Department_of_Internautics/field_guide
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
16472e09df
field_guide/_appendices/appendix-d.md
Sparticus 3fb8d6e9eb Adding Part 4 draft
2025-08-29 13:18:53 -04:00

617 lines
22 KiB
Markdown
Raw Blame History

---
layout: default
title: "Appendix D: Glossary and References"
description: "Comprehensive glossary of terms and reference materials"
appendix: "D"
prev_page:
title: "Appendix C: Emergency Procedures"
url: "/appendices/appendix-c/"
---
# Appendix D: Glossary and References
## Overview
This appendix provides a comprehensive glossary of terms used throughout the field guide, along with references to additional resources, organizations, and materials for further study and operational support.
---
## D.1 Glossary of Terms
### A
**Access Control**
: Security measures that restrict access to resources, systems, or information based on user identity and authorization levels.
**Adversary**
: Any individual, group, or organization that poses a threat to resistance operations or personnel.
**Air Gap**
: Physical separation between computer systems or networks to prevent unauthorized data transfer.
**Anonymity**
: The state of being unidentifiable within a set of subjects, providing protection against identification.
**Authentication**
: The process of verifying the identity of a user, device, or system before granting access to resources.
### B
**Backdoor**
: A hidden method of bypassing normal authentication or security controls in a computer system.
**Burner Device**
: A temporary communication device used for specific operations and then discarded to maintain security.
**Burner Identity**
: A temporary or false identity used for specific operations to protect real identity.
### C
**Cell Structure**
: Organizational method using small, independent groups to limit exposure and damage from compromise.
**Cipher**
: An algorithm for performing encryption or decryption of data.
**Clearnet**
: The publicly accessible internet, as opposed to darknets or private networks.
**Compartmentalization**
: Security practice of limiting access to information based on need-to-know principles.
**Compromise**
: The unauthorized disclosure of sensitive information or the loss of security integrity.
**Counter-Intelligence**
: Activities designed to prevent or thwart espionage, intelligence gathering, or sabotage by adversaries.
**Counter-Surveillance**
: Techniques and activities designed to detect, evade, or neutralize surveillance operations.
**Cover Story**
: A false but plausible explanation for activities, presence, or identity used to maintain operational security.
**Cryptography**
: The practice and study of techniques for secure communication in the presence of adversaries.
### D
**Dark Web**
: Encrypted online content that requires specific software, configurations, or authorization to access.
**Dead Drop**
: A method of espionage tradecraft used to pass items or information between two individuals without requiring them to meet directly.
**Deniability**
: The ability to deny involvement in or knowledge of particular activities or information.
**Digital Footprint**
: The trail of data created by online activities and digital interactions.
**Disinformation**
: False information deliberately spread to deceive or mislead.
### E
**Encryption**
: The process of converting information into a code to prevent unauthorized access.
**End-to-End Encryption (E2E)**
: A system of communication where only the communicating users can read the messages.
**Exfiltration**
: The unauthorized transfer of data from a computer or network.
### F
**False Flag**
: An operation designed to deceive by making it appear as though it was carried out by another party.
**Firewall**
: A network security system that monitors and controls incoming and outgoing network traffic.
**Forward Secrecy**
: A feature of specific key agreement protocols that ensures session keys will not be compromised even if private keys are compromised.
### G
**Gray Literature**
: Information produced outside traditional commercial or academic publishing channels.
### H
**Honeypot**
: A computer security mechanism set to detect, deflect, or counteract unauthorized use of information systems.
**HUMINT**
: Human Intelligence - intelligence gathered by means of interpersonal contact.
### I
**Identity Management**
: The security and business discipline that enables the right individuals to access the right resources at the right times.
**Infiltration**
: The practice of entering an organization or group covertly to gather intelligence or influence operations.
**Information Security (InfoSec)**
: The practice of protecting information by mitigating information risks.
### J
**Jail Support**
: Organized assistance provided to individuals who have been arrested, including legal, financial, and emotional support.
### K
**Key Management**
: The management of cryptographic keys in a cryptosystem, including generation, exchange, storage, use, and replacement.
### L
**Legal Observer**
: Trained volunteers who attend public demonstrations to monitor and document police behavior and potential civil rights violations.
**Livestreaming**
: Real-time broadcasting of video content over the internet.
### M
**Malware**
: Software designed to disrupt, damage, or gain unauthorized access to computer systems.
**Metadata**
: Data that provides information about other data, such as when a file was created or modified.
**Multi-Factor Authentication (MFA)**
: A security system that requires more than one method of authentication to verify user identity.
### N
**Network Security**
: Policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network.
**Need-to-Know**
: Security principle that restricts access to information to only those individuals who require it to perform their duties.
### O
**Operational Security (OPSEC)**
: A process that identifies critical information and analyzes friendly actions to determine if they can be observed by adversaries.
**OSINT**
: Open Source Intelligence - intelligence collected from publicly available sources.
### P
**Penetration Testing**
: Authorized simulated cyberattack on a computer system to evaluate security.
**Phishing**
: Fraudulent attempt to obtain sensitive information by disguising as a trustworthy entity in electronic communication.
**Privacy**
: The right to be free from intrusion or interference in one's personal life and affairs.
**Pseudonym**
: A fictitious name used to conceal identity.
### Q
**Quarantine**
: Isolation of potentially compromised systems or information to prevent spread of security threats.
### R
**Risk Assessment**
: The identification and analysis of relevant risks to achieving objectives.
**Root Access**
: Administrative access to a computer system that allows complete control over the system.
### S
**Safe House**
: A secure location used for meetings, storage, or temporary shelter during operations.
**Security Culture**
: Shared practices, attitudes, and norms that prioritize security in all activities and communications.
**SIGINT**
: Signals Intelligence - intelligence derived from electronic signals and systems.
**Social Engineering**
: Psychological manipulation of people to perform actions or divulge confidential information.
**Steganography**
: The practice of concealing information within other non-secret text or data.
**Surveillance**
: Close observation of a person or group, especially one under suspicion.
### T
**Threat Model**
: A structured representation of all the information that affects the security of an application or system.
**Tor**
: Free and open-source software for enabling anonymous communication by directing internet traffic through a worldwide volunteer overlay network.
**Two-Factor Authentication (2FA)**
: Security process in which users provide two different authentication factors to verify themselves.
### U
**User Access Control**
: Security technique that regulates who or what can view or use resources in a computing environment.
### V
**Virtual Private Network (VPN)**
: Encrypted connection over the internet from a device to a network to ensure private data transmission.
**Vulnerability**
: A weakness in a system that can be exploited by threats to gain unauthorized access or perform unauthorized actions.
### W
**Whistleblowing**
: The activity of a person who exposes information or activity that is deemed illegal, unethical, or not correct within an organization.
### Z
**Zero-Day**
: A computer software vulnerability that is unknown to those who should be interested in mitigating the vulnerability.
**Zero-Knowledge**
: A method by which one party can prove to another party that they know a value without conveying any information apart from the fact that they know the value.
---
## D.2 Essential References and Resources
### Security and Privacy Guides
#### Digital Security Resources
- **Surveillance Self-Defense (EFF)**: [ssd.eff.org](https://ssd.eff.org)
- Comprehensive digital security guide for activists and journalists
- Threat modeling, secure communications, device security
- **Security Education Companion**: [securityeducationcompanion.org](https://securityeducationcompanion.org)
- Digital security training curricula and resources
- Trainer guides and participant materials
- **Level Up**: [level-up.cc](https://level-up.cc)
- Holistic security training resources for civil society
- Trauma-informed security training approaches
- **Tactical Technology Collective**: [tacticaltech.org](https://tacticaltech.org)
- Digital security and privacy tools for activists
- Research on surveillance and digital rights
#### Privacy and Anonymity Guides
- **Tor Project Documentation**: [tb-manual.torproject.org](https://tb-manual.torproject.org)
- Official Tor Browser user manual and security guidance
- Anonymity and privacy protection techniques
- **Tails Documentation**: [tails.boum.org/doc](https://tails.boum.org/doc)
- Comprehensive guide to using Tails operating system
- Amnesic and anonymous computing practices
- **Privacy International**: [privacyinternational.org](https://privacyinternational.org)
- Global privacy rights advocacy and research
- Surveillance technology analysis and countermeasures
### Legal Resources
#### Know Your Rights
- **ACLU Know Your Rights**: [aclu.org/know-your-rights](https://aclu.org/know-your-rights)
- Constitutional rights during police encounters
- Protest rights and legal protections
- **National Lawyers Guild Legal Observer Manual**: [nlg.org](https://nlg.org)
- Legal observer training and procedures
- Protest law and civil rights documentation
- **Electronic Frontier Foundation**: [eff.org](https://eff.org)
- Digital rights and privacy law resources
- Legal guides for technology users and activists
#### Legal Support Organizations
- **Center for Constitutional Rights**: [ccrjustice.org](https://ccrjustice.org)
- Civil rights litigation and advocacy
- Legal support for social justice movements
- **National Police Accountability Project**: [nlg-npap.org](https://nlg-npap.org)
- Police misconduct litigation and advocacy
- Legal resources for police accountability
### Technical Resources
#### Cryptography and Security
- **Applied Cryptography by Bruce Schneier**
- Comprehensive guide to cryptographic protocols and algorithms
- Practical cryptography implementation guidance
- **The Codebreakers by David Kahn**
- Historical perspective on cryptography and codebreaking
- Understanding cryptographic principles and applications
- **Computer Security: Art and Science by Matt Bishop**
- Academic treatment of computer security principles
- Comprehensive security theory and practice
#### Network Security
- **Wireshark Documentation**: [wireshark.org/docs](https://wireshark.org/docs)
- Network protocol analysis and security monitoring
- Traffic analysis and network security assessment
- **Nmap Documentation**: [nmap.org/docs.html](https://nmap.org/docs.html)
- Network discovery and security auditing
- Network mapping and vulnerability assessment
### Operational Security Resources
#### Intelligence and Surveillance
- **The Art of Intelligence by Henry A. Crumpton**
- Intelligence operations and analysis principles
- Understanding intelligence collection and analysis
- **Surveillance Countermeasures by Peter Jenkins**
- Practical surveillance detection and evasion techniques
- Counter-surveillance operations and procedures
#### Resistance and Activism
- **Rules for Radicals by Saul Alinsky**
- Community organizing and activism strategies
- Tactical approaches to social change
- **The Activist's Handbook by Randy Shaw**
- Practical guide to effective activism and organizing
- Campaign strategy and tactical planning
### Historical References
#### Resistance Movements
- **The Resistance by Matthew Cobb**
- French Resistance during World War II
- Organizational structures and operational security
- **A Force More Powerful by Peter Ackerman and Jack DuVall**
- Nonviolent resistance movements throughout history
- Strategic nonviolent action and civil resistance
#### Intelligence History
- **Legacy of Ashes by Tim Weiner**
- History of the CIA and intelligence operations
- Understanding intelligence capabilities and limitations
- **The Puzzle Palace by James Bamford**
- History and operations of the National Security Agency
- Electronic surveillance and signals intelligence
### Technical Manuals and Standards
#### Security Standards
- **NIST Cybersecurity Framework**: [nist.gov/cyberframework](https://nist.gov/cyberframework)
- Cybersecurity risk management framework
- Security controls and implementation guidance
- **ISO 27001/27002 Information Security Standards**
- International information security management standards
- Security controls and risk management frameworks
#### Cryptographic Standards
- **FIPS 140-2 Security Requirements for Cryptographic Modules**
- Federal standard for cryptographic module security
- Hardware and software security requirements
- **RFC Cryptographic Standards**: [tools.ietf.org/rfc](https://tools.ietf.org/rfc)
- Internet Engineering Task Force cryptographic protocols
- Standard cryptographic algorithms and implementations
---
## D.3 Organizations and Networks
### Digital Rights Organizations
#### International Organizations
- **Electronic Frontier Foundation (EFF)**: [eff.org](https://eff.org)
- Digital rights advocacy and legal support
- Privacy tools and digital security resources
- **Privacy International**: [privacyinternational.org](https://privacyinternational.org)
- Global privacy rights advocacy and research
- Surveillance technology analysis and policy advocacy
- **Access Now**: [accessnow.org](https://accessnow.org)
- Digital rights advocacy and emergency support
- Digital security helpline and rapid response
- **Article 19**: [article19.org](https://article19.org)
- Freedom of expression and information advocacy
- Digital rights and online freedom of expression
#### Regional Organizations
- **European Digital Rights (EDRi)**: [edri.org](https://edri.org)
- European digital rights advocacy network
- Privacy and digital rights policy advocacy
- **Derechos Digitales**: [derechosdigitales.org](https://derechosdigitales.org)
- Latin American digital rights advocacy
- Privacy and surveillance policy research
### Legal Support Organizations
#### Civil Rights Organizations
- **American Civil Liberties Union (ACLU)**: [aclu.org](https://aclu.org)
- Constitutional rights advocacy and litigation
- Know your rights resources and legal support
- **Center for Constitutional Rights**: [ccrjustice.org](https://ccrjustice.org)
- Civil rights litigation and advocacy
- Legal support for social justice movements
- **National Lawyers Guild**: [nlg.org](https://nlg.org)
- Legal support for activists and protesters
- Legal observer training and jail support
#### International Legal Support
- **Amnesty International**: [amnesty.org](https://amnesty.org)
- Human rights advocacy and legal support
- International human rights monitoring and advocacy
- **Human Rights Watch**: [hrw.org](https://hrw.org)
- Human rights research and advocacy
- International human rights monitoring and reporting
### Security and Privacy Organizations
#### Security Research Organizations
- **Citizen Lab**: [citizenlab.ca](https://citizenlab.ca)
- Digital surveillance and security research
- Targeted surveillance and digital espionage research
- **Tactical Technology Collective**: [tacticaltech.org](https://tacticaltech.org)
- Digital security tools and training for activists
- Surveillance and privacy research and advocacy
#### Privacy Advocacy Organizations
- **Electronic Privacy Information Center (EPIC)**: [epic.org](https://epic.org)
- Privacy rights advocacy and policy research
- Government surveillance and privacy policy advocacy
- **Fight for the Future**: [fightforthefuture.org](https://fightforthefuture.org)
- Digital rights activism and campaign organization
- Internet freedom and privacy advocacy campaigns
### Technical Security Organizations
#### Open Source Security Projects
- **Tor Project**: [torproject.org](https://torproject.org)
- Anonymous communication software and research
- Privacy and anonymity technology development
- **Guardian Project**: [guardianproject.info](https://guardianproject.info)
- Open source security and privacy tools for mobile devices
- Secure communication and privacy applications
- **Open Technology Fund**: [opentech.fund](https://opentech.fund)
- Internet freedom technology development and support
- Digital security and privacy tool funding and development
#### Security Training Organizations
- **Security Education Companion**: [securityeducationcompanion.org](https://securityeducationcompanion.org)
- Digital security training curricula and resources
- Security trainer development and support
- **Level Up**: [level-up.cc](https://level-up.cc)
- Holistic security training for civil society
- Trauma-informed security training and resources
---
## D.4 Additional Reading and Study Materials
### Essential Books
#### Security and Privacy
1. **"Data and Goliath" by Bruce Schneier**
- Surveillance capitalism and privacy protection
- Policy and technical approaches to privacy
2. **"The Age of Surveillance Capitalism" by Shoshana Zuboff**
- Economic analysis of surveillance and data extraction
- Understanding surveillance business models
3. **"No Place to Hide" by Glenn Greenwald**
- NSA surveillance revelations and implications
- Government surveillance capabilities and overreach
#### Resistance and Activism
1. **"From Dictatorship to Democracy" by Gene Sharp**
- Strategic nonviolent resistance theory and practice
- Political defiance and resistance strategy
2. **"The Politics of Nonviolent Action" by Gene Sharp**
- Comprehensive theory of nonviolent resistance
- Methods and dynamics of nonviolent struggle
3. **"Direct Action" by L.A. Kauffman**
- History of direct action and civil disobedience
- Tactical innovation in social movements
#### Intelligence and Security
1. **"The Art of War" by Sun Tzu**
- Classical strategic thinking and tactical principles
- Intelligence and strategic planning concepts
2. **"On War" by Carl von Clausewitz**
- Military strategy and tactical theory
- Understanding conflict and strategic thinking
3. **"The Craft of Intelligence" by Allen Dulles**
- Intelligence operations and analysis principles
- Understanding intelligence collection and analysis
### Academic Journals and Publications
#### Security and Privacy Research
- **IEEE Security & Privacy Magazine**
- Academic research on security and privacy topics
- Technical and policy analysis of security issues
- **ACM Transactions on Privacy and Security**
- Peer-reviewed research on privacy and security
- Technical advances in privacy and security technology
#### Social Movement Research
- **Social Movement Studies**
- Academic research on social movements and activism
- Theoretical and empirical analysis of resistance movements
- **Mobilization: An International Quarterly**
- Social movement theory and research
- Comparative analysis of social movements and activism
### Online Resources and Databases
#### Security and Privacy Resources
- **OWASP (Open Web Application Security Project)**: [owasp.org](https://owasp.org)
- Web application security resources and tools
- Security testing and vulnerability assessment
- **SANS Institute**: [sans.org](https://sans.org)
- Information security training and certification
- Security research and threat intelligence
#### Research and Analysis
- **Bellingcat**: [bellingcat.com](https://bellingcat.com)
- Open source investigation techniques and case studies
- Digital forensics and online investigation methods
- **Exposing the Invisible**: [exposingtheinvisible.org](https://exposingtheinvisible.org)
- Investigation techniques and tools for activists
- Digital security for investigators and researchers
---
<div class="info-box">
<div class="info-title">Continuous Learning</div>
<p>Security and resistance techniques evolve constantly. Regular study of new resources, techniques, and threat developments is essential for maintaining effective operational security and resistance capabilities.</p>
</div>
<div class="success-box">
<div class="success-title">Knowledge Sharing</div>
<p>Share knowledge and resources with trusted networks while maintaining operational security. Collective learning and skill development strengthen resistance capabilities and improve security for all participants.</p>
</div>
---
**End of Field Manual FM-R1**
*This field manual represents a comprehensive guide to resistance operations and security practices. Regular updates and revisions ensure continued relevance and effectiveness in changing operational environments.*
Reference in New Issue View Git Blame Copy Permalink