect to trusted servers, configure push-to-talk</li>
</ul>
<h3 id="email-security">Email Security</h3>
<h4 id="protonmail">ProtonMail</h4>
<ul>
<li><strong>Purpose</strong>: End-to-end encrypted email service</li>
<li><strong>Security Features</strong>: Zero-access encryption, Swiss privacy laws, Tor support</li>
<li><strong>Platform Support</strong>: Web, iOS, Android, desktop bridge</li>
<li><strong>Website</strong>: <a href="https://protonmail.com">protonmail.com</a></li>
<li><strong>Operational Notes</strong>: Free tier available, supports custom domains</li>
<li><strong>Setup Guide</strong>: Enable two-factor authentication, use Tor browser for access</li>
</ul>
<h4 id="tutanota">Tutanota</h4>
<ul>
<li><strong>Purpose</strong>: Encrypted email with calendar and contacts</li>
<li><strong>Security Features</strong>: End-to-end encryption, anonymous signup, open source</li>
<li><strong>Platform Support</strong>: Web, iOS, Android, desktop</li>
<li><strong>Website</strong>: <a href="https://tutanota.com">tutanota.com</a></li>
<li><strong>Operational Notes</strong>: Quantum-resistant encryption, German privacy laws</li>
<li><strong>Setup Guide</strong>: Create account over Tor, enable two-factor authentication</li>
</ul>
<hr />
<h2 id="a2-privacy-and-anonymity-tools">A.2 Privacy and Anonymity Tools</h2>
<h3 id="web-browsers">Web Browsers</h3>
<h4 id="tor-browser">Tor Browser</h4>
<ul>
<li><strong>Purpose</strong>: Anonymous web browsing and access to .onion sites</li>
<li><strong>Security Features</strong>: Onion routing, traffic encryption, fingerprint resistance</li>
<li><strong>Platform Support</strong>: Windows, macOS, Linux, Android</li>
<li><strong>Website</strong>: <a href="https://torproject.org">torproject.org</a></li>
<li><strong>Operational Notes</strong>: Essential for anonymous research and communication</li>
<li><strong>Setup Guide</strong>: Download from official site, configure security level, use bridges if needed</li>
</ul>
<h4 id="firefox-with-privacy-extensions">Firefox with Privacy Extensions</h4>
<ul>
<li><strong>Purpose</strong>: Privacy-hardened web browsing</li>
<li><strong>Security Features</strong>: Tracking protection, fingerprint resistance, extension support</li>
<li><strong>Platform Support</strong>: All major platforms</li>
<li><strong>Website</strong>: <a href="https://firefox.com">firefox.com</a></li>
<li><strong>Operational Notes</strong>: Highly customizable, good balance of security and usability</li>
<li><strong>Setup Guide</strong>: Install uBlock Origin, NoScript, ClearURLs, configure about:config</li>
</ul>
<h3 id="vpn-services">VPN Services</h3>
<h4 id="mullvad-vpn">Mullvad VPN</h4>
<ul>
<li><strong>Purpose</strong>: Anonymous VPN service with strong privacy protections</li>
<li><strong>Security Features</strong>: No logging, anonymous accounts, WireGuard support</li>
<li><strong>Platform Support</strong>: All major platforms</li>
<li><strong>Website</strong>: <a href="https://mullvad.net">mullvad.net</a></li>
<li><strong>Operational Notes</strong>: Pay with cryptocurrency, no personal information required</li>
<li><strong>Setup Guide</strong>: Create anonymous account, configure kill switch, use WireGuard</li>
</ul>
<h4 id="ivpn">IVPN</h4>
<ul>
<li><strong>Purpose</strong>: Privacy-focused VPN with transparency reports</li>
<li><strong>Security Features</strong>: No logging, anonymous accounts, multi-hop connections</li>
<li><strong>Platform Support</strong>: All major platforms</li>
<li><strong>Website</strong>: <a href="https://ivpn.net">ivpn.net</a></li>
<li><strong>Operational Notes</strong>: Regular security audits, supports Tor over VPN</li>
<li><strong>Setup Guide</strong>: Anonymous signup, enable firewall, configure multi-hop</li>
</ul>
<h3 id="operating-systems">Operating Systems</h3>
<h4 id="tails-the-amnesic-incognito-live-system">Tails (The Amnesic Incognito Live System)</h4>
<ul>
<li><strong>Purpose</strong>: Amnesic operating system for maximum privacy</li>
<li><strong>Security Features</strong>: Routes through Tor, leaves no traces, cryptographic tools included</li>
<li><strong>Platform Support</strong>: Live USB/DVD for any computer</li>
<li><strong>Website</strong>: <a href="https://tails.boum.org">tails.boum.org</a></li>
<li><strong>Operational Notes</strong>: Essential for high-security operations, resets after each use</li>
<li><strong>Setup Guide</strong>: Create persistent storage, verify downloads, configure additional software</li>
</ul>
<h4 id="qubes-os">Qubes OS</h4>
<ul>
<li><strong>Purpose</strong>: Security through isolation using virtual machines</li>
<li><strong>Security Features</strong>: Compartmentalized computing, Xen hypervisor, template system</li>
<li><strong>Platform Support</strong>: x86_64 computers with VT-x/AMD-V</li>
<li><strong>Website</strong>: <a href="https://qubes-os.org">qubes-os.org</a></li>
<li><strong>Operational Notes</strong>: Steep learning curve but excellent security model</li>
<li><strong>Setup Guide</strong>: Hardware compatibility check, create security domains, configure templates</li>
</ul>
<hr />
<h2 id="a3-file-security-and-storage">A.3 File Security and Storage</h2>
<h3 id="encryption-tools">Encryption Tools</h3>
<h4 id="veracrypt">VeraCrypt</h4>
<ul>
<li><strong>Purpose</strong>: Full disk and file container encryption</li>
<li><strong>Security Features</strong>: Strong encryption algorithms, hidden volumes, plausible deniability</li>
<li><strong>Platform Support</strong>: Windows, macOS, Linux</li>
<li><strong>Website</strong>: <a href="https://veracrypt.fr">veracrypt.fr</a></li>
<li><strong>Operational Notes</strong>: Successor to TrueCrypt, regularly updated</li>
<li><strong>Setup Guide</strong>: Create encrypted containers, use hidden volumes for sensitive data</li>
</ul>
<h4 id="7-zip-with-strong-encryption">7-Zip with Strong Encryption</h4>
<ul>
<li><strong>Purpose</strong>: File compression and encryption</li>
<li><strong>Security Features</strong>: AES-256 encryption, open source, command line support</li>
<li><strong>Platform Support</strong>: Windows, Linux (p7zip), macOS (via Homebrew)</li>
<li><strong>Website</strong>: <a href="https://7-zip.org">7-zip.org</a></li>
<li><strong>Operational Notes</strong>: Simple encryption for individual files and archives</li>
<li><strong>Setup Guide</strong>: Use strong passwords, enable AES-256 encryption</li>
</ul>
<h3 id="secure-file-sharing">Secure File Sharing</h3>
<h4 id="onionshare">OnionShare</h4>
<ul>
<li><strong>Purpose</strong>: Anonymous file sharing over Tor network</li>
<li><strong>Security Features</strong>: Tor hidden services, no third-party servers, automatic deletion</li>
<li><strong>Platform Support</strong>: Windows, macOS, Linux</li>
<li><strong>Website</strong>: <a href="https://onionshare.org">onionshare.org</a></li>
<li><strong>Operational Notes</strong>: Perfect for one-time secure file transfers</li>
<li><strong>Setup Guide</strong>: Configure Tor connection, set auto-stop timer, share .onion links securely</li>
</ul>
<h4 id="securedrop">SecureDrop</h4>
<ul>
<li><strong>Purpose</strong>: Anonymous document submission system</li>
<li><strong>Security Features</strong>: Tor-based, air-gapped servers, journalist verification</li>
<li><strong>Platform Support</strong>: Web-based (Tor Browser required)</li>
<li><strong>Website</strong>: <a href="https://securedrop.org">securedrop.org</a></li>
<li><strong>Operational Notes</strong>: Used by major news organizations for whistleblowing</li>
<li><strong>Setup Guide</strong>: Access via Tor Browser, follow submission guidelines</li>
</ul>
<h3 id="cloud-storage-security">Cloud Storage Security</h3>
<h4 id="cryptomator">Cryptomator</h4>
<ul>
<li><strong>Purpose</strong>: Client-side encryption for cloud storage</li>
<li><strong>Security Features</strong>: Transparent encryption, filename obfuscation, open source</li>
<li><strong>Platform Support</strong>: Windows, macOS, Linux, iOS, Android</li>
<li><strong>Website</strong>: <a href="https://cryptomator.org">cryptomator.org</a></li>
<li><strong>Operational Notes</strong>: Works with any cloud provider, zero-knowledge encryption</li>
<li><strong>Setup Guide</strong>: Create vault, configure cloud sync, use strong vault passwords</li>
</ul>
<hr />
<h2 id="a4-digital-security-tools">A.4 Digital Security Tools</h2>
<h3 id="password-management">Password Management</h3>
<h4 id="bitwarden">Bitwarden</h4>
<ul>
<li><strong>Purpose</strong>: Open source password manager</li>
<li><strong>Security Features</strong>: End-to-end encryption, self-hosting option, security audits</li>
<li><strong>Platform Support</strong>: All major platforms, browser extensions</li>
<li><strong>Website</strong>: <a href="https://bitwarden.com">bitwarden.com</a></li>
<li><strong>Operational Notes</strong>: Free tier available, can be self-hosted</li>
<li><strong>Setup Guide</strong>: Enable two-factor authentication, use strong master password, organize with folders</li>
</ul>
<h4 id="keepassxc">KeePassXC</h4>
<ul>
<li><strong>Purpose</strong>: Offline password manager</li>
<li><strong>Security Features</strong>: Local database, strong encryption, no cloud dependency</li>
<li><strong>Platform Support</strong>: Windows, macOS, Linux</li>
<li><strong>Website</strong>: <a href="https://keepassxc.org">keepassxc.org</a></li>
<li><strong>Operational Notes</strong>: Completely offline, database can be synced manually</li>
<li><strong>Setup Guide</strong>: Create strong database password, configure auto-type, backup database</li>
</ul>
<h3 id="two-factor-authentication">Two-Factor Authentication</h3>
<h4 id="aegis-authenticator-android">Aegis Authenticator (Android)</h4>
<ul>
<li><strong>Purpose</strong>: Open source TOTP authenticator</li>
<li><strong>Security Features</strong>: Encrypted vault, biometric unlock, backup/restore</li>
<li><strong>Platform Support</strong>: Android</li>
<li><strong>Website</strong>: <a href="https://getaegis.app">getaegis.app</a></li>
<li><strong>Operational Notes</strong>: No cloud dependency, encrypted local storage</li>
<li><strong>Setup Guide</strong>: Set vault password, backup vault file, import existing accounts</li>
</ul>
<h4 id="tofu-ios">Tofu (iOS)</h4>
<ul>
<li><strong>Purpose</strong>: Simple TOTP authenticator for iOS</li>
<li><strong>Security Features</strong>: Local storage, no cloud sync, open source</li>
<li><strong>Platform Support</strong>: iOS</li>
<li><strong>Website</strong>: Available on App Store</li>
<li><strong>Operational Notes</strong>: Minimal, focused on security and privacy</li>
<li><strong>Setup Guide</strong>: Add accounts via QR code, enable Face/Touch ID</li>
</ul>
<h3 id="system-security">System Security</h3>
<h4 id="clamav">ClamAV</h4>
<ul>
<li><strong>Purpose</strong>: Open source antivirus engine</li>
<li><strong>Security Features</strong>: Regular signature updates, command line interface, cross-platform</li>
<li><strong>Platform Support</strong>: Linux, Windows, macOS</li>
<li><strong>Website</strong>: <a href="https://clamav.net">clamav.net</a></li>
<li><strong>Operational Notes</strong>: Lightweight, good for server environments</li>
<li><strong>Setup Guide</strong>: Install via package manager, configure automatic updates</li>
</ul>
<h4 id="lynis">Lynis</h4>
<ul>
<li><strong>Purpose</strong>: Security auditing tool for Unix-based systems</li>
<li><strong>Security Features</strong>: Comprehensive system scanning, hardening suggestions</li>
<li><strong>Platform Support</strong>: Linux, macOS, Unix variants</li>
<li><strong>Website</strong>: <a href="https://cisofy.com/lynis">cisofy.com/lynis</a></li>
<li><strong>Operational Notes</strong>: Excellent for hardening systems and finding vulnerabilities</li>
<li><strong>Setup Guide</strong>: Run security scan, review recommendations, implement hardening</li>
</ul>
<hr />
<h2 id="a5-research-and-investigation-tools">A.5 Research and Investigation Tools</h2>
<h3 id="open-source-intelligence-osint">Open Source Intelligence (OSINT)</h3>
<h4 id="maltego">Maltego</h4>
<ul>
<li><strong>Purpose</strong>: Link analysis and data visualization for investigations</li>
<li><strong>Security Features</strong>: Local processing, extensive data sources, relationship mapping</li>
<li><strong>Platform Support</strong>: Windows, macOS, Linux</li>
<li><strong>Website</strong>: <a href="https://maltego.com">maltego.com</a></li>
<li><strong>Operational Notes</strong>: Community edition available, powerful for network analysis</li>
<li><strong>Setup Guide</strong>: Create account, install transforms, configure data sources</li>
</ul>
<h4 id="shodan">Shodan</h4>
<ul>
<li><strong>Purpose</strong>: Search engine for Internet-connected devices</li>
<li><strong>Security Features</strong>: API access, extensive device database, security research</li>
<li><strong>Platform Support</strong>: Web-based, API, command line tools</li>
<li><strong>Website</strong>: <a href="https://shodan.io">shodan.io</a></li>
<li><strong>Operational Notes</strong>: Valuable for reconnaissance and security research</li>
<li><strong>Setup Guide</strong>: Create account, obtain API key, use filters effectively</li>
</ul>
<h4 id="theharvester">TheHarvester</h4>
<ul>
<li><strong>Purpose</strong>: Information gathering tool for penetration testing</li>
<li><strong>Security Features</strong>: Multiple data sources, email/subdomain enumeration</li>
<li><strong>Platform Support</strong>: Linux, Python-based</li>
<li><strong>Website</strong>: <a href="https://github.com/laramies/theHarvester">github.com/laramies/theHarvester</a></li>
<li><strong>Operational Notes</strong>: Command line tool, good for initial reconnaissance</li>
<li><strong>Setup Guide</strong>: Install via pip, configure API keys, use appropriate data sources</li>
</ul>
<h3 id="social-media-analysis">Social Media Analysis</h3>
<h4 id="twint">Twint</h4>
<ul>
<li><strong>Purpose</strong>: Twitter scraping tool without API limitations</li>
<li><strong>Security Features</strong>: No authentication required, extensive filtering options</li>
<li><strong>Platform Support</strong>: Python-based, cross-platform</li>
<li><strong>Website</strong>: <a href="https://github.com/twintproject/twint">github.com/twintproject/twint</a></li>
<li><strong>Operational Notes</strong>: Useful for social media intelligence gathering</li>
<li><strong>Setup Guide</strong>: Install via pip, configure output formats, use search filters</li>
</ul>
<hr />
<h2 id="a6-hardware-recommendations">A.6 Hardware Recommendations</h2>
<h3 id="secure-computing-hardware">Secure Computing Hardware</h3>
<h4 id="laptops-for-security-operations">Laptops for Security Operations</h4>
<ul>
<li><strong>Recommended Models</strong>: ThinkPad X1 Carbon, System76 laptops, Purism Librem series</li>
<li><strong>Key Features</strong>: Hardware kill switches, open firmware support, good Linux compatibility</li>
<li><strong>Security Considerations</strong>: Disable Intel ME/AMD PSP, use full disk encryption</li>
<li><strong>Operational Notes</strong>: Dedicated hardware for sensitive operations recommended</li>
</ul>
<h4 id="mobile-devices">Mobile Devices</h4>
<ul>
<li><strong>Recommended</strong>: Google Pixel phones (for GrapheneOS), PinePhone (Linux mobile)</li>
<li><strong>Key Features</strong>: Unlockable bootloaders, custom ROM support, hardware security features</li>
<li><strong>Security Considerations</strong>: Install privacy-focused ROMs, disable unnecessary radios</li>
<li><strong>Operational Notes</strong>: Use separate devices for different operational roles</li>
</ul>
<h3 id="networking-hardware">Networking Hardware</h3>
<h4 id="secure-routers">Secure Routers</h4>
<ul>
<li><strong>Recommended</strong>: Devices supporting OpenWrt, pfSense boxes, GL.iNet travel routers</li>
<li><strong>Key Features</strong>: Open source firmware, VPN support, advanced firewall capabilities</li>
<li><strong>Security Considerations</strong>: Change default passwords, disable WPS, use strong encryption</li>
<li><strong>Operational Notes</strong>: Separate networks for different security levels</li>
</ul>
<h4 id="usb-security-keys">USB Security Keys</h4>
<ul>
<li><strong>Recommended</strong>: YubiKey 5 series, SoloKeys, Nitrokey</li>
<li><strong>Key Features</strong>: FIDO2/WebAuthn support, OpenPGP compatibility, hardware security</li>
<li><strong>Security Considerations</strong>: Use for two-factor authentication and encryption keys</li>
<li><strong>Operational Notes</strong>: Have backup keys stored securely</li>
</ul>
<hr />
<h2 id="a7-legal-and-safety-resources">A.7 Legal and Safety Resources</h2>
<h3 id="legal-support-organizations">Legal Support Organizations</h3>
<h4 id="electronic-frontier-foundation-eff">Electronic Frontier Foundation (EFF)</h4>
<ul>
<li><strong>Purpose</strong>: Digital rights advocacy and legal support</li>
<li><strong>Services</strong>: Legal guidance, privacy tools, digital security training</li>
<li><strong>Website</strong>: <a href="https://eff.org">eff.org</a></li>
<li><strong>Resources</strong>: Surveillance Self-Defense guide, legal observer training</li>
</ul>
<h4 id="national-lawyers-guild">National Lawyers Guild</h4>
<ul>
<li><strong>Purpose</strong>: Legal support for activists and protesters</li>
<li><strong>Services</strong>: Legal observers, jail support, know-your-rights training</li>
<li><strong>Website</strong>: <a href="https://nlg.org">nlg.org</a></li>
<li><strong>Resources</strong>: Local chapters, legal hotlines, protest legal support</li>
</ul>
<h3 id="digital-security-training">Digital Security Training</h3>
<h4 id="security-education-companion">Security Education Companion</h4>
<ul>
<li><strong>Purpose</strong>: Digital security curriculum for trainers</li>
<li><strong>Content</strong>: Lesson plans, activities, threat modeling guides</li>
<li><strong>Website</strong>: <a href="https://securityeducationcompanion.org">securityeducationcompanion.org</a></li>
<li><strong>Resources</strong>: Trainer guides, participant handouts, assessment tools</li>
</ul>
<h4 id="level-up">Level Up</h4>
<ul>
<li><strong>Purpose</strong>: Digital security training resources for civil society</li>
<li><strong>Content</strong>: Training curricula, facilitation guides, security planning</li>
<li><strong>Website</strong>: <a href="https://level-up.cc">level-up.cc</a></li>
<li><strong>Resources</strong>: Holistic security approach, trauma-informed training</li>
</ul>
<hr />
<h2 id="a8-emergency-resources">A.8 Emergency Resources</h2>
<h3 id="crisis-communication">Crisis Communication</h3>
<h4 id="bridgefy">Bridgefy</h4>
<ul>
<li><strong>Purpose</strong>: Offline messaging via Bluetooth mesh networks</li>
<li><strong>Security Features</strong>: End-to-end encryption, no internet required</li>
<li><strong>Platform Support</strong>: iOS, Android</li>
<li><strong>Use Case</strong>: Communication during internet shutdowns or emergencies</li>
</ul>
<h4 id="amateur-radio">Amateur Radio</h4>
<ul>
<li><strong>Purpose</strong>: Emergency communication when other systems fail</li>
<li><strong>Requirements</strong>: FCC license (in US), appropriate equipment</li>
<li><strong>Resources</strong>: ARRL.org for licensing, local clubs for training</li>
<li><strong>Operational Notes</strong>: Legal requirement for licensing, but valuable backup communication</li>
</ul>
<h3 id="emergency-contacts">Emergency Contacts</h3>
<h4 id="digital-security-helplines">Digital Security Helplines</h4>
<ul>
<li><strong>Access Now Digital Security Helpline</strong>: <a href="https://accessnow.org/help">accessnow.org/help</a></li>
<li><strong>Rapid Response Network</strong>: For urgent digital security incidents</li>
<li><strong>Local Legal Hotlines</strong>: Research and document local legal support numbers</li>
</ul>
<h4 id="medical-and-safety">Medical and Safety</h4>
<ul>
<li><strong>Street Medic Training</strong>: <a href="https://riotmedicine.net">riotmedicine.net</a></li>
<li><strong>Protest Safety Resources</strong>: Know your local legal observers and jail support</li>
</ul>
<hr />
<h2 id="a9-operational-security-checklists">A.9 Operational Security Checklists</h2>
<h3 id="pre-operation-security-checklist">Pre-Operation Security Checklist</h3>
<ul class="task-list">
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Threat model assessment completed</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Communication security protocols established</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Equipment security verified and tested</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Emergency procedures and contacts prepared</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Legal support and bail fund information available</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Operational security briefing conducted</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Counter-surveillance measures planned</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Information sanitization procedures ready</li>
</ul>
<h3 id="post-operation-security-checklist">Post-Operation Security Checklist</h3>
<ul class="task-list">
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Secure communication channels used for debriefing</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Equipment sanitized and secured</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Information properly compartmentalized and stored</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Security incidents documented and analyzed</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Lessons learned captured and shared appropriately</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Follow-up security measures implemented</li>
<li class="task-list-item"><input type="checkbox" class="task-list-item-checkbox" disabled="disabled" />Next operation security planning initiated</li>
</ul>
<hr />
<div class="info-box">
<div class="info-title">Tool Selection Criteria</div>
<p>When selecting tools for resistance operations, prioritize: 1) Open source software with public security audits, 2) Strong encryption and privacy protections, 3) Decentralized architecture when possible, 4) Active development and security updates, 5) Compatibility with operational security requirements.</p>
</div>
<div class="warning-box">
<div class="warning-title">Tool Security Warning</div>
<p>No tool provides perfect security. Always use defense in depth with multiple layers of protection, keep software updated, and regularly reassess your security posture. Tools are only as secure as their implementation and operational security practices.</p>
</div>
<nav class="section-nav">
<a href="/chapters/chapter-12/" class="nav-link">
<span class="arrow"></span>
<span>Chapter 12: Direct Action Planning</span>
</a>
<a href="/appendices/appendix-b/" class="nav-link">
<span>Appendix B: Legal Considerations</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/appendices/appendix-b/index.html
+740
View File
@@ -0,0 +1,740 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Appendix B: Legal Considerations and Rights - Field Manual for Resistance Operations</title>
<meta name="description" content="Legal framework, rights, and considerations for resistance activities">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="active">Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="appendix-b-legal-considerations-and-rights">Appendix B: Legal Considerations and Rights</h1>
<h2 id="overview">Overview</h2>
<p>This appendix provides essential legal information for resistance activities, including constitutional rights, legal protections, potential charges, and legal support resources. This information is primarily focused on United States law but includes general principles applicable in other jurisdictions.</p>
<p><strong>⚠️ Legal Disclaimer</strong>: This information is for educational purposes only and does not constitute legal advice. Laws vary by jurisdiction and change frequently. Always consult with qualified legal counsel for specific legal situations.</p>
<hr />
<h2 id="b1-constitutional-rights-and-protections">B.1 Constitutional Rights and Protections</h2>
<h3 id="first-amendment-rights-united-states">First Amendment Rights (United States)</h3>
<h4 id="freedom-of-speech">Freedom of Speech</h4>
<ul>
<li><strong>Protected Activities</strong>: Political expression, criticism of government, symbolic speech</li>
<li><strong>Limitations</strong>: True threats, incitement to imminent lawless action, fighting words</li>
<li><strong>Digital Context</strong>: Online speech generally protected, but platform terms of service may apply</li>
<li><strong>Operational Considerations</strong>: Document violations of speech rights, know local protest ordinances</li>
</ul>
<h4 id="freedom-of-assembly">Freedom of Assembly</h4>
<ul>
<li><strong>Protected Activities</strong>: Peaceful protests, demonstrations, rallies, meetings</li>
<li><strong>Permit Requirements</strong>: May be required for large gatherings or use of public spaces</li>
<li><strong>Time, Place, Manner Restrictions</strong>: Content-neutral restrictions may be constitutional</li>
<li><strong>Private Property</strong>: Property owners may restrict assembly on private land</li>
</ul>
<h4 id="freedom-of-association">Freedom of Association</h4>
<ul>
<li><strong>Protected Activities</strong>: Joining organizations, political parties, advocacy groups</li>
<li><strong>Limitations</strong>: Organizations engaged in illegal activities may lose protection</li>
<li><strong>Surveillance Concerns</strong>: Government monitoring of associations may violate rights</li>
<li><strong>Operational Security</strong>: Balance association rights with operational security needs</li>
</ul>
<h4 id="right-to-petition-government">Right to Petition Government</h4>
<ul>
<li><strong>Protected Activities</strong>: Lobbying, filing complaints, requesting information</li>
<li><strong>FOIA Rights</strong>: Freedom of Information Act requests for government documents</li>
<li><strong>Whistleblower Protections</strong>: Limited protections for government employees</li>
<li><strong>Retaliation Protections</strong>: Illegal for government to retaliate for protected petitioning</li>
</ul>
<h3 id="fourth-amendment-rights">Fourth Amendment Rights</h3>
<h4 id="protection-against-unreasonable-searches">Protection Against Unreasonable Searches</h4>
<ul>
<li><strong>Warrant Requirements</strong>: Generally required for searches of homes, personal effects</li>
<li><strong>Exceptions</strong>: Consent, exigent circumstances, plain view, search incident to arrest</li>
<li><strong>Digital Devices</strong>: Warrant generally required for cell phone searches</li>
<li><strong>Border Searches</strong>: Reduced protections at international borders</li>
</ul>
<h4 id="electronic-surveillance">Electronic Surveillance</h4>
<ul>
<li><strong>Wiretapping</strong>: Warrant required for real-time interception of communications</li>
<li><strong>Stored Communications</strong>: Different standards for stored vs. real-time communications</li>
<li><strong>Metadata</strong>: Less protection for metadata than content of communications</li>
<li><strong>Third-Party Doctrine</strong>: Information shared with third parties may lose protection</li>
</ul>
<h3 id="fifth-amendment-rights">Fifth Amendment Rights</h3>
<h4 id="right-against-self-incrimination">Right Against Self-Incrimination</h4>
<ul>
<li><strong>Miranda Rights</strong>: Right to remain silent during custodial interrogation</li>
<li><strong>Testimonial vs. Physical</strong>: Protection applies to testimonial evidence, not physical</li>
<li><strong>Password Protection</strong>: Uncertain protection for passwords vs. biometric unlocking</li>
<li><strong>Document Production</strong>: May be required to produce documents under subpoena</li>
</ul>
<h4 id="due-process-rights">Due Process Rights</h4>
<ul>
<li><strong>Procedural Due Process</strong>: Right to fair legal procedures</li>
<li><strong>Substantive Due Process</strong>: Protection of fundamental rights from government interference</li>
<li><strong>Equal Protection</strong>: Government must treat similarly situated people equally</li>
<li><strong>Vagueness Doctrine</strong>: Laws must be clear enough for people to understand</li>
</ul>
<h3 id="sixth-amendment-rights">Sixth Amendment Rights</h3>
<h4 id="right-to-counsel">Right to Counsel</h4>
<ul>
<li><strong>Criminal Proceedings</strong>: Right to attorney in criminal cases</li>
<li><strong>Custodial Interrogation</strong>: Right to have attorney present during questioning</li>
<li><strong>Quality of Representation</strong>: Right to effective assistance of counsel</li>
<li><strong>Self-Representation</strong>: Right to represent yourself (not recommended)</li>
</ul>
<h4 id="right-to-fair-trial">Right to Fair Trial</h4>
<ul>
<li><strong>Speedy Trial</strong>: Right to trial without unreasonable delay</li>
<li><strong>Public Trial</strong>: Generally right to public proceedings</li>
<li><strong>Impartial Jury</strong>: Right to jury free from bias and prejudice</li>
<li><strong>Confrontation</strong>: Right to cross-examine witnesses</li>
</ul>
<hr />
<h2 id="b2-common-legal-charges-and-penalties">B.2 Common Legal Charges and Penalties</h2>
<h3 id="protest-related-charges">Protest-Related Charges</h3>
<h4 id="disorderly-conduct">Disorderly Conduct</h4>
<ul>
<li><strong>Definition</strong>: Behavior that disturbs public peace or order</li>
<li><strong>Typical Penalties</strong>: Fines, short jail sentences, community service</li>
<li><strong>Defense Strategies</strong>: First Amendment protections, vague statute challenges</li>
<li><strong>Operational Notes</strong>: Often used as catch-all charge for protest activities</li>
</ul>
<h4 id="unlawful-assembly">Unlawful Assembly</h4>
<ul>
<li><strong>Definition</strong>: Gathering of people for illegal purpose or in illegal manner</li>
<li><strong>Typical Penalties</strong>: Misdemeanor charges, fines, possible jail time</li>
<li><strong>Defense Strategies</strong>: Challenge basis for unlawful determination</li>
<li><strong>Operational Notes</strong>: May be applied to otherwise legal gatherings</li>
</ul>
<h4 id="trespassing">Trespassing</h4>
<ul>
<li><strong>Definition</strong>: Unlawfully entering or remaining on property</li>
<li><strong>Typical Penalties</strong>: Fines, possible jail time, civil liability</li>
<li><strong>Defense Strategies</strong>: Lack of notice, public forum doctrine, necessity defense</li>
<li><strong>Operational Notes</strong>: Know property boundaries and access rights</li>
</ul>
<h4 id="obstruction-of-justice">Obstruction of Justice</h4>
<ul>
<li><strong>Definition</strong>: Interfering with law enforcement or judicial proceedings</li>
<li><strong>Typical Penalties</strong>: Serious misdemeanor or felony charges</li>
<li><strong>Defense Strategies</strong>: Lack of intent, First Amendment protections</li>
<li><strong>Operational Notes</strong>: Broad statute often used against activists</li>
</ul>
<h3 id="technology-related-charges">Technology-Related Charges</h3>
<h4 id="computer-fraud-and-abuse-act-cfaa-violations">Computer Fraud and Abuse Act (CFAA) Violations</h4>
<ul>
<li><strong>Definition</strong>: Unauthorized access to computers or exceeding authorized access</li>
<li><strong>Typical Penalties</strong>: Significant fines and prison sentences</li>
<li><strong>Defense Strategies</strong>: Challenge authorization definitions, proportionality arguments</li>
<li><strong>Operational Notes</strong>: Extremely broad statute with severe penalties</li>
</ul>
<h4 id="wire-fraud">Wire Fraud</h4>
<ul>
<li><strong>Definition</strong>: Using electronic communications to commit fraud</li>
<li><strong>Typical Penalties</strong>: Up to 20 years in prison, significant fines</li>
<li><strong>Defense Strategies</strong>: Challenge intent element, lack of materiality</li>
<li><strong>Operational Notes</strong>: Often used in cases involving online activities</li>
</ul>
<h4 id="identity-theft">Identity Theft</h4>
<ul>
<li><strong>Definition</strong>: Unlawfully using another persons identifying information</li>
<li><strong>Typical Penalties</strong>: Significant fines and prison sentences</li>
<li><strong>Defense Strategies</strong>: Lack of intent, authorized use</li>
<li><strong>Operational Notes</strong>: May apply to use of pseudonyms or false information</li>
</ul>
<h3 id="surveillance-and-privacy-charges">Surveillance and Privacy Charges</h3>
<h4 id="wiretapping-violations">Wiretapping Violations</h4>
<ul>
<li><strong>Definition</strong>: Illegally intercepting communications</li>
<li><strong>Typical Penalties</strong>: Fines and possible prison time</li>
<li><strong>Defense Strategies</strong>: Consent of parties, public place exception</li>
<li><strong>Operational Notes</strong>: Laws vary significantly by state</li>
</ul>
<h4 id="recording-laws">Recording Laws</h4>
<ul>
<li><strong>Definition</strong>: Illegally recording conversations or activities</li>
<li><strong>Typical Penalties</strong>: Varies by jurisdiction, civil and criminal liability</li>
<li><strong>Defense Strategies</strong>: One-party consent states, public place recordings</li>
<li><strong>Operational Notes</strong>: Know local recording laws before documenting activities</li>
</ul>
<h3 id="federal-charges">Federal Charges</h3>
<h4 id="domestic-terrorism">Domestic Terrorism</h4>
<ul>
<li><strong>Definition</strong>: Activities dangerous to human life intended to intimidate or coerce</li>
<li><strong>Typical Penalties</strong>: Life imprisonment or death penalty in extreme cases</li>
<li><strong>Defense Strategies</strong>: Challenge intent element, First Amendment protections</li>
<li><strong>Operational Notes</strong>: Extremely serious charges with severe consequences</li>
</ul>
<h4 id="seditious-conspiracy">Seditious Conspiracy</h4>
<ul>
<li><strong>Definition</strong>: Conspiracy to overthrow government or oppose its authority by force</li>
<li><strong>Typical Penalties</strong>: Up to 20 years in prison</li>
<li><strong>Defense Strategies</strong>: Challenge conspiracy elements, First Amendment protections</li>
<li><strong>Operational Notes</strong>: Rarely prosecuted but carries severe penalties</li>
</ul>
<h4 id="rico-violations">RICO Violations</h4>
<ul>
<li><strong>Definition</strong>: Racketeering activities as part of ongoing criminal enterprise</li>
<li><strong>Typical Penalties</strong>: Significant prison sentences and asset forfeiture</li>
<li><strong>Defense Strategies</strong>: Challenge enterprise element, pattern of activity</li>
<li><strong>Operational Notes</strong>: May be applied to activist organizations</li>
</ul>
<hr />
<h2 id="b3-legal-rights-during-encounters">B.3 Legal Rights During Encounters</h2>
<h3 id="police-encounters">Police Encounters</h3>
<h4 id="traffic-stops">Traffic Stops</h4>
<ul>
<li><strong>Required Actions</strong>: Provide license, registration, insurance if driving</li>
<li><strong>Optional Actions</strong>: Answering questions beyond identification</li>
<li><strong>Rights</strong>: Remain silent, refuse consent to search, ask if free to leave</li>
<li><strong>Operational Notes</strong>: Document interactions, remain calm and respectful</li>
</ul>
<h4 id="street-encounters">Street Encounters</h4>
<ul>
<li><strong>Required Actions</strong>: Generally none unless under arrest</li>
<li><strong>Optional Actions</strong>: Providing identification (varies by state)</li>
<li><strong>Rights</strong>: Ask if free to leave, remain silent, refuse consent to search</li>
<li><strong>Operational Notes</strong>: Know local stop-and-identify laws</li>
</ul>
<h4 id="protests-and-demonstrations">Protests and Demonstrations</h4>
<ul>
<li><strong>Rights</strong>: First Amendment protections, right to observe and record</li>
<li><strong>Limitations</strong>: Lawful police orders, permit requirements</li>
<li><strong>Operational Notes</strong>: Legal observers, know dispersal procedures</li>
</ul>
<h3 id="arrest-procedures">Arrest Procedures</h3>
<h4 id="during-arrest">During Arrest</h4>
<ul>
<li><strong>Rights</strong>: Remain silent, request attorney, refuse consent to search</li>
<li><strong>Required Actions</strong>: Comply with physical arrest, provide identification</li>
<li><strong>Prohibited Actions</strong>: Resisting arrest, providing false information</li>
<li><strong>Operational Notes</strong>: Document badge numbers, witness information</li>
</ul>
<h4 id="custodial-interrogation">Custodial Interrogation</h4>
<ul>
<li><strong>Rights</strong>: Miranda warnings, right to attorney, right to remain silent</li>
<li><strong>Strategies</strong>: Invoke rights clearly, do not waive rights</li>
<li><strong>Operational Notes</strong>: Anything said can be used against you</li>
</ul>
<h4 id="booking-and-processing">Booking and Processing</h4>
<ul>
<li><strong>Required Actions</strong>: Fingerprinting, photographing, basic information</li>
<li><strong>Optional Actions</strong>: Answering investigative questions</li>
<li><strong>Rights</strong>: Medical attention, phone calls, attorney contact</li>
<li><strong>Operational Notes</strong>: Know jail support procedures</li>
</ul>
<h3 id="search-and-seizure-rights">Search and Seizure Rights</h3>
<h4 id="home-searches">Home Searches</h4>
<ul>
<li><strong>Warrant Requirements</strong>: Generally required unless exigent circumstances</li>
<li><strong>Consent</strong>: Can refuse consent to search</li>
<li><strong>Scope</strong>: Search limited to areas specified in warrant</li>
<li><strong>Operational Notes</strong>: Request to see warrant, document search</li>
</ul>
<h4 id="vehicle-searches">Vehicle Searches</h4>
<ul>
<li><strong>Probable Cause</strong>: Required for search without consent</li>
<li><strong>Consent</strong>: Can refuse consent to search</li>
<li><strong>Inventory Searches</strong>: May occur during impoundment</li>
<li><strong>Operational Notes</strong>: Keep vehicles clean of sensitive materials</li>
</ul>
<h4 id="digital-device-searches">Digital Device Searches</h4>
<ul>
<li><strong>Warrant Requirements</strong>: Generally required for cell phone searches</li>
<li><strong>Border Exceptions</strong>: Reduced protections at international borders</li>
<li><strong>Consent</strong>: Can refuse consent to unlock devices</li>
<li><strong>Operational Notes</strong>: Use strong passwords, consider device encryption</li>
</ul>
<hr />
<h2 id="b4-legal-support-and-resources">B.4 Legal Support and Resources</h2>
<h3 id="finding-legal-representation">Finding Legal Representation</h3>
<h4 id="criminal-defense-attorneys">Criminal Defense Attorneys</h4>
<ul>
<li><strong>Specializations</strong>: Look for attorneys experienced in protest law, civil rights</li>
<li><strong>Consultation</strong>: Many offer free initial consultations</li>
<li><strong>Payment</strong>: Public defenders available for indigent defendants</li>
<li><strong>Operational Notes</strong>: Establish attorney relationships before needed</li>
</ul>
<h4 id="civil-rights-organizations">Civil Rights Organizations</h4>
<ul>
<li><strong>ACLU</strong>: American Civil Liberties Union - <a href="https://aclu.org">aclu.org</a></li>
<li><strong>EFF</strong>: Electronic Frontier Foundation - <a href="https://eff.org">eff.org</a></li>
<li><strong>National Lawyers Guild</strong>: <a href="https://nlg.org">nlg.org</a></li>
<li><strong>Center for Constitutional Rights</strong>: <a href="https://ccrjustice.org">ccrjustice.org</a></li>
</ul>
<h4 id="legal-observers">Legal Observers</h4>
<ul>
<li><strong>Training</strong>: Many organizations provide legal observer training</li>
<li><strong>Role</strong>: Document police behavior, provide witness testimony</li>
<li><strong>Rights</strong>: Generally same as other protesters, special press protections may apply</li>
<li><strong>Operational Notes</strong>: Wear identifying clothing, maintain neutrality</li>
</ul>
<h3 id="bail-and-jail-support">Bail and Jail Support</h3>
<h4 id="bail-funds">Bail Funds</h4>
<ul>
<li><strong>Purpose</strong>: Provide bail money for arrested activists</li>
<li><strong>Local Funds</strong>: Research local bail funds before actions</li>
<li><strong>National Funds</strong>: Some organizations provide national support</li>
<li><strong>Operational Notes</strong>: Know contact information, have emergency contacts</li>
</ul>
<h4 id="jail-support">Jail Support</h4>
<ul>
<li><strong>Purpose</strong>: Provide support for people being released from jail</li>
<li><strong>Services</strong>: Transportation, food, emotional support, legal information</li>
<li><strong>Organization</strong>: Usually coordinated by local activist groups</li>
<li><strong>Operational Notes</strong>: Establish jail support before actions</li>
</ul>
<h3 id="know-your-rights-training">Know Your Rights Training</h3>
<h4 id="legal-clinics">Legal Clinics</h4>
<ul>
<li><strong>Content</strong>: Rights during police encounters, protest law, digital security</li>
<li><strong>Providers</strong>: Legal organizations, activist groups, law schools</li>
<li><strong>Format</strong>: Workshops, online resources, printed materials</li>
<li><strong>Operational Notes</strong>: Regular training updates as laws change</li>
</ul>
<h4 id="digital-security-training">Digital Security Training</h4>
<ul>
<li><strong>Content</strong>: Privacy rights, surveillance law, device security</li>
<li><strong>Providers</strong>: EFF, digital rights organizations, security trainers</li>
<li><strong>Resources</strong>: Surveillance Self-Defense guide, Security Education Companion</li>
<li><strong>Operational Notes</strong>: Integrate legal and technical security training</li>
</ul>
<hr />
<h2 id="b5-international-considerations">B.5 International Considerations</h2>
<h3 id="cross-border-activities">Cross-Border Activities</h3>
<h4 id="jurisdiction-issues">Jurisdiction Issues</h4>
<ul>
<li><strong>Multiple Laws</strong>: Activities may be subject to laws of multiple countries</li>
<li><strong>Extradition</strong>: Possibility of extradition for serious crimes</li>
<li><strong>Diplomatic Immunity</strong>: Limited protections for most activists</li>
<li><strong>Operational Notes</strong>: Research laws in all relevant jurisdictions</li>
</ul>
<h4 id="travel-considerations">Travel Considerations</h4>
<ul>
<li><strong>Border Searches</strong>: Enhanced search powers at international borders</li>
<li><strong>Visa Requirements</strong>: Political activities may affect visa eligibility</li>
<li><strong>Surveillance</strong>: Increased surveillance of international travelers</li>
<li><strong>Operational Notes</strong>: Use clean devices when crossing borders</li>
</ul>
<h3 id="international-law">International Law</h3>
<h4 id="human-rights-law">Human Rights Law</h4>
<ul>
<li><strong>Universal Declaration</strong>: Fundamental rights recognized internationally</li>
<li><strong>Regional Systems</strong>: European, Inter-American, African human rights systems</li>
<li><strong>Enforcement</strong>: Limited enforcement mechanisms for violations</li>
<li><strong>Operational Notes</strong>: Document human rights violations</li>
</ul>
<h4 id="diplomatic-protections">Diplomatic Protections</h4>
<ul>
<li><strong>Consular Services</strong>: Limited assistance from home country consulates</li>
<li><strong>Political Asylum</strong>: Possible protection for political persecution</li>
<li><strong>Refugee Status</strong>: Protection for those fleeing persecution</li>
<li><strong>Operational Notes</strong>: Know consular contact information</li>
</ul>
<hr />
<h2 id="b6-legal-risk-assessment">B.6 Legal Risk Assessment</h2>
<h3 id="risk-factors">Risk Factors</h3>
<h4 id="activity-based-risks">Activity-Based Risks</h4>
<ul>
<li><strong>Type of Activity</strong>: Different activities carry different legal risks</li>
<li><strong>Location</strong>: Laws vary significantly by jurisdiction</li>
<li><strong>Participants</strong>: Number and background of participants affects risk</li>
<li><strong>Timing</strong>: Current political climate affects enforcement</li>
</ul>
<h4 id="personal-risk-factors">Personal Risk Factors</h4>
<ul>
<li><strong>Criminal History</strong>: Prior arrests may affect treatment and sentencing</li>
<li><strong>Immigration Status</strong>: Non-citizens face additional risks including deportation</li>
<li><strong>Employment</strong>: Some jobs may be affected by arrests or convictions</li>
<li><strong>Family Situation</strong>: Dependents may be affected by legal consequences</li>
</ul>
<h3 id="risk-mitigation-strategies">Risk Mitigation Strategies</h3>
<h4 id="legal-preparation">Legal Preparation</h4>
<ul>
<li><strong>Know Your Rights</strong>: Understand legal rights and protections</li>
<li><strong>Legal Contacts</strong>: Establish relationships with attorneys before needed</li>
<li><strong>Bail Planning</strong>: Arrange bail funds and jail support in advance</li>
<li><strong>Documentation</strong>: Prepare legal documents and emergency contacts</li>
</ul>
<h4 id="operational-security">Operational Security</h4>
<ul>
<li><strong>Compartmentalization</strong>: Limit knowledge of illegal activities</li>
<li><strong>Communication Security</strong>: Use secure communication methods</li>
<li><strong>Evidence Management</strong>: Minimize creation and retention of evidence</li>
<li><strong>Identity Protection</strong>: Protect real identities when possible</li>
</ul>
<hr />
<h2 id="b7-post-arrest-procedures">B.7 Post-Arrest Procedures</h2>
<h3 id="immediate-actions">Immediate Actions</h3>
<h4 id="during-detention">During Detention</h4>
<ul>
<li><strong>Invoke Rights</strong>: Clearly invoke right to remain silent and right to attorney</li>
<li><strong>Document Everything</strong>: Remember details of arrest and treatment</li>
<li><strong>Medical Attention</strong>: Request medical attention if needed</li>
<li><strong>Contact Information</strong>: Provide emergency contact information</li>
</ul>
<h4 id="communication-with-outside">Communication with Outside</h4>
<ul>
<li><strong>Phone Calls</strong>: Use phone calls to contact attorney and jail support</li>
<li><strong>Visitors</strong>: Limit visitors to attorney and essential support people</li>
<li><strong>Mail</strong>: Be aware that jail mail may be monitored</li>
<li><strong>Operational Notes</strong>: Assume all communications are monitored except attorney calls</li>
</ul>
<h3 id="legal-strategy">Legal Strategy</h3>
<h4 id="initial-court-appearance">Initial Court Appearance</h4>
<ul>
<li><strong>Arraignment</strong>: First court appearance, charges formally read</li>
<li><strong>Bail Hearing</strong>: Determination of bail amount and conditions</li>
<li><strong>Plea</strong>: Generally advisable to plead not guilty initially</li>
<li><strong>Attorney</strong>: Essential to have attorney representation</li>
</ul>
<h4 id="case-development">Case Development</h4>
<ul>
<li><strong>Discovery</strong>: Review evidence against you</li>
<li><strong>Motions</strong>: Challenge evidence and procedures</li>
<li><strong>Negotiations</strong>: Possible plea negotiations</li>
<li><strong>Trial</strong>: Jury trial if case proceeds</li>
</ul>
<h3 id="long-term-considerations">Long-Term Considerations</h3>
<h4 id="conviction-consequences">Conviction Consequences</h4>
<ul>
<li><strong>Criminal Record</strong>: Permanent criminal record for convictions</li>
<li><strong>Employment</strong>: May affect current and future employment</li>
<li><strong>Immigration</strong>: Serious consequences for non-citizens</li>
<li><strong>Civil Rights</strong>: May lose certain civil rights (voting, gun ownership)</li>
</ul>
<h4 id="appeals-process">Appeals Process</h4>
<ul>
<li><strong>Grounds</strong>: Legal errors during trial or sentencing</li>
<li><strong>Timing</strong>: Strict deadlines for filing appeals</li>
<li><strong>Representation</strong>: Attorney essential for appeals process</li>
<li><strong>Success Rates</strong>: Appeals are difficult and rarely successful</li>
</ul>
<hr />
<div class="warning-box">
<div class="warning-title">Legal Risk Warning</div>
<p>Resistance activities carry significant legal risks including arrest, prosecution, and imprisonment. Laws are complex and change frequently. This information is not a substitute for qualified legal advice. Always consult with an attorney before engaging in activities that may have legal consequences.</p>
</div>
<div class="info-box">
<div class="info-title">Legal Support Importance</div>
<p>Establishing relationships with legal support organizations and attorneys before engaging in resistance activities is crucial. Legal preparation and know-your-rights training significantly improve outcomes during legal encounters.</p>
</div>
<nav class="section-nav">
<a href="/appendices/appendix-a/" class="nav-link">
<span class="arrow"></span>
<span>Appendix A: Essential Tools</span>
</a>
<a href="/appendices/appendix-c/" class="nav-link">
<span>Appendix C: Emergency Procedures</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/appendices/appendix-c/index.html
+973
View File
@@ -0,0 +1,973 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Appendix C: Emergency Procedures and Crisis Response - Field Manual for Resistance Operations</title>
<meta name="description" content="Comprehensive emergency response procedures for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" class="active">Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="appendix-c-emergency-procedures-and-crisis-response">Appendix C: Emergency Procedures and Crisis Response</h1>
<h2 id="overview">Overview</h2>
<p>This appendix provides comprehensive emergency procedures and crisis response protocols for resistance operations. These procedures are designed to protect personnel, minimize damage, and maintain operational security during various emergency scenarios.</p>
<p><strong>Emergency situations covered:</strong></p>
<ul>
<li>Surveillance detection and compromise</li>
<li>Arrest and detention scenarios</li>
<li>Communication system failures</li>
<li>Physical security breaches</li>
<li>Medical emergencies during operations</li>
<li>Natural disasters and infrastructure failures</li>
<li>Infiltration and counter-intelligence threats</li>
</ul>
<hr />
<h2 id="c1-emergency-response-framework">C.1 Emergency Response Framework</h2>
<h3 id="crisis-classification-system">Crisis Classification System</h3>
<h4 id="threat-level-classifications">Threat Level Classifications</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Emergency Threat Levels:
Level 1 - Low Risk:
- Routine surveillance detected
- Minor operational security lapses
- Non-critical communication failures
- Minor injuries or medical issues
Level 2 - Moderate Risk:
- Targeted surveillance confirmed
- Operational security compromises
- Critical communication system failures
- Serious injuries requiring medical attention
Level 3 - High Risk:
- Active law enforcement investigation
- Network compromise suspected
- Multiple system failures
- Life-threatening medical emergencies
Level 4 - Critical Risk:
- Imminent arrest or raid
- Confirmed network infiltration
- Complete communication breakdown
- Mass casualty incidents
</code></pre></div></div>
<h4 id="response-activation-triggers">Response Activation Triggers</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Automatic Response Triggers:
1. Surveillance Detection:
- Multiple surveillance teams identified
- Electronic surveillance indicators detected
- Unusual law enforcement activity in operational areas
- Compromise of surveillance detection protocols
2. Communication Failures:
- Primary communication systems compromised
- Unusual communication patterns detected
- Missing check-ins from critical personnel
- Interception of sensitive communications
3. Personnel Issues:
- Arrest of network members
- Disappearance of key personnel
- Suspected infiltration or compromise
- Medical emergencies during operations
4. Operational Compromises:
- Safe house discovery or compromise
- Equipment seizure or discovery
- Operational plan exposure
- Identity compromise of key personnel
</code></pre></div></div>
<h3 id="emergency-command-structure">Emergency Command Structure</h3>
<h4 id="crisis-response-team-roles">Crisis Response Team Roles</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Emergency Response Organization:
1. Crisis Commander:
- Overall emergency response coordination
- Strategic decision-making authority
- Resource allocation and prioritization
- External communication and liaison
2. Security Coordinator:
- Threat assessment and analysis
- Counter-surveillance operations
- Operational security enforcement
- Intelligence gathering and analysis
3. Communications Coordinator:
- Emergency communication systems management
- Information flow coordination
- External communication security
- Backup communication system activation
4. Logistics Coordinator:
- Resource mobilization and allocation
- Transportation and evacuation coordination
- Safe house and facility management
- Supply and equipment management
5. Medical Coordinator:
- Medical emergency response
- Casualty assessment and treatment
- Medical evacuation coordination
- Psychological support and counseling
</code></pre></div></div>
<h4 id="decision-making-protocols">Decision-Making Protocols</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Emergency Decision Framework:
1. Immediate Response (0-15 minutes):
- Threat assessment and classification
- Immediate safety measures implementation
- Emergency communication activation
- Initial resource mobilization
2. Short-term Response (15 minutes - 2 hours):
- Detailed situation analysis
- Response strategy development
- Resource allocation and deployment
- Coordination with external support
3. Medium-term Response (2-24 hours):
- Sustained response operations
- Damage assessment and control
- Recovery planning initiation
- Lessons learned documentation
4. Long-term Response (24+ hours):
- Recovery and reconstitution operations
- Security enhancement implementation
- Operational adjustment and improvement
- Post-incident analysis and reporting
</code></pre></div></div>
<hr />
<h2 id="c2-surveillance-and-compromise-response">C.2 Surveillance and Compromise Response</h2>
<h3 id="surveillance-detection-response">Surveillance Detection Response</h3>
<h4 id="immediate-response-procedures">Immediate Response Procedures</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Surveillance Detection Protocol:
1. Confirmation Phase:
- Verify surveillance through multiple methods
- Document surveillance team characteristics
- Assess surveillance capabilities and intent
- Determine surveillance duration and scope
2. Notification Phase:
- Alert relevant personnel using secure channels
- Implement communication security protocols
- Activate counter-surveillance measures
- Coordinate response with security team
3. Evasion Phase:
- Execute pre-planned evasion routes
- Implement counter-surveillance techniques
- Vary patterns and behaviors
- Seek secure locations for assessment
4. Assessment Phase:
- Evaluate surveillance effectiveness and persistence
- Determine compromise level and implications
- Plan appropriate response measures
- Document incident for analysis
</code></pre></div></div>
<h4 id="counter-surveillance-operations">Counter-Surveillance Operations</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Counter-Surveillance Framework:
1. Detection Operations:
- Deploy counter-surveillance teams
- Use technical surveillance detection equipment
- Monitor communication channels for interception
- Conduct pattern analysis and behavioral assessment
2. Disruption Operations:
- Implement surveillance disruption techniques
- Use decoy operations and misdirection
- Employ technical countermeasures
- Coordinate multi-team evasion operations
3. Intelligence Gathering:
- Identify surveillance personnel and capabilities
- Document surveillance methods and equipment
- Assess surveillance objectives and scope
- Gather intelligence on surveillance organization
4. Response Coordination:
- Coordinate with legal support organizations
- Implement media and public relations strategy
- Coordinate with other affected organizations
- Plan long-term counter-surveillance strategy
</code></pre></div></div>
<h3 id="network-compromise-response">Network Compromise Response</h3>
<h4 id="compromise-assessment-procedures">Compromise Assessment Procedures</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Compromise Assessment Framework:
1. Initial Assessment:
- Identify scope and nature of compromise
- Assess immediate threats to personnel
- Evaluate operational security implications
- Determine response priority and urgency
2. Damage Control:
- Implement immediate security measures
- Isolate compromised systems and personnel
- Activate backup communication systems
- Secure sensitive materials and information
3. Investigation:
- Conduct detailed compromise analysis
- Identify compromise vectors and methods
- Assess ongoing threats and vulnerabilities
- Document findings for security improvement
4. Recovery Planning:
- Develop network reconstitution strategy
- Plan security enhancement measures
- Coordinate personnel safety and relocation
- Implement lessons learned and improvements
</code></pre></div></div>
<h4 id="information-sanitization-procedures">Information Sanitization Procedures</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Emergency Sanitization Protocol:
1. Digital Information:
- Secure deletion of sensitive files
- Encryption key destruction and replacement
- Communication history sanitization
- Database and backup sanitization
2. Physical Materials:
- Document destruction using appropriate methods
- Equipment sanitization and disposal
- Location sanitization and cleanup
- Evidence removal and destruction
3. Communication Channels:
- Channel shutdown and replacement
- Key rotation and distribution
- Contact list sanitization
- Communication pattern modification
4. Personnel Information:
- Identity protection and modification
- Contact information updates
- Location changes and relocation
- Cover story development and implementation
</code></pre></div></div>
<hr />
<h2 id="c3-arrest-and-detention-response">C.3 Arrest and Detention Response</h2>
<h3 id="pre-arrest-procedures">Pre-Arrest Procedures</h3>
<h4 id="arrest-preparation-protocols">Arrest Preparation Protocols</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Arrest Preparation Framework:
1. Legal Preparation:
- Attorney contact information readily available
- Legal rights and procedures memorized
- Bail fund and jail support arrangements
- Emergency contact notification procedures
2. Operational Security:
- Sensitive information secured or destroyed
- Communication devices secured or sanitized
- Identity documents and cover materials prepared
- Emergency signal and notification procedures
3. Personal Preparation:
- Medical information and medications available
- Personal effects and comfort items prepared
- Family and dependent care arrangements
- Psychological preparation and stress management
4. Network Coordination:
- Arrest notification procedures established
- Backup leadership and succession planning
- Operational continuity procedures
- Support network activation protocols
</code></pre></div></div>
<h4 id="immediate-pre-arrest-actions">Immediate Pre-Arrest Actions</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Pre-Arrest Response Protocol:
1. Threat Recognition:
- Identify signs of imminent arrest
- Assess law enforcement presence and capabilities
- Evaluate escape and evasion options
- Determine appropriate response strategy
2. Information Security:
- Secure or destroy sensitive materials
- Sanitize communication devices
- Activate emergency communication protocols
- Notify relevant personnel of situation
3. Personal Security:
- Ensure personal safety and protection
- Prepare for potential use of force
- Document law enforcement actions
- Maintain calm and professional demeanor
4. Legal Preparation:
- Review legal rights and procedures
- Prepare for interrogation and questioning
- Ensure attorney contact information available
- Activate legal support network
</code></pre></div></div>
<h3 id="during-arrest-procedures">During Arrest Procedures</h3>
<h4 id="arrest-response-protocol">Arrest Response Protocol</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>During Arrest Framework:
1. Immediate Response:
- Comply with lawful orders and commands
- Clearly invoke right to remain silent
- Request attorney representation immediately
- Document badge numbers and officer information
2. Communication Management:
- Refuse to answer investigative questions
- Limit communication to essential information
- Avoid discussing operational matters
- Request private communication with attorney
3. Physical Security:
- Comply with search procedures
- Refuse consent to searches when possible
- Document any excessive force or misconduct
- Seek medical attention if injured
4. Information Protection:
- Provide only legally required identification
- Refuse to provide passwords or encryption keys
- Avoid discussing associates or activities
- Maintain operational security principles
</code></pre></div></div>
<h4 id="detention-procedures">Detention Procedures</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Detention Response Framework:
1. Initial Processing:
- Provide required identification information
- Request medical attention if needed
- Exercise right to phone calls strategically
- Document treatment and conditions
2. Communication Strategy:
- Contact attorney as first priority
- Notify jail support and emergency contacts
- Coordinate with legal support organizations
- Maintain communication security protocols
3. Information Security:
- Refuse to discuss operational matters
- Avoid providing information about associates
- Maintain cover stories and operational security
- Document any interrogation attempts
4. Support Coordination:
- Coordinate with jail support network
- Arrange for legal representation
- Organize bail and release procedures
- Plan for post-release security measures
</code></pre></div></div>
<h3 id="post-release-procedures">Post-Release Procedures</h3>
<h4 id="immediate-post-release-actions">Immediate Post-Release Actions</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Post-Release Protocol:
1. Security Assessment:
- Evaluate surveillance and monitoring
- Assess operational security implications
- Determine safe locations and procedures
- Coordinate with security support team
2. Legal Coordination:
- Meet with attorney for case planning
- Review charges and legal strategy
- Coordinate with legal support organizations
- Plan for ongoing legal proceedings
3. Medical and Psychological Support:
- Seek medical attention if needed
- Access psychological support and counseling
- Address trauma and stress from detention
- Coordinate with support network
4. Operational Security:
- Implement enhanced security measures
- Modify operational patterns and procedures
- Update communication and contact information
- Coordinate with network security team
</code></pre></div></div>
<h4 id="long-term-recovery-planning">Long-term Recovery Planning</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Recovery Planning Framework:
1. Security Enhancement:
- Implement lessons learned from arrest
- Enhance operational security procedures
- Modify communication and coordination methods
- Strengthen counter-surveillance capabilities
2. Legal Strategy:
- Develop comprehensive legal defense strategy
- Coordinate with legal support organizations
- Plan for trial and potential conviction
- Address immigration and employment implications
3. Network Coordination:
- Assess impact on network operations
- Implement operational continuity measures
- Coordinate support for affected personnel
- Plan for ongoing security and operations
4. Personal Recovery:
- Address physical and psychological impacts
- Rebuild personal and professional relationships
- Plan for ongoing legal and security challenges
- Develop long-term resilience and coping strategies
</code></pre></div></div>
<hr />
<h2 id="c4-communication-system-failures">C.4 Communication System Failures</h2>
<h3 id="communication-failure-response">Communication Failure Response</h3>
<h4 id="primary-system-failure-procedures">Primary System Failure Procedures</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Communication Failure Protocol:
1. Failure Detection:
- Identify nature and scope of communication failure
- Assess impact on ongoing operations
- Determine cause and potential duration
- Evaluate security implications
2. Backup System Activation:
- Activate pre-planned backup communication systems
- Notify personnel of system changes
- Implement alternative communication protocols
- Test backup system functionality and security
3. Information Management:
- Prioritize critical communications
- Implement information triage procedures
- Maintain communication logs and records
- Coordinate information flow and distribution
4. System Recovery:
- Assess primary system security and integrity
- Plan system restoration and recovery
- Implement security enhancements
- Test restored system functionality
</code></pre></div></div>
<h4 id="alternative-communication-methods">Alternative Communication Methods</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Backup Communication Framework:
1. Digital Alternatives:
- Secondary encrypted messaging platforms
- Alternative email and communication services
- Peer-to-peer communication networks
- Amateur radio and emergency communication
2. Physical Alternatives:
- Dead drop and physical message systems
- Courier and messenger networks
- Public meeting and coordination locations
- Signal and sign-based communication
3. Coded Communication:
- Pre-arranged coded language and signals
- Public communication channels with coding
- Social media and public platform communication
- Emergency signal and notification systems
4. Emergency Protocols:
- Crisis communication procedures
- Emergency contact and notification systems
- Coordination with external support organizations
- Public communication and media coordination
</code></pre></div></div>
<h3 id="information-security-during-failures">Information Security During Failures</h3>
<h4 id="security-protocols-for-alternative-systems">Security Protocols for Alternative Systems</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Alternative System Security:
1. Encryption and Privacy:
- Implement encryption for all alternative communications
- Use secure and verified communication platforms
- Maintain privacy and anonymity protections
- Avoid compromised or insecure systems
2. Authentication and Verification:
- Verify identity of communication partners
- Use pre-arranged authentication procedures
- Implement message verification and integrity checks
- Detect and respond to impersonation attempts
3. Operational Security:
- Maintain compartmentalization and need-to-know
- Limit information sharing to essential communications
- Use coded language and operational security procedures
- Monitor for surveillance and interception
4. Recovery Planning:
- Plan for transition back to primary systems
- Implement security assessment of alternative systems
- Document lessons learned and improvements
- Enhance backup communication capabilities
</code></pre></div></div>
<hr />
<h2 id="c5-medical-emergency-response">C.5 Medical Emergency Response</h2>
<h3 id="medical-emergency-protocols">Medical Emergency Protocols</h3>
<h4 id="emergency-medical-response-framework">Emergency Medical Response Framework</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Medical Emergency Protocol:
1. Immediate Response:
- Assess medical situation and severity
- Provide immediate first aid and life support
- Coordinate with emergency medical services
- Implement operational security measures
2. Medical Coordination:
- Contact qualified medical personnel
- Coordinate transportation to medical facilities
- Provide medical history and information
- Coordinate with family and emergency contacts
3. Security Considerations:
- Protect operational security during medical emergency
- Coordinate with legal support if law enforcement involved
- Manage information sharing with medical personnel
- Plan for ongoing security during medical treatment
4. Follow-up Care:
- Coordinate ongoing medical treatment and care
- Address psychological and emotional support needs
- Plan for return to operational activities
- Document incident and lessons learned
</code></pre></div></div>
<h4 id="operational-medical-considerations">Operational Medical Considerations</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Operational Medical Framework:
1. Pre-Operation Medical Planning:
- Assess medical risks and requirements
- Identify medical personnel and resources
- Plan for medical emergency response
- Coordinate with emergency medical services
2. Medical Equipment and Supplies:
- Maintain first aid and medical supplies
- Train personnel in first aid and emergency response
- Coordinate with medical professionals
- Plan for medical equipment security and transport
3. Medical Information Security:
- Protect medical information and privacy
- Coordinate with medical personnel on security needs
- Plan for medical information sharing
- Address legal and ethical medical considerations
4. Psychological Support:
- Provide psychological first aid and support
- Coordinate with mental health professionals
- Address trauma and stress from operations
- Plan for ongoing psychological support and care
</code></pre></div></div>
<hr />
<h2 id="c6-natural-disasters-and-infrastructure-failures">C.6 Natural Disasters and Infrastructure Failures</h2>
<h3 id="disaster-response-procedures">Disaster Response Procedures</h3>
<h4 id="natural-disaster-response-framework">Natural Disaster Response Framework</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Disaster Response Protocol:
1. Immediate Safety:
- Ensure immediate safety of personnel
- Evacuate dangerous areas and locations
- Provide emergency shelter and protection
- Coordinate with emergency services
2. Communication and Coordination:
- Establish emergency communication systems
- Coordinate with disaster response organizations
- Maintain contact with network personnel
- Coordinate resource sharing and mutual aid
3. Operational Continuity:
- Assess impact on operational capabilities
- Implement operational continuity procedures
- Relocate operations to safe locations
- Maintain essential operational functions
4. Recovery and Reconstruction:
- Assess damage and recovery requirements
- Plan for operational reconstruction
- Coordinate with community recovery efforts
- Implement lessons learned and improvements
</code></pre></div></div>
<h4 id="infrastructure-failure-response">Infrastructure Failure Response</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Infrastructure Failure Framework:
1. Power and Utility Failures:
- Implement backup power and utility systems
- Coordinate with utility companies and services
- Plan for extended outages and disruptions
- Maintain essential operations and communications
2. Transportation Disruptions:
- Implement alternative transportation methods
- Coordinate with transportation authorities
- Plan for personnel and resource movement
- Maintain operational coordination and communication
3. Communication Infrastructure Failures:
- Activate backup communication systems
- Coordinate with communication service providers
- Implement alternative communication methods
- Maintain operational coordination and security
4. Financial System Disruptions:
- Implement alternative financial and payment systems
- Coordinate with financial institutions
- Plan for resource allocation and distribution
- Maintain operational funding and support
</code></pre></div></div>
<hr />
<h2 id="c7-emergency-contact-information">C.7 Emergency Contact Information</h2>
<h3 id="emergency-contact-templates">Emergency Contact Templates</h3>
<h4 id="personal-emergency-contacts">Personal Emergency Contacts</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Personal Emergency Contact Information:
1. Legal Support:
- Primary Attorney: [Name, Phone, Email]
- Backup Attorney: [Name, Phone, Email]
- Legal Aid Organization: [Name, Phone, Email]
- Bail Fund Contact: [Name, Phone, Email]
2. Medical Support:
- Primary Care Physician: [Name, Phone, Email]
- Emergency Medical Contact: [Name, Phone, Email]
- Medical Insurance Information: [Policy, Group, Phone]
- Medical Conditions and Medications: [Details]
3. Personal Support:
- Emergency Contact 1: [Name, Relationship, Phone, Email]
- Emergency Contact 2: [Name, Relationship, Phone, Email]
- Family Care Coordinator: [Name, Phone, Email]
- Employer/School Contact: [Name, Phone, Email]
4. Financial Support:
- Bank and Account Information: [Bank, Account, Phone]
- Financial Power of Attorney: [Name, Phone, Email]
- Insurance Contacts: [Company, Policy, Phone]
- Financial Emergency Fund: [Contact, Phone, Email]
</code></pre></div></div>
<h4 id="operational-emergency-contacts">Operational Emergency Contacts</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Operational Emergency Contact Information:
1. Network Leadership:
- Primary Coordinator: [Secure Contact Information]
- Backup Coordinator: [Secure Contact Information]
- Security Coordinator: [Secure Contact Information]
- Communications Coordinator: [Secure Contact Information]
2. External Support:
- Legal Observer Coordinator: [Contact Information]
- Jail Support Coordinator: [Contact Information]
- Media Relations Contact: [Contact Information]
- Community Support Coordinator: [Contact Information]
3. Technical Support:
- IT Security Specialist: [Secure Contact Information]
- Communication System Administrator: [Secure Contact Information]
- Equipment Specialist: [Secure Contact Information]
- Technical Emergency Support: [Secure Contact Information]
4. Specialized Support:
- Medical Coordinator: [Contact Information]
- Transportation Coordinator: [Contact Information]
- Safe House Coordinator: [Secure Contact Information]
- Resource Coordinator: [Secure Contact Information]
</code></pre></div></div>
<h3 id="emergency-communication-procedures">Emergency Communication Procedures</h3>
<h4 id="secure-emergency-communication">Secure Emergency Communication</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Emergency Communication Protocol:
1. Primary Communication:
- Use pre-arranged secure communication channels
- Implement emergency authentication procedures
- Use coded language and operational security
- Maintain communication logs and records
2. Backup Communication:
- Activate backup communication systems
- Use alternative communication methods
- Coordinate with external communication support
- Implement emergency signal and notification systems
3. Public Communication:
- Coordinate with media relations team
- Implement public communication strategy
- Coordinate with legal and public relations support
- Maintain operational security during public communication
4. External Coordination:
- Coordinate with legal support organizations
- Coordinate with community support networks
- Coordinate with emergency services when appropriate
- Maintain security and operational considerations
</code></pre></div></div>
<hr />
<div class="warning-box">
<div class="warning-title">Emergency Preparedness Critical</div>
<p>Emergency preparedness is essential for resistance operations. Regular training, drills, and updates to emergency procedures ensure effective response during actual crises. All personnel should be familiar with emergency procedures and contact information.</p>
</div>
<div class="success-box">
<div class="success-title">Crisis Response Benefits</div>
<p>Well-planned crisis response procedures minimize damage, protect personnel, and maintain operational security during emergencies. Regular practice and refinement of emergency procedures improves response effectiveness and reduces panic during actual crises.</p>
</div>
<nav class="section-nav">
<a href="/appendices/appendix-b/" class="nav-link">
<span class="arrow"></span>
<span>Appendix B: Legal Considerations</span>
</a>
<a href="/appendices/appendix-d/" class="nav-link">
<span>Appendix D: Glossary and References</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/appendices/appendix-d/index.html
+1057
View File
File diff suppressed because it is too large Load Diff
_site/assets/css/main.css
+411
View File
@@ -0,0 +1,411 @@
* {
box-sizing: border-box;
margin: 0;
padding: 0;
}
html {
font-size: 16px;
scroll-behavior: smooth;
}
body {
font-family: "Courier New", "Monaco", "Menlo", monospace;
font-size: 16px;
line-height: 1.6;
color: #ffffff;
background-color: #000000;
min-height: 100vh;
}
h1, h2, h3, h4, h5, h6 {
font-family: "Arial", "Helvetica", sans-serif;
font-weight: bold;
margin-bottom: 1rem;
line-height: 1.2;
}
h1 {
font-size: 2.5rem;
color: #00ff00;
text-align: center;
margin-bottom: 2rem;
text-transform: uppercase;
letter-spacing: 2px;
}
h2 {
font-size: 2rem;
color: #0066ff;
border-bottom: 2px solid #0066ff;
padding-bottom: 0.5rem;
margin-top: 2rem;
margin-bottom: 1.5rem;
}
h3 {
font-size: 1.5rem;
color: #00ff00;
margin-top: 1.5rem;
margin-bottom: 1rem;
}
h4 {
font-size: 1.25rem;
color: #ffffff;
margin-top: 1rem;
margin-bottom: 0.75rem;
}
p {
margin-bottom: 1rem;
}
a {
color: #0066ff;
text-decoration: none;
transition: color 0.3s ease;
}
a:hover {
color: #00ff00;
text-decoration: underline;
}
a:visited {
color: #66a3ff;
}
ul, ol {
margin-bottom: 1rem;
padding-left: 2rem;
}
ul li, ol li {
margin-bottom: 0.5rem;
}
code {
background-color: #1a1a1a;
color: #00ff00;
padding: 0.2rem 0.4rem;
border-radius: 3px;
font-family: "Courier New", "Monaco", "Menlo", monospace;
font-size: 0.9rem;
}
pre {
background-color: #1a1a1a;
color: #ffffff;
padding: 1rem;
border-radius: 5px;
overflow-x: auto;
margin-bottom: 1rem;
border-left: 4px solid #00ff00;
}
pre code {
background: none;
padding: 0;
color: inherit;
}
table {
width: 100%;
border-collapse: collapse;
margin-bottom: 1rem;
background-color: #1a1a1a;
}
table th, table td {
padding: 0.75rem;
text-align: left;
border-bottom: 1px solid #333333;
}
table th {
background-color: #333333;
color: #00ff00;
font-weight: bold;
}
table tr:hover {
background-color: #272727;
}
.container {
max-width: 1200px;
margin: 0 auto;
padding: 0 1rem;
}
.header {
background-color: #000000;
border-bottom: 2px solid #00ff00;
padding: 1rem 0;
position: sticky;
top: 0;
z-index: 100;
}
.header .header-content {
display: flex;
justify-content: space-between;
align-items: center;
}
.header .logo {
display: flex;
align-items: center;
font-size: 1.5rem;
font-weight: bold;
color: #00ff00;
}
.header .logo .omega {
font-size: 2rem;
margin-right: 0.5rem;
}
.header .nav-toggle {
display: none;
background: none;
border: none;
color: #ffffff;
font-size: 1.5rem;
cursor: pointer;
}
.main-layout {
display: flex;
min-height: calc(100vh - 80px);
}
.sidebar {
width: 300px;
background-color: #0d0d0d;
border-right: 1px solid #333333;
padding: 2rem 1rem;
overflow-y: auto;
position: sticky;
top: 80px;
height: calc(100vh - 80px);
}
.sidebar .nav-section {
margin-bottom: 2rem;
}
.sidebar .nav-section h3 {
color: #00ff00;
font-size: 1rem;
margin-bottom: 0.5rem;
text-transform: uppercase;
letter-spacing: 1px;
}
.sidebar .nav-section ul {
list-style: none;
padding: 0;
}
.sidebar .nav-section ul li {
margin-bottom: 0.25rem;
}
.sidebar .nav-section ul li a {
display: block;
padding: 0.5rem;
border-radius: 3px;
transition: background-color 0.3s ease;
}
.sidebar .nav-section ul li a:hover {
background-color: #333333;
text-decoration: none;
}
.sidebar .nav-section ul li a.active {
background-color: #0066ff;
color: #000000;
}
.sidebar .nav-section ul li ul {
margin-left: 1rem;
margin-top: 0.5rem;
}
.sidebar .nav-section ul li ul a {
font-size: 0.9rem;
color: white;
}
.content {
flex: 1;
padding: 2rem;
max-width: calc(100% - 300px);
}
.content .content-header {
margin-bottom: 2rem;
padding-bottom: 1rem;
border-bottom: 1px solid #333333;
}
.content .content-header .manual-designation {
color: #00ff00;
font-size: 0.9rem;
text-transform: uppercase;
letter-spacing: 1px;
margin-bottom: 0.5rem;
}
.content .content-header .classification {
color: #ffaa00;
font-size: 0.8rem;
text-transform: uppercase;
font-weight: bold;
}
.content .section-nav {
display: flex;
justify-content: space-between;
margin-top: 3rem;
padding-top: 2rem;
border-top: 1px solid #333333;
}
.content .section-nav .nav-link {
display: flex;
align-items: center;
padding: 0.75rem 1.5rem;
background-color: #1a1a1a;
border: 1px solid #333333;
border-radius: 5px;
transition: all 0.3s ease;
}
.content .section-nav .nav-link:hover {
background-color: #0066ff;
color: #000000;
text-decoration: none;
}
.content .section-nav .nav-link .arrow {
font-size: 1.2rem;
margin: 0 0.5rem;
}
.warning-box {
background-color: rgba(255, 170, 0, 0.1);
border-left: 4px solid #ffaa00;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
}
.warning-box .warning-title {
color: #ffaa00;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.info-box {
background-color: rgba(0, 102, 255, 0.1);
border-left: 4px solid #0066ff;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
}
.info-box .info-title {
color: #0066ff;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.success-box {
background-color: rgba(0, 255, 0, 0.1);
border-left: 4px solid #00ff00;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
}
.success-box .success-title {
color: #00ff00;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.do-dont-list {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 1rem;
margin: 1rem 0;
}
.do-dont-list .do-list, .do-dont-list .dont-list {
padding: 1rem;
border-radius: 5px;
}
.do-dont-list .do-list h4, .do-dont-list .dont-list h4 {
margin-bottom: 0.5rem;
text-transform: uppercase;
}
.do-dont-list .do-list ul, .do-dont-list .dont-list ul {
margin: 0;
padding-left: 1.5rem;
}
.do-dont-list .do-list {
background-color: rgba(0, 255, 0, 0.1);
border: 1px solid #00ff00;
}
.do-dont-list .do-list h4 {
color: #00ff00;
}
.do-dont-list .dont-list {
background-color: rgba(255, 0, 0, 0.1);
border: 1px solid #ff0000;
}
.do-dont-list .dont-list h4 {
color: #ff0000;
}
.footer {
background-color: #333333;
padding: 2rem 0;
margin-top: 4rem;
text-align: center;
border-top: 2px solid #00ff00;
}
.footer .footer-content {
color: white;
font-size: 0.9rem;
}
.footer .footer-content .organization {
color: #00ff00;
font-weight: bold;
}
@media (max-width: 768px) {
.header .nav-toggle {
display: block;
}
.main-layout {
flex-direction: column;
}
.sidebar {
width: 100%;
position: static;
height: auto;
display: none;
}
.sidebar.active {
display: block;
}
.content {
max-width: 100%;
padding: 1rem;
}
.do-dont-list {
grid-template-columns: 1fr;
}
h1 {
font-size: 2rem;
}
h2 {
font-size: 1.5rem;
}
}
@media print {
body {
background: white;
color: black;
}
.header, .sidebar, .footer, .section-nav {
display: none;
}
.content {
max-width: 100%;
padding: 0;
}
a {
color: black;
text-decoration: underline;
}
}
/*# sourceMappingURL=main.css.map */
_site/assets/css/main.css.map
+1
View File
File diff suppressed because one or more lines are too long
_site/assets/images/omegablk.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

_site/assets/js/main.js
+166
View File
@@ -0,0 +1,166 @@
// Field Guide for Subversives - Main JavaScript
document.addEventListener('DOMContentLoaded', function() {
// Mobile navigation toggle
const navToggle = document.getElementById('nav-toggle');
const sidebar = document.getElementById('sidebar');
if (navToggle && sidebar) {
navToggle.addEventListener('click', function() {
sidebar.classList.toggle('active');
});
}
// Smooth scrolling for anchor links
const anchorLinks = document.querySelectorAll('a[href^="#"]');
anchorLinks.forEach(link => {
link.addEventListener('click', function(e) {
e.preventDefault();
const target = document.querySelector(this.getAttribute('href'));
if (target) {
target.scrollIntoView({
behavior: 'smooth',
block: 'start'
});
}
});
});
// Add security warning for external links
const externalLinks = document.querySelectorAll('a[href^="http"]:not([href*="' + window.location.hostname + '"])');
externalLinks.forEach(link => {
link.addEventListener('click', function(e) {
if (!confirm('You are about to visit an external site. Ensure you are using secure browsing practices. Continue?')) {
e.preventDefault();
}
});
// Add visual indicator for external links
link.setAttribute('title', 'External link - opens in new tab');
link.setAttribute('target', '_blank');
link.setAttribute('rel', 'noopener noreferrer');
});
// Keyboard navigation
document.addEventListener('keydown', function(e) {
// Alt + Left Arrow: Previous page
if (e.altKey && e.key === 'ArrowLeft') {
const prevLink = document.querySelector('.section-nav .nav-link:first-child');
if (prevLink && prevLink.href) {
window.location.href = prevLink.href;
}
}
// Alt + Right Arrow: Next page
if (e.altKey && e.key === 'ArrowRight') {
const nextLink = document.querySelector('.section-nav .nav-link:last-child');
if (nextLink && nextLink.href) {
window.location.href = nextLink.href;
}
}
// Escape: Close mobile menu
if (e.key === 'Escape' && sidebar && sidebar.classList.contains('active')) {
sidebar.classList.remove('active');
}
});
// Print functionality
function addPrintButton() {
const contentHeader = document.querySelector('.content-header');
if (contentHeader) {
const printButton = document.createElement('button');
printButton.textContent = 'Print Section';
printButton.className = 'print-button';
printButton.style.cssText = `
background: #333;
color: #00ff00;
border: 1px solid #00ff00;
padding: 0.5rem 1rem;
border-radius: 3px;
cursor: pointer;
font-family: inherit;
margin-top: 1rem;
`;
printButton.addEventListener('click', function() {
window.print();
});
contentHeader.appendChild(printButton);
}
}
addPrintButton();
// Security reminder
function showSecurityReminder() {
const reminder = document.createElement('div');
reminder.style.cssText = `
position: fixed;
bottom: 20px;
right: 20px;
background: rgba(255, 170, 0, 0.9);
color: #000;
padding: 1rem;
border-radius: 5px;
max-width: 300px;
font-size: 0.9rem;
z-index: 1000;
display: none;
`;
reminder.innerHTML = `
<strong>Security Reminder:</strong> Ensure you're using Tails OS or a secure browser when accessing this guide.
<button onclick="this.parentElement.style.display='none'" style="float: right; background: none; border: none; font-size: 1.2rem; cursor: pointer;">×</button>
`;
document.body.appendChild(reminder);
// Show reminder after 30 seconds
setTimeout(() => {
reminder.style.display = 'block';
}, 30000);
// Auto-hide after 10 seconds
setTimeout(() => {
reminder.style.display = 'none';
}, 40000);
}
// Only show security reminder on first visit
if (!localStorage.getItem('security_reminder_shown')) {
showSecurityReminder();
localStorage.setItem('security_reminder_shown', 'true');
}
// Add copy-to-clipboard functionality for code blocks
const codeBlocks = document.querySelectorAll('pre code');
codeBlocks.forEach(block => {
const button = document.createElement('button');
button.textContent = 'Copy';
button.className = 'copy-button';
button.style.cssText = `
position: absolute;
top: 0.5rem;
right: 0.5rem;
background: #333;
color: #00ff00;
border: 1px solid #00ff00;
padding: 0.25rem 0.5rem;
border-radius: 3px;
cursor: pointer;
font-size: 0.8rem;
`;
const pre = block.parentElement;
pre.style.position = 'relative';
pre.appendChild(button);
button.addEventListener('click', function() {
navigator.clipboard.writeText(block.textContent).then(() => {
button.textContent = 'Copied!';
setTimeout(() => {
button.textContent = 'Copy';
}, 2000);
});
});
});
});
_site/chapters/chapter-1/index.html
+776
View File
@@ -0,0 +1,776 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Chapter 1: Core Security Principles - Field Manual for Resistance Operations</title>
<meta name="description" content="The five fundamental principles that must guide all resistance security decisions">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" class="active">Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
<div class="section-number">Section 1-1 to 1-5</div>
</div>
<h1 id="chapter-1-core-security-principles">Chapter 1: Core Security Principles</h1>
<h2 id="chapter-overview">Chapter Overview</h2>
<p>This chapter establishes the five fundamental principles that must guide all resistance security decisions. These principles, derived from decades of resistance experience and modern security research, provide the conceptual framework for evaluating threats, designing countermeasures, and making operational decisions under pressure.</p>
<p><strong>Sections in this chapter:</strong></p>
<ul>
<li>1-1: Principle of Least Privilege</li>
<li>1-2: Need-to-Know Basis</li>
<li>1-3: Compartmentalization and Cell Structure</li>
<li>1-4: Zero Trust Verification</li>
<li>1-5: Metadata Minimization</li>
</ul>
<hr />
<h2 id="section-1-1-principle-of-least-privilege">Section 1-1: Principle of Least Privilege</h2>
<h3 id="definition">Definition</h3>
<p>The Principle of Least Privilege states that every person, process, and system should have access only to the minimum resources necessary to perform their legitimate function. In resistance operations, this means limiting access to information, tools, and capabilities to the smallest set required for operational effectiveness.</p>
<h3 id="application-in-resistance-operations">Application in Resistance Operations</h3>
<h4 id="information-access">Information Access</h4>
<ul>
<li><strong>Operational details</strong> are shared only with those who need them for their specific role</li>
<li><strong>Contact information</strong> is limited to direct operational relationships</li>
<li><strong>Strategic plans</strong> are known only to leadership and those implementing specific components</li>
<li><strong>Technical details</strong> are restricted to those responsible for implementation and maintenance</li>
</ul>
<h4 id="system-access">System Access</h4>
<ul>
<li><strong>Communication platforms</strong> grant access only to relevant channels and groups</li>
<li><strong>File repositories</strong> provide access only to documents needed for specific roles</li>
<li><strong>Administrative privileges</strong> are limited to the minimum number of trusted individuals</li>
<li><strong>Backup systems</strong> are accessible only to designated recovery personnel</li>
</ul>
<h4 id="physical-access">Physical Access</h4>
<ul>
<li><strong>Meeting locations</strong> are known only to attendees and necessary support personnel</li>
<li><strong>Safe houses</strong> are accessed only by those with operational need</li>
<li><strong>Equipment storage</strong> is limited to those responsible for specific tools or supplies</li>
<li><strong>Document storage</strong> is restricted to those who create, maintain, or use specific materials</li>
</ul>
<h3 id="implementation-guidelines">Implementation Guidelines</h3>
<div class="do-dont-list">
<div class="do-list">
<h4>DO</h4>
<ul>
<li>Regularly review and audit access permissions</li>
<li>Remove access immediately when roles change</li>
<li>Document access decisions and their justifications</li>
<li>Use role-based access control when possible</li>
<li>Implement time-limited access for temporary needs</li>
</ul>
</div>
<div class="dont-list">
<h4>DON'T</h4>
<ul>
<li>Grant access "just in case" it might be needed</li>
<li>Share credentials or allow access sharing</li>
<li>Assume that trust equals need for access</li>
<li>Delay removing access when it's no longer needed</li>
<li>Grant broad access to avoid managing specific permissions</li>
</ul>
</div>
</div>
<h3 id="common-violations-and-consequences">Common Violations and Consequences</h3>
<p><strong>Violation:</strong> Sharing operational plans with all cell members regardless of their role
<strong>Consequence:</strong> Compromise of one member leads to exposure of entire operation</p>
<p><strong>Violation:</strong> Using shared accounts for multiple purposes
<strong>Consequence:</strong> Inability to track access or revoke permissions for specific individuals</p>
<p><strong>Violation:</strong> Granting administrative access to avoid permission requests
<strong>Consequence:</strong> Accidental or malicious damage to critical systems</p>
<hr />
<h2 id="section-1-2-need-to-know-basis">Section 1-2: Need-to-Know Basis</h2>
<h3 id="definition-1">Definition</h3>
<p>Need-to-Know is an information security principle that restricts access to sensitive information to only those individuals who require it to perform their duties. Unlike Least Privilege, which focuses on access controls, Need-to-Know addresses the content and scope of information sharing.</p>
<h3 id="information-classification">Information Classification</h3>
<h4 id="operational-classifications">Operational Classifications</h4>
<p><strong>CRITICAL</strong> - Information whose compromise would cause immediate operational failure</p>
<ul>
<li>Real names and personal details of participants</li>
<li>Specific operational plans and timelines</li>
<li>Location and access details for safe houses</li>
<li>Technical vulnerabilities and exploitation methods</li>
</ul>
<p><strong>SENSITIVE</strong> - Information whose compromise would significantly impact operations</p>
<ul>
<li>Communication protocols and procedures</li>
<li>General operational capabilities and resources</li>
<li>Training materials and educational content</li>
<li>Historical operational data and lessons learned</li>
</ul>
<p><strong>RESTRICTED</strong> - Information whose compromise would cause limited damage</p>
<ul>
<li>General security guidelines and best practices</li>
<li>Public-facing materials and propaganda</li>
<li>Non-sensitive logistical information</li>
<li>Educational resources available from public sources</li>
</ul>
<p><strong>UNCLASSIFIED</strong> - Information that can be shared without operational impact</p>
<ul>
<li>Publicly available tools and software</li>
<li>General security awareness materials</li>
<li>Historical information about resistance movements</li>
<li>Legal and political analysis available from public sources</li>
</ul>
<h3 id="information-sharing-protocols">Information Sharing Protocols</h3>
<h4 id="vertical-information-flow">Vertical Information Flow</h4>
<ul>
<li><strong>Upward reporting</strong> includes only information necessary for decision-making</li>
<li><strong>Downward direction</strong> provides only information necessary for task execution</li>
<li><strong>Status updates</strong> focus on operational requirements rather than comprehensive briefings</li>
<li><strong>Emergency communications</strong> may temporarily bypass normal restrictions</li>
</ul>
<h4 id="horizontal-information-flow">Horizontal Information Flow</h4>
<ul>
<li><strong>Peer coordination</strong> shares only information necessary for joint operations</li>
<li><strong>Cross-cell communication</strong> is limited to specific operational requirements</li>
<li><strong>Resource sharing</strong> includes only information necessary for effective utilization</li>
<li><strong>Mutual support</strong> provides assistance without unnecessary information disclosure</li>
</ul>
<h3 id="implementation-in-practice">Implementation in Practice</h3>
<h4 id="meeting-protocols">Meeting Protocols</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Before sharing information in any meeting:
1. Identify who needs this specific information
2. Determine the minimum detail level required
3. Consider whether the information can be compartmentalized
4. Verify that all attendees have operational need for the information
5. Document what was shared and with whom
</code></pre></div></div>
<h4 id="communication-guidelines">Communication Guidelines</h4>
<ul>
<li>Use <strong>coded language</strong> for sensitive topics even in secure channels</li>
<li><strong>Separate conversations</strong> by topic and participant need</li>
<li><strong>Time-limit</strong> access to sensitive information when possible</li>
<li><strong>Verify recipient identity</strong> before sharing sensitive information</li>
</ul>
<div class="warning-box">
<div class="warning-title">Information Discipline</div>
<p>The natural human tendency is to share information to build trust and demonstrate competence. In resistance operations, this tendency must be consciously overcome. Information discipline requires constant vigilance and may feel antisocial, but it is essential for operational security.</p>
</div>
<hr />
<h2 id="section-1-3-compartmentalization-and-cell-structure">Section 1-3: Compartmentalization and Cell Structure</h2>
<h3 id="definition-2">Definition</h3>
<p>Compartmentalization is the practice of isolating information, people, and operations into discrete units (cells) that can function independently and have limited knowledge of other units. This structure prevents the compromise of one element from cascading through the entire organization.</p>
<h3 id="cell-structure-design">Cell Structure Design</h3>
<h4 id="basic-cell-characteristics">Basic Cell Characteristics</h4>
<ul>
<li><strong>Size limitation</strong>: 3-7 members for optimal security and effectiveness</li>
<li><strong>Functional focus</strong>: Each cell has a specific operational purpose</li>
<li><strong>Limited connectivity</strong>: Minimal connections to other cells</li>
<li><strong>Independent capability</strong>: Can operate without external support for extended periods</li>
<li><strong>Redundant skills</strong>: Multiple members can perform critical functions</li>
</ul>
<h4 id="cell-types">Cell Types</h4>
<p><strong>Operational Cells</strong></p>
<ul>
<li>Execute specific resistance activities</li>
<li>Have detailed knowledge of their operations only</li>
<li>Receive direction through secure channels</li>
<li>Report results through established protocols</li>
</ul>
<p><strong>Support Cells</strong></p>
<ul>
<li>Provide specialized services (technical, logistical, financial)</li>
<li>Have broad knowledge of capabilities but limited operational details</li>
<li>Serve multiple operational cells without knowing their specific activities</li>
<li>Maintain strict separation between different support functions</li>
</ul>
<p><strong>Communication Cells</strong></p>
<ul>
<li>Facilitate secure communication between other cells</li>
<li>Know communication protocols but not operational content</li>
<li>Provide technical infrastructure and training</li>
<li>Maintain multiple redundant communication channels</li>
</ul>
<p><strong>Leadership Cells</strong></p>
<ul>
<li>Coordinate strategic direction and resource allocation</li>
<li>Have broad operational awareness but limited tactical details</li>
<li>Make decisions based on summarized reports rather than raw intelligence</li>
<li>Maintain multiple independent communication channels</li>
</ul>
<h3 id="inter-cell-communication">Inter-Cell Communication</h3>
<h4 id="communication-protocols">Communication Protocols</h4>
<ul>
<li><strong>Scheduled contacts</strong> at predetermined intervals</li>
<li><strong>Emergency procedures</strong> for urgent communication needs</li>
<li><strong>Authentication methods</strong> to verify identity and message integrity</li>
<li><strong>Fallback procedures</strong> when primary communication channels fail</li>
</ul>
<h4 id="information-flow-management">Information Flow Management</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Standard Communication Flow:
Operational Cell → Support Cell → Leadership Cell
Emergency Communication Flow:
Any Cell → Emergency Contact → Leadership Cell
Cross-Cell Coordination:
Cell A → Leadership Cell → Cell B
(Direct cell-to-cell communication only for specific authorized operations)
</code></pre></div></div>
<h4 id="security-measures">Security Measures</h4>
<ul>
<li><strong>Unique communication methods</strong> for each cell relationship</li>
<li><strong>Time-delayed communication</strong> to prevent real-time tracking</li>
<li><strong>Multiple authentication factors</strong> for sensitive communications</li>
<li><strong>Regular communication schedule changes</strong> to prevent pattern analysis</li>
</ul>
<h3 id="compromise-response">Compromise Response</h3>
<h4 id="isolation-procedures">Isolation Procedures</h4>
<p>When a cell is compromised:</p>
<ol>
<li><strong>Immediate isolation</strong> - Cut all communication with compromised cell</li>
<li><strong>Damage assessment</strong> - Determine what information was exposed</li>
<li><strong>Notification protocol</strong> - Alert affected cells through secure channels</li>
<li><strong>Operational adjustment</strong> - Modify plans based on exposed information</li>
<li><strong>Recovery planning</strong> - Develop procedures for reconstituting capabilities</li>
</ol>
<h4 id="continuity-planning">Continuity Planning</h4>
<ul>
<li><strong>Redundant capabilities</strong> across multiple cells</li>
<li><strong>Succession planning</strong> for key roles and functions</li>
<li><strong>Resource distribution</strong> to prevent single points of failure</li>
<li><strong>Alternative communication channels</strong> for emergency coordination</li>
</ul>
<div class="info-box">
<div class="info-title">Cell Discipline</div>
<p>Effective compartmentalization requires strict discipline from all participants. The temptation to share information across cell boundaries for efficiency or social reasons must be resisted. Remember: the inconvenience of compartmentalization is far less than the consequences of cascade compromise.</p>
</div>
<hr />
<h2 id="section-1-4-zero-trust-verification">Section 1-4: Zero Trust Verification</h2>
<h3 id="definition-3">Definition</h3>
<p>Zero Trust is a security model that assumes no user, device, or communication can be trusted by default, even if they are inside the organizations network or have been previously verified. Every access request must be authenticated, authorized, and continuously validated.</p>
<h3 id="core-zero-trust-principles">Core Zero Trust Principles</h3>
<h4 id="never-trust-always-verify">Never Trust, Always Verify</h4>
<ul>
<li><strong>Identity verification</strong> required for every access request</li>
<li><strong>Device authentication</strong> before allowing network access</li>
<li><strong>Continuous monitoring</strong> of user and system behavior</li>
<li><strong>Regular re-authentication</strong> for ongoing access</li>
</ul>
<h4 id="assume-breach">Assume Breach</h4>
<ul>
<li><strong>Design systems</strong> to function even when partially compromised</li>
<li><strong>Limit blast radius</strong> of any potential compromise</li>
<li><strong>Monitor for indicators</strong> of compromise continuously</li>
<li><strong>Plan response procedures</strong> for various compromise scenarios</li>
</ul>
<h4 id="verify-explicitly">Verify Explicitly</h4>
<ul>
<li><strong>Multi-factor authentication</strong> for all sensitive access</li>
<li><strong>Behavioral analysis</strong> to detect anomalous activity</li>
<li><strong>Contextual verification</strong> based on location, time, and access patterns</li>
<li><strong>Cryptographic verification</strong> of message and file integrity</li>
</ul>
<h3 id="implementation-in-resistance-operations">Implementation in Resistance Operations</h3>
<h4 id="identity-verification">Identity Verification</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Standard Verification Process:
1. Something you know (password, passphrase, coded response)
2. Something you have (device, token, physical key)
3. Something you are (biometric, behavioral pattern)
4. Somewhere you are (location verification, network analysis)
5. Someone you know (trusted introducer, mutual contact)
</code></pre></div></div>
<h4 id="communication-verification">Communication Verification</h4>
<ul>
<li><strong>Message authentication codes</strong> to verify sender identity</li>
<li><strong>Forward secrecy</strong> to limit damage from key compromise</li>
<li><strong>Out-of-band verification</strong> for critical communications</li>
<li><strong>Regular key rotation</strong> to limit exposure windows</li>
</ul>
<h4 id="device-trust">Device Trust</h4>
<ul>
<li><strong>Device registration</strong> and authentication before network access</li>
<li><strong>Regular security updates</strong> and vulnerability patching</li>
<li><strong>Behavioral monitoring</strong> for signs of compromise</li>
<li><strong>Remote wipe capabilities</strong> for lost or stolen devices</li>
</ul>
<h4 id="network-segmentation">Network Segmentation</h4>
<ul>
<li><strong>Micro-segmentation</strong> to limit lateral movement</li>
<li><strong>Encrypted communications</strong> for all network traffic</li>
<li><strong>Access logging</strong> and monitoring for all network activity</li>
<li><strong>Regular network topology changes</strong> to prevent mapping</li>
</ul>
<h3 id="continuous-verification">Continuous Verification</h3>
<h4 id="behavioral-monitoring">Behavioral Monitoring</h4>
<ul>
<li><strong>Baseline establishment</strong> for normal user behavior</li>
<li><strong>Anomaly detection</strong> for unusual access patterns</li>
<li><strong>Risk scoring</strong> based on multiple behavioral factors</li>
<li><strong>Adaptive authentication</strong> based on risk assessment</li>
</ul>
<h4 id="regular-re-authentication">Regular Re-authentication</h4>
<ul>
<li><strong>Time-based re-authentication</strong> for ongoing access</li>
<li><strong>Activity-based verification</strong> for sensitive operations</li>
<li><strong>Location-based challenges</strong> for access from new locations</li>
<li><strong>Privilege escalation verification</strong> for administrative functions</li>
</ul>
<div class="warning-box">
<div class="warning-title">Paranoia vs. Security</div>
<p>Zero Trust may seem paranoid, but it reflects the reality of operating in a hostile environment where compromise is not a matter of if, but when. The goal is not to prevent all compromise, but to limit its impact and maintain operational capability even under adverse conditions.</p>
</div>
<hr />
<h2 id="section-1-5-metadata-minimization">Section 1-5: Metadata Minimization</h2>
<h3 id="definition-4">Definition</h3>
<p>Metadata is “data about data” - information that describes the characteristics of communications and activities without revealing their content. In resistance operations, metadata analysis can reveal operational patterns, network structures, and behavioral indicators even when all content is encrypted.</p>
<h3 id="types-of-metadata">Types of Metadata</h3>
<h4 id="communication-metadata">Communication Metadata</h4>
<ul>
<li><strong>Sender and recipient</strong> identities and addresses</li>
<li><strong>Timestamps</strong> of message creation, transmission, and receipt</li>
<li><strong>Message size</strong> and format information</li>
<li><strong>Routing information</strong> including intermediate servers and networks</li>
<li><strong>Device information</strong> including hardware and software details</li>
</ul>
<h4 id="location-metadata">Location Metadata</h4>
<ul>
<li><strong>GPS coordinates</strong> from mobile devices and applications</li>
<li><strong>Network location</strong> data from Wi-Fi and cellular connections</li>
<li><strong>Movement patterns</strong> derived from sequential location data</li>
<li><strong>Association patterns</strong> based on co-location with other devices</li>
</ul>
<h4 id="behavioral-metadata">Behavioral Metadata</h4>
<ul>
<li><strong>Usage patterns</strong> including timing and frequency of activities</li>
<li><strong>Application usage</strong> and feature utilization patterns</li>
<li><strong>Network traffic patterns</strong> including volume and timing</li>
<li><strong>Device interaction patterns</strong> including typing and usage behaviors</li>
</ul>
<h4 id="financial-metadata">Financial Metadata</h4>
<ul>
<li><strong>Transaction timing</strong> and frequency patterns</li>
<li><strong>Payment methods</strong> and account relationships</li>
<li><strong>Geographic patterns</strong> of financial activity</li>
<li><strong>Association patterns</strong> with other financial accounts</li>
</ul>
<h3 id="metadata-analysis-capabilities">Metadata Analysis Capabilities</h3>
<h4 id="pattern-recognition">Pattern Recognition</h4>
<p>Modern data analysis can identify:</p>
<ul>
<li><strong>Communication networks</strong> and hierarchical structures</li>
<li><strong>Operational cycles</strong> and planning timelines</li>
<li><strong>Geographic patterns</strong> and safe house locations</li>
<li><strong>Behavioral signatures</strong> unique to specific individuals</li>
</ul>
<h4 id="predictive-analysis">Predictive Analysis</h4>
<p>Metadata can be used to:</p>
<ul>
<li><strong>Predict future activities</strong> based on historical patterns</li>
<li><strong>Identify key individuals</strong> based on network centrality</li>
<li><strong>Detect operational planning</strong> through communication pattern changes</li>
<li><strong>Locate physical meetings</strong> through device co-location analysis</li>
</ul>
<h3 id="minimization-strategies">Minimization Strategies</h3>
<h4 id="communication-minimization">Communication Minimization</h4>
<div class="do-dont-list">
<div class="do-list">
<h4>DO</h4>
<ul>
<li>Use different communication methods for different purposes</li>
<li>Vary timing and frequency of communications</li>
<li>Use intermediary systems to break direct connections</li>
<li>Employ time-delayed communication when possible</li>
<li>Use broadcast methods for one-to-many communication</li>
</ul>
</div>
<div class="dont-list">
<h4>DON'T</h4>
<ul>
<li>Use the same communication channel for all purposes</li>
<li>Maintain regular communication schedules</li>
<li>Allow direct communication between all network members</li>
<li>Use personal devices for resistance communications</li>
<li>Ignore the metadata implications of communication choices</li>
</ul>
</div>
</div>
<h4 id="location-minimization">Location Minimization</h4>
<ul>
<li><strong>Disable location services</strong> on all devices used for resistance activities</li>
<li><strong>Use public Wi-Fi</strong> from locations unconnected to your identity</li>
<li><strong>Vary locations</strong> for different types of activities</li>
<li><strong>Avoid patterns</strong> in movement and location choices</li>
<li><strong>Use transportation methods</strong> that dont create digital records</li>
</ul>
<h4 id="temporal-minimization">Temporal Minimization</h4>
<ul>
<li><strong>Randomize timing</strong> of communications and activities</li>
<li><strong>Use time delays</strong> to break real-time correlation</li>
<li><strong>Avoid regular schedules</strong> that create predictable patterns</li>
<li><strong>Coordinate timing</strong> to create false patterns when beneficial</li>
<li><strong>Use automated systems</strong> to decouple activity timing from human schedules</li>
</ul>
<h4 id="technical-minimization">Technical Minimization</h4>
<div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code>Technical Metadata Reduction:
1. Use Tor or similar anonymization networks
2. Employ VPNs with no-logging policies
3. Use disposable email addresses and accounts
4. Regularly change device identifiers when possible
5. Use different devices for different operational purposes
</code></pre></div></div>
<h3 id="metadata-aware-operational-planning">Metadata-Aware Operational Planning</h3>
<h4 id="communication-planning">Communication Planning</h4>
<ul>
<li><strong>Map metadata exposure</strong> for all planned communications</li>
<li><strong>Design communication flows</strong> to minimize revealing patterns</li>
<li><strong>Plan for metadata analysis</strong> by adversaries</li>
<li><strong>Develop cover stories</strong> for unavoidable metadata patterns</li>
</ul>
<h4 id="activity-planning">Activity Planning</h4>
<ul>
<li><strong>Consider metadata implications</strong> of all operational activities</li>
<li><strong>Design operations</strong> to create misleading metadata when possible</li>
<li><strong>Plan timing</strong> to minimize correlation opportunities</li>
<li><strong>Coordinate activities</strong> to distribute metadata across multiple participants</li>
</ul>
<div class="success-box">
<div class="success-title">Metadata Discipline</div>
<p>Effective metadata minimization requires thinking about the digital traces of every action before taking it. This becomes second nature with practice, but initially requires conscious effort and planning. The investment in metadata discipline pays dividends in operational security and longevity.</p>
</div>
<hr />
<h2 id="chapter-summary">Chapter Summary</h2>
<p>The five core security principles covered in this chapter provide the foundation for all resistance security operations:</p>
<ol>
<li><strong>Least Privilege</strong> limits access to the minimum necessary for operational effectiveness</li>
<li><strong>Need-to-Know</strong> restricts information sharing to operational requirements</li>
<li><strong>Compartmentalization</strong> isolates operations to prevent cascade compromise</li>
<li><strong>Zero Trust</strong> assumes compromise and requires continuous verification</li>
<li><strong>Metadata Minimization</strong> reduces digital traces that reveal operational patterns</li>
</ol>
<p>These principles must be applied consistently across all aspects of resistance operations, from technical tool selection to operational planning to daily security practices. They are not merely guidelines but operational requirements for survival in a hostile environment.</p>
<h3 id="integration-and-balance">Integration and Balance</h3>
<p>While each principle is important individually, their real power comes from integrated application. Effective resistance security requires balancing these principles against operational requirements and human limitations. Perfect adherence to all principles simultaneously may be impossible, but conscious application of each principle to every security decision will dramatically improve operational security.</p>
<h3 id="next-steps">Next Steps</h3>
<p>Chapter 2 builds on these foundational principles by providing systematic approaches to threat assessment and operational environment analysis. Understanding these principles is essential preparation for the practical threat modeling exercises that follow.</p>
<hr />
<p><strong>Next:</strong> <a href="/chapters/chapter-2/">Chapter 2: Threat Assessment and Operational Environment →</a></p>
<nav class="section-nav">
<a href="/parts/part-1/" class="nav-link">
<span class="arrow"></span>
<span>Part I: Foundations</span>
</a>
<a href="/chapters/chapter-2/" class="nav-link">
<span>Chapter 2: Threat Assessment</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/chapters/chapter-10/index.html
+1768
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-2/index.html
+1031
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-3/index.html
+1303
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-4/index.html
+1747
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-5/index.html
+1503
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-6/index.html
+2271
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-7/index.html
+2191
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-8/index.html
+1192
View File
File diff suppressed because it is too large Load Diff
_site/chapters/chapter-9/index.html
+1648
View File
File diff suppressed because it is too large Load Diff
_site/feed.xml
+1
View File
@@ -0,0 +1 @@
<?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom" ><generator uri="https://jekyllrb.com/" version="4.4.1">Jekyll</generator><link href="https://guide.resist.is/feed.xml" rel="self" type="application/atom+xml" /><link href="https://guide.resist.is/" rel="alternate" type="text/html" /><updated>2025-09-29T21:27:52-04:00</updated><id>https://guide.resist.is/feed.xml</id><title type="html">Field Manual for Resistance Operations</title><subtitle>A comprehensive guide to secure communication and operational security for newcomers to resistance movements</subtitle></feed>
_site/index.html
+403
View File
@@ -0,0 +1,403 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Table of Contents - Field Manual for Resistance Operations</title>
<meta name="description" content="Field Manual for Resistance Operations - A comprehensive guide to secure communication and operational security for decentralized resistance movements">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" class="active">Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="field-manual-for-resistance-operations">Field Manual for Resistance Operations</h1>
<div class="manual-designation" style="text-align: center; margin-bottom: 2rem;">
<div style="font-size: 1.2rem; color: #00ff00;">FM-R1</div>
<div style="font-size: 1rem; color: #ffffff;">FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div style="font-size: 0.9rem; color: #0066ff; margin-top: 1rem;">Department of Internautics</div>
<div style="font-size: 0.9rem; color: #0066ff;">Bureau of Decentralized Resistance</div>
<div style="font-size: 0.8rem; color: #ffaa00; margin-top: 1rem;">UNCLASSIFIED</div>
<div style="font-size: 0.8rem; color: #ffffff;">Version 1.0 - 2025-08-28</div>
</div>
<hr />
<h2 id="table-of-contents">Table of Contents</h2>
<h3 id="front-matter">Front Matter</h3>
<ul>
<li><strong><a href="/preface/">Preface</a></strong> - Purpose, scope, and how to use this manual</li>
<li><strong><a href="/introduction/">Introduction</a></strong> - Threat landscape and security fundamentals</li>
</ul>
<h3 id="part-i-foundations-of-resistance-security">Part I: Foundations of Resistance Security</h3>
<ul>
<li><strong><a href="/parts/part-1/">Part I Overview</a></strong> - Core principles and threat assessment
<ul>
<li><strong><a href="/chapters/chapter-1/">Chapter 1: Core Security Principles</a></strong> (1-1 to 1-5)
<ul>
<li>1-1: Principle of Least Privilege</li>
<li>1-2: Need-to-Know Basis</li>
<li>1-3: Compartmentalization and Cell Structure</li>
<li>1-4: Zero Trust Verification</li>
<li>1-5: Metadata Minimization</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-2/">Chapter 2: Threat Assessment and Operational Environment</a></strong> (2-1 to 2-4)
<ul>
<li>2-1: Understanding Your Adversary</li>
<li>2-2: Threat Model Development</li>
<li>2-3: Risk Assessment Framework</li>
<li>2-4: Operational Security (OpSec) Fundamentals</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="part-ii-secure-communication-systems">Part II: Secure Communication Systems</h3>
<ul>
<li><strong><a href="/parts/part-2/">Part II Overview</a></strong> - Multi-layer communication architecture
<ul>
<li><strong><a href="/chapters/chapter-3/">Chapter 3: Communication Layer Architecture</a></strong> (3-1 to 3-6)
<ul>
<li>3-1: Multi-Layer Communication Strategy</li>
<li>3-2: High-Risk Real-Time Communication (Layer 1)</li>
<li>3-3: Secure Collaboration Systems (Layer 2)</li>
<li>3-4: Failsafe and Offline Methods (Layer 3)</li>
<li>3-5: Anonymous Broadcasting (Layer 4)</li>
<li>3-6: Communication Protocol Selection</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-4/">Chapter 4: Secure Messaging and Voice Communications</a></strong> (4-1 to 4-8)
<ul>
<li>4-1: Session Messenger Configuration</li>
<li>4-2: Element/Matrix Self-Hosted Setup</li>
<li>4-3: Briar Peer-to-Peer Messaging</li>
<li>4-4: Signal Security Best Practices</li>
<li>4-5: Voice Communication Security</li>
<li>4-6: Group Communication Management</li>
<li>4-7: Message Verification and Authentication</li>
<li>4-8: Communication Scheduling and Protocols</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-5/">Chapter 5: File Sharing and Collaboration</a></strong> (5-1 to 5-6)
<ul>
<li>5-1: CryptPad Secure Document Collaboration</li>
<li>5-2: OnionShare Anonymous File Transfer</li>
<li>5-3: Encrypted Cloud Storage (Mega/Proton)</li>
<li>5-4: Digital Dead Drops</li>
<li>5-5: Version Control for Sensitive Documents</li>
<li>5-6: Collaborative Security Protocols</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="part-iii-operational-security-procedures">Part III: Operational Security Procedures</h3>
<ul>
<li><strong><a href="/parts/part-3/">Part III Overview</a></strong> - Hardware, digital hygiene, and operational procedures
<ul>
<li><strong><a href="/chapters/chapter-6/">Chapter 6: Hardware and Infrastructure Security</a></strong> (6-1 to 6-8)
<ul>
<li>6-1: Untraceable Hardware Acquisition</li>
<li>6-2: Tails OS Installation and Configuration</li>
<li>6-3: Device Compartmentalization</li>
<li>6-4: Physical Security Measures</li>
<li>6-5: Network Access Security</li>
<li>6-6: Hardware Disposal and Sanitization</li>
<li>6-7: Faraday Cage and Signal Blocking</li>
<li>6-8: Power and Charging Security</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-7/">Chapter 7: Digital Hygiene and Privacy</a></strong> (7-1 to 7-6)
<ul>
<li>7-1: Browser Security Configuration</li>
<li>7-2: Search Engine Privacy</li>
<li>7-3: VPN and Tor Usage</li>
<li>7-4: Social Media Operational Security</li>
<li>7-5: Email Security and Anonymous Accounts</li>
<li>7-6: Digital Footprint Minimization</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-8/">Chapter 8: Operational Procedures</a></strong> (8-1 to 8-8)
<ul>
<li>8-1: Cell Organization and Management</li>
<li>8-2: Meeting Security Protocols</li>
<li>8-3: Coded Language and Communication</li>
<li>8-4: Surveillance Detection and Evasion</li>
<li>8-5: Emergency Procedures and Protocols</li>
<li>8-6: Information Sanitization</li>
<li>8-7: Operational Planning Security</li>
<li>8-8: Post-Operation Security Review</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="part-iv-advanced-resistance-operations">Part IV: Advanced Resistance Operations</h3>
<ul>
<li><strong><a href="/parts/part-4/">Part IV Overview</a></strong> - Network resilience and counter-intelligence
<ul>
<li><strong><a href="/chapters/chapter-9/">Chapter 9: Network Resilience and Redundancy</a></strong> (9-1 to 9-5)
<ul>
<li>9-1: Mesh Network Implementation</li>
<li>9-2: Offline Communication Systems</li>
<li>9-3: Emergency Communication Protocols</li>
<li>9-4: Network Failure Recovery</li>
<li>9-5: Distributed Infrastructure Planning</li>
</ul>
</li>
<li><strong><a href="/chapters/chapter-10/">Chapter 10: Counter-Intelligence and Security Culture</a></strong> (10-1 to 10-6)
<ul>
<li>10-1: Infiltration Detection and Prevention</li>
<li>10-2: Information Verification Procedures</li>
<li>10-3: Security Culture Development</li>
<li>10-4: Compartmentalized Knowledge Management</li>
<li>10-5: Trust Networks and Verification</li>
<li>10-6: Operational Security Training</li>
</ul>
</li>
</ul>
</li>
</ul>
<h3 id="appendices">Appendices</h3>
<ul>
<li><strong><a href="/appendices/">Appendix A: Quick Reference Guides</a></strong> - Emergency checklists and procedures</li>
<li><strong><a href="/appendices/tools/">Appendix B: Tool Configuration Guides</a></strong> - Step-by-step setup instructions</li>
<li><strong><a href="/appendices/resources/">Appendix C: External Resources and Links</a></strong> - Recommended tools and organizations</li>
<li><strong><a href="/appendices/glossary/">Appendix D: Glossary of Terms</a></strong> - Definitions and terminology</li>
</ul>
<hr />
<div class="warning-box">
<div class="warning-title">Security Notice</div>
<p>This manual contains sensitive information about resistance operations and security practices. Ensure you are accessing this content through secure channels (Tails OS, Tor Browser, or other anonymizing tools) and following proper operational security protocols.</p>
</div>
<div class="info-box">
<div class="info-title">For Newcomers</div>
<p>If you are new to resistance operations, start with the <strong>Preface</strong> and <strong>Introduction</strong>, then proceed through <strong>Part I: Foundations</strong> before advancing to more technical sections. Each chapter builds upon previous knowledge.</p>
</div>
<hr />
<p><strong>Distribution:</strong> This manual is designed for decentralized distribution through secure channels. Share responsibly and only with trusted individuals who have a legitimate need for this information.</p>
<p><strong>Updates:</strong> This manual will be updated regularly as new threats emerge and technologies evolve. Check the source repository for the latest version.</p>
<p><strong>Support:</strong> For questions or contributions, contact the Bureau of Decentralized Resistance through secure channels only.</p>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/introduction/index.html
+452
View File
@@ -0,0 +1,452 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Introduction - Field Manual for Resistance Operations</title>
<meta name="description" content="Threat landscape overview and fundamental security concepts for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" class="active">Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="introduction">Introduction</h1>
<h2 id="the-modern-resistance-environment">The Modern Resistance Environment</h2>
<p>Resistance movements in the 21st century face unprecedented challenges. Unlike historical resistance operations that primarily contended with human intelligence networks and physical surveillance, modern movements must operate within a digital panopticon of mass surveillance, algorithmic analysis, and predictive policing.</p>
<p>The scenario addressed in this manual—resistance against a technologically advanced authoritarian regime—represents the ultimate stress test for operational security. The adversary possesses:</p>
<ul>
<li><strong>Total spectrum surveillance</strong> across digital communications</li>
<li><strong>Massive data processing capabilities</strong> for pattern recognition and network analysis</li>
<li><strong>Legal and extralegal powers</strong> to compel cooperation from technology companies</li>
<li><strong>Advanced persistent threat capabilities</strong> for targeted device compromise</li>
<li><strong>Extensive human intelligence networks</strong> including informants and infiltrators</li>
</ul>
<h3 id="the-digital-battlefield">The Digital Battlefield</h3>
<p>Every digital action creates metadata that can be analyzed to reveal:</p>
<ul>
<li><strong>Communication patterns</strong> - who talks to whom, when, and how frequently</li>
<li><strong>Location data</strong> - movement patterns and association networks</li>
<li><strong>Behavioral profiles</strong> - interests, habits, and predictive models</li>
<li><strong>Social graphs</strong> - relationship mapping and influence networks</li>
<li><strong>Operational indicators</strong> - planning cycles and activity patterns</li>
</ul>
<div class="warning-box">
<div class="warning-title">Critical Understanding</div>
<p>The most dangerous misconception in modern resistance is believing that encryption alone provides security. While encryption protects content, metadata analysis can reveal operational structures, timing, and relationships even when communications are encrypted.</p>
</div>
<h2 id="fundamental-security-concepts">Fundamental Security Concepts</h2>
<h3 id="defense-in-depth">Defense in Depth</h3>
<p>No single security measure is sufficient. Effective resistance security requires multiple overlapping layers:</p>
<ol>
<li><strong>Technical measures</strong> - Encryption, anonymization, secure hardware</li>
<li><strong>Operational procedures</strong> - Compartmentalization, communication protocols, meeting security</li>
<li><strong>Human factors</strong> - Training, security culture, psychological resilience</li>
<li><strong>Physical security</strong> - Safe houses, surveillance detection, document security</li>
</ol>
<h3 id="threat-modeling">Threat Modeling</h3>
<p>Before implementing any security measures, you must understand:</p>
<p><strong>Assets</strong> - What are you protecting?</p>
<ul>
<li>Lives and freedom of participants</li>
<li>Operational plans and intelligence</li>
<li>Communication networks and infrastructure</li>
<li>Financial resources and supplies</li>
</ul>
<p><strong>Adversaries</strong> - Who are you protecting against?</p>
<ul>
<li>State security services and law enforcement</li>
<li>Private intelligence contractors</li>
<li>Informants and infiltrators</li>
<li>Hostile political organizations</li>
</ul>
<p><strong>Capabilities</strong> - What can your adversaries do?</p>
<ul>
<li>Technical surveillance and cyber operations</li>
<li>Physical surveillance and infiltration</li>
<li>Legal powers and extrajudicial actions</li>
<li>Resource advantages and institutional support</li>
</ul>
<p><strong>Consequences</strong> - What happens if security fails?</p>
<ul>
<li>Arrest, prosecution, and imprisonment</li>
<li>Physical harm or assassination</li>
<li>Network compromise and operational failure</li>
<li>Broader movement suppression</li>
</ul>
<h3 id="the-security-usability-balance">The Security-Usability Balance</h3>
<p>Perfect security is incompatible with operational effectiveness. Every security measure introduces complexity, reduces convenience, and creates potential failure points. The art of resistance security lies in finding the optimal balance between:</p>
<ul>
<li><strong>Security requirements</strong> based on threat assessment</li>
<li><strong>Operational needs</strong> for communication and coordination</li>
<li><strong>Human limitations</strong> in following complex procedures</li>
<li><strong>Resource constraints</strong> in time, money, and technical expertise</li>
</ul>
<h2 id="core-principles-for-resistance-operations">Core Principles for Resistance Operations</h2>
<h3 id="1-assume-compromise">1. Assume Compromise</h3>
<p>Operate under the assumption that some level of compromise is inevitable:</p>
<ul>
<li>Design systems that remain functional even if partially compromised</li>
<li>Limit the damage any single compromise can cause</li>
<li>Plan for detection and response to security breaches</li>
<li>Maintain operational capability under surveillance</li>
</ul>
<h3 id="2-minimize-attack-surface">2. Minimize Attack Surface</h3>
<p>Reduce the number of ways you can be compromised:</p>
<ul>
<li>Use the minimum number of tools and platforms necessary</li>
<li>Limit the amount of sensitive data stored or transmitted</li>
<li>Reduce the number of people with access to critical information</li>
<li>Eliminate unnecessary digital and physical traces</li>
</ul>
<h3 id="3-compartmentalization">3. Compartmentalization</h3>
<p>Organize information and access on a need-to-know basis:</p>
<ul>
<li>Structure operations in independent cells</li>
<li>Limit cross-cell knowledge and communication</li>
<li>Use different tools and identities for different purposes</li>
<li>Prevent single points of failure from compromising entire networks</li>
</ul>
<h3 id="4-operational-discipline">4. Operational Discipline</h3>
<p>Maintain consistent security practices:</p>
<ul>
<li>Follow established procedures even when inconvenient</li>
<li>Resist the temptation to take shortcuts under pressure</li>
<li>Regularly review and update security practices</li>
<li>Train all participants in proper security procedures</li>
</ul>
<h3 id="5-continuous-adaptation">5. Continuous Adaptation</h3>
<p>Security is not a destination but an ongoing process:</p>
<ul>
<li>Monitor for new threats and vulnerabilities</li>
<li>Update tools and procedures as technology evolves</li>
<li>Learn from security incidents and near-misses</li>
<li>Share knowledge and best practices across the movement</li>
</ul>
<h2 id="the-human-element">The Human Element</h2>
<p>Technology can only provide the foundation for security—human behavior determines whether that foundation holds. The most sophisticated technical measures are worthless if participants:</p>
<ul>
<li>Use personal devices for resistance activities</li>
<li>Discuss sensitive matters in insecure environments</li>
<li>Fail to follow established communication protocols</li>
<li>Compromise operational security for convenience</li>
</ul>
<h3 id="building-security-culture">Building Security Culture</h3>
<p>Effective resistance security requires developing a culture where:</p>
<ul>
<li>Security consciousness becomes second nature</li>
<li>Participants understand the reasoning behind security measures</li>
<li>Peer accountability reinforces proper procedures</li>
<li>Security education is ongoing and practical</li>
<li>Mistakes are treated as learning opportunities rather than failures</li>
</ul>
<h2 id="scope-of-this-manual">Scope of This Manual</h2>
<p>This manual provides practical guidance for implementing the security concepts outlined above. It is organized to support both learning and reference use:</p>
<p><strong>Part I: Foundations</strong> establishes the theoretical framework and threat assessment methodologies that inform all subsequent technical recommendations.</p>
<p><strong>Part II: Communication Systems</strong> provides detailed guidance for implementing secure communication networks using proven tools and techniques.</p>
<p><strong>Part III: Operational Security</strong> covers the human and procedural elements necessary to maintain security in practice.</p>
<p><strong>Part IV: Advanced Operations</strong> addresses specialized topics for mature resistance networks operating under extreme threat conditions.</p>
<p><strong>Appendices</strong> provide quick reference materials, detailed configuration guides, and external resources for continued learning.</p>
<h2 id="getting-started">Getting Started</h2>
<p>The journey from security novice to competent resistance operator requires patience, practice, and mentorship. This manual provides the roadmap, but you must walk the path:</p>
<ol>
<li><strong>Master the fundamentals</strong> before attempting advanced techniques</li>
<li><strong>Practice in safe environments</strong> before operational deployment</li>
<li><strong>Seek guidance</strong> from experienced practitioners</li>
<li><strong>Start with basic security measures</strong> and gradually increase complexity</li>
<li><strong>Maintain operational security</strong> throughout your learning process</li>
</ol>
<div class="info-box">
<div class="info-title">Learning Path</div>
<p>New practitioners should follow this sequence:</p>
<ol>
<li><strong>Part I</strong> - Understand core principles and threat assessment</li>
<li><strong>Chapter 6</strong> - Set up secure hardware and Tails OS</li>
<li><strong>Chapter 4</strong> - Configure basic secure messaging</li>
<li><strong>Chapter 7</strong> - Implement digital hygiene practices</li>
<li><strong>Remaining chapters</strong> - Add capabilities as needed</li>
</ol>
</div>
<h2 id="a-note-on-courage">A Note on Courage</h2>
<p>Resistance requires courage—not the absence of fear, but action in spite of fear. The security measures in this manual cannot eliminate risk; they can only manage it. Every person who chooses resistance accepts some level of danger in service of a greater cause.</p>
<p>This manual honors that courage by providing the best possible guidance for staying safe while fighting for justice. Use it wisely, share it responsibly, and remember that your security protects not just yourself, but everyone who depends on you.</p>
<hr />
<p><strong>The stakes are high. The tools are available. The choice is yours.</strong></p>
<p><strong>Next:</strong> <a href="/parts/part-1/">Part I: Foundations of Resistance Security →</a></p>
<nav class="section-nav">
<a href="/preface/" class="nav-link">
<span class="arrow"></span>
<span>Preface</span>
</a>
<a href="/parts/part-1/" class="nav-link">
<span>Part I: Foundations</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/parts/part-1/index.html
+372
View File
@@ -0,0 +1,372 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Part I: Foundations of Resistance Security - Field Manual for Resistance Operations</title>
<meta name="description" content="Core security principles and threat assessment methodologies for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" class="active">Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="part-i-foundations-of-resistance-security">Part I: Foundations of Resistance Security</h1>
<h2 id="overview">Overview</h2>
<p>Part I establishes the theoretical and practical foundations necessary for all resistance security operations. Before implementing any technical measures or operational procedures, resistance practitioners must understand the fundamental principles that govern security in hostile environments and develop the analytical skills necessary to assess threats and design appropriate countermeasures.</p>
<p>This part addresses the most critical question in resistance security: <strong>How do you think about security in a way that leads to effective protection?</strong></p>
<h2 id="learning-objectives">Learning Objectives</h2>
<p>Upon completing Part I, you will be able to:</p>
<ul>
<li>Apply core security principles to evaluate and design resistance operations</li>
<li>Conduct systematic threat assessments for your specific operational environment</li>
<li>Develop risk management strategies appropriate to your threat level</li>
<li>Understand the relationship between security measures and operational effectiveness</li>
<li>Recognize common security failures and their underlying causes</li>
</ul>
<h2 id="chapter-overview">Chapter Overview</h2>
<h3 id="chapter-1-core-security-principles-1-1-to-1-5">Chapter 1: Core Security Principles (1-1 to 1-5)</h3>
<p>The five fundamental principles that must guide all resistance security decisions:</p>
<p><strong>1-1: Principle of Least Privilege</strong> - Limiting access to the minimum necessary for operational effectiveness</p>
<p><strong>1-2: Need-to-Know Basis</strong> - Compartmentalizing information to prevent cascade failures</p>
<p><strong>1-3: Compartmentalization and Cell Structure</strong> - Organizing resistance networks to contain compromise</p>
<p><strong>1-4: Zero Trust Verification</strong> - Assuming compromise and requiring continuous authentication</p>
<p><strong>1-5: Metadata Minimization</strong> - Reducing the digital traces that reveal operational patterns</p>
<h3 id="chapter-2-threat-assessment-and-operational-environment-2-1-to-2-4">Chapter 2: Threat Assessment and Operational Environment (2-1 to 2-4)</h3>
<p>Systematic approaches to understanding and responding to threats:</p>
<p><strong>2-1: Understanding Your Adversary</strong> - Analyzing capabilities, motivations, and limitations of hostile forces</p>
<p><strong>2-2: Threat Model Development</strong> - Creating structured assessments of risks and vulnerabilities</p>
<p><strong>2-3: Risk Assessment Framework</strong> - Quantifying and prioritizing security investments</p>
<p><strong>2-4: Operational Security (OpSec) Fundamentals</strong> - Translating threat assessments into practical procedures</p>
<h2 id="the-security-mindset">The Security Mindset</h2>
<p>Before diving into specific principles and procedures, its essential to understand the fundamental shift in thinking required for effective resistance security. This shift involves:</p>
<h3 id="from-convenience-to-security">From Convenience to Security</h3>
<p>In normal life, we optimize for convenience, efficiency, and ease of use. In resistance operations, security becomes the primary consideration, with convenience secondary. This doesnt mean making things unnecessarily difficult, but rather accepting that some inconvenience is the price of safety.</p>
<h3 id="from-trust-to-verification">From Trust to Verification</h3>
<p>Normal social and professional relationships operate on trust and good faith. Resistance operations must assume that trust can be compromised, either through infiltration or coercion, and build verification mechanisms into all critical processes.</p>
<h3 id="from-reactive-to-proactive">From Reactive to Proactive</h3>
<p>Most people respond to security threats after they become apparent. Resistance operations must anticipate threats and implement countermeasures before theyre needed, because by the time a threat is obvious, it may be too late to respond effectively.</p>
<h3 id="from-individual-to-collective">From Individual to Collective</h3>
<p>Personal security practices focus on protecting yourself. Resistance security must consider how your actions affect the safety of others in your network, and how their actions affect your safety.</p>
<h2 id="common-misconceptions">Common Misconceptions</h2>
<h3 id="encryption-solves-everything">“Encryption Solves Everything”</h3>
<p>While encryption is essential, it only protects the content of communications, not the metadata that reveals who is talking to whom, when, and from where. Metadata analysis can reveal network structures and operational patterns even when all communications are encrypted.</p>
<h3 id="if-you-have-nothing-to-hide">“If You Have Nothing to Hide…”</h3>
<p>This argument fundamentally misunderstands the nature of authoritarian surveillance. The goal is not just to find evidence of wrongdoing, but to map networks, predict behavior, and suppress dissent before it becomes effective.</p>
<h3 id="theyre-too-powerful-to-resist">“Theyre Too Powerful to Resist”</h3>
<p>While authoritarian regimes have significant advantages, they also have limitations and vulnerabilities. Understanding both their capabilities and their constraints is essential for developing effective resistance strategies.</p>
<h3 id="perfect-security-is-possible">“Perfect Security is Possible”</h3>
<p>No security system is perfect, and pursuing perfect security often leads to systems so complex and restrictive that they cannot be used effectively. The goal is appropriate security for your specific threat environment and operational requirements.</p>
<h2 id="integration-with-subsequent-parts">Integration with Subsequent Parts</h2>
<p>The principles and methodologies covered in Part I provide the foundation for all subsequent technical and operational guidance:</p>
<ul>
<li><strong>Part II</strong> applies these principles to design secure communication systems</li>
<li><strong>Part III</strong> translates them into practical operational security procedures</li>
<li><strong>Part IV</strong> extends them to advanced scenarios and specialized threats</li>
</ul>
<p>Each technical recommendation and operational procedure in later parts derives from the fundamental principles established here. Understanding these foundations is essential for adapting the manuals guidance to your specific circumstances and for making sound security decisions when facing novel situations.</p>
<h2 id="study-approach">Study Approach</h2>
<h3 id="for-individual-study">For Individual Study</h3>
<ol>
<li><strong>Read each section completely</strong> before moving to the next</li>
<li><strong>Take notes</strong> on how principles apply to your specific situation</li>
<li><strong>Work through examples</strong> using scenarios relevant to your operations</li>
<li><strong>Review regularly</strong> as these concepts must become second nature</li>
</ol>
<h3 id="for-group-study">For Group Study</h3>
<ol>
<li><strong>Discuss each principle</strong> and its implications for your organization</li>
<li><strong>Develop case studies</strong> based on your operational environment</li>
<li><strong>Practice threat modeling</strong> for actual or hypothetical operations</li>
<li><strong>Create reference materials</strong> summarizing key concepts for quick review</li>
</ol>
<h3 id="for-training-others">For Training Others</h3>
<ol>
<li><strong>Use concrete examples</strong> rather than abstract concepts</li>
<li><strong>Connect principles to practical consequences</strong> of security failures</li>
<li><strong>Encourage questions</strong> and discussion of edge cases</li>
<li><strong>Provide opportunities to practice</strong> threat assessment skills</li>
</ol>
<div class="warning-box">
<div class="warning-title">Foundation First</div>
<p>Do not skip Part I to get to "more practical" technical content. The principles covered here determine whether technical measures will be effective or merely provide a false sense of security. Every security failure can be traced back to a violation of these fundamental principles.</p>
</div>
<hr />
<p><strong>Ready to begin?</strong> Start with <a href="/chapters/chapter-1/">Chapter 1: Core Security Principles →</a></p>
<nav class="section-nav">
<a href="/introduction/" class="nav-link">
<span class="arrow"></span>
<span>Introduction</span>
</a>
<a href="/chapters/chapter-1/" class="nav-link">
<span>Chapter 1: Core Security Principles</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/parts/part-2/index.html
+522
View File
@@ -0,0 +1,522 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Part II: Secure Communication Systems - Field Manual for Resistance Operations</title>
<meta name="description" content="Multi-layer communication architectures and secure messaging systems for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" class="active">Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="part-ii-secure-communication-systems">Part II: Secure Communication Systems</h1>
<h2 id="overview">Overview</h2>
<p>Part II addresses the critical challenge of maintaining secure communications within resistance networks operating under advanced surveillance. This part provides comprehensive guidance for implementing multi-layer communication architectures that balance security requirements with operational effectiveness.</p>
<p>Communication security is the backbone of resistance operations. Without secure communications, resistance networks cannot coordinate activities, share intelligence, or maintain operational security. However, communication also represents the greatest vulnerability, as every communication creates metadata that can be analyzed to reveal network structures, operational patterns, and individual behaviors.</p>
<h2 id="learning-objectives">Learning Objectives</h2>
<p>Upon completing Part II, you will be able to:</p>
<ul>
<li>Design and implement multi-layer communication architectures appropriate to your threat environment</li>
<li>Configure and operate secure messaging systems including Session, Element/Matrix, Briar, and Signal</li>
<li>Establish secure file sharing and collaboration systems using CryptPad, OnionShare, and encrypted cloud storage</li>
<li>Implement communication protocols that minimize metadata exposure and maximize operational security</li>
<li>Develop contingency communication plans for various compromise and failure scenarios</li>
</ul>
<h2 id="the-communication-security-challenge">The Communication Security Challenge</h2>
<h3 id="the-metadata-problem">The Metadata Problem</h3>
<p>Modern surveillance systems focus less on communication content (which can be encrypted) and more on communication metadata (which reveals patterns even when content is protected). Every digital communication generates metadata including:</p>
<ul>
<li><strong>Sender and recipient identities</strong> and network addresses</li>
<li><strong>Timing information</strong> including send/receive timestamps</li>
<li><strong>Location data</strong> from device GPS and network connections</li>
<li><strong>Communication patterns</strong> including frequency and duration</li>
<li><strong>Device information</strong> including hardware and software details</li>
</ul>
<p>This metadata can be analyzed to:</p>
<ul>
<li>Map network structures and identify key participants</li>
<li>Predict operational activities and timing</li>
<li>Locate physical meetings and safe houses</li>
<li>Identify behavioral patterns and vulnerabilities</li>
</ul>
<h3 id="the-usability-security-tension">The Usability-Security Tension</h3>
<p>Perfect communication security would require:</p>
<ul>
<li>No digital communications whatsoever</li>
<li>Face-to-face meetings only in secure locations</li>
<li>Perfect operational security from all participants</li>
<li>No time-sensitive coordination requirements</li>
</ul>
<p>Perfect operational effectiveness would require:</p>
<ul>
<li>Instant communication between all participants</li>
<li>Rich multimedia sharing and collaboration</li>
<li>Real-time coordination and decision-making</li>
<li>Seamless integration with existing tools and workflows</li>
</ul>
<p>Practical resistance communications must balance these competing requirements through carefully designed architectures that provide appropriate security for specific use cases while maintaining operational effectiveness.</p>
<h2 id="multi-layer-communication-strategy">Multi-Layer Communication Strategy</h2>
<p>Part II is organized around a four-layer communication architecture that provides different security levels for different operational requirements:</p>
<h3 id="layer-1-high-risk-real-time-communication">Layer 1: High-Risk Real-Time Communication</h3>
<p><strong>Use Case:</strong> Time-sensitive coordination during active operations
<strong>Security Level:</strong> Maximum security, minimal metadata
<strong>Tools:</strong> Session Messenger, Briar mesh networking
<strong>Characteristics:</strong></p>
<ul>
<li>Onion routing and metadata protection</li>
<li>Peer-to-peer architecture with no central servers</li>
<li>Ephemeral messaging with automatic deletion</li>
<li>Offline capability and mesh networking</li>
</ul>
<h3 id="layer-2-secure-collaboration-systems">Layer 2: Secure Collaboration Systems</h3>
<p><strong>Use Case:</strong> Planning, document sharing, and ongoing coordination
<strong>Security Level:</strong> High security with collaboration features
<strong>Tools:</strong> Element/Matrix (self-hosted), CryptPad
<strong>Characteristics:</strong></p>
<ul>
<li>End-to-end encryption with forward secrecy</li>
<li>Self-hosted infrastructure under resistance control</li>
<li>Rich collaboration features including file sharing</li>
<li>Persistent storage with secure access controls</li>
</ul>
<h3 id="layer-3-failsafe-and-offline-methods">Layer 3: Failsafe and Offline Methods</h3>
<p><strong>Use Case:</strong> Emergency communications and backup channels
<strong>Security Level:</strong> Maximum reliability and availability
<strong>Tools:</strong> OnionShare, encrypted email, physical dead drops
<strong>Characteristics:</strong></p>
<ul>
<li>No dependence on internet infrastructure</li>
<li>Asynchronous communication with time delays</li>
<li>Multiple redundant channels and methods</li>
<li>Resistance to network disruption and censorship</li>
</ul>
<h3 id="layer-4-anonymous-broadcasting">Layer 4: Anonymous Broadcasting</h3>
<p><strong>Use Case:</strong> Public communications and propaganda distribution
<strong>Security Level:</strong> Sender anonymity and censorship resistance
<strong>Tools:</strong> Tor hidden services, distributed publishing platforms
<strong>Characteristics:</strong></p>
<ul>
<li>One-to-many communication model</li>
<li>Strong sender anonymity protection</li>
<li>Censorship resistance and availability</li>
<li>Public accessibility without authentication</li>
</ul>
<h2 id="chapter-overview">Chapter Overview</h2>
<h3 id="chapter-3-communication-layer-architecture-3-1-to-3-6">Chapter 3: Communication Layer Architecture (3-1 to 3-6)</h3>
<p>Establishes the theoretical framework and practical implementation of multi-layer communication systems:</p>
<p><strong>3-1: Multi-Layer Communication Strategy</strong> - Overall architecture and layer selection criteria</p>
<p><strong>3-2: High-Risk Real-Time Communication (Layer 1)</strong> - Maximum security for time-sensitive operations</p>
<p><strong>3-3: Secure Collaboration Systems (Layer 2)</strong> - Balancing security with collaboration needs</p>
<p><strong>3-4: Failsafe and Offline Methods (Layer 3)</strong> - Backup and emergency communication channels</p>
<p><strong>3-5: Anonymous Broadcasting (Layer 4)</strong> - Public communications and information distribution</p>
<p><strong>3-6: Communication Protocol Selection</strong> - Choosing appropriate tools and methods for specific scenarios</p>
<h3 id="chapter-4-secure-messaging-and-voice-communications-4-1-to-4-8">Chapter 4: Secure Messaging and Voice Communications (4-1 to 4-8)</h3>
<p>Provides detailed configuration and operational guidance for secure messaging systems:</p>
<p><strong>4-1: Session Messenger Configuration</strong> - Maximum security messaging with onion routing</p>
<p><strong>4-2: Element/Matrix Self-Hosted Setup</strong> - Secure collaboration platform implementation</p>
<p><strong>4-3: Briar Peer-to-Peer Messaging</strong> - Decentralized messaging without servers</p>
<p><strong>4-4: Signal Security Best Practices</strong> - Operational security for mainstream secure messaging</p>
<p><strong>4-5: Voice Communication Security</strong> - Secure voice calls and audio communications</p>
<p><strong>4-6: Group Communication Management</strong> - Security protocols for multi-participant communications</p>
<p><strong>4-7: Message Verification and Authentication</strong> - Ensuring message integrity and sender verification</p>
<p><strong>4-8: Communication Scheduling and Protocols</strong> - Operational procedures for secure communications</p>
<h3 id="chapter-5-file-sharing-and-collaboration-5-1-to-5-6">Chapter 5: File Sharing and Collaboration (5-1 to 5-6)</h3>
<p>Covers secure systems for document collaboration and file sharing:</p>
<p><strong>5-1: CryptPad Secure Document Collaboration</strong> - Real-time collaborative editing with encryption</p>
<p><strong>5-2: OnionShare Anonymous File Transfer</strong> - Secure file sharing over Tor network</p>
<p><strong>5-3: Encrypted Cloud Storage (Mega/Proton)</strong> - Secure cloud storage for resistance operations</p>
<p><strong>5-4: Digital Dead Drops</strong> - Asynchronous file sharing without direct contact</p>
<p><strong>5-5: Version Control for Sensitive Documents</strong> - Managing document versions and changes securely</p>
<p><strong>5-6: Collaborative Security Protocols</strong> - Operational procedures for secure collaboration</p>
<h2 id="implementation-approach">Implementation Approach</h2>
<h3 id="progressive-implementation">Progressive Implementation</h3>
<p>Part II is designed for progressive implementation, allowing resistance networks to start with basic secure communications and gradually add more sophisticated capabilities:</p>
<p><strong>Phase 1: Basic Secure Messaging</strong></p>
<ul>
<li>Implement Signal or Session for basic communications</li>
<li>Establish basic operational security procedures</li>
<li>Train participants in secure communication practices</li>
</ul>
<p><strong>Phase 2: Collaboration Infrastructure</strong></p>
<ul>
<li>Deploy self-hosted Matrix server for group communications</li>
<li>Implement CryptPad for document collaboration</li>
<li>Establish file sharing protocols using OnionShare</li>
</ul>
<p><strong>Phase 3: Advanced Architecture</strong></p>
<ul>
<li>Implement full multi-layer communication strategy</li>
<li>Deploy Briar for high-security scenarios</li>
<li>Establish emergency and backup communication channels</li>
</ul>
<p><strong>Phase 4: Operational Integration</strong></p>
<ul>
<li>Integrate communication systems with operational planning</li>
<li>Implement advanced security protocols and procedures</li>
<li>Establish training and support systems for network participants</li>
</ul>
<h3 id="security-considerations">Security Considerations</h3>
<p>Each communication system and protocol covered in Part II includes specific security considerations:</p>
<p><strong>Technical Security:</strong></p>
<ul>
<li>Encryption strength and implementation quality</li>
<li>Metadata protection and anonymity features</li>
<li>Infrastructure security and server hardening</li>
<li>Software updates and vulnerability management</li>
</ul>
<p><strong>Operational Security:</strong></p>
<ul>
<li>User authentication and access control</li>
<li>Communication protocols and procedures</li>
<li>Incident response and compromise recovery</li>
<li>Training and security awareness</li>
</ul>
<p><strong>Strategic Security:</strong></p>
<ul>
<li>Threat model alignment and risk assessment</li>
<li>Backup and redundancy planning</li>
<li>Legal considerations and jurisdiction issues</li>
<li>Long-term sustainability and maintenance</li>
</ul>
<div class="warning-box">
<div class="warning-title">Communication Discipline</div>
<p>The most sophisticated communication systems are worthless without proper operational discipline. All participants must understand and consistently follow communication protocols, security procedures, and operational security practices.</p>
</div>
<h2 id="integration-with-other-parts">Integration with Other Parts</h2>
<p>Part II builds directly on the foundational principles and threat assessment methodologies covered in Part I:</p>
<ul>
<li><strong>Core Security Principles</strong> guide the selection and configuration of communication systems</li>
<li><strong>Threat Assessment</strong> determines appropriate security levels and tool selection</li>
<li><strong>Risk Assessment</strong> informs decisions about acceptable trade-offs between security and usability</li>
<li><strong>OpSec Fundamentals</strong> provide the procedural framework for secure communication operations</li>
</ul>
<p>Part II also provides the foundation for the operational security procedures covered in Part III and the advanced techniques covered in Part IV.</p>
<h2 id="getting-started">Getting Started</h2>
<h3 id="for-technical-implementation">For Technical Implementation</h3>
<ol>
<li><strong>Start with threat assessment</strong> to determine appropriate security levels</li>
<li><strong>Begin with basic tools</strong> (Signal or Session) before implementing complex systems</li>
<li><strong>Test all systems thoroughly</strong> in safe environments before operational use</li>
<li><strong>Implement gradually</strong> with proper training and support for all participants</li>
</ol>
<h3 id="for-operational-planning">For Operational Planning</h3>
<ol>
<li><strong>Map communication requirements</strong> to the four-layer architecture</li>
<li><strong>Develop communication protocols</strong> appropriate to your threat environment</li>
<li><strong>Establish training programs</strong> for all communication tools and procedures</li>
<li><strong>Plan for contingencies</strong> including system compromise and failure scenarios</li>
</ol>
<h3 id="for-network-leadership">For Network Leadership</h3>
<ol>
<li><strong>Assess current communication practices</strong> against security requirements</li>
<li><strong>Develop implementation timeline</strong> for improved communication security</li>
<li><strong>Allocate resources</strong> for infrastructure, training, and ongoing maintenance</li>
<li><strong>Establish governance</strong> for communication system management and security</li>
</ol>
<div class="info-box">
<div class="info-title">Implementation Priority</div>
<p>Focus first on implementing basic secure messaging (Chapter 4) before attempting to deploy complex multi-layer architectures. Solid implementation of fundamental tools is more valuable than poorly implemented advanced systems.</p>
</div>
<hr />
<p><strong>Ready to begin?</strong> Start with <a href="/chapters/chapter-3/">Chapter 3: Communication Layer Architecture →</a></p>
<nav class="section-nav">
<a href="/chapters/chapter-2/" class="nav-link">
<span class="arrow"></span>
<span>Chapter 2: Threat Assessment</span>
</a>
<a href="/chapters/chapter-3/" class="nav-link">
<span>Chapter 3: Communication Architecture</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/parts/part-3/index.html
+605
View File
@@ -0,0 +1,605 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Part III: Operational Security Procedures - Field Manual for Resistance Operations</title>
<meta name="description" content="Hardware security, digital hygiene, and operational procedures for resistance operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" class="active">Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="part-iii-operational-security-procedures">Part III: Operational Security Procedures</h1>
<h2 id="overview">Overview</h2>
<p>Part III addresses the critical operational security (OpSec) procedures that protect resistance operations from detection, infiltration, and compromise. This part moves beyond communication systems to cover the broader operational environment, including hardware security, digital hygiene, and operational procedures that ensure resistance activities remain secure and effective.</p>
<p>Operational security is the discipline of protecting critical information and activities through systematic procedures and practices. Unlike technical security measures that rely on cryptography and secure systems, operational security focuses on human behavior, physical security, and procedural controls that prevent adversaries from gathering intelligence about resistance operations.</p>
<h2 id="learning-objectives">Learning Objectives</h2>
<p>Upon completing Part III, you will be able to:</p>
<ul>
<li>Implement comprehensive hardware security measures including untraceable acquisition and secure disposal</li>
<li>Configure and operate Tails OS and other security-focused operating systems</li>
<li>Establish device compartmentalization strategies for different operational roles</li>
<li>Implement physical security measures for equipment, locations, and operations</li>
<li>Practice effective digital hygiene to minimize online exposure and tracking</li>
<li>Execute operational procedures that maintain security throughout resistance activities</li>
</ul>
<h2 id="the-operational-security-challenge">The Operational Security Challenge</h2>
<h3 id="the-human-factor">The Human Factor</h3>
<p>Technical security systems are only as strong as the humans who operate them. The most sophisticated encryption and anonymity tools can be rendered useless by poor operational security practices. Common operational security failures include:</p>
<ul>
<li><strong>Behavioral Patterns</strong>: Predictable activities that reveal operational timing and locations</li>
<li><strong>Physical Evidence</strong>: Documents, devices, and traces left behind after operations</li>
<li><strong>Social Engineering</strong>: Manipulation of human psychology to extract information</li>
<li><strong>Procedural Violations</strong>: Failure to follow established security protocols</li>
<li><strong>Emergency Responses</strong>: Poor decision-making under pressure or crisis conditions</li>
</ul>
<h3 id="the-surveillance-environment">The Surveillance Environment</h3>
<p>Modern resistance operations occur within a comprehensive surveillance environment that includes:</p>
<p><strong>Technical Surveillance:</strong></p>
<ul>
<li>Mass data collection from internet and telecommunications</li>
<li>Automated analysis of behavioral patterns and anomalies</li>
<li>Facial recognition and biometric identification systems</li>
<li>Location tracking through mobile devices and vehicles</li>
<li>Financial surveillance through banking and payment systems</li>
</ul>
<p><strong>Human Surveillance:</strong></p>
<ul>
<li>Informant networks and community monitoring</li>
<li>Undercover operations and infiltration attempts</li>
<li>Social media monitoring and analysis</li>
<li>Professional surveillance teams and techniques</li>
<li>Crowd-sourced surveillance through public reporting</li>
</ul>
<p><strong>Physical Surveillance:</strong></p>
<ul>
<li>CCTV networks and automated monitoring systems</li>
<li>License plate readers and vehicle tracking</li>
<li>Access control systems and entry monitoring</li>
<li>Search and seizure operations</li>
<li>Physical infiltration and monitoring</li>
</ul>
<h3 id="the-compartmentalization-imperative">The Compartmentalization Imperative</h3>
<p>Effective operational security requires strict compartmentalization of information, activities, and identities. This includes:</p>
<p><strong>Information Compartmentalization:</strong></p>
<ul>
<li>Need-to-know basis for all sensitive information</li>
<li>Separation of different operational activities</li>
<li>Protection of sources and methods</li>
<li>Isolation of compromise to minimize damage</li>
</ul>
<p><strong>Identity Compartmentalization:</strong></p>
<ul>
<li>Separate identities for different operational roles</li>
<li>Physical and digital separation of identities</li>
<li>Consistent maintenance of identity boundaries</li>
<li>Emergency procedures for identity compromise</li>
</ul>
<p><strong>Activity Compartmentalization:</strong></p>
<ul>
<li>Separation of operational and personal activities</li>
<li>Different locations for different types of operations</li>
<li>Temporal separation of related activities</li>
<li>Independent resource allocation and management</li>
</ul>
<h2 id="multi-domain-security-strategy">Multi-Domain Security Strategy</h2>
<p>Part III is organized around a three-domain security strategy that addresses different aspects of operational security:</p>
<h3 id="domain-1-hardware-and-infrastructure-security">Domain 1: Hardware and Infrastructure Security</h3>
<p><strong>Focus:</strong> Physical devices, systems, and infrastructure
<strong>Security Level:</strong> Foundation-level security for all operations
<strong>Tools:</strong> Tails OS, hardware compartmentalization, secure disposal
<strong>Characteristics:</strong></p>
<ul>
<li>Untraceable hardware acquisition and management</li>
<li>Secure operating systems and configurations</li>
<li>Physical security measures and protocols</li>
<li>Proper disposal and sanitization procedures</li>
</ul>
<h3 id="domain-2-digital-hygiene-and-privacy">Domain 2: Digital Hygiene and Privacy</h3>
<p><strong>Focus:</strong> Online activities and digital footprint management
<strong>Security Level:</strong> Comprehensive privacy protection
<strong>Tools:</strong> Tor Browser, VPNs, anonymous accounts, search privacy
<strong>Characteristics:</strong></p>
<ul>
<li>Browser security and privacy configuration</li>
<li>Anonymous account creation and management</li>
<li>Search engine privacy and information gathering</li>
<li>Social media operational security</li>
</ul>
<h3 id="domain-3-operational-procedures">Domain 3: Operational Procedures</h3>
<p><strong>Focus:</strong> Human behavior and procedural controls
<strong>Security Level:</strong> Comprehensive operational discipline
<strong>Tools:</strong> Cell organization, meeting protocols, surveillance detection
<strong>Characteristics:</strong></p>
<ul>
<li>Cell organization and management structures</li>
<li>Secure meeting and coordination protocols</li>
<li>Surveillance detection and evasion techniques</li>
<li>Emergency procedures and crisis response</li>
</ul>
<h2 id="chapter-overview">Chapter Overview</h2>
<h3 id="chapter-6-hardware-and-infrastructure-security-6-1-to-6-8">Chapter 6: Hardware and Infrastructure Security (6-1 to 6-8)</h3>
<p>Establishes the foundation of physical security for resistance operations:</p>
<p><strong>6-1: Untraceable Hardware Acquisition</strong> - Methods for obtaining devices without creating paper trails</p>
<p><strong>6-2: Tails OS Installation and Configuration</strong> - Complete setup guide for the amnesic operating system</p>
<p><strong>6-3: Device Compartmentalization</strong> - Strategies for separating different operational roles across devices</p>
<p><strong>6-4: Physical Security Measures</strong> - Protecting devices, locations, and operations from physical compromise</p>
<p><strong>6-5: Network Access Security</strong> - Secure methods for accessing internet and communication networks</p>
<p><strong>6-6: Hardware Disposal and Sanitization</strong> - Proper destruction and disposal of compromised or obsolete equipment</p>
<p><strong>6-7: Faraday Cage and Signal Blocking</strong> - Techniques for preventing electronic surveillance and tracking</p>
<p><strong>6-8: Power and Charging Security</strong> - Secure power management and charging procedures</p>
<h3 id="chapter-7-digital-hygiene-and-privacy-7-1-to-7-6">Chapter 7: Digital Hygiene and Privacy (7-1 to 7-6)</h3>
<p>Covers comprehensive digital privacy and footprint management:</p>
<p><strong>7-1: Browser Security Configuration</strong> - Hardening browsers for maximum privacy and security</p>
<p><strong>7-2: Search Engine Privacy</strong> - Anonymous information gathering and research techniques</p>
<p><strong>7-3: VPN and Tor Usage</strong> - Comprehensive guide to anonymity networks and VPN services</p>
<p><strong>7-4: Social Media Operational Security</strong> - Managing online presence and social media security</p>
<p><strong>7-5: Email Security and Anonymous Accounts</strong> - Creating and managing secure email and online accounts</p>
<p><strong>7-6: Digital Footprint Minimization</strong> - Reducing and managing online traces and data exposure</p>
<h3 id="chapter-8-operational-procedures-8-1-to-8-8">Chapter 8: Operational Procedures (8-1 to 8-8)</h3>
<p>Provides comprehensive operational discipline and procedures:</p>
<p><strong>8-1: Cell Organization and Management</strong> - Structures and procedures for resistance cell operations</p>
<p><strong>8-2: Meeting Security Protocols</strong> - Secure procedures for in-person and virtual meetings</p>
<p><strong>8-3: Coded Language and Communication</strong> - Development and use of coded communication systems</p>
<p><strong>8-4: Surveillance Detection and Evasion</strong> - Techniques for detecting and avoiding surveillance</p>
<p><strong>8-5: Emergency Procedures and Protocols</strong> - Crisis response and emergency security procedures</p>
<p><strong>8-6: Information Sanitization</strong> - Procedures for protecting and sanitizing sensitive information</p>
<p><strong>8-7: Operational Planning Security</strong> - Secure planning and coordination procedures</p>
<p><strong>8-8: Post-Operation Security Review</strong> - Assessment and improvement procedures after operations</p>
<h2 id="implementation-approach">Implementation Approach</h2>
<h3 id="progressive-implementation">Progressive Implementation</h3>
<p>Part III is designed for progressive implementation, building operational security capabilities systematically:</p>
<p><strong>Phase 1: Hardware Foundation</strong></p>
<ul>
<li>Acquire and configure secure hardware and operating systems</li>
<li>Implement basic physical security measures</li>
<li>Establish device compartmentalization strategies</li>
</ul>
<p><strong>Phase 2: Digital Hygiene</strong></p>
<ul>
<li>Configure secure browsers and privacy tools</li>
<li>Establish anonymous online presence and accounts</li>
<li>Implement comprehensive digital privacy practices</li>
</ul>
<p><strong>Phase 3: Operational Procedures</strong></p>
<ul>
<li>Develop cell organization and management procedures</li>
<li>Implement meeting security and communication protocols</li>
<li>Establish surveillance detection and evasion capabilities</li>
</ul>
<p><strong>Phase 4: Advanced Operations</strong></p>
<ul>
<li>Integrate all operational security domains</li>
<li>Implement advanced procedures and techniques</li>
<li>Establish training and assessment programs</li>
</ul>
<h3 id="security-integration">Security Integration</h3>
<p>Each operational security domain integrates with the communication systems from Part II:</p>
<p><strong>Hardware Security Integration:</strong></p>
<ul>
<li>Secure devices for communication system operation</li>
<li>Physical protection for communication infrastructure</li>
<li>Proper disposal of compromised communication equipment</li>
</ul>
<p><strong>Digital Hygiene Integration:</strong></p>
<ul>
<li>Anonymous accounts for communication services</li>
<li>Privacy protection for communication activities</li>
<li>Footprint minimization for communication metadata</li>
</ul>
<p><strong>Operational Procedures Integration:</strong></p>
<ul>
<li>Communication protocols within cell structures</li>
<li>Meeting security for communication planning</li>
<li>Emergency procedures for communication compromise</li>
</ul>
<h2 id="risk-management-framework">Risk Management Framework</h2>
<p>Part III employs a comprehensive risk management framework that addresses operational security risks:</p>
<h3 id="risk-categories">Risk Categories</h3>
<p><strong>Technical Risks:</strong></p>
<ul>
<li>Device compromise and malware infection</li>
<li>Network monitoring and traffic analysis</li>
<li>Data recovery from disposed devices</li>
<li>Electronic surveillance and tracking</li>
</ul>
<p><strong>Physical Risks:</strong></p>
<ul>
<li>Device theft or seizure</li>
<li>Physical surveillance and tracking</li>
<li>Location compromise and raids</li>
<li>Evidence discovery and analysis</li>
</ul>
<p><strong>Human Risks:</strong></p>
<ul>
<li>Social engineering and manipulation</li>
<li>Infiltration and informant recruitment</li>
<li>Procedural violations and mistakes</li>
<li>Stress and pressure responses</li>
</ul>
<p><strong>Operational Risks:</strong></p>
<ul>
<li>Pattern analysis and behavioral profiling</li>
<li>Timing correlation and activity mapping</li>
<li>Resource allocation and logistics exposure</li>
<li>Emergency response and crisis management</li>
</ul>
<h3 id="risk-mitigation-strategies">Risk Mitigation Strategies</h3>
<p><strong>Preventive Measures:</strong></p>
<ul>
<li>Proactive security measures to prevent compromise</li>
<li>Training and awareness programs</li>
<li>Regular security assessments and updates</li>
<li>Redundant systems and backup procedures</li>
</ul>
<p><strong>Detective Measures:</strong></p>
<ul>
<li>Monitoring and alerting systems</li>
<li>Regular security audits and reviews</li>
<li>Incident detection and analysis</li>
<li>Behavioral anomaly detection</li>
</ul>
<p><strong>Corrective Measures:</strong></p>
<ul>
<li>Incident response and recovery procedures</li>
<li>Damage assessment and containment</li>
<li>System restoration and improvement</li>
<li>Lessons learned and process updates</li>
</ul>
<div class="warning-box">
<div class="warning-title">Operational Security Discipline</div>
<p>Operational security requires consistent discipline and attention to detail. A single procedural violation can compromise an entire operation and endanger all participants. All resistance practitioners must understand and consistently apply operational security principles.</p>
</div>
<h2 id="integration-with-other-parts">Integration with Other Parts</h2>
<p>Part III builds directly on the foundational principles from Part I and the communication systems from Part II:</p>
<ul>
<li><strong>Core Security Principles</strong> provide the theoretical foundation for all operational procedures</li>
<li><strong>Threat Assessment</strong> informs the selection and implementation of operational security measures</li>
<li><strong>Communication Systems</strong> require operational security procedures for secure implementation and use</li>
<li><strong>Advanced Operations</strong> (Part IV) depend on the operational security foundation established in Part III</li>
</ul>
<h2 id="getting-started">Getting Started</h2>
<h3 id="for-new-practitioners">For New Practitioners</h3>
<ol>
<li><strong>Begin with hardware security</strong> to establish a secure operational foundation</li>
<li><strong>Implement basic digital hygiene</strong> practices before engaging in resistance activities</li>
<li><strong>Study operational procedures</strong> thoroughly before participating in resistance operations</li>
<li><strong>Practice all procedures</strong> in safe environments before operational implementation</li>
</ol>
<h3 id="for-experienced-practitioners">For Experienced Practitioners</h3>
<ol>
<li><strong>Assess current operational security</strong> practices against the standards in this part</li>
<li><strong>Identify gaps and vulnerabilities</strong> in existing procedures and practices</li>
<li><strong>Implement improvements systematically</strong> with proper training and support</li>
<li><strong>Establish ongoing assessment</strong> and improvement procedures</li>
</ol>
<h3 id="for-network-leadership">For Network Leadership</h3>
<ol>
<li><strong>Develop comprehensive operational security</strong> policies and procedures</li>
<li><strong>Establish training programs</strong> for all operational security domains</li>
<li><strong>Implement assessment and compliance</strong> monitoring systems</li>
<li><strong>Plan for continuous improvement</strong> and adaptation to evolving threats</li>
</ol>
<div class="info-box">
<div class="info-title">Implementation Priority</div>
<p>Focus first on hardware security (Chapter 6) as the foundation for all other operational security measures. Secure hardware and operating systems are prerequisites for effective digital hygiene and operational procedures.</p>
</div>
<hr />
<p><strong>Ready to begin?</strong> Start with <a href="/chapters/chapter-6/">Chapter 6: Hardware and Infrastructure Security →</a></p>
<nav class="section-nav">
<a href="/chapters/chapter-5/" class="nav-link">
<span class="arrow"></span>
<span>Chapter 5: File Sharing</span>
</a>
<a href="/chapters/chapter-6/" class="nav-link">
<span>Chapter 6: Hardware Security</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/parts/part-4/index.html
+416
View File
@@ -0,0 +1,416 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Part IV: Advanced Resistance Operations - Field Manual for Resistance Operations</title>
<meta name="description" content="Advanced techniques and strategies for experienced resistance networks">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" >Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" class="active">Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="part-iv-advanced-resistance-operations">Part IV: Advanced Resistance Operations</h1>
<h2 id="part-overview">Part Overview</h2>
<p>Part IV covers advanced resistance operations for experienced networks that have mastered the foundational security principles and operational procedures covered in Parts I-III. These advanced techniques require significant operational security expertise and should only be attempted by well-established, security-conscious resistance networks with proven track records.</p>
<p><strong>Advanced operations covered in this part include:</strong></p>
<ul>
<li><strong>Intelligence Gathering and Analysis</strong> - Systematic collection, verification, and analysis of actionable intelligence</li>
<li><strong>Counter-Intelligence Operations</strong> - Detection and neutralization of surveillance and infiltration attempts</li>
<li><strong>Psychological Operations</strong> - Information warfare and narrative influence campaigns</li>
<li><strong>Direct Action Planning</strong> - High-impact operations requiring extensive planning and coordination</li>
<li><strong>Network Expansion and Coordination</strong> - Scaling resistance activities across larger geographic areas</li>
<li><strong>International Coordination</strong> - Cross-border collaboration and resource sharing</li>
</ul>
<h2 id="security-prerequisites">Security Prerequisites</h2>
<p>Before engaging in advanced operations, resistance networks must demonstrate:</p>
<h3 id="operational-security-mastery">Operational Security Mastery</h3>
<ul>
<li>Consistent implementation of all foundational security practices</li>
<li>Zero security incidents or compromises in the past 12 months</li>
<li>Demonstrated proficiency in surveillance detection and counter-surveillance</li>
<li>Secure communication systems with proven reliability</li>
</ul>
<h3 id="organizational-maturity">Organizational Maturity</h3>
<ul>
<li>Stable cell structure with experienced leadership</li>
<li>Established training programs and knowledge transfer systems</li>
<li>Proven ability to maintain operational security under pressure</li>
<li>Effective crisis response and damage control capabilities</li>
</ul>
<h3 id="resource-capabilities">Resource Capabilities</h3>
<ul>
<li>Sufficient human resources for complex operations</li>
<li>Financial resources for advanced equipment and operations</li>
<li>Technical capabilities for sophisticated communication and security systems</li>
<li>Logistical infrastructure for sustained operations</li>
</ul>
<h2 id="risk-assessment-framework">Risk Assessment Framework</h2>
<p>Advanced operations carry significantly higher risks than foundational activities:</p>
<h3 id="increased-surveillance-risk">Increased Surveillance Risk</h3>
<ul>
<li>Advanced operations attract more sophisticated surveillance</li>
<li>State-level resources may be deployed against successful networks</li>
<li>International intelligence sharing may target cross-border activities</li>
<li>Technical surveillance capabilities require advanced countermeasures</li>
</ul>
<h3 id="operational-complexity">Operational Complexity</h3>
<ul>
<li>Multi-stage operations with numerous failure points</li>
<li>Coordination across multiple cells and geographic areas</li>
<li>Integration of diverse skill sets and specialized knowledge</li>
<li>Extended operational timelines increasing exposure windows</li>
</ul>
<h3 id="consequence-severity">Consequence Severity</h3>
<ul>
<li>Legal consequences may include terrorism or national security charges</li>
<li>Physical safety risks increase with operation complexity</li>
<li>Network exposure risks affect larger numbers of participants</li>
<li>International implications may involve multiple jurisdictions</li>
</ul>
<h2 id="chapter-overview">Chapter Overview</h2>
<h3 id="chapter-9-intelligence-gathering-and-analysis">Chapter 9: Intelligence Gathering and Analysis</h3>
<p>Systematic approaches to collecting, verifying, and analyzing actionable intelligence for resistance operations. Covers human intelligence (HUMINT), signals intelligence (SIGINT), open source intelligence (OSINT), and technical intelligence gathering methods.</p>
<h3 id="chapter-10-counter-intelligence-operations">Chapter 10: Counter-Intelligence Operations</h3>
<p>Advanced techniques for detecting, analyzing, and neutralizing surveillance, infiltration, and intelligence gathering operations directed against resistance networks. Includes surveillance detection, infiltration prevention, and active counter-intelligence measures.</p>
<h3 id="chapter-11-psychological-operations">Chapter 11: Psychological Operations</h3>
<p>Information warfare techniques including narrative development, media manipulation, social engineering, and psychological influence campaigns. Covers both defensive measures against propaganda and offensive psychological operations.</p>
<h3 id="chapter-12-direct-action-planning">Chapter 12: Direct Action Planning</h3>
<p>Comprehensive planning methodologies for high-impact resistance operations including target selection, operational planning, risk assessment, execution protocols, and post-operation security procedures.</p>
<h2 id="implementation-guidelines">Implementation Guidelines</h2>
<h3 id="progressive-implementation">Progressive Implementation</h3>
<ul>
<li>Master each chapters techniques before advancing to the next</li>
<li>Conduct extensive training and simulation exercises</li>
<li>Start with lower-risk operations to build experience and confidence</li>
<li>Gradually increase operational complexity as capabilities develop</li>
</ul>
<h3 id="security-integration">Security Integration</h3>
<ul>
<li>Integrate advanced techniques with existing security protocols</li>
<li>Maintain foundational security practices throughout advanced operations</li>
<li>Develop specialized security procedures for each type of advanced operation</li>
<li>Regular security assessment and improvement of advanced capabilities</li>
</ul>
<h3 id="network-coordination">Network Coordination</h3>
<ul>
<li>Establish clear command and control structures for advanced operations</li>
<li>Develop specialized roles and responsibilities for complex operations</li>
<li>Create redundant communication and coordination systems</li>
<li>Plan for operational security during multi-cell coordination</li>
</ul>
<h2 id="training-and-development">Training and Development</h2>
<h3 id="specialized-training-programs">Specialized Training Programs</h3>
<p>Advanced operations require specialized knowledge and skills:</p>
<ul>
<li><strong>Intelligence Analysis Training</strong> - Methods for processing and analyzing collected intelligence</li>
<li><strong>Technical Skills Development</strong> - Advanced technical capabilities for sophisticated operations</li>
<li><strong>Leadership Development</strong> - Command and control skills for complex operations</li>
<li><strong>Crisis Management Training</strong> - Advanced crisis response and damage control capabilities</li>
</ul>
<h3 id="simulation-and-exercise-programs">Simulation and Exercise Programs</h3>
<ul>
<li>Tabletop exercises for complex operational scenarios</li>
<li>Field exercises with realistic opposition and surveillance</li>
<li>Crisis response drills and emergency procedures</li>
<li>Cross-training between different operational specialties</li>
</ul>
<h3 id="knowledge-management">Knowledge Management</h3>
<ul>
<li>Documentation of lessons learned and best practices</li>
<li>Knowledge transfer systems for organizational continuity</li>
<li>Mentoring programs for developing advanced capabilities</li>
<li>Regular assessment and improvement of training programs</li>
</ul>
<h2 id="legal-and-ethical-considerations">Legal and Ethical Considerations</h2>
<h3 id="legal-risk-assessment">Legal Risk Assessment</h3>
<p>Advanced operations may involve activities with severe legal consequences:</p>
<ul>
<li>Comprehensive legal risk assessment for all advanced operations</li>
<li>Understanding of applicable laws and potential charges</li>
<li>Legal support and representation planning</li>
<li>International law considerations for cross-border activities</li>
</ul>
<h3 id="ethical-framework">Ethical Framework</h3>
<p>Resistance networks must maintain ethical standards even in advanced operations:</p>
<ul>
<li>Clear ethical guidelines for all operational activities</li>
<li>Prohibition of activities that harm innocent civilians</li>
<li>Proportionality principles for operational planning</li>
<li>Regular ethical review of operational objectives and methods</li>
</ul>
<h3 id="accountability-measures">Accountability Measures</h3>
<ul>
<li>Clear command responsibility for operational decisions</li>
<li>Documentation and review of operational activities</li>
<li>Accountability mechanisms for ethical violations</li>
<li>Transparency within the network regarding operational activities</li>
</ul>
<hr />
<p><strong>Proceed to:</strong> <a href="/chapters/chapter-9/">Chapter 9: Intelligence Gathering and Analysis →</a></p>
<div class="warning-box">
<div class="warning-title">Advanced Operations Warning</div>
<p>The techniques described in Part IV are intended for experienced resistance networks only. Attempting advanced operations without proper preparation, training, and security infrastructure significantly increases the risk of compromise, arrest, and harm to network participants.</p>
</div>
<nav class="section-nav">
<a href="/chapters/chapter-8/" class="nav-link">
<span class="arrow"></span>
<span>Chapter 8: Operational Procedures</span>
</a>
<a href="/chapters/chapter-9/" class="nav-link">
<span>Chapter 9: Intelligence Gathering</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/preface/index.html
+388
View File
@@ -0,0 +1,388 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Preface - Field Manual for Resistance Operations</title>
<meta name="description" content="Purpose, scope, and guidance for using the Field Manual for Resistance Operations">
<!-- Favicon -->
<link rel="icon" type="image/x-icon" href="/assets/images/favicon.ico">
<!-- Stylesheets -->
<link rel="stylesheet" href="/assets/css/main.css">
<!-- Security headers -->
<meta http-equiv="X-Content-Type-Options" content="nosniff">
<meta http-equiv="X-Frame-Options" content="DENY">
<meta http-equiv="X-XSS-Protection" content="1; mode=block">
<!-- No tracking -->
<meta name="robots" content="noindex, nofollow">
<!-- Matomo
<script>
var _paq = window._paq = window._paq || [];
/* tracker methods like "setCustomDimension" should be called before "trackPageView" */
_paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']);
(function() {
var u="//stats.resist.is/";
_paq.push(['setTrackerUrl', u+'matomo.php']);
_paq.push(['setSiteId', '4']);
var d=document, g=d.createElement('script'), s=d.getElementsByTagName('script')[0];
g.async=true; g.src=u+'matomo.js'; s.parentNode.insertBefore(g,s);
})();
</script>
End Matomo Code -->
</head>
<body>
<header class="header">
<div class="container">
<div class="header-content">
<div class="logo">
<span class="omega">Ω</span>
<span>FM-R1</span>
</div>
<button class="nav-toggle" id="nav-toggle" aria-label="Toggle navigation">
</button>
</div>
</div>
</header>
<div class="main-layout">
<nav class="sidebar" id="sidebar">
<nav class="main-navigation">
<!-- <div class="nav-header">
<div class="nav-subtitle">Field Manual for Resistance Operations</div>
</div>
-->
<div class="nav-sections">
<!-- Front Matter -->
<div class="nav-section">
<h3>Field Manual</h3>
<ul>
<li><a href="/" >Table of Contents</a></li>
<li><a href="/preface/" class="active">Preface</a></li>
<li><a href="/introduction/" >Introduction</a></li>
</ul>
</div>
<!-- Part I: Foundations -->
<div class="nav-section">
<h3>Part I: Foundations</h3>
<ul>
<li>
<a href="/parts/part-1/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-1/" >Ch 1: Core Security Principles</a></li>
<li><a href="/chapters/chapter-2/" >Ch 2: Threat Assessment</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part II: Communication -->
<div class="nav-section">
<h3>Part II: Communication</h3>
<ul>
<li>
<a href="/parts/part-2/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-3/" >Ch 3: Communication Architecture</a></li>
<li><a href="/chapters/chapter-4/" >Ch 4: Secure Messaging</a></li>
<li><a href="/chapters/chapter-5/" >Ch 5: File Sharing</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part III: OpSec -->
<div class="nav-section">
<h3>Part III: OpSec</h3>
<ul>
<li>
<a href="/parts/part-3/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-6/" >Ch 6: Hardware Security</a></li>
<li><a href="/chapters/chapter-7/" >Ch 7: Digital Hygiene</a></li>
<li><a href="/chapters/chapter-8/" >Ch 8: Operational Procedures</a></li>
</ul>
</li>
</ul>
</div>
<!-- Part IV: Advanced -->
<div class="nav-section">
<h3>Part IV: Advanced</h3>
<ul>
<li>
<a href="/parts/part-4/" >Part Overview</a>
<ul>
<li><a href="/chapters/chapter-9/" >Ch 9: Intelligence Gathering</a></li>
<li><a href="/chapters/chapter-10/" >Ch 10: Counter-Intelligence</a></li>
</ul>
</li>
</ul>
</div>
<!-- Appendices
<div class="nav-section">
<h3>Appendices</h3>
<ul>
<li><a href="/appendices/" >Appendices Overview</a></li>
<li><a href="/appendices/appendix-a/" >Appendix A: Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" >Appendix B: Legal Considerations</a></li>
<li><a href="/appendices/appendix-c/" >Appendix C: Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" >Appendix D: Glossary & References</a></li>
</ul>
</div>
-->
<!-- Quick Access -->
<div class="nav-section nav-quick-access">
<h3>Quick Access</h3>
<ul>
<li><a href="/appendices/appendix-a/" class="nav-emergency">Essential Tools</a></li>
<li><a href="/appendices/appendix-b/" class="nav-emergency">Legal Rights</a></li>
<li><a href="/appendices/appendix-c/" class="nav-emergency">Emergency Procedures</a></li>
<li><a href="/appendices/appendix-d/" class="nav-emergency">Glossary & References</a></li>
</ul>
</div>
<!-- External Links -->
<div class="nav-section">
<h3>External Links</h3>
<ul>
<li><a href="https://resist.is" target="_blank">resist.is</a></li>
<li><a href="https://activistchecklist.org" target="_blank">Activist Checklist</a></li>
<li><a href="https://signal.org" target="_blank">Signal</a></li>
<li><a href="https://briarproject.org" target="_blank">Briar</a></li>
<li><a href="https://element.io" target="_blank">Element</a></li>
<li><a href="https://tails.boum.org" target="_blank">Tails OS</a></li>
<li><a href="https://onionshare.org" target="_blank">OnionShare</a></li>
</ul>
</div>
</div>
<!-- Security Notice
<div class="nav-security-notice">
<div class="security-warning">
<strong>OPERATIONAL SECURITY REMINDER</strong><br>
This manual contains sensitive information. Ensure secure handling and storage. Practice compartmentalization and need-to-know principles.
</div>
</div> -->
<!-- Footer -->
<div class="nav-footer">
<div class="manual-info">
<div class="classification">FOR RESISTANCE USE ONLY</div>
<div class="version">Version 1.0 | FM-R1</div>
<div class="date">2025</div>
</div>
</div>
</nav>
</nav>
<main class="content">
<div class="content-header">
<div class="manual-designation">FM-R1: FM-R1: Secure Communication Networks for Decentralized Resistance</div>
<div class="classification">UNCLASSIFIED</div>
</div>
<h1 id="preface">Preface</h1>
<h2 id="purpose">Purpose</h2>
<p>This Field Manual (FM-R1) provides comprehensive guidance for establishing and maintaining secure communication networks within decentralized resistance movements. It is specifically designed for individuals and groups operating under the threat of an authoritarian regime with advanced surveillance capabilities.</p>
<p>The manual combines proven operational security practices, modern cryptographic tools, and time-tested resistance strategies into a comprehensive framework that can be implemented by newcomers to the resistance, but still remaining valuable to experienced dissidents.</p>
<h2 id="scope">Scope</h2>
<p>This manual covers:</p>
<ul>
<li><strong>Core security principles</strong> fundamental to all resistance operations</li>
<li><strong>Threat assessment methodologies</strong> for understanding your operational environment</li>
<li><strong>Multi-layer communication architectures</strong> for different security requirements</li>
<li><strong>Specific tool configurations</strong> for secure messaging, file sharing, and collaboration</li>
<li><strong>Operational security procedures</strong> for maintaining security discipline</li>
<li><strong>Advanced techniques</strong> for network resilience and counter-intelligence</li>
</ul>
<p>This manual does <strong>not</strong> cover:</p>
<ul>
<li>Specific tactical operations or direct action planning</li>
<li>Legal advice or guidance on laws in specific jurisdictions</li>
<li>Physical security beyond basic operational security measures</li>
<li>Weapons, explosives, or other kinetic capabilities</li>
</ul>
<h2 id="target-audience">Target Audience</h2>
<h3 id="primary-audience">Primary Audience</h3>
<ul>
<li><strong>Newcomers to resistance operations</strong> who need foundational knowledge</li>
<li><strong>Cell leaders and coordinators</strong> responsible for communication security</li>
<li><strong>Technical personnel</strong> implementing secure infrastructure</li>
<li><strong>Training coordinators</strong> developing security education programs</li>
</ul>
<h3 id="secondary-audience">Secondary Audience</h3>
<ul>
<li><strong>Experienced activists</strong> seeking to improve their security practices</li>
<li><strong>Journalists and researchers</strong> working in high-risk environments</li>
<li><strong>Civil liberties organizations</strong> operating under surveillance</li>
<li><strong>International solidarity groups</strong> supporting resistance movements</li>
</ul>
<h2 id="how-to-use-this-manual">How to Use This Manual</h2>
<h3 id="for-newcomers">For Newcomers</h3>
<ol>
<li><strong>Start with the fundamentals</strong>: Read the Introduction and Part I completely before proceeding</li>
<li><strong>Follow the progressive structure</strong>: Each chapter builds upon previous knowledge</li>
<li><strong>Practice in safe environments</strong>: Test tools and procedures before operational use</li>
<li><strong>Seek mentorship</strong>: Connect with experienced practitioners through secure channels</li>
<li><strong>Start simple</strong>: Implement basic security measures before advancing to complex systems</li>
</ol>
<h3 id="for-experienced-practitioners">For Experienced Practitioners</h3>
<ul>
<li>Use as a <strong>reference guide</strong> for specific tools and procedures</li>
<li><strong>Adapt recommendations</strong> to your specific threat environment</li>
<li><strong>Contribute improvements</strong> through secure feedback channels</li>
<li><strong>Train others</strong> using this manual as a curriculum foundation</li>
</ul>
<h3 id="for-technical-implementation">For Technical Implementation</h3>
<ul>
<li>Follow <strong>configuration guides</strong> in the appendices exactly</li>
<li><strong>Test all systems</strong> thoroughly before deployment</li>
<li><strong>Maintain operational security</strong> during setup and maintenance</li>
<li><strong>Document customizations</strong> securely for future reference</li>
</ul>
<h2 id="security-considerations-for-this-manual">Security Considerations for This Manual</h2>
<div class="warning-box">
<div class="warning-title">Operational Security Warning</div>
<p>Accessing, storing, or distributing this manual may be considered suspicious activity by hostile authorities. Take appropriate precautions:</p>
<ul>
<li>Access only through Tails OS, Tor Browser, or similar anonymizing tools</li>
<li>Do not store on personal devices connected to your real identity</li>
<li>Share only through secure channels with trusted individuals</li>
<li>Consider the legal implications in your jurisdiction</li>
</ul>
</div>
<h3 id="recommended-access-methods">Recommended Access Methods</h3>
<ol>
<li><strong>Tails OS</strong> - Boot from USB for maximum anonymity</li>
<li><strong>Tor Browser</strong> - Use on a dedicated, clean device</li>
<li><strong>Public Wi-Fi</strong> - Access from locations unconnected to your identity</li>
<li><strong>Printed copies</strong> - For offline reference, dispose of securely when no longer needed</li>
</ol>
<h3 id="distribution-guidelines">Distribution Guidelines</h3>
<ul>
<li>Share only with individuals who have demonstrated commitment to resistance operations</li>
<li>Use secure communication channels (Signal, Briar, OnionShare) for distribution</li>
<li>Verify recipient identity through trusted intermediaries</li>
<li>Consider compartmentalization - not everyone needs access to all sections</li>
</ul>
<h2 id="acknowledgments">Acknowledgments</h2>
<p>This manual builds upon decades of resistance experience and the work of countless individuals who have risked their freedom and lives for justice. Special recognition goes to:</p>
<ul>
<li><strong>Historical resistance movements</strong> whose strategies inform our approach</li>
<li><strong>Digital rights organizations</strong> developing the tools we depend on</li>
<li><strong>Security researchers</strong> who identify vulnerabilities and develop countermeasures</li>
<li><strong>Current practitioners</strong> who provide feedback and real-world testing</li>
</ul>
<h2 id="feedback-and-updates">Feedback and Updates</h2>
<p>This manual is a living document that must evolve with changing threats and technologies. Feedback is essential for maintaining its effectiveness and accuracy.</p>
<h3 id="secure-feedback-channels">Secure Feedback Channels</h3>
<ul>
<li><strong>Matrix</strong>: Contact @sparticus:weresist.is through Element</li>
<li><strong>OnionShare</strong>: Check resist.is for current feedback drop locations</li>
<li><strong>Dead drops</strong>: Physical and digital locations announced through secure channels</li>
</ul>
<h3 id="update-distribution">Update Distribution</h3>
<ul>
<li><strong>Primary source</strong>: git.hacker.supply/Department_of_Internautics/field_guide</li>
<li><strong>Mirror sites</strong>: Announced through resistance networks</li>
<li><strong>Version control</strong>: Each update includes detailed changelog and verification signatures</li>
</ul>
<h2 id="legal-disclaimer">Legal Disclaimer</h2>
<p>This manual is provided for educational purposes only. The authors and distributors:</p>
<ul>
<li>Do not advocate for illegal activities in any jurisdiction</li>
<li>Cannot be held responsible for how this information is used</li>
<li>Recommend consulting legal counsel familiar with your local laws</li>
<li>Emphasize that resistance activities carry inherent legal and physical risks</li>
</ul>
<p>Users are solely responsible for understanding and complying with applicable laws in their jurisdiction and for assessing the risks of their activities.</p>
<hr />
<div class="info-box">
<div class="info-title">Getting Started</div>
<p>Ready to begin? Proceed to the <strong>Introduction</strong> to understand the threat landscape and fundamental security concepts that underpin all resistance operations.</p>
</div>
<p><strong>Next:</strong> <a href="/introduction/">Introduction →</a></p>
<nav class="section-nav">
<div></div>
<a href="/introduction/" class="nav-link">
<span>Introduction</span>
<span class="arrow"></span>
</a>
</nav>
</main>
</div>
<footer class="footer">
<div class="container">
<div class="footer-content">
<div class="organization">Department of Internautics</div>
<div>Bureau of Decentralized Resistance</div>
<div>FM-R1 - Version 1.0 - 2025-08-28</div>
<div style="margin-top: 1rem;">
<a href="https://resist.is" target="_blank">resist.is</a> |
<a href="https://git.hacker.supply/Department_of_Internautics/field_guide" target="_blank">Source Code</a>
</div>
</div>
</div>
</footer>
<!-- JavaScript -->
<script src="/assets/js/main.js"></script>
</body>
</html>
_site/robots.txt
+1
View File
@@ -0,0 +1 @@
Sitemap: https://guide.resist.is/sitemap.xml
_site/sitemap.xml
+88
View File
@@ -0,0 +1,88 @@
<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd" xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://guide.resist.is/appendices/appendices/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/appendices/appendix-a/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/appendices/appendix-b/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/appendices/appendix-c/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/appendices/appendix-d/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-1/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-10/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-2/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-3/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-4/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-5/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-6/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-7/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-8/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/chapters/chapter-9/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/parts/part-1/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/parts/part-2/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/parts/part-3/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/parts/part-4/</loc>
<lastmod>2025-09-29T21:27:52-04:00</lastmod>
</url>
<url>
<loc>https://guide.resist.is/</loc>
</url>
<url>
<loc>https://guide.resist.is/introduction/</loc>
</url>
<url>
<loc>https://guide.resist.is/preface/</loc>
</url>
</urlset>
assets/css/main.scss
+500
View File
@@ -0,0 +1,500 @@
---
---
// Field Guide for Subversives - Main Stylesheet
// Inspired by resist.is design with military field manual structure
// Color scheme (based on resist.is)
$bg-color: #000000;
$text-color: #ffffff;
$accent-green: #00ff00;
$accent-blue: #0066ff;
$accent-red: #ff0000;
$border-color: #333333;
$code-bg: #1a1a1a;
$warning-color: #ffaa00;
// Typography
$font-family-base: 'Courier New', 'Monaco', 'Menlo', monospace;
$font-family-heading: 'Arial', 'Helvetica', sans-serif;
$font-size-base: 16px;
$line-height-base: 1.6;
// Layout
$max-width: 1200px;
$sidebar-width: 300px;
$header-height: 80px;
// Base styles
* {
box-sizing: border-box;
margin: 0;
padding: 0;
}
html {
font-size: $font-size-base;
scroll-behavior: smooth;
}
body {
font-family: $font-family-base;
font-size: $font-size-base;
line-height: $line-height-base;
color: $text-color;
background-color: $bg-color;
min-height: 100vh;
}
// Typography
h1, h2, h3, h4, h5, h6 {
font-family: $font-family-heading;
font-weight: bold;
margin-bottom: 1rem;
line-height: 1.2;
}
h1 {
font-size: 2.5rem;
color: $accent-green;
text-align: center;
margin-bottom: 2rem;
text-transform: uppercase;
letter-spacing: 2px;
}
h2 {
font-size: 2rem;
color: $accent-blue;
border-bottom: 2px solid $accent-blue;
padding-bottom: 0.5rem;
margin-top: 2rem;
margin-bottom: 1.5rem;
}
h3 {
font-size: 1.5rem;
color: $accent-green;
margin-top: 1.5rem;
margin-bottom: 1rem;
}
h4 {
font-size: 1.25rem;
color: $text-color;
margin-top: 1rem;
margin-bottom: 0.75rem;
}
p {
margin-bottom: 1rem;
}
// Links
a {
color: $accent-blue;
text-decoration: none;
transition: color 0.3s ease;
&:hover {
color: $accent-green;
text-decoration: underline;
}
&:visited {
color: lighten($accent-blue, 20%);
}
}
// Lists
ul, ol {
margin-bottom: 1rem;
padding-left: 2rem;
li {
margin-bottom: 0.5rem;
}
}
// Code and preformatted text
code {
background-color: $code-bg;
color: $accent-green;
padding: 0.2rem 0.4rem;
border-radius: 3px;
font-family: $font-family-base;
font-size: 0.9rem;
}
pre {
background-color: $code-bg;
color: $text-color;
padding: 1rem;
border-radius: 5px;
overflow-x: auto;
margin-bottom: 1rem;
border-left: 4px solid $accent-green;
code {
background: none;
padding: 0;
color: inherit;
}
}
// Tables
table {
width: 100%;
border-collapse: collapse;
margin-bottom: 1rem;
background-color: $code-bg;
th, td {
padding: 0.75rem;
text-align: left;
border-bottom: 1px solid $border-color;
}
th {
background-color: $border-color;
color: $accent-green;
font-weight: bold;
}
tr:hover {
background-color: lighten($code-bg, 5%);
}
}
// Layout components
.container {
max-width: $max-width;
margin: 0 auto;
padding: 0 1rem;
}
.header {
background-color: $bg-color;
border-bottom: 2px solid $accent-green;
padding: 1rem 0;
position: sticky;
top: 0;
z-index: 100;
.header-content {
display: flex;
justify-content: space-between;
align-items: center;
}
.logo {
display: flex;
align-items: center;
font-size: 1.5rem;
font-weight: bold;
color: $accent-green;
.omega {
font-size: 2rem;
margin-right: 0.5rem;
}
}
.nav-toggle {
display: none;
background: none;
border: none;
color: $text-color;
font-size: 1.5rem;
cursor: pointer;
}
}
.main-layout {
display: flex;
min-height: calc(100vh - #{$header-height});
}
.sidebar {
width: $sidebar-width;
background-color: lighten($bg-color, 5%);
border-right: 1px solid $border-color;
padding: 2rem 1rem;
overflow-y: auto;
position: sticky;
top: $header-height;
height: calc(100vh - #{$header-height});
.nav-section {
margin-bottom: 2rem;
h3 {
color: $accent-green;
font-size: 1rem;
margin-bottom: 0.5rem;
text-transform: uppercase;
letter-spacing: 1px;
}
ul {
list-style: none;
padding: 0;
li {
margin-bottom: 0.25rem;
a {
display: block;
padding: 0.5rem;
border-radius: 3px;
transition: background-color 0.3s ease;
&:hover {
background-color: $border-color;
text-decoration: none;
}
&.active {
background-color: $accent-blue;
color: $bg-color;
}
}
ul {
margin-left: 1rem;
margin-top: 0.5rem;
a {
font-size: 0.9rem;
color: lighten($text-color, 20%);
}
}
}
}
}
}
.content {
flex: 1;
padding: 2rem;
max-width: calc(100% - #{$sidebar-width});
.content-header {
margin-bottom: 2rem;
padding-bottom: 1rem;
border-bottom: 1px solid $border-color;
.manual-designation {
color: $accent-green;
font-size: 0.9rem;
text-transform: uppercase;
letter-spacing: 1px;
margin-bottom: 0.5rem;
}
.classification {
color: $warning-color;
font-size: 0.8rem;
text-transform: uppercase;
font-weight: bold;
}
}
.section-nav {
display: flex;
justify-content: space-between;
margin-top: 3rem;
padding-top: 2rem;
border-top: 1px solid $border-color;
.nav-link {
display: flex;
align-items: center;
padding: 0.75rem 1.5rem;
background-color: $code-bg;
border: 1px solid $border-color;
border-radius: 5px;
transition: all 0.3s ease;
&:hover {
background-color: $accent-blue;
color: $bg-color;
text-decoration: none;
}
.arrow {
font-size: 1.2rem;
margin: 0 0.5rem;
}
}
}
}
// Special components
.warning-box {
background-color: rgba($warning-color, 0.1);
border-left: 4px solid $warning-color;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
.warning-title {
color: $warning-color;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
}
.info-box {
background-color: rgba($accent-blue, 0.1);
border-left: 4px solid $accent-blue;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
.info-title {
color: $accent-blue;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
}
.success-box {
background-color: rgba($accent-green, 0.1);
border-left: 4px solid $accent-green;
padding: 1rem;
margin: 1rem 0;
border-radius: 0 5px 5px 0;
.success-title {
color: $accent-green;
font-weight: bold;
margin-bottom: 0.5rem;
text-transform: uppercase;
}
}
.do-dont-list {
display: grid;
grid-template-columns: 1fr 1fr;
gap: 1rem;
margin: 1rem 0;
.do-list, .dont-list {
padding: 1rem;
border-radius: 5px;
h4 {
margin-bottom: 0.5rem;
text-transform: uppercase;
}
ul {
margin: 0;
padding-left: 1.5rem;
}
}
.do-list {
background-color: rgba($accent-green, 0.1);
border: 1px solid $accent-green;
h4 {
color: $accent-green;
}
}
.dont-list {
background-color: rgba($accent-red, 0.1);
border: 1px solid $accent-red;
h4 {
color: $accent-red;
}
}
}
// Footer
.footer {
background-color: $border-color;
padding: 2rem 0;
margin-top: 4rem;
text-align: center;
border-top: 2px solid $accent-green;
.footer-content {
color: lighten($text-color, 20%);
font-size: 0.9rem;
.organization {
color: $accent-green;
font-weight: bold;
}
}
}
// Responsive design
@media (max-width: 768px) {
.header {
.nav-toggle {
display: block;
}
}
.main-layout {
flex-direction: column;
}
.sidebar {
width: 100%;
position: static;
height: auto;
display: none;
&.active {
display: block;
}
}
.content {
max-width: 100%;
padding: 1rem;
}
.do-dont-list {
grid-template-columns: 1fr;
}
h1 {
font-size: 2rem;
}
h2 {
font-size: 1.5rem;
}
}
// Print styles
@media print {
body {
background: white;
color: black;
}
.header, .sidebar, .footer, .section-nav {
display: none;
}
.content {
max-width: 100%;
padding: 0;
}
a {
color: black;
text-decoration: underline;
}
}
assets/images/omegablk.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 25 KiB

assets/js/main.js
+166
View File
@@ -0,0 +1,166 @@
// Field Guide for Subversives - Main JavaScript
document.addEventListener('DOMContentLoaded', function() {
// Mobile navigation toggle
const navToggle = document.getElementById('nav-toggle');
const sidebar = document.getElementById('sidebar');
if (navToggle && sidebar) {
navToggle.addEventListener('click', function() {
sidebar.classList.toggle('active');
});
}
// Smooth scrolling for anchor links
const anchorLinks = document.querySelectorAll('a[href^="#"]');
anchorLinks.forEach(link => {
link.addEventListener('click', function(e) {
e.preventDefault();
const target = document.querySelector(this.getAttribute('href'));
if (target) {
target.scrollIntoView({
behavior: 'smooth',
block: 'start'
});
}
});
});
// Add security warning for external links
const externalLinks = document.querySelectorAll('a[href^="http"]:not([href*="' + window.location.hostname + '"])');
externalLinks.forEach(link => {
link.addEventListener('click', function(e) {
if (!confirm('You are about to visit an external site. Ensure you are using secure browsing practices. Continue?')) {
e.preventDefault();
}
});
// Add visual indicator for external links
link.setAttribute('title', 'External link - opens in new tab');
link.setAttribute('target', '_blank');
link.setAttribute('rel', 'noopener noreferrer');
});
// Keyboard navigation
document.addEventListener('keydown', function(e) {
// Alt + Left Arrow: Previous page
if (e.altKey && e.key === 'ArrowLeft') {
const prevLink = document.querySelector('.section-nav .nav-link:first-child');
if (prevLink && prevLink.href) {
window.location.href = prevLink.href;
}
}
// Alt + Right Arrow: Next page
if (e.altKey && e.key === 'ArrowRight') {
const nextLink = document.querySelector('.section-nav .nav-link:last-child');
if (nextLink && nextLink.href) {
window.location.href = nextLink.href;
}
}
// Escape: Close mobile menu
if (e.key === 'Escape' && sidebar && sidebar.classList.contains('active')) {
sidebar.classList.remove('active');
}
});
// Print functionality
function addPrintButton() {
const contentHeader = document.querySelector('.content-header');
if (contentHeader) {
const printButton = document.createElement('button');
printButton.textContent = 'Print Section';
printButton.className = 'print-button';
printButton.style.cssText = `
background: #333;
color: #00ff00;
border: 1px solid #00ff00;
padding: 0.5rem 1rem;
border-radius: 3px;
cursor: pointer;
font-family: inherit;
margin-top: 1rem;
`;
printButton.addEventListener('click', function() {
window.print();
});
contentHeader.appendChild(printButton);
}
}
addPrintButton();
// Security reminder
function showSecurityReminder() {
const reminder = document.createElement('div');
reminder.style.cssText = `
position: fixed;
bottom: 20px;
right: 20px;
background: rgba(255, 170, 0, 0.9);
color: #000;
padding: 1rem;
border-radius: 5px;
max-width: 300px;
font-size: 0.9rem;
z-index: 1000;
display: none;
`;
reminder.innerHTML = `
<strong>Security Reminder:</strong> Ensure you're using Tails OS or a secure browser when accessing this guide.
<button onclick="this.parentElement.style.display='none'" style="float: right; background: none; border: none; font-size: 1.2rem; cursor: pointer;">×</button>
`;
document.body.appendChild(reminder);
// Show reminder after 30 seconds
setTimeout(() => {
reminder.style.display = 'block';
}, 30000);
// Auto-hide after 10 seconds
setTimeout(() => {
reminder.style.display = 'none';
}, 40000);
}
// Only show security reminder on first visit
if (!localStorage.getItem('security_reminder_shown')) {
showSecurityReminder();
localStorage.setItem('security_reminder_shown', 'true');
}
// Add copy-to-clipboard functionality for code blocks
const codeBlocks = document.querySelectorAll('pre code');
codeBlocks.forEach(block => {
const button = document.createElement('button');
button.textContent = 'Copy';
button.className = 'copy-button';
button.style.cssText = `
position: absolute;
top: 0.5rem;
right: 0.5rem;
background: #333;
color: #00ff00;
border: 1px solid #00ff00;
padding: 0.25rem 0.5rem;
border-radius: 3px;
cursor: pointer;
font-size: 0.8rem;
`;
const pre = block.parentElement;
pre.style.position = 'relative';
pre.appendChild(button);
button.addEventListener('click', function() {
navigator.clipboard.writeText(block.textContent).then(() => {
button.textContent = 'Copied!';
setTimeout(() => {
button.textContent = 'Copy';
}, 2000);
});
});
});
});
index.md
+135
View File
@@ -0,0 +1,135 @@
---
layout: default
title: "Table of Contents"
description: "Field Manual for Resistance Operations - A comprehensive guide to secure communication and operational security for decentralized resistance movements"
---
# {{ site.title }}
<div class="manual-designation" style="text-align: center; margin-bottom: 2rem;">
<div style="font-size: 1.2rem; color: #00ff00;">{{ site.manual_designation }}</div>
<div style="font-size: 1rem; color: #ffffff;">{{ site.subtitle }}</div>
<div style="font-size: 0.9rem; color: #0066ff; margin-top: 1rem;">{{ site.organization }}</div>
<div style="font-size: 0.9rem; color: #0066ff;">{{ site.bureau }}</div>
<div style="font-size: 0.8rem; color: #ffaa00; margin-top: 1rem;">{{ site.classification }}</div>
<div style="font-size: 0.8rem; color: #ffffff;">Version {{ site.version }} - {{ site.date }}</div>
</div>
---
## Table of Contents
### Front Matter
- **[Preface](/preface/)** - Purpose, scope, and how to use this manual
- **[Introduction](/introduction/)** - Threat landscape and security fundamentals
### Part I: Foundations of Resistance Security
- **[Part I Overview](/parts/part-1/)** - Core principles and threat assessment
- **[Chapter 1: Core Security Principles](/chapters/chapter-1/)** (1-1 to 1-5)
- 1-1: Principle of Least Privilege
- 1-2: Need-to-Know Basis
- 1-3: Compartmentalization and Cell Structure
- 1-4: Zero Trust Verification
- 1-5: Metadata Minimization
- **[Chapter 2: Threat Assessment and Operational Environment](/chapters/chapter-2/)** (2-1 to 2-4)
- 2-1: Understanding Your Adversary
- 2-2: Threat Model Development
- 2-3: Risk Assessment Framework
- 2-4: Operational Security (OpSec) Fundamentals
### Part II: Secure Communication Systems
- **[Part II Overview](/parts/part-2/)** - Multi-layer communication architecture
- **[Chapter 3: Communication Layer Architecture](/chapters/chapter-3/)** (3-1 to 3-6)
- 3-1: Multi-Layer Communication Strategy
- 3-2: High-Risk Real-Time Communication (Layer 1)
- 3-3: Secure Collaboration Systems (Layer 2)
- 3-4: Failsafe and Offline Methods (Layer 3)
- 3-5: Anonymous Broadcasting (Layer 4)
- 3-6: Communication Protocol Selection
- **[Chapter 4: Secure Messaging and Voice Communications](/chapters/chapter-4/)** (4-1 to 4-8)
- 4-1: Session Messenger Configuration
- 4-2: Element/Matrix Self-Hosted Setup
- 4-3: Briar Peer-to-Peer Messaging
- 4-4: Signal Security Best Practices
- 4-5: Voice Communication Security
- 4-6: Group Communication Management
- 4-7: Message Verification and Authentication
- 4-8: Communication Scheduling and Protocols
- **[Chapter 5: File Sharing and Collaboration](/chapters/chapter-5/)** (5-1 to 5-6)
- 5-1: CryptPad Secure Document Collaboration
- 5-2: OnionShare Anonymous File Transfer
- 5-3: Encrypted Cloud Storage (Mega/Proton)
- 5-4: Digital Dead Drops
- 5-5: Version Control for Sensitive Documents
- 5-6: Collaborative Security Protocols
### Part III: Operational Security Procedures
- **[Part III Overview](/parts/part-3/)** - Hardware, digital hygiene, and operational procedures
- **[Chapter 6: Hardware and Infrastructure Security](/chapters/chapter-6/)** (6-1 to 6-8)
- 6-1: Untraceable Hardware Acquisition
- 6-2: Tails OS Installation and Configuration
- 6-3: Device Compartmentalization
- 6-4: Physical Security Measures
- 6-5: Network Access Security
- 6-6: Hardware Disposal and Sanitization
- 6-7: Faraday Cage and Signal Blocking
- 6-8: Power and Charging Security
- **[Chapter 7: Digital Hygiene and Privacy](/chapters/chapter-7/)** (7-1 to 7-6)
- 7-1: Browser Security Configuration
- 7-2: Search Engine Privacy
- 7-3: VPN and Tor Usage
- 7-4: Social Media Operational Security
- 7-5: Email Security and Anonymous Accounts
- 7-6: Digital Footprint Minimization
- **[Chapter 8: Operational Procedures](/chapters/chapter-8/)** (8-1 to 8-8)
- 8-1: Cell Organization and Management
- 8-2: Meeting Security Protocols
- 8-3: Coded Language and Communication
- 8-4: Surveillance Detection and Evasion
- 8-5: Emergency Procedures and Protocols
- 8-6: Information Sanitization
- 8-7: Operational Planning Security
- 8-8: Post-Operation Security Review
### Part IV: Advanced Resistance Operations
- **[Part IV Overview](/parts/part-4/)** - Network resilience and counter-intelligence
- **[Chapter 9: Network Resilience and Redundancy](/chapters/chapter-9/)** (9-1 to 9-5)
- 9-1: Mesh Network Implementation
- 9-2: Offline Communication Systems
- 9-3: Emergency Communication Protocols
- 9-4: Network Failure Recovery
- 9-5: Distributed Infrastructure Planning
- **[Chapter 10: Counter-Intelligence and Security Culture](/chapters/chapter-10/)** (10-1 to 10-6)
- 10-1: Infiltration Detection and Prevention
- 10-2: Information Verification Procedures
- 10-3: Security Culture Development
- 10-4: Compartmentalized Knowledge Management
- 10-5: Trust Networks and Verification
- 10-6: Operational Security Training
### Appendices
- **[Appendix A: Quick Reference Guides](/appendices/)** - Emergency checklists and procedures
- **[Appendix B: Tool Configuration Guides](/appendices/tools/)** - Step-by-step setup instructions
- **[Appendix C: External Resources and Links](/appendices/resources/)** - Recommended tools and organizations
- **[Appendix D: Glossary of Terms](/appendices/glossary/)** - Definitions and terminology
---
<div class="warning-box">
<div class="warning-title">Security Notice</div>
<p>This manual contains sensitive information about resistance operations and security practices. Ensure you are accessing this content through secure channels (Tails OS, Tor Browser, or other anonymizing tools) and following proper operational security protocols.</p>
</div>
<div class="info-box">
<div class="info-title">For Newcomers</div>
<p>If you are new to resistance operations, start with the <strong>Preface</strong> and <strong>Introduction</strong>, then proceed through <strong>Part I: Foundations</strong> before advancing to more technical sections. Each chapter builds upon previous knowledge.</p>
</div>
---
**Distribution:** This manual is designed for decentralized distribution through secure channels. Share responsibly and only with trusted individuals who have a legitimate need for this information.
**Updates:** This manual will be updated regularly as new threats emerge and technologies evolve. Check the source repository for the latest version.
**Support:** For questions or contributions, contact the Bureau of Decentralized Resistance through secure channels only.
introduction.md
+196
View File
@@ -0,0 +1,196 @@
---
layout: default
title: "Introduction"
description: "Threat landscape overview and fundamental security concepts for resistance operations"
prev_page:
title: "Preface"
url: "/preface/"
next_page:
title: "Part I: Foundations"
url: "/parts/part-1/"
---
# Introduction
## The Modern Resistance Environment
Resistance movements in the 21st century face unprecedented challenges. Unlike historical resistance operations that primarily contended with human intelligence networks and physical surveillance, modern movements must operate within a digital panopticon of mass surveillance, algorithmic analysis, and predictive policing.
The scenario addressed in this manual—resistance against a technologically advanced authoritarian regime—represents the ultimate stress test for operational security. The adversary possesses:
- **Total spectrum surveillance** across digital communications
- **Massive data processing capabilities** for pattern recognition and network analysis
- **Legal and extralegal powers** to compel cooperation from technology companies
- **Advanced persistent threat capabilities** for targeted device compromise
- **Extensive human intelligence networks** including informants and infiltrators
### The Digital Battlefield
Every digital action creates metadata that can be analyzed to reveal:
- **Communication patterns** - who talks to whom, when, and how frequently
- **Location data** - movement patterns and association networks
- **Behavioral profiles** - interests, habits, and predictive models
- **Social graphs** - relationship mapping and influence networks
- **Operational indicators** - planning cycles and activity patterns
<div class="warning-box">
<div class="warning-title">Critical Understanding</div>
<p>The most dangerous misconception in modern resistance is believing that encryption alone provides security. While encryption protects content, metadata analysis can reveal operational structures, timing, and relationships even when communications are encrypted.</p>
</div>
## Fundamental Security Concepts
### Defense in Depth
No single security measure is sufficient. Effective resistance security requires multiple overlapping layers:
1. **Technical measures** - Encryption, anonymization, secure hardware
2. **Operational procedures** - Compartmentalization, communication protocols, meeting security
3. **Human factors** - Training, security culture, psychological resilience
4. **Physical security** - Safe houses, surveillance detection, document security
### Threat Modeling
Before implementing any security measures, you must understand:
**Assets** - What are you protecting?
- Lives and freedom of participants
- Operational plans and intelligence
- Communication networks and infrastructure
- Financial resources and supplies
**Adversaries** - Who are you protecting against?
- State security services and law enforcement
- Private intelligence contractors
- Informants and infiltrators
- Hostile political organizations
**Capabilities** - What can your adversaries do?
- Technical surveillance and cyber operations
- Physical surveillance and infiltration
- Legal powers and extrajudicial actions
- Resource advantages and institutional support
**Consequences** - What happens if security fails?
- Arrest, prosecution, and imprisonment
- Physical harm or assassination
- Network compromise and operational failure
- Broader movement suppression
### The Security-Usability Balance
Perfect security is incompatible with operational effectiveness. Every security measure introduces complexity, reduces convenience, and creates potential failure points. The art of resistance security lies in finding the optimal balance between:
- **Security requirements** based on threat assessment
- **Operational needs** for communication and coordination
- **Human limitations** in following complex procedures
- **Resource constraints** in time, money, and technical expertise
## Core Principles for Resistance Operations
### 1. Assume Compromise
Operate under the assumption that some level of compromise is inevitable:
- Design systems that remain functional even if partially compromised
- Limit the damage any single compromise can cause
- Plan for detection and response to security breaches
- Maintain operational capability under surveillance
### 2. Minimize Attack Surface
Reduce the number of ways you can be compromised:
- Use the minimum number of tools and platforms necessary
- Limit the amount of sensitive data stored or transmitted
- Reduce the number of people with access to critical information
- Eliminate unnecessary digital and physical traces
### 3. Compartmentalization
Organize information and access on a need-to-know basis:
- Structure operations in independent cells
- Limit cross-cell knowledge and communication
- Use different tools and identities for different purposes
- Prevent single points of failure from compromising entire networks
### 4. Operational Discipline
Maintain consistent security practices:
- Follow established procedures even when inconvenient
- Resist the temptation to take shortcuts under pressure
- Regularly review and update security practices
- Train all participants in proper security procedures
### 5. Continuous Adaptation
Security is not a destination but an ongoing process:
- Monitor for new threats and vulnerabilities
- Update tools and procedures as technology evolves
- Learn from security incidents and near-misses
- Share knowledge and best practices across the movement
## The Human Element
Technology can only provide the foundation for security—human behavior determines whether that foundation holds. The most sophisticated technical measures are worthless if participants:
- Use personal devices for resistance activities
- Discuss sensitive matters in insecure environments
- Fail to follow established communication protocols
- Compromise operational security for convenience
### Building Security Culture
Effective resistance security requires developing a culture where:
- Security consciousness becomes second nature
- Participants understand the reasoning behind security measures
- Peer accountability reinforces proper procedures
- Security education is ongoing and practical
- Mistakes are treated as learning opportunities rather than failures
## Scope of This Manual
This manual provides practical guidance for implementing the security concepts outlined above. It is organized to support both learning and reference use:
**Part I: Foundations** establishes the theoretical framework and threat assessment methodologies that inform all subsequent technical recommendations.
**Part II: Communication Systems** provides detailed guidance for implementing secure communication networks using proven tools and techniques.
**Part III: Operational Security** covers the human and procedural elements necessary to maintain security in practice.
**Part IV: Advanced Operations** addresses specialized topics for mature resistance networks operating under extreme threat conditions.
**Appendices** provide quick reference materials, detailed configuration guides, and external resources for continued learning.
## Getting Started
The journey from security novice to competent resistance operator requires patience, practice, and mentorship. This manual provides the roadmap, but you must walk the path:
1. **Master the fundamentals** before attempting advanced techniques
2. **Practice in safe environments** before operational deployment
3. **Seek guidance** from experienced practitioners
4. **Start with basic security measures** and gradually increase complexity
5. **Maintain operational security** throughout your learning process
<div class="info-box">
<div class="info-title">Learning Path</div>
<p>New practitioners should follow this sequence:</p>
<ol>
<li><strong>Part I</strong> - Understand core principles and threat assessment</li>
<li><strong>Chapter 6</strong> - Set up secure hardware and Tails OS</li>
<li><strong>Chapter 4</strong> - Configure basic secure messaging</li>
<li><strong>Chapter 7</strong> - Implement digital hygiene practices</li>
<li><strong>Remaining chapters</strong> - Add capabilities as needed</li>
</ol>
</div>
## A Note on Courage
Resistance requires courage—not the absence of fear, but action in spite of fear. The security measures in this manual cannot eliminate risk; they can only manage it. Every person who chooses resistance accepts some level of danger in service of a greater cause.
This manual honors that courage by providing the best possible guidance for staying safe while fighting for justice. Use it wisely, share it responsibly, and remember that your security protects not just yourself, but everyone who depends on you.
---
**The stakes are high. The tools are available. The choice is yours.**
**Next:** [Part I: Foundations of Resistance Security →](/parts/part-1/)
preface.md
+138
View File
@@ -0,0 +1,138 @@
---
layout: default
title: "Preface"
description: "Purpose, scope, and guidance for using the Field Manual for Resistance Operations"
next_page:
title: "Introduction"
url: "/introduction/"
---
# Preface
## Purpose
This Field Manual (FM-R1) provides comprehensive guidance for establishing and maintaining secure communication networks within decentralized resistance movements. It is specifically designed for individuals and groups operating under the threat of an authoritarian regime with advanced surveillance capabilities.
The manual combines proven operational security practices, modern cryptographic tools, and time-tested resistance strategies into a comprehensive framework that can be implemented by newcomers to the resistance, but still remaining valuable to experienced dissidents.
## Scope
This manual covers:
- **Core security principles** fundamental to all resistance operations
- **Threat assessment methodologies** for understanding your operational environment
- **Multi-layer communication architectures** for different security requirements
- **Specific tool configurations** for secure messaging, file sharing, and collaboration
- **Operational security procedures** for maintaining security discipline
- **Advanced techniques** for network resilience and counter-intelligence
This manual does **not** cover:
- Specific tactical operations or direct action planning
- Legal advice or guidance on laws in specific jurisdictions
- Physical security beyond basic operational security measures
- Weapons, explosives, or other kinetic capabilities
## Target Audience
### Primary Audience
- **Newcomers to resistance operations** who need foundational knowledge
- **Cell leaders and coordinators** responsible for communication security
- **Technical personnel** implementing secure infrastructure
- **Training coordinators** developing security education programs
### Secondary Audience
- **Experienced activists** seeking to improve their security practices
- **Journalists and researchers** working in high-risk environments
- **Civil liberties organizations** operating under surveillance
- **International solidarity groups** supporting resistance movements
## How to Use This Manual
### For Newcomers
1. **Start with the fundamentals**: Read the Introduction and Part I completely before proceeding
2. **Follow the progressive structure**: Each chapter builds upon previous knowledge
3. **Practice in safe environments**: Test tools and procedures before operational use
4. **Seek mentorship**: Connect with experienced practitioners through secure channels
5. **Start simple**: Implement basic security measures before advancing to complex systems
### For Experienced Practitioners
- Use as a **reference guide** for specific tools and procedures
- **Adapt recommendations** to your specific threat environment
- **Contribute improvements** through secure feedback channels
- **Train others** using this manual as a curriculum foundation
### For Technical Implementation
- Follow **configuration guides** in the appendices exactly
- **Test all systems** thoroughly before deployment
- **Maintain operational security** during setup and maintenance
- **Document customizations** securely for future reference
## Security Considerations for This Manual
<div class="warning-box">
<div class="warning-title">Operational Security Warning</div>
<p>Accessing, storing, or distributing this manual may be considered suspicious activity by hostile authorities. Take appropriate precautions:</p>
<ul>
<li>Access only through Tails OS, Tor Browser, or similar anonymizing tools</li>
<li>Do not store on personal devices connected to your real identity</li>
<li>Share only through secure channels with trusted individuals</li>
<li>Consider the legal implications in your jurisdiction</li>
</ul>
</div>
### Recommended Access Methods
1. **Tails OS** - Boot from USB for maximum anonymity
2. **Tor Browser** - Use on a dedicated, clean device
3. **Public Wi-Fi** - Access from locations unconnected to your identity
4. **Printed copies** - For offline reference, dispose of securely when no longer needed
### Distribution Guidelines
- Share only with individuals who have demonstrated commitment to resistance operations
- Use secure communication channels (Signal, Briar, OnionShare) for distribution
- Verify recipient identity through trusted intermediaries
- Consider compartmentalization - not everyone needs access to all sections
## Acknowledgments
This manual builds upon decades of resistance experience and the work of countless individuals who have risked their freedom and lives for justice. Special recognition goes to:
- **Historical resistance movements** whose strategies inform our approach
- **Digital rights organizations** developing the tools we depend on
- **Security researchers** who identify vulnerabilities and develop countermeasures
- **Current practitioners** who provide feedback and real-world testing
## Feedback and Updates
This manual is a living document that must evolve with changing threats and technologies. Feedback is essential for maintaining its effectiveness and accuracy.
### Secure Feedback Channels
- **Matrix**: Contact @sparticus:weresist.is through Element
- **OnionShare**: Check resist.is for current feedback drop locations
- **Dead drops**: Physical and digital locations announced through secure channels
### Update Distribution
- **Primary source**: git.hacker.supply/Department_of_Internautics/field_guide
- **Mirror sites**: Announced through resistance networks
- **Version control**: Each update includes detailed changelog and verification signatures
## Legal Disclaimer
This manual is provided for educational purposes only. The authors and distributors:
- Do not advocate for illegal activities in any jurisdiction
- Cannot be held responsible for how this information is used
- Recommend consulting legal counsel familiar with your local laws
- Emphasize that resistance activities carry inherent legal and physical risks
Users are solely responsible for understanding and complying with applicable laws in their jurisdiction and for assessing the risks of their activities.
---
<div class="info-box">
<div class="info-title">Getting Started</div>
<p>Ready to begin? Proceed to the <strong>Introduction</strong> to understand the threat landscape and fundamental security concepts that underpin all resistance operations.</p>
</div>
**Next:** [Introduction →](/introduction/)