Basic private setup

Being a computer geek, and super paranoid, I've fiddled around with some ideas until I think I've been able to come up with something that pretty much keeps me free and clear in the "computer tracking" dept. I just thought I'd share it here, so that others can take what they want from it and hopefully help them out.

Rule #1 : everything in cash. If you have to filter some out of the ATM every so often to get a pile together, then that's fine. Cash is king, and basically untraceable.

With the advent of pre-paid cell phones, there are also several services that provide pre-paid internet access. I know of several from Verizon (which seems to be the best quality, but that's just my opinion), T-Mobile, AT&T, and I think Sprint will have one soon, but don't quote me on that. Get a USB-based pre-paid internet modem like Verizon's MC760, and get the monthly package. I got mine from a corner multi-reseller and paid cash for it, giving a false name for the sales reciept. Initially it will have a 500mb transfer limit, but as long as you're not surfing YouTube or downloading MP3s, that will last you a while for basic email and website perusing. Just like cell phones, it can be refilled by buying a pre-paid card (with cash) and applying the balance to your account via phone/acct number.

So now you've got an unconnected IP address that does not have your name on it anywhere. Now for the actual computer tracks...

With this same USB modem, get a MicroSD card (4 gb is fairly standard and cheap) that plugs into it as added storage. If the modem you buy doesn't support MicroSD, then simply buy a seperate USB flash drive.

Www.portableapps.com has a host of applications that will run only off the USB drive, and will leave whatever computer you happen to be on virtually clean. I use FireFox Portable, with an encrypted RoboForm to remember all my passwords. The cache runs from the USB, so no "temp" files are left on the host machine. It's a bit slower, but it's worth the peace of mind. I've also got an encrypted lock on the drive, in case I lose it, all my info will be secured. All these apps run directly from the USB, so there's no trace on the host computer.

When it's all said and done, for good measure simply run CCleaner (again, save the program on your USB) to wipe away any leftovers.

That being said, the rest is common sense. NEVER browse hobby sites/info when you're on a work computer, even using this method. You never know what kind of monitoring is happening on a work computer. Someone could be watching everything on your screen from the other side of the building, and you'll never know. ONLY browse from a machine you feel/know is already relatively safe.

All in all, I've got less than $200 invested in my setup, and that's including the first month of internet service (at $50 + tax). Unless someone walks in on my while i'm in the middle of something, no one will be able to find anything on this computer, nor can my IP address be traced to me. They might be able to see which cell tower I'm running off of, but unless they invest in a full team to triangulate my position (and god help us all if they get that desperate to hunt down us sinners), then I'm less than a needle in a haystack.

As usual (well, not really, seeing as how this is the first post i've made like this), I make full disclaimer that the information included herein is to be used for educational purposes only, and not for any illegal or illicit activities. If you get busted, it's your own damn fault.

Really, this is just one man's idea of how to be safe in the dangerous underworld of computer paranoia.

Peace out.

You're awesome, Greyhound. I hope you don't mind if I add a few things that are on my wish list for all hobbyists.

Wipe your text messages regularly. After the appointment is done and went well, there is no need to keep a record of it lying around.

Wipe your inbox and PMs while you're at it.

Set your computer to clear history every day. Clear cookies and files every time you log off.

Don't bookmark hobby sites.

Empty your Recycle bin.

Flash drives are the greatest invention ever. If you listen to nothing else Greyhound said, get a flash drive.

http://www.newegg.com/Product/Produc...82E16820134988

http://www.micro-sd.us/10-493964-B00...der_Black.html

http://www.robotshop.com/microsd-usb-reader.html

Here are some links on microsd usb reader. Kingston's reader comes 16 gig card. Cool thing about sd and microsd card, that have physical locks on them. I used them out the field since viruses can autorun and regular jump drives don't have write protect and gotten viruses on them.

Very very very good tips. I run VirtualBox/Chrome OS on my card. Setting your computer to clean itself and run a cleaner (I use windows washer) as part of your computer's log off is huge.

This is some very very good advice. And since I do it - it doesn't take a rocket scientist.

An ounce of prevention.......

Another way of thinking about this is to do what I have done in the past. Use VMWare and setup your own base machine that has all that you want in it like HD storage, browser of your choice, your favorites, OS of choice, etc. Once you start the VM machine, it runs in its own space within your host computer's OS. You can get infected by viruses galore and never worry about those translating to your host machine.

There will not necessarily be the disconnected nature described above unless you use that same setup on your host machine which will translate to your VM machine. That means you can have an awesomely hot host and many different VM's configured just like you like them.

Once they bite the dust due to virus or whatever, you delete the VM you are using and start fresh with a copy of the configuration you made of the base VM before you started. That way, you don't lose a thing.

Good thread by the way and thanks for posting this information.

Couple of thoughts. It's a good basic scenario and makes you much much harder to track than the next guy (which is always a good way to be). That said, I would still recommend looking into encrypted connections for providers and guys who want to be invisible.

The reason I mention this is that typically, people who use a "mobile" connection use it from their home almost exclusively. Since the signal gets bounced off multiple satellites and can be pinpointed, this defeats the purpose if you are seriously being investigated (not likely in our little world). As a real world example, this same signal tracking (albeit of a cell signal rather than a data signal) is how Pablo Escobar was tracked down.

How do you defeat that? Simple, be mobile with your signal... hell, just get out of the house once and a while. And turn off the signal when you aren't actively using it. That would make the "home" location look like just another of the many places you use the connection.

At the end of the day privacy / security is a balancing act of convenience and security / privacy.

As for the VM setup, it defeats the purpose of using portable apps. You use portable apps because they leave no tracks on your computer whatsoever. For example, Chrome portable (or far better would be to get Iron portable which is a more secure version of Chrome) leaves nothing on the USB once you are done.

ABT, do you know if the InPrivate option on Internet Explorer browsing will cover your tracks very well ?

GTO,

Define how you mean covering your tracks. It will limit what tracks are left on your computer itself (albeit not from a system admin if applicable). If you are talking about security to protect your identity on the other side of the internet (i.e. to prevent anyone from tracking remotely or from leaving tracks on the web), then this will not do anything for you.

From MS's own site, on what InPrivate will not do:

While InPrivate Browsing keeps other people who might be using your computer from seeing what you visited on the web, it does not prevent someone on your network—such as a network administrator or hacker—from seeing where you went.

InPrivate Browsing does not necessarily provide you with anonymity on the Internet. That means that websites might be able to identify you through your web address, and anything you do or enter on a website can be recorded by that website.

Any favorites or feeds that you add while using InPrivate Browsing are not going to be removed when you close your InPrivate Browsing session. Changes to Internet Explorer settings, such as adding a new home page, are also retained after you close your InPrivate Browsing session.

It has it's advantages for sure. That said, an encrypted drive (USB or just an SD card you leave in, using AES w/ 512 hashing as a minimum encryption) with a portable browser (Chrome, Iron, Firefox, etc) means that even if anyone decided to dig through the remnants of the drive there would be little to no chance of finding any information.

When it comes to protecting against leaving traces all over the web... that's a whole other section and, simply put, costs some money to make happen.

just a small point on the pre-paid phones.

even though disposable, when you get one at a phone store, you have to give ID -
so I don't know if that's a security point, but it does match you to the phone number. and also maybe you have to give the ID to be able to use credit card refills,
so they match names....

maybe this is avoidable by getting a pre-paid phone from a corner multi-reseller, and buying pre-paid cards with cash....

just a small point on the pre-paid phones.

even though disposable, when you get one at a phone store, you have to give ID -
...
maybe this is avoidable by getting a pre-paid phone from a corner multi-reseller, and buying pre-paid cards with cash.... Originally Posted by VitaMan

I got a TracFone from Wal-Mart (that i don't normally go to) and paid cash, then buy re-fill cards at random locations (CVS, WalGreens, etc), also paying cash. I've never had to give an ID for it. When I activated the phone, I found a payphone next to a Stripes/Valero to call it in. Never gave anyone an ID or a real name. If they can track me, then they're investing WAY too much time and effort into a small-potatoes case.

For example, Chrome portable (or far better would be to get Iron portable which is a more secure version of Chrome) leaves nothing on the USB once you are done. Originally Posted by AustinBusinessTraveler

Are you talking Chrome OS or Chrome browser? I use both on a 8g card. Link to Iron? Thx..

Add Google Voice to the list, I use it to call and text about hobby issues, it shows my google voice number not my cell number I'm using for the connection.

Google talk? Google keep records of everything. they more data on us than the FBI and CIA combined. And it Gets subpoenaed 20-30k time a year. Not a Safe bet by any means. Google makes there money by knowing what you want, so they track everything you do.

I may be just paranoid But i do not even surf the web from my Own Ip address. 3-5 other connections between me and any web server.

I think Google talk and Google Voice are two different things.

I'm with SP. Love Voice.