Metody pozostania w ukryciu w sieci i w terenie

Hi, my name is Dariusz Jakubowski, you may know me from the Irc, the Necro666 skirt. I was there last year, but I couldn't make it to the presentation. I wanted to make a confession about how it looks like. I haven't been to the Blisite site before, I'm not very into security. Generally, I made a general basis today when it comes to maintaining privacy and security in the city and in the field. It will be very simple. I regret that my colleague was pressed before me, because he did it very well, in detail, and it would be a great development for what I want to show today. And now, the things I will show are very simple, the ones

you know. Or maybe you've heard of it somewhere, but there's so much of it that someone will notice something new. I was inspired by a certain detail. Don't comment, let someone who has seen a sachet of vanilla sugar raise their hand. A lot. And it's in this thing that you've seen shit, because vanilla sugar is vanilla sugar. I found out about it after 20 years. All his life in a lie. It's a detail, but how can you think that you can have something in your hand for 20 years and not have a clear idea of what it's called? Everyone made this mistake. Who knew it was vanillin? No way. Okay, I went out on a fool. But a few people didn't know, you understand

the point, right? So, to not bore you before lunch, I wanted to do a lightning talk. I think it will take 15-20 minutes, there are a dozen slides. The presentation is divided into sections: what to do in what situations. I started with the most common materials. In my opinion, this is probably the most interesting topic, because there are a lot of things to be careful about, which are known, but they are so old that they have not been on any new articles, on Z3S, on Niebezpiecznik. It was simply shown and forgotten a long time ago. And now, when people spread such materials, they can make such a gaff that they should know about. The first one, which is probably the biggest wow, and

little is known about it, is the pre-sound. Has anyone ever heard of such a phenomenon? Three or four people. The pre-sound is certainly familiar from practice. If you move the microphone too much to the speakers, to the computer, you start such a typical grumbling. The problem with this argument is that it is an argument about the frequency of the network. The network has, as we know it well, 50 Hz, right? And this is the accepted frequency of our electrical network, but in reality it is not constant. If the turbines get more, say, water, they work a little faster, the frequency fluctuates by 5 Hz in T3 in FT. And all of this is registered. These

changes in the frequency of the electrical network are registered on a specific power plant at a specific time. If we send, build any video material and record it on a stationary computer, this sound can be audible, it can be even not audible, but it can be played in a software like Audacity, for example. Generally, many people miss this. As you have seen, only four people know this, and this is basically the first thing the police and any other officials check. They check the low frequencies, they check when and which power plant gave a signal in such frequency and they have a pretty tight circle. I wrote here: "From 100 to a dozen kilometers, it depends on the place where it was recorded, because in the north

of Poland there are definitely fewer power plants. We know that it went to this power plant, but it is around 100 kilometers. Here in the south we have a lot of power plants, so it is very easy to narrow the circle, even to the city district sometimes. I said it during the identification of this watch and generally you can protect yourself from it, even very easily. The point is not to use direct power from the network. It is clear that batteries and such things do not cause this noise. We can easily overlook it, but in this case, if, let's say, this computer is connected to the network, it's already working. These disturbances are already noticeable

in the computer, they can be eliminated. If I turn off the charger, It has no connection with the network. It won't go anywhere. Maybe now it's a bit close, because there are microphones and speakers that will affect my microphone. It may be there, so stay away from the electrical networks as much as possible, spreading video and audio materials where we would like to keep... Yes, a colleague is asking. Registration, yes. Maybe a microphone? I like it very much, we can ask questions during the presentation. I don't know, maybe someone will add something and there will be more information. I am very much interested in the monitoring of the power plant. Are there any registrations and what are the needs? Generally, I know

what you mean. There is not much data there, because these are just simple logs, which are stored anyway. It is not only for the purpose of targeting bad people. In fact, they just want to check. The city, the power consumption also affects the frequency of network work, because turbines are more burdened, they rotate slower, so they have to adapt to the current needs of their turbines, their load, not only turbines, but also a lot of other power units, and also for statistical needs, of course. Moreover, it is a fact that these bases are known, you can use them, I mean, there is no public access, but we know how such things are protected, right? It was not a

joke. I'll drink for a moment. It's very hot here. Next is voice manipulation. This is a topic that the security services in Poland have not yet been so concerned about. But we know that everything usually happens in the West, the far West, and problems are made there. The PRISM system is known and is a fact. Most people know how it works, others do not know how it works, but I will just shorten it. It has a very large sound sample database and it can also search for other materials after sound samples. So if we put some video or audio file somewhere in which we say something we shouldn't be saying, right? I'm talking about the

sound of birds. Is it true that Siri and other such androids... Jesus, I have no idea, but I wouldn't be surprised. I really wouldn't be surprised. You know, generally, even unconsciously, because Prism controls the entire Internet traffic in the USA and everything that goes through it. Although Siri certainly has local recognition of voice, so these samples wouldn't work. Siri recognizes voice locally. I don't know about Android. I suspect it does, because it's not such a super complicated thing. So probably not. Nevertheless, if we have a video on YouTube, they can check, connect our audio file with some of our videos on YouTube. It was proven to be quite effective. Now, people often make a change in their voice, like very low-pitched voice, like a closed face and very

low-pitched voice. It doesn't work. You can easily reverse this process, unless it's done well. But usually it's not done well, it's easy to reverse this process and get the original voice again. It's put into PRISMA or other alternative systems, because there are more of them. There are also the same devices, but with hardware. They are complicated to use, require sterile conditions, like a pre-sound, so we are falling into the rain. They are expensive, hard to use, I would rather refuse. And still, they don't guarantee us 100% security. In fact, if we want to spread such video material, which should preserve some anonymity, privacy, a speech generator, nothing else. Open source speech generators, we know, no metadata, no

hidden data, they don't add anything to us, so here we are completely safe, because this use doesn't come out anywhere, there's just nothing to cling to. So even absolutely no sound in any video clips and the like, the sound from the speech generator itself And that's it. Next question. Cool. Speaking of speech generators, so what? Iwona and this kind of stuff? Exactly, exactly Iwona and this kind of stuff. I don't know if Iwona is adding something to Open Source, but I would doubt it. Okay, so all the jokes that record these funny videos on YouTube are safer than the jokes of YouTubers? Basically yes, basically yes. Basically, basically that's exactly how it is. Next, image.

Many people are very happy with 4K cameras, 60 fps, we make very nice quality video material and this is also a very big mistake, because even video fluidity provides a lot of information from such a very fluid video. We could easily, really easily make a 3D model of the entire room. Maybe not from every angle, but it is enough to provide additional information, as we know, In CSI, everyone has seen a very pixelated video clip, there is an enlargement, the B4 square is enlarged and there is a clear face of the delinquent. This is possible. In reality, it is possible, because if we have low quality video, but there are either a lot of frames

or we have a lot of this material, we can connect some dots between the frames, so to speak, and get much more clear picture than it is only on one cage. So you have to be careful about that and limit such materials to the worst possible quality and the smallest number of frames per second. Such disturbances are very friendly. And now we have this. Next, reflections. A very cool algorithm was developed at MIT, which in the case of, for example, here I am being recorded, There are no reflections, but on the other side there is a window. Our eye can't see it, our brain doesn't register these reflections, but these algorithms can very easily capture

a completely different image from the reflection of the window. I don't know if anyone has ever encountered something like this, with this algorithm. Very cool thing. So I'm glad that something new. We give it a video clip. The algorithm takes out one video that is recorded as if it were what we want, the reflection itself, Or the first one, without any reflection. Also additional data that we can look through, because we won't notice that something is reflected. That we are reflected, that some details are reflected there. This algorithm will catch it. Of course, you also have to avoid any natural conditions such as weather, wind, sun, planes, not at all, because a very loud example

was when the Forchanians found a flag hung by Shia LeBeouf. I see that it's a well-known example. It was enough to take a picture of a flag and a plane flying in the background. They would immediately tell us where the flag is. Even though it was hidden somewhere in the middle of the field, they would tell us without any problem, based on the angle, the time of the day, the sun and the flying plane, where it is. They would tear it apart. The second one later as well, but it was boring. Next, to distort the image. If we do something like distorting the image with tools like Photoshop, I mean the Afterlight from Adobe, it works because it's not generated live by some

noise, which we could potentially measure, but it's just static images that are being edited. and the camera is still still. As I said, to limit the movement as much as possible, because it provides a lot of details, like we can map a scene in 3D, it is also sometimes visible in CSI and it is also possible, such things really happen, and the services have proven to us many times that they can do such magic that we even can't believe. This is a relatively new topic, but it has a second bottom, which few people know about. Has anyone met such yellow ones? It's hard to see them here. They are marked and I will leave them unmarked a bit, because we don't know what the quality

will be on the projector. Does anyone see it? Is it visible? This gentleman sees it. Okay. Generally speaking, there are a lot of printers. It was modeled on the system we have on current notebooks, it's called Eurion, I'll tell you about it in a moment. and makes very small dots on a small piece of yellow paper, which are completely invisible now. We make hundreds of such prints, these dots are there. There is the date and time of printing, serial number of the printer, often its name or the name of the computer, something that will allow the service to possibly make a letter with requests and so on, to measure where it comes from. They are

already making such additional security. Who hears about this mechanism? Not bad, but not everyone. Question? You heard it, great. There was a question here, right? No, there are no monochromatic ones. As far as I know, there is probably some other mechanism, but the mechanism works the other way around, because it was first made in scanners, it's called Eurion. You've seen new banknotes, they have such funny, even Polish ones, Polish zlotys have yellow circles. This is a scanner mark. If the scanner detects these circles, it will not allow scanning the banknote. We remember that Photoshop does not allow processing and printing of banknotes. This is the core of this technology. This only worked in the case

of dollars. Now every banknote that has these dots on it in the Orion constellation, that's why it's called Eurion, will not be scanned. Just a little note. On the EFF website you can find a list of well-known printers that add these dots. You can easily find them. You also need to use network printers. I don't have to explain why. We can add these dots ourselves or modify the print. Any questions? It says "Do not use network printers" Yes, but not because of dots. So if I take a standard printer from the 90s and plug it into a Linux capsule, I'm safe, right? Is a capsule safe on Linux? Ask yourself this question. Because I don't care about these dots. I don't care about these dots. Here is an additional

point: "Do not use network printers". Because we don't know what this network printer is doing and we don't know who has access to it. So if we do something like that, someone can get into some cache, the printer can send something like that, we know such stories. That's completely beyond that. False identity. From that moment on, it's getting boring, but we'll do it for the very principle, for the very fact, because as I say, everyone will learn something new. I think there are three sensible Three useful ways to achieve false identity for different purposes. Each has its own advantages and disadvantages. It depends on what we need it for. It is worth using data generators.

With each smallest operation, we save the generated identity. We have internet generators that generate a lot of cool things for us. Location, PESEL, documents, security numbers. A full library of a fictional person. The advantage is that it is fast. I'm listening, buddy. You have to speak loudly. I can't because I don't know the addresses. Fake name generator, fake ID generator, there's a lot of them. The first one that will pop up is fake name generator.com and it's very cool because it can generate an email box for us, which we have physical access to. So we have an email sent to a fake person and this box actually exists. Ok, something local. There's a lot of details, it's worth having it because if we call,

I mean someone scams, He calls somewhere, tries to find some data, and no question will surprise him. "Where are you from? What's your education? This and that, maybe your PESEL number?" Of course, he has everything in front of him, and with such a common question, he still has it in front of him. so don't invent a new one, is data consistency. The problem is that if a person is googled on the Internet, they don't exist. Their documents, their generated numbers don't exist. So any moments of this kind are lost. I don't have to explain it, but the plus is that it's very fast, free and extremely convenient to use. Even in everyday life, when you

register for a newsletter or something, it's worth using something like this and have peace of mind for the future, so that you are not associated I was afraid to do that. Greetings to some guests. The advantage of this solution is that we have an existing person, who can be found on the Internet, but he is certainly in the databases, such as KRD, BIKI, and all the places where we can actually take this moment. if someone needs cash for some operation. The problem is that such an operation is time-consuming and relatively risky, because as I have shown, it can be easily I wrote here: "the lack of connected internet accounts" because it is not always guaranteed. Usually, when you are fooling around with such data, such documents, you will find

Janusz, who does not necessarily run Instagram or have his own Twitter. They just exist and sell Passat on Elixir somewhere. Stealing of internet accounts. This is probably the best option, because I've never been interested in how people cheat on someone's moment and stuff like that, more stealing of internet identity. Are there any sites, does anyone know any, like Willik.info and stuff like that? No? Oh, there you go, what a surprise. Sites like Have I Been Pwned, where we enter our email and it shows us if our password has leaked somewhere. Do you know that? Perfect. It works the other way around. We enter the email we want to have. So all the databases that this website checks, we can't access them, they have them and they check

if it exists, if it's good or not. In WeLeakInfo websites, there is indeed access to such information. It looks different with legality in different countries, but it exists. It's very cheap, because you see here, like a price tag, for daily limited access we pay PLN 8. Thousands, basically millions of internet accounts with passwords, connected neuralgic data that usually work. I was really surprised that something like this exists on the internet, normally open. They receive Bitcoin payments, they also take care of our data, such as NordVPN, no logging, nothing like that. The plus is that we have options here, not like we're waiting for Janusz to give us his ID or driving license, we target attacks here. We have someone's email, we look for him, we

find him here or there, by name, by nickname, there will always be something and we have a specific person who someone would like to attack. Next, wireless devices. There are also a few things that not everyone is familiar with. SS7, the last popular topic. Does anyone know it? Well, less than half, but not bad. SS7, to put it colloquially, is the Internet of cell phones, the Internet of GSM and and this kind of things. Generally, operators have access to this network, where they can communicate between each other. Private people don't have this kind of access, they shouldn't have it, and you can buy it for about 500 PLN per month. I thought someone asked a question, sorry. We have access to this

network, we can perform such operations on it, like I have someone's e-mail number or I have someone's phone number, I can ask the network Where is this person? What is the connection between the BTS and the force? If someone is here on the street, I can see that he is connected to some... I get the BTS number, the BTS map is publicly available, I enter the BTS number, I see where this person is. I can do it in real time, without any restrictions, it is not intended, because it does not require any interference from the user. There are even services that allow not only direct access to the SS7 network, in which we can listen

to conversations, we can intercept them and disconnect someone's phone in a very simple way. It is a very old network, it is very poorly designed, but people assume that since there is no access to it in public, you can leave it that way. And a mistake, as you can see. Now, analysis of changes, similar to police, because you know, I am 100 meters away from the BTS, but if I quickly jump to the second BTS, my algorithm, my program can already realize that I am towards this one BTS, so he draws a line and we have a kind of triangulation, we narrow down the position of a person, we can measure him with accuracy of a few meters. The

police does it the other way around, so they ask for a net, also SS7 from what I associate, and all the BTSs to which Which BTS can see our phone? It works just like GPS, but on the street level, locally. So we have a connection to this BTS with this force, to that one with this force, and it's very easy to calculate where exactly the delinquent is. No interference in the phone either, no one knows that something like this is happening. Any questions about that one? Because if you don't know SS7, maybe there would be something. Okay, I'm glad. Other ways how the phone can reveal our location. I didn't have time for pictures, I

was bored, it was night. Firstly, Bluetooth. Most of you have Bluetooth on. If I run a shop or I would like to know if someone is approaching my location, I would just listen and see what Bluetooth devices are there. Are they known to me or not? I can filter it out. And the thing is that especially new iPhones, I think it was a big deal, even turning off Bluetooth doesn't turn it off. It's still working, but it doesn't accept new connections, which I don't care about, because I just want to know if it exists. So Bluetooth is a rather neural thing that is completely forgotten, because who uses Bluetooth now? Basically no one uses it, I don't care

that it's on somewhere. In Wi-Fi, exactly on the same principle, if we do not have any address announced, that our phone announces that it wants to connect with someone, this is not what we are looking for, we can still see that some device is giving something on some frequency, so we detect unwanted presence in our area. If someone is doing some operation in the area, wants to be safe, let's say that no one is standing on the roof of the parking lot, in this way you can set up a regular SDR, which is to be bought for 20 PLN on Allegro, and sees if any devices connected to Wi-Fi or Bluetooth are approaching. It works better than infrared sensors, than detecting a person. It's

easier to detect a phone. Now, a phone, referring to the connection, will disturb the work of close receivers. This rarely happens, but I thought I'd mention it. For example, if someone from the front row calls the phone, I will hear this "bucket", which we mentioned earlier. It's easy to get into it. There is a possibility to get into it. A phone without our knowledge will connect with Honeypot, BTSM or Femtocell. The second thing is that there are very few phones that can check whether BTS, i.e. the transmitter, is authentic or not. I can build a fake BTS, which transmits the connections, but at the same time reads them. This is possible, but the phone doesn't check it. They

are connected to everything that is going on and we don't have control over it because we don't see it. Some phones show that something is wrong with this BTSE, that there is no authorization, it rarely happens. Does a colleague have a question? It is not trivial, but you know, services have any possibilities for it, right? This is one of the possibilities, I am not saying that every, you know, every high school student does such things. This is a possibility and you need to remember that such a thing exists. Spoofing. It's getting even more boring here, but as I recall, we're really finishing the presentation soon. I won't bore you. Spoofing, GSM and basically let's just

call it GSM. I don't know if anyone has come across such a phenomenon that I, let's say, I can even legally say this, I can call each of you in such a way that I will link this connection, but the number of the sender will appear as someone else from this audience. Do you know such a mechanism? It's possible. It works the same as in the case of email spoofing. You just need to type in the address of the person who sent it, even like on a post. Nobody checks on the post whether we, as a sender, have entered the real data. We write to the sender and it just passes. It works exactly the

same in the case of the SS7 network. I can just say that the number is different than my actual one, because the ITU number, which is a normal number that shows, is not interesting. It's interesting for the email, it's then, as it is after the addresses, Mac is associated with. And what's interesting, in Poland such spoofings are legal. With the suspicion that I can't call someone, no one can call someone with a spoofed phone number in order to commit a crime. But it is clear that if I commit a crime, it ceases to be legal, but in addition they can charge us for it. Having access to the SS7 network, we have the possibility not

only to spoof these addresses, but also to do it in such a way that the network will first ask for my phone instead of the actual receiver, I will connect it and receive it and it will be passed on to the actual receiver, and I sit in the middle and listen to this conversation. There is no encryption here. Was there any question? Okay, because you were waving, sorry. And now, we can do this on our phone, we can go to the modem's manager and ask him to give us a different phone number every time. It's a bit complicated, it's not profitable, because there are services where we have it for less than a penny per

minute. We register, we add an account and enter the number we want to call. I just call the gate and the connection is done. The plus is that it doesn't actually come from my phone, only from foreign servers. So here again the intention is complicated. If we need to perform some operation, not even illegal, but just some privacy behavior and check who called us, who is bothering us, it is worth using it. You can't call back, you can't... Thank you. You can't make an appointment. That's it. Spoofing IP. I'm really bored. Now, spoofing IP. It's a simple topic. It's about VPN and proxy. The thing is that proxy should not be used from list of 50 fastest free proxies. First of all, these servers

are often monitored. Secondly, they are too easy to access for general use and these addresses are getting more and more. Thirdly... I'll make it smaller. Thirdly, will be blocked on most of the servers. We often don't connect to IRCA from such a server, because it has a proxy list that is constantly spamming, because there are improper uses and it blocks us. But you can go to Shodan. You know, Shodan is a kind of Google device. I don't know how to describe it differently. We can write that we want to find all the servers that provide such a service on this port. It will throw us a list of even amateur servers that few people know about, because some gynast put a tbit

server or anything else there. And we can use it in a fairly safe way. It's hard to tell how it looks with legality, so I wouldn't recommend it. Of course, I don't recommend any of these techniques, I just want to make sure that such things are possible. And now, if we want to have, because it is also worth having your proxy server or your VPN server, and it is worth having it in countries, question? Why is it better to let go of the North Korea? That's what I started to explain. Okay, okay. I started to explain it. It is worth having a VPN or your own proxy server, We know that no one will monitor

it, no one will want to get it. You know Interpol. It's an international police. It's an organization that unites many countries and helps in cooperation between the police and others. And now there are several countries that do not belong to Interpol. Because if someone in Poland commits a crime that will be in fact committed in another country, that country can easily turn to Poland for the accession of certain materials, help in the pursuit and cooperation between these bodies will be introduced. However, in those countries that do not belong to Interpol, This situation will not happen, so if we have a server there and someone wants to get to it, I'm sorry, we don't cooperate with

you, this cooperation will not be established. We have Kiribati, Micronesia, Palau, Palestine, there are quite a lot of servers in Palestine and in Tuvalu, the servers are not working quite well. There is North Korea, but from obvious reasons, Interpol will not look at us, but we know who else will, so really. There is a fact that they are not part of Interpol, but it can be ignored. I mean, how to let go? I would like to see someone using Shell on such a server. You know, there are quite strong programs there, it turns out. There are a lot of undergrounds in North Korea. And there are such things. These are not official servers that we

pay in bitcoins. No, no, no. But you can actually have services there. Even attacks from North Korea, such botnet ones, come out. You just made a plan for tonight. Are undergrounds private? Private. That's the thing. Government is one thing, they have quite a cybernetic army. They often work remotely, like Russians, they give some services there. Okay, not to mention the fact that you have to change the exit points often, because even if we have our own server, we don't know if someone will enter there. Zero-days exist. So sometimes reset it, use another one. Don't go out of the same place very often, because it makes it suspicious. Spoofing email, as I said, is a completely

trivial matter, it's just about typing on the headline, but since I showed those other things, I also want to show email for formality. Albanian virus, I don't know, it was just under my arm. Generally, there are two options. The second is quite more clear, because we often encounter emails where they are very difficult to do. This is a filter that we have, like scams, some Nigerian priest writes to us, but he writes a lot of letters, he doesn't hold his head up, this is actually a planned action, because they filter people who have a bit of oil in their heads and who later in this operation will realize that something is wrong, so as not

to waste time on them, they filter themselves only so that such idiots who said something like that at the beginning, would write to them further. The first mechanism is often used, i.e. sending sender, i.e. e-mail, which I will send to you, it shows that it was sent from a completely different email, but no one pays attention to the next one, i.e. to whom to answer, and this is my e-mail. So we see that it came from a normal email, we want to answer there, but in reality this email returns to me on a completely different fake box. A very simple mechanism, often used. Some probably don't know it. The second option is a bit more

sublimated and you have to be a bit more flexible. So we make the address almost identical to the victim's address. It's worth adding a certificate to it to make it more credible. So the victim is definitely writing, he has the certificates and the pad is showing. People are into it. Any questions, Tomasz? No, okay, because you're holding the microphone, I'm sorry. That's it. The last section is probably payments. They are also very simple. Bitcoin, everyone has heard of Bitcoin, only the question is whether someone actually uses it in such a life. Besides being on the stock exchange and making money, is there anyone who pays with Bitcoin, pays for Bitcoin services? No, that's it. Because

the thing is that Bitcoin is not as convenient as it is said. It works in the darknet, because Services in the darknet do not have the possibility to connect to the gate of PayPal, PayU, even MasterCard, etc. Besides, no one would want to provide such data. It works poorly there, that's why Bitcoin is used, but apart from that, I tried to use Bitcoin myself, it's slow. If we want to perform some kind of safe operation, like signed, I mean, performed on On an offline device, an offline cold wallet, and only connected to the network from the other, we need two devices. It's really pretty fucking, unless you have expensive hardware wallets. Bitcoin, contrary to what

is commonly thought, is also measurable. It's not that hard, it's pretty easy to measure it. You can wipe it out, but washing it again costs a lot if we want to use it legally or a little less, we don't necessarily have a lot of money. We have to keep in mind that washing bitcoins is not guaranteed, and it brings quite a lot of costs. As I said, it's not as convenient as in Darknet. It's not even that good there. It's much better option for people who want to attack us. These are bought from public info, leaked credit cards, PayPal account, because there were several breaches in PayPal. Such accounts cost a penny. Of course, they are illegal in every country

in the world, except North Korea, as I guess. Such an account or card is to be bought on the darknet for about PLN 30, so it's basically nothing. The problem is that Their use is quite complicated. If someone has a PayPal account that is of inappropriate origin, We need to have some information about the user, where they come from, what city they come from, in this place, search for proxy and connect through it. If it is a Spanish account, we connect with Poland, PayPal will immediately find it. PayPal has a very strong network of such frauds. Visa, Mastercard, the same. If the operation comes from some unusual source, they immediately look into it, they are very, very And now, camouflage. This is good, sorry. It was

supposed to be the last one, it will be the last one. Camouflage, what's the point? Sometimes, operations take place in the field. And the thing is, we look like we look, I mean, we can see that we are doing something. Each of us has some suspicious look, suspicious outfit. Don't get me wrong, but some of us look like we have a terabyte of child pornography on our laptop. It's really... First of all, the clothes are the advice that some of them even came up with. They seem trivial, but they are not thought of, and they act on the victim's subconscious. On something that the victim pays attention to. We must hide tattoos, earrings, sometimes even jewelry, if it is not typical, because it will be remembered. There are details

that come to mind. If the police comes later and asks about the attacker, the victim will remember: he had a tattoo or some strange medal and he had anything else strange. Do not make eye contact. When you pass by the city, nobody looks at you. Do not do the same. I mean, let them do the same by attacking. We'll come back to this in a moment. Next, yes, for the same reason as the first point, do not wear thematic clothes. Do not wear clothes from games, from teams, with some funny inscriptions, because that's it. These are also things that come to the victim's memory. If someone asks the secretary, she will remember that she was wearing something untypical, completely neutral

clothes, a shirt in... The whole black thing also arouses some suspicions. A regular one-color shirt, regular jeans, trunks, something that nobody even notices, there is no detail that can be remembered. Don't look around too much, similarly, if we think about where the security is sitting, they will notice that we are looking at the cameras, that we are looking for any boxes, etc. It is useful if we do some pen tests for the order, of course, because it is also worth doing some field operation, right? You know what, my experience with physical protection in Poland guarantees you that they won't notice. I know. I guarantee it 100%. I know, I know, but still. Okay, and now,

not wearing gadgets in sight, which we often do subconsciously. We have some kind of a combi, sometimes we wear a small set of precision tweezers, the standard is ThinkPad in My Little Pony or GENT stickers, it just catches the eye right away, you know right away that something is wrong. Headphones are also often worth having, because it's a standard for people. Now everyone goes with headphones, we do exactly the same. Colourful clothes, as I said before, only black or white clothes are also some strange thing, some anomaly in the environment. It is also noticed. So, sorry. Next, what? Dressings. If you have a real dry and you like to do these pentests, many people like to do field operations, it is worth having

a set of legal sources of clothes. And everyone has their advantages and disadvantages. For sure, the ordinary cleaning machine gives us a lot, because people don't really want to look at the cleaning machine. Most people feel better than the ordinary one, or the cleaning machines don't want to bother them, they simply avoid it, they don't even look at what the person is doing, and at the same time, The presence of a cleaner or a cleaner in any place is not surprising. If he enters the server with a mop, he must do anything. Try to let someone who brings food from Uber Eats or anything. It immediately catches the eye. The very fact of being a

cleaner is one big pass. Of course, the problem is that you have to wear a bucket or something, because the case itself is not necessarily suitable here. Courier. Courier outfits are quite easy to get, you can wear them illegally, so there is nothing wrong with that. And their advantage is that if we stand at the reception, it causes some pressure on the victim. If this package, which is addressed, let's say, to the boss or some department, I will not deliver it on time or I will come with it tomorrow, Whoever has problems will probably be the one. It's a subconscious pressure that we can go there anyway, even if we shouldn't. The police uniform often used, but it doesn't matter, we'll probably be punished for existing. I would

avoid that. Protection. This can be useful because it doesn't give us any special rights, but if we are to be blamed for something else, The first thing they do is call the security, but the security is standing in front of them. They won't call anywhere. We have a second life here. We can still come up with something. And the second thing is a good set of accessories. A really good set of accessories, made to measure, often arouses the lust of people. No one will argue with someone who looks like a millionaire or even the president of a company. No one argues with such people. Because they can probably be the head of the office we don't know about. Who knows their boss? I mean, OK, you can actually know.

I didn't know, I don't know how it even looks like. And generally, if someone in some expensive suit told me that they would let me go if I didn't let him in, I wouldn't let him in. But many people would let him in. And that's all for now. Thank you for listening, it was me, Dariusz Jakubowski. Thank you. Oh, thank you. I thought there were still questions. Exactly. Questions? Really, nothing? I thought that... Are there still some? Okay, if not, then... I thought it was enough wood. Basically, yes. I didn't think about the construction worker. It would also be a good option. Hydraulic, something like that. You're right. The drill is better, more manual. We have to preserve

it. I think the ladder would arouse more trust. But you can see the ladder often on offices. You can change the lamp, because you see, someone is drilling, what will he drill? And the lamps are burning every now and then. There is a video on YouTube, a guy with a ladder walks through various offices, he goes everywhere, records everything. Right? This outfit gives a lot. This outfit really gives a lot. We are completely, as employees, we are not controlled at all. There is an anecdote from physical protection. One of the security guards told me a story. In the late 1980s, a man came to his apartment and said that he came to repair the Junkers.

He was at his neighbor's place and was repairing the stove. After a while, the employee looked into his bag, there was only a hammer and a piece of metal ball. "Do you know if the neighbor from the top was there?" "Yes, sir, he was there." So the guy walked around the cells, checked the apartments, saying that the cell was higher or lower. Very good dressing, I think. Only it was not finished, because the hammer was like that. You have to think, no one will do it for us. Okay, someone probably raised their hand. The protection may be risky at times, because... I don't see, here. Sometimes security is known. People associate it with... That's clear,

that's clear. We won't enter the courier company in the courier outfit, right? So first, we make a statement without anything. So it's a completely neutral outfit, we make a statement about how it all looks. And then we think about the script, which outfit will be the best. One more thing. Couriers are relatively stable and security knows the couriers. So when a new person appears, they ask: "Hey, where is Tomek, Kamil or I don't know, whatever we call him?" Not stupid, but you can easily get away with it. I often have a relationship with security guards at the level of the estate and there is such a situation. A new courier appears, a new waiter and

this person is really checked. But I would like to note that if this situation appears, it means that someone could actually use it. Yes, it happened once. That such situations happen. Exactly. So it is. Super, everything? Okay, then I invite you to lunch. In this case, I wish you a delicious meal.