[Anonymous]

I can’t help you with choosing a VPN, going to have to do some research on your own.
Been years since I used a VPN for personal use. When I did, I usually would use the free accounts from the smaller companies with a burner email account.
What you can do is use a free virtual system / OS in the cloud, like you would find supplied like Amazon and use it remotely/RDP with a VPN.

Ultimately if you need security for something specific and once off, don’t use a internet connection which is connected to you in anyway. Rather use a open public wifi while being cautious and taking every step to limit your exposure. Mac spoof, temp virtual machine, burner email address, using delayed release services and so forth.

With AI, crawlers and very sophisticated algorithms used today, they could build a profile on you in a blink of a eye.
Think of it like a Google search on your own name, now put that on steroids with them having access to all private banking details and other services registered in your name. Building a matrix/mesh profile of everything connected to you but also everyone else who interacted with you.

Even the words I used in this post, coupled with being on this site, I can guarantee, it has been flagged to a degree. Even a private site like this, being public, any person or web crawler can pickup everything here. Then you got the web host, hosting this website, most are legally obliged to supply the register info and to DB information when requested.

Like all things that have lasted the longest, tend to be things you don’t notice and see.

But if you just want to watch Netflix or do something locked in a geo-location, just use a VPN company not based/registered in your country/legal bound territory.

[Anonymous]

What VPN do you use? I couldn’t find any trustworthy ones once I looked into who owns these companies. One of the big VPN providers was cia. Wolf in a lamb’s skin?

[Anonymous]

—HIDING DATA—
–Remove MetaData–

All files contain information attached to it, called “MetaData”.
This can be from photos you take on your cellphone, text files from your computer and even files created from applications.

Here is an example of a pdf sent to me by backabuddy fund raiser company via email.
Just right clicking on the file, clicking “properties” and under the “details” tab, the following is displayed.
Very basic metadata info attached to the file.

Now doing a in-depth search for additional metadata gives the following.

<details>
<summary>EXPAND TO SHOW ENTIRE IMAGE<img src="https://wd.easytodo.in/wp-content/uploads/rtMedia/users/11409/2021/07/all-the-meta-800x3982.png?1626492671" alt="all the meta" /></summary>
<p></p>
</details>

Big difference right?
*All info on the Authors name, dates, applications used, OS, versions, revisions and so forth.
*Though this is a PDF file and it does generally add more internal metadata/attached info than a image or video would do.
*And take note, when using the Windows tool to “remove details and personal information”, this only works on what you see under the files “detail” tab as shown above and not internal metadata/attached info which the PDF added.

You can use the Windows option to remove details off most images and videos you take, which will do a decent enough job of removing unwanted metadata. But if you want to be preciouses, find the many free or paid applications out there which can remove metadata.
This can also be done on your cellphone through apps as well.
Here is an example for mobile, where the photo location and finer details are removed.

So be careful when sharing pictures, files, videos and anything created on a electronic device. Once it is out there, it is near impossible to get it wiped off the internet.
Here is a website where you can find out what metadata info/keys are within your file.
https://www.metadata2go.com/
Or if you don’t want to upload sensitive data, look at one of the following free EXIF viewers you can use on your local machine.

24 Best Free EXIF Viewer Software For Windows

[Anonymous]

Just note I am posting here, unfortunately posts waiting and approved don’t register on the forums as a new post.
*So posting this to give it a bump.

[Anonymous]

If anyone wants anything specific, let me know and I will post on that.
Here is the next installment.

—HIDING DATA—
–DELETE DATA—
When you delete something on your computer/device, generally the data is still there, just not visible since its index (its address to let the system know where on the storage the data is located) has been removed.
**Just a word of warning, if you are not ultra-careful, this method will get your data corrupted/overwritten.
*When the data is removed from the index it is assigned as free space and when your system is running (OS) or you copying, moving, or running apps which uses the storage that data will get over written in time.
The trick is, you can delete data on removable storage or non OS/used internal storage and the delete data won’t be damaged since the storage isn’t being used. Also take a further step and compress with (minimal compression/high recovery table + password protected with encryption). What this does firstly, is even if the data is partly corrupted/overwritten, the compressed file can be recovered unless 50%+- of it is overwritten, and if someone does discover the delete data your files are encrypted.

Now on the other side of the coin. How to make sure when you delete data, no one can recover it.
This is usually done by installing an application that integrates into your system or runs independently. What it does is scramble the data so it is destroyed/overwritten with random code so no one can recover the data.
*You can use the built in Windows “Cipher” command but there are far better apps which are free as well.
A great App called “ccleaner” which I also use for cleaning up the system and removing unwanted software, processes, schedules and junk is free, though you can get the Pro version, but I have never needed to since all the options are in the free version.
On CCleaner, under “tools”, “drive wiper”, you can select the drive to either wipe the free space or the entire drive (wipe it) and the amount of times the data is overwritten (more times = more secure)

This will allow you to scramble the data so no one can use a recovery tool to get data off it.
*Never sell or give away a device that sensitive data on it before wiping it.

—SECURING OS (WINDOWS 10)—
There are applications out there like CCleaner but more advanced where you can remove bloatware, background services, processes and generally the unwanted junk that comes with Windows making it slower and less secure.
You can search online for such apps or scripts.
A good example of a script (file that runs commands) is of the following below.
https://gist.github.com/alirobe/7f3b34ad89a159e6daa1
Which does the following “This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetry, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented.”

In a Nutshell, it will disabled a lot of the options, tracking and unwanted items Windows loves to add to your system which you don’t need and makes you far less secure. If you have no clue even if the comments in the script, rather not use it but instead go online for the more corporate applications that will do the same to some degree.

[Anonymous]

Okay, here is a little bit more info, started on the software section. Will continue this tomorrow.
Once I get a lot more data strung together we can ask the admin to shift the final post to the top.

SOFTWARE
—PASSWORD AND 2FA—
For password vault/management and 2FA (two-factor authentication, aka second password/generated code), I have been using LastPass (https://www.lastpass.com/) personally and previously in the high profile company I use to work for.
LastPass is free but has been limited recently for the free edition to only one active device (so either using it on your desktop or cell phone but not at the same time, unless you pay the annual fee of $36 and up for various options) There are free alternatives out there but I love how LastPass has been working in the past and up till today. There are hundreds of great features, such as corporate/AD integration, family and even request to your data if you died by given rights to who deem worthy of it after x time when you don’t respond.
Google and other large corporations do the same to a limited degree, but you won’t catch me using them, since they don’t have a stellar reputation on keeping your data private.
*Always make sure your master key is always super secure or make abbreviations and always 2FA or even 3FA.

—AV (ANTI VIRUS)—
For personal use, get the run of the mill AV out there and you don’t even have to pay for it, just use the free version.
I’m using Avast, free addition and have it in silent mode + disabled notifications. https://www.avast.com/
If you have an infection that Avast can’t deal with, use MalwareBytes (also has a free/trial) https://www.malwarebytes.com/ , to do a deep clean of anything nasty.
You can also download process blockers that actively block certain process/viruses from running that infected your system and continuously schedule to start up even if killed. This will help you kill them and remove them from your system.

There are far better antivirus packages out there where they work off zero day virus, so instead of scanning for specific signatures, they run off rules, processes and core kernel defense. Honestly though, unless you a company who really want supper security and spend thousands of $ just on yearly software, then I would only recommend them. At that point you would have spent $1000s to $100 000 in hardware and other packages to lock your systems.

—HIDING DATA—

–QUICK AND DIRTY–
You can either outright just rename a files extension (the “.ppt” if a PowerPoint file after the name you gave the file, if you enable view of file extension to see that) to another format that would cause it depending on the file extension to not open correctly and would look like a random code.

–COMPRESSION–
As stated above, 7Zip and other compression tools allow you to compress data with a password but also to scramble the data so no one can read it, unless they have the password. Just make sure the password is long and complex and strong encryption algorithm is used.

–WITHIN PICTURES—
*In ancient times, up till today, hidden messages and information have been hidden in images.
There are several ways of hiding data within images (The digital way), some simply add all the data to the image file while others encode the data right into the image matrix itself. So when you open the picture, it will just open up normally without them being wise of any shenanigans.

Here is one of the first search results I found given a basic example.
https://betterprogramming.pub/hide-data-within-an-image-507f571aab89

And here is an example of the application I used for the demonstration (though its rather cheap and flakily) but good enough to show how it works. *If you looking for decent app, there are tons out there, just google hide data within image.

Here is my example.
I took a random pick off the internet of 3,6MB

and hid 1MB file directory containing sample doc files which was zipped and compressed to several KB.

Now can you spot the difference between the original and the one with the hidden data?

[Anonymous]

@ItsNatural
Due to me most likely posting with a few links, post is waiting for moderation. Just give it a day or two. I will keep posting and they will show up a day or two after each one.

[ItsNatural]

Hey, good to hear from you again! I loved it.

[Anonymous]

Lol sorry, kinda of dropped it since no one was replying or giving any feedback.
Will post something a little latter and update the post with additional information.
Only issue is that I have to reply to the original post since I’m not the creator of the group. Wish I could just edit but I can’t.

[ItsNatural]

Thank you, drak, for using your time writing about this subject. I’m asking you if you could go on with your coming soon topics, when ever you want to. Obviously it’s the summer, so don’t worry about that. Just asking if you could whenever you have the time/desire to do so.

Thanks again!

[Anonymous]

Some people want to have the know-how on some general digital security so I will post a few tips here.
Just post here or message me if you want anything else added or questions answered.

VPN (Virtual Private Network)

—DESCRIPTION—
VPN stands for “Virtual Private Network” and describes the opportunity to establish a protected network connection when using public networks. VPNs encrypt your internet traffic and disguise your online identity. This makes it more difficult for third parties to track your activities online and steal data. The encryption takes place in real time.
—HOW IT WORKS—
A VPN hides your IP address by letting the network redirect it through a specially configured remote server run by a VPN host. This means that if you surf online with a VPN, the VPN server becomes the source of your data. This means your Internet Service Provider (ISP) and other third parties cannot see which websites you visit or what data you send and receive online. A VPN works like a filter that turns all your data into “gibberish”. Even if someone were to get their hands on your data, it would be useless.
—EXAMPLES—

—FINAL NOTES—
Beginners guide to VPN (https://securethoughts.com/what-is-a-vpn/)
A VPN secures your internet connect from your device to the VPN provider, it won’t help if your device is compromised either through a virus, linked Google account, MS profile, online trails and so forth.

ENCRYPTION

—STORAGE—
You can encrypt your drives to prevent people from accessing the data.
Can be done through built in options like “Bitlocker” for Windows 10 or applications which do the same for Windows or other OS platforms.
I do this with all my laptops, computers, external drives, including my flash drives.
A little tip is that I name my external drives with my cell phone number in case I lose them and someone finds them, they can get a hold of me.
Also make your password as long and complicated as possible, the harder the password, the harder it will be to crack it. (A 3 letter password could be cracked within a few minutes but a 20 length password could take millions of years to crack)
Bitlocker guide (https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview)

—FILES / FOLDERS—
As storage, you can also encrypt folders and files on your drives.
There are hundreds of applications out there, some better than others.
Personally I use 7-zip since it is free allowing you to create archives in different encryption methods. It also doubles up over the windows zip tool which is rather basic.
Download link (https://www.7-zip.org/download.html)

MOBILE

All cell phone / mobile devices can be tracked. Using just 1 cell phone tower they track your general direction and distance, 2 towers they can almost pin point your location and with 3 towers they can triangulate your position within 2+- feet accuracy.
This is why they have pushed for RICA/FICA in South Africa and the equivalent for other countries. (Your identity is registered to the device/sim card)
You can get around this as there are tons of people/shops who sell SIM cards that are not registered.
Then there is the built in hardware, China been well known for this for a lot of their electronic devices, can track you, collect info, not requiring any of the software running on it to be compliant.
Corporations such as Apple, Microsoft, Google and several others have it written into their T&C that they can access your device, collect info, keystrokes and so forth, with coded in backdoors. This applies to not just mobile devices but pretty much all of them.

SOFTWARE

*coming soon. (AVs, Firewalls, password vaults, 2FA, denial preventers, OS lockdown, Web security, hide data)

COMMUNICATION

*coming soon (online platforms, hosted, rules, do’s and don’ts, awareness, emails, algorithms, dark web)

NICE TO KNOW

1. Make sure you add decent passwords to everything, including your router/modem for the internet. In my college days we use to just scan entire subnets and we were able to steal users login for their internet lines, even police station cameras, security systems and anything lined to the internet was accessible and wide open.
2. Always have a backup in the cloud and an offline (physical storage) for all your data. It is when not if your devices fail leading you to loose data, including those family photos.
3. Always if possible have 2FA setup on all your accounts online, even more so for your email accounts used for them.

[Author]

Posts