Infosec | Travelers Tradecraft

August 27, 2021July 29, 2022

Phone locations can be tracked without GPS

The location of your phone can be tracked even If your GPS is turned off, and used to track your location. This is done by a method triangulating the phone using cell towers and the signal from them in called Radio Direction Finding.

Quick defense tactic to counter this tracking is a faraday bag, get yours here and support our site in the process

When your phone connects to a cell tower the cell tower generally can tell what general direction your phone is from that tower based on the strength of the connection in different directions. This is the same concept of how wildlife tracking collars have used for decades and how the FCC tracks down pirate radio stations, this is because “cell service” is really just a radio signal sent out from the tower, same as any radio station, or hand held radio just on a different frequency.

The result of this is a general direction/heading from that tower that your phone could be found. With typical cell phones now the signal sent out by the cell tower is a wide beam
that spreads out and gets weaker over distance, imagine a cone with the wide end extending out from the tower.

Now if your phone can connect to multiple towers this gives multiple directions/headings that if laid over a map would create a cross point, al be it a wide one where theoretically your phone would be located. Now the more towers your phone can connect to the more accurate the location will be because the
the area within that cross point where your phone can connect to all the towers theoretically gets smaller the more towers there are. Now in most areas your phone will connect to 1 or maybe 2 towers with the exception of larger major cities where you may connect to more.

This method can also be used to track location via Bluetooth connection. It was announced a few years ago that the UK was using Bluetooth hotspots in trashcans and other city fixtures to track “traffic patterns” by connecting to peoples phones that walk near them.

Any device that uses cell service or any radio frequency, can be tracked in this fashion, Tablet, Car, laptops, smart watches, ham radio, etc. If it has cell service or uses radio frequencies, it can be tracked by radio direction finding.

S2_Underground has a great video on Radio direction finding on their #lbry channel.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms

July 16, 2021July 29, 2022

Faraday bags

We are starting a series of posts covering surveillance/counter surveillance or offense and defense and the equipment used and thought of no better place to start than faraday bags.

Faraday bags are a very simple but important piece of defensive equipment that serves basically two purposes. Blocking signals from entering or escaping and device protection from outside EMFs.

They come in sizes ranging from small for your key fob for newer high end luxury cars to prevent cloning and car theft on up to full on back packs and suit cases for those needing to carry around lots of sensitive equipment. The most popular sizes though are for Phones, tablets, and laptops.

Faraday bags consist of a special fabric that blocks out 100% of wireless signals being either sent or received by what ever device you put in them. (or at least they should) you should always test your bags before you are needing to rely on them.

Some can also offer protection from EMP and other sources of EMFs that can damage your electronic devices if they are strong enough. This is where the protection category falls as well as they prevent anyone in the immediate area from connecting to your device, usually this is done over bluetooth.

There are many reasons you will want to use a faraday bag/pouch. Ones of those cases would be….

Privacy. Placing your devices in a faraday bag cuts off and keeps anyone or thing from connecting to your device with out your knowledge. This applies if you want to avoid being GPS tracked by apps or having your phone or device wifi/blutooth hacked. Another privacy related reason is that cities are starting to place blu tooth tracking nodes through out the city to track “traffic patterns” or so they say. These nodes connect to any device that enters their range and logs the information. Even if this is for traffic patterns it would not surprise me if this is used to look up who was in an area at a certain time when law enforcement needs too. Or in relation to our previous post when a rouge employee wants to track their girlfriend

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms

June 18, 2021June 18, 2021

How AirTags are a Potential Threat to privacy

A new property tracking product turns the entire IOS network into a location tracking mesh network that could easily be used by stalkers and criminals to target their victims.

Apples AirTags are compact have wide spread coverage, and are affordable. These devices are designed to be used for tracking your belongings but potentially can track anything. Airtags are registered to the owners ICloud account so they can be found using the Find My app or simply by connect to blue tooth for near by locating.

This is done without GPS (allowing them to be much smaller) by turning every IOS/MacOS device into a mesh network. The AirTag sends out a secure Bluetooth signal that can be detected by nearby apple devices that have the bluetooth turned on and that device sends the location of your AirTag to iCloud for you to find in the Find My app.

These devices being small and lightweight means they could easily be concealed on someones person or in their possessions in order to track them without their permission/knowledge presenting a huge problem specifically for someone who is being harassed or stalked.

There is an attempted countermeasure to this use case but it is unclear at this point how effective it will be especially since it would seem it requires you own an IOS device in order for it to protect you. Apple states

“If someone else’s AirTag finds its way into your stuff, your iPhone will notice it’s traveling with you and send you an alert. After a while, if you still haven’t found it, the AirTag will start playing a sound to let you know it’s there.”

This “protection” requires if you have an IOS/MacOS device that you leave your bluetooth turned on otherwise your device cannot pick up the signal from the AirTag to know that it is there. This is unadvised as it leaves your phone vulnerable to host of other attacks and issues.

With Only 13.25% of computers in the United states being Mac and roughly 30% of mobile devices (tablets and phones) running IOS. Means that the majority of people are not protected by Apples safeguard against being tracked without consent while still having enough devices out there around a person to create a viable mesh network for someone to rather effortlessly track someone with out them ever knowing.

While compact tracking tech is not a new thing, The wide coverage, low cost, and small package due to no need for GPS makes this a serious potential threat to watch out specifically by targeted individuals, those who are victims of stalking, and criminal investigators in future cases.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the site.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms

June 10, 2021June 10, 2021

Digital GoBag

With todays tech flash drives are an amazing and under utilized tool. You can use them to store an entire media library incase of emergency or install a whole operating system and carry a “computer” on your key ring. For those interested for more information on this look into linux live drives there is way better info out there than I could ever put out.

Live drives afford many possibilities when it comes to privacy and security especially when traveling, you’re in a situation where you can’t or don’t want to carry a computer or in extreme situations you need to have a secure/concealable system to store sensitive data.

This is often the case with politically persecuted people, people in countries that heavily censor their people. This also applies to investigative journalist that cover sensitive topics that could put a target on their back.

The main way I advocate using them for the every day person is using them to set up an emergency electronic #gobag of sorts.

Using an OS called TAILS you can set up an encrypted drive that you can store important documents such as passport images, birth certificates, visas and so forth within encrypted files as well as the flash drive being encrypted. You can also set up crypto currency wallets for emergency funds if you so desire.

Once this drive is set up properly you can carry or conceal it on your person and plug it into any computer if you need to and access the information you’ve stored, the internet, you’r crypto, what ever you need it for at the time.

The drives OS and anything you do will be isolated from the main system on the computer and leaves no trace of use as it wasn’t using the main systems memory (only its flash memory which wipes on shutdown)

This makes it so that anything you do, your passwords, your information and documents etc all are safe because no tracking software that may be on the main system or the next user can access your info or data because the.

To set this up in the manner that I mentioned above you will need to set up the drive with encrypted persistence.

To do so you will need two drives as you need one drive running TAILS to set up another with encrypted persistence.

SET UP INSTRUCTIONS

ENCRYPTED PERSISTENCE INFO

Once that is done your good to go. Just about everything you should need for a basic privacy set up is on there with the OS.

If you enjoyed this post take a look at our TRUSTED RESOURCES page. If you decide to use any of the links and purchase anything we may get a small commission that helps support the site.

Get the most out of our posts by subscribing to our telegram or Matrix/element rooms

Trusted Resources

June 7, 2021

ProtonMail and Encrypted Email

A secure and encrypted email address is the backbone of even the most basic online privacy plan. This is the first thing that just about any other tool, account or service that you will need such as email forwarders, cell phone accounts, and so one is going to ask for.

I recommend having multiple addresses for different aspects of your plan/life. I have mentioned this before in other posts and I will cover this in more depth in the future as well as how to benifit most from Protonmail for the privacy minded.

The email service that I highly recommend is ProtonMail. I use it personally, as well my clients, and many people I know use it as their business email structure as well because you can link your web addresses to it so that you can have email addresses using your url.

They offer some of the best security and privacy protections in the business and have a grown a trusted reputation in the privacy sector as well as among people whoes life may very well depend on their privacy and security holding up, such as reporters, the politically and just generally persecuted and so one.

ProtonMail is a Switzerland-based secure/encrypted email service that was created in 2014. They also offer VPN service and are constantly adding features to their platform including cloud storage, contacts, and encrypted calendar(BETA). ProtonMail’s mission in their words is “to make secure and private email communication easily accessible to all.”

The following information is facts directly from Protonmail.

ProtonMail is owned by Proton Technologies, which has a long history and strong reputation in the privacy world.

The company maintains some of the world’s most widely used open source encryption libraries and has a long history of working towards promoting Internet privacy.

ProtonMail uses end-to-end, zero-access encryption so that no one even the company can access users’ messages, drives, calendar details and so on. There are no special or overly technical steps to follow, and all encryption happens automatically and by default.

To achieve this high level of security, in their words “ProtonMail assumes that all mail servers may eventually be compromised. Thus, ProtonMail uses end-to-end encryption and zero-access encryption to protect user data. If a server only contains encrypted messages, users have a much higher level of security in the event of a security breach. The use of encryption also prevents ProtonMail from being able to decrypt and share user emails with third parties.”

As well as their security precautions that keep them from being able to analyze user data they also have no incentive to
spy on or sell its users’ data as they have no advertising inside their apps.

The security of their platforms extends beyond just strong encryption and includes features designed to mitigate human vulnerabilities and physical threats.

End-to-end encryption
Which means that messages cannot be intercepted in transit and decrypted by any third party as they are encrypted on the senders device and can only be decrypted by the recipient.

Zero-access encryption
Even if a user’s contacts are not using ProtonMail, All emails sent to/from a ProtonMail account (even if the other side is not using ProtonMail) are stored with zero-access encryption. So that the messages are encrypted, they can only be decrypted by the account owner. (Keep in mind any copy on the other persons email account may not be stored encrypted.)

Additionally, ProtonMail users can also send end-to-end encrypted emails to non-ProtonMail users with the ”encrypt to outside” feature. Which sends the email encrypted to the recipient and you can give them a way to decrypt the email without them needing a ProtonMail account.

Open source cryptography
ProtonMail uses only secure implementations of AES, RSA, and adheres to the open source OpenPGP standard. By using open source libraries, users have greater assurance that the encryption algorithms do not have built-in back doors. ProtonMail’s open source software has also been vetted by security experts from around the world to ensure the highest levels of protection.

Hardware-level security
ProtonMail has invested heavily in owning and controlling its server hardware and doing so within Switzerland, so data never goes to a third party cloud. This ensures that all user data is protected by Swiss privacy laws and on a system level, ProtonMail servers utilize fully encrypted hard disks, which protects user data from physical hardware seizures.

Authentication
ProtonMail uses the Secure Remote Password protocol to ensure that neither ProtonMail nor an attacker with network access can obtain users’ passwords. ProtonMail also offers two-factor authentication via 2FA apps.

Address Verification

To mitigate man-in-the-middle attacks ProtonMail uses Address Verification which leverages ProtonMail’s Encrypted Contacts feature. This unique feature ensures secure communications cannot be intercepted by an attacker tampering with encryption keys.

This additional enhanced level of security, and it’s one of the reasons it is the preferred email provider for journalists and other individuals with the highest security and privacy needs.

Self-destructing emails
ProtonMail allows users to send messages that will automatically delete themselves after a user-selected period of time.

Plans and pricing
All of the company’s revenue comes from subscriptions to premium plans and donations from the user community and does not show ads or make money by abusing users’ privacy.

ProtonMail has apps for IOS and Android as well as web access that can be used on any OS with an internet browser. In addition ProtonMail offers other useful apps such as The ProtonMail Bridge, which is a desktop application for paid users that encrypts and decrypts mail as it is sent or received by the user using a program that supports IMAP and SMTP, such as Microsoft Outlook, Mozilla Thunderbird etc.

They also offer an Import-Export application (beta) which is a application currently available to users on paid plans that lets them transfer emails easily to and from their ProtonMail account. This allows users to import their mailbox from another email account, such as Gmail or upload email files stored on their computer into their ProtonMail encrypted Inbox. It can also be used to export emails from their ProtonMail account to their hard drive for secure local backups.

ProtonMail believes everyone in the world should have access to secure and private online communication, regardless of their ability to pay. Which is why they offer a free plans as well as paid plans for those who need more storage, more features, or just want to support the project so that they can continue to offer the service to those who need it and cannot afford it.

April 12, 2021April 12, 2021

Online Infosec Basics

You are the commodity! You’ve probably heard the saying “there is no such thing as a free lunch” well this truer than ever now. Your online personal Infosec is just as important as it is in your in person interactions and passive situations.

With only a few exceptions if a product, or service is free to you this means that the organization putting it out is working on an alternative business model. They are not getting money from their product users so you have to ask where they are getting their money from.

This usually means they are harvesting info from you. This can be addresses, name, phone number or any other personal info. How big a threat to your personal infosec will depend on where on the scale these companies and organizations fall.

On the low end of the scale they are asking for an email to send you a news letter where they will up sell you on paid content or that companies products. This’s is where most small businesses and entrepreneurs is operating including ourselves. They won’t sell your info, they are just trying to conduct their own businesses. The main threat in these instances are data leaks and hacks of either their own systems or any third party service they use to conduct their business.

On the other end you have organizations that will take any and all info they get and sell it. The more info they require the more likely this is the case. This info is likely then, not only used by them but sold to people search sites and other services. This is by larger organizations because they are getting a volume of info that people search sites are willing to pay for. Now not all companies do this and this does happen at everywhere on the spectrum. Do your due diligence and ask your self is what I’m getting worth it if they sell my info.

Now luckily the way to protect your self from both data leaks/breaches and the company them selves selling the information is the same. It’s called one time use information.

This is most easily done with emails as there are multiple services that offer one time use forwarding address. This allows you to create an email address that you will use for only one website or organization that forwards any email sent to it to your actual email address. By doing this you are able to protect your actual email address and if your one time address gets sold, leaked or hacked you are able to shut it off and stop receiving any spam you might be getting and if the information is hacked or leaked, it doesn’t matter because that email is only used for that site and doesn’t connect to any of your other accounts.

This tactic should be used for any newsletter, website, or organization you sign up for or give your information out to. That being said never use these services for anything that involves sensitive information. These services will be able to see any email that is sent to

you so it should not be used for financial, medical, or anything else you consider sensitive. For these instances you should just create a dedicated email for those purposes. We recommend proton mail for a email provider you can find them HERE.

You can either set up a separate account or you can set up a paid account and have multiple addresses that feed into one inbox.