14 thoughts on “I’m just going to leave this here…”
The chair is against the wall.
The sun is shining in the bedroom window.
4
The crow flies in the shadow of the eagle.
How about we flood social media (and I mean REALLY FLOOD THEM) with bogus but real sounding coded messages. The readers, moderators, and tech gods can all shit their collective pants thinking the balloon is about to go up.
2
Do NOT use a pirate box as they show there for clandestine things. Every network device has what is known as a MAC address. This is generally hard coded into your network device. It is unique across all network devices.
If you connect to a pirate box, your mac address will be available to the receiver and they can record that information.
Thus a pirate box that has been compromised could record what data came into the box from which network device. And that could very well lead right back to your laptop or phone or what ever you are using.
If you decide to use the USB dead drop, get yourself a USB extension cable. One end plugs into the USB port on your computer, the other end can then plug into the USB device embedded in the wall or log or stone. You don’t want to accidentally break off the USB device or break the USB port of your laptop or device.
Also note, that it is possible to put files on a USB storage device that are “auto play” and the act of plugging the device into your computer could give that device control of your computer.
1
“Every network device has what is known as a MAC address. This is generally hard coded into your network device. It is unique across all network devices.”
Yes, but you can spoof them.
Ssssssooooo ANY time you use an electronic technogizmo it is subject to monitoring, hacking,listening or bug inducing. Soooo write a letter…… put it under the old willow the sun shines on in the afternoon….dont let the cat out…. the chalise with the palace holds the brew that is true…
5
LOL, what crappy dead drops. A USB connector sticking out of brick or a tree trunk is too obvious.
1
I have no idea what y’all are talking about. Too old I guess.
1
“The best way to protect a secret is to never put it in digital form.” 😀
2
Yeah plugging into strange usb devices is roughly the equivalent of Reusing a condom from the garbage.
2
Strange drives sticking in trees is no basis for secrecy!
5
Don’t use computers to communicate. And encrypt/decrypt using pencil and paper. Any computer should be assumed to be compromised. Remember what Edward Snowden taught us.
1
Don’t use pencil/paper crypto, not unless it’s a one time pad. All other systems are long obsolete and trivial to solve. Even WW2 era ciphers, which are far harder, are trivial by today’s standards.
Definitely use computers and computer based crypto. But you have to get a few things right. The most important step is not to use Windows. The next important step is that anything security-relevant must be open source.
For example, “auto play” isn’t an issue if you use a competent operating system. Then all you have to do is to follow the obvious rule “don’t run unknown programs”.
The dead drop is handled by using a sacrificial computer to make the pickup and drop off ( something you can format that has no sensitive data of its own beside what you intend to put in the drop.) a simulator method could be used when connecting to a pirate box after you spoof your Mac address(either virtually or by using a external network interface card as a disposable device). I prefer the idea of geocaching a USB so the intended recipient can take it to a isolated computer in a secure location, not a bad solution for death star blueprints.Simple messages can be geocached as a hand coded message(matched book page ciphers are near impossible to break if the reader doesn’t know the book and the correct edition)
Coded phrases can be put in public locations and not look out of place if the sender and recipients are careful with making the phrases match the intent of where it is posted( crags list, newspaper ads, care sales fliers, church or resteraunt letter boards.
1
No need for a Pi, there are 18650 powered 8266 boards available for less than $5 that will be more then enough for a remote drop.
The chair is against the wall.
The sun is shining in the bedroom window.
The crow flies in the shadow of the eagle.
How about we flood social media (and I mean REALLY FLOOD THEM) with bogus but real sounding coded messages. The readers, moderators, and tech gods can all shit their collective pants thinking the balloon is about to go up.
Do NOT use a pirate box as they show there for clandestine things. Every network device has what is known as a MAC address. This is generally hard coded into your network device. It is unique across all network devices.
If you connect to a pirate box, your mac address will be available to the receiver and they can record that information.
Thus a pirate box that has been compromised could record what data came into the box from which network device. And that could very well lead right back to your laptop or phone or what ever you are using.
If you decide to use the USB dead drop, get yourself a USB extension cable. One end plugs into the USB port on your computer, the other end can then plug into the USB device embedded in the wall or log or stone. You don’t want to accidentally break off the USB device or break the USB port of your laptop or device.
Also note, that it is possible to put files on a USB storage device that are “auto play” and the act of plugging the device into your computer could give that device control of your computer.
“Every network device has what is known as a MAC address. This is generally hard coded into your network device. It is unique across all network devices.”
Yes, but you can spoof them.
Ssssssooooo ANY time you use an electronic technogizmo it is subject to monitoring, hacking,listening or bug inducing. Soooo write a letter…… put it under the old willow the sun shines on in the afternoon….dont let the cat out…. the chalise with the palace holds the brew that is true…
LOL, what crappy dead drops. A USB connector sticking out of brick or a tree trunk is too obvious.
I have no idea what y’all are talking about. Too old I guess.
“The best way to protect a secret is to never put it in digital form.” 😀
Yeah plugging into strange usb devices is roughly the equivalent of Reusing a condom from the garbage.
Strange drives sticking in trees is no basis for secrecy!
Don’t use computers to communicate. And encrypt/decrypt using pencil and paper. Any computer should be assumed to be compromised. Remember what Edward Snowden taught us.
Don’t use pencil/paper crypto, not unless it’s a one time pad. All other systems are long obsolete and trivial to solve. Even WW2 era ciphers, which are far harder, are trivial by today’s standards.
Definitely use computers and computer based crypto. But you have to get a few things right. The most important step is not to use Windows. The next important step is that anything security-relevant must be open source.
For example, “auto play” isn’t an issue if you use a competent operating system. Then all you have to do is to follow the obvious rule “don’t run unknown programs”.
The dead drop is handled by using a sacrificial computer to make the pickup and drop off ( something you can format that has no sensitive data of its own beside what you intend to put in the drop.) a simulator method could be used when connecting to a pirate box after you spoof your Mac address(either virtually or by using a external network interface card as a disposable device). I prefer the idea of geocaching a USB so the intended recipient can take it to a isolated computer in a secure location, not a bad solution for death star blueprints.Simple messages can be geocached as a hand coded message(matched book page ciphers are near impossible to break if the reader doesn’t know the book and the correct edition)
Coded phrases can be put in public locations and not look out of place if the sender and recipients are careful with making the phrases match the intent of where it is posted( crags list, newspaper ads, care sales fliers, church or resteraunt letter boards.
No need for a Pi, there are 18650 powered 8266 boards available for less than $5 that will be more then enough for a remote drop.