Notice: This website may or may not use or set cookies used by Google Ad-sense or other third party companies. If you do not wish to have cookies downloaded to your computer, please disable cookie use in your browser. Thank You.
Showing posts with label Communications Security. Show all posts
Showing posts with label Communications Security. Show all posts

Friday, November 30, 2012

Computer Security for Pre and Post Collapse

With the significant amount of preppers that believe in the probability that the coming collapse will be either generated by the Government or will result in a heavy handed Government exerting martial law across the land, I offer this article on computer security.

While the Government has phenomenal capabilities when it comes to electronic tracking and eavesdropping, this capability is spread across many different agencies, so it is not a central location manned by 25,000 intelligence analysts per shift. It is really a bunch of diverse agencies and even separate offices within these agencies who don’t like to share information because it degrades the other’s power and status. So when people try to convince me of large government conspiracies, I always think and sometimes speak out and say,…”Really? This is the same government that is bankrupting social security?...the same government that purchases $3,200 office chairs and $5,000 hammers?.......the same government that wear clown suits to work, shoots funny videos and posts them to You Tube? “

Some of this article came from a Yahoo! article on computer security when shopping, but the same principles apply. See bottom of article on the Poor Man's e-mail communications.

Browsing the web anonymously? Think your online activities are private? Think again. Not only are your surfing sessions tracked by websites, search engines and social networks, but often your Internet service provider (ISP), web browser, government and potentially hundreds of online tracking companies. Whether it's to collect valuable marketing data or prevent terrorist activity, movie piracy or kiddie porn, everything you think you're doing privately in the comfort of your home is anything but private.

But just because you want to spend time online anonymously doesn't mean you're a cybercriminal or have something to hide. Not only do regular folks want privacy, but remaining anonymous can also protect yourself from malicious types out to steal your identity for financial gain — from spammers and scammers alike. And so there are a few things you can do to reduce the odds every click is tracked, archived and shared. The following are a few suggestions on where to start.

How does Facebook know to show you ads for your local gym, supermarket or college? This is because your computer's unique Internet Protocol (IP) address, assigned by your ISP, reveals your geographical whereabouts. Even if your computer generates a different IP address every time you boot up or log online, this number (e.g. can still tell of your general location.

And so there are many different solutions that can hide your Internet connection, allowing you to remain anonymous while online. Some are websites, such as free "online proxy servers" that conceal your identity — simply point the web address (URL) to the proxy server and surf right from their website (check out for a list of great options).

Others prefer Virtual Private Network (VPN) software that encrypts your online sessions. The browser-independent Hotspot Shield from AnchorFree, for example — available for Windows, Macs, iPhone and Android — channels all web activities through a personal VPN and secures all Internet communications by turning all HTTP traffic into the safer HTTPS (which is what your bank uses for a safe connection).

Free to use but with more features packed into the "elite" version ($29.95), Hotspot Shield is ideal for email and instant messaging, too, and reduces the likelihood of identity theft because you're not leaving a digital footprint -- including cyber-snoopers and rogue connections at Wi-Fi hotspots, hotels, airports, and so on.

Similarly, Tor is free software that defends you against Internet surveillance that threatens personal freedom and privacy. Short for "The Onion Router" — which gets its name for its "layered" approach to the encryption process -- Tor provides online anonymity as the software routes Internet traffic through a worldwide volunteer network of servers to conceal your location or online usage patterns.

Use USB sticks.  
In some cases, software to encrypt your connection is kept on a USB drive — therefore you can remain safe and secure even when using a public PC.

SurfEasy ($59.99) is a tiny USB key that fits into a credit card-shaped case to be kept in your wallet. When you plug it into a PC or Mac -- be it your own computer or a communal one -- it instantly launches its own password-protected browser and you're good to go -- no proxy or network settings to configure. Your browsing session is handled through SurfEasy's fast and secure private proxy network.

Your IP address will be masked throughout the session. A fr

ee alternative is called Tails, which can be downloaded and installed onto a USB stick to run independently of the computer's original operating system. Like SurfEasy, it lets you browse the web anonymously -- on virtually any computer — as all connections are channelled through the aforementioned Tor network.

Browser tweaks Anonymous proxy software is a great way to mask your IP address online, but there is still plenty of information about your web surfing habits stored on your computer — which could also be viewed over a network, say, at the office, by your IT department. At least it's somewhat easy to control your privacy settings directly in your web browser — unless your business forbids non-administrators from making changes to your browser settings, that is.

You can disable cookies — tiny text files stored on your computer with information about where you've been online, passwords and other info — and you should also delete your browser history to cover your tracks. All major web browsers — such as Internet Explorer, Firefox, Chrome or Safari -- allow you to delete your surfing history: simply go to the Options or Settings in your favorite browser and you'll see how to do this.

You might want to turn off auto-complete or someone on your computer could type in a few letters in a search engine or web address (URL) bar and any recent places you visited could fill in automatically. And don't click to allow sites to "remember my password" or someone could gain access to your private or financial information.

The easiest thing to do, however, is to see if your web browser has settings for surfing incognito — most of the major browsers do today. By enabling these privacy settings, your browser won't save any history (and download history), search queries, cookies or passwords. On a related note, Twitter recently announced a "Do Not Track" feature that prohibits the service from collecting info about its millions of users. Nice.

And Microsoft, in June 2012, said its upcoming Internet Explorer 10 browser -- expected to launch alongside Windows 8 later this year -- will not collect data about the online activity of its users by default. 'Do not track' tools and plug-ins Google raised a few eyebrows earlier in 2012 with its revamped privacy policy, which was updated to allow for the sharing of information between its various services such as Google Search, Gmail and YouTube. Therefore, if you search for recipes in Google Search you might be presented with cooking-related videos on YouTube. Handy? Sure. Invasion of privacy? Debatable. You could choose not to log into your Google account when using these services (er, or not use them at all) or you might want to install one of the free browser plug-ins that tell Google and other advertisers to back off.

One called Do Not Track Plus from Abine blocks marketers, search providers and social networks from tracking your online activity — and it's compatible with all major web browsers. After it's installed, a small icon will appear to the right of the browser's address bar to tell you if a website wants to send data from your visit to other companies. Speaking of requiring a login name and password on a variety of sites, some web-based services like Anonymizer can automatically generate temporary email addresses with unique usernames and passwords for any site you wish to access (excluding your bank or shopping sites, of course, or you can't access your account).

Similarly, another solution called BugMeNot lets users post free usernames and passwords for shared access to popular websites like video sharing sites and newspapers.

Poor Man’s secure E-mail
One of the easiest things to protect communications from two or more different people or groups that are geographically separated is to use the same e-mail account. This would require giving the account e-mail and password either face to face or through hard copy correspondence,….yes, the U.S. postal service is good for something.

Each party can access the e-mail account and left a message for the other saved in the drafts folder so the message does not have to be sent out over the internet. The subject line and to address should be benign and fake respectively. Using simple encryption, such as a book code, for the text of the e-mail text can enhance message security from all but the most sophisticated agencies.

Wednesday, April 7, 2010

Urban Survival Skills – Communications Security 101 and Brevity Codes

The average Urban Survivalist using FRS/GMRS radios, like the various brands and models you buy from Wal-Mart, Target, etc., will need to develop communications protocols to ensure he/she and his/her survival group are using the radios in the most secure fashion possible.

Without some sort of communications security, the Urban Survival group risk providing potential threats with information that can be used against the Survival Group.

You, the Urban Survivalist, just may be more technical savvy than what we have to offer in this post. This is designed to help the Urban Survivalist adding common off the shelf FRS/GMRS radios to their Survival Gear and Equipment inventory and who do not have any idea of what communications security may mean.

Some of the FRS radios come with a voice scrambling mode using a form called voice inversion. This type of scrambling or Voice Inversion is easy to break using common voice inversion defeating SD type cards in handheld off the shelf frequency scanners. I understand that there is free software available on the internet that can be used in combination with computer sound cards to decode voice inversion.

So be aware that what you say on the radio will be easily picked up, decoded and understood by anybody who tries. There will be people who be able to determine a direction, from them to you, based on intercepting your signal. This can be accomplished using commercials radio direction finding equipment (called Signals Intelligence in the Military) or by skilled amateurs determining the direction of the strongest signal from your radios.

Simply, the Urban Survivalist needs to understand and use these precautions when using FRS radios.

Use Minimal Transmission Time. The longer you are on the air or transmitting the easier it is for someone to determine your direction and location, and, the longer you are transmitting, the more information you will be providing to eavesdroppers to exploit.

Protect Essential Information. Develop a list of information that you will never transmit or talk about on the radio. Some of these will be: Names – never names on the radio, instead use fictious names or code names; Locations – never send location, grid coordinates or any information that could be used to determine where you are; Assets – never talk about any assets you may have like people, food, vehicles, firearms,…anything!

Do Not Use Military Type lingo. We debated about this, but we think the easiest thing to do would be not to use military language as any eavesdroppers could determine you are a fairly well prepared Survival Group with Survival Gear, Equipment and Supplies but not too proficient to be able to hold onto to if the eavesdroppers attacked you. The flip side is that if you sounded too competent and well prepared then potential attackers may leave you alone. We think it’s better to try and stay under the radar screen.

Brevity codes are short words or phrases that have a longer meaning. Codes names are a replacement name for a location, person or thing that would not identify it.

A radio conversation that would transmit too much information may sound like this:
Person A: “House Security this is Security Patrol”
Person B: “Go ahead Recon Patrol”
Person A: “We finished with the Security Patrol and am heading back to your location, will be there in 15 minutes”
Person B: “Good copy Security Patrol”

Substitute some fictious names and some brevity codes and the sme conversation may sound like this:
Person A: “Hey James this is Charles”
Person B: “Go ahead Charlie”
Person A: “I got the house cleaned and mopped”
Person B: “Excellent”

House Cleaned means "Security Patrol finished". I’m cleaning the house means "still conducting the Security Patrol". Mopped may mean "I’m 15 minutes from re-entering the Survival Location". Excellent may mean "good copy".

We at will be doing some additional communications posts in the near future – please stay tuned, stay safe and get prepared.