Internet Privacy

I know the cops can get a warrant and link you through your IP. They do this for that Chris Hanson show, "to catch a preditor."

I'm just wondering what they can do without one. I doubt it would be legal for them to hack your email but who knows.

Originally Posted by RickWhite

I know the cops can get a warrant and link you through your IP. They do this for that Chris Hanson show, "to catch a preditor."

I'm just wondering what they can do without one. I doubt it would be legal for them to hack your email but who knows.

lmao when has that ever stopped Johnny Law?

do you guys have ANY IDEA how manny things is on the net that thy would LOVE to make a bust on? there is NO WAY in hell thy can keep up with all of them!! you would have to do something REAL BAD or poke at the wrong person for them to come after you this way!! the fta world thats in the millions now is being hit with these typ of tackticks by dish network because there sats keep getting hacked and it is a BIG BIG COST to them. theres pot sites,porn,FTA,hacking sites,phone hacking sites and so on the list gos on. then you have whats going on with terrorism!! sorry guys there not after the LITTLE pot guys here at RIU. a good site to go to to learn about hacking and HOW thy do things like this visit a FTA sites like fta-gods.com (dont forget the dash-) there PROS when it comes to things like this.

Originally Posted by greenpeace31

do you guys have ANY IDEA how manny things is on the net that thy would LOVE to make a bust on? there is NO WAY in hell thy can keep up with all of them!! you would have to do something REAL BAD or poke at the wrong person for them to come after you this way!! the fta world thats in the millions now is being hit with these typ of tackticks by dish network because there sats keep getting hacked and it is a BIG BIG COST to them. theres pot sites,porn,FTA,hacking sites,phone hacking sites and so on the list gos on. then you have whats going on with terrorism!! sorry guys there not after the LITTLE pot guys here at RIU. a good site to go to to learn about hacking and HOW thy do things like this visit a FTA sites like fta-gods.com (dont forget the dash-) there PROS when it comes to things like this.

While it is true there is safety in numbers, that doesn't stop your local PD from spying on people in their jurisdiction. And while they don't care about hacking phones or illegal FTA, they do like to bust neighborhood grow ops.

For secure browsing, you can use a proxy service, but you can't be sure the proxy is trustworthy. It could be a honeypot. Or it could be legit, but they'll turn over their records under court order. Best bet is to use Tor/Vidalia.

For secure file storage, you'll want to use full disk encryption. You could pay for PGP's product. But there is also Truecrypt, which is free and just as good. Of course, the courts could compel you to give your password. To get around that, you would use a hidden operating system. Basically it's an encrypted OS within an encrypted OS. They'll know the first one is there, and you can give the password to that if compelled, but they will have no way to prove the second OS is there (as long as you follow certain rules (deniability for anything you do is of utmost importance)). Use the hidden OS to hide all of your super secret stuff.

If you need to securely erase files, get Eraser ( http://eraser.heidi.ie ), but this should only be done when full disk encryption is not an option, or if you didn't realize you should be using it.

For secure email, use something like Thunderbird with the Enigmail plugin. You're looking to use what's called Public-key/Private-key encryption and signing.
For secure IM, use Pidgin (for Windows and Linux), with the Off The Record plugin (there's an Encryption plugin, but it's not as good). If you have a Mac, you can use Adium, which comes with OTR built in.

With any form of communication, you need to realize there is a risk from what's called a Man In The Middle attack. Learn how to defend against that. Also, you can't always be sure who's reading on the other end, or who's sending, if the other party has been compromised. That's just part of the risk. Find your own creative solution to this (e.g. secret authentication code).

For secure VOIP, use ZFone (make sure your VOIP software will work with it).

For all online stuff, use SSL where possible/applicable.

Don't trust Skype, Hushmail, or any other service that claims to offer encryption. They're either not very secure, not trustworthy, or can be compromised by court order. Your best bet is to stick with what I listed above.

Never ever say anything incriminating over the phone. Ever. No hints. Be careful with code words. You can get encrypted cell phones, all parties in a call must be using them. I won't recommend these as I've not looked into them too much. The contents of your conversation may be safe, but the record of the calls isn't. And don't even think about using text.

Be careful what you say online. Anything you write will give Them a better idea of who you are. What seems like innocuous conversation online, even with all the security measures in place, helps Them build a profile of you, if they become interested in you. They'll be able to narrow down where you live, your gender, approx how old you are, what your politics are, what kind of work you do, your hobbies and interests, etc. This isn't much by itself, but if they think they have other info on you, this stuff will help corroborate that. I don't mean to sound paranoid... I'm not high right now, and haven't been for quite some time... few of us would do anything to warrant that kind of attention. Just want to give you an idea of how to protect yourself.

Hope that helps as a starter.

More details below:
https://ssd.eff.org/

Originally Posted by Stoney McFried

I've also heard about virtual machines...basically, it's a computer within your computer...you install it, then install an operating system on it and use it every time you surf. If you get a virus or want to delete your browsing history on it, simply delete the virtual pc and start again. I've never personally done this, but it seems a good idea.

This is what's known as a jailed environment, and while it can work, if the virtual machine is connected to the internal network there's nothing to stop it from infecting the host. Also any data used on the virtual machine is still saved on the actual disk, actually in a format which makes it easier to extract and transport (this was its true purpose). For security's sake you're really better off saving everything to an encrypted flash disk that you could easily destroy.

Originally Posted by Stoney McFried

You can also supposedly change your ip address. http://www.wikihow.com/Change-your-I...-%28Windows%29
I use the ipconfig/release/renew thing a lot because it seems to speed up my connection when it's really dragging. Just make sure you print the instructions first so you don't forget how to reconnect your internet.

This generally is not the case. While you can change your internal IP address at leisure it's becoming more and more difficult to change your physical IP, which is what actually connects to websites. Most modems these days all come pre-equipped with a DHCP router and forcing an IP address change on the computer doesn't reset the IP the router itself is holding.

Now you could reset the router but that in itself isn't enough to force the change either. Often enough your IP address is actually bound to the MAC address (which isn't so easily changed) and will only renew if it's been unused for a predetermined period of time that only the ISP would know. This could be anywhere from a matter of hours to weeks, and some customers are even issued static IPs which never change. So the only way to truly know you've changed your IP is to unplug the modem for quite a while, but until you know what the length of time is, you're stuck in a one step forward two step back process.

www.torproject.org

It essentially routes your traffic through two or more other computers, and it can be used in conjunction with encryption. If you are browsing the net with computer A, you send a message to computer B, B sends a message to computer C, computer C accesses the information (such as a website) and then sends it back to B, and B sends it back to you at computer A. It essentially hides your IP address, so that if this site were forced by law enforcement to give up IP logs, or they were tracking it, it would make it more difficult for them to trace back to your ip. You can't use anything flash based, so no youtube, but it will help. No matter what, if law enforcement gets bullshit warrants (which they do every day thanks to crusading judges) they can data mine pretty much everything that is done on the internet and nothing can stop that. There's also the possibility that law enforcement could be operating both computers B and C, and they'd know exactly what you were viewing.

It's a little bit slower than usual internet, but I almost always have pages load in under 30 seconds. Occasionally you get some interesting stuff when a website tries to determine your country of origin. When using it, I've had Google come up in German, and (I think) Japanese.

Originally Posted by EagleEyeHamThrust

www.torproject.org
No matter what, if law enforcement gets bullshit warrants (which they do every day thanks to crusading judges) they can data mine pretty much everything that is done on the internet and nothing can stop that. There's also the possibility that law enforcement could be operating both computers B and C, and they'd know exactly what you were viewing.

While this is technically true, it's beyond the capabilities of most law enforcement agencies. A federal agency such as the FBI, NSA, or CIA may be able to pull this off, but they're not going to expend the resources on smokers, home growers, or political dissidents. Against a terrorist network or major drug cartel, maybe. But there are generally easier ways for them to get the same info.