Concealing one’s activities on the Web is something every Investigator should understand. You should understand this for your own use and to understand how these techniques may deny you needed information. Yet using these techniques may also target you as an undesirable in some circumstances.
The following are methods used to obscure Internet traffic and avoid IP blacklists and content filters.
Thou shalt not be afraid for the terror by night; nor for the arrow that flieth by day; Nor for the pestilence that walketh in darkness; nor for the destruction that wasteth at noonday. (Psa 91:6)
I don’t think they were talking about Communication Security (COMSEC) when they wrote that Psalm, but good COMSEC helps avoid terrors that come in the night.
Zfone appears to be the lowest cost solution for robust VOIP encryption that you control.
Calls made over Skype are encrypted by 256-bit long Skype encryption keys are a length that at least in theory, would take a literal eternity to crack. But you don’t have control over the encryption, Skype does.
To avoid an electronic trail, hard copy letters that are distributed via snail mail in a circular rotation might work– these are known as circular letters. Each letter is given a number, and each addenda that is added is given a letter. Subsequent letters can reference the content of earlier ones, for example, “as mentioned in Letter 2-A”, etc., etc..
This can be modified to include an emailed file that is encrypted and the message sending it digitally signed by each person. Using nearly anonymous email accounts accessed through TOR would make this very secure.
The four-ounce, $30USD, Boogie Board runs on a watch battery and mimics the feel of putting pen to paper. To erase, simply press a button. It is a 8.75 x 5.5 inch thin plastic slate that has the same functionality as the Magic Slate (it doesn’t store what you write) except that it uses LCD technology. However, the battery that powers the Boogie Board is not replaceable. Once it’s depleted, the board is useless. According to the Boogie Board site, that’s around 50,000 erase cycles.
Please note:
I won’t tell you why I’ve been so interested in the Magic Slate, 18th Century PDA, or this gadget, but I’m sure you might be able to imagine some uses for them.
If Moleskines are a throwback to a time before PDA’s, then 18th century version of the PDA is the pocket notebook made of sturdy brass stock with 4 old ivory pages and a pencil can be written on with pencil, smudged off with your finger, and used over and over again. It closes into a 1-1/8 inches by 4-1/2 inches by 3/16 inch thick package. It seems like an 18th century version of the Magic Slate.
American journalists meeting with Soviet dissidents in Russia used Magic Slates as a way of communicating without being overheard by bugging devices. Low cost, low tech, and effective — what more can you ask for?
The Pdf It! extension is designed for FireFox running on Windows, Mac OS X, or Linux. The Pdf It! menu item appears in the Tools menu as well as context menu.
The Pdf It! extension features are as follows:
I don’t have much use for the PDF function of this addon (based on an online service) . The PDF function does not provide a full colour rendition of the Web page. It is the ability to create a JPEG of a web page that can be emailed or put up on a site like ImageVenue.
If you use ImageVenue, then you only need to send a link to the image, which must be either JPEG or JPG with a maximum size of 3 meg. For example, an image of our web page is easier to send as a link than as an image file. Of course this is not secure from outside viewing but it is handy for some things.
The pocket spy: Will your Smartphone rat you out?
by Linda Geddes,14 October 2009 issue of New Scientist
Email filled with typos, spelling mistakes and irrelevant information can make you look stupid. This article contains seven tips to improve your use of e-mail to make look more professional.
The article also points-out things for which you should not use email. For example, document collaboration.
“We have created a cultural urgency with e-mail that is not correct.”
“You can fight e-mail overload with a few commonsense practices, experts say.”
Tracking down the origin of email messages has become a staple of many Private Investigators. Without getting into mind-numbing technical details, here are the steps I take to find the origin of anonymous email missives.
Delivery of large reports and file material is becoming a problem for many organisations. Electronic file delivery poses risks to the integrity and security of the data, and delivery of printed copies is too slow and expensive. Email delivery is not possible in many cases as the files may be too large, even when zipped.
You can resort to establishing an FTP site of your own, or create a secure delivery site using something like OWL, or use a third party service.
A usable third party solution to this problem is YouSendIt. This lets you send and receive files up to 2GB in size. A zipped 2GB file represents a large volume of data. Passwords control access to files you are sending and receiving, but YouSendIt does not encrypted files on their servers.
Regardless of the solution selected, the person transmitting the data must assume responsibility for the encryption. Never, ever, let somebody else take responsibility for the encryption — do it yourself on your own computer.
An excellent article about the “recent discovery of Chinese cyber warfare attacks on foreign computers, on communication computers of visiting dignitaries, and espionage activities to assist a friendly country is building weapons of mass destruction (WMDI)” entitled China’s Silent Warfare at BLOg Source INTelligence reveals a lot about China’s espionage and cyber attack strategy.
Your mobile phone can become a slave bracelet if it is compromised by malicious software.
In a previous post we mentioned XeroBank as a possible alternative to TOR.
Once you’ve figured it out, XeroBank is a great system! It’s a VPN connection to their servers which assigns you either a Dutch,
US or Canadian IP address; other nation’s IP addresses are not available. There is some confusion on their website as to whether other countries are available or not. The website merely says you can choose a country.
Once connected via the VPN, you can use all your browser and other programs to access the internet. We did not try their email service. The system is fast and you can even stream in video quite easily. Basically, it’s a great service if you have lots of time to read up on it and figure it out on your own because there is no customer support or documentation from the company; the public forums are the only place you’ll get any answers.
The sign up process and administration process are not straightforward. It is very hard to understand how to log in to the account and how to use it. Four emails to customer service over the course of 3 weeks after sign up and no answers.
They say the first month of the service is free but as you’re signing up you’re asked for your credit card and they charge you $1 for the first month; it is then very difficult to cancel your subscription, actually you can only put it on hold by going onto the website of the billing company that they use and suspend your account, but we only learned that by asking the question on their public forum where we received an answer from someone we presume to be an employee; emails to support were never answered.
Customer support is non-existent. They are more interested in the technology than their customers. (If you want to see the people who might be behind the XeroBank, please have look at the delegation they sent to the last DEFCON event.)
Poor writing is not a recent problem. In 1946, George Orwell wrote his essay, Politics and the English Language, about his five rules of writing effectively. Orwell concluded that if you follow his five rules, then you would distinguish yourself by clearly communicating your ideas.
Texter saves you countless keystrokes by replacing abbreviations with commonly used phrases that you define. It runs in the Windows system tray and works with applications you’re typing in. It can also set return-to markers for your cursor and insert clipboard contents into your replacement text, in addition to more advanced keyboard macros.
How did I ever live without this?