A modest proposal for the protection of your privacy
The continuation of the article jameson Loppa, a leading developer keys.casa, about how to maintain confidentiality in the era of total surveillance.
*** Chapter II
Protect your home
To preserve privacy, try not to associate your name with place of residence. Simply put, you can calculate the place of registration, so it is better to live at the same address can not be associated with your name. For this your home needs to be registered to a person or company not related to you directly.
The USA has some States with particularly strict laws that protect information of companies with limited liability: new Mexico, Nevada and Wyoming. And there are companies that provide services to protect privacy at various levels. In the most advanced protection plans are used “shell company” (shell company) that hides the real name of the owner of the property for a multitude of legal barriers, which are very difficult, if not impossible, to overcome. By registering for this “fake” a legal entity, you will be able to use it for the purchase, lease, leasing, payment and delivery.
It is also worth remembering that many people do not have the registration. There are those who live in trailers and constantly change locations. On the forums of these people, leading a nomadic life, you will find many useful tips. All this information can be useful when you begin to ask questions about where you live. “My trailer with no permanent address registration” is a much better answer than “Sorry, I’m trying to protect my personal data”.
After moving to a new place, you might want to take the next step — to prevent the leakage of information during conversations on the phone and video calls. You don’t have to give out background noise and scenery in the background. I would recommend to set the camera so that the back was only visible to the bare wall. Another option is to buy a portable screen. To drown out background noise, cover the microphone with an acoustic box. And screens and acoustic safe box you can buy on Amazon or do it yourself. Paranoid note: even a thunderstorm while talking on the phone can give your location.
Worried about eavesdropping with a laser microphone? If you follow all my recommendations, it is unlikely that someone will figure out where you live. But if you need additional protection, you can buy a noise generator. The market is full of various models.
Another important point: the EXIF data on the photos. Do not place the network photos taken near your home or somewhere you often visit on the digital picture may be prescribed GPS coordinates. First of all it concerns a photo taken by the smartphone. Before you place photos in the Internet, erase their metadata using EXIF cleaner for Mac and Windows or ExifTool for Linux.
Another important point — your time zone. When posts in social networks and transaction time zone is specified, it is not difficult to figure out what longitude you are using a spatial-temporal analysis. If you live in a densely populated region, it’s not scary. But if you live in Hawaii, New Zealand or Greenland, the publication of such information would be extremely unsafe.
Time analysis transaction wallet 336xGpGweq1wtY4kRTuA4w6d7yDkBU9czu on BitInfoCharts
The above figure shows temporal analysis of movements of funds in your wallet with a small amount of BTC. The time indicated is GMT. We see that the daily activity starts at 12 am and terminated after 15 hours of the day. This time coincides with the period between 9am and midnight for the time zone of Tokyo. This is the address of the cold wallet of the Japanese stock exchange CoinCheck.
Also you should not publish any information on its activities, since it can give your location. Of course, this applies to any check-ins, tags and status updates in Instagram, Facebook and other social networks. But it is useful to place the posts about places that are away from your home, to confuse the trail. But I will write about this later.
I think it’s overkill? Do you remember the case when the users of 4Chan less than a day found the place where he was hiding Shia LaBeouf. First, they drew attention to the planes that were visible in the background. Using publicly available flight paths, they calculated the approximate location. Then the position was adjusted by the stars. At the last stage of one of the users of 4Chan just went around the car and periodically honked. Don’t underestimate the power of the Internet, especially when you are looking for a crowd of people.
Defend your Inbox
Never get letters and packages on your real name and address. Little known fact: all correspondence that goes through the U.S. Postal service, scanned, and information is stored in a single database. Is it possible this base hack? I would like to believe that there is.
The optimal plan for ($$$). Rent the cheapest apartment just for mailings. As this is a “real address” any suspicion among the services that you provide, will not arise.
Normal plan ($$). If you have a trusting relationship with your attorney, he may agree to receive email sent on your behalf. You can still use the “address-Ghost” (ghost address), the alternative address provided by different independent agencies, like JJ Luna.
Modest plan ($). Buy a virtual address or use the service forwarding through an intermediary. You can use several of these services to create a kind of “onion routing” to your real mailbox. Each item of mail sending will only know about the previous and the next address. As options you can consider EarthClassMail and TravelingMailBox.
A very modest plan ($). Rent a mailbox at the UPS office.
After configuration of all possible proxy of your physical address, you can use it for all services that do not require confirmation of the address of actual residence. And this:
Subscription and membership
Defend your property
In this case, “property” is an object, possession of which you regularly pay taxes. Data about them are recorded in public registries that can lead to the leak of personal data. In most cases, under “property” means the real estate and vehicles, but some States fall into this category and Pets. Technically, record of paid by citizens taxes not advertised, but these data have access to 75 000 employees of the IRS, so I don’t think you can call it confidential information.
Let me repeat: you should register all of these objects to a limited liability company whose bond you are impossible to track. Moreover, you will probably need different front companies for the registration of real estate and vehicles. This will reduce the number of bindings to your residence: if an attacker can find one of your cars was on the “OOO No name”, the first thing he will do is start to look for information about the entire property “OOO No name”. And if this LLC will own the rights to your house — you have calculated.
And again, if you do not want your name appeared on the insurance policy of the vehicle you must register it as a commercial vehicle and get the insurance. Based on my experience I can say that it will cost two times more expensive than a policy for an individual.
Protect your real name
Contact with people is unavoidable, so better to take care of the alias. Choose a name, which often (but not too often) in place of your new residence. If you need help in choosing a name, look at the census data in your area. If you live in the USA, you will help name generator, such as Namey.
People are rarely asked to show ID, if you are trying to buy products or use services that have an age restriction. Constantly use the same simple alias, otherwise you can easily forget how and to whom you presented.
Not stand out from the crowd
Another obvious way to remain unnoticed — “lost in the crowd”. Leaving home, try not to stand out and look lackluster. No flashy clothing, no visible body modifications. Imitate the style and manners of the local population. Do not use rare restyled machine with a remarkable number plates.
Privacy on the Internet
Your ISP, government services, Yes anyone can monitor your traffic.
Many popular web services use apps for tracking just to show ads that are most appropriate to your interests.
To protect against trackers, advertising agencies and social networking does not hurt to install the following browser extensions:
You can protect all the devices on your local network, including smart TVs and mobile devices, by configuring on the router the DNS server using the Pi-hole. It will block all incoming requests known trackers and advertising.
Once you have done this, set the browser’s search engine with enhanced privacy.
Server for your mailbox must also be with increased protection of privacy. As in the case of VPN, the universal answer to the question “which one is better?” no.
Installing browser plugins, you can hide from third parties a considerable part of their activity in the network. They will not be able to look into the data packets that go by. However the person will still be able to track the domains and IP addresses that you visit.
VPN is required to protect privacy on the network. When you are at home, they do not allow web sites and other online services to know your real IP address and hence your geographical location. When you are away from home and connect to the access point Wi-Fi, which is managed by some unknown third party VPN does not allow them to track your traffic. It’s hard to say which of the VPN services the best. So I will give you the opportunity to resolve this themselves. Great guide on the subject you will find here.
In any case, I strongly recommend to configure automatic VPN across the home network. This can easily be done by purchasing a router with built-in VPN client. Since VPN is configured at the router level, any device that connects to it will be automatically protected and do not have to configure each device separately. Read more about it here.
I’m a big fan of AsusWRT Merlin firmware, which adds many additional functions to the standard ASUS firmware, including the more complex routing algorithms. With Merlin you can specify a separate device (for example, videocamera) that will not use a VPN. Alternatively, just a few minutes to set emergency switch. After using for several months a VPN connection at the level of the router I noticed that sometimes the connection through the VPN is lost. If you have not configured the alarm switch, you will not know that VPN has fallen off yet (possible), please note that to enter a captcha when you log into the sites requires not as often as before. To configure the emergency switch is critical to instantly learn about how to disable the VPN protection.
Also note that you will not be able to use streaming services through the router that directs all traffic through the VPN Netflix and other immediately suspect that you are trying to bypass regional restrictions on distribution of content and will block your account. The decision can be either a router with firmware that I described above (with the option to create an exception for streaming services), or install two router attached to the same modem, where the first is for devices without VPN, and the second — for those connected via VPN. However, if you are a networking expert to configure this system will need the help of a friend it guy.
You can buy some semblance of a VPN anonymity via the “left” of the email address and cryptocurrencies. To achieve privacy the next level please note that the services of any bitcoin-accepting VPN service provider, you can pay by using monero xmr.to.
Router that supports VPN is the most convenient way to protect all your devices, but there are nuances. The power of the processor(s) of the router is likely to be the weakest point in question is its capacity. During my test the top model of the line multi-processor router, the maximum speed does not exceed 50 Mbit/s, since this speed, the CPU frequency reached a maximum when performing operations of encryption and decryption.
First peak: the maximum loading for the receive data — 43 MB/sec. Second peak: maximum load in the transmission of data and 48 MB/sec.
If your ISP provides connection at speeds above 50 MB/sec, the capacity of even the most advanced multi-core routers will be limited to CPU. If this is for you essential, you should think about creating a router based on Linux with a thicker filling. If you are willing to spend on iron extra $50, read up on how to make a perfect router on this page.
All of these devices may work well in your home, but you must configure VPN on mobile devices that will periodically leave the area of the home network. From my own experience: a VPN that supports OpenVPN, configured on different devices easier.
Finally, in the end, you want to make this system even more secure. Routing all traffic through a single server creates a single point of failure. The VPN server may be overloaded and stops responding for an extended period of time. What to do? To configure multiple active VPN connections! But there is a caveat on the research which I have spent a lot of time. Emergency shutdown is not triggered if it falls one of the servers, and it makes your system more vulnerable.
As for the firmware AsusWRT Merlin, the answer can be found on this forum. “In a nutshell: you need to configure four or five VPN connections. All the operation will start when the system starts, but the alarm switch will only be activated on the latest VPN client. Thus, if any of the connections stops to respond, the routing will take on a client with a higher priority. If there’s a glitch in the last of VPN works emergency shutdown system and blocks all traffic”.
In the next part of his opus on the protection of personal information Jameson Lopp will talk about how to protect your computer, the profiles on the network, various communication channels, and information about finances and how to shop incognito.