How To Make Sure Your Photos Are Not Giving Out Your Homes Location

Not many people know how much information is attached to the photos that they take and put online. This is called exif data. Depending on the device taking the photo this can range from the device model to the name of the owner and the GPS location the photo was taken.

If you enjoy this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get  a small commission that helps support the site.

Most social media sites scrub this data before you photo is attached to your profiles or posted but you should not depend on them to do it or count on it to to work. In addition you are still submitting this information to them to do with as they please or sell to whoever they please.

Recently we came across a post craigslist when searching the cars for sale for a client. We saved a picture to send them and when we went into our photos app the photo was organized by location. This is because the camera/phone that took the picture had GPS location turned on and embedded the data into the picture file. A criminal could take this information and potentially use it to find the location of the car or where the owner lives in order to steel the car or otherwise target the owner.

Make sure you scrub this information from your pictures before you put them online or send them to anyone (you don’t know what they are going to do with it after you send it to them.) There are may methods that you can use to do this but the most reliable is a dedicated app. There are both mobile and desk top apps made specifically for this purpose.

OTHER METHODS

Screen Shot Method: Open the picture full screen on your device and take a screen shot. This essentially duplicates the picture and none of the original exif data is present. You still however may have some exif data attached but it will almost always be less.

Messenger Method: Some secure messengers will wipe data from files that you send to others. You can then re-download the file from the message thread and the exif data will be gone. Test your messenger with a thread to someone you trust to make sure the data is removed before relying on this method.

New apple IOS Spoofing: Newer apple devices and some that have received recent updates, now allow you to manually change or add certain exif data that is attached to images on the device. This is intended to organization and data base use for individuals who take a lot of photos and video but can just as easily be used to spoof certain data for security and disinformation purposes.

Desktop/Mobile Apps: Dedicated apps can be found on all platforms mobile and desktop for the specific purpose of removing exif data but just like with the messengers, test and verify before you rely on anything.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get  a small commission that helps support the site.

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.

Get the most out of our posts by subscribing to our telegram

Phone locations can be tracked without GPS

The location of your phone can be tracked even If your GPS is turned off, and used to track your location. This is done by a method triangulating the phone using cell towers and the signal from them in called Radio Direction Finding.

Quick defense tactic to counter this tracking is a faraday bag, get yours here and support our site in the process

When your phone connects to a cell tower the cell tower generally can tell what general direction your phone is from that tower based on the strength of the connection in different directions. This is the same concept of how wildlife tracking collars have used for decades and how the FCC tracks down pirate radio stations, this is because “cell service” is really just a radio signal sent out from the tower, same as any radio station, or hand held radio just on a different frequency.

The result of this is a general direction/heading from that tower that your phone could be found. With typical cell phones now the signal sent out by the cell tower is a wide beam
that spreads out and gets weaker over distance, imagine a cone with the wide end extending out from the tower.

Now if your phone can connect to multiple towers this gives multiple directions/headings that if laid over a map would create a cross point, al be it a wide one where theoretically your phone would be located. Now the more towers your phone can connect to the more accurate the location will be because the
the area within that cross point where your phone can connect to all the towers theoretically gets smaller the more towers there are. Now in most areas your phone will connect to 1 or maybe 2 towers with the exception of larger major cities where you may connect to more.

This method can also be used to track location via Bluetooth connection. It was announced a few years ago that the UK was using Bluetooth hotspots in trashcans and other city fixtures to track “traffic patterns” by connecting to peoples phones that walk near them.

Any device that uses cell service or any radio frequency, can be tracked in this fashion, Tablet, Car, laptops, smart watches, ham radio, etc. If it has cell service or uses radio frequencies, it can be tracked by radio direction finding.

S2_Underground has a great video on Radio direction finding on their #lbry channel.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms ​

 

Stop Getting Deliveries at Your Home

For the security conscious, or if you are a targeted Individual(LEO,Govt., SOF, Celebrity, etc. a habit that you should break is having things delivered directly to your home(especially in your own name). For one this links your physical address to your name.  This information is then easily accessible in people search databases who get this data from the shipping companies.

Now if you have ever had anything delivered to your home address its already out there but you can stem the damage by not taking further deliveries until you can remedy the situation later. Your name and address are still out there to find but if stuff is not coming to your house any more the possibility that someone legit would be just dropping by is much less allowing you to respond more quickly with out having to figure out if they should actually be there.

The biggest step you can take to further your home and personal security is to separate your name from your physical address, with that said this is much easier said than done and can take much more work than be covered here but the information is out there for those that want to pursue this. We will also cover this in more length in our telegram and Matrix rooms.

Back to the topic at hand, when you have things delivered to your home directly you open the door for people to have a justified reason to be on your property. This can be anything from Take out to UPS to appliance deliveries We mean everything, This means that when someone drops by unannounced, you have to then figure out if they belong there or not and if the situation is suspicious or the person poses a threat. Keep in mind that just because they are wearing a uniform of some kind does not mean they are legit.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get  a small commission that helps support the

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms ​

Secure Your Trash

A lot of information can be gleaned from your trash and most people don’t give too much thought to what they throw away up to and including their bank statements. Most will think who would go through my trash and in most cases its true they are not actively being targeted to this level.

However this another one of those tactics that if you don’t apply it before you are targeted you’re already too late. Think about stalkers. The victims usually don’t know for at least a little while that they are being stalked (unless they had a prior relationship). The stalker could (and they do) steal the trash and use the info the glean to further their activity. Or if you are a wealthier individual or a C level employee or even just a head of a department at a larger company. You have access to info that is desired by a lot of individuals in the realm of corporate espionage. The info they could glean from your trash could lead to anything from black mail to robbery to in extreme cases murder if its just easier to make you go away to set your project back a bit.

To counter this, a good rule of thumb to follow is that only organic (food or food containers) get thrown in the trash (or recycling). If the packaging from other items is clear they can be thrown away to.

If its paper/card board it either gets shredded and then mixed up with other shreds and thrown out in batches or its burned. (especially important with anything financial or with personal info on it), or you it can be shredded then burned if you are particularly paranoid or you have a high level security concern.

Now when traveling or on the go never throw out anything with personal information and avoid using any trash cans that are in your room/office or location that can be tied to you. Take your trash with you when you leave and if it doesn’t need to be shredded or burned throw it out in a common area trash preferably the dumpster or a trash can at another location. This makes it harder to link any info you may be throwing out specifically to you.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms ​

 

Faraday bags

We are starting a series of posts covering surveillance/counter surveillance or offense and defense and the equipment used and thought of no better place to start than faraday bags.

Faraday bags are a very simple but important piece of defensive equipment that serves basically two purposes. Blocking signals from entering or escaping and device protection from outside EMFs.

They come in sizes ranging from small for your key fob for newer high end luxury cars to prevent cloning and car theft on up to full on back packs and suit cases for those needing to carry around lots of sensitive equipment. The most popular sizes though are for Phones, tablets, and laptops.

Faraday bags consist of a special fabric that blocks out 100% of wireless signals being either sent or received by what ever device you put in them. (or at least they should) you should always test your bags before you are needing to rely on them.

Some can also offer protection from EMP and other sources of EMFs that can damage your electronic devices if they are strong enough. This is where the protection category falls as well as they prevent anyone in the immediate area from connecting to your device, usually this is done over bluetooth.

They come in sizes ranging from small for your key fob for newer high end luxury cars to prevent cloning and car theft on up to full on back packs and suit cases for those needing to carry around lots of sensitive equipment. The most popular sizes though are for Phones, tablets, and laptops.

There are many reasons you will want to use a faraday bag/pouch. Ones of those cases would be….

Privacy. Placing your devices in a faraday bag cuts off and keeps anyone or thing from connecting to your device with out your knowledge. This applies if you want to avoid being GPS tracked by apps or having your phone or device wifi/blutooth hacked. Another privacy related reason is that cities are starting to place blu tooth tracking nodes through out the city to track “traffic patterns” or so they say. These nodes connect to any device that enters their range and logs the information. Even if this is for traffic patterns it would not surprise me if this is used to look up who was in an area at a certain time when law enforcement needs too. Or in relation to our previous post when a rouge employee wants to track their girlfriend

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms

Dodging Drones intro

Drones are quickly becoming a bigger and bigger part of everyday life. From governments to private citizens, for recreation to emergency response, and military operations. With this rapid expansion it’s only natural that criminals and their organizations have started using them as well.

This is ranging from smuggling contraband, IEDs, and illegal surveillance which can range from the neighborhood creep to high-end corporate espionage and organized crime such as recon for cartel groups and so on.

The average citizen wont likely encounter the majority of these except some form of illegal surveillance. The most common examples of this are peeping Toms, stalkers, and paparazzi for the more famous people out there. All three of these groups have been caught using drones to accomplish their tasks in one form or another. Papparazi don’t need to scale a fence or wall anymore when they run a drone from the road or side walk and get better pictures.

If you’re a high profile or targeted individual you also can’t rule out criminals and organizations that are targeting you from using drones for site recon, tailing, etc as they would be stupid not to. There is a reason that Law enforcement and the military started using drones in the first place.

The tactics used to counter a drone operation against you is going to depend on the your situation. Mainly, who is targeting you, the quality of the drone they are using, and whether you are mobile or stationary.

If a government or an organization that has access to predators, reapers, or other Nation state drone tech. You options are going to be very limited. As drones will not be the only equipment and type of surveillance directed at you. We will not really be covering this group but keep in mind that many of the tactics for other drones will still apply just to different degrees of effectiveness.

Evading surveillance by drones when you are mobile is going to be the same as other forms of surveillance. You need to break line of sight and then either hide or change direction and move out of the area without being re-acquired.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the site.

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms ​

 

 

 

When you go some where keep it to your self

The biggest home safety precaution you can take is to keep it to your self when your home will be unattended.

This means if your going on a trip don’t post it on social media until after your back. Especially don’t post specific dates or times prior to leaving and do not post pictures or anything about your trip until after you get back.

Making it known that you are gone is asking for something to happen to your house while you are.

Other precautions to take is not getting your Mail held or stopped but have some one you trust pick it up every day, especially if your mail box is at your house to keep up appearances and have them check on your house daily or better yet have them stay there and house sit but ONLY if you really trust them.

A house with mail or news paper piling up is a dead give away. Now if for what ever reason you don’t have any one you can trust it’s better to hold your mail than have it pile up. The only con is mail and newspaper staff have been caught giving their hold list to a criminal colleague to rob the house but it is a lesser occurring issue than a thief coming across a house with mail piling up.

How AirTags are a Potential Threat to privacy

A new property tracking product turns the entire IOS network into a location tracking mesh network that could easily be used by stalkers and criminals to target their victims.

Apples AirTags are compact have wide spread coverage, and are affordable. These devices are designed to be used for tracking your belongings but potentially can track anything. Airtags are registered to the owners ICloud account so they can be found using the Find My app or simply by connect to blue tooth for near by locating.

This is done without GPS (allowing them to be much smaller) by turning every IOS/MacOS device into a mesh network. The AirTag sends out a secure Bluetooth signal that can be detected by nearby apple devices that have the bluetooth turned on and that device sends the location of your AirTag to iCloud for you to find in the Find My app.

These devices being small and lightweight means they could easily be concealed on someones person or in their possessions in order to track them without their permission/knowledge presenting a huge problem specifically for someone who is being harassed or stalked.

There is an attempted countermeasure to this use case but it is unclear at this point how effective it will be especially since it would seem it requires you own an IOS device in order for it to protect you. Apple states

“If someone else’s AirTag finds its way into your stuff, your iPhone will notice it’s traveling with you and send you an alert. After a while, if you still haven’t found it, the AirTag will start playing a sound to let you know it’s there.”

This “protection” requires if you have an IOS/MacOS device that you leave your bluetooth turned on otherwise your device cannot pick up the signal from the AirTag to know that it is there. This is unadvised as it leaves your phone vulnerable to host of other attacks and issues.

With Only 13.25% of computers in the United states being Mac and roughly 30% of mobile devices (tablets and phones) running IOS. Means that the majority of people are not protected by Apples safeguard against being tracked without consent while still having enough devices out there around a person to create a viable mesh network for someone to rather effortlessly track someone with out them ever knowing.

While compact tracking tech is not a new thing, The wide coverage, low cost, and small package due to no need for GPS makes this a serious potential threat to watch out specifically by targeted individuals, those who are victims of stalking, and criminal investigators in future cases.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the site.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms ​

Digital GoBag

With todays tech flash drives are an amazing and under utilized tool. You can use them to store an entire media library incase of emergency or install a whole operating system and carry a “computer” on your key ring. For those interested for more information on this look into linux live drives there is way better info out there than I could ever put out.

Live drives afford many possibilities when it comes to privacy and security especially when traveling, you’re in a situation where you can’t or don’t want to carry a computer or in extreme situations you need to have a secure/concealable system to store sensitive data.

This is often the case with politically persecuted people, people in countries that heavily censor their people. This also applies to investigative journalist that cover sensitive topics that could put a target on their back.

The main way I advocate using them for the every day person is using them to set up an emergency electronic #gobag of sorts.

Using an OS called TAILS you can set up an encrypted drive that you can store important documents such as passport images, birth certificates, visas and so forth within encrypted files as well as the flash drive being encrypted. You can also set up crypto currency wallets for emergency funds if you so desire.

Once this drive is set up properly you can carry or conceal it on your person and plug it into any computer if you need to and access the information you’ve stored, the internet, you’r crypto, what ever you need it for at the time.

The drives OS and anything you do will be isolated from the main system on the computer and leaves no trace of use as it wasn’t using the main systems memory (only its flash memory which wipes on shutdown)

This makes it so that anything you do, your passwords, your information and documents etc all are safe because no tracking software that may be on the main system or the next user can access your info or data because the.

To set this up in the manner that I mentioned above you will need to set up the drive with encrypted persistence.

To do so you will need two drives as you need one drive running TAILS to set up another with encrypted persistence.

SET UP INSTRUCTIONS

ENCRYPTED PERSISTENCE INFO

Once that is done your good to go. Just about everything you should need for a basic privacy set up is on there with the OS.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the site.

Sign up for our email list and you will receive exclusive content that adds to the articles we post here.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms ​

Trusted Resources

ProtonMail and Encrypted Email

A secure and encrypted email address is the backbone of even the most basic online privacy plan. This is the first thing that just about any other tool, account or service that you will need such as email forwarders, cell phone accounts, and so one is going to ask for.

I recommend having multiple addresses for different aspects of your plan/life. I have mentioned this before in other posts and I will cover this in more depth in the future as well as how to benifit most from Protonmail for the privacy minded.

The email service that I highly recommend is ProtonMail. I use it personally, as well my clients, and many people I know use it as their business email structure as well because you can link your web addresses to it so that you can have email addresses using your url.

They offer some of the best security and privacy protections in the business and have a grown a trusted reputation in the privacy sector as well as among people whoes life may very well depend on their privacy and security holding up, such as reporters, the politically and just generally persecuted and so one.

ProtonMail is a Switzerland-based secure/encrypted email service that was created in 2014. They also offer VPN service and are constantly adding features to their platform including cloud storage, contacts, and encrypted calendar(BETA). ProtonMail’s mission in their words is “to make secure and private email communication easily accessible to all.”

The following information is facts directly from Protonmail.

ProtonMail is owned by Proton Technologies, which has a long history and ​strong reputation in the privacy world.

The company maintains some of the world’s most widely used open source encryption libraries and has a long history of working towards promoting Internet privacy.

ProtonMail uses end-to-end, zero-access encryption so that no one even the company can access users’ messages, drives, calendar details and so on. There are no special or overly technical steps to follow, and all encryption happens automatically and by default.

To achieve this high level of security, in their words “ProtonMail assumes that all mail servers may eventually be compromised. Thus, ProtonMail uses end-to-end encryption and zero-access encryption to protect user data. If a server only contains encrypted messages, users have a much higher level of security in the event of a security breach. The use of encryption also prevents ProtonMail from being able to decrypt and share user emails with third parties.”

As well as their security precautions that keep them from being able to analyze user data they also have no incentive to
spy on or sell its users’ data as they have no advertising inside their apps.

The security of their platforms extends beyond just strong encryption and includes features designed to mitigate human vulnerabilities and physical threats.

End-to-end encryption
Which means that messages cannot be intercepted in transit and decrypted by any third party as they are encrypted on the senders device and can only be decrypted by the recipient.

Zero-access encryption
Even if a user’s contacts are not using ProtonMail, All emails sent to/from a ProtonMail account (even if the other side is not using ProtonMail) are stored with zero-access encryption. So that the messages are encrypted, they can only be decrypted by the account owner. (Keep in mind any copy on the other persons email account may not be stored encrypted.)

Additionally, ProtonMail users can also send end-to-end encrypted emails to non-ProtonMail users with the ​”encrypt to outside” feature​. Which sends the email encrypted to the recipient and you can give them a way to decrypt the email without them needing a ProtonMail account.

Open source cryptography
ProtonMail uses only secure implementations of AES, RSA, and adheres to the open source OpenPGP standard. By using open source libraries, users have greater assurance that the encryption algorithms do not have built-in back doors. ProtonMail’s open source software has also been vetted by security experts from around the world to ensure the highest levels of protection.

Hardware-level security
ProtonMail has invested heavily in owning and controlling its server hardware and doing so within Switzerland, so data never goes to a third party cloud. This ensures that all user data is protected by Swiss privacy laws and on a system level, ProtonMail servers utilize fully encrypted hard disks, which protects user data from physical hardware seizures.

Authentication
ProtonMail uses the Secure Remote Password protocol to ensure that neither ProtonMail nor an attacker with network access can obtain users’ passwords. ProtonMail also offers two-factor authentication via 2FA apps.

Address Verification

To mitigate man-in-the-middle attacks​ ProtonMail uses Address Verification which leverages ProtonMail’s ​Encrypted Contacts​ feature. This unique feature ensures secure communications cannot be intercepted by an attacker tampering with encryption keys.

This additional enhanced level of security, and it’s one of the reasons it is the preferred email provider for journalists and other individuals with the highest security and privacy needs.

Self-destructing emails
ProtonMail allows users to send messages that will automatically delete themselves after a user-selected period of time.

Plans and pricing
All of the company’s revenue comes from subscriptions to premium plans and donations from the user community and does not show ads or make money by abusing users’ privacy.

ProtonMail has apps for IOS and Android as well as web access that can be used on any OS with an internet browser. In addition ProtonMail offers other useful apps such as The ProtonMail Bridge, which is a desktop application for paid users that encrypts and decrypts mail as it is sent or received by the user using a program that supports IMAP and SMTP, such as Microsoft Outlook, Mozilla Thunderbird etc.

They also offer an Import-Export application (beta) which is a application currently available to users on paid plans that lets them transfer emails easily to and from their ProtonMail account. This allows users to import their mailbox from another email account, such as Gmail or upload email files stored on their computer into their ProtonMail encrypted Inbox. It can also be used to export emails from their ProtonMail account to their hard drive for secure local backups.

ProtonMail believes everyone in the world should have access to secure and private online communication, regardless of their ability to pay. Which is why they offer a free plans as well as paid plans for those who need more storage, more features, or just want to support the project so that they can continue to offer the service to those who need it and cannot afford it.