Escolar Documentos
Profissional Documentos
Cultura Documentos
Chat contact : argleflarb@jabber.org You can use any XMPP chat (like gtalk) to contact me for questions. Use pidgin with OTR installed.
Things change, fast. Make sure you keep informed about the latest developments. Do not advise others on things you do not understand. Realistic paranoia is fine, sometimes they are out to get you. Complete paranoia is pointless, not everybody is out to get you.
1. Networking, an introduction 2. Threat modeling, or WHOs out to get you? 3. Protective technologies and circumvention 4. Social media & Profiling a short discussion 5. Practicum, installing some tech.
The main internet protocol : tcp/ip is like shouting a message in the street. A router is a designated re-shouter Everything you do inside a network is visible to the owners of that network.
Your home network Your ISPs network Your work network Your works ISP network An 'open' wireless network
IP address : assigned by the access provider. Can be changed using tor or vpn. Mac address : unique identifier of network card : Can be changed by you. IMEI : unique telephone identifier : can not be changed by you. Your name : Can be changed by you
Threat Modeling
Who is your adversary?
Your ISP ? Your neighbor ? Your government or part of your government ? A company ? An action group ?
Listen to your communications ? See what you read ? Interfere with access to content you want. Interfere with access to content you publish. Know who you are. Know where you are and/or where youve been.
Embarrass you, family or your friends Fire you, your family or your friends Arrest you, your family or your friends Hurt you, your family or your friends Kill you, your family or your friends
Is your adversary known to follow the rule of law ? What does the law say about your activities
TrueCrypt : Disk encryption VPN : Encrypted network access GPG : Encrypted email TOR : Anonymous network access HTTPS Everywhere : Encrypted browsing OTR : Encrypted chat
TrueCrypt
Protects against theft. Does not protect against anything else. Does not protect against theft if the encrypted machine is turned on when stolen or confiscated.
VPN
Can protect all or some network communication from surveillance on the 'local' network. (between you and your access provider) Does not protect communication exiting from the vpn providers network.
Encrypts email when traveling across the network. Encrypts mail when stored on remote emailsevers (gmail, yahoomail etc)
TOR
HTTPS Everywhere
Encrypted browsing Does not protect your identity Does not hide the site you are visiting
Verifies the identity of the person you are chatting with Encrypts the communication, hiding it from the network provider.
Do not send passwords on untrusted networks initiate a vpn connection to a safe location first. Make sure your email, chat, personal files etc are stored on encrypted volumes (trueCrypt) Get your friends & family to start using GPG when sending mails. Do NOT use server stored chat services like facebook chat.
Do not store passwords in your browser. Remember that in principle all internet activity is like shouting in the street. Your phone is exactly like a small computer Stop using online storage (dropbox etc)
If avoidable, dont use it. Assume that all activity is, or will be viewable by everyone. You and your network Separate types of activity