Your hobby phone is not enough.

badhusband's Avatar
Bottom line is, don't let 'guests' on your computer. PERIOD! That'll minimize the risks ten fold. If a guest absolutely needs to be on your computer, make sure that they are supervised.
I have said this before in the Houston forums and maybe in the national ones.. but
using Ubuntu Linux on your hobby laptop (or desktop) can offer a level of security. When it installs and sets up the Home directory (its like the My Documents folder.. all your personal data goes there) you can encrypt it with a nice pass phrase... longer the better (no pun intended) if they remove the drive and slave it up to another pc, the data is STILL encrypted.

Or, get a nice sized USP thumb drive, install your apps on it and run them from the thumbdrive which is easier to hide.
I have said this before in the Houston forums and maybe in the national ones.. but
using Ubuntu Linux on your hobby laptop (or desktop) can offer a level of security. When it installs and sets up the Home directory (its like the My Documents folder.. all your personal data goes there) you can encrypt it with a nice pass phrase... longer the better (no pun intended) if they remove the drive and slave it up to another pc, the data is STILL encrypted.

Or, get a nice sized USP thumb drive, install your apps on it and run them from the thumbdrive which is easier to hide. Originally Posted by Spirit13

Plus going the USB route, you can use an Ironkey USB drive.
it does not need to be an IronKey drive (or any of those "secure" thumbies) if the history stays on the thumby then if they seize the laptop, there is a good chance they won't get the thumby ergo.. no evidence
lover_361's Avatar
She could have turned the tables on hubby since he helped with the pics, obviously gaining from her providing, or she could have told LE she was forced by hubby to do it because there was no money.
jframe2's Avatar
I have been using this non-install program for years. Very, very good security encryption.
Add the www in front -
safehouseencryption.com
txswing99's Avatar
I've been away from the board for awhile and accumulated a number of PMs with questions about improving overall security.

Forgive me for resurfacing this post, but I thought I would answer a few questions in response.

Laptops
I actually think that using a laptop for your (provider) business is a good idea; it requires maintaining good contacts, checking references and establishing schedules. It's hard to keep all that in your memory and generating a paper trail is a seriously bad idea. You can do alot with your smartphone however, provided you use some precautions -- see the phones section. If using a laptop, its a good idea to take some precautions along the lines described in my original post.

Creating a secure "hidden" OS in your laptop: The idea is that a provider can use one password to log on to a "hidden" desktop to conduct provider business and another password to log on to a "guest" desktop for her non-hobby activity. Everything is encrypted, but having the "guest" desktop gives you plausible deniability when your SO, friend, etc. simply wants to use the internet -- being too protective of the laptop can be suspicious -- or is questioning you about your laptop, email, etc. usage. TrueCrypt is free, open-source software that allows this feature and can be found at http:://truecrypt.org. This youtube video takes you through the steps to install it: http://www.youtube.com/watch?v=uQREbqocnmo. Generally I like to use a previously unused laptop -- new or refurbished -- and expect this process not to be for the faint of heart and to take several hours. A good tip: use your "guest" desktop occasionally for non-hobby activities -- it will give that desktop a "lived in" feel and shed suspicion.

Using the Internet
When inside your "hidden" desktop, its a good idea to make sure folks cannot trace which website you are going to. When connected through your home internet service, your SO or someone with a little tech-savyness can tell which websites you are visiting by looking at your internet hardware (i.e. router, cable modem, etc.). To ensure you keep your visits to eccie away from prying eyes, you can configure anonymous web browsing using the TOR service which hides your web destinations by securely connecting through middlemen systems (i.e proxies), thus hiding the final destinations. The following youtube video takes you through setting up with the TOR service: http://www.youtube.com/watch?v=XnJuS7XdY_o.

A good tip: use the TOR service every time you use the "hidden" desktop -- even when you are not worried about snooping. Because it is too easy to get sloppy and not use it when you definitely should and, more importantly, destination web sites can maintain information that allows your to be traced back to where you connected to the internet -- for an LE willing to go thru the trouble -- and the TOR service prevents some of that. Please note that it is possible for a highly motivated LE to get around the TOR service, so avoid running guns or other activities that gets LE too motivated.

Phones
Phones are the easiest item to trace in the world, but they are necessary. A Hobby/ Provider phone should not be tied to your name or your credit card if possible. So prepaid phones are great which you should pay for cash. A smartphone can definitely be had with prepaid plan, but they will cost more than usual. If you are a provider, i'd recommend a simple hobby phone that you can part with. However, if you just have to have a smartphone, expect to be able to ditch it at least twice a year.

Tips for hobby phone:
- If possible, do not keep it at home or in the car
- Remove texts and call history every evening; learn how
- Learn to erase the phone contents

Websites
The biggest challenge for a provider is remembering everywhere she has placed photos and ads. My recommendation is to track it closely; along with usernames and passwords. Typically, you abandon a site because you can't remember you used it or the credentials you used when you signed up. The ultimate goal is to be able to remove the traces of your provider life once you retire. Most provider services have provisions for removing your account, etc. upon request, but you are on your own when it comes to your own website, craigslist, etc. So track it all and regularly remove yourself from services you no longer use.

The other frequent question is whether to use gmail, hotmail, etc for your provider business. Yes, its ok to use the email and calendar services for your business, but consider using the anonymous browsing --like TOR--to connect to these services. However, using facebook, twitter, etc. seems rather ridiculous to me since as a customer i would not like to "friended" on facebook by my ATF, but that is up to you how much exposure you want.

Photos
A providers photos are critical to her business. However, i would recommend always blocking -- or blurring -- the face in all photos made public. Its a relatively easy procedure to learn -- instructions for windows at http://www.zenker.se/En/blur.htm or a web service that makes it easy at http://www.photohide.com/index.php. Tracking your photos is really critical, i know of more women having to explain nude photos on her smartphone, so take the photos, store them in your encrypted "hidden" desktop as soon as possible, and delete them from the phone or camera quickly. Never upload photos from your phone to a website; they can be tagged with way too much information when that happens (i.e. location, phone number, etc).

Other photo tips;
1) watch out for what is in the background of a photo; avoid releasing anything that tells too much about you and where you are,
2) your tattoos can be used to identify you; blur them if you can, but it may not alway be possible.
3) a tattoo of your real name should always be blurred

Of course, the protections -- and advice -- you take is dependent on your own goals. A provider who is also an amatuer pornstar may not need to blur her photos. That said, you need to decide the level of protection you want for yourself and your customers.

Hope this helps those that had questions...

Enjoy!

-T
Thanks T, excellent post.
Volumptous Vivianna's Avatar
Great post! This is why i keep my true identity 100% hidden. I have a cheap little prepaid hobby phone, i never show my face, show any identifying marks or even post ads with my real hair color lol So i'm not recognizable at all. As far as people knowing that i provide there are none. I'm a very cautious person & will remain that way. Security first.
I have said this before in the Houston forums and maybe in the national ones.. but
using Ubuntu Linux on your hobby laptop (or desktop) can offer a level of security. When it installs and sets up the Home directory (its like the My Documents folder.. all your personal data goes there) you can encrypt it with a nice pass phrase... longer the better (no pun intended) if they remove the drive and slave it up to another pc, the data is STILL encrypted.

Or, get a nice sized USP thumb drive, install your apps on it and run them from the thumbdrive which is easier to hide. Originally Posted by Spirit13
What do you mean or how would you run apps from usb thumb drive??
anyone know if kaspersky encryption is good! also, i got the kaspersky pure! im told that this should relieve any key watchers or whatever they are called! i know what there called but not coming to mind ATM!
What do you mean or how would you run apps from usb thumb drive?? Originally Posted by Sugar Bare!
http://www.pendriveapps.com/

a lot of applications that are set up so you can install them on a thumb drive and run them from there... some even will auto place an icon on desktop when you plug thumby in
Sorry to reply so late in the thread.

Under recent U.S. Law and court rulings, any information on the INTERNET is deemed "not secure" and the police may obtain without a warrant. the exception is UNREAD EMail on services. However, once the EMail is read, it is no longer private and may be accessed by police.

So, in using Salesforce.com, the data is encrypted but LE does have access to the data if they wish to decrypt it without a warrant. Difficult to do.

So, if I might suggest:

I have 2 laptops. One is encrypted using truecrypt software (free found at http://www.truecrypt.org/)
This laptop handles my banking information, etc. If NEVER looks at facebook, linkedin, etc. It does not use DROPBOX, ITUNES, etc. It does not visit websites, etc. I look at it as my financial laptop. It does not have to be expensive. The PC backs itself up to amazon cloud using a high level encryption. So even my backup of encrypted data is encrypted.

Regards,

Ray
suggest an encrypted file that looks like a volume for storage, you can "hide" a volume inside the volume with this solution which is free to use:
www.truecrypt.org
ModelClient123's Avatar
awww man that sucks