What's Your "Ultimate Anonymity" Setup?
#21
(05-13-2020, 07:40 PM)Insider Wrote: This is just me thinking out loud/brainstorming. But what if we made two encrypted FDE volumes. With different keys. With two OSes installed. One which is a decoy system...

I did mention VeraCrypt and it's hidden volume feature earlier in the thread. Which, for all intents and purposes works exactly like what you are proposing here. But on the scale of a file system or partition, if i were to make a comparison

I also know that you can use VeraCrypt to facilitate full disk encryption.
Reply
#22
I used to actual war-drive, use my car, and jump from wifi locations. Alpha card with an antenna that would give me 1 mile LOS connection so no one would see me next to a cafe or house. Randomized MAC, or spoof something fun from the OUI DB. Vpn/firewall with a kill switch, if not using tails live then I would be using full disk encryption, then it was TrueCrypt, Veracrypt now since TC is flawed and Vera is open-source and free vs Bitlocker. Also with MS being caught making forensic tools for the FBI and then being caught making backdoors for the NSA and now they apparently have the JEDI contract I don't trust any of their "security" esp encryption. I favored this as mentioned above, over VM.

This setup was a long time ago, hanging out in Anon IRC, I wasn't doing anything unlawful but with LulzSec bringing the FEDS online every day it was best to not be tagged and put on a list. This was from memory, nothing fancy, just a simple setup to stay anonymous.

Has anyone read over the Phineas fisher logs on how he stayed persistent threat and stealthy? Link here: https://www.exploit-db.com/papers/41915

MS FBI Tools: https://www.schneier.com/blog/archives/2...has_d.html
MS NSA Backdoors: https://www.tweaktown.com/news/57538/mic...index.html
MS JEDI Contract: https://blogs.microsoft.com/on-the-issue...-contract/
OUI DB: https://mac2vendor.com/ // Go ahead, spoof as a XEROX machine

Edit: Added some resources so I don't look like some tinfoil wearing paranoid weirdo =)
Reply
#23
(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: I used to actual war-drive, use my car, and jump from wifi locations. Alpha card with an antenna that would give me 1 mile LOS connection so no one would see me next to a cafe or house. Randomized MAC, or spoof something fun from the OUI DB. Vpn/firewall with a kill switch, if not using tails live then I would be using full disk encryption, then it was TrueCrypt, Veracrypt now since TC is flawed and Vera is open-source and free vs Bitlocker. Also with MS being caught making forensic tools for the FBI and then being caught making backdoors for the NSA and now they apparently have the JEDI contract I don't trust any of their "security" esp encryption. I favored this as mentioned above, over VM.

This setup was a long time ago, hanging out in Anon IRC, I wasn't doing anything unlawful but with LulzSec bringing the FEDS online every day it was best to not be tagged and put on a list. This was from memory, nothing fancy, just a simple setup to stay anonymous.

Has anyone read over the Phineas fisher logs on how he stayed persistent threat and stealthy? Link here: https://www.exploit-db.com/papers/41915

MS FBI Tools: https://www.schneier.com/blog/archives/2...has_d.html
MS NSA Backdoors: https://www.tweaktown.com/news/57538/mic...index.html
MS JEDI Contract: https://blogs.microsoft.com/on-the-issue...-contract/
OUI DB: https://mac2vendor.com/ // Go ahead, spoof as a XEROX machine

Edit: Added some resources so I don't look like some tinfoil wearing paranoid weirdo =)
 
Nice, I've wanted to try out wardriving at some point. You're definitely not paranoid lol. Phineas fisher's stuff was amazing. I first saw the story on pastebin actually. Crazy stuff.
Reply
#24
I am a learner here, and new to the forum, but I still would like to offer some information I've picked up, and please correct me where I am wrong! Always.

I stick to optical media when using something live for anonymity, having done a little dabbling in data recovery I find USB drive writability an attack surface I rather not worry about. If one were to be extremely safe they would wanna go for something with non-removable RAM as well. If someone were to get jumped like Dread Pirate Robert, a mouse jiggler put in their USB port, the ram could be pulled for forensics, extracting keys, and once that is done it is game over. There was a DIY wrist strap which when the person pulled the strap and the USB dongle out, the PC would shut-down. That link I cannot find, however, I am sure anyone reading this is smart enough to make one.

We would all like to think the court system is "innocent until proven guilty" but those of us who have done time know otherwise. There are people that have been held indefinitely until they unlocked their drives, "forgetting" the password doesn't fly when the rules don't apply. 
https://www.theguardian.com/technology/2...encryption
https://arstechnica.com/tech-policy/2017...passwords/

LEST WE REMEMBER: COLD BOOT ATTACKS ON ENCRYPTION KEYS: https://citp.princeton.edu/our-work/memory/

Mouse Jigglers: https://www.cru-inc.com/products/wiebete...gler_mj-3/

MS Surface with non-removable RAM and no thunderbolt: https://www.hardwarezone.com.sg/tech-new...ram-reason

How dread Pirate Roberts was arrested in a cafe: https://www.wired.com/2015/01/silk-road-...-ulbricht/
Reply
#25
(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: I used to actual war-drive, use my car, and jump from wifi locations. Alpha card with an antenna that would give me 1 mile LOS connection so no one would see me next to a cafe or house. Randomized MAC, or spoof something fun from the OUI DB. Vpn/firewall with a kill switch, if not using tails live then I would be using full disk encryption, then it was TrueCrypt, Veracrypt now since TC is flawed and Vera is open-source and free vs Bitlocker. Also with MS being caught making forensic tools for the FBI and then being caught making backdoors for the NSA and now they apparently have the JEDI contract I don't trust any of their "security" esp encryption. I favored this as mentioned above, over VM.

Those are some cool ideas. Wish I could wardrive myself. Don't really have any car access though. I can wardrive by bus and bike though. Used to wardrive with Wigle app on my phone running in my backpack. Mapping up insecure wifis; such ones as WEP. In the end never did anything with the data but it's interesting to have a look around and see how your networks are like.

You mention killswitch but have you ever thought of deadman switch? I will dig up the page but I remember there was a huge github repo somewhere with a whole bunch of ideas. Like putting lock and key on your computer chassi. And adding a vibration sensor to the PC incase someone tries to open or move it.

But I think one of my favorite ones were bluetooth connection between PC and phone. When the connection is broken, computer shut down with all its encrypted volumes. So when phone goes in the faraday bag it triggers.


(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: Has anyone read over the Phineas fisher logs on how he stayed persistent threat and stealthy? Link here: https://www.exploit-db.com/papers/41915

Interesting... I read/heard about this a long time ago. But can't remember much of it, I need to referesh my memory Smile Thanks for the link. Always lessons to learn from other opsec stories and failures.


(05-15-2020, 07:30 PM)BAC0NSW0RD Wrote: I am a learner here, and new to the forum, but I still would like to offer some information I've picked up, and please correct me where I am wrong! Always.

Welcome to GreySec Smile I see you have a lot of similar ideas as I've had! Truly an interesting topic OPSEC.


(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: I stick to optical media when using something live for anonymity, having done a little dabbling in data recovery I find USB drive writability an attack surface I rather not worry about. If one were to be extremely safe they would wanna go for something with non-removable RAM as well.

Haha I've kinda thought about it before. But what if we ran a liveCD on a microSD card. Just take the card and swallow it? But yeah I agree with you using optical media.


(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: If someone were to get jumped like Dread Pirate Robert, a mouse jiggler put in their USB port, the ram could be pulled for forensics, extracting keys, and once that is done it is game over. There was a DIY wrist strap which when the person pulled the strap and the USB dongle out, the PC would shut-down. That link I cannot find, however, I am sure anyone reading this is smart enough to make one.

Yeah I'm pretty sure he was connecting from a library. And if I remember it correctly he forgot VPN one time? Not sure. But for those interested! https://grugq.github.io/blog/2013/10/09/it-was-dpr/

One thing I read about in the Spy VS Counter spy documents which would be interesting is to use a laptop without battery. And just use a charger. If you get jumped; Just pull the cable for instant shutdown. Although with cold boot attacks, they can just remove the ram; apply cold spray and it will be live for at least 10 minutes. But I guess at least we'll be making it harder for LE.


(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: We would all like to think the court system is "innocent until proven guilty" but those of us who have done time know otherwise. There are people that have been held indefinitely until they unlocked their drives, "forgetting" the password doesn't fly when the rules don't apply.

https://www.theguardian.com/technology/2...encryption

https://arstechnica.com/tech-policy/2017...passwords/

Yeah grim justice system we live in :p Just need to hope your country has a good constitution. Some interesting talks about how to protect yourself legally here I would recommend checking out are some from the EFF lawyers at Shmoocon.

ShmooCon 2012: Destroying Evidence Before Its "Evidence"

ShmooCon 2012: Encryption, Passwords and Data Security: Latest on the Law and Best Practices


(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: Mouse Jigglers: https://www.cru-inc.com/products/wiebete...gler_mj-3/

Would be nice if there were some tools that could detect mousejigglers and tools alike. I remember Jacob Applebaum talking about this a long time ago, on developing an antiforensics framework to counter tools like that.


(05-15-2020, 06:29 PM)BAC0NSW0RD Wrote: MS Surface with non-removable RAM and no thunderbolt: https://www.hardwarezone.com.sg/tech-new...ram-reason

Interesting Cool Might just look into getting myself a Surface. Just hope they can run Linux.
Reply
#26
"You mention killswitch but have you ever thought of deadman switch? I will dig up the page but I remember there was a huge github repo somewhere with a whole bunch of ideas. Like putting lock and key on your computer chassi. And adding a vibration sensor to the PC incase someone tries to open or move it.

But I think one of my favorite ones were bluetooth connection between PC and phone. When the connection is broken, computer shut down with all its encrypted volumes. So when phone goes in the faraday bag it triggers."

Very awesome ideas. I know my shitty town LE don't use Faraday though, I know because I have located my phone traveling inside the trunk of a cop car. However, I love the power supply with no battery ! genius!

Speaking on anonymity, has anyone looked up whether the FBI can look at browser history with no warrant+youre using a VPN, which also makes me ask, and I have never seen anyone talk about, IP sanatization, how do you not cross contaminate with your IP.. checking your proton mail, jumping on Gmail.. then on FB..
Reply
#27
(05-17-2020, 05:38 AM)BAC0NSW0RD Wrote: "You mention killswitch but have you ever thought of deadman switch? I will dig up the page but I remember there was a huge github repo somewhere with a whole bunch of ideas. Like putting lock and key on your computer chassi. And adding a vibration sensor to the PC incase someone tries to open or move it.

But I think one of my favorite ones were bluetooth connection between PC and phone. When the connection is broken, computer shut down with all its encrypted volumes. So when phone goes in the faraday bag it triggers."

Very awesome ideas. I know my shitty town LE don't use Faraday though, I know because I have located my phone traveling inside the trunk of a cop car. However, I love the power supply with no battery ! genius!

Speaking on anonymity, has anyone looked up whether the FBI can look at browser history with no warrant+youre using a VPN, which also makes me ask, and I have never seen anyone talk about, IP sanatization, how do you not cross contaminate with your IP.. checking your proton mail, jumping on Gmail.. then on FB..
 
Well to look at browser history they'd have to have access to your computer. So yeah they'd need a warrant. I'm not really sure what you're talking about with "IP cross contamination."
Reply
#28
Sorry, both questions were asked in a very non-descript and very vague way.

1.
Can the FBI access your browser history if you use a VPN?
https://www.androidauthority.com/vpn-bro...i-1119492/


2.
I have wondered, when people are on a VPN and "researching" and visiting sites and then when they're ready to go back to FB, Gmail, or anything else that keeps IP address logs, do most people cycle their IP address?

I am wondering about other people's answers before I tell mine. 

Thanks!
Bac0N
Reply
#29
(05-17-2020, 05:38 AM)BAC0NSW0RD Wrote: Very awesome ideas. I know my shitty town LE don't use Faraday though, I know because I have located my phone traveling inside the trunk of a cop car. However, I love the power supply with no battery ! genius!

Yeah I guess that really depends on whether or not you're a high value target or not. And the compexity of your LE. There's a differente between the county sherrif and the FBI.

And as for using only battery; yeah this is a cool idea. Got this from the documents called Spy VS counterspy. Some very interesting documents on counter surveillance and surveillance detection of the FBI. I'm going to reupload this to GreySec soon.

I'm kind of using this set up involuntary since my battery is broken. Also have some settings that puts my PC into sleep more after like a minute of inactivity. Not sure how, but I'm using mouse jigglers myself if I want to watch a movie or something haha. Using this together with a laptop with locked ram sounds like a cool idea.

But if you want to be really paranoid: I guess this has its downsides as well. If you've heard of the NSA surveillance programme "TEMPEST". Supposedly they can tap the powergrid and recreate your VGA/Screen signals to monitor your screen.
https://en.wikipedia.org/wiki/Tempest_(codename)
https://www.blackbox.co.uk/gb-gb/page/25...y/TEMPEST/
https://en.wikipedia.org/wiki/Van_Eck_phreaking

So if you're a terrorist I suppose you can use your own diesel generator or something. But yeah let's not go overboard here  Cool

(05-17-2020, 05:38 AM)BAC0NSW0RD Wrote: Speaking on anonymity, has anyone looked up whether the FBI can look at browser history with no warrant+youre using a VPN, which also makes me ask, and I have never seen anyone talk about, IP sanatization, how do you not cross contaminate with your IP.. checking your proton mail, jumping on Gmail.. then on FB..

Easier said than done but I think we should implement compartmentalization for this. Keep separate operation environments for this. For example only use a VM for OPS. Or maybe use a laptop and only use it at cafés or libraries just to kind of separate yourself psychologically from your life and your operations.

Can recommend these articles:
https://b3rn3d.herokuapp.com/blog/2014/0...perations/
https://cybersecurity.att.com/blogs/secu...f-personas
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  how effective is Tor/VPN for anonymity? QMark 12 1,380 05-06-2020, 12:22 AM
Last Post: QMark
  would this be ideal for anonymity? QMark 2 2,392 05-20-2019, 01:19 PM
Last Post: Insider
  Proxychains Tutorial - How to hide your IP address misfit 0 980 05-09-2019, 08:33 PM
Last Post: misfit
  How-To Spoof Your IP to ANYTHING You Want Cryptography 7 10,215 08-04-2018, 05:18 PM
Last Post: lunorian