“Unhappy it is, though, to reflect that a brother’s sword has been sheathed in a brother’s breast and that the once-happy plains of America are either to be drenched with blood or inhabited by slaves. Sad alternative! But can a virtuous man hesitate in his choice?” - George Washington, 1777
Just like Reality Winner, another young person too stupid to cover their tracks...
Pro Tip: If you are doing anything questionable from your computer - don't do it from home! Plenty of places have free WiFi. If you don't have a better option, sit outside your local McDonald's - don't go in, to make it hard for their cameras to ID you.
The one I liked was the guy that got caught because he just had to check his email. He was running a clean laptop. Using a VPN paid for with crypto. Nothing on the machine not required for his evil deeds.
Then he logged into his email account. FBI instantly had a match for him to the VPN IP he was using at that moment to check in on his darkweb site.
Being clean requires a lot more than just a VPN and an open WiFi connection.
A clean laptop name a clean browser USED FOR NOTHING ELSE make it hard. Oh, and or course you CANNOT use your phone or have it on nearby. You DO turn your GPS off when not using it, right?
I have laptop that boots from a read only geek stick. The laptop has a programmable NIC. Every time it boots it gives a random MAC to the NIC. For a browser it uses one of the onion/for browsers.
Still not perfect and it is still possible to destroy your security by being stupid.
On if the early books on hacking tells the story of the CEO visiting a hacker to get a penetration test done. He didn't think it could be done.
Hacker listens, then picks up the phone. Calls the IT help desk, tells them he's the CEO and it's locked out of his account and needs to get a report ready for the next days stock holders meeting.
5 minutes later he's logged in as the CEO as the CEO observed.
Computer security had to be as much about people as it is about the machines. Yes, you have to have good crypto when sending important information. But how often have we seen high security locks with 1234 as the PIN or the CEO with a password of "password"
Just like Reality Winner, another young person too stupid to cover their tracks...
ReplyDeletePro Tip: If you are doing anything questionable from your computer - don't do it from home!
Plenty of places have free WiFi. If you don't have a better option, sit outside your local McDonald's - don't go in, to make it hard for their cameras to ID you.
The one I liked was the guy that got caught because he just had to check his email. He was running a clean laptop. Using a VPN paid for with crypto. Nothing on the machine not required for his evil deeds.
ReplyDeleteThen he logged into his email account. FBI instantly had a match for him to the VPN IP he was using at that moment to check in on his darkweb site.
Being clean requires a lot more than just a VPN and an open WiFi connection.
A clean laptop name a clean browser USED FOR NOTHING ELSE make it hard. Oh, and or course you CANNOT use your phone or have it on nearby. You DO turn your GPS off when not using it, right?
ReplyDeleteI have laptop that boots from a read only geek stick. The laptop has a programmable NIC. Every time it boots it gives a random MAC to the NIC. For a browser it uses one of the onion/for browsers.
ReplyDeleteStill not perfect and it is still possible to destroy your security by being stupid.
On if the early books on hacking tells the story of the CEO visiting a hacker to get a penetration test done. He didn't think it could be done.
Hacker listens, then picks up the phone. Calls the IT help desk, tells them he's the CEO and it's locked out of his account and needs to get a report ready for the next days stock holders meeting.
5 minutes later he's logged in as the CEO as the CEO observed.
Computer security had to be as much about people as it is about the machines. Yes, you have to have good crypto when sending important information. But how often have we seen high security locks with 1234 as the PIN or the CEO with a password of "password"