ATS Guide to Data Confidentiality - A MUST READ

Hey guys! Below is my data confidentiality write up. I worked hard on this because I think it's an important area of knowledge for this community. In the document I teach you what you need to know to hide your internet traces from your ISP/Government, as well as local data confidentiality and encryption. I hope you enjoy! If you like the tutorial please comment and S+F, nothing is more fun than spending lots of time on a thread to have two people comment. Also, the more people who see this the better! If you guys like the material I'll make it a series.



ATS Guide To Data Confidentiality

1.Introduction
2.Background Information
* What is Data Confidentiality?
* What is an IP Address?
* What is a Packet?
* What is Encryption?
* What is Hashing?
* What is Anonymity?
* Why Should I Care?
3.What is Data Confidentiality and Why Is It Important?
* Internet Data Confidentiality: A Practical Demonstration
* Ways to Achieve Internet Confidentiality
* CyberGhost VPN
* Proxies
* Ways to Achieve Local Data Confidentiality
* Whole Disk Encryption
* Data Shredding



Introduction

In this brief tutorial we are going to discuss the issues of anonymity and data confidentiality in today's world. Data confidentiality is becoming increasingly important in today's society and whether we're hiding our data from thieves or the government we'd better know how to hide it properly. We are going to add a new set of moves to your internet kung-fu by giving you the tools to protect yourself from the world's many peeping toms. HR 1981 is an attempt to force your ISPs to track your traffic for 18 months (if they aren't already), and it's brought to you by the same people who brought you SOPA. In this document we discuss the tools necessary to counter the government's attack on your privacy.


What is Data Confidentiality?

Data Confidentiality can simply be defined as “keeping what's private, private”. This can include emails and documents as well as content browsed on the web. A simple concept to understand, it can be relatively difficult to achieve. For instance: sure, Bob knows that if he has a particularly sensitive document on his computer he can use a popular program (or even his operating system in some cases) to encrypt that document on his hard drive. However, does he know that the original data from before the file was encrypted is still hiding on his hard drive? Does he know that every time he decrypts that document for viewing it's stored in clear text? What if he's not just concerned about his local documents? Perhaps Bob knows he has radical views of his government and he wants to cover his tracks on his favorite forum, Above Top Secret. How could this be achieved?


What is an IP Address?

An IP Address is a 32-bit address used to identify your computer on a network. Simply put, it's the mailing address for your computer. When you access outside networks like the internet you use a public address which is unique to your computer or organization (depending on your network setup). Webservers you access need to have an address to reach you and almost always this information is stored in the log files. Websites you access can usually very easily tell what your IP Address is, your ISP, the region you're connecting from, and the pages you accessed on the server. If you need proof, visit www.whatismyip.com... to see your current IP.


What is a Packet?

A packet, found in the Network layer of the OSI model, is a set of data. When you visit a website, the entire site isn't sent to you in one big string of 1's and 0's, but rather is segmented into similar sized packets and sent to a destination (technically segmentation is L4). It's like if you had a hundred books to send to somebody. You wouldn't throw all of the books into one cardboard box and ship it out you'd separate it into many smaller shipments and then take it to UPS, Otherwise the package (packet) could be lost or damaged on the way to it's destination. We'll take a deeper look into packets later.

What Is Encryption?

Encryption is the process of inputing data through a complex reversible algorithm in an attempt to make the data unreadable to unauthenticated users. Commonly, when one clicks on an encrypted file a dialog box will pop up requesting a password, if that password is correct the program decrypts the file and lets the user view it. The issue here is that generally a decrypted version of the file is stored deep in the harddrive space and is waiting to be retrieved by anyone who knows how to do it. This can be avoided by using whole disk encryption, which we will discuss later.

For an example of encryption look at the demonstration below. In this picture I have connected to a router and saved two versions of the same password. One is in clear text, the other is in encrypted form. By viewing the configuration file we can see the two values.




What is Hashing?

Hashing is the process of running a one way algorithm on data. Hashing is becoming way more popular in today's world. When you visit a website and you input your password, you generally don't want that password transmitting over the internet in clear text. We avoid this by running a powerful encryption scheme on the password before it leaves the computer and we send the hashed version to the server. Since the hashes cannot be decrypted the server runs the same algorithm on the actual passwords and compare the two hashes. Hashing is generally as secure as it gets.


What is Anonymity?

Anonymity is defined as the “state or quality of being anonymous”, and it is different but still is included in Data Confidentiality. To be truly anonymous on the internet, we want both data confidentiality and source suppression. In other words, we want to hide who we are from the remote server and we want to hide who we're talking to from our ISP (and the government). Ideally, the ISP shouldn't be able to tell we're browsing the web, just that we have some activity on the internet.


Why Should I Care?

You should care about your internet footprint because it can be used for a multitude of reasons. Hackers can obtain personal information including bank account information and your ISP can tell that you've got a weird foot fetish. Not to mention the use of trackers on websites, it's likely Facebook not only knows how long you've had that foot fetish but exactly when you acquired it. Notice the ads for women's socks on your FB? That's not a coincidence.

On a more serious note, the American government has been trying to restrict our access to a free internet for years. There is a conspiracy that says the government is already logging all information at our main connecting points to other countries under the patriot act (and I am one who believes it). HR 1981 is an attempt to force your ISPs to track your traffic for 18 months (if they aren't already), and it's brought to you by the same people who brought you SOPA. In this document we discuss the tools necessary to counter the government's attack on your privacy.

What is Data Confidentiality and Why Is It Important?

Internet Data Confidentiality: A Practical Demonstration

As we discussed earlier, there are two types of data integrity we're concerned with. We're worried about the files on our computer and our transmissions on the internet.

But just how much can an ISP tell from the packets that transmit over their networks? To answer that question, let's open our favorite packet sniffer, WireShark. It is important to note that this isn't just information that our ISP can see, this is information (unless protected against) anyone in our network can see. On company networks, administrators will generally use vlans to segment broadcast domains... But that's a different conversation.

So for this demonstration, let's just turn the packet sniffer on and visit our favorite website, Above Top Secret. By opening up the packet sniffer and clicking reload on ATS, we immediately see the sniffer burst into action.



Here we can see that the page was segmented into 548 separate packets. Contained in these packets is everything you see on the site and more. Your ISP can see you were visiting above top secret, your login name, your mac address, and so much more. An attacker can usually see all of this as well. Everything you do is transferred in clear text and split into a packet like what you see here. It is important to note that these packets can be very easily reconstructed to view the file in human format. VOIP phone calls are included in this, so if you have a VOIP phone on an insecure connection you can be sure the government can hear those phone calls with a touch of a button (and if HR 1981 passes they'll be able to hear them for 18 months).



Ways to Achieve Internet Confidentiality

In this article we are not only concerned with internet confidentiality but also anonymity. We want to hide who we are from the remote server and what we're doing from our ISP and government. So how do we achieve this?

The first gun in our arsenal is called a VPN, which stands for Virtual Private Network. A VPN is a private, encrypted connection between your computer and a remote network. This technology was originally developed for applications like providing traveling salesmen secure access to the private network from abroad. It has now mutated into a powerful tool to protect your privacy.

For our uses the VPN will create an encrypted logical connection to a remote server (usually in a non-extradition country). We will then use this encrypted session to transfer all internet data through the remote connection before out to the internet. By doing this we are essentially browsing the internet securely from a remote country. Web servers think you're in guatemala and your ISP just sees an intense amount of encrypted traffic with a remote server.

The next tool we have is a Proxy. Proxys are a good option because they provide some anonymity on the internet from remote servers, but certainly not from your ISP or the government. Proxies work by forwarding your http traffic through a remote server in a similar way to VPNs. However, proxies usually only forward http and are not secure from packet sniffers. They only hide who you are from the remote server. By combining the use of proxies with our VPNs we can make it even harder for people to even trace the data back to the VPN connection.



CyberGhost VPN
cyberghostvpn.com...

A google search for “free vpn” will yield a lot of results, but few from companies as trustworthy and professional as CyberGhost. These guys have a ton of servers in obscure countries and offer a free service. You get 1GB for free a month which is plenty (I've never gone over 1gb a month, though I only use the vpn for internet browsing).

To get started simply sign up for an account and download their client. It will connect to the best server (or based on your preferences of speed/encryption strength) and then restart your internet browser and you're good to go. The interface on their program is very straight forward and doesn't add a lot of overhead to your browsing.




Proxies
anonymiser.com...
www.proxy4free.com...

If you would like to add the benefit of proxies to your secure connection, I would recommend making it easy and using a simple free public proxy. You can find these on google or you can find a link to two of my favorites above. Be sure to connect to your VPN and then go to their site and proxy from there. I don't recommend using proxy programs as they're usually pretty bunk and they are likely to not be compatible with your VPN. When it comes to it, screw the proxy – you want encrypted packets.

Ways to Achieve Local Data Confidentiality

Just as important as covering your traces on the internet, you want to make sure your data is secure. Some of you might think you've secured your sensitive files by encrypting them but as we discussed early it is very likely you did not since those files are still on your hardrive in clear text. Even if you put everything on a USB stick and buried it next to the tree, evidence could still be on your computer.

So how do we keep our files secure and cover our traces locally? Simple: whole disk encryption. We want the disk our operating system is on to be fully encrypted and we want to have a password authentication when we turn on our computer or access sensitive files. This way even if there is trace evidence in the disassociated data it will be inaccessible to unauthenticated users. Below is a list of programs that will help you achieve this. Some are free, some are not. Personally I've been using PGP Enterprise for the past five years, it is my favorite by far. If you are not opposed to stealing software, isohunt.com is your answer. I also have personal experience with Best Crypt which is a wonderful software. Below is a photo of what it looks like when I turn on a computer. Also, included is a wikipedia link to a comparison of disk encryption software.

en.wikipedia.org...



On top of this I wrote a shell script which runs on boot and gives me two minutes to turn off the process. If the process isn't shut down it initiates a shredder on my harddrive. Just an extra bit of security.



Data Shredding

As we discussed with encryption, the same process which leaves a clear text version of your encrypted files also leaves a copy of your deleted files easily accessible on the computer. Since data isn't actually overwritten, just disassociated, the files are still accessible with a simple program. We combat that with the use of a data shredder. You can find these utilities usually within your whole disk encryption programs, but if not there's a list below and a picture of what the PGP shredder looks like. These utilities will usually encrypt the file and overwrite it several times.

www.makeuseof.com...





Hope you enjoyed the text. Now you have no excuse not to protect yourself.

So much info here...I know what my afterdinner reading will be tonight...
Thanks for taking up my Sunday evening....jerk haha

I try. This is just a brief over-view, if it gets a good response you'll see more like it. Thanks for the comment.

Going to have a good look, thanks for posting.

From here on out, anyone that connects to the net will have big brother watching. That is the sign of the times. Anything you can do to slow it down is good. The best tool is to never connect, but then, whats the fun in that.
If you go to all the length to protect yourself, then you give only more reason to be watched. Catch22. Along with the discussion just done on TOR, this only gives me more reason to seek it out. My router got nailed "again" by someone here in the complex. The sad part was, no outgoing traffic, but my HD's were sure lighting up. Thanks again WiFi. Staying wired now.

Your hard work has not went un-noticed, many will read but not all will respond. Many read ATS without ever logging in, me included. You have opened my eyes to one fault I have made. That will be fixed pronto as I do research work as a contracter. I encrypt that data for sure.

If I can figure out the way, you get S&F for sure.

thay

Hi
Very nice post, you probably scared the pants of many

I got three os's installed. One where I install EVERYTHING. Another for general web browsing and another very tight for sensitive online stuff such as purchasing etc.

After setting all this up I burn a copy of each os to dvd.

If I am in any way suspicious I bin that os and then copy it in again from the dvd.

So, a question.
If I encrypt a drive and that os goes down can I still access that drive from another os?

Shredded after two minutes!!! The phone rings, you answer, two minutes later you got a dead drive!!! Am I reading that correctly??

I'll say again, Very nice post. Keep up the good work.

Haha yeah I pay attention when I power on my computers. That's been my protocol since I was 15 and I've yet to fail completely (plus I generally have anything important backed up remotely anyway).

In regards to your question: the boot prompt with disk partitions is installed in the MBR so you'll see it before grub or any other boot loader and long before the computer attempts an OS... So technically speaking you can have three operating systems all encrypted with the same disk password (though you can make it more secure by encrypting by os), or you could have a broken OS inside an encrypted disk. You could even uninstall your disk encryption utility or completely wipe the hardrive but as long as it's still encrypted you'll still get the boot prompt and security features.

The negative with whole disk encryption is there is no "oops I forgot my password". If you forgot the pass then you'll never gain access to the hardrive again. Since generally encryption passkeys are super long (mine is an entire sentence written in leet speak) you'll need some mechanism for remembering (or you can use a key drive - though this is less secure).

Thank you guys for the kind words!

OP: S/F for your hard work!!!

Have you used TruCrypt? It is free. Any opinion?

Edit: Thanks again! My IP is now anonymous thanks to Cyber Ghost! I guess once you've laid down tracks they can always be followed back to you unless you lay down new tracks via your new found anonymity.

While it isn't free, I've been using Evidence Eliminator since it first was offered. It wipes data to DOD specs and finds things on your drive you might not know are there. It's a bit pricier now than it was 10 years ago but it certainly gets a in my book. Like any data wiping utility, be cautious with how you set it up since once the data is wiped, it is gone for good.

I'm no tech head myself so this is very much appreciated.
Looks like you've broken it down into terms simple enough even for me to understand.
For that I say THANK YOU!!
Very important information in this day and age.
You've done a great service to your fellow members.

This is great information and presented in an easy, for beginners, format.
Appreciate the effort, OP.

I am replying to show I read it. Now, my concern is how secure is Cyber Ghost. (I am also now subscribed to this thread.) I don't do anything illegal but I just don't want people to know what I am reading.)

reply to post by Nite_wing


Its ok for masking your IP and trafic content but there are more ways to identify you than just your IP. You would need to disable java script , flash and wipe your cookies at the end of the session to be safer. Just your bowser signatures could give away your MAC address if you are not careful. You really need to customize your browser to be safe-er.

Of course you have also got you trust that the VPN or proxy you are using never gives its records over to the authorities of who has been using its services. There have been cases where they have been forced to hand over details by the courts. This is harder to do if the servers are physically located in other countries though. Some VPN or proxys say they dont keep log but you just have to trust them on that..You are totally at the mercy of the server owners.

Also you have to hope that the VPN or proxy isnt owned by the authorities in the first place.

Thank you OP!
Brilliant post!
S&F

reply to post by badfish420


Man awesome post. It is late here and the power just came back on after four days of being out - winter storm. But I have the next two days off and will devour this tomorrow. Yes! More please!

Ya S & F for sure
Posting to keep track of it Yes more please

great post buddy, . Thing is i agree with a comment earlier regarding if i have all the protection then some will question why?

I mean i dont download files i read only what i can on the internet, i/we (my partner) watch a lil blue film ect, but i/we dont do anything wrong on the net? I mean i could do with a proxy maybe i play alot of xbox and i know people can easy see your ip ect so if i had that would i be ok?

Im not sure but i think maybe somebody keeps connecting to my wifi in my street though ? it keeps dropping connection and dipping, If this happens how can i check to see if theres somebody connected? I've changed a password for connecting and that. If its easy and free and worth it i suppose there's no harm, good thread

Originally posted by intuitive
great post buddy,

. Thing is i agree with a comment earlier regarding if i have all the protection then some will question why?

I mean i dont download files i read only what i can on the internet, i/we (my partner) watch a lil blue film ect, but i/we dont do anything wrong on the net? I mean i could do with a proxy maybe i play alot of xbox and i know people can easy see your ip ect so if i had that would i be ok?

Im not sure but i think maybe somebody keeps connecting to my wifi in my street though ? it keeps dropping connection and dipping, If this happens how can i check to see if theres somebody connected? I've changed a password for connecting and that. If its easy and free and worth it i suppose there's no harm, good thread

First off disable SSID broadcasting, that will make it so the "casual Joe" does not even see your wifi network. Rename your wifi to something obscure preferably a random string of alphanumeric characters...make sure to remember these or write OT down somewhere safe. You will need it to connect devices later.

Change your password to a PW that is at least 14 characters long use: letters (both caps and lower case), numbers, and symbols.

Example: GtErtje/$1seR/a

The above steps will go along way to securing your connection, but it won't stop determined hacker.

If you want to monitor your wifi activity, download Wireshark (free packet sniffer) an excellent network monitoring tool. The Wireshark web site has a massive amount information on how to use it's program. Play around with it, it is a great and very in depth product.

thank you will download wireshark then, and i will do the proxy aswell later.

hey i just downloaded wireshark and had a quick moment capturing and stopped it, I have no clue what i see but i have a red line? is this normal? i dont know what to look at, read nor do about it? stuff like thid makes me wanna uninstall at first because i have no idea, lol