ANTI-OSINT AF: How to become untouchable

via a network the situation that need situation whether it is responses given the entire phone number Bigfoot 2 News congratulation if you give them the entire phone number you try to opportunities in Japan was like Oh text me we can call it that real quick then they won't really you have my number the way that we fight this is we go through a have a separate number the reflects as a muscle we use that say you want to contact me here you go this it's a real actor but it's thought you were known so just something so in continuing down that path I thought ok so you want to take it to the extreme you want to

get off of where Facebook is going all your information but you still interact with people see you send up a sock puppet account essentially you create after online that allows you to log in to whatever service that is social media or char anything else but you have it to where it's not even take you directly to you and we'll get into a little bit more about that later but this gives you another box you can put that in also if that comes under fire or something else happens you know you can burn that account and it's not something that you've been sitting on it for 20 years it doesn't have all your context you're protecting the grip want some of the

words that it's not going to affect your father your mother your company everything else like that or it doesn't go further into your organization or your personal life so we can set up anything with a pump on the counter that's online there isn't anything specific that we need to do the menu or don't you anything that you have a login for from set up an account there are some things you can't get around like you're doing emails and your Facebook there are some places that don't accept people voice numbers as authentication there's ways around that but the point is to start thinking and building the screening mindset regards price what are we trying to avoid by doing this and your answer

will vary on who you are but our apologies if you're 19 20 inch tell college get now you don't have any kids and we've got an internship your mom is probably very low bucks longevity of that account is what will compromise you can the long term so if you post up here 2021 it comes to being 40 45 people are pulling up make sure about you taking shots at post a retro bar on our burdens of that that eliminates you from position or ability out of your law enforcement or give you are to to forensics for your red team and you get somebody fired because they were to be stopped make sure that your front door but the

chopped them because they got fired and your information is not on the spoke or people are proud of it is it's something that can be better than ever so we also want to go through the void like that hackers look at the attacks basic indicators have their data members that are warehouses anybody who's having to contracted movements your purchases he feels like that I feel like I need to get away just I don't think that's a fair way for them to represent being something other corporations that's all everyone that's that's just mine right there there and then disinformation campaigns people have something now without the Facebook spending you know proven to be selling information disclosed by counting on you want to go

through and change the information that you have so that they aggregate back into the system if you want to go to achieved where you work where you live your last name maybe that you can to move and get that information into the system so that rolls through and then all the people that are buying that now they consume that Mac malicious data you can also have them do a little in service you can do anything that's forward-facing and you can build where you were to what you wanted to be and then you can start caramelizing other websites social media or works cards other things and you can have that be a separate avatar so I set this up for the

fence so on the red suicide we use sock puppet accounts go through and gather information so that we can you know your organization or your personal dignity line whatever it is it's good because this actually put the blue team really have seen some good potentials as well if you were to make accounts that were new employees for organization and at that point you were trying to connect with other employees to play dead Facebook wherever they are you may people find out what that they're leaking about your company as a social media by a bot kind of situation on the other side you can see what organizations are also trying to friend you because you may be working at a

certain area defined into the marketing in the IT section so if there are people who don't have anything to do with your industry or 80 to do with your company or don't know this person because it's a big person and they're still trying to get access to your social media information it may be because they're targeting your ear counts so it is something that you can also set as a tripwire for if it offends something so let's look at that to some of the more fun stuff here and this is just basic overview like I said I only had about 25 to 30 minutes with me just talking privacy is a very difficult thing ever

to half an hour I can give you a framework based on this up if you're interested you can take the next steps talk to other people you join different slack groups or rocket chat groups so if that's its people or you can kind of produce it yourself and make sure that you know what what do you have out there what what what he's be close but you need to build the security line sense we need to go through and actually start looking at layering security from a digital and a fiscal perspective so if you are going to start with like making soccer camps things like that protip you may not make it from the same

ISP that you that you log in from every single day there may be some connections there especially with base coat and stuff where they say oh you're looking for the same range with this one because little each other held that and kind of compromised your stuff so if you're out of town Starbucks or anywhere else you start creating other accounts and they will have different initial IP ranges where they start you can do from different Hardware backing up that God you can go from raspberry pi's as a sewing Peter to do tablets and things like that where the MAC address doesn't have any pins up of your homemade IP address up so you can walk it back as

far as you want now it's all Jesse Siegel on get back as far as you want because the cleaner that you build these accounts up the less life that they are actually attached to your physical or your personal information so you want to everybody wants to use credit as credits an amazing tool but if you're not using it actively and it's not something where you're trying to get a house if you're not developing your credit or actually looking for loans stuff put a crimp resign but it carries on for you for your kids for your grandparents anything as long as it's not being used because someone else just looking at it we're not looking at it so kind of the same

thing you want to go through and use a different telephone number because it's that point of proxy you want to make sure that you're sure you know thanks in that possible you want a secure email if at all possible a lot of people use Gmail I'm not going to continue to use parts on Bill exclusively but ever the like protonmail personal mail is encrypted in the end they also a fantastic VPN it's a free tool that you use all of it that's also another one that you can use and then sorry let me plug proton now Paul says I'm kind of gonna be peeing and then a paid membership we get multiple email addresses as we waited like five bucks

month together uh pretending non-presence another trip of email addresses is a lot below this but you can add someone in front of the immigrants so let's say you want to make sure this email address with Netflix you put Netflix plus and then your and what that does is it allows you to see when the email that comes through that coming through is its plus Michael James a comment like that over so you can search the litigate where these emails are coming in from by adding you know something on the beginning of the email so they still get all to your one to email account there or your proton availa or whatever else you use but if we add something up in the front

of it it helps you to go through and see where the emails coming from same thing I know everyone uses text messaging no one ever leave voicemails the more it makes % cheese wire uses signal a lot of people will have a proper signal because you have to actually have your your telephone number to send two signals so that it can make you their town for you but then it's encrypted in the end I personal wireless 59 shared group spaces so you can bring other people in and work with other herbs without having to set up either you know a C&C / mercy to see where recruit vacations or anything else like that it works on every device

which is another thing we need you go through the talk about this but with the use of all these open source tools and things like that it's not easy to set up because enough PC do people are going to go they use it and that's really big a lot of the Walter but things that are coming along and that are easy to use and applications you can just download give to your sales guys I think just it makes it that much more secure because there's nothing for them to screw him so like I said slack you know I don't know if anyone has been seeing the privacy laws was a great word but there's a lot of inconsistencies of

slack that you can see what private messages and things like that rock your check is a good alternative I think as we go more towards this moment source kind of container because system there will be other things like mask done which has the ability to post their own instance of a social media group and so you can kind of protect that and divide like who comes in who does praça chats the same way you can set it up there's not the limit with a free version you can have API call as web folks all that self protection a little bit better little cakey but as it progressed I think it would be is not better

enforcement and dissipation the hello everything like I said fill out surveys when you can order for that new home to Home Depot credit cards that look good your new telephone number on there but alternative address you don't have to lie or cheat anything just fill that information whatever so you're giving to them a chance to tell the truth the data brokers that's not the way they work they're not telling us the truth so I've seen people go to market library cards where it's a government institution whatever but they are getting all this other information to me library getting it this will every card they're using that to go through maybe even further along introverts to separates

containerized information talk to this don't lie don't don't don't don't change your name though through it trying to get make credentials off the internet or at the dark web or something first up changing your name just gives you a public record that you change your name and any suit person worth their salt is going to go through the pub credit research if you change your name they're going to find that definitely it's not a lot that you can do about that I'm not advocating anyone to go through and try to make passports or social security numbers or anything else like that because it really is not worth it and don't lie to the police because

they'll catch you I mean on a personal note this is just kind of something that I have been working with chrome like with Google everything else collects all the data I append myself moving towards actually doing like a Firefox go type of privacy search engines things like that they actually work really well I've not seen any bad results at that stuff one other thing I would advise is if you are convinced set up a VPN or Peter for your sofa set a VPN upon your ever if you have the ability to go through and set it up and there's a pointed billiard on the VPN on your phone or ppm on the rabbit really should be still kind of

one of the other this operation so it's not later effective security that's allowed to go through it I keep doing that so these are just some of the tools that we were coming going to talk about I put this up there are some people who just take pictures and stuff this is about once you log in enough with something where you can actually streamline a bunch of different and your output likes to do whatever you wanted to it there'd be so if you want your machine which is a windows 7 device you come out that's an XP device you can change that for basic information and that will actually present so if somebody is doing most things on you it

appears that you have an XP device this this is kind of the final bit here you know we want to start the security mindset you want to be cognizant of where we're going in front of what we're logging we want to make sure that if we have the ability with we do a physical location that we can we want to make sure that our family members aren't the people that are ratting us out regards to the stuff but it happens so share this information with them so that they can actually be more private be more secure as well because in the long run a lot of the stuff is going to come back on them and do a 30-day challenge I

don't know everybody listens to the privacy and security podcast with my pencil and just yeah he's got an excellent report on his on his website for the 30-day preview security challenge there and he'll with the mobile stuff and it's a little more dense than this stuff then rape Michael are you have any questions anything else yeah

family so but it's all local bass it's all I'll check that out but but anything the ejection alerted me that you can physically take control of as opposed to rely on it to be servers or some or cloud-based anything it's it puts the privacy kind of back in their hands and you can allow what's out on ten week this is one of the reasons why I like Firefox because they allow you to detail the controls out with almost everything it's really really nice but I like that

[Applause]