survival guide

Privacy attack vectors

Your local Y l l machine

Enroute t E t to destination

The Th website b it you accessed

Beacons of i f B f information l ft on your computer ti left t to track browsing and preserve state

Often friendly.

Content stored directly on your computer to enable faster access without retransmission

Usually helpful.

Cookies that just dont go away. Including the don t infamous Evercookie . Never friendly Evercookie.

Persistently stored IP address of all the websites you visit. Often overlooked

Can see most data in-transit

S.O.P.A. P.I.P.A. A.C.T.A. T.P.A.A. C.I.S.P.A.

TRUSTED MAN-IN-THE-MIDDLE BREAKS SSL/PKI

- Your IP address

(this links you!)

- Your browser details & plug- ins plug - Th website you came f The b it from - Pages visited & what you did there

about that party you said was da - bomb da-

a nd shipwreck your new yacht off the coast of Nigeria

in court to assess fines for the songs your kids downloaded

who build comprehensive profiles to influence you

If you think its okay for the postman to read your mail before you get it

Otherwise,

COUNTER|MEASURES

Mac, Linux and Windows http://bleachbit.sourceforge.net/ http://bleachbit sourceforge net/

Windows only http://piriform.com/ccleaner htt // i if / l

Open the DOS window > ipconfig / flushdns

(cmd ( cmd in start menu)

Open the Terminal

> sudo killall - HUP mDNSResponder > sudo dscacheutil - flushcache
[Lion] [v10.6]

Use a VPN that does host verification (SSH)

http://hushtunnel.com

Show the IP you are actually transacting with

https://addons.mozilla.org/enhttps://addons.mozilla.org/en - us/firefox/addon/showip/ *shameless plug **recent info leaking concerns, but can be done manually

for the website using online service (mxtoolbox.com, dnswatch.info, etc)

Windows: netstat /na Mac/Linux: netstat - na

[in DOS] [in Terminal]

https://www.torproject.org https://www torproject org

routes traffic through worldwide volunteer network (public) to conceal IP & usage

routes through HushTunnel anonymizing servers (private) to conceal IP & usage

http://www.hushtunnel.com http ://www.hushtunnel.com

5 covert maneuvers anyone can practice

(Pretty Good Privacy)

A popular method used t encrypt l th d d to t and decrypt e - mail over the Internet eTutorial: http://inficron.com/pgp- tutorial/ http://inficron.com/pgp -

(aka shared email account) shared account )

An older method recentl pop lari ed b an recently popularized by FBI investigation into activity by CIA agents. Communicate by saving messages to drafts g y using an anonymous, shared email account.

(hint: use a gift card)

A few gift cards will enable you to register, & purchase anonymously online, limiting exposure to fraud and predatory billing. Visa gift card locations:
http://usa.visa.com/locators/gift card - locations jsp http://usa visa com/locators/gift - card- locations.jsp http://usa.visa.com/locators/giftcom/locators/gift-

(or the spam trap) the trap )

Register a fake email to sign - up for services g sign- p g you dont trust. Use it liberally to minimize unwanted marketing to your real email. ProPro - tip: setup forwarding to your real email, and filter to a junk folder locally. j y

(create an identity illusion)

Control public perception of you online by generating favorable content in social networks, articles in article directories, blog posts, and forum comments posts comments. Focus on quantity and quality of content q y q y to appear in a searches for your name.

(Pretty Good Privacy)

We spend more and more time on the Net Net. Sometimes even more than the real world. Always maintain control of your identity and personal information online.

Privacy education by:

http://www.hushtunnel.com http ://www.hushtunnel.com