Online Security Matters

*Disclaimer: This is a guest post by Jay, the guy who created this website with Selco.*

Right now the Feds are looking into warrantless cell phone surveillance after a surpeme court ruling made them turn off 3000 GPS tracking devices.

That might have been the latest big news of a government slowly removing the rights of their citizen. That governments worldwide actively surveillance online communication is already old news.

Staying anonymous online

“According to current and former intelligence officials, the spy agency now monitors huge volumes of records of domestic emails and Internet searches as well as bank transfers, credit-card transactions, travel and telephone records. The NSA receives this so-called ‘transactional’ data from other agencies or private companies, and its sophisticated software programs analyze the various transactions for suspicious patterns”. Source

It is free to your imagination what “suspicious patterns” are. They might not target preppers today, but we don’t know what’s going in five years from now so it is needles to say, it is important to be prepared in this area as well. Better to take care of this now before they have an even more detailed profile of you.

If you want to stop worrying about who might read what or how your data is used then this is for you.

Let’s get started.

How the Internet works

If you want your computer to be able to use the Internet, it has to be able to send and receive data. It does so through a particular language called TCP/IP (or Transmission Control Protocol/Internet Protocol).

The computers that host websites are commonly known as servers and just like your Internet access point (your home network, for example) they all have unique IP addresses, a series of numbers unique to your computer. (Visit this website or google for “my ip” to see yours.)

IP addresses make the Internet work because to exchange packets of data computers need to know where to get that data and where to send it.

Your Internet service provider (ISP) assigns you an IP addresses. There are two kinds of IP addresses: those that remain the same (called a static IP address), and those that change every time you connect to the Internet (called a dynamic IP address).

Your Internet service provider logs and stores your IP address for some months (or even years) depending on the country you live in and the the company’s own policies.

Your IP address is stored in case any authorities want to track the identity of a certain Internet user. In this case the ISP hands over the IP logs to the authorities which shows whose account was used.

Your IP address is also recorded whenever you access websites, send emails or do other activities online. If you prefer to maintain your privacy, there are a few steps you can take to truly remain anonymous online.

Let’s have a look what happens when you visit a website using a regular Internet connection. You enter an Internet address in your browser, let’s say the website of the Brazilian government. Your ISP routes this request to their domain name servers (DNS) which searches for the IP that corresponds with the Internet address you entered. The DNS returns the IP of the server where the Brazilian government website is hosted and establishes a route to it.

This route can go through many networks and it always sends your network IP along so at the end of this route the server in Brazil sees a request from your IP address and sends back the data you requested. That can be a certain web page, document or movie file for example.

Your IP address can be logged at every step of the process. Most likely the Brazilian government will monitor who visits their website, your ISP logs your IP anyway, and in between some other networks you come across might also log your IP address.

Why does this matter?

Open to attacks

First of all, people can try to access your network if they know your IP address and have some knowledge of network security and how to find loopholes in that security. So if you visit a website that is run by a group of hackers who want to spy on you or steal your data, once they have your IP address they can start breaching your network security.

Of course today it’s usually not a single person sitting somewhere and trying to take down individual computers. Instead, the whole process is automated and IPs are collected and networks are scanned for possible loopholes or backdoors.

(Having a router at home instead of being connected with your computer directly to your Cable / DSL / Internet modem can prevent some of the more common network attacks by the way.)

Once a backdoor is found, usually a small program is installed that can be used to install larger malicious programs on your computer, monitor your keyboard input, take screenshots, or hijack your browser.

These infected computers are often then used to attack other computers, or as a base of operation for more serious crimes. Needless to say, you don’t want this to happen to you.

Big brother knows what you are doing

The second reason you might not want your IP address logged is that it makes it easy for the government or any other authority to monitor your activity online. I personally have nothing to hide, but still do not feel I want to be profiled by some data mining software and judged for what kind of person I am depending on the websites I visit.

If the government really wants to it would be very easy to find preppers. They just have to look at the Internet activity profiles and filter out people who frequent certain websites.

So what can you do?

You will want to set up a virtual private network (VPN). You create a direct encrypted connection to another computer and from there you access the Internet. Because of the encryption your ISP has no idea what kind of data you send or receive.

It also hides your IP address, because your home IP address is not visible on the Internet and instead just the IP of the VPN server. You share the VPN server IP address with other people so there is no way to identify what websites you are browsing (because it could have been someone else too).

Here is how using the Internet without and with VPN works

[flashtag path=”https://shtfschool.com/imgs/secintro.mp4″ image=”https://shtfschool.com/imgs/secintro.png”]

New Online Privacy Course

In our new Online Privacy Course (FREE for all current Selco – One Year in Hell members) I will walk you step by step through all details of how to set up a secure home network, use the Internet without being tracked or profiled, establish safe emailing practices, make your local data storage safe, use encrypted voice over ip connections and more.

You learn what really works and not some security theater b#llshit that is spread by many who just spend a few days searching on public websites for security information. Yes, that pisses me off because feeling secure while not is even worse than not being secure and knowing about it.

There is a lot of false information out there. If someone is serious about security and recommends services like hidemyass or hushmail they have no idea what they are talking about or even worse, want to give you a false feeling of security. Both these services have cooperated with authorities which led to arrests of people in the past, so they can not be considered safe.

In our course you will really get to know what’s going on. This goes so far that I will show you how cyber criminals in the US and Europe are set up and operate. What works for them to not get caught, does work for normal people like us who simply want to keep our freedom as well (and is 100% legal if you just skip one step of the cyber criminal setup).

If you Google for VPN providers you will come across a lot crap providers. Many are actually logging your local IP address (to protect themselves) and therefore can hand it over to authorities if they are pressured to or receive a court order. This is security that is none.

In the Online Privacy Course you will learn what to look out for when choosing a VPN provider. You will also get a list with VPN providers who have a true no logging policy – even when their servers were seized by authorities, no users were identified (because without logs, nobody can be identified…).

Besides that you will also learn about several of other possibilities to make your communication and data bulletproof.

If you think this is not possible, you did not check out the course. I show you how can stack layer upon layer of security in a way that makes it simply impossible to get to you (VPN’s are just part of the puzzle).

Right now the course is free for everyone who is member of Selco’s Online Course. So if you sign up today you will get access to both courses.

You will get video tutorials and step by step instructions with screenshots for everything but if you have any questions or anything is unclear I also answer questions in our forum. If you did not know, we also have a 30 day money back guarantee because we are confident you will like what you learn.

Current members

You will see the link to the course in the members area menu on the left.

You might have to logout and login again that your permissions are updated and you can access the new area.

30 responses to “Online Security Matters”

  1. MikeM says:

    Just checked out the new online security material in the bonus section.
    YOU ARE AWESOME!

    Anyone who believes in prepping and doesn’t get your SHTF course is nuts.

    Thanks,
    Mike

    • Jay says:

      Thanks man! I really did not hold back there. This is all the cutting edge stuff. Glad you like it.

      • HalfKin says:

        Question –
        Since I have had the same email address for over 16 years and have only changed my password once, recently, and have been ALL over the web – from survivalist sites to nuclear sites to conspiracy sites, purchasing preps with a credit card, (never a debit card,) isn’t it a little late for me to even consider this as a security option?

        • Jay says:

          HalfKin because log files are kept only for a limnited time (a year in some places) “going undercover” now still makes sense. Use some addresses for one thing and others for something else.

  2. Mbuna says:

    Here are a few (free) things I do that helps with security (not as much as renting a VPN provider will).
    Startpage – I use this for all my web searches, it anonymously bounces it’s results off of googles search engine and doesn’t log any tracking info. You should always be sure to do your web searches from something you don’t have an email or anything else linked to.
    TrackMeNot – Plugin for browsers, it sends out random searches to all the popular engines out there to hide what you really search for. This makes it harder to track your trends.
    Ghostery – This plugin will show you detailed info on who is trying to track you at any given site and let you manually block each thing.
    DoNotTrackPlus – Similar to ghostery but blocks automatically.
    Adblockplus – This plugin blocks all picture ads that show up on websites, clicking on these ads often introduces the viruses on your computer that gives hackers more control.
    Again these are minor things to help with security, getting a trusted VPN tunnel would be the absolute best solution.

    • Acorn says:

      You bring up the first thing that I thought of with this article @Mbuna, which is quite good BTW, if this level of security is not maintained to all layers you can be compromised. Browser and Flash cookies can sell you out. Same with an unsecured cell phone browser. SMS and MMS messages are also in clear text. If you are worried of governments tracking that’s another area you need to secure. Insecurity in one area can tie together other activity that you had secured as well. If you are aware you can change your behavior on each device, but this is just the tip of the iceberg. 😉

      • Jay says:

        Absolutely. If you look at why people get busted for things you will usually see the human element has failed. Getting a more secure setup and creating habits that you also use it takes some time.

    • Anonymous Stranger says:

      Normally don’t comment but please do NOT use Ghostery as they have a data-sharing agreement with other entities! (Google it for evidence). Try using Disconnect instead for blocking.

      Also try:
      Adblock Edge — Blocks ALL ads (Adblock-plus still lets some through. If you are okay supporting some basic text ads ADP is okay).
      HTTPS Everywhere — This tries to force an HTTPS connection to all sites. If you don’t have an encrypted connection all your data may be passed in plain text across the internet.

      For advanced users:
      NoScript — block almost all scripts, etc. by default and only allow ones from sources you trust.

  3. Txmum says:

    Amazing new course. Thank you for this. This is an area that I overlooked, but not anymore!

  4. AnonymousForAReason says:

    If (and only if) you are a tech geek, it is quite possible to set up your own VPN and not bother with VPN providers.

    DD-WRT with VPN and Tomato USB are both good google terms to use as well as OpenVPN to see what is involved.

    Our group uses net gear 3500L routers re-flashed with tomato VPN and we generate and self sign all our own certs.

    This is not about browsing the net. It is about establishing a secure network between locations over the internet, but using encrypted channels. A true darknet, where private chat, email and other servers can be run that are not visible to ANYONE on the internet.

    As for private browsing. I haven’t looked into it as much. TOR looks like a good place to start. When people hear TOR they think “music piracy” but the actually purpose of TOR is communications channel OPSEC. Not necessarily related to VPN communications at all but might make a good combo.

    A browser connected to our vpn does not have any access to the internet. That’s the whole point..

    • Jay says:

      Nice. Yeah, for internal communication your setup is perfect. A darknet with your own certs is one of the best solutions for organizations who want to keep their business private.

      I use a similar setup with a router running custom firmware (a flavor of Tomato) and connecting directly to one of my VPN providers (and then a Socks5). It makes sense but it is quite tricky to set up, so in the course I explain people how to setup OpenVPN with some tweaks (automatic auth for example) and how to setup a failsafe that one doesn’t accidently browse the Internet with the real IP.

      TOR is a good start but the problem with it is that you can come across bad exit nodes that intercept your traffic. It is rumored that some government agencies have done this but of course it is something to look into if your only concern is privacy and you do not log into any websites or do anything with personal data and so on.

  5. kunzang says:

    What I don’t understand is the IP address – is this for your actual computer, or for place you are accessing the internet. I travel alot. I have a MacBook and log into the internet from various wireless sources – private residences, cafes, libraries, etc. in different countries. Is ‘my’ IP address always the same, or does it change depending on where I am?

    Thanks!

    • Jay says:

      IP addresses are assigned to different networks. You can think like this: Each different network that you access has a different IP address, some change and some not. Within that network your computer has also an address. So if you get data in a Hotel the data comes from the Internet to the hotel network IP and then to your local computer. The hotel network IP will be visible to everyone.

      The good news is you can use your VPN from everywhere so you can take privacy and anonymity along when you travel. You just create this SSH tunnel to your VPN server from the hotel network and nobody within that hotel can see what sites you browse or what data is sent or received (because your data is encrypted that means unreadable until it arrives on your local computer that makes it readable again).

      If you have any more questions do not hesitate to ask.

    • Your IP will change, but your MAC address – think of it like an electronic serial number assigned to your device when it was made.

      Also, all the VPNs in the world won’t protect you if your machine is already compromised.

  6. Acorn says:

    It’s the linking of whatever IP you are assigned at the time to your MAC (Media Access Control) that enables tracking down to your specific device. Every device is assign unique (at least they are suppose to be) MAC address which is a string of hexadecimal numbers like this:

    00:a1:b2:c3:d4:66

    Using the provider’s logs to link whatever IP was in use at that time to the MAC that address was assigned is how they usually track activity. Every device with an interface has a MAC assigned and the MAC contains information on the manufacturer and can potentially even be used to track down to you as an individual. For example, if you registered your hardware with the manufacturer for warranty and provided a serial number etc. they will have a record of who purchased the device and can track it back to you. There are some devices that allow you to change MAC address, but this pretty uncommon.

    Hope this helps.

    • Jay says:

      I talk about this and other things in more detail in the course but just wanted to add, it is pretty easy to spoof a MAC address with the right software which would make sense if you would access other people’s networks and do not want to leave traces.

      • Acorn says:

        Not to be pedantic, but I said devices that allow you to change the MAC are uncommon, which in my experience is true. Spoofing a MAC does not modify the hardware it’s usually in the device driver layer in the OS that this is done via software. If you cover this as well that is awesome! I’ll have to check your other articles.

        • Jay says:

          I never disagreed with you Acorn. You are right of course. I just point people to the right software just in case because it is not really necessary to do in your own network at home imo.

  7. sunflower says:

    Like greek to me. I can type and press a switch off and on.
    No kids or grandkids.
    Over my head, but nice contribution. Nice surprise.

  8. anonymous says:

    encrypted communication has a very distinct signature as opposed to unencrypted communication.

    you can think of it as a beacon.

    it is trivial to select people to observe based on if they are encrypting or not… assuming your friendly ISP is coopted.

  9. Eric says:

    I have a thought on this subject.

    I think my thought is important because I am a Network Engineer and I have worked at Tier 1 providers.

    Here is the thought: You may take for granted that EVERYTHING you do that involves any sort of telecommunications is compromised. I could write 100,000 words on the subject and it would come down to this… Do not do or say anything online that you would not wish to see on the front page of the New York Times.

    Hiding from the government?

    Don’t bother, unless the process itself makes you happy in some way.

    But doesn’t the government monitor the internet?

    Buddy… the government monitors ALL electronic communications. Circuit switched, packet switched, VPNs, encrypted tunnels… it doesn’t matter.

    Worse… With the massively parallel computing available today I am very doubtful that you can find an encryption method that a machine can’t break.

    And if you DO…? There is no bigger red flag than using an encryption that the government can’t trivially break any time they want. You want to use the latest 1600 bit SHA-3 encryption on your e-mails? Believe me… the nerds at the NSA will put down their coffee cups and set about finding out what you think is that important.

    You’re some uber-smart Alpha Nerd who has come up with the first contender for NIST’s Sha-4 competition and NOBODY can crack your new code? You’ll get ACTUAL spies rummaging through your trash and anal probing your dog, because they are going to want your code REGARDLESS of what nonsense you were actually communicating, which most likely involved some sort of weird Japanese anime porn anyway.

    You want to maintain a low profile?

    Behave like every other clueless citizen out there and don’t censor or hide anything you do on the web. Don’t use any encryption more secure than the WPA-2 that comes on the wireless router you bought at the Computer Hut. And if you have something sensitive to say, then say it IN PERSON. Quietly.

    Don’t be the needle. Be the haystack.

  10. Igor948 says:

    I agree with Eric. I am a network engineer too. You are more likely to draw attention when you go out of your way to subvert normal communications channels. I monitor networks and I ignore the “normal” traffic, but when I see something out of the ordinary (like TOR, or VPN services, or himachi, etc.) I take a closer look. Hiding out in the open and exercising discretion is the best camouflage.

    Personal VPNs with self-signed certs are fun and come in handy. It may even give local government a headache until they call in “experts”, but if the feds are looking, they have the resources to break your VPN; don’t fool yourself. If you have to have some protection, using a live Linux OS booted from CD/EVE drive with a spoofed MAC across a personally created VPN with self-signed certs…but it is not bullet-proof. TOR is slow (and traceable).

  11. Zefjoe says:

    Best prepper site I have seen. All sides of the question discussed. Good Book says “in the presence of many councilors wisdom is found”

  12. pbbrown0 says:

    Back in the days before the internet was everywhere, a system adminstrator I knew was hired to help the Justice Dept. set up their security measures for the upcoming olympics. In his first day of orientation he opened the UADS file and redefined his security profile giiving himself administrative authority over the entire system. The next morning an FBI team arrested him and pulled him out of class. He was very proud of how he woke them up to a major security flaw in their system, and since he had been hired to help them with security they even gave him a plaque when the dust settled.

    The point of this story is that he did something he thought was subtle, but in fact IT GOT THEIR ATTENTION. When we talk about survival techniques, it is imperative to not draw attention to what you are doing. With a biillion people usng the web, the best security is to avoid patterns that will stand out. Look like just one more of the sheep. Do not let yourself look like an interestng target for any one who cares to be hunting. Hiding in plain sight is far more effective that trying to develop a potion for becoming the invisible man.

  13. synrgii says:

    Is this still up-to-date?
    I tried OpenVPN and it never worked. When I checked my IP address with http://www.infosniper.com before-and-after enabling OpenVPN, it was always the same and the traffic never went through it. The Customer Support was very slow, and they were all about the $5/mo and not so much at making sure it worked.
    Everything ends up being so damn complicated and just more wastes of my time. Why is this so hard to just have a little anonymity??

  14. Jim Crook says:

    Anyone who are serious about their privacy should avoid using Hidemyass because it not only will keep logs for up to 2 years but it will also cooperate with authorities. If you want complete privacy, you should use no log VPN providers: http://vpntips.com/hidemyass-alternatives/ or look into setting up your own private VPN.

  15. NnIp says:

    I’m not a computer ‘nerd’ and I’m just starting to read this anonymity course but let me ask a big picture question: If 70% or even just 10%, etc. of people encripted or privatized all or most of their online activities, at what point would the NSA expend alot more time and resources? And doesn’t these efforts provide some protection outside from the NSA, CIA, etc?

    Just in the news in the last month or 2 the NSA, etc. are bellyaching about Google and others’attempts to hide.

    I agree that one should be a non-paranoid, let-them-screw-me-in-the-ass haystack but why not also do your civic duty and be the paranoid(just a little) needle?

  16. Sally Croft says:

    Anyone who serious about their online security must avail VPN e.g. Purevpn (http://www.purevpn.com/). It is the best tool for security

Leave a Reply

Your email address will not be published. Required fields are marked *