|
Sailor
|
 |
« on: August 23, 2009, 12:30:19 PM » |
|
I have a question about my private computer use. Now, I already know that facebook, myspace etc are used for data mining. But in the process of taking your information, do they also know what you are doing on your computer? How far does it go?
Like, lets say I have a journal program, who is likely to be able to invade my computer and take that personal information?
I'm not sure where it begins and ends, and if I search for this info myself, I end up with video's of just plain paranoid people who think everything is taken and someone is reading their minds at this very moment too.
|
|
|
|
|
Logged
|
|
|
|
|
Lucian Solaris
Guest
|
|
« Reply #1 on: August 23, 2009, 01:23:45 PM » |
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
/=========) *.:{ Quote }:.* (==[ Sailor ]>
I have a question about my private computer use. Now, I already know that facebook, myspace etc are used for data mining. But in the process of taking your information, do they also know what you are doing on your computer? How far does it go?
Like, lets say I have a journal program, who is likely to be able to invade my computer and take that personal information?
I'm not sure where it begins and ends, and if I search for this info myself, I end up with video's of just plain paranoid people who think everything is taken and someone is reading their minds at this very moment too.
\==========) *.:{ End }:.* (===[ Sailor ]>
Want a higher level of digital privacy?
Get a second system (can be older). Download a Debian netinstall CD image and burn it to disc with your main system. Hook up the second system to the network and boot the computer with the disc in the drive to begin Debian installation.
In the partitioner, make 4 partitions and set the last two as encrypted partitions. Those are your / and /home partitions. Come up with 2 secure, 48 character or greater passwords/passphrases that uses different case letters, numbers, and some punctuation/symbols. They should differ so if one is compromised, the other isn't.
Once the Debian install is complete, and your machine is booted, obtain and install TrueCrypt, then disconnect the machine from the network. Hell, if you can, remove the network card. This system will be your private encryption and messaging system and it would be very hard for an adversary to crack into it without physically being at the machine.
You then open truecrypt and make a new encrypted volume of several gigs. I suggest you give it a password of similar length as the partition encryption passwords. Be sure you select FAT32. When created fill the volume at least 50% with porn but no more than 75%, be it pics or vids. This is your 'dummy' volume for plausible deniability. When you've added your porn or less important secrets, unmount and tell truecrypt you want to make a 'hidden volume'. Select the volume you just created. Provide the password it requests. When giving it a password, be sure it is a couple characters longer than your dummy volume password. This is so in the event your volume gets bruteforced by a beowulf cluster of PS3s or something, your dummy will be discovered first.
When complete, mount the hidden volume. Forget about the dummy volume as it's only there in the event someone tries rubber-hose cryptanalysis on you. For doing journals, I could suggest you save text files in the folder your hidden volume is mounted to [while the volume is mounted, IMPORTANT!]. For each day there is a text file. You open gedit, type, and save. That simple. When done, dismount the hidden volume.
You can keep your passwords written on a piece of paper in your wallet, but I HIGHLY suggest you be quick to memorize them, then burn the paper. When you are not using the system, it is off. I suggest you get acquainted with seahorse and gnupg so you can use a floppy or thumb drive to transfer encrypted messages from your secondary to the primary and ultimately its destination on the net.
Sounds complex, really isn't, just a lot of steps that need to be traversed then forgotten. If you or anyone else is interested, let me know here or over PM and I'll provide the pantheon of details that goes into this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 - *.:{Hack.I.T Edition r0001}:.*
iJ4EAREKAAYFAkqRlwYACgkQ+7Rzy15t3valFQIAgtS64WhkSrsTXtJQC8Ekxq7l
VQjR6ns6Js54Aqv/ROEnwDp703LjtCqTrtWBhG0BNOZR/A90hnXTfStcQ7LJQwH9
FzTQJnVTYbHCXRiOe0DHHAf6Lb2d8fg2yIJMY+/L/pNhUjLYgISm/hiViqAiaIF4
Ca/R/hYtdR+n4JN1dPDxmw==
=QMEW
-----END PGP SIGNATURE-----
|
|
|
|
|
Logged
|
|
|
|
|
Georgiacopguy
|
|
« Reply #2 on: August 23, 2009, 07:11:06 PM » |
|
Most data mining is done using information you freely provide; when you receive a discount card from a grocery store or pharmacy, when your apply for a credit card, when you fill out an application... any mining done through circumstances such as you described would be illegal, and I'd only expect that the govt would do something like that.
As a private investigator now, I receive a lot of mined data from a company called Accurint (Accurint.com), and the amount of information is startling, almost as comprehensive as a Federal background report. It contains known associated, known relatives, address history, phone history, vehicle history, registered boats, planes, civil processes, judgments, i could go on and on.
|
|
|
|
|
Logged
|
The resistance starts here. Unfortunately, the entire thing is moving beyond the intellectual infowar. I vow I will not make an overt rush at violent authority, until authority makes it's violent rush at me and you. I will not falter, I will not die in this course. For that is how they win.
|
|
|
|
Sailor
|
|
« Reply #3 on: August 24, 2009, 02:08:08 PM » |
|
Lucian Solaris, thank you for such interesting information, I will save that and consider doing it in the future  Georgiacopguy, that is what I want to know, I do believe they have that information, I don't question that. But, I am curious if they have the ability to recording all my information including offline documents. Just how much computer security really works? Like I use ZoneAlarm, my brother got me to use it along time ago, since it detects and asks for your permission for anything to connect to the internet. I guess I am asking is every bit of our computer use documented somewhere? Is it possible to know that? Or is that just being too paranoid? |
|
|
|
|
Logged
|
|
|
|
|
Georgiacopguy
|
|
« Reply #4 on: August 24, 2009, 02:51:12 PM » |
|
I wish I could give you some peace of mind, unfortunately, thats not my area of expertise. You might do better to query Lucian about such. I was only a Major Case Detective at the height of my career, and my perception/hope is that such data mining would have to be gathered legally, but as we know, corporations and the govt tend to make the rules up as they go along these days, or it depends on who is testilying in front of Congress at the time. I wish you luck in your search though.
|
|
|
|
|
Logged
|
The resistance starts here. Unfortunately, the entire thing is moving beyond the intellectual infowar. I vow I will not make an overt rush at violent authority, until authority makes it's violent rush at me and you. I will not falter, I will not die in this course. For that is how they win.
|
|
|
|
Anti_Illuminati
Guest
|
|
« Reply #5 on: August 24, 2009, 05:53:33 PM » |
|
I have a question about my private computer use. Now, I already know that facebook, myspace etc are used for data mining. But in the process of taking your information, do they also know what you are doing on your computer? How far does it go?
Like, lets say I have a journal program, who is likely to be able to invade my computer and take that personal information?
I'm not sure where it begins and ends, and if I search for this info myself, I end up with video's of just plain paranoid people who think everything is taken and someone is reading their minds at this very moment too.
TEMPEST (Transient Electromagnetic Pulse Emanation Standard)http://forum.prisonplanet.com/index.php?topic=102271.0 |
|
|
|
|
Logged
|
|
|
|
aLLyOuRbAsE
Moderator
Member
 Offline
Posts: 1,924
Free Man
|
|
« Reply #6 on: August 27, 2009, 08:09:24 PM » |
|
access between agencies, government or otherwise, in recents years, has led to an increase of information that is available on any particular individual to any particular person or agency.
since the conception of "digital", the amount of information stored has increased, however, the watchful eye of big brother would indeed like you to think they are always watching, but they are not. they are not even always recording, the sheer idea of every phone call, every keystroke, being recorded is unlikely, however, do not underestimate, that with intent or purpose, they could if they wanted to, listen in on a target.
communication via technology has never been "safe", and i would not recommend it be viewed as such, but then again, like the old saying goes, you could get hit by a bus...
put it this way, if i were planning to act subversively, i would not do so over the phone..!!
|
|
|
|
|
Logged
|
|
|
|
|
grunt
Guest
|
|
« Reply #7 on: August 28, 2009, 12:57:12 AM » |
|
Geezus. No wonder why you dont post as often as Truthseeker! -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
/=========) *.:{ Quote }:.* (==[ Sailor ]>
I have a question about my private computer use. Now, I already know that facebook, myspace etc are used for data mining. But in the process of taking your information, do they also know what you are doing on your computer? How far does it go?
Like, lets say I have a journal program, who is likely to be able to invade my computer and take that personal information?
I'm not sure where it begins and ends, and if I search for this info myself, I end up with video's of just plain paranoid people who think everything is taken and someone is reading their minds at this very moment too.
\==========) *.:{ End }:.* (===[ Sailor ]>
Want a higher level of digital privacy?
Get a second system (can be older). Download a Debian netinstall CD image and burn it to disc with your main system. Hook up the second system to the network and boot the computer with the disc in the drive to begin Debian installation.
In the partitioner, make 4 partitions and set the last two as encrypted partitions. Those are your / and /home partitions. Come up with 2 secure, 48 character or greater passwords/passphrases that uses different case letters, numbers, and some punctuation/symbols. They should differ so if one is compromised, the other isn't.
Once the Debian install is complete, and your machine is booted, obtain and install TrueCrypt, then disconnect the machine from the network. Hell, if you can, remove the network card. This system will be your private encryption and messaging system and it would be very hard for an adversary to crack into it without physically being at the machine.
You then open truecrypt and make a new encrypted volume of several gigs. I suggest you give it a password of similar length as the partition encryption passwords. Be sure you select FAT32. When created fill the volume at least 50% with porn but no more than 75%, be it pics or vids. This is your 'dummy' volume for plausible deniability. When you've added your porn or less important secrets, unmount and tell truecrypt you want to make a 'hidden volume'. Select the volume you just created. Provide the password it requests. When giving it a password, be sure it is a couple characters longer than your dummy volume password. This is so in the event your volume gets bruteforced by a beowulf cluster of PS3s or something, your dummy will be discovered first.
When complete, mount the hidden volume. Forget about the dummy volume as it's only there in the event someone tries rubber-hose cryptanalysis on you. For doing journals, I could suggest you save text files in the folder your hidden volume is mounted to [while the volume is mounted, IMPORTANT!]. For each day there is a text file. You open gedit, type, and save. That simple. When done, dismount the hidden volume.
You can keep your passwords written on a piece of paper in your wallet, but I HIGHLY suggest you be quick to memorize them, then burn the paper. When you are not using the system, it is off. I suggest you get acquainted with seahorse and gnupg so you can use a floppy or thumb drive to transfer encrypted messages from your secondary to the primary and ultimately its destination on the net.
Sounds complex, really isn't, just a lot of steps that need to be traversed then forgotten. If you or anyone else is interested, let me know here or over PM and I'll provide the pantheon of details that goes into this.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 - *.:{Hack.I.T Edition r0001}:.*
iJ4EAREKAAYFAkqRlwYACgkQ+7Rzy15t3valFQIAgtS64WhkSrsTXtJQC8Ekxq7l
VQjR6ns6Js54Aqv/ROEnwDp703LjtCqTrtWBhG0BNOZR/A90hnXTfStcQ7LJQwH9
FzTQJnVTYbHCXRiOe0DHHAf6Lb2d8fg2yIJMY+/L/pNhUjLYgISm/hiViqAiaIF4
Ca/R/hYtdR+n4JN1dPDxmw==
=QMEW
-----END PGP SIGNATURE-----
|
|
|
|
|
Logged
|
|
|
|
|
