Git-Mirrors
/
into-the-crypt
mirror of https://0xacab.org/optout/into-the-crypt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added disclaimer to philosophy | DCM edits

This commit is contained in:
arcanedev 2023-01-13 19:00:40 +00:00
parent 54f123b3bc
commit 752bc27bae
No known key found for this signature in database
GPG Key ID: 13BA4BD4C14170C0
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@ -57,7 +57,7 @@
- [References](#references)
## Introduction
The digital age has ushered in a dystopia, at least for those unwilling to circumvent or stretch the bounds of the law. There is a significant gap in literature in regards to circumvention, largely due to this being an underground activity. It is pseudo-illegal; authors would be afraid that creations today will come back to haunt them. Exposing anti-forensic procedures will erode some of their operational security (OPSEC) in the process. This being said, not all of my tactics, techniques, and procedures (TTP) will be sand-grain granular. However, I hope the ideas described can be applied to help disguise yourself in the sand-swept dunes.
The digital age has ushered in a dystopia, at least for those unwilling to circumvent or stretch the bounds of the law. There is a significant gap in literature in regards to circumvention of surveillance, largely due to this being an underground activity. It is pseudo-illegal; authors would be afraid that creations today will come back to haunt them. Exposing anti-forensic procedures will erode some of their operational security (OPSEC) in the process. This being said, not all of the defensive techniques throughout this writing will be sand-grain granular. However, I hope the ideas described can be applied to help disguise yourself in the sand-swept dunes.
### General Premise
Several concepts will be reiterated throughout this work as security is a process that acts in layers (think about the layers of an onion that is commonly alluded to). Here is a layout of the general concepts that will be explained in further detail throughout this work:
@ -67,6 +67,7 @@ Several concepts will be reiterated throughout this work as security is a proces
- Prioritize Communications Security (COMSEC)
- Operate with minimal architecture
> For uninterested parties regarding the [philosophy](#philosophy) on why this was created, along with details on malfeasance / blatantly criminal activity of institutions (state-sponsored actors and NGOs), I recommend skipping this section and proceeding straight to the [Identifiers](#identifiers) section.
## Philosophy
There is now a concerted effort with the primary goal as follows: control the flow of information to expand the current power structure. If one controls the information, they control the perception, and subsequently the questions being asked. If those in power have you asking the wrong questions, you no longer are a threat to the system. If the language can be altered to prevent various forms of dissent from occurring, this manipulation will take the form of Orwellian double-speak. Double-speak is used to control our symbolic creation of thought. For example, freedom is slavery, ignorance is strength. As the Nazi propagandist, Joseph Goebbels, recorded in his diaries, "It would not be impossible to prove with sufficient repetition and a psychological understanding of the people concerned that a square is in fact a circle. They are mere words, and words can be molded until they clothe ideas and disguise." If we lack the capacity to understand what concepts such as freedom are, how could an individual defend the foreign concept? As Camus once said, "It is the job of the thinking people not to be on the side of the executioner," hence the conception of this book. The goal is to preserve freedom and autonomy by means of disrupting investigations.
@ -540,9 +541,9 @@ This wouldn't be a complete work on anti-forensics without some mention of physi
With nuances added from the modern surveillance state, traffic cameras force your hand by revealing every intersection which you have passed through. There are a few methods to circumventing this privacy infringement. Darkened weather covers for your license plate (Warning: This method could result in a fine with the wrong officer) or a well-rigged bicycle rack could prevent cameras from picking up your plate number. Alternatively, if a destination is within a few miles of proximity you could either ride a bicycle (with a disguise), or decide to become a motorcyclist. With motorcycles, the plate numbers are significantly smaller and could even be blocked by your feet on particular bikes. The helmet would stand to mask facial features, and the jacket would cover any identifiable features such as tattoos. While on the subject of tattoos, it is worth mentioning that Palantir has been involved in "predictive policing" leveraging footage obtained from traffic cameras to profile individuals.[^63]
Vehicles and privacy are starting to become a wicked problem ushered in by manufacturers. Almost every vehicle following 1996 has embedded systems, Onstar or the more modern Starlink, that have a default opt-in policy. They proceed to parade this "convenience" as a feature. Nearly all modern vehicles have multiple cameras, sensors, and Data Communications Modules (DCM) that accept/transmit GPS and cellular signals. Many vehicles report back your odometer reading in real-time. If you opt-out of their service, the data collection does not stop. There are only a few avenues out of nightmare. The first option is obtain the source code (assuming it's not black box code), gut the telematics, and proceed to flash the firmware to your vehicle via USB. Unlike flashing a cellphone where you run the risk of bricking the device and losing a menial 300-500 USD, here you are playing with an object that could run you anywhere from 10-40k USD. The second option is to disconnect the DCM and run the risk of losing base functionality to radio and speakers. This could also create certain hazards for your vehicle as many of the sensors tie in with the DCM. The third option is to become your own mechanic and maintain old vehicles from the 80's and 90's.
Vehicles and privacy are starting to become a wicked problem ushered in by manufacturers. Almost every vehicle following 1996 has embedded systems, Onstar or the more modern Starlink, that have a default opt-in policy. They proceed to parade this "convenience" as a feature. Nearly all modern vehicles have multiple cameras, sensors, and Data Communications Modules (DCM) that accept/transmit GPS and cellular signals. Many vehicles report back your odometer reading in real-time. If you opt-out of their service, the data collection does not stop. There are only a few avenues out of this nightmare. The first option is obtain the source code (assuming it's not black box code), gut the telematics, and proceed to flash the firmware to your vehicle via USB. Unlike flashing a cellphone where you run the risk of bricking the device and losing a menial 300-500 USD, here you are playing with an object that could run you anywhere from 10-40k USD. The second option is to disconnect the DCM, which could run the risk of losing base functionality to radio and speakers. If you are able to successfully surround the DCM with faraday shielding material, loss of base functionality in the vehicle to things such as speakers could be avoided. I should add the disclaimer that this has the potential to create certain hazards for your vehicle as many of the sensors tie in with the DCM. The third option is to become your own mechanic and maintain old vehicles from the 80's and 90's.
Vehicles aside, it should go without saying that any tech devices that you purchase will have some identifier that could lead back to you. Make this a moot point and procure every device (even USBs) anonymously with cash. If you're out on a distant road trip, make some of your purchases. Wear a hat accompanied with some baggy clothes. Perform a slight change in your gait as you walk (uncomfortable shoes could help with this). Alternatively, pay that bum off the street to do your bidding.
Vehicles aside, it should go without saying that any tech devices that you purchase will have some identifier that could lead back to you. Make this a moot point and procure every device (even USBs) anonymously with cash. If you're out on a distant road trip, make some of your purchases. Wear a hat accompanied with some baggy clothes. Perform a slight change in your gait as you walk (uncomfortable shoes could help with this). Alternatively, pay someone via proxy to do your bidding.
## Use Cases