Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    Feeling Paranoid? Come and share your thoughts!
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Feeling Paranoid? Come and share your thoughts!

    Hey guys!

    Let's do a sharing of the minds.

    Tell me how you would secure yourself from external surveillance?

    Assume your adversary is capable of one trillion guesses of your password per second. Assume your adversary will perform a wiretap on all your networks.

    Assume you have one week to gather resources and perform everything you need. After a week, your adversary has complete control. They know your identity and everything about you, except what you do on the net. You'd like to keep it that way.

    I want to hear everything. From TAILS and TOR to anti-physical surveillance tactics such as playing music between windows.

    Thanks!

    Tagging in @William as he seems to always have some interesting information on this topic :)

    PS: I'm so getting red-flagged for this :-(

    This signature wasted 121 bytes of your data allocation.

    https://nixstats.com/report/56b53d6465689e44598b4567

    «1

    Comments

    • gestiondbigestiondbi Member, Provider

      Gestion DBI Inc. | IT Consulting, Telecommunications, Domotic/Security and Hosting provider.
      DeepNet Solutions | OpenVZ VPS for Cheap! | Only the best Cloud KVM VPS.

    • are you planning to join isis or what >.>

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    • mikhomikho Member, Provider
    • @0xdragon have you been smoking something new? the stuff that starts you melow then really paranoid ?

      • do not prepay > 1 year and check for reviews/support
      • only use monthly from a provider operating < 1 year 🍆
    • BharatBBharatB Member, Provider
      edited September 2015

      @ehab said:
      0xdragon have you been smoking something new? the stuff that starts you melow then really paranoid ?

      I bet hez smoking server meth :P

      Thanked by 1Fusl

      Readydedis, LLC - Managed Dedicated Servers

    • RalliasRallias Member, Provider

      Assuming the above-stated parameters are true, then you're truly and utterly fucked. However, the above-stated parameters are impossible, so I know for absolute certainty that well tested technologies and a decent password are sufficient to keep me safe.

    • Whonix is great

      Thanked by 1MacPac
    • MacPacMacPac Member, Silenced

      OvBSD is greater

    • Win 3.1 on an offline workstation where you feed it floppy disks

      Thanked by 2gestiondbi netomx

      How to clean up a questionable reputation: throw the kids some BF/CM offers.

    • 0xdragon said: Assume your adversary will perform a wiretap on all your networks.

      Passive or active? (I.e., can the adversary modify data on the wire?). In the latter case you are hosed more than in the former case, but you're still hosed either way.

    • @0xdragon said:
      They know your identity and everything about you, except what you do on the net.

      Game over, all it takes is a single 0-day and it's not like those are rare - there's a whole legal industry around them and lettered agencies are the primary allowed customers. So you're looking at frequent hardware changes, no web browsers etc.

    • @ehab said:
      0xdragon have you been smoking something new? the stuff that starts you melow then really paranoid ?

      nope he is smoking computer security training meth lol
      hey this is the mindset they teach you in computer security to always watch your back and make sure no one gets into your networks, servers, etc.
      you know always thinking what if and how can I secure my network more and furthermore close any vulnerabilities etc.

      CubeData FraudRecord Module: https://cubedata.net/fraudrecord OpenNebula module: https://cubedata.net/opennebula now for blesta & whmcs

    • WilliamWilliam Member, Provider

      0xdragon said: I want to hear everything. From TAILS and TOR to anti-physical surveillance tactics such as playing music between windows.

      I download Wikipedia, take a laptop and move to Western Sahara.

    • @timnboys said:
      you know always thinking what if and how can I secure my network more and furthermore close any vulnerabilities etc.

      if you have something to hide no matter how much security installed there is always that annoying voice to belittle it. anything on the net is vulnerable ... isolation / encryption / 2 way authentications helps bring sleep.

      • do not prepay > 1 year and check for reviews/support
      • only use monthly from a provider operating < 1 year 🍆
    • In fact they ARE (well at least their brothers in law from the GCHQ):
      https://theintercept.com/2015/09/25/gchq-radio-porn-spies-track-web-users-online-identities/

      German article: http://www.heise.de/newsticker/meldung/Von-Webradio-zu-Pornoseiten-Weltgroesste-Ueberwachungsmaschine-der-Briten-2826716.html

      The religious believe that governments are good, and everything is just fine is remarkable!

      Sorry for not having a solution. Killing them all is pointless as long as the majority of people doesn't support that, and you don't have a detailed masterplan for the time after the "global cleanup".

      Don't forget to like, subscribe, and comment below.
      "they just simply can't trace me down on internet because I'm using Linux." Mr_indescribable

    • netomxnetomx Member, Moderator

      I think that if they are doing it, you can't stop it, so try to live the life and forget about that

      Thanked by 1hostnoob
    • I would seek out Tom Cruise and Liam Neeson. But I agree with netomx, try to live on and not think about it. I like the idea of off grid living out in the woods, not to hide from big government, I just don't get along well with most people.

      Thanked by 1netomx
    • apidevlabapidevlab Member
      edited September 2015

      Well worth a read in the current climate: https://cryptome.org/ukpk-alt.htm

      By 1975,James Ellis, Clifford Cocks and Malcolm Williamson had discovered all the fundamental aspects of public-key cryptography, yet they all had to remain silent.

      I don't have any relation/affiliation with any LET Host, All of my comments are my own

    • @0xdragon said: Hey guys! Let's do a sharing of the minds. Tell me how you would secure yourself from external surveillance? (…)

      Budget?

      Andrew Glodek | Special Projects Director | 香港國際商務中心 HONG KONG INTERNATIONAL BUSINESS CENTRE
    • scyscy Member
      edited September 2015

      Not much you can do about it. You can protect a bit yourself from advertising tracking using a few browser plugins. But global surveillance is a fact you can't do much against as long as you connect to the internets, from my limited understanding.

      Be an as good citizen as you can. You'll be fine.

      Thanked by 1netomx
    • aglodekaglodek Member
      edited September 2015

      @scy said: Be an as good citizen as you can. You'll be fine.

      Now, where's the fun in that? ;)

      Thanked by 1netomx
      Andrew Glodek | Special Projects Director | 香港國際商務中心 HONG KONG INTERNATIONAL BUSINESS CENTRE
    • scyscy Member
      edited September 2015

      aglodek said: Now, where's the fun in that? ;)

      If you don't find the fun in that, you probably need to learn again what fun really means ;)

      image

      Thanked by 1aglodek
    • 0xdragon0xdragon Member
      edited September 2015

      Australian Data Retention Laws. ;-)

      Oh, and I watched citizenfour, if you're wondering why I opened this thread! And a Batchelor in Computer Security.

      Thanked by 2netomx 4n0nx

      This signature wasted 121 bytes of your data allocation.

      https://nixstats.com/report/56b53d6465689e44598b4567

    • 0xdragon said: Australian Data Retention Laws. ;-)

      Oh, and I watched citizenfour, if you're wondering why I opened this thread! And a Batchelor in Computer Security.

      So you only want to avoid automated/mass surveillance? That is very difficult because the other people you are in contact with still use gmail, upload their contacts to fb/whatsapp servers, etc. .

      If it's just the ISP data retention then use a VPN or Tor. :) It's like the Australian government made a law that reads "pay $10-100 a year to a company outside Australia to keep your privacy".

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    • @4n0nx said:
      If it's just the ISP data retention then use a VPN or Tor. :) It's like the Australian government made a law that reads "pay $10-100 a year to a company outside Australia to keep your privacy".

      Literally.

      Thanked by 14n0nx

      This signature wasted 121 bytes of your data allocation.

      https://nixstats.com/report/56b53d6465689e44598b4567

    • 0xdragon said: Literally.

      mmhmmm not figuratively

      Thanked by 10xdragon

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    • yum update isis
      yum remove usapower
      yum remove 0xdragon
      yum install BarrackObama.

      What is this @0xdragon maybe this could be a little stress that cause you.

    • 0xdragon said: Australian Data Retention Laws. ;-)

      Oh, and I watched citizenfour, if you're wondering why I opened this thread! And a Batchelor in Computer Security.

      You are a dangerous citizen. I don't want to read what's going on in your crazy mind anymore.

      /ignore 0xdragon

    • MaouniqueMaounique Member
      edited September 2015

      I am more dangerous than him, I help people avoid surveillance every day, but it is proving difficult, the main issue is between the chair and the keyboard.

      Besides the technical things, you must have dual identities at least. This means you do something on the plain internet and another over Freenet/Tor, separate VMs with encrypted disks for each, if you have to keep some data, or something like Tails, if not.

      I mean, Mr. Anderson by Day and Neo, by night, kind of thing. Have everything destroy itself if you do enter a certain password at the screensaver or the disk wiped if do the same thing at boot, have the OS log you out regularly, say, every 10 minutes, have your OS run in RAM, and other measures to protect against raids and gun to the head things. If you will die anyway, why risk the lives of the people that trusted you.

      Since they already know who are you, the main identity must be real and use your real IP, you will do the regular things on the internet, listen to music, watch movies, shop, do banking, play games, etc. It will not be possible to mask an encrypted connection, really, if they can control the other end (every other end you have access to) but it will not be easy to decrypt it. You should use cascading encryption, at least 3 ways from different projects and with different approaches, so, one 0day will not expose you.

      There are ways, nothing is completely safe, if the state is after you, they wont go to such lengths except if they want to find out whom you are in contact with to do them the same they do to you (disappearance, torture, death), otherwise they will finish you off by some "accident". They kill prominent opposition figures, in Russia, for example, North Korea does not even need proof, suspicion you are thinking illegally is enough. There are many people in the world, especially in china, governments afford to kill many before the country starts going to hell, we need to reduce populations and democracy will have a bigger role to play in the world, the wars they plan will help but not enough, we still need education, it cannot be avoided if we want to be free. As long as propaganda and FUD keep working they won there is no chance to fight other than blend in the crowd.

      People do not stop and think why the TV man wants them to hate someone (a minority a nation, a religion whatever) they go with the blind hatred, not thinking who will lose in the war, as long as they think they can drop some bombs and their religion will triumph with no other cost, they will. The more enemies they will make this way, the more "danger" and the more powers to the TV and the government against them they will grant.

      Thanked by 20xdragon Shade

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • @Maounique said: (…) have the OS log you out regularly, say, every 10 minutes…

      Okay. Why? How's this help?

      …have your OS run in RAM, and other measures to protect against raids and gun to the head things (…)

      Same question: how's this help keep things more secure from snooping?

      Thanked by 10xdragon
      Andrew Glodek | Special Projects Director | 香港國際商務中心 HONG KONG INTERNATIONAL BUSINESS CENTRE
    • @aglodek said:

      It helps when paratroopers jump you when asleep or when going to the bathroom or you simply have no time to hit the nuke button.

      Thanked by 3aglodek 0xdragon netomx

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • @Maounique said:

      Oh, okay, now I get it… in case there's a raid… well, personally, should I ever manage to elicit such attention from those quarters, I should think I'd start with establishing some kind of perimeter long before such contingencies were likely to arise ;)

      Andrew Glodek | Special Projects Director | 香港國際商務中心 HONG KONG INTERNATIONAL BUSINESS CENTRE
    • 4n0nx4n0nx Member
      edited September 2015

      @aglodek

      you are already "on the list" now. :D

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    • @aglodek said:

      You may never know, unless you have contacts up there. Every citizen must consider this because you can't know when you are found to have eaten at the same restaurant with someone who liked a post by a muslim someplace. It will mean all your contacts will be subjected to the same treatment while you are in prison or rotting some place.

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • scyscy Member
      edited September 2015

      4n0nx said: you are already "on the list" now. :D

      You already were because of your signature:

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      If this thread keeps going everyone visiting LET will be on the list and @mkpossen will lose his JOB. Come on guys, realize you might be hurting the economy.

      @Maounique : your ideas are fun but is it really possible to set that up? The computer that can automatically destroy itself in case an enemy arises like in a sci fi movie :)

      The only solution to be sure to avoid heavy surveillance and torture is simple: be a good, law abiding citizen. edit: you won't avoid surveillance, but might avoid torture in most juridictions. Probably good enough for most of us.

    • @scy one misunderstood post on facebook...

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    • MaouniqueMaounique Member
      edited September 2015

      scy said: @Maounique : your ideas are fun but is it really possible to set that up? The computer that can automatically destroy itself in case an enemy arises like in a sci fi movie :)

      Yes, it can.

      The only solution to be sure to avoid heavy surveillance and torture is simple: be a good, law abiding citizen. edit: you won't avoid surveillance, but might avoid torture in most juridictions. Probably good enough for most of us.

      When police shoots first even people with hands in the air in order to avoid the task of asking questions later, because of their color or religion, when the law requires to give them reasons to prosecute or kill your neighbour, being a good citizen will be different than law abiding one, some will be law abiding, others will be good citizens, you cant be both, even today.
      Surveillance digs dirt on people so the police, the prosecutors, the judges, the lawmakers, the military, the president etc can be blackmailed for issues having no link to their activity in office, once you control all those and the rival spy agencies, you are the real ruler of the country so everything goes, the law has no meaning, even if it is not changed to give you absolute power, you do not need that.

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • singsingsingsing Member
      edited September 2015

      Maounique said: You should use cascading encryption, at least 3 ways from different projects and with different approaches, so, one 0day will not expose you.

      Umm, zero-day refers to new exploits against software that patches don't exist for yet. Nobody uses the term zero-day to refer to breaking of a cryptographic cipher. That is not something that can be patched. Also, encryption will not protect you from zero-day attacks. However encrypted your HTTPS over OpenVPN session may be, the browser still sees all input in unencrypted form (d'oh, or it couldn't display it or execute JS, etc ...).

      Using cascaded ciphers can indeed stop a communication stream that was saved in encrypted form from being subjected to effective cryptanalysis later (compared with only one cipher being used that is later discovered to have flaws).

    • @4n0nx said: you are already "on the list" now.

      So what else is new? Been there all my life.

      @Maounique said: You may never know, unless you have contacts up there…

      C'mon, be serious! Of course I'd know. I watched all 6 - or was it 7? - seasons of Burn Notice! ;)

      Andrew Glodek | Special Projects Director | 香港國際商務中心 HONG KONG INTERNATIONAL BUSINESS CENTRE
    • singsing said: Nobody uses the term zero-day to refer to breaking of a cryptographic cipher.

      And where did I say that?
      However, the implementation itself can be bugged and leak the cipher somehow or bypass it altogether, nobody can really keep checking every new version of code and you have to stay updated, one might be bugged, so you must use 3 different implementations and ciphers, not only protecting from using cryptanalysis, that would be enough to use 3 ciphers and one encryption app, however, if you use a VPN to connect to an iSCSI device which holds an encrypted container and you mount that, chances are minimal to be able to break all encryption, you have 3 implementations and 3 different ciphers. Maybe the VPN protocol can be broken due to some error in encryption, weak encryption being forced by some bug, for example, you cannot really monitor everything in real time, this is what i meant.

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • Maounique said: However, the implementation itself can be bugged and leak the cipher somehow

      You mean leak the encryption -key-? Certainly it can. But that can really only happen if you are already comprised, in which case your security is already zero to begin with. There are very few scenarios in which you have -only- loss of confidentiality due to a bug, and not a full intrusion opportunity.

      Maounique said: nobody can really keep checking every new version of code and you have to stay updated

      That's true ... but you're starting from the assumption that you have malicious code on your system, which is a no-win situation. Layering different softwares won't buy much.

    • singsing said: You mean leak the encryption -key-? Certainly it can. But that can really only happen if you are already comprised, in which case your security is already zero to begin with. There are very few scenarios in which you have -only- loss of confidentiality due to a bug, and not a full intrusion opportunity.

      Encryption can sometimes be easily broken, I think that's what he meant. So yes it might be a good idea to use "double encryption", if you are somehow a very important target, no matter if encryption for storage or encryption for your connection.

      (e.g. PPTP VPNs can be easil cracked, but if you used PPTP and connected to SSH through it, you are probably safe..)

      (((o(゚▽゚)o))) If privacy is outlawed, only outlaws will have privacy. (((o(゚▽゚)o)))

      ヽ(`Д´)ノ Everyone should run Tor on their idle servers.

    • Have you submitted a FIOA request on yourself via https://www.nsa.gov/public_info/foia/submit_foia_request/

      (or am I doing this to trigger the tin foil folks?)

      How to clean up a questionable reputation: throw the kids some BF/CM offers.

    • I meant the implementation can have a bug, we saw some last year, also, i think double encryption is not enough, you need three layers, because one can have an issue and one can later be broken, but you still have one in reserve, breaking it becomes impractical and it is way easier to directly torture you to speak out. Since you know you will be tortured and killed anyway, saying something will not help you at all, therefore you need to have means to kill yourself fast, if you are important target member of the resistance or something like that.

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • NekkiNekki Moderator

      Maounique said:I meant the implementation can have a bug, we saw some last year, also, i think double encryption is not enough, you need three layers, because one can have an issue and one can later be broken, but you still have one in reserve, breaking it becomes impractical and it is way easier to directly torture you to speak out. Since you know you will be tortured and killed anyway, saying something will not help you at all, therefore you need to have means to kill yourself fast

      That escalated quickly.

      Thanked by 1linuxthefish
    • Nekki said: That escalated quickly.

      Disclaimer: Hey, this is the paranoid thread, get out before you catch the bug!

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • 4n0nx said: PPTP VPNs can be easil cracked

      RC4 was always regarded as a risk. If you are still using RC4 in 2015 (except as an additional layer of obfuscation on top of real crypto), security can't be your top priority.

    • singsing said: obfuscation

      Hey, that might be a good idea not to raise flags, like, ha this guy uses a VPN but we can break it whenever we want, hence, not a priority.

      Extremist conservative user, I wish to preserve human and civil rights, free speech, freedom of the press and worship, rule of law, democracy, peace and prosperity, social mobility, etc. Now you can draw your guns.

    • singsingsingsing Member
      edited September 2015

      Maounique said: Hey, that might be a good idea not to raise flags, like, ha this guy uses a VPN but we can break it whenever we want, hence, not a priority.

    Sign In or Register to comment.