Is it really worth booting up TAILS if all you want to do is browse kitty pictures before you go to bed?
How badly do you want someone to have information about you that they can use for social engineering purposes? All I need to know is your UID and that you like kitty pix and I can engineer an online persona that plays into that as a way of gaining your trust — start posting similar stuff on FB/IG, put ‘kitties’ as an interest on a dating profile and so on.
Even the most seemingly innocuous information is more information than “I know absolutely nothing about them”.
And the question is nonsensical anyway. If you’re using TAILS in the first place then, yes, you’re going to fire it up to protect your privacy, otherwise you’re not the kind of person who’d be using it.
Moreover, given that you have to boot up an OS of some kind in order to browse for anything, you might as well boot up TAILS as anything else. It’s no more onerous to boot to TAILS than it is to boot to any other OS — booting an OS is booting an OS, so it might as well be TAILS as not … the question is a ‘straw man’ argument.
Do you really need to teach your nephew how to download and run a Tor-compliant browser before you can help him with his algebra homework?
So … unless it’s disinformation … a deliberate misdirection … u/Trai_Dep has at least one nephew and, therefore, must have (had) at least one sibling.
That’s interesting.
Well, we can start ‘getting to know’ each other better by my dropping a few throwaway comments about my ‘nephew’ when I post … develop that into a discussion about family — before you know it we’re discussing how many siblings we each have … and who knows what other tidbits that can be used to encourage him/her to divulge even more about themself.
Sheesh … u/Trai_Dep might want to examine their OpSec practices, because it’s not paranoia to observe the fact that there are some very disturbed people out there and … akin to the aphorism that it doesn’t matter whether you believe in God but whether He believes in you … it doesn’t matter how small the danger might appear to you, once they’ve got you in their sights, it is very real and very present. And there’s no point in downplaying the danger by rhetorically questioning why anyone would be obsessed with us specifically out of all the billions of people in this world … they’re psychologically disturbed, so trying to rationalise away their irrational behaviour is fruitless, because it doesn’t change their behaviour in any way. Is u/Trai_Dep, by any chance, a man … and, perhaps, unconcerned by the prospect of being stalked by an (at best) unstable individual who might (at worst) prove dangerously so?
To the specific point, however: it depends on whether you’re in the room with him or not. If not then, yes, you might like to do so the very first time in order to reduce the chance of any grooming attempt by someone offering help with his homework can identify him thanks to his IP address (starting with the ISP and working down to the town he lives).
“Before I get into ‘can someone completely hide themselves from the internet,’ I’d ask them — after shaking them by the shoulders — why would you want to?,” says u/Trai_Dep.
Why would you want to?
Because you want to disappear IRL — at least to a certain extent anyway.
I’ve had a (years long) disagreement with someone about security versus privacy and just cannot persuade them of the concept that there is no difference between the two … that privacy is security and vice versa — and it makes no difference whether we are talking about an individual, a business entity or even a nation.
If you can’t determine whose they are then it doesn’t matter if you publish my private data for all the World to see because there can be no impact upon me personally. You can have my account details, but without my password, they’re of much less use to you as a criminal. You can have my housekeys but, unless you know which house they belong to, they won’t help you break in to my home (N.B., if you have a pet, don’t put its name or home address on the ‘if found’ tag on its collar, just a contact number — otherwise the dog/whatever thief knows how to gain some trust by using its name and the burglar who discovers it knows where there’s no guard animal to worry about). As long as my face … or any other distinguishing feature … isn’t visible, you can post as many pix as you like of my naked body anywhere you like, because no-one will ever know it’s me.
Likewise, therefore, the reason why you would want there to be less information about you available on the Internet is because you want there to be less information that can be used against you at all. You are, in short, attempting to gain more security by virtue of increased privacy.
And even among these super-dedicated privacy enthusiasts, they’re only one human error from giving it all away. “Keeping your privacy shields dialed to ‘11’ all the time is exhausting, and when you’re tired, you’ll make mistakes. Thus making all your efforts futile,” says u/Trai_Dep.
So, what u/Trai_Dep is saying is that, because you once forgot to set the alarm on your home when you went out, you shouldn’t bother having one anyway? No? Okay, is it perhaps that, having an alarm and setting it is fine, but don’t worry about posting details on social media of when you are away from home, because concerning yourself with that will add cognitive load and make you forget to set your alarm?
You might make mistakes, so don’t bother trying to do things properly — you can’t win, so don’t try.
Seriously?
When we’re tired we make mistakes, yes. But that’s not the same thing as making the mistake of being careless when we’re not tired — the fact that you might be tired one morning and forget to set the alarm as you leave for work does not mean you don’t bother to install an alarm in the first place, because it’s exhausting to have to remember to set it.
Who is this u/Trai_Dep and why should anyone listen to them?
Lopp described how he created an LLC, bought a decoy house, used a pseudonym with anyone he met in public, and hired a private investigator to check his work. In the end, Lopp estimated that it took $30,000 to fall off the face of the Earth.
So, he’s disappeared himself completely then. No contact with any family or anyone who ever knew him ever again. He’s scrubbed the Internet Archive Wayback Machine and there is absolutely no chance of a random photo of him floating around. He’s paid to have every privately owned commercial record scrubbed (all footage of every CCTV he ever walked past wiped without chance of recovery, every traffic cam that might have recorded the driver of a vehicle, police dashcam/bodycam footage, the works).
No?
Then … unless he’s had facial reconstruction and is never a person of such interest that gait recognition will be use to watch for him popping up somewhere ¹ … he can be found with time, effort and money.
It’s hyperbole on Lopp’s part — never mind the Internet, if you read Ahearn’s work you’ll see him point out, right at the start of his very first writing, that, whatever steps you take, even he can’t disappear you completely, only make you difficult to find.
And, unless he’s never going to use the Internet again, he can be traced by his behaviour: leaving aside the dangers of tracking or even browser-fingerprinting, behavioural fingerprinting is real — no two people will ever look at the same web-pages, in the same order and linger on them for the same length of time; hence the development of obfuscation techniques along the lines of TrackMeNot, which, whilst far from perfect, is a good example of the principle … and AdNauseam … in keeping with Ahearn’s recommendation to create a cloud of misinformation/disinformation.
My recommendations …
Use cash exclusively (never card or <shudder> Apple/Google pay services via NFC).
Only ever draw it out from the same few ATMs and always have enough in reserve to enable you to travel there from a great distance away — never allow yourself to break that rule and allow your movements to be known.
Get other people to make as many purchases for you as possible and collect them from them in person afterwards; never have them associate the purchase with your name/address by sending them to you — as a benefit to them, you’ll be muddying their profile as well as obscuring yours.
If you need a mobile/cellular phone …
Get someone else to purchase it, unlocked, over the counter, for cash and refuse to give any personal details — if the vendor won’t sell it to them under those circumstances they need to either find another vendor or else provide false information.
Yes, the initial outlay is greater but …
- Don’t be fooled by the idea that the cost of your phone is subsidised if you get one on contract — neither the OEM nor the service provider has any interest in giving stuff away for free … you pay for it as part of your monthly charge, trust me.
- Buy a cheap (or midrange) Android device and you’ll get one (maybe two, if you’re lucky) OS updates before it starts becoming unsafe to use it any longer, but if you buy a flagship device, you’ll get one (maybe two, if you’re lucky) OS updates before it starts becoming unsafe to use it any longer … so, you really don’t need to spend hundreds of dollars to have a perfectly adequate phone in your pocket/purse/bag.
- Yes, iPhones last longer in terms of OS updates, so (theoretically at least) they will last longer for the money, but … sooner rather than later, the apps you can use on them are no longer updated (which is just as unsafe) and, moreover, the battery wears out just as rapidly as an equivalently priced Android device … both of which leave you needing a replacement iPhone pretty much as quickly as you need a replacement Android device, only it cost you more to buy — no, their retaining a higher resale value isn’t a mitigating factor because that’s just a matter of offsetting the loss rather than not having spent the money to begin with (by the time you resell your phone, the money you spent isn’t worth as much as the money you are going to spend, so the recouped money isn’t as great as it might seem).
Do not register the device.
Do not purchase a contract but make use of a ‘prepaid’/’Pay-As-You-Go’ service. Only ever top up the credit with cash — ideally get someone else to do so on your behalf and give you the voucher number to top up with on your phone (the less frequently you are caught on the in-store cameras, the more difficult it is to associate the purchase information with your face at the counter).
Create a pseudonymous identity for your user account with Apple/Google and never use the email account provided to contact anyone other than Apple/Google or any app developer with whom you need to communicate for support.
Only ever purchase items (apps/ebooks/music/whatever) with ‘gift’ cards purchased with cash (yes, you guessed it, ideally by someone else).
Disable account synchronisation and all other tracking services (location services, ‘find my phone’, the works).
Use a password, not biometrics.
Get a camera and microphone blocking app — even then, I recommend physically covering the selfie cam (if you absolutely must send that duckface/dickpic you can ensure it’s as good as can be by backing the tape with a piece of paper to protect the camera from the glue).
Keep your contacts on your device, never sync them with ‘the cloud’. Never use people’s real names but create pseudonyms for them. Do not store any other data about them (date of birth, birthdays, addresses, etc.).
Likewise, request (insist) that all your contacts do the same for your number — that way anyone trying to piece together your network will have a harder time because all your contacts have a different name associated with the number, so the fact that they all have the same number in their contacts doesn’t help identify who you are.
Never install any apps that provide information about your other activities, like email apps, the Medium app, etc. — if you don’t tell Google/Apple what email provider you use they can’t add that information to their database … likewise, if they don’t know you even use Medium, they can’t know who you are on it.
Obviously, you should turn off location tracking services but, first, use a location faking app to build up a (plausible) pattern of movement somewhere sufficiently far from where you really spend your time — if, like me, you are known to ‘globetrot’, this can be all the more effective, as you can plausibly relocate to a number of different countries as well as cities.
Install a (‘no root’) firewall app and restrict all but the essentials — autocorrect is largely adequate without storing every word you use in someone else’s online database … Gboard (for instance) does not stop working if you block it from accessing wifi/data … it just doesn’t offer any personalised recommendations of what word it thinks you’re likely to want to type next (how inconvenient </sarcasm>).
Never use a data connection, only WiFii (which is bad enough but you want to limit how much the tracking device in your pocket gives away) and spoof your MAC address before connecting to anything anywhere with wireless (including bluetooth).
Turn WiFi off before you step outdoors: if it’s genuinely urgent, whoever needs to contact you will call you and, in the meantime, you aren’t giving your location to in-store beacons or random routers you pass in travels; you don’t need someone else’s ISP knowing you walked past their house at 17:30 on your way to the station, so that they can monetise that information to Google, who will use it to create a ‘useful’ map of all the World’s access points — useful to whom, precisely? (unless you have the password to that access point, neither you nor anyone but the owner is ever going to be doing anything useful with that information, are they?).
Use offline versions of maps, train/bus/metro connections, etc. — you don’t need a step by step tour guide, just the knowledge of where you are, where you’re going and how to read a map … you can investigate times elsewhere, from another (unassociated) device, by looking at the departure board, or (in extremis) by (gasp) asking someone there (amazingly, random people at busstops often know what time the bus will arrive/depart).
Obscure your behaviour by installing (offline) city/town maps for other places you might plausibly frequent and using them to plan journeys you might make — again, if you travel internationally with any frequency, this can go a lot further to obscuring your movements/behaviour.
Wherever you are, use a VPN to connect to a ‘shell’ account ‘owned’ by another, equally obscure, identity, from which you connect to Tor and/or I2P (or whatever) — your ISP knows who you are but not what you’re doing beyond connecting to your VPN service, your VPN provider knows who you are but not what you’re doing beyond connecting to a different ‘service provider’ (your shell account), your shell account provider knows what you’re doing (connecting to the Tor network) but not who you are and the end node can sniff as much as it likes (unless you’re wanted by a government) it cannot trace that data back to you personally. Needless to say, never connect to anything officially linked to you … like a work/business/official account of any kind … never ever do any kind of online banking at all … and only ever do online shopping if you absolutely can’t persuade someone else to do it on your behalf (and then you should create pseudonymous identities, like you did for your phone, only use gift cards bought with cash to top up your account, and avoid having the purchases delivered to an address associated with you).
Use Signal (or, at a pinch, Threema ²) to communicate with people (it has free end-to-end encrypted voice as well as text messaging) via WiFi. Persuade others to do the same. I’ve not had even one person complain that it was too much trouble to install it and leave it running in the background on an iPhone, whilst they used WhatsApp for everyone else. Nor has anyone using Android balked at the idea of using it — what’s more, on Android, they don’t need to worry about leaving it running because notifications come through even if it’s not running in the background.
If you are out and about, rather than giving your location and movements away with the precision of a data connection, use Silence, which encrypts SMS messages between you and anyone else using it … or sends/receives normal SMS otherwise. Again, try persuading other people to use it as well, to increase the number of people using encrypted SMS. It’s a better option than using Signal as your default SMS app as well as instant messenger, because it doesn’t need a WiFi/data connection to encrypt and send messages — the normal SMS channel is all it needs.
For goodness’ sake, don’t do ‘social networking’ at all … but, if you just can’t help yourself, don’t do it from your phone — Facebook/Google/Microsoft may still track you on your laptop but at least you aren’t giving them the names/numbers/addresses/birthdays/email addresses/whatever else you foolishly stored about other people without even their knowledge, let alone consent, in your phone as well!
On your laptop/desktop, use the Torbrowser bundle/app unless you have to access something that requires you to identify yourself for official purposes … and then use Firefox with security/privacy extensions ³.
If you do all this, will you have turned your settings up to ‘11’?
Yes.
Is it particularly onerous?
No … no more so than using a phone without any of the above. For the most part, it’s a set and forget approach unless you add a new app and the only time it ever really intrudes is when you need to unblock the camera/microphone before using them … or spend another twenty units of your local currency to purchase another ‘hundreds of minutes, unlimited texts and data package you aren’t foolish enough to use because you never turn it on’ to cover the next thirty days of pre-pay/Pay-As-You-Go usage.
You need to keep a ‘float’ of cash on you to cover unexpected eventualities, so that you don’t end up using your plastic and defeating the whole approach — which, again, is not really that onerous … you just have to remember to replace it after you’ve spent it (and to only do so from one of the same, small, range of ATMs where you live). After all, unless you spend your time jet-setting around the globe (in which case, thanks to your passport, your movements are known in more detail than most people’s anyway), with no predetermined departure/return dates …. and are, furthermore, foolish enough not to take extra cash with you to cover emergencies (in the form of a pre-paid cash/credit card) … then how often do you need to spend unanticipated sums of money anyway?
The most irritatingly intrusive part of it all is the need to authorise ridiculous numbers of elements in your browser on your laptop/desktop —you pretty soon learn that the design of most websites is very poor indeed (with far too great a reliance on Javascript rather than the fundamentals of good design)
When the time comes to replace your phone, keep it.
Relegate it to the position of ‘public’ phone for all the people you absolutely have to but don’t want to know any more about you than absolutely necessary (government, service providers, insurers, doctors/hospitals, employers, clients, everyone who isn’t a family member or close personal friend).
Get a new SIM (from a different network/carrier), get a new pre-pay/P-A-Y-G account and number, put it in your new phone and supply that number to to your nearest and dearest only. Explain to them that they are not to give it to anyone else, no matter who it may be or what the circumstances. Tell them to give everyone else the old number instead — that way, you keep your private contact details private.
Better yet, encourage others to do the same and put your new number in their new phones, so that there’s no link between your old number and your new one on their phones either. A new pseudonym can work too, but then they have to remember the old one as well and, as they never call it any more, they soon forget and likely delete it — so, if you can’t persuade them … get them to create a new pseudonym for your new private number … copy the old number into a note and keep it available to provide to others when necessary … and delete the old pseudonymous contact altogether.
—
¹ And let’s not forget that, if you’re prepared to get in touch with the right unsavoury individuals and groups then, eventually, you’ll find one with connections on the inside of a government body with access to such systems.
² I have reservations about Threema (not least its lack of Perfect Forward Secrecy) but at least it’s not <shudder> Telegram and, should the disconcerting EARN IT bill become law in the US, it’s the next best thing to Signal.
³ At the very least Temporary Containers (by stoically), uMatrix and AdNauseam but ideally NoScript too — there’s a slew of others I’d recommend, but I’ll probably save those for a post of my own, in which I go into more detail about Firefox extensions.
