It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


Everyone’s An Extremist Now: A How To Guide For Real Anonymity And Security

page: 1
<<   2 >>

log in


posted on Apr, 22 2016 @ 09:29 AM
Domestic extremist is code for terrorist. Anarchists, militia and sovereign citizens have been classified as such along with many other groups not having anything to do with terrorism. Hackers are considered soldiers and feared more than physical threats by governments worldwide. Anonymous was accused of plotting to bring down the power grid, an attempt to scare governments into action against them. Occupy Wallstreet had snipers trained on them several times despite being peaceful. Everyone remembers the MIAC report citing Ron Paul supporters as threats. Even privacy advocates that just talk about encryption or anonymity tools are extremists now. “Political language is designed to make lies sound truthful and murder respectable, and to give an appearance of solidity to pure wind.” -Orwell. These tactics are used to enable the roll out of counter terrorism tactics on anyone they’ve labeled. Whether you’re protesting in the street, protesting taxes or the state itself you’re now an extremist threat.

COINTELPRO tactics are not new but the FBI using the NSA’s capability’s without warrants against domestic persons for anything federal agencies want is new. It’s not just that they’re spying on people they dislike, hacking has become common place in their investigations. They’re being allowed to use the same highly sophisticated MITM injection techniques and likely the same type of malware being used against foreign terror suspects (if it’s the FBI whos hacking me). They’re creating modern day witch hunts against certain political targets that if convicted would advance their agenda in the media.

Challenges to the status quo of bureaucratic dictatorship, executive overreach or systemic corruption can lead to you being treated as a terrorist. This is the new reality. There is little middle ground between enemy of the state and globalist minion. This is the Bush era’s “If you’re not with us you’re with the terrorists” mentality. The surveillance state has decided that the fourth amendment is no longer relevant, that the rule of law is for us to follow not them. The select few that oversee the massive secret government rubber stamp everything and encourage the most invasive underhanded tactics. The end justifies the means in the age of terror.

They’re currently seeking to shift the Overton window right now on backdoors but hacking is next. Specifically they want to be allowed to present evidence in court from their hacking exploits but not be forced to reveal methods or the code involved. If this is allowed to pass you will be accepting a secret police that can at their will hack into your computer, view anything they want and if they want, frame you. You would have no ability to have experts challenge evidence because without the methods being exposed there’s nothing to challenge. The court would be forced to trust the FBI or other federal agency. Parallel construction already works in a similar fashion where one agency hands another inadmissible or secretly gathered evidence and forces agents to lie on the stand about how they became aware of certain facts.

Government shouldn’t be trusted with god like omniscience or Hollywood hacker style exploits, no one should. To hack someone is more of an intimate search than rifling through their car or home. Most people keep every detail of their life on their devices, their pictures, video’s, contacts etc. This type of search is not trivial, it’s not necessary in any way for people whom are just politically active or peaceful foes of the government. This is NOT how open free societies are supposed to run. Warrants are an essential check on government to prevent arbitrary searches. If a legal search turns up evidence prosecute or move on. Only they don’t move on, you stay on the list until you become uninteresting or die. I know from personal experience.

The only way to prove government hacking today is to have a lot of money and very smart experts. Even then the best like Kaspersky can only get a few lines of ineligible code out of the samples they analyze, this makes attribution a loose patchwork of connections. This is a government that makes F-22’s if you’re thinking a guy like me can “prove” that I got hacked by government you’re dreaming. Hacked in general, that’s not too hard to prove. The method they use to get it on a computer is the smoking gun of government intrusion. Most people have no clue that /they’re hacked, they’re oblivious. For this reason they’re brazen they really can’t get caught even if you’re able to grab a sample or capture every packet. It’s totally deniable on every level.

What’s stopping them from using this on everyone? Laws? Congress? Diane Feinstein? Never going to happen they’re cheerleaders if anything. Even if you had real proof it would go nowhere, government won’t prosecute or stop itself. No one in the power structure cares as long as it doesn’t end up in the news. It’s actually much more likely given their history and what’s come out with Snowden that they’re hacking absolutely anyone of interest or as much as their budget can handle. A 60 billion dollar budget mind you. Hacking is the new wiretap.

They already “collect it all” but that isn’t enough. End to end encryption along with anonymity tools like Tor introduce blind spots for them. To a power crazed predator this is completely unacceptable. They have a complete disregard for your privacy, it’s a word without meaning to them. Any communication they can’t read is a threat. Absolute control of what they increasingly see as a prison population (no crypto for inmates!) is their endgame. We’re not being treated like US citizens the methods and ideology being used today is more in tune with an occupation than law and order governance.

I’m going to give you some of what I’ve learned about mitigating state level threats but if you don’t have some minimal experience with linux, networking and computers in general this will be very difficult. I’m assuming you’ve read a few books on computer security / hacking because without it you could have the best setup and fail due to simple misconfigurations let alone having an advanced adversary try to pick you apart. If you don’t have these prerequisites you can however use a live Tails or Subgraph DVD and still have decent security.

Your starting point to the internet matters because of timing attacks / metadata. Public WIFI, anonymously bought 3G/4G dongles (used at locations not associated with you) or connections not belonging to you significantly decreases the chances of correlation in real time or at a later date. Tor is not magical it’s just three hops and governments own many of the nodes. Governments also share data with each other to identify Tor users.

What you read in the news about how they figure people out is mostly BS. They already know then put together something they can use in court and for media headlines. Whats a good bust without a good sleuth story demonstrating the competence and sophistication of the arresting agency? There’s a huge difference between the government knowing you’re part of a movement or group and proving it in court. Most of the time they can’t use the evidence 1. because it’s illegally obtained and 2. they would have to expose how they obtained it. They don’t expose methods to the public even when it comes to very large and important cases.

I have the rest at

posted on Apr, 22 2016 @ 09:31 AM
You don’t necessarily need to use Tor or Tails but a clean operating system and clean hardware is essential. Qubes OS provides both on a fresh install and this is why I highly recommend it. I understand that most people will still use their home connection and that’s fine but just keep in the back of your head that if you use the same alias for months on end assume they know it’s you (even with Tor).

Dive into PGP face first spend serious time learning how to use it. Do this with every app you’re using for security / anonymity. Good apps include but not limited to are: Signal, Jitsi, Pidgen w/ OTR, Coy, Ricochet and maybe even WhatsAPP now that it has Signals crypto baked in. VeraCrypt is a good system encryption program it’s the predecessor of TrueCrypt a program that passed it’s audit. It’s still secure despite lacking the added brute force protections VeraCrypt has. Luks encryption that comes with most linux systems is also very good. All software disk encryption programs store the decryption keys in RAM. If you’re connected to the internet and compromised by an advanced attacker like NSA they will steal the key. It’s unlikely they could disclose the key without disclosing methods. Make sure to never leave your encrypted machine or containers unattended as a screen lock bypass or cold boot attack can give them the keys or access. Running a separate air gap or home server you can SSH into to access crypto disks would be a good idea. Not having crypto connected or open longer than copying files is advised, disconnect it immediately.

Nothing is secure that’s connected to the internet. It’s only air gapped computers with high levels of physical security that I might call secure. Even air gap’s are now being attacked via their RF emissions(Tempest). Use USB’s with write locked firmware to ferry data. USB’s can be made secure but they don’t come from the local store like that. Security in layers is best. Always use a physical not virtual backstop. A backstop is something that ensures if someone does breach your host PC that the real IP is not exposed nor the rest of your network. A Raspberry PI running Tor can be used or a TPlink running WGRT or Portal can as well. An old PC is my favorite, PFsense is solid and can run Tor. It comes with OpenVPN just add a one or more Ethernet cards to it and you have a nice backstop. Make sure to use your knowledge of computer security to harden the backstop. Change the defaults etc. Don’t log into your backstop from the host PC use a live DVD because if your host PC is infected the backstop won’t be compromised. Do some research and find a guide that you like to use. Don’t use Tor over Tor as it’s not good for many reasons including drawing attention. If you’re using Tor in the host PC use a VPN for the backstop. For extra credit setup a layer 2 stealth IDS with security onion between you and the backstop.

You need a dedicated machine for anonymous net usage and one air gapped for PGP and encrypted storage. A yubi key and a read only OS might be good here like an updated version of Ubuntu Privacy Remix. Plugging any hardware into a secure machine is a threat such as a cell phone or other hardware, just use another normal use machine. Qubes OS does mitigate hardware malware. It’s possible very advanced adversaries like the NSA can get through the Xen hypervisor that provides virtualization to Qubes OS. They have a huge budget and recruit a whole lot of naive geniuses to develop exploits. NSA hackers are very good at using everything to their advantage they will hack your hardware and use it against you. They can infect Ethernet cards, GPU’s / video cards and likely even have CPU exploits which would blast through anything you use if dropped. Don’t use the same PC you use for work and your real identity for anonymous usage. A different hard drive or partition for each OS won’t work if they’re looking at you. GPU hacking is real and jelly malware is here for you to look at. A keylogger can be run from a video card or other hardware.

I know this sounds more like a secure drop guide for journalists or hacktivists but if there’s a state adversary that has you in it’s sights or rather you’re on it’s auto hacking list. This type of security is what it takes to keep them out. Now most of us are not doing anything illegal on our computers but we do want to keep the government out.

We have to sign in to things to talk with our friends, to post social media. As things get worse being able to have secure channels of communication over the internet is key. Deny them the intel they need to divide and conquer your group. Deny them the intel on how to setup you or your friends. COINTELPRO 101 They target groups, create infighting, discredit the cause and run the whole group into the ground or in the direction of their choosing. That’s only possible if they have enough information about you and those around you. We only have enough money for so many PC’s. Virtualizing is the answer but not on any OS one that’s made for security and isolation. Isolate your social media on one Whonix VM and your secure comms on another. Use different Whonix gateways for each task as well as screen names, rotate them regularly.

Install Qubes OS on new hardware for best possible security: On the first boot it asks if you want the system to update through Tor uncheck that don’t update Qubes it likely won’t help security also it’s to risky. Check the Storage / USB virtualization it’s a great feature. If there’s ever a security flaw in Xen wait until it’s patched and reload everything with the latest image. If you don’t uncheck the Tor routed system updating you end up with persistent Tor guards that are unique across connections, you can change this in Qubes manager. In Fedora template edit /etc/hosts add as well as Be quiet on the line J don’t give up any info you don’t need to. Qubes is still rare.

The NSA is king of MITM attacks and YES even on Tor after enough data is transferred they can get you. 100mb 5-10min max if you’re interesting. It all depends on how bad they want you, priority levels. Tor works but if they know you, your location then the games up very fast. If you want to update the templates make sure it’s through Tor and remember Debian doesn’t verify updates. I never assume organizations encryption signing keys aren’t compromised. Fedora does verify updates they might still be susceptible to replacement. Open up Arm from the Whonix Gateway flip over to the torrc and change the max connection dirtyness to like 1-2 min or something and reset it before and after each install or update. Remember these are the guys hacking the randomness of Intel CPU’s encryption call me paranoid if it makes you feel more secure.

Don’t use the VM’s that come with the standard install on the VPN or home line if you can help it. All traffic should go through Tor.(Please donate) You can use Debian as a VPN gateway use resolvconf to stop dnsleaks, check it with each change. If you’re not in a high threat group then using VPN is cool but they can see VPN’s exit traffic easily, just saying…

It’s very important that you do not update the fedora23 template or install anything in it. Make a clone of the original if you want to do something with it. Same with the other templates make a clone if you want to do more than edit a file or something.

posted on Apr, 22 2016 @ 09:34 AM
The fedora template is the heart of your system, your firewall, your sys-usb and networking box. It’s a total system compromise if anything gets in.

Do a packet capture with your backstop and see what your Qubes is doing (tcpdump –I eth0 –s 65535 –w file (for wireshark viewing)). When you change connections this gets important. When you reset the VPN or chain them check it periodically. Mind the Whonix gateway VM persistent guards as well they’re unique enough to ID you. Remember to think from the other sides point of view. Just Imagine you can see the whole internet and you won’t be doing half bad.

Your final setup should be Home-ISP > Backstop-VPN > Qubes-Whonix-Tor > freedom!

You can add more VPN’s before or after Tor depending on what you like. Its recommended by many (the Grugq) if you’re up to something or not to have Tor first in the line on your backstop. Each time you make a new Whonix gateway you get new guards (first hop connection). For everyday use I usually use three Whonix gateways one for each task, twitter, music, searches etc. Be mindful of constant streams separate them from other tasks.

Make them work for a living! Whonix is likely the most targeted VM, it’s best to build your own custom VM. Make sure the browser fingerprint is identical to Whonix and TBB but custom it up hardcore otherwise. Patching the kernel with GR isn’t that hard just find one or two guides and smash something together. GR does not work in Qubes to my knowledge.

Read documents for help getting things running the way you want. Don’t assume it’s a magic bullet or anything else. Use the offline VM vault for everything that doesn’t need internet to work (file transfers to USB’s). Dedicate a Whonix workstation as an offline VM. It’s a good choice as it has a lot of apps that come with it. Don’t contaminate VM’s dedicate them to the task.

When using normal operating systems like Ubuntu even if it’s hardened with something like GR Security the problem is that once they get through the browser, package installer (which from what I’ve experienced is a very simple task for them) it’s game over. They escalate privileges and drop stealth code that you can’t find with any tools. Then your hardware gets hit and when an APT gets in hardware any new normal OS is going to be more easily compromised or tracked. With Qubes they can still get through the browser but infecting the whole system is not as easy. When you’re done for the day and close the VM theres a good chance that whatever they dropped on you is gone. It’s a good practice depending on your threat model to delete VM’s after 30 days or so and make new. It’s a 5 min job or less depending on how long it takes to transfer files. Live linux DVD’s are great for this exact reason it’s always clean when you boot it. Ex. Subgraph, Tails, Pentoo (Tor not enabled by default), Qubes live (no Tor).

If you do get hacked I have some recommendations: If they make it obvious it might be a test you may want to play dumb and let them think they see everything. You’re just a stupid script kiddy or some retarded protester. If you’re some low level person they don’t mind your shenanigans. If you’re not low level then you know what the next move is… Acting paranoid is a huge red flag for them. I’m naturally paranoid and I seem to be irresistible to them so act cool, unbothered by it. Don’t threaten their malware they go nuts over that #!

Copperhead OS is for Nexus Cell phones I’m using it right now and it appears to be secure even though the Qualcomm Snapdragon chip inside currently has a root vuln in it. Having a hardened open source cell phone OS is key in this climate. Encryption is on the chopping block right now and one of the only ways to ensure your device stays encrypted properly is to do it yourself. If and when Signal is able to be used on Copperhead it will be the hands down best phone OS in the world. The VPN client needs some work but you can use orbot and orweb (Tor) browser right now. It’s worth looking into. Never trust the security of proprietary system on a chip devices you don’t control (every cell phone has one). It’s probably better to blend in with your phone than try to secure it with something like Copperhead.

A little on cell phones and you. We all know about cell tracking and intercepts but what about voice recognition? License plate readers, traffic cams, street cams with face recognition? Microphones in street lamps? Lots of things are connected today don’t forget them when ghosting about with a prepaid cell and an anon 4G. It’s all a question of how much resources they want to put into finding / tracking you. Soon enough this stuff will become more automated and able to track and correlate in real time. Are you the leader of a protest or just some guy with a sign? Best not to talk unencrypted if you don’t want voice recognition to tag your new IMSI and IMEI. Be sure to turn those devices off before you get home. Pulling the battery instead of a proper shutdown it won’t be able to send a final ping to the tower. Older cells are better burners.

The best way not to get hacked is for them not to know it’s you aka being anonymous. Don’t sign into anything, don’t look like you and make sure to look like everyone else. Be the grey man of the internet, don’t even use a screen name if you don’t have to, change it monthly. The FOXACID servers are on automatic and if you’re on the list you get hacked as soon as it sees you. Security through anonymity can’t be emphasized enough. If you want to make a name for yourself then prepare to be found and famous in a jail cell even if you think you’re not doing anything illegal. Most of their hacking isn’t really about laws it’s about collecting intelligence, control and sometimes intimidation.

Depending on priority level your electronics might get replaced with ones that are modified by Tailored Access Operations. Think about everything that has a data connection like cable coaxial line or has power connected like adapters. If it has both data and power think where did it come from can I trust this? It will likely look identical to every other one like it except maybe on the inside. They want you to think it’s crazy to even consider the notion, ask yourself why? Try not to get any electronics through the mail.

Physical security is important. A good book on it is Low Tech Hacking, Street Smarts for Security Professionals. If someone can get to your computer or phone you’re screwed. Unless you’ve really done your homework and know the boot process inside and out it’s not safe to leave unattended or unsecured. For travel use nail polish with glitter in it over screws and access points. Take a few pictures from a known distance and compare if in doubt. Don’t think they won’t slip into your home and mess with your stuff, plant bugs or other things in your house. If you’re going to use cameras build the DVR yourself as store bought ones are full of security flaws and unencrypted. Use a Luks encrypted linux with zoneminder or a VeraCrypt encrypted windows instead. Lock down the USB ports with glue and disable them in the OS. Some people like to put shutdown / dismount scripts triggered by a USB plug in event instead to prevent a cold boot attack. If it’s connected to the network make sure it’s hardened and firewalled. You’d feel really dumb if someone used your security system against you.

posted on Apr, 22 2016 @ 09:34 AM
a reply to: TheLasersShadow

FYI you might want to remove the link to the site if you are trying to use ATS to promote it, that could go against T & C

posted on Apr, 22 2016 @ 09:38 AM
a reply to: TheLasersShadow

Nicely done.

“Political language is designed to make lies sound truthful and murder respectable, and to give an appearance of solidity to pure wind.” -Orwell.

Love that quote.

COINTELPRO 101 They target groups, create infighting, discredit the cause and run the whole group into the ground or in the direction of their choosing.

edit on 22-4-2016 by intrptr because: additional

posted on Apr, 22 2016 @ 09:50 AM
a reply to: FamCore

It's my site I'm not selling anything or advertising even I guess I'll have to read the updated tos hold on

posted on Apr, 22 2016 @ 09:54 AM
a reply to: TheLasersShadow

probably fine then - it's a good OP I've seen others come on here and provide great info but then thread gets removed because they were advertising so wouldn't want that to happen.

Keep up the good work, waking folks up!

posted on Apr, 22 2016 @ 10:10 AM
a reply to: TheLasersShadow

But I agree with what you said, I think..

posted on Apr, 22 2016 @ 11:23 AM
The lack of flags for this quality thread attests to the apathy which has replaced peoples concern for life, liberty and pursuit of happiness. We are forever the livestock.

posted on Apr, 22 2016 @ 02:02 PM
a reply to: TheLasersShadow

Very interesting, informative post. I will definitely come back to this later!

posted on Apr, 22 2016 @ 07:02 PM
Thanks for an informative and well-written OP.

I have been using VeraCrypt for a while now and have also implemented several of the things you advise.

I have never heard of Qubes OS. I like the idea of using VMs for specific tasks and isolating documents etc from the internet. Thanks for the info.

posted on Apr, 22 2016 @ 11:35 PM
a vm is key to never getting a virus also its great to run two os's. only very strange people like me now how hard it actually is to be anon which im not with this device. first requires spoofing ip and mac address and connecting to the internet through a starbucks connection or mcdonalds. But then you have the video cams so wardriving tech comes in handy. ps the computer can never be linked back to you meaning you didnt buy it from best buy and never connect it to your home network. happy hunting muahaha

posted on Apr, 23 2016 @ 01:29 AM
a reply to: TheLasersShadow

You could always just surf the web from a basic tablet and keep your computer disconnected from the internet. I really don't NEED the internet on my computer.

edit on 2016/4/23 by Metallicus because: sp

posted on Apr, 23 2016 @ 02:23 AM
Great topic and lost of information that many could benefit from if you presented it in the proper manner. Most people (definitely not ATSers) live a in a small bubble of interest. If you post too long you risk losing the amazingly short attention span that has been crafted by those who may potentially not want this information easily known.

You might want to take a lesson from MSM/LSM these days to get attention:

"Read this for 5 minutes and guess what happens!"

"A radical idealist posted something to a conspiracy website; check back for more"

The bottom line is, at the current state encryption is cumbersome for all that are not 'crypto-nerds' (I say that as being self stated) When someone gets the perfect idea (I like Silent Circle and Protonmail on my phone) however a seriously paranoid person would need a USB stick with Tails and a really good memory to remember everything written is gone when you log out.

Most people do not care what is known about themselves; this website included. If they did, nobody would ever post anything on a public forum unless they contradicted themselves every time they posted (which actually causes a trigger to anomalous behavior and thus unwanted attention).

All of your behavioral patterns are being documented and sold; this site included.


posted on Apr, 23 2016 @ 02:24 AM
a reply to: Metallicus

I agree with almost everything you post however, you are absolutely wrong on this comment.

posted on Apr, 23 2016 @ 02:59 AM

originally posted by: notmyrealname
a reply to: Metallicus

I agree with almost everything you post however, you are absolutely wrong on this comment.

Which part?

That keeping my computer off the internet would keep it safe from hacking or that I could use a clean tablet with no identifying data to surf the web?

I am just curious.

posted on Apr, 23 2016 @ 12:55 PM
a reply to: Metallicus

The item you use to connect to the internet is absolutely identifiable to you for a number of reasons. Firstly, you use ATS on a regular basis and do so from a certain location and ISP. Secondly, and most importantly, your browsing history has been recorded and tabulated to a degree that even if you were to move, get a new device, and start completely over, you would still be identified as the same individual within days of browsing.

I know about this because I own part of a company that made this software. If you don't believe me, you can always ask Skeptic Overlord about a rudimentary program that he knows about that does something similar however utilizes NLP as a basis.

Privacy online does not exist and all of us are already documented so well, the systems monitoring can tell what store you will shop at next Tuesday and the likelihood of what time and what you will purchase are already known with a 99% degree of certainty.

posted on Apr, 23 2016 @ 02:43 PM
a reply to: notmyrealname

Thank you for the clarification. I appreciate the information.

posted on Apr, 23 2016 @ 03:09 PM
a reply to: TheLasersShadow

Fantastic thread - I read it with admiration, but immediately realised I'm totally, totally screwed on the whole security thing. I have literally no clue how to go about locking down my devices in the way you described. I followed the logica, and understood quite a few terms & names of products, through general knowledge, but wow, there's no way I could nail it so thoroughly..!!! Kudos to you for your knowledge & insights - I personally simply tread lightly, knowing that the bastards can read everything I ever wrote on my devices should they so choose. Hey ho, that's the way it is, I'm not a terrorist so I guess I'm hoping that there are secret forces for justice operating behind the scenes. If not, then perhaps the good-hearted anonymous grey men & women of the internet can bring the whole thing clattering down!

posted on Apr, 24 2016 @ 09:21 AM
This is just awesome. I downloaded Qubes this morning (4.7GB). Thanks!

top topics

<<   2 >>

log in