Encrypted Chatrooms & VoIP Applications

Encrypted chatrooms and VoIP services, such as like WhatsApp and Telegram, are not only great for business communications, but they critically important for human rights defenders and political activists fighting around the world – especially in at risk or oppressive countries. It is important to understand that even if you are living in a country which has banned Tor, VPN’s or applications such as Telegram, and you are afraid to use/install those programs out of fear of persecution, encrypted chatrooms can be equally as easy to use and remain 100% legal to boot.

For example, even in countries like Egypt, Iran, Pakistan – et cetera – which have either outright or periodically banned VoIP services such as Telegram and Viber, other chatroom-based services like Chatbox or Slack are still free and legal to own, and can be used to protect private communications all the same. In fact, political activists in countries such as Ethiopia and Egypt are known to have used encrypted chat services to safely coordinate communications, rallies and protests in times of great civil unrest, such as during the Oromo protests and Rabba Massacre. I know this because I was there on the front-lines helping to set up their accounts.

It’s usually free to sign up for these services, and all you need is a verified email address or phone number to login. Then, once enrolled, you can encrypt your chatroom by setting up a custom name/URL for it and requiring password authentication for entry. This assures that only the people you give the URL address to will be able to find it, and only those who know the password to it will be able to enter. Additionally, once set up, you can even set up individual channels within the chatroom itself for a duel level of security/encryption. This includes setting custom rules for different channels, such as requiring Administrator approval for access. This assures that if even someone is able to brute-force their way into your chatroom itself, there are still protocols in place to protect individual communications and information within the chatroom itself.

Additionally, especially if you are doing activism or human rights work, or feel that your life/security could be in danger for the work you do, it is always recommended to never use your real life identity or personal email accounts to set up an encrypted chatroom or channel. Instead, you should always create an online alias and use it to register a new account within an encrypted email service provider, such as ProtonMail or Tutanota. Obviously, this advice need not apply for those of you who are using these services for business purposes. Lastly, some chatroom services actually offer built in video chats, allowing for a third means to make secure voice connections outside of standard phone calls or VoIP services.

For more information on how to keep a safe, private and Anonymous identity online, please read the following tutorial: https://anonhq.com/anonymous-security-guide-2-0/

For more information on different encrypted email service providers and how you can make the switch, please read the following link: https://roguemedia.co/2019/11/02/making-the-switch-to-encrypted-emails-2/

Best/Top Chatroom Service Providers:

Voice Over Internet Protocol (VoIP):

While VoIP services are not necessarily essential for everyday phone use, they do offer critical protections for political activists, journalists, researchers and citizens living under oppressive regimes all around the world. VoIP stands for Voice over Internet Protocol, which is just a fancy way of saying they transport all calls and messages over established internet connections, rather than routing them through your telecommunications or phone service provider – such as AT&T or Verizon.

In areas like the United States and European Union, VoIP services are important to own because they prevent your data from being intercepted, recorded or stolen by telecommunications companies and other interested 3rd parties, such as Governments, thus protecting any information you send across the wires. VoIP services also offer the ability to encrypt messages or calls between like users, further protecting customer privacy. By comparison, both of these options are unavailable on standard text messages or phone calls straight from your phone provider. In politically oppressive countries around the world, VoIP services are even more important because they offer a critical means to bypass Government imposed restrictions or blockades on national telecommunications on a local level, while also allowing users to make international calls entirely for free.

While this might sound a bit complex or advanced, once installed, operating a VoIP connection/application is no more different or complicated than making a regular phone call or sending traditional text messages. Instead of using your normal texts messages or phone App, you simply download a VoIP App and log into that to make/receive calls and texts – it’s literally that easy. Lastly, VoIP connections offer a secondary means to reach your contacts, should your phone lose service, go out of cell tower range or come under blackout. Rather than relying on the signal strength of your network service provider of choice, all you need is an active internet connection to utilize a VoIP services.

The Best/Top VoIP Service Providers:

 

Securing Social Media

As always, strong password protection is the number one priority for securing social media accounts. This includes using your phone to enable two factor authentication (2FA) for them. Due to the simple fact that social accounts usually hold far less important data/information than emails, I am willing to bet anything that close to 100% of all hacks against your social accounts will be deterred if you simply enable 2FA for them. It is also a widely known fact that more social accounts are compromised as a result of weak passwords than any other single factor.

Password Security Guide + 2FA: https://roguemedia.co/2019/10/30/tutorial-learning-how-to-write-remember-un-hackable-passwords/

While using your social media accounts, just as with emails, never open a message from or click on links by users, senders or accounts you do not know personally, were not expecting to hear from or haven’t done business with in the past. As I have already with emails, hackers can phish your social media accounts all the same. Moreover, it is actually much easier for a hacker to uncover your “IP Address” through something like Facebook Messenger than it is through email. This can also be done without you clicking on any individual hyperlink. For example, you can find someone’s IP when engaging them on Facebook by using a simple sequence of “cmd commands” – which are freely available on every Windows device.

Like your mother always told you, never talk to strangers – especially online 😉

You can add an extra layer of security to your accounts by preventing them from being “indexed” by search engines and web crawlers. This can be accomplished by making small changes to your account settings. By default, the largest social media platforms are all designed to connect to search engines like Google, Bing or Yahoo, in order to make social networking more accessible and convenient for everyone. However, allowing your account to be indexed means that theoretically anyone in the world could search for and find your account if they really wanted. Whereas if you disable your account from being indexed then the only people you personally give your account information to will know where to find it.

To do this, simply go under your accounts setting, scroll to Privacy Settings and uncheck the “Public Search Results” box. This will remove your profile’s page from Google, Bing, and Yahoo search returns. This is also a security practice instructed to Federal Employees and members of the US Defense Department.

Email Security Strategies

Before we begin, you can have the most advanced cyber security practices and anti-virus in place, but if you do not have a strong enough password to secure your devices or online accounts, all your security measures might as well be useless. As I have already explained in a previous tutorial, more people are hacked as a result of weak passwords than any other single factor. With that established, the 2nd most common way to hack someone is through their email inboxes or accounts – just ask Hillary Clinton, John Podesta, John Brennan and the DNC about that.

Make no mistake, if some of the worlds most powerful people can have their personal emails hacked, so can you. This is also why learning how to practice better email habits should be of the upmost importance for you heading into the future.

What To Avoid & How Email Hacks are Pulled Off:

While browsing through your email account(s), never open a single email or click on any link(s) from a sender you do not know personally. It might seem harmless, but the simple act of curiously opening an email or clicking on a link within an email can open Malware or register and transmit the IP Address of the device you are using to the sender of that email or link.

When a hacker sends compromising emails or links to your personal inbox it is a technique known as “Phishing,” and it is perhaps the most common form of cyber-attack you will ever encounter. I am willing to bet that everyone whom has ever owned an email account has seen a phishing scheme at one point or another in their lifetime, whether they were even aware of it or not. This is also why it is important to not just leave your email out in the open for all the world to see, or blindly pass it around to so many pages across the internet – especially if you have something to lose.

Believe it or not, there are even free and public services which allow any person to secretly attach a program to any given link or email they send, which automatically transmits data such as your IP Address as soon as you open it. This type of program also reveals things like the time of day you clicked the link, the type of browser you were using and how long you kept the window open. This is also what is referred to as a “trap-link.” The most common of which comes in the form of an “IP-logger,” which automatically registers the data of any device that clicks on it. While this might sound extremely complicated or foreign to you, again, regardless of the legality of it all, there are actually multiple free services, platforms and tools available on the internet for people to do just this.

Needless to say, always use caution and judgement when clicking on any links in your inbox, online chat, message or social media network alike – especially from people/sources/senders you do not know/trust or have never done business with directly. Lastly, getting your IP logged is the least of your concerns – it’s just the most common practice. Typically, hackers will “Spear-Phish” different/specific emails with malicious links that can secretly upload or install malware onto a users device, granting further access to their information. Additionally, every file you download should be immediately scanned by your anti-virus, because Microsoft Word documents and weaponized pdf’s are increasingly being used by the world’s most sophisticated hackers – because these are the most widely downloaded types of documents online, making them the easiest means to widely install malware on more peoples devices.

Separate Your Inboxes:

A good practice is to also use separate accounts for different purposes. For example, use a separate email account for your online banking and/or business than you would use for family, friends, or subscribing to magazines. This ensures that if one account is ever breached or compromised, not every aspect of your life gets compromised along with it. Additionally, use separate passwords for separate accounts and always reserve your strongest passwords for your most important accounts. You should also utilize two-factor authentication whenever and wherever possible.

If you are a website domain owner, or own multiple email accounts, you can also secure your personal or business inbox behind a mail forwarding service through your domains DNS settings or an alternative service provider. Selecting this option will allow you to pass out an email address without actually revealing the true end destination where those emails will be sent, essentially turning the mail forwarding address into an “alias” or “proxy” for your real account.

If you would like to learn more about alternative/encrypted email service providers, as well as why you should consider making the switch to them, please utilize the following link: https://roguemedia.co/2019/11/02/making-the-switch-to-encrypted-emails-2/

If you need help learning how to read, write and remember stronger passwords to secure your online accounts, please utilize the following link: https://roguemedia.co/2019/10/30/tutorial-learning-how-to-write-remember-un-hackable-passwords/

Making The Switch To Encrypted Emails

This past February a US judge ordered Microsoft, an American based tech company, to honor the search warrants of American law enforcement agencies requiring the company to hand over any/all data, emails and the like which the company stores on servers located overseas. The ruling came in direct contradiction to a previous ruling from a Federal Appeals Court in August of 2016, which upheld a US Circuit court ruling from July 2016, prohibiting the US Government from seizing data stored on servers located outside of US borders.

The principle behind this case is very simple to understand, does the United States Government have the right to demand foreign businesses located outside of the United States hand over their records to the United States Government if that company happens to do business with a US citizen? In other words, are foreign nations forced to abide by US law and comply with all US based legal requests? Well, according to the most recent ruling, as of February 2017, at least as far as US courts are concerned, the answer is “yes.

What Other “Authority” Does The US Government Have?

Let’s use the world’s most popular email service provider as a quick example – Gmail. Quite literally, everything you do on your Gmail account is accessible by Google at any given moment in time. After-all, you are using their service. If the US Government ever wants to see your account or any of the information on it, then all they have to do is pull up the file of a generic document, insert your name on top of it, print it out and just like that they magically have a “subpoena” to obtain all of your information from Google.

Despite how simple of a process this is, it is all groundbreaking stuff too. Believe it or not, it was not until May 2016 that the US government even needed to get a warrant or legal document of any kind to search through all of your personal emails. Don’t believe me?

Read More – Email Privacy Act of 2016: https://www.congress.gov/bill/114th-congress/house-bill/699

For you international folk out there, the news isn’t much better. You see, the US Government has its own private court known as a FISC court which, historically speaking, blindly grants “99.96%” of all warrant request brought in front of it – but who’s counting, right?

With that out of the way, all of the information above only goes to show how easy it is for the US Governments to go about obtaining all your data “legally.” But as I think we are all aware by now, agencies like the NSA or CIA do not necessarily care about US law and have the very real authority to act outside of it – #PatriotAct. To be fair, this does not necessarily mean that someone working for the US Government is literally watching/reading every single email you write every minute of the day, but they theoretically could be if/whenever they wanted to.

To that very point, early in 2016 Google came out with a press release addressing how “state-sponsored hackers” had breached over 1 million Gmail accounts over the course of that year. This was also not an isolated incident and it’s not just Google which has been targeted by these types of breaches. Literally hundreds of millions of Yahoo and Hotmail accounts have also been exposed over the years.

Read More – 3 Billion Yahoo User Accounts Hacked, Including 500 Million Email Addresses: http://money.cnn.com/2017/10/03/technology/business/yahoo-breach-3-billion-accounts/index.html

So far I have only addressed how easy it is for the US Government and/or law enforcement agencies to access all of your personal accounts/information, this does not even account for all of the non-Government organizations or hackers out there or oppressive regimes located in countries all over the world. In fact, I am willing to bet that at least 95% of all hackers worldwide are non-Government affiliated. Moreover, Hillary Clinton, the DNC, CIA, John Brennan and John Podesta should all serve as evidence for just how easy it can be for hackers to compromise anyone’s email account if they really want to – even some of the most powerful people in society.

Quite frankly, there is a reason why politicians and members of the Armed Forces are told never to use their own personal or private email accounts, because none of these services are properly protected or encrypted! While members of the Government and Armed Forces use their own private versions of encrypted email services which are NOT open or available to the public sector, thankfully, there are a number of free and paid email encryption services out there open to the general public.

For Example:

Mailfence

Mailfence is a relatively new company globally, but one which I have already placed at the top of all encrypted email service providers. Mailfence operates their servers out of Belgium, a country internationally renown for having some of the strongest and most resolute privacy laws in the world. Unlike the United States, every surveillance request or request for information inside Belgium, including on Mailfence’s servers, must be legally brought in front of a Belgium judge and proven in court as legitimate. In this way Belgium protects user data and business confidentiality in a way that no other country in the world does.

Sign Up/Create an Account Here: https://mailfence.com

ProtonMail

This email service provider offers free end to end encryption and hosts its servers in Switzerland, outside of US jurisdiction – theoretically. When signing up, at no point in time are you asked for any personal information and you do not need to attach any other emails account or phone numbers in order to register. This service also utilizes 2-factor authentication to log in, preventing hacking attempts. ProtonMail has also partnered with humanitarian organizations around the world, such as Amnesty International, in order to help fight back against Government surveillance and cyber censorship in developing countries around the world.

On a lighter note, if you are a fan of the Television drama “Mr. Robot” this is Elliot’s email provider of choice on the show.

Sign Up/Create an Account Here: https://protonmail.com/

Tutanota

This is another free encrypted email service that has become quite popular in recent times. In fact, earlier in 2016 Tutanota officially surpassed 1 million accounts – becoming the world’s largest encrypted email service provider. In 2017, Tutanota then went on to surpass 2 million accounts, furthering the countries rock solid reputation as an industry leader.

What makes Tutanota unique is that the company makes their source code “open source,” meaning that security researches investigate for themselves the level of encryption they are receiving. For all you n00bs out there, making your source code public record and still not having it hacked proves just how good the code really is.

Sign Up/Create an Account Here: https://tutanota.com/

Tutorial: How To Fit +13,000 Terabytes of Data On A 15 Gigabyte USB Stick

Over the course of the last few months I have been neglecting my primary business site, so I figured I would write a brief article here today and combine it with my online tutorials series. Today’s article is simple, really, instructing internet users how easy it is to host and store massive amounts of data with even the simplest of technologies. Say for example you own a 15 GB USB stick, most people think that you can only hold 15 GB of data on it – right? However, as I will attempt to demonstrate, not only is this untrue, but given the right amount of knowledge and skill, you can actually host thousands of Terabytes worth of data on a simple 15 Gigabyte USB stick. In the remainder of this article, I will attempt to do my best to explain why you might as well look at a 15 GB data stick as home to potentially infinite amounts of data storage.

The perfect example of this phenomenon can be observed with WikileaksDeadman’s Switch” insurance file, which contains approximately 88 GB of data, but offered to the public in the form of a 110 KB torrent file download. For some perspective on this figure, you can fit 1,000,000 Kilobytes (KB) in 1 GB of data. So, if a 100 KB Torrent File essentially equals 88 GB of data storage, this means you can store approximately 13,200,000 GB of data on a 15 GB USB Stick – or 13,200 TB. Mind 💥 yet?

Download Wikileaks Encrypted Torrent File: https://file.wikileaks.org/torrent/2016-06-03_insurance.aes256.torrent

Proof of Concept:

100 KB Torrent File = 88 GB Storage

100 KB of Normal Storage Space x 10,000 KB = 1 GB of Storage Space

88 GB x 10,000 = 880,000 GB of Storage Space in a 1 GB Torrent File

1 TB of Data = 1,000 GB of Data

880,000 GB x 15 GB = 13,200,000 GB or 13,200 TB of Data Storage in 15 GB USB Stick

As the math is clear, you can see that it’s indeed possible to store well over 13,000 Terabytes of data on something as small as a 15 Gigabyte USB stick – the standard size available at most computer hardware stores, at least here in the US. As for how to compress a file into a torrent, this is also extremely simple given the right software. In fact, making a torrent file is literally as easy or takes up as much time/energy as creating a zip file. All you need to do is install a 3rd party torrenting program, some of which you can find below, then use the programs setting to upload and compress your file into a torrent. It’s literally as easy as clicking 3 buttons!

Sample Demo Using uTorrent:

While this may be somewhat of an extreme example, you can also dramatically free up storage space by combing all of your documents/files into a singular or multiple zip files – drastically freeing up vast amounts of storage space on your computer or USB stick. For the purposes of this article I did not do the exact math for zip files, as torrents far and away compress the greatest amount of data into the smallest of locations.

Lastly, most people tend to stay away from torrent files because they think they are “illegal,” but this is merely just a fallacy. You see, just as with anything else in life, torrent files are what you make of them. It just so happens because of their storage capacity, most people on the DarkNet use torrents as a means to easily transport large amounts of data – usually illegal or stolen. However, a torrent file itself is only as illegal as the information you put on it. Meaning that it is only illegal if you put illegal information on it. If you are simply using your own files from your computer or work, you have absolutely nothing to worry about.

Top Torrenting Applications:

BitTorrent: https://bittorrent.com/
uTorrent: https://www.utorrent.com/
qBitTorrent: https://www.qbittorrent.org/
BitComet: https://www.bitcomet.com/en/
Vuse: https://www.vuze.com/

Criteria To Consider When Purchasing A VPN

I read somewhere recently that there are over 500 VPN companies world-wide in 2019, but what really separates one from the other? How can you be sure which company is best? Well, yesterday I came across this list from Comparitech Privacy Advocate and Raul Bischoff, which is think constitutes the best explanation I have seen to date – which is why I am republishing it here today.

Please note that VPN’s are not a tool for criminals, they are tool through which you can protect your own fundamental rights to freedom and privacy – rights which Governments all around the world are slowly but surely trying to take away from us. So, when you read about Anonymous forms of payment below, this doesn’t mean researchers are trying to show you something dark or illegal, but are rather pointing out which companies are willing to go the furthest to protect your data, identity and privacy – ideals which should be at the heart of any/every VPN specific company. After-all, this is literally the only purpose a VPN serves.

1.) Traffic logging policy: Traffic logs refer to records of user activity and the content they viewed while using the VPN. A VPN provider should have no traffic logs of any sort whatsoever.

2.) Metadata logging policy: This refers to logs that contain the source IP of users. Not considering bandwidth or timestamp logs, which contain no identifying information.

3.) VPN protocol: Must use a secure VPN protocol such as OpenVPN, L2TP, SSTP, or IKEv2.

4.) Channel encryption: Must use the AES 128-bit algorithm or higher.

5.) Authentication protocol: Must be SHA256 or better. SHA1 has vulnerabilities, but HMAC SHA1 is arguably still safe and doesn’t suffer from collisions, so points are not deducted for HMAC SHA1.

6.) Key exchange: RSA and DH keys must be 2,048-bit or higher.

7.) Perfect forward secrecy: Session keys cannot be compromised even if the private key of the server is compromised.

8.) DNS leak protection: DNS leak protection must be built into the provider’s apps.

9.) WebRTC leak prevention: WebRTC leak prevention must be built into the provider’s apps.

10.) IPv6 leak prevention: IPv6 leak prevention must be built into the provider’s apps.

11.) Kill switch: VPNs should have a kill switch that halts traffic when the VPN connection drops is a must.

12.) Private DNS servers: The provider must operate its own DNS servers and not route DNS requests through the default ISP or a public provider such as OpenDNS or Google DNS.

13.) Servers: Physical server are preferred.

14.) Anonymous payment methods: Accepting Bitcoin as payment earns the point, but also take note of those who accept gift vouchers and other cryptocurrencies.

15.) Torrenting policy: Downloading via BitTorrent must be allowed.

16.) Country of incorporation: Special consideration if a VPN is incorporated outside of the 14 Eyes: Australia, Canada, New Zealand, the United Kingdom, United States, Denmark, France, Netherlands, Norway, Germany, Belgium, Italy, Sweden, and Spain.

Learn More – Data Servers v Country of Origin: https://roguemedia.co/wp-content/uploads/2019/10/Data_v_Country.pdf

Read Full Doc:

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/10/Data_v_Country.pdf”]

** If you cant navigate the document, hover your mouse over the pdf (above) and notice the up and down arrows at the bottom left. These will help you flip through the pages **

 

How and Why To Re-Rout DNS Through Your Computer or Phone

In a few of my previous tutorials I briefly touch on DNS re-routing, but never really get into it in full details, so I figured why not here today? Before moving forward, learning to re-route your DNS is important because it is a means of protecting your personal data, devices, network connectivity and internet traffic away from the spying or prying eyes of your Internet Service Provider (ISP), Government and any other interested 3rd parties, such as advertisers or even hackers. As for how DNS works or how switching it effects your internet connectivity, I think the short video below is the best demonstration. It explains how DNS re-routing configures your computer or phone to connect through a DNS server first, in order to connect to a website second – instead of connecting to a server owned by your ISP to connect to that same website, get it?

While there are number of ways to re-route your DNS and different services providers to choose from, for the purposes of this article, I consider the following to be the worlds best “Top 3” – Cloudflare DNS, IBM Quad 9 and Google’s Public DNS. As you can read below, each of which have their own unique benefits.

Cloudflare DNS:

Ipv4: 1.1.1.1
Ipv6: 1.0.0.1
Ipv6: 2606:4700:4700::1111
Ipv6: 2606:4700:4700::1001

Cloudflare DNS is my personal DNS provider of choice, installed on both my computer and phone. As for why I choose them, this is because Cloudflare DNS anonymizes IP Addresses, deletes logs daily and doesn’t mine any user data. Additionally, Cloudlfare DNS also offers security features not available in many other public DNS service providers, such as “Query Name Minimization” – which diminishes privacy leakage by sending minimal query names to authoritative DNS servers when connecting to websites.

Learn More – Cloudflare DNS: https://www.cloudflare.com/learning/dns/what-is-1.1.1.1/

IBM Quad 9:

Ipv4: 9.9.9.9
Ipv4: 149.112.112.112
Ipv6: 2620:fe::fe
Ipv6: 2620:fe::9

IBM Quad 9. Whereas Cloudflare may be more beneficial for activists and researchers, IBM Quad 9 on the other hand is probably of more benefit to your average home owner, parent or business owner. This is because Quad 9 routes your internet connections through DNS servers that actively blacklist known malicious websites, as well as websites which have previously been compromised by data breaches. In addition to this, Quad 9 servers also protect your internet’s incoming/outgoing connections as a means of preventing any of your devices from being caught up in a botnet. Quite simply, this means that while on Quad 9 servers, you never have to worry about any of your devices being hijacked or caught up in any sort of DDoS or crypto-mining campaigns, even smart devices connected to the “Internet of Things” (IoT).

Learn More – IBM Quad9: https://www.quad9.net/

Google Public DNS:

Ipv4: 8.8.8.8
Ipv4: 8.8.4.4
Ipv6: 2001:4860:4860::8888
Ipv6: 2001:4860:4860::8844

Google Public DNS servers on the other hand are ideal for people in countries such as Ethiopia, Sudan, Turkey, Syria, North Korea and the like which are all known to have restricted, censored, shut down and/or sealed off access to certain portions of their national internet in the past. In fact, as you can see via the picture provided below, activists affiliated with Anonymous Cyber Guerrilla have literally spray painted Google’s 8.8.8.8 DNS in public places in times of National crises as a means of raising awareness and alerting citizens how to bypass local internet restrictions imposed by their Government – opening people back up to the global world-wide-web. In addition to bypassing regional internet restrictions, compared to ISP’s in some 3rd world regions, switching to Google DNS servers might actually help improve or speed up your load time/internet connection.

Learn More – Google Public DNS: https://developers.google.com/speed/public-dns/

No photo description available.

 

How To Switch DNS On Windows?

1.) Go to the start menu and type in “Settings,” press enter and then select “Network & Internet” options

No photo description available.

 

2.) Click on “Change Adapter Options

Image may contain: text

 

3.) Select the “Internet Connection” your are using then click on the “Properties” button when it pops up

No photo description available.

 

4.) Scroll through and individually select/click on “Internet Protocol Version IPv4” and “Internet Protocol Version IPv6” then press the “Properties” button again

No photo description available.

 

5.) Select “Use The Following DNS Server Address” and manually enter in your DNS service provider of choice – see IPv4 and IPv6 Addresses above – then press “OK

No photo description available.

 

That’s it, really. Generally speaking, the setup should be the same on your Apple PC just as well. It’s also important to note that you can actually do a mix-match of the addresses listed above. For example, you can use Cloudflare for IPv4, but then choose IBM for IPv6 – vice versa – and your internet connection will not be broken. Just so you are aware, while IPv2 usually signifies the country of origin or device where you are coming from, but most all devices on the world-wide-web these days connect to websites via IPv4 connections, making IPv4 the most important settings to modify.

How To Switch DNS On Phone?

Changing or re-routing the DNS settings on your phone can either be incredibly complicated or incredibly simple, depending on your level of skill/expertise. However, far and away the easiest means to go about accomplishing this is by installing a 3rd party App – either by going to your App, Apple or Google Play store(s). Simply just type in “Change DNS” to your search settings, press enter, and this should open up a whole host of options to choose from. Simply choose the one that you feel is best for you and enter in the Addresses listed above.

If You are A Little More Advanced…

OpenNIC Project. For those of you whom may be unfamiliar, “OpenNIC (also referred to as the OpenNIC Project) is a user owned and controlled top-level Network Information Center offering a non-national alternative to traditional Top-Level Domain (TLD) registries; such as ICANN. Instead, OpenNIC only operates namespaces and namespaces the OpenNIC has peering agreements with.

In other words, they are open DNS addresses, servers and proxies not indexed by global internet agencies or their Governments. Stay classy mi amigos 😉

Learn More -OpenNIC Project: https://www.opennic.org/

See Also – CyberGuerrilla Internet Censorship Care Package: https://www.cyberguerrilla.org/blog/anti-censorship-carepackage/

Online Tutorial: Building & Selecting Safer Web Browsers

As I was going about re-configuring my website and domains earlier this week I noticed something very interesting, while my SSL Certificate was in the process of being authenticated I was able to access my unsecured website on every web browser except for one; Mozilla Firefox – which would not allow me to connect to the web page in order to keep me protected.

Just so you understand what I am talking about here, browsers like Microsoft Edge, Google Chrome and Apple Safari will all freely allow you to access a web page which has the potential to compromise your security – including websites which do not have an authenticated or verified SSL Certificates. This is because these web browsers are configured to be “convenient” and easy to use, security is either nonexistent or an afterthought on these particular browsers. With that said, there are a number of web browsers out there specifically designed around security, which also happen to be equally as easy to use/operate. Here are some of those browsers, along with some other helpful information to help you make more informed security choices online in the future.

Mozilla Firefox

Mozilla Firefox is considered by some to be the world’s most secure web browser. I say “some” specifically because many people would argue that Tor is actually the most secure browser out there. However, without Mozilla Firefox the Tor browser wouldn’t even exist. This is because Tor uses the source code of Firefox as the foundation to build their browser. As for why I personally consider Firefox more secure than Tor, this is because the DarkNet is inherently a much more dangerous place than the ClearNet, and you can’t access the DarkNet or Deep Web on Mozilla Firefox alone. Browsing through and interacting with the Deep Web, even while using Tor, naturally puts you and your security at a much higher risk.

What makes Firefox particularly unique is that much like WordPress.com, the browser allows you to install various Add-Ons, extensions or plugins that can help you maximize your security. For the purposes of this article, if you are going to use Mozilla Firefox, I highly recommend that you install NoScript, HTTPS Everywhere, Ad Blocker Ultimate and Disable WebRTC connections. There are more plugins than I could possibly mention here, those are just some of the most important ones you can install specifically in terms of online security.

WebRTC is a little talked about “glitch” that allows third parties to circumvent your security and compromise your systems, even when you are using a VPN or Proxy service. As of today, Mozilla is the only web platform I am aware of that allows you to disable all WebRTC connections entirely. By comparison, other browsers like Google Chrome literally ban people from disabling WebRTC connections through their browser, as to allow US “authorities” like the NSA and FBI to more easily hack and track users online if need be. However, non-Government hackers exploit WebRTC all the same as Federal hackers, and for all the same reasons.

Download Firefox Here: https://www.mozilla.org/en-US/firefox/download/

Tor

I understand that the Tor Browser has gone on to develop a slightly negative reputation in today’s society but, believe it or not, the Tor Project was first developed by and still receives a majority of its funding from the United States Department of Defense. It is important to understand that even though some people use Tor to do some pretty bad or illegal things, just like anything else in life, the browser is only what you make of it.

Tor was not developed for criminals, it was first developed by the US Government in order to keep agents, operatives and members of the Armed Forces safe and secure online. It just so happens that over time the browser and its systems were hijacked by criminals and terrorists alike, whom also need to remain hidden and secure online for many of the same reasons as Government employees.

The Tor browser works by bouncing your internet connection through thousands of individual “proxy servers” around the world on a perpetual randomized time loop. At any given moment in time your internet connection could be bouncing from Thailand to Venezuela to Canada and theoretically anywhere in between, concealing your computers identity and making your internet activity essentially impossible to trace. In addition to redirecting your internet traffic away from the eyes of your Internet Service Provider, it also conceals the IP Address of the computer you are using behind a proxy. This is particularly important/valuable for political activists and human rights defenders living in oppressive countries all around there world, where peoples online activity can get them arrested or killed. Since the browser directs all of you online activity to different countries around the world, this allows activists to remain hidden from their Governments while also granting them access to any sites banned or restricted by their respective Governments.

It is important to note that Tor is perhaps the best web browser at preventing or deflecting an active hacking attempt against your computer. However, I would never use Tor for things like credit card transactions or editing/customizing your personal website. This is because anytime you are using a proxy you are using someone else’s connection. While this may hide your internet activity from 3rd parties, it makes you internet activity available specifically to the owner of whatever proxy server you happen to be using at that time, and not every proxy server exists with honorable intentions – though “most” Tor exit node operators tend to be trusted activists.

Download Tor Here: https://www.torproject.org/download/download-easy.html.en

Opera

Opera is a little known web browser that has traditionally had a minuscule following throughout the past. However, in 2016, Opera started to gain a more main stream following, particularly with the cyber security community, after the browser started to become standard with a built in VPN. This means that the Opera browser stands in front of your computers IP Address while you browse the internet and your activity will remain hidden from your Internet Service Provider and/or 3rd parties. While the VPN is far from the strongest of safest on the market, it is still a very unique feature that has helped the browser grow in popularity over the years.

Download Opera Here: http://www.opera.com/

Epic Privacy Browser

One of the newer browsers on the market, Epic is specifically designed around online security. Each time you close the browser all of your cookies and tracking information is automatically deleted, preventing any websites from remembering or recording your previous activity. Similar to Opera, the Epic Privacy Browser also connects your computer through the companies own servers, acting as a proxy service for your device. This prevents any hackers/websites from recording the IP Address of the device you are using to browse the internet. Additionally, much like Mozilla, the browser will not allow you to connect with or access any site that does not have a recognized SSL Certificate.

Download Epic Here: https://www.epicbrowser.com/

Browser History, Cache & Cookie Management

If someone gains access to your computer for malicious reasons one of the first things they are going to want to do is check your browser history to gain access to websites and accounts that you frequent the most. Just think for a moment about all the pages you visit online, that you do not need to log into every time you visit. While this may be convenient for your personal browsing habits, it is also very convenient for hackers.

For this reason, you should always delete your browser history and clear all browser cookies on a fairly regular basis. You would be surprised to know how much information your browser stores/remembers about you, until you delete it all. Please note that some browsers offer to delete cache and cookies through the settings menu and some anti-virus programs also offer to do the same. However, if you cannot find or do not own these programs, one of the best programs to clear history, cookies, cache and everything else is known as CCleaner and it is completely free and open source for anyone to own. The “C” in CCleaner literally stands for “Crap,” because the program deletes all of the useless crap your computer happens to store about you. The program itself is entirely free to own, but it is one of the most effective programs on the market. For example, even multi-billion dollar tech companies are known to use the program on a regular basis.

Download CCleaner Here: www.ccleaner.com/download

Online Tutorial: Phone Security

1.) Encryption

Encrypt your entire Operating System (OS). Phone encryption is the first line of defense for whichever phone you happen to use, ensuring that no one can even so much as turn on your device without the proper credentials. It is important to understand that encrypting your phone and setting a screen lock for it are not the same thing. It is also important to understand that, depending on the type of phone you have and who manufactured it, screen locks can be bypassed by 3rd parties – such as hackers – as well as through different back-doors found within various software applications/programs you’ve installed on it. Encrypting your phone on the other hand encrypts your entire operating system all at once, requiring password authentication for the phone to even boot up and power on in the first place – ensuring that no App, program or file can be exploited or corrupted to gain full access to your phone.

Depending on what type of phone you have, your settings might come with a built in feature allowing to encrypt individual Apps. If not, you can install a firewall application for that – more on this later on in the article. If you are unfamiliar where to find your phones encryption options, they are available in the “security” section under the main settings menu. Please note that it can take an hour or more to fully encrypt your phone, so it’s important to always begin with a fully charged battery.

Select an appropriate screen lock. Screen locks are a different form of encryption in a sense, ensuring that no one can use/operate your phone when you lose it, are away from it or leave it out in public. As far as how you set it up, there are 4 different options to choose from – each one having its pro’s and cons.

  • Password Lock. Users will be required to enter a unique password consisting of letters, numbers and symbols to unlock your device. Personally, I believe password protection to be by far the most secure of all options. However, for the same reason, it could be considered the most “inconvenient, because it requires the most amount of time/attention to enter every time you wish to unlock your device.
  • Pin Lock. Pin locks work exactly like password protections, only they exclude letters and symbols. Meaning that users will be required to enter a pass-code of random numbers in order to unlock your phone. For the very reason that pins exclude letters and symbols, they are a little less secure than passwords, exponentially decreasing the theoretical number of guesses it would take to crack/unlock your device.
  • Pattern Lock. I am finding that this is becoming the most “trendy” screen lock these days, simply requiring users to use their fingers to “connect the dots” and draw a unique pattern on the front of their screen before it unlocks. However, I find pattern locks to be less secure than some of the other options, because there is a much higher probability of successfully drawing a random pattern to unlock a device than their is guessing an advanced password or pin.
  • Biometrics. The newest “craze” is security is using your own fingerprints, eyes, face or facial expressions to unlock different devices. However, while these options may be the most convenient and fastest, they are also by far the least secure. I say this because multiple studies have proven how easy it is to trick biometric security measures, and often times the pictures off your own social media accounts are enough to bypass them.

Password/Pin protect your SIMor SSID card. It is important to understand that encrypting your operating system and setting a screen lock will do nothing to protect your data cards or memory chips, securing those is an entirely separate matter. So lastly, you are going to want to encrypt/password protect your SIM and/or SSID card. To do this simply enter into the security options within your phones main settings menu, find/select your memory chips and create a unique pin lock for them. This ensures that no matter where your memory chip goes or whatever phone/device it’s plugged into, no one will be allowed to access your contacts, photos, videos, messages, files or data without entering the correct pin code first.

If you would like help learning how to build strong and easy to remember passwords to encrypt your accounts/devices, please read more in the tutorial provided below.

How To Write Un-Hackable Passwords: https://roguesec.co/how-to-write-un-hackable-passwords/

2.) Firewalls

Some phones come pre-installed with various firewall options, but if yours does not then there is a sizeable number of firewall Apps to choose from. Firewalls are critically important to security because they allow users to seal off or block different Apps, limiting the possible points of entry for hackers or other 3rd parties. Depending on the type of firewall you select, you may also have the option to encrypt individual Apps on your phone, adding a 4th layer of encryption to your device while ensuring that even if someone is able to unlock it, they will not be allowed to use selected Apps without further permissions. This is particularly important/helpful if you utilize different types of chatrooms, group chats for work or VoIP services.

Perhaps most importantly, firewalls severely limit potential abuses of your phone. You can select different options to completely seal off individual Apps altogether, or seal off different settings/areas of your phone from outside sources.Not only does this prevent hackers from using selected Apps to compromise your phone, but at the same time it prevents App owners themselves and other 3rd parties from gaining access to your phone all the same. Firewalls also protect against unwarranted data collection of your phone, including call/text history and general phone usage. More importantly, building a strong firewall and sealing off selected Apps can free up memory space/data usage, both speeding up your phone and saving battery life. If there are Apps on your phone that you’ve never used a single day in your life, or you feel may be spying on you/invading your privacy, simply use your firewall to disable them altogether with the click of a button.

On a similar but side note, never blindly give every App different permissions just because they ask for them. For example, when first navigating a new phone you might find that you are regularly asked to allow different Apps to do random things, such as collect data or record audio/video. It might seem harmless, but think about it for a second. What the hell does the Google Chrome web browser possibly need to record audio for? The simple answer is it doesn’t, you are only being set up to have your phone hacked by authorities and/or law enforcement officials at a later date in time – should they ever feel the need. By checking these options and blindly granting permission to different Apps, your are secretly granting 3rd parties the permission to ‘flip the switch‘ so to speak and turn your phone into a spy/recording device whenever they want. So, don’t fall for it. There is literally no need to give different developers that much permission over your phone.

3.) Manage Security Certificates

Similarly, you should seriously check out the security certificates or “Trusted Credentials” list which came pre-installed on your phone. On my Android ZTE for example, my phone was handed to me with over 100 different security certificates installed on it, some of which grant different Government agencies/offices direct root access to my phone without requiring legal documents or warrants of any kind – no exaggeration. You might not have been told about this when you bought your phone, buy they are there. Just a short list of some of the organizations which have direct root access to my phone; China Financial Certification Authority, CyberTrust, Deutsche Telekom, Hellenic Academic Research Institute, HongKong Post, Japanese Government, VISA, TurkTrust,Wells Fargo, as well as countless other organizations operating under different Government umbrellas.

Thankfully though, you do have the ability to revoke these certificates/permissions if you like. Simply find where these certificates are under your settings menu and disable whichever ones you desire. Just note that disabling some of the most fundamental ones, such as those issues by your telecommunications provider, may break access to different areas of your phone – but this is always reversible.

4.) Internet Security & Antivirus

Most people are always surprised to learn that the same measures used to secure your computer can often times be transferred directly to your phone, this includes things like VPN’s and antivirus. For the purposes of this section of the article, I would like to discuss different measures you can install to help protect your phone and keep your data that much more private/secured.

  • VPN’s: I am not going to get into a breakdown of what VPN’s are and how they work, it is just important to understand that you can install and utilize a VPN connection on your phone all the same as a computer. If you already own a paid VPN account, simply install the service providers App on your phone and establish a new connection through it. Your IP Address and internet connection will be secured all the same, just note that the internet speed of your phone will be effected a little more significantly than a computer, simply because a phone can not process as much information as fast as a computer can.
  • Proxy’s: It is another common misconception that you can’t utilize proxy connections or the Tor network on your phone, this is simply untrue. You can either hide your IP address and internet activity by installing the Tor App directly, or you can install something known as Orbot – developed by The Tor Project. Orbot transfers all data/network activity from your phone across various tor relays, essentially turning the Tor network itself into a giant VPN connection/encryption setting for all of your data and every last thing you do on your phone. Unlike Tor, Orbot doesn’t just simply protect internet activity – even the Apps developers profess itself to be a “full phone VPN.
  • Re-Route DNS: Another way to protect against data spying, 3rd party abuses or intrusive hackers is to re-route your DNS through different service providers. For example, I personally route all of my network activity through Cloudflare DNS servers for added privacy and security. IBM’s Quad 9 DNS service is another good option, blocking you from gaining access to known malicious websites while preventing your device from ever becoming part of or wrapped up in a botnet. You can do your own research to find other options which may be more suitable, but another popular option is Google’s public DNS service.
  • Install Different Browsers: Just as with computers, you can choose a whole host of different browser options, many of which are far more secure and private than Google Chrome or the built in web browser found on your phone. If you would like to learn more about browsers, as well as the different/added benefits of each, please utilize the following link: https://roguesec.co/building-selecting-safer-web-browsers/
  • Antivirus: Phone antivirus programs essentially work the same as computer antivirus’, only they are far simpler and much cheaper. A good antivirus program for your phone should cost anywhere from $2-5$ per month, and will protect your phone against malicious hyperlinks, scan all downloads for viruses, as well as prevent all of the most common/basic forms of cyber attack. Some phone based antivirus service providers, such as Kaspersky Lab, also come with built in VPN connections to secure your internet activity at the same time.

5.) VoIP Services

While VoIP services are not necessarily essential for everyday phone use, they do offer critical protections for political activists, journalists, researchers and citizens living under oppressive regimes all around the world. VoIP stands for “Voice over Internet Protocol,” which is just a fancy way of saying they transport all calls and messages over established internet connections, rather than routing them through your telecommunications or phone service provider – such as AT&T or Verizon. For this reason, VoIp services prevent your data from being intercepted, recorded or stolen by telecommunications companies and other 3rd parties, such as Governments, thus protecting any information you send across them. VoIP services also offer the ability to encrypt messages or calls between like users, further protecting your privacy. By comparison, both of these options are not available on standard text messages or phone calls. In politically oppressive countries, VoIp services offer a critical means to bypass Government imposed restrictions or blockades on national telecommunications. VoIP services also let you make international calls for free.

While this might sound a bit complex or advanced, once installed, operating a VoIP connection/application is no more different or complicated than making a regular phone call or sending traditional text messages. Lastly, VoIP connections also offer a secondary means to reach contacts, should your phone lose service, go out of range or come under blackout. Rather than relying on the signal strength of your network service provider, all you need to use VoIP services is an active internet connection.

The Best/Top VoIP Service Providers:

State Auditor: “Mississippi Shows Disregard for Cyber Security in State Government”

An internal audit of security systems, measures and protocols of the Mississippi State Government, at the hands of the states own auditor, is said to have revealed complete “disregard for cyber security” at the hands of Government employers and public universities – leaving the state particularly vulnerable to cyber attacks as we head deeper into the 2020 US Presidential election season.

As was reported by Mississippi’s State Auditor earlier this month, “As required by state law, the Auditor’s office sent a cyber security survey to 125 state agencies, boards, commissions, and universities. Only 71 state entities responded to the survey, and several respondents did not complete it. This leaves the status of cyber security in more than 50 state entities completely unknown.

Among the government offices that replied to the survey, the report shows at least 11 do not have adequate written procedures to prevent or recover from a cyber attack. Another 22 respondents have not executed a third-party risk assessment. Having a third party test the vulnerability of an agency’s server is a requirement under state law. Further, 38% of all respondents indicate sensitive information like health information, tax data, and student information is not being encrypted to protect it from hackers.

In short, the survey found over half of all respondents are less than 75% compliant with state cyber security laws.“”

Download Full Audit Report: http://www.osa.ms.gov/documents/Special_Reports/2019%20Cyber%20Security%20Report.pdf

Browse Report (3 Pages):

[pdf-embedder url=”https://roguemedia.co/wp-content/uploads/2019/10/2019-Cyber-Security-Report.pdf” title=”2019 Cyber Security Report”]

 

** If you cant browse the report, hover your mouse over the pdf (above) and notice the two up and down arrows in the bottom left, this will help you navigate the document **

97% of American Failed This Basic Cyber Security Test, Myself Included

For the first time in my life, I am actually a part of the majority. What I’m referring to are results from a new cyber security test launched by Google developers designed to see how well Americans are able to pick up on subtle security warnings/threats online. While I didn’t necessarily take the test seriously at the time and rushed through them just to see how it was structured, I did fail it nonetheless – despite writing extensive tutorials on phishing attacks, email security and website security. Maybe that explains why Rogue Security Labs doesn’t have a single customer, but who whom knows – right?

Conduced throughout the course of March 2019 and consisting of over 2,000 American adults over the age of 16, Google discovered that….

– Despite 55% of Americans saying they would grade themselves as A level experience in cyber security, 97% got at least one question wrong on a basic, six-question security test
48% of Americans say they would like to build their own websites in the future
45% say their websites would be designed around business, while 43% say their websites would be for hobby
– Only 20% of Americans have actually built a website at one point or another in the past
64% of internet users never realized they could be re-directed to a false website without their knowledge/consent simply by clicking on a link
42% of internet users didn’t realize there is a security difference between websites with http and https
29% of internet users have no idea what the “s” in https stands for, nevermind look for it

See Full Results & Take The Test: https://safe.page/survey

International Internet Censorship Care Package

For those of you who might be unaware, last month Egyptian voters allegedly passed new Constitutional Amendments that will allow Egyptian President Adbel Fattah al-Sisi to remain in power, unchecked, until at least 2030 – when the next round of national elections will take place. However, what has largely gone under reported is the fact that those same constitutional amendments also allow al-Sisi to block Egyptian based Internet Service Providers (ISP’s) from allowing access to over 34,000 websites – adding to countless other cyber/internet crackdowns enacted by the President over recent years.

Learn More – NetBlock Report of Egyptian Internet Censorship May 2019: https://netblocks.org/reports/egypt-filters-34000-domains-in-bid-to-block-opposition-campaign-platform-7eA1blBp

In response to these new amendments, and in addition to several other crackdowns against internet freedoms and freedoms of the press/information in and around Egypt, I’ve decided to release an internet based “Care Package” to the people of Egypt to better help them learn how to circumvent internet restrictions imposed by their President. Please share.

Egyptian Care Package Links/Tutorials:

Download Tor Browser: https://www.torproject.org/download/

Building & Selecting Safer Web Browsers: https://roguesecuritylabs.ltd/building-selecting-safer-web-browsers

Download Spybot Anti-Beacon: https://www.techspot.com/downloads/6747-spybot-anti-beacon.html

Top Free & Paid VPN Service Providers: https://www.cnet.com/best-vpn-services-directory/

16 Factors To Consider When Selecting A VPN Service Provider: https://roguesecuritylabs.ltd/criteria-to-consider-when-purchasing-a-vpn/

How & Why To Re-Route DNS Through Your Computer and/or Phone: https://roguesecuritylabs.ltd/how-why-to-re-route-dns-through-your-computer-and-or-phone/

CgAn Internet Censorship Care Package: https://www.cyberguerrilla.org/blog/anti-censorship-carepackage/

Encrypted Chatrooms & VoIP Apps: https://roguesecuritylabs.ltd/encrypted-chatrooms-voip-apps

Making The Switch To Encrypted Emails: https://roguesecuritylabs.ltd/making-the-switch-to-encrypted-emails/

Download ProtonVPN – Endorsed by Amnesty International: https://protonvpn.com/

Phone Security: https://roguesecuritylabs.ltd/phone-security

Operation Security by UnknownPress: https://iamanonymous.com/dont-be-burnt-toast-unknown-guide-to-operation-security/

How To Keep An Anonymous Identity Online: https://anonhq.com/anonymous-security-guide-2-0/