Agreed, also probably too arrogant and I will soften it.. The problem is exposure. They don't like exposure, and the risk it entails so that has to be weighed with what intel they have, what they need, and the importance of getting it. I recall reading some of the documents from the reporters working with Snowden. One of the reporters had something like 4 different alarm systems, and found 3 of them fully disabled, they failed to get through the final one, but it brings new meaning to 'layered' security.. Although in his case I would bet he was using 3 second bump locks, or Smart-Key technology (they can globally reset these) rather than a master card key grade 1 deadbolt with mushroom and cross pins. No real way to get through a properly secured door. Clearly they made it through his door, and then worked systematically to disable his alarms that weren't hardwired beyond his house. FYI Master Card Locks - even if you steal the persons key you can't dupe it. But also some of them have technology where it can't even be duped at more than 1-2 companies in the world.The desire for data outweighed the protections, and risk of exposure in that case apparently - very high profile. I'm continuously shocked at how people targeted don't seem to understand the precautions they need to take. Madonna was hacked - for example, and apparently was looking for an IT Professional to secure your privacy. In the case of that Snowden reporter, even something as simple as TailsOS, and layered encryption with a chapstick or eraser, or even fake wallplate USB stick (encrypted) Fun stuff.
Taking state actors off the table, there are some "Internet bullies" with comparable skillsets. So yes, being secure when adversaries know your location is very difficult. How can you maintain physical security? Who can you trust? How disciplined can you be? Me, I'd try to lose them by moving with no forwarding address And if I were famous, I'd move very far and privately
Thank you so much for your help everyone. You really got me thinking now. So smartphones are definately not good for internet. So what is better to use as a regular phone in terms of security - the old school phone or 3G phone? Mayahana I see you really know your stuff. Can you please tell me what kind of device do I need in order to scan for any kind of spying devices? And by the way, is there any way someone can see what I type on a computer that never uses internet? I've read something about capturing keyboard sounds. Is there any other way?
This is what I was referring to earlier. The way to defeat tempest type of technologies is to saturate an environment with EMF-Chaos. (Masking) We use Needle Injectors into a room to do this for counterintel. Also there are other methods they use, including ultrasonics, but again we use ultrasonic pulse wave devices for that. Finally, you have more subtle technologies that are largely defeated by 'true' pink noise generators. Here's an electrical engineer that makes true pink noise generators (scroll down past the white noise). Pink because pink is true randomized frequency noise. These are masking defenses, I mask my entire home via the HVAC system. http://www.mysticmarvels.com/noisegenerators1.html Also you can be spied on via 60hz (electrical) links when they parse variances, and then isolate them for subtle frequencies. Along with cable lines, etc. Essentially they know how to filter our 'known' frequencies within a 60hz feedback, then isolate out what they need (such as speech being vibrated on your walls, then picked up on the 60hz electrical lines) I have special capacitors on my link to filter all but 'true' 60hz IN and OUT, and also use a Double-Ferrite, and Balun Choke method to filter cable lines (In/Out). Those are effective countermeasures. It's actually quite easy for them to know 'who' is awake, who is home, all from remote. For example your wife uses a hairdryer, specific frequency, and when that frequency is popping they know she is up, drying her hair, and getting ready to leave. Nice huh? I don't want to scare people into paranoia though...
To add, I've already addressed some of this elsewhere in terms of counterintelligence. Distance -> For you it means dialing down your radios. I advocated this on my ghetto-vlan thread, it's crucial to security. If your WiFi isn't spraying outside of your walls intelligence is a bit harder to gain. Masking -> Technologies I discuss above (and others). These are modern equivalents of the woodpecker installed on windows to defeat laser microphones in the old days. Saturation Security it's sometimes called. Shielding -> On the device, room, or home level. This entails carbon or metal pigmented paints with grounding tabs on them. Preventing 'leaks' outside of a location are done. Sometimes (often hehe) combined methods used. Distance+Shielding to prevent bleed through. I didn't mean to brag earlier in the thread but my home deploys a wide variety of methods. http://www.yshield.com/
If you are worried about phone privacy; 1) Buy Tracphone with cash. 2) Setup VPN and activate it online (preferably use TailsOS), towards the bottom is "I don't want to provide any information" tiny checkbox.. Check it. 3) DO NOT power up phone yet. (critical) 4) Drive to the nearest highway underpass, turn on the phone, and activate it. Now you are anonymous with it, plan on cycling the phone out every few months (3, 6, 12 depending on paranoia). Why steps 3 and 4? When you first power on a phone it tags your account with a GPS coordinate. Activating it under a highway overpass spoofs them to think you are on the highway traveling, and the triangulation verifies your 'exact' location (+/- 5 yards) is ON the road when in reality you are under it. (last I checked they aren't spatially aware to that granular of a level) IMO Any other method with phones doesn't offer any privacy/anonymity, or unhackability.
Thank you for opening my eyes. This is really disturbing to find out. If some of this technology is available to enthusiasts or hackers and not just to the goverment agencies then all this software security doesn't make that much of a sense if for example someone can read your screen offline. Can you just tell me about listening to an oldschool phone if it is turned on but not used. Without internet or bluetooth. Just sitting in my pocket or somewhere in my room while I am having a conversation with someone. Is it realistic that these bullies could have the technology to listen to the phone if it's just turned on and not used at that moment? And if such technology is available to the masses would they then have to be nearby in a car or somewhere in the neighbourhood or they can do it from anywhere? And if all that is possible then I can put my phone in something so they can't hear anything but mumbling. A plastic bag for example? Or perhaps there is a better material?
Any bag that's electrically conductive will work, serving as a Faraday cage. There are various commercial bags for cellphones. You can make your own. Use duct tape (sticky side out) for the inner layer. Then add 2-3 overlapping layers of aluminum tape. Then finish with a layer of duct tape. Make the bag long enough that you can fold over and secure the top.
If you fear state-sponsored attack, you shouldn't use smartphone. There're already good enough story about it, and it seems one story added though I haven't read yet. But I can't say old school phone is definitely more secure as firmware rootkit can be implemented either smartphone or old-school phone, but interest would be much less on old-school phone. It finally comes down to matter of trust, so carefully search for reputation of device makers to avoid dubious maker. I personally don't recommend Nexus and iPhone. If you need to use Android, use open-sourced custom OS like CyanogenMod with hope to avoid OS backdoor, though it can't eliminate firmware rootkit, but also rooted phone have much more room to improve security for you (not limited to iptables). Either case you chose old-school or smart phone, don't connect to 3G/4G/LTE network unless you're sure cuz as I posted earlier there's a risk of IMSI catcher and even w/out that who can guarantee your privacy is respected in those controled network? Maybe you have heard of Regin. But I know you're not actually afraid of national agency. As MrBrian linked, there're some methods but it actually depends on attacker's purpose and resource. BTW, you don't need to buy Magic Mirror to detect IR as most phone camera can detect IR (test it with your remote control for TV or air conditioner). Firstly what matters for attacker who want to put a bug in your house is electric power. If he have physical access and can collect the bug after it recorded or sent info, he might implement battery with it. If he need permanent tapping, he need to borrow power from your house. How to know the tapped conversation comes next. You may think they all use radio wave as sometimes TV show gives such example where hunter find bugs by EFI meter, but if attacker can salvage the bug he might not use radio wave and instead save recorded conversation to the bug to avoid detection. Also always radiate wave is not good, if it only send recorded info twice a day, identifying it will be much harder. Finally, if you fear state actor, they can remotely tap your conversation via laser. This technology which analyze micro-vibration on window was already known in 90s, and I don't know how it have evolved now. Double-glass window with vacuum layer should mitigate it, but not sure how much extent it helps. Not only direct EMW via cables or sounds, but it is also known that electric affects by typing keyboard can be detected via an outlet. As Mayahana said, correct shielding with masking technique should block them. As to masking, you have to use white or pink noise otherwise just mixing "similar" radio wave might not enough as they can be distinguished and cancelled in Fourier-transformed space. I don't know the meaning of "turned on but not in use", if you mean you use this phone only for conversation and not for internet, yes, they might be able to use IMSI-cacther via car, otherwise it will be hard to implement malware or exploit your phone directly unless they spent much resource to find vuln in your phone and have physical access even momentary. As to bag or case, as mirimir said use full-metal bag/case.
Allright. First of all thank you so much mirimir and 142395 for all this help. check this out: http://blog.ptsecurity.com/2014/12/4g-security-hacking-usb-modem-and-sim.html http://threatpost.com/majority-of-4g-usb-modems-sim-cards-exploitable/110139 I was considering using this, but now I'm not so sure. Anyone who uses 3G/4G modems is not safe anymore or am I missing something here? Does this affect linux as well? Would I be vulnerable to this in my setup? mirimir considering my software setup with VMs, VPNs, etc would you say that if I used a hardware firewall with my cable modem that they couldn't hack me? Even if they compromised the ISP somewhere along the way - they would only see encrypted VPN traffic right? I mean, then it would be too hard for them to infect my host or BIOS? Considering that they have no clue what sites I am visiting, emails I am using etc. Considering my situation do you think it's a better solution then using a 3G modem?
Yuki, window lasers are defeated with a burst mode woodpecker. Basically it's a tiny lithium powered device that 'pecks' at the window disrupting subtle vibrations used to extract speech from by the laser. Burst mode creates a randomization, instability so they can't isolate the verbal communication from the predictiveness of the woodpecker. Brian, remember a lot of older technology actually can boost security - security through obsolesce is very real security. Radioshack for example sold a voice scramble cordless back in the 1990s. This functioned on the 49Mhz band, but communication between handset and base was fully encrypted, and scrambled. A remarkably effective technology - if you can even find them anymore, LEO doesn't like this kind of tech in the hands of persons. A lot of the technology to remotely actualize your cell phone microphone doesn't work on older phones, new technology adapts, and changes, and they don't always put in legacy compatibility because they 'assume' most targets are going to be using 'reasonably' modern gear. I know some targeted individuals and they buy and dispose of older flip phones constantly, because they know they are largely secure with them. I am working to find a programmer to develop something for me. But Haystacking is one of the best methods right now. In essense you drop so much 'crap' into the spectrum that they can't filter out the real activity. There are haystacking systems for almost everything these days, and most are closely guarded secrets. I haystack ultrasonic and emf bands in my home as a precaution - and perform limited haystacking of my internet activities. To find a needle you need to go through a haystack, make the haystack bigger, and the needle is harder to find. From an intelligence perspective, anyone appraised, and implementing haystacking becomes a 'frustrating' target. Think of ways to haystack yourself/activities, and you can come out ahead of almost anyone (even state sponsor).
I know little about 3G modems vs cable modems. However, whatever your uplink looks like, it's essential to have a good perimeter router/firewall. That's the case no matter what adversaries you face. Unless you know what you're doing, the router/firewall needs to be preconfigured. There are many sorts of protection, ranging from simple filtering to sophisticated systems that can detect attacks almost intelligently. Enterprise devices get very expensive, and require skilled IT support. But you can get very solid protection using pfSense on commodity hardware. And with their book, forums and gold support, you can add many enterprise-level features, at no cost beyond your time (and the support contract).
It seems both of articles don't give details of attack but attack aginst modem seems to need exploit browser which you can protect to some extent either XSS (Noscript or uMatrix), CSRF (RequestPolicy, Policeman, uMatrix, or KissPrivacy) or RCE (keep up-to-data plus 0day mitigation). Don't assume Linux is inherently secure. But you can secure your Linux whatever extent you want, iptables, SELinux/AppArmor, PaX and GRSecurity, HIDS, seccomp sandbox, some attack surface reduction methods, etc.. Explaining all of them are much beyond my skill but you can find plenty of resources here Wilders. Cable modem can also be exploited, but I think your setup is pretty secure already. Tho I'm not sure how much it make difference, lock down your BIOS with strong password, and forbid writing to BIOS flash memory or CMOS. Only when you need true BIOS update, temporary re-enable it. Thanks Mayanana for that info, very appreciate your expertise as always. Yeah, actually old tech was more secure. This is a reason I think U.S would be more vulnerable to cyberwar than ***. IT advancement just keep adding attack vector and making everything vulnerable. It's not what I want or need at all but we can't stop it and forced to adapot it. (sigh) IoT will definately kill not a few people.
Older tech: Acoustic, Laser, Physical Device. Newer Stuff: EMF evaluation, 60Hz Parsing, Ultrasonic, and various feedback methods. I was talking about EMF extraction methods almost a decade ago. Snowden exposed it as something they routinely use. That is evaluate, isolate, and parse the ambient EMF to extract data. They can get highly detailed information from hardened locations using that. But it's easily countered using haystacking, and I am wondering WHO people like the German Govt hire to handle their counter intelligence when these methods were used against them with seemingly impunity? A few low cost EMF injectors installed in an office effectively kills any EMF gathering technology. (Ion Projectors, etc) It reminds of back 20 years ago when I told people to put tape over their door peepholes because intelligence agencies had peephole reversal tubes. Now you can buy those on Ebay.... The best countermeasure I have found for snooping actual frequency pickups on a coax is to use double ferrite chokes, and a balun. Best thing for 60Hz (electrical) is a KVAR. But introducing randomized emf chaos into a room eliminates a lot of SIGINT gathering capabilities. You can get really paranoid, or accept the fact that if they want int on you, they will likely get it. Or you can reduce your surface area for gathering to the point it's costly, and involved, and you would likely not be worth the effort. You after all, aren't a reporter working with Snowden, or a security consultant with the Senate. We've covered a lot of ground in this thread, if someone wanted to get pretty detailed in counter intel they could go over this, and also read between the lines in some cases.
