Category: Privacy & Encryption

Letter Re: Cybersecurity: A Systemvault Primer

Dear Editor, It’s nice that you published an article about system and data security. People need to be aware. Overconfidence in encrypted communications however is a disaster waiting to happen. The author wrote: “Another benefit of the way Linux deals with encryption is that any information that is read or written is directly transferred between RAM and the container: any piece of information that exists outside of the computer’s memory is always encrypted.” This is flawed logic as demonstrated by recent attacks on target and other retail giants. RAM scraping is actually pretty old news. I also heartily disagree with …


Pat’s Product Review: Signal Armor

These days, many people are concerned about their privacy, and I admit to being somewhat concerned myself. I recently took down my Facebook page – after it was hacked three times this year. So, if anyone sees a Facebook page with my name on it – it’s not my Facebook page – someone hacked my original page, and made one false Facebook page that looks similar to the real one, and the second one doesn’t even come close to being like my original. Additionally, I found that it was too time-consuming keeping up with everyone’s newest Facebook page posts. Also, …


Cybersecurity: A Systemvault Primer, by D.P.

Welcome to all the brave souls that didn’t scream and/or quickly scroll on when reading the title. I know a fair percentage of SurvivalBlog readers are concerned about OPSEC, but what about your electronic OPSEC? Is it as good as it should be? As good as it could be? I promise you won’t have to read the entire submission but you should take a look at the first few paragraphs to determine if its something you need to address. If you do, you can always try to find some trusted help in securing your systems. During the second half of …


Letter Re: Stronger Passwords for the Masses

Dear Editor, A long tome ago, I looked at diceware as Michael Z. Williamson mentioned (love that XKCD cartoon), and I don’t find it quite as robust as I would like for password generating (I have one diceware-ish password I use for convenience, but used a couple of foreign words and specific capitals as well). Creating a series of simple words that forces the attackers to use a brute force attack on it anyway, made me want to go out and find out a better way to find brute-force-resistant passwords. I found one (essentially, only one) really good password generator …


Stronger Passwords for the Masses, by Michael Z. Williamson

This article should be of interest to anyone who is cyber security conscious–which should be everyone, in the present era: Kill the Password: Why a String of Characters Can’t Protect Us Anymore. Now consider the pointed lesson of the XKCD site. Are you now concerned? …then use: Diceware and Truecrypt The main features of Truecrypt: Creates a virtual encrypted disk within a file and mounts it as a real disk.  Encrypts an entire partition or storage device such as USB flash drive or hard drive. Encrypts a partition or drive where Windows is installed (pre-boot authentication). Encryption is automatic, real-time …


Letter Re: The Serval Mesh Network

Mr. Rawles, If you have not yet heard of the Serval Project, I would encourage you to check out the web site. This is an Australian based non-profit that is attempting to build the software and hardware for a mesh network that can be erected post-disaster. It is all open-source and there is even a free Serval app available at the Google App Store. For those of you not familiar with the idea, mesh networks are self-contained networks that run off of the same protocols as the internet, using the same hardware, but are not necessarily linked to the actual …


The SurvivalBlog Social Media Glossary

I’m often asked about social media, forums, and meetup/networking web sites as a method for preppers to get together. I generally discourage the use of social media, as a big OPSEC risk. As I’ve warned my readers many times in SurvivalBlog, these sites are intelligence-gathering vacuum cleaners for self-incrimination, plain and simple. It has been well established that the NSA gobbles up as much information as it can and wherever it can. Even if what you mention about your private life in Tweets and Facebook posts is presently legal and commonplace (such as food storage, hunting, and shooting), that doesn’t …


Two Letters Re: Preserving a Digital Library

James, I work for a large, three-letter computer manufacturer with a penchant for Blue. Joe Ax’s comments about the problems with maintaining a digital library are right on the money. When I worked in our Storage Division (hard disks, tapes, etc.), this issue came up during a talk on medical systems’ storage needs. There is a requirement for medical records to be maintained 100 years, and yet no computer data storage system has been designed to do this. So what is the ‘solution’?  It seems that doctor’s offices are cajoled/required/encouraged to upgrade their office systems on average of about every …


Letter Re: Preserving a Digital Library

Dear Mr Rawles, Since I have worked for a few decades now with computers as programmer, installing systems and building/repairing computers, I read last week’s articles/letters on a digital libraries with interest. Though most information provided is correct, some possibilities weren’t discussed, while others may not be entirely clear or confusing to the uninitiated. So, in addition to the previous postings, here is my take on ‘digital libraries for dummies’: Putting together a digital library is a good idea and I have one too. It contains everything from books to reference diagrams, user manuals and SurvivalBlog archives. However it can …


Letter Re: Preserving a Digital Library

JWR: I had to ad my own two cents to the Preserving a Digital Library. As a seasoned IT pro myself (one of my early customers upgraded all the the Windows for Workgroups network I setup for him to Windows 95 himself and called me when he couldn’t get it working) I have reliance on my systems, be it my cache of reference documents and ebooks to documents I’ve written myself to my gear and prep inventory spreadsheets. I see no reason to choose Windows XP over Windows 7 or Windows 2000 or Windows 3.1 when it comes to back …


Interrogation for Preppers, by Tim G.

(Editor’s Introductory Note: The following article is presented as an intellectual exercise, or gedanken. Be forewarned that there are mentions of torture (mental and physical) herein which are of course not conscionable behavior! But this mention is only for the sake of showing the full range of potential interrogation techniques, and as a warning that in the future — under different circumstances — you might have to be prepared to resist interrogation. “Forewarned is fore-armed.” Again, none of the following is intended to encourage any SurvivalBlog readers to do anything immoral, or illegal, or unethical. It is in your own …


Letter Re: New Privacy Service

Mr. Rawles,  I came across this today and thought it might be useful to other SurvivalBlog readers. It is called  JustDelete.me. From the web site: ‘Many companies use dark pattern techniques to make it difficult to find how to delete your account. JustDelete.me aims to be a directory of URLs to enable you to easily delete your account from web services.” Essentially it is a listing of links to various web companies where you can delete your account. Currently 129 companies are listed and the site owner has a method for submitting others for inclusion. – Clark H.


Letter Re: Tor and the Illusion of Privacy

JWR; I had noticed some mention of Tor and I believe there was some mention of alternatives to Tor as well, to better protect one’s privacy on the web.  I really hate to say this, but, anonymity on the net really only exists as fiction these days.  Tor has had problems with it’s exit nodes for a very long time and there was a lot of talk in the “penetration testing” community about the FBI using Tor to set up stings last summer.  One can use a VPN (virtual private network) that claims to keep it’s users secrets secret, but …


Tradecraft: Going Jason Bourne, on a Budget

Hollywood movies often show secret agents tossing cell phones out of car windows, and grabbing new ones to activate. In today’s world of almost universal surveillance and tracking, that is actually fairly good tradecraft. When operating in guerrilla warfare mode, a cell phone that is used more than a few times is a liability. So is a cell phone that is “turned off”, but that still has its battery installed. (They can still be tracked.) In summary, here is some cellular phone tradecraft for times of genuinely deep drama: 1.) Don’t create a paper trail when buying clandestine phones. Pay …


Letter Re: New Jersey Court Upholds Man Arrested for Visible Gun Case

Sir: The situation described in the recently-cited article (New Jersey: Court Upholds Man Arrested For Visible Gun Case In Car) only underlines frequent Rawlesian reminders for maintaining OPSEC at all times.  His arrest might have been avoided had he simply covered the cargo area with a blanket so the cases were not visible.  Hopefully the conviction will be overturned in a higher court under the provisions of the Firearms Owners Protection Act (FOPA).  In general, this states that: “notwithstanding any state or local law, a person is entitled to transport a firearm from any place where he or she may lawfully possess …