This is a maintained technical guide that aims to provide introduction to various online tracking techniques, online id verification techniques and guidance to creating and maintaining (truly) anonymous online identities including social media accounts safely and legally. No pre-requisites besides English reading are required. It is written with hope for activists, journalists, scientists, lawyers, whistle-blowers, and good people being oppressed/censored anywhere!
This guide is an open-source non-profit initiative, licensed [Mirror] [Archive.org] under Creative Commons Attribution 4.0 International (cc-by-4.0) and is not sponsored/endorsed by any commercial/governmental entity.
Latest Online HTML versions at:
Latests PDF versions at:
The PDF files in this guide have been checked by VirusTotal and Hybrid-Analysis, see the links below (Note that this guide does not endorse VirusTotal/Hybrid-Analysis. Those should be used with extreme caution and never with any sensitive files due to their privacy policies.)
For additional safety; you can always double check them using PDFID which you can download at https://blog.didierstevens.com/programs/pdf-tools/.
(You might be wondering why should trust a random python script? Well it's open-source and well-known. It's probably a safer bet than trusting a random PDF)
python pdfid.py file-to-check.pdf
And you should see the following entries at 0 for safety:
SHA256 Checksums of all the PDFs are available here:
SHA256 Checksums and GPG keys of the full repository releases files are available within the checksum file at https://github.com/AnonymousPlanet/thgtoa/releases/latest
The GPG signatures for each PDF file are available here:
To check the SHA256 Checksums please do the following:
certutil -hashfile filename.txt sha256
shasum -a 256 /full/path/to/your/file
All commits and releases on this repository are signed and verified using the same key. Check for the "Verified" tags.
To verify files with GPG signatures, you should first install gpg on your system:
Import the GPG key using the following command from a command prompt or terminal:
gpg --auto-key-locate nodefault,wkd --locate-keys 0xEB16B6AB4AB7BA61F33E2DFD0051E9A589DAB601
If this doesn't work, you can also download/view it directly from here: https://anonymousplanet.org/AnonymousPlanet_0x89DAB601_public.asc [Mirror] [Tor Mirror]
And then import it manually by issuing the following command:
gpg --import AnonymousPlanet_0x89DAB601_public.asc
Finally, verify the asc signature file (links above) by issuing the following commands:
gpg --verify guide.pdf.asc guide.pdf"
gpg --verify guide-dark.pdf.asc guide-dark.pdf"
You can verify the authenticity of this GPG signature using:
As well as the published key on (search for the fingerprint):
Using the following GPG fingerprint:
Feel free to submit issues using Github Issues.
Follow or contact me on:
Discussion Channels (be careful as none of those are actively moderated, or encrypted):
Have a good read and feel free to share it!