Wednesday, March 7, 2018

New Items Coming To The Store

We have been hard at work over the last several months developing new tools to help secure your digital life. We continue to refine the Sepio Secure OS and expect to release the Sepio 2 this summer. Other items that are coming soon:

Sepio-Offgrid Rugged Laptop

  - Offers the same level of rugged MILSPEC protection as the famous Toughbooks
  - 14 inch HD screen
  - 8-32GB RAM
  - 128GB -1TB SSD or HDD
  - i3 CPU (non vPro)
  - Sepio Secure OS
  - Optional packable solar panel/battery combo for field use
  - Estimated Price: $1600-2000

The Libertas XL

  - A 9 inch rugged tablet with:
  - Dual-core 64bit CPU
  - 2GB RAM
  - 16 or 32GB storage
  - Estimated price: $650

Sepio-Micro Desktop

  - A full featured Sepio desktop not much larger than your hand.
  - Plug in your own keyboard, mouse and monitor
  - Estimated price: $750

Graybox Secure Router

  - Router, Access Point, Bridge, Firewall, Intrusion detection and VPN all in a small package.
  - Estimated price: TBA

Home Theater System

  - This would replace your Roku, AppleTV, Chromecast, AmazonFire, etc media devices. It will have the same functionality - streaming of your favorite shows, music, etc, but without the spying.
  - Estimated Price: TBA

GrayMatter VPN Service

  - We have been testing the beta of our very own VPN service. What will it offer?

  - Servers in jurisdictions that are respectful of privacy rights
  - Servers setup with same security you would find in the Sepio
  - No logging of customers
  - Anonymous account creation and payment support
  - Wireguard, TOR, OpenVPN and Shadowsocks
  - Multihop support
  - Secure, non-logging DNS

  - Estimated Price: $6-10 monthly

I should mention that all of our products are fully patched against the Meltdown and Spectre vulnerabilities. 

Friday, March 2, 2018

GroundRod Primer in Boise, ID **UPDATED**

**** NOTICE **** This course has been rescheduled for 24-25 March and will be moved to a venue in Prosser, WA.

GroundRod Primer course in Boise, ID March 17-18. Lots of updated material for 2018.

Course fee is $400. Email me to register for a seat.

Thursday, January 25, 2018

New Year, New Threats...

GroundRod courses are back....

Upcoming courses in Salt Lake City, UT and Boise, ID.

We are looking at February 10-11 for SLC.

Details to follow.....

Friday, November 3, 2017

Interview with Forward Observer

I recently had a short interview with Forward Observer regarding Bitcoin and Crypto-assets. 

There is a lot of interest being generated right now in this field, and for good reason. Whether your interest lies in protecting your assets, seeking better investment vehicles or just enhancing your privacy; you would be wise to study up on's not going away.

You can listen to it HERE

Wednesday, November 1, 2017


*** SOLD ***

I have a special going right now on a SEPIO secure laptop. This is on special due to my putting a couple light scratches on the lid while working on it. The specs are as follows:

- i7 CPU (versus the normal i5)


- 256GB SSD

- 15.6 inch Full HD touchscreen

- Full aluminum chassis with backlit keyboard

- SEPIO Secure OS (latest build)

This model normally goes for $1400, but I am knocking $100 off due to the scratch. My mistake is your gain....

As with all SEPIO's, the RAM and SSD can be upgraded on request.

The i7 models are rare, so get it while you can.

Tuesday, October 17, 2017

Important Update on Recent Hack of Wireless

As many of you are now aware there was a rather dangerous hack released the other day ( CVE-2017-13077) that affects nearly all devices' utilization of the WPA/WPA2 wireless security protocol. The details of which can be read about here:

Now before anyone panics I should point out a couple things:

1. A patch for this has been released already for the following distros:

    Linux Mint
    Debian (and most distros based on Debian)
    opesource Android Lineage OS

Simply run your update manager (or sudo apt update && sudo apt upgrade in terminal) and you are good to go.

2. If you were following my advice and utilizing the WPA2-CCMP/AES version as opposed to WPS or TKIP the damage would have been far less.

3. There are currently no patches available for:

    Windows (I know, shocking)
    Mac OSX
    non-Debian Linux (Suse, Fedora, Arch, etc)

If you are on one of these systems you need to:

- Use a wired connection if possible
- Use a VPN (OpenVPN protocol with RSA-4096 DHE, AES-265 and SHA2+)
- Make sure you have HTTPS Everywhere enabled in your browser
- Ensure that TLS 1.2 is being utilized by your browser and the sites you visit.

There was also a hack discovered in Adobe Flash, which if you have been paying attention happens on a fairly regular basis. There are patches available for Linux, but frankly I would just disable it in your browser (or uninstall it completely) as it is a constant attack surface anymore.

Keep in mind that digital security is a dynamic sport and requires constant vigilance on our part.

I will post any relevant updates to this issue.....

** Update **

- Microsoft is claiming that they have addressed the issue. So take that for what it's worth.

- Apple states they will have a patch available in a few weeks.


Thursday, October 5, 2017

SEPIO Secure Laptop Sale

SEPIO Secure Laptops will be on sale for $100 off normal price until November 1st.

Some of the recent system upgrades include:

- Added support for Yubikey secured boot

- Added support for KeepKey, Trezor and Ledger crypto-currency hardware wallets

- New artwork and icons

- Option for custom Secure Boot certificates

and many other software updates and upgrades.

Wednesday, September 13, 2017

Upcoming Courses

Can you actually protect yourself from online thieves, government snoops and malicious software?

What is the "Darkweb" and is there any legitimate use for such a thing?

What is Bitcoin and why should I concern myself with it?

How is the Internet Of Things dangerous to me?

Can the government read my emails and messages?

Can they break my encryption?

These are all common questions coming from the public on a more and more frequent basis and they are just a few of the questions that we answer in the GroundRod training series. The courses are designed for the layman and the professional alike and are hands on. You don't just listen to a lecture, you implement the subject matter in real time during class. We cover the spectrum from system hardening and secure communication to human tradecraft and escape & evasion skills. You leave class with a broader understanding of the threats and a real set of tools with which to protect yourself, your family and your business.

Upcoming courses:

12-15 October         GroundRod Primer & GroundRod 2      Atlanta, GA

28-29 October         GroundRod Primer                                   St Louis, MO

TBA  November     GroundRod Primer & GroundRod 2      San Francisco, CA

Contact us to register or to setup a new class in your area.

*** ALSO ***

Updated course review for Gunfight Concepts Carbine on the Course Reviews page.

Sunday, August 6, 2017

Tactical Skills Q & A -or- Be Good at Everything or Die

In the interest of spreading useful information regarding tactics/training I wanted to relay this conversation I had with some folks from the tactical community a while back. I was asked several pointed questions which I do my best to answer below:

Question 1:

Of all the various training disciplines available, which one should be top of the training list right now in light of world events? Rifle training? Land Navigation? Communications? Patrolling, etc...


Well, there are definitely some sacred cows on that list. It of course kind of depends on where you are as an individual with regard to the various skillsets, but lets assume you are a competent shooter with some basic fieldcraft under your belt....I would put information gathering on top. You could also label it Intel/Comms if you wanted. Why?

1. Intelligence drives the fight. Without it, you are just a bunch of armed guys in the woods.

2. Everyone can do it. Your 75 year old aunt can do it, your kid can do it. Not everyone can be an effective infantryman, but anyone can be eyes/ears/disseminators.

3. Right now nearly everyone sucks at it. I had a good buddy that was with CAG tell me once, "Everyone thinks our shooting is what makes us so effective, and while we are talented shooters there are certainly better out there....that is just a small part of what we do. It's all those other skills that make the difference".  I thought he made a very good point.....

Question 2:

What is the best fighting rifle?


Good lord. The one in your hands at the moment....but seriously, as my generic go-to-war rifle I would prefer a properly built AR15 carbine barring a mission that required a special applications rifle of some kind (see intel above). The caveat here being "properly built". As someone that has taught on a great many ranges over the years I can say that there are far too many cheap/poorly built/poorly maintained AR's out there. The best advice I can give here is seek out some armorer level training.....get to know your rifle inside and out. Learn how to diagnose strange rifle your gun over-gassed? maybe under-gassed? Keep a log of how many rounds you have put through the rifle and the individual high-stress parts, such as the barrel, bolt and recoil spring. There are a few items that ALWAYS travel with my carbine:

1. Spare bolt w/firing pin (they do break from time to time folks)

2. GI steel cleaning rod (ever get a barrel full of mud at the worst possible time?)

3. Lube (duh)

4. Small ziplock with spare pins/springs

5. Sharpie pen (saves your finger when clearing nasty malfunctions)

I may carry much more than this, but never less.

But what about stopping power and range? Look, no argument here that a 7.62mm NATO gun has better of both and if the METT-TC dictated it, that's what I would take. But consider this:

1. You can carry a lot more 5.56 than 7.62. Basic load management here folks.

2. With few exceptions, I still believe shot placement (aka, effective fire) has more to do with a positive outcome than the size of your gun or bullet.

3. If desired, you can utilize specialty ammunition that can extend the effective reach of your 5.56 gun. Like the Mk262 (77gr projectile), which we found to be very effective at one shot stops out to 700yds during OIF/OEF. Just make sure that your particular rifle can accommodate the heavier bullet. You generally want to stick with a 1in7 twist as opposed to the sportsman's 1in9 as you may end up with stabilization issues. Personally I favor the 1in8 barrels....good stabilization for a wide spectrum of rounds and good barrel life as well.

And lets not forget that the AR carbine platform is almost like a Lego set in it's ability to be customized for the man and the mission. There are endless manufacturers of high quality parts for the platform out there, many offering far better than "MILSPEC" quality. And while we're at it....MILSPEC is not a statement of high quality, it's a "minimum acceptable standard". Your off the shelf LaRue carbine is going to greatly exceed the standards of the M4 issued to Joe infantryman. Don't be beguiled by gun shops selling expensive MILSPEC labeled rifles.

And for you folks that have chosen to embrace the AK platform (or SIG or HK or whatever), more power to you. Just don't think for one second that the same rules/concerns don't apply to you. All machines will invariably fail at some ready for it.

Question 3:

Optics or irons?


Depends......if I want to be as effective as possible I use optics. Not to be a funny guy but look, the evidence is overwhelming. You take any shooter and give him optics and he will shoot faster and more accurately. I still train with irons of course, but they are a back-up.....not a primary tool. I don't know what else needs to be said on that.

Okay, what kind of optic?

I'll assume we are still talking carbine here and not precision/sniper rifles. The 1-4 and 1-6 variable scopes are really nice as they give you the "best of both worlds" so to speak. You can dial down and have a reflex sight or dial up for distance shots or glassing an area. For out and out speed, it is pretty hard to beat an EOtech "dot-in-a-donut" sight (1 MOA dot with a 65MOA circle). SIG actually has a similar sight out now that has picked up some of the big Federal contracts that EOtech lost recently. It employs a 2 MOA dot w/ 65MOA circle (you can toggle between dot and dot/circle on some models) and comes in a much more compact package. I should point out that the SIG Romeo sights are made by Holosun, so if you want to save some scratch go buy the Holosun version. The SIG and HS sights can also be had with a small integrated solar panel, thus greatly extending the normal scant 7 year battery life of the unit.
One plus I should mention regarding the variable scopes is that they usually have a glass-etched reticle as well as an illumination system, so if your battery does happen to die at an inopportune time you don't lose your ability to aim. But of course good pre-mission checks would prevent such an occurrence, no? A con for the variable scope is that it does have a specific eye-relief which a reflex site does not suffer from.

Question 4:

Is it worth it to have a kevlar helmet? or heavy armor plates for that matter?


Anything that keeps a high speed piece of metal from entering my person is a good thing. That being said it is always a matter of balance and METT-TC (I know, we blame everything on METT-TC). We have had amazing advances in armor technology over the last twenty-so years and it would be foolish to ignore them if we are going to be going into harm's way. Helmets have become lighter, stronger and a force multiplier of sorts. They not only protect our heads, but are a platform for mounting our NODs, IR identifiers and lights (ask any 18D that has had both hands buried in a dude's guts if that helmet light was handy). So yes, get a good helmet. If you are conducting low-pro operations, stick it in your go-bag.
As far as body armor and plates go, a lot of lives have been saved by SAPI plates. I just recommend not going too overboard with your armor (like our incredibly risk-averse military does now) or you risk it becoming a hindrance rather than a help. My general rule on this is that I try to achieve a degree of balance between my defensive and offensive capabilities with the offensive side favored. I would prefer to wear a simple plate hanger as opposed to  a full wraparound, shoulder protector-groin protector neck-protector monstrosity that had as good a chance as the enemy at putting me into the medic's gentle caress. You just have to get out there and train with this stuff on and figure out the sweet spot. And train in crappy weather too.....train when it's crazy hot and crazy cold. Better to know now than later.

Question 5:

Do you train more with pistol or rifle?


Pistol.  It's harder to be good with a pistol than a rifle. Pistols suck compared to rifles at putting down a threat so shot placement and follow ups are crucial. I spend most of my day with a pistol. It would cause a scene if I slung up my carbine and went grocery shopping with the kids.
I think it's even more important with a pistol to choose quality ammunition. Something with a solid, real world stopping record like Speer Gold-Dot or Winchester Ranger. Something bonded, so it doesn't shed all it's mass when you shoot through a barrier like glass. And if you are going to roll with +P or hot loads, make sure that you train with them as the recoil management differences can be significant.
And while we are on the subject of pistols.....if you spend most of your time carrying concealed then you need to train in that configuration. Too many guys show up for a class and are decked out ready for war with overt carry holsters. That's fine and all, but you need to spend the most time training how you spend the most time carrying.

Question 6:

What is the most important piece of gear I could have right now that I probably don't own?


Easy. Night vision devices. I tell folks, if you have seven rifles but no night vision, it's time to sell a few rifles and get some NODs. No other item can have as significant an effect on your survival on a battlefield in my opinion. All state level actors (good or bad) have them. The cartels have them. The terrorists for the most part have them. And if the world goes sideways - you can bet that battlefield recovery ops will have them in the hands of a great many potential adversaries. Don't mess around on this one folks.....go get yourself a set of PVS-14's from a reputable source. You want the single battery model (the dual battery model would break if you looked at it wrong) with a Gen 3 Pinnacle auto-gated tube.

After that it would probably be a digital trunking scanner. Priceless tool right there. If you are behind on your radio comms seek out the AmRRON folks and jump into one of Sparks33's classes.

Question 7:

You preach soft skills like what you teach in the Groundrod courses and Sam Culper teaches in his intel courses as being critical right now, but what other hard skills should we be looking at besides the big ones mentioned earlier?


Well, driving for one. We spend a sizable amount of time in our non-armored vehicles driving around and if things ever go sideways it will only be a matter of time before you have to deal with the following scenarios:

1. Hostile government checkpoints

2. Local hoodlum roadblock

3. Vehicle breakdown in middle of nowhere, or hostile area

4. Vehicle hijacking attempts (static)

5. Vehicle hijacking attempts (kinetic)

6. Vehicle hacking

7. Driving into ambush

Your intel/comms/route planning skills are going to become paramount when you don't have an armored rig to drive around in......and who of us normal folks have that option?

There are a few different aspects to this subject, one being how to setup and equip the vehicle itself:

- Mechanical emergency counter measures
- Medical
- Comms
- IR lights and kill switches (you have NODs right?)
- Basic survival gear (think Maslov)
- Weapons/ammo

and then there is the actual driver skill set. Really the only good way to get this is to spend the time and money to attend a tactical driving course and EVOC doesn't cut it for you first responders out there. You combat vets that have spent time driving up and down J-bad road or route Irish are going to be ahead of the game, but you are still going to want to seek out those skills. Driving an armored Hummer is not the same as driving your family sedan under extreme conditions. I speak from experience......

Besides driving.....I would look into medical training. Wilderness EMS training is about as close as you will get to austere medicine here in the land of civility. If you are lucky enough to find it, there is no replacement for live tissue training (aka, Goat Lab). There are sources out there....ask me if you need help.

Sanitation skills. Herbal medicine skills. Basic engineering/building skills. Old-school Land Nav (there is a reason USASOC and JSOC have such a strong initial focus on this) Languages (I know, more of a soft skill) You know....everything.


Regarding the first part of the vehicle issue, I have a course I am fielding shortly that covers this. Setting up your rig, equipping your team in a low-pro fashion, vehicular overwatch, surveillance detection routes, cleaning runs, fighting out of and into a vehicle and more. I will post it to the site when the dates are established.

Wednesday, August 2, 2017

Full Spectrum Training.....does it matter?

 So I know the question is out there....why is this website supposedly devoted to the study of warfare always talking about computer security and cryptocurrency? Shouldn't I just be posting articles about "improving your shot group" or the latest in "tactical accoutrements"? It essentially boils down to this:

1. As anyone who has attended my courses knows, I believe in what I call "The Heinlein Doctrine" (or the Competent Man principal). In essence, a warrior (or just a human being for that matter) must be good at everything...not just shooting, or grappling, or navigating.

2. Right now, technology is at the forefront of not just battle, but our everyday it or not.

3. Many believe that war lies in the not too far future of the western world. I believe that this war has already begun. Perhaps not the shooting part, but the IPB (Intelligence Preparation of the Battlespace) has begun in earnest in the technical space. We ignore this aspect of the battlefield at our greatest peril.

4. And finally, there are hundreds of sources these days for sound tactical training, but very few sources for full spectrum training exist.


  "A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyze a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly. Specialization is for insects."

-- Robert Heinlein (From Time Enough For Love)


I should point out that I do in fact have some "hard skill" courses coming up:

- Gunfight Concepts Carbine  -  AUG 19-20   CDA, ID

- Low-Pro Tactical Vehicle Operations  -  SEP  tba

- Home Defense CQB (force on force)  -  OCT  tba

I also have the GroundRod cyber defense series of courses in:

- GR 1 & 2  -  Scranton, PA  AUG 10-13

- GR 1 & 2  -  Eugene, OR  AUG 24-27

- GR 1 & 2  -  San Francisco, CA  SEP tba

- GR 1 & 2  -  Atlanta, GA  OCT  12-15 

Which brings me to my point -

   One of the subjects that I cover in the GroundRod training series is that of crypto-currency (Bitcoin, etc). Simon Black from SovereignMan sent me an excellent piece recently on Crypto 101...

    "Commerce on the Internet has come to rely almost exclusively on financial institutions serving as trusted third parties to process electronic payments. While the system works well enough for most transactions, it still suffers from the inherent weaknesses of the trust based model. Completely non-reversible transactions are not really possible, since financial institutions cannot avoid mediating disputes.

    The cost of mediation increases transaction costs, limiting the minimum practical transaction size and cutting off the possibility for small casual transactions, and there is a broader cost in the loss of ability to make non-reversible payments for nonreversible services. With the possibility of reversal, the need for trust spreads.

    Merchants must be wary of their customers, hassling them for more information than they would otherwise need. A certain percentage of fraud is accepted as unavoidable. These costs and payment uncertainties can be avoided in person by using physical currency, but no mechanism exists to make payments over a communications channel without a trusted party.

    What is needed is an electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party. Transactions that are computationally impractical to reverse would protect sellers from fraud, and routine escrow mechanisms could easily be implemented to protect buyers."

-- Satoshi Nakamoto

   I strongly encourage you to READ the full article by Ben Yu as it gives an exceptionally thorough breakdown of what crypto is and why it matters. As the saying goes....there will be a test...

Tuesday, June 6, 2017

Those Sneaky Dots

As I have been pointing out in the GroundRod courses for years, your printer can "tattle" on you. 

Case in point:

"According to Rob Graham, who writes for the blog Errata Security, the Intercept’s scanned images of the intelligence report contained tracking dots — small, barely visible yellow dots that show “exactly when and where documents, any document, is printed.” Nearly all modern color printers feature such tracking markers, which are used to identify a printer’s serial number and the date and time a page was printed."

Full article

So the most recent NSA leaker was rather quickly outed due to barely visible yellow dots that are surreptitiously placed into every document printed by nearly every printer in existence.

I encourage you to check out the EFF's guide HERE for finding and decoding your printer's secret messages.

Friday, May 19, 2017

GroundRod 1 & 2 Idaho, June 1-4 Update

The GroundRod Primer course for CDA, Idaho is completely full and we have 2 seats left for GroundRod 2.

If you did not make it into this class we have some upcoming dates in the Northwest:

- June 15-18    Eugene, OR

- July 6-9         Prosser, WA

- July 14-17     Buffalo, WY


Outside the NW:

- July 29-30        LasVegas, NV  (after Blackhat 2017)

- August 10-13   Scranton, PA

Reserve your spot before they fill up.

Wednesday, May 17, 2017

Update on Intel AMT Exploit

As many of you are aware, a rather onerous firmware exploit was discovered in February that affects most modern Intel processors. The exploit has been dubbed "Silent Bob Is Silent" and can grant an adversary remote access to your computer beneath the OS level. This not only affect Windows machines but Mac and Linux as well.

“The exploit is trivial, max five lines of Python, could be doable in one-line shell command. It gives full control of affected machines, including the ability to read and modify everything. It can be used to install persistent malware (possibly in firmware), and read and modify any data. For security servers, it may allow disabling security features, creating fake credentials, or obtaining root keys. …  IT folks, KEEP WORKING THROUGH THE WEEKEND, DISABLE AMT NOW or block access to it. This can get ugly.”

Read the full piece HERE

The linked post will cover some methods for determining if your system is vulnerable. It should be noted that the Intel vPro model CPUs are most vulnerable.

I should point out that the SEPIO laptops are not vulnerable to this exploit.

Note:  A quick fix you could employ while waiting for a patch is to block the following ports in your router/AP firewall: 16992, 16993, 16994, 16995, 623, 664. This will block it for the time being. I would also disable IPv6 as it uses random IPv6 ports.

Friday, May 12, 2017

Be Careful What You Click

Those leaked NSA TAO tools have been in the wild for a few weeks now.....and now we have this.

"According to CrowdStrike's vice president of intelligence Adam Meyers, the initial spread of WannaCry is coming through spam, in which fake invoices, job offers and other lures are being sent out to random email addresses. Within the emails is a .zip file, and once clicked that initiates the WannaCry infection.

But the most concerning aspect of WannaCry is its use of the worm-like EternalBlue exploit. "This is a weapon of mass destruction, a WMD of ransomware. Once it gets into an unpatched PC it spreads like wildfire," he told Forbes. "It's going through financials, energy companies, healthcare. It's widespread."

Given the malware is scanning the entire internet for vulnerable machines, and as many as 150,000 were deemed open to the Windows vulnerability as of earlier this month, WannaCry ransomware explosion is only expected to get worse over the weekend."

Read the whole piece here WannaCry exploit


The WannaCry malware currently is wreaking havoc with the  UK healthcare system.

This attack uses the leaked Eternalblue malware from NSA and is a nasty one. Yet another reason to move away from Windows and into a Linux based distro (preferably a hardened one).

BlackHat 2017 Convention & GroundRod

Blackhat 2017 Info

I will be attending the 2017 Blackhat convention in Vegas July 22-27. If there is interest I can schedule a GroundRod course in Las Vegas to run right after the conference.

Any interested parties email me and we will see if we can make it happen.