Wednesday, June 19, 2013

Re take Your Privacy and Communication Security



With the recent revelations pertaining to government spying on it's own citizens (does this really surprise anyone?), I wanted to offer a quick primer on regaining some of your electronic security. This is by no means an exhaustive list, but a number of things you can start doing right now. (I also offer a course on this subject that covers it in great detail.)

One caveat I need to point out before we go further is this - While any and all of the following tips will offer a high level of privacy, most of them are rendered potentially useless if they are employed on the Windows or Mac operating systems. Why? Because Microsoft and Apple have entered into complicit agreements with government bodies in the form of secret backdoor access to your system and no anti-virus or malware  program will save you from it as it is a "legitimate" part of the operating system's code.
Where does that leave you? Either install a Linux based OS, or at the very least get a bootable  USB linux system. 
Now, there are those (including MS and Apple) that will argue that there is no such thing and this is just wild tinfoil hat talk. Ultimately it boils down to this for me......do I trust organizations that have a track record of disregard for client privacy and offer software that is closed source and hidden from public audit - or do I trust a product that is designed with privacy in mind and is open source and regularly audited by the public?

Backdoor Info 1          

Moving on.......

1. Stop using Yahoo, Google and Hotmail for your email. In the last week alone I have received at least 4 emails from "friends" who had their accounts hijacked/hacked (all Yahoo).  Consider smaller email providers that will respect your privacy......GMX, Lavabit, Hushmail just to name a few. That doesn't mean that you can completely trust these providers, it simply means they will not read your email for marketing purposes and will only surrender information to governments within the appropriate judicial process.(You still would need a VPN or Tor to mask your IP address and PGP keys to encrypt your content - but that is another article all by itself)

2. Stop using Yahoo, Bing, Google for your searches. Instead use DuckDuckGoStartpageIxquick or Privatelee.

3. Stop using Skype and Google voice. Instead try out options that offer encrypted calls like iCall and Jitsi. You can setup a free phone account with Ostel - they have instructions on their site to setup the phone software.

4. Setup a chat/instant message account using Pidgin (Adium on Mac) or Jitsi, which will allow encrypted communication via OTR. I recommend setting up an xmpp account for free with DuckDuckGo HERE

5. Encrypt any personal data in a separate drive with Truecrypt or LUKS (use the Encfs Manager in Linux)

6. Start using a VPN service (one that utilizes openvpn protocols)



If you are considering a move to a Linux based system, here are a few places to start....

If you are used to using Windows try - Zorin OS 

If you are used to using Mac try - Pear OS

or give these a try - Ubuntu or Mint



These are just the tip of the iceberg, but will get you started on the road to recovery......

Sunday, June 16, 2013

After Action Report - May Courses

 

(Note: I am testing out a new website at CombatStudiesGroup.weebly as i am hoping to abandon all things Google in the near future - feel free to check it out.)

***
This is a much belated AAR for the May Gunfight Carbine and Secure Comms courses.

Once again I would like to thank Matt from Liberty Handgun Training for facilitating the courses. He put in a lot of legwork to make these classes happen.

We had a full class for the carbine course and everyone pushed themselves hard for 11 hours of rain drenched training. Some of the participants were former students of Mosby (http://mountainguerrilla.wordpress.com/) and had only good things to say about him. It also served to demonstrate the point that, while tactics and techniques may vary between instructors/operators, they will (or should) share the same core fundamental principals.

The students were kind enough to send in some reviews, one of which is below (you can find the rest on the Reviews page)....


"I wanted to thank you for the course last weekend. Your ability to train top level Operators and day one beginners side by side never ceases to amaze me! I know that I was challenged, informed, and educated in a short period of time. The techniques on clearing malfunctions will never leave me. I've never seen some of the malfunctions you showed us how to clear, and I would consider myself an average/moderately experienced shooter with the AR platform.
What I took from your course was the foundation I need to build on to successfully employ this platform effectively and accurately as a new and intermediate user. If only I would have had this base years ago, I'd be a far more proficient shooter!
The information you shared on equipment and how it effects performance was eye opening! I don't think a single person left the training area without making the decision to purchase better equipment! I know I didn't! Those kinds of critiques and advice can only come from years of experience like yours.
Thank you Kris, I have no doubt that I'll be at your next class. "


The secure comms class ran about 10 hours. It was the maiden voyage of that particular curriculum  and we got a lot of the kinks ironed out over the course of the day.  By the end of class everyone  had a good under standing of how governments, corporations and hackers exploit our routine communications and data storage and what they can do to prevent such activities. Everyone was able to build a functional "Red" system and some students even got an "Orange" system up and running. One student sent in the following review......


"Kris provides the practical knowledge needed to truly have secure data communications. He brings to bare an awareness of your own personal risk communicating across the Internet and then delivers the instruction, tools, and process to significantly reduce your vulnerability. When class was finished, I had a hands-on understanding of LINUX, TOR, VPN, Tails, PGP, and creating a password template. Great class, I only wish there was more time to pick Kris’s brain."

We will continue to fine tune the secure comms course to help people to re-take their privacy (which is a cornerstone of liberty in my opinion), even as more and more of our data is spied on by various state and non-state actors.