I don’t think the NSA or CIA has ever had any interests in my specific online activity, purely because the manpower is never that well utilized in our world, but in the age of automation that could all change soon.
I mean, the scary part of that thought is acknowledging availability heuristics. The pedophiles dumb enough to regularly get caught are the pedophiles we know about.
That is kind of the problem. Everyone else is getting scammed, their data stolen and tried to be manipulated by targeted advertising, algorithms and addictive, yet unhealthy social media platforms.
>That is because pedophiles are dumb and regularly get caught.
The ones with bad opsec that you habe heard about. This kind of underestimation is what fucks feds in the ass, this is how Mr swirl went so many years free.
Buy a thinkpad x230 and install heads. Write protect the flash chip. Put nail polish on the screws and take high resolution pictures to ensure signs of tampering. Do NOT use a HDD or SSD. They have DMA so a malicious firmware could do a lot of damage, use of USB is preferred since they do not have DMA. Completely remove the microphone, sound card, webcam and the WWAN card from the laptop. Remove the fan to prevent binary acoustic data transmission. Replace the default wifi card with a supported atheros card. Disable wifi when not in use, preferably by physically removing the card. Make your own independent Linux distro from scratch. Most Linux distros value convenience over security and will thus never have good security. Your only option is to make your own. Use musl instead of glibc, Libressl instead of openssl, sinit instead of systemd, oksh instead of bash, toybox instead of gnu coreutils to reduce attack surface. Enable as little kernel modules as possible. Use a hardened memory allocator. Apply strong SELinux and sandboxing policies. Restrict the root account heavily to make sure it never gets compromised. Disable JavaScript and CSS in your browser. Block all FAGMAN domains in your hosts file. Monitor all network requests. Do not use a phone. Never speak near anyone who owns a phone, they are always listening. Never use any non-corebooted technology made after 2006. Never leave your devices unattended. Tape triple layer aluminum foil all around your room as tempest shielding. Type really quietly as defense against audio keylogging. Use ecc ram to minimize rowhammer and rambleed. Encrypt everything multiple times with various different encryption implementations. Compile everything from source. Use hardened compilation flags. Always read through the source before installing something if possible. Only use the internet when absolutely necessary.
I don’t know why but I read raiding, I thought He’s RAIDing his house. So, like, one hard drive on a computer in this house, another hardrive in another computer in another house, as a RAID 0, so there is no point in raiding the house.
Blob free capable computers are so old though. After trying one I don’t know how I survived that era without even using ssds. Before that how the hell did live with Pentium 2, 3, and 4?
Nah, modern hardware is bonkers on thermals again. A 4090 with i9-12900K is going to net you 700 watts of TDP in stock. That’s like half of what you can even pull from the wall. Even at the low end for the latest generations, you’re looking at around 200W combined TDP. And then as if that wasn’t enough, they squeeze that shit in laptops! Laptops! This is absolutely nuts.
I literally did this. My senior year in college I had a single dorm room and I’m guessing some overlocked Celeron CPUs in a dual-socket motherboard. I never once turned on the heat. I’d often come home and open my window when it was snowing outside.
Rubberhose (file system) Deniable encryption en.m.wikipedia.org/wiki/Deniable_encryption
The notion of “deniable encryption” was used by Julian Assange and Ralf Weinmann in the Rubberhose filesystem (…) In cryptography, rubber-hose cryptanalysis is a euphemism for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture—such as beating that person with a rubber hose, hence the name—in contrast to a mathematical or technical cryptanalytic attack. (…)
That’s all very clever and good, but Assange has been cooling his heels in Belmarsh Prison since 2019 awaiting extradition to the US and Ralf Weinmann only escaped the same fate by dropping off the face of the earth.
Wikileaks has been a dead letter for over a decade and the western public is now so thoroughly poisoned against big intel leaks that its doubtful an effort to reinvent the site would have any benefit.
So we’re still back to a guy with a wrench being an effective means of dealing with entrepreneurial hackers.
Unfortunately you are absolutely right and I would say that computing work on an international scale always tend to be a type of war : it was so from the start ( that is to say with the decryption of Enigma machine mesages by the UK and the USA )
Right? It's kinda nuts how much this quixotic prepper-style power fantasy permeates some parts of the Internet. Hell, even that strip is conceding the basic point that there will be a cabal of evil people digging for all their super-important secret files at some point.
Kinda makes you wonder what’s on their drive that they’re so concerned about being uncovered. I’m all for privacy as a right, but people don’t usually go balls to the wall on their computer security just to protect cat memes or tax documents. People won’t even assume just regular porn stuff. People will assume terrorist plots or sex crimes or stolen classified stuff. Idk, if my NSA agent cares enough to break basic security just to find out my porn search history, then I’m just thinking that that’s wasted tax dollars. I’m not that interesting.
Edit: I’m not saying don’t do simple encryption, I’m saying that putting up ten barriers and having paid services and using multiple vpns has drawbacks of cost and performance, so what are the odds that somebody would go to all the trouble for data that nobody would care about. If you saw a giant vault in somebody’s basement, you would assume there’s something interesting in there.
if my NSA agent cares enough to break basic security just to find out my porn search history,
Police have regularly used their inappropriate levels of access to stalk and harass women they like. You may not be interesting to the government, but you could easily be interesting to a malicious actor who works for the government.
I’ve got stuff I don’t want to be public, but at the same time I’m not going to spend thousands and thousands of dollars on security measures to protect it because it’ll probably never be required, and it probably won’t work anyway.
Having a pin code longer than four digits is probably more than enough to effectively deter the average cop, and they are all I am ever really anticipating interacting with, if at all. If I decide to take up terrorism as a hobby I may reconsider.
For the record, that's as fine as any other hobby, as far as I'm concerned. Just as I don't have any issues with... you know, survivalism as a hobby.
On the aggregate, though, there IS a bit of a prepper power fantasy at play, I stand by that. Hey, I have tons of hobbies myself where I find the collective average lands in a super creepy place. If anything I think it's a relief to acknowledge it. Gives you plausible deniability.
What is this setup that requires thousands and thousands of dollars to achieve encryption? It’s just typing ‘y’ and hitting enter during my install, if anything. It’s good general practice and the highest cost involved is a totally negligible effort to type an additional password in at boot. It’s not like we were talking about rigging up some crazy kill switch that somehow physically destroy your drives at a keystroke if you think the feds have shown up.
Why did you feel the need to come into this thread and broadcast your opinion on something you know nothing about? Encryption is not made any less effective just because people made free tools to implement it easily.
It’s just math. It’s not a finite resource, and there isn’t “premium math” you have to go buy at the math store to make your encryption stronger.
I think what you’re driving at is partially true: for perfect security, it takes a lot of effort and you never know when there’s a zero day for your particular practice.
However, like the other commenter is saying, it’s easy to have better security than most. Heck, it don’t even require extra ongoing maintenance to have a healthy security coverage.
But not doing anything to increase your security is a bad choice. To me, it’s kind of like eating vegetables, if the average person would just do it a little more, we would all benefit.
Uh, no. Almost everything you can do for logical security only requires free software. Something as easy as ticking the box “encrypt my drive” and putting in a good password when installing Ubuntu or whatever is about as easy as it gets and is LUKS2 (“actual security”, as far as at-rest data encryption is concerned).
Everything I use is encrypted as hell. What do I have inside? To be honest nothing. Just your usual stuff. But why the heck should I let someone to get into my fucking harddrive? No, let’s make it as difficult as possible for those assholes.
Having said that, I’m stuck multiple times by my own encryption. Lost the keys, etc. And in case something happens to me, no one can access my legacy or docs. That’s my only doubts. Moreover, I’m aware that it only protects my data at rest, while the PC is on, there are probably a zillion zero-days I’m not aware of.
I explicitly go balls to the wall to protect my tax documents and cat memes, for a couple of reasons:
I am very passionate about the concept of “You shouldn’t have to have anything to hide to deserve the right to privacy.”
People should’t “poop with the door open” (to use a metaphor), so I keep my door shut.
Opinions and ideals can get people hurt if made public, and I want to protect both mine and those of the people i talk to (even if i don’t agree with them).
If everyone took their security and privacy this seriously, nobody would have to worry about some nonce assuming they were committing crimes just because they were protecting their right to privacy. I’m being just one more drop in the bucket.
Sure but if they’re looking it’s like them peeking through the window while you’re having sex. Will you get jailed for havingnsex, no (unless it’s gay sex and you’re in Russia, then yes) , but it still makes people feel uncomfortable. Or if they find correspondence between you and your gf organizing an abortion and you’re in Texas and they “pass it on”, or any number or things.
The issue is that you don’t have any say in what it is to be concerned about being uncovered. Regimes change, and so do the things that are dangerous to uncover. Today it might be ok showing support for LGBTIA+ rights where you live, but that might change at a votes/coups notice. Damn, supporting trans rights might get you in physical altercations in some areas in the US if you are found out, or might make it impossible to land a job.
The Nazis used data that was accumulated by prior administrations to choose their victims.
Kinda makes you wonder what’s in their bedroom they’re so concerned about being uncovered. I’m all for privacy as a right,but people don’t usually go balls to the wall on their bedroom privacy just to not be seen changing. People wont even assume just regular sex stuff. People will assume terrorist plots or a murder dungeon or your mom.
Privacy is privacy is privacy. There’s no need to justify it. Desiring it isn’t an indicator of any wrongdoing. The second you are okay with literally every aspect of your existence being completely public, and I mean all of it, is the second your statement holds any ground.
I get your example, and agree with the premise that “if you have nothing to hide…” is never a good argument, but if someone had security cameras surrounding/within their house, and 4 different locks on their bedroom door, and then a high quality safe in the bedroom, I would absolutely think there’s something more than sex toys in there. That’s still never a valid basis to search their stuff, but if there was nothing significant in there, that would feel odd.
I completely disagree. It may feel excessive, but my only thought would be “there’s someone who cares about privacy.” We only assume this stuff is weird because we’ve indirectly encouraged only weirdos to do these things. If we instead normalize it as just part of home security, like locking your doors, then it’s just another thing careful people do.
Add comment