Hey guys , ladys and others...
What if one day your computer was ever stolen from your home, hotel room or rental car? What if it was borrowed by a friend of yours/family relative and lost or forgotten at school or on the bus? What if you were robbed and your backpack stolen? What if the police ever raided your home and took control of your digital devices to conduct a thorough investigation, that could potentially leave you in a dire situation, where you could face years in prison? What if any of a thousand scenarios occurred that resulted in you losing physical control, whether permanently or temporarily, of your computer? In any of these instances the new “owner” of the computer may try to take a look at your data. What will they find there?
On my fully encrypted Windows, Mac, and Linux laptops they would find nothing but a blank screen prompting them for a boot password. My entire hard drives, including the operating system, are encrypted and the devices will not boot without the correct password. Replace my computer with that of most users, and the answer is likely to be credit reports, medical documents, resumes, family photos, saved logins, credit cards, financial information, internet browsing history, hobbies, *****ual affinities, criminal evidence, and much more. All of this information, can be used to harass, blackmail, extort, or further exploit you. It could be used to steal your identity, open lines of credit, or commit crimes in your name, leaving you to clean up the mess.
For any of us committing fraud and other similar criminal activities online, this information WILL be used in court to put you in jail for many years. Unfortunately, the US government has a reputation for not going easy on cyber-criminals and if you ever get caught, be sure they will do everything in their power to land you in jail for as many years as they possibly can.
Although basic security is boring, without we cannot rely on the more “advanced” security measures we discuss later in this tutorial. This chapter should serve as a good review of your baseline digital perimeter.
All of the techniques that will be presented in this tutorial, rely upon the assumption that you have a desktop computer that is reasonably secure and free of malware. If your computer is in any way, infected with malware, or is at risk for malware infection, you should fix this before continuing. Some of the most common forms of malware are Spyware, Key Loggers, Ransomware, and Scareware. Simple Google searches will explain you further about each of these viruses if you so wish to read more about it, I will not get into that.
WHICH OPERATING SYSTEM SHOULD I USE?
This is probably THE most important aspect of your security. If you are using an OS, which is closed-source, full of exploitable bugs and easy to hack into, then you are in for a lot of headache. I see a lot of cyber-criminals working with Windows and Mac, and let me tell you, this is absolutely wrong. If you want to be a criminal, then do your homework. Both of these operating systems are closed-source, which means only the developers of Microsoft and Apple are able to look and modify the code of the operating system. This is really bad because we don’t know what kind of backdoors there may be in these operating systems. Law Enforcement agencies could very well have easy access to devices running these OSs. This was the case with Windows 8 recently, where it was found that NSA had a backdoor into it, which in turn allowed them to control and monitor any machine running the operating system. See where I’m going with this?
This is not the only problem with these operating systems. Windows is full of zero- day exploits, bugs, and every single day THOUSANDS of new viruses and exploits are deployed for the Windows OS. The reason for that is because the majority of the world population uses Windows, which means hackers can infect a lot more computers, and earn much more money with Windows than with any other OS.
Mac is definitely much more secure than Windows, and Apple has been firm in their stance to not cooperate with authorities. We’ve seen this recently when the FBI contacted them so they could build a backdoor into the iPhone OS and open the terrorist’s iPhone and Apple refused. However, one common misconception I see a lot is that people think Mac computers are simply immune to viruses, and
that is completely wrong. Mac computers are as vulnerable to viruses as any other OS. They just have a much smaller user base than Windows, and so developing viruses and exploits for the Mac OS, is not even close to being profitable like it is with Windows machines. Windows machines are used everywhere, Macs are not. There are exploitable flaws in all operating systems and OS X is no exception.
For us cyber-criminals, the best operating system BY FAR, is Qubes OS. This operating system allows us to run isolated environments. It is basically a giant virtual box. You can run different OSs in Qubes as different virtual machines. For example, we have a virtual machine for the Whonix OS, another for Fedora, Debian, and those are only the VMs that come pre-installed with the OS. You can install Kali Linux in Qubes, Windows, and all kinds of different OSs. If one of these VMs ever get compromised by a virus, we are okay. We simply delete the VM and create a new one. If you want to learn more about the Qubes OS, then navigate to the link below, it is full of tutorials and even videos about the OS so you can get a good look at what we’ll be working with.
https://www.qubes-os.org/doc/
Qubes has a very small compatibility range and so will not work with most computers unfortunately. However, if you want to become truly a professional cyber-criminal, then I highly recommend you invest in a new computer. Don’t be lazy or close-fisted with security, as that will lead to problems and much headache for you in the future, trust me on that. Below are the laptops I recommend, from best (most expensive) to worst (cheapest). All of them work perfectly with the current Qubes 4.0. All of the prices were taken from Amazon at the time of this writing, so keep in mind, you may get cheaper, or more expensive.
LENOVO THINKPAD T460P ($1350): Also works perfectly with Qubes 4.0 and the performance is amazing. The one above is much better, but if you want to get this one instead and save some money, I’d say go ahead.
LENOVO THINKPAD T450S ($530): This laptop is also very good, although the performance of the above one is much better, this one does boast some impressive features. You can get it on Amazon for very cheap. It comes with i7 processor, 8GB RAM, 256GB SSD (you may want to upgrade the SSD). I have tested this computer with Qubes 4.0 and it also works perfectly and smooth.
LENOVO THINKPAD X230 ($235): This is a last resort type of laptop, and you should only get it if you’re really low on money. The performance will be terrible, but definitely usable. Qubes 4.0 runs perfectly with it, and everything works exactly as it should, just really slow due to the old processor and low memory. If you’re thinking of buying this laptop, keep in mind you will most likely need to upgrade some of the components to make it run smoothly.
CAMERA AND MICROPHONE
You should seriously consider physically disabling the camera on your computer. On machines that permit opening of the case, I prefer to physically disconnect cameras and microphones to ensure they are not being eavesdropped upon. In the case of laptops, this means opening the case and physically severing connections to the camera and microphone. This may sound like an extreme measure, but software protections like disabling the microphone or turning on a light when the camera is on can be overridden by sufficiently sophisticated spyware. Disabling the hardware is the only sure defense, but I realize that the vast majority of individuals will not take it this far. At a minimum, I recommend blocking the camera with tape, a post-it note, or a dedicated sticker.
PHYSICAL SECURITY
With physical access to your device, there are a number of attacks that may be carried out successfully against your computer. This includes the “Evil Maid” bootloader attack to capture your full disk encryption password. USB or optical media attacks work by bypassing your OS password, or the installation of
hardware key loggers that cannot be detected by antivirus applications. Though I will not get much in-depth into this, I will give you some basic suggestions to secure yourself against these type of attacks.
I strongly recommend that you carefully control the physical access to your computer, especially when traveling. Though it would be possible for someone to covertly enter your home and exploit your computer, it is not very likely. It is much more likely when traveling, so be especially cautious in hotel rooms. Even though you have locked the door, hotel doors and locks are susceptible to dozens of defeats, not to mention the fact that management, housekeeping, and maintenance all have operating keys to your room. Do not walk away from your computer to go to the restroom in a coffee shop. Do not leave it in your rental car, and do not leave it sitting in the conference room when you break for lunch. If you must leave it unattended in a hotel room or elsewhere, take the following physical security precautions:
o Turn off ALL interfaces including Wi-Fi and Bluetooth.
o Ensure your computer is full-disk encrypted and completely shut down
o Remove all external media including CDs/DVDs, SD cards, USB drives, external HDDs, etc. and take them with you.
o Take any transmitting devices, such as a wireless mouse and its dongle, with you when you leave
o Store your computer inside of a safe.
All of these precautions will give you a fighting chance. However, against a very skilled adversary, they cannot guarantee your computer’s security. Again, the absolute best practice is to avoid relinquishing physical control of your devices.
OS UPDATES
Keeping your operating system up to date is one of the most important steps in securing a computer. As software ages, security holes are discovered in it, and attacks are written to take advantage of these holes. Though software updates are occasionally released to add features and to deal with bugs, they are often written specifically to patch security holes. If your software is outdated, it is vulnerable to holes that are, in addition to everything else, well-publicized by virtue of the fact that a patch exists to fix them.
In Qubes OS, you should check for updates on all of your TemplateVMs and dom0 on a DAILY basis. This should take no more than 30 minutes if no major updates were released.
APPLICATION UPDATES
Just as vulnerabilities in the operating system may be exploited, security holes in your installed programs can be used as attack vectors. It is important to keep all software up to date. It is also extremely important to limit the number of installed applications on your device to an absolute minimum. Each application represents potential undiscovered security flaws. I recommend scrubbing your list of installed applications every three months and uninstalling anything you have not used during the previous three-month period.
to be continued w part2 my friends...
Basic Computer Settings/Setup & Security
Re: Basic Computer Settings/Setup & Security
What's up profalf, here near... in a big tutorial/lesson the knowledge you provided in this post 
, I would like to read more about the methods you have, but your profile is private I think, or it's me that I can't enter because I'm relatively new xD, but I would love to read more about the techniques you provide in these wonderful posts jejejeje
What else do you recommend for the impossibility of access to our computers?
greetings!
@Near@
, I would like to read more about the methods you have, but your profile is private I think, or it's me that I can't enter because I'm relatively new xD, but I would love to read more about the techniques you provide in these wonderful posts jejejejeWhat else do you recommend for the impossibility of access to our computers?
greetings!
@Near@
Re: Basic Computer Settings/Setup & Security
Thank you for this post ! Do you have another informative post on security or hacking ? If so could you PM me the links