There have been a number of questions and comments about yesterday's post regarding COMSEC for the new year. These seem to me to be related to OPSEC - Operational Security which as I mentioned is very hard to pull off flawlessly. But it's terribly important and so I'd like to talk at least briefly about them.
Toirdhealbheach Beucail mentioned that TOR is difficult to use, which is God's Own Truth. This makes it easy to screw up, which can expose bread crumbs that can lead the Federales back to you. Use of a VPN and a privacy enhanced browser (like Brave which I recommend) are Very Good Things Indeed, but a VPN will also shine the light of suspicion on you. Also, you have to ask yourself just how much you trust your VPN provider not to, say, comply with warrants and National Security Letters and such. In short, a healthy paranoia is worthwhile and VPN won't replace what I was talking about yesterday.Stefan points us to Pixelknot for Android. Android is a problem, for a couple of reasons. Google is the funder of Android and while it is Open Source, there are millions and millions of lines of code. Google's revenue model is based on collecting data on users and I just don't trust the OS not to do that to me. Also, if you run this on a mobile phone there will be geolocation data added to user data that is collected. No bueno.
Paranoia runs deep - at least it should.
5 comments:
Borepatch - Thanks for the very helpful comment. I actually use NordVPN, which is (in theory) based outside of the US (your mileage may vary, of course, as to their ability to ignore any government orders). To be frank, I just like the additional layer of security.
I have been using Brave now for about two months (when I procured a new laptop) and have been very happy with it. I would also recommend Ghostery for another level of protection and blocking trackers.
If I want to protect myself from someone stealing my passwords or watching my browsing, all this is fine. If we are talking about .gov surveillance, assume any electronic device is compromised, every keystroke or spoken word is recorded. There is no privacy. None. The last vestiges of privacy died with the Patriot Act and there wasn't much left then.
Act accordingly.
ASM826 - This, absolutely. Add to it, if you are in an urban area, you are on camera.
I don't think of faxes these days, but (poorly) scanned handwritten documents, especially if most of the document is legitimate, will take time and effort to examine - effort that is unlikely to be made until you are 'on the radar' for something else, especially if you routinely send scanned handwritten documents, like old books or deeds.
And who helped write the patriot act? Oh yeah, mr. kavanaugh in the bush younger administration. kavanaugh you say, oh he is on the supreme court now. Same court bush put souter on.
Post a Comment