Internet Storm Center Infocon Status

Communications

 :::: Securing Your Premise Communications :::: 

Premise comms, as defined here, are typically voice radio communications that have a limited signal strength.  Limited signal is key as you don’t want whatever you are saying “over the air” to be broadcasted 10 miles away.  Therefore, low-power (low-wattage), radios are the best choice.

Probably the most commonly recommended communications are FRS (Family Radio Service), GMRS (General Mobile Radio Service), and MURS (Multi-Use Radio Service).  If you are new to these terms, I would highly recommended checking out the links provided.  One big problem with both these systems is that anyone with the right radio scanner can pick up your communications.  Additionally, GMRS requires a license, but since you can buy these radios off the shelf, the licensing is most certainly ignored by most.

Of course, I should not fail to mention HAM radios as a form of premise communications.  But, like GMRS, HAM licensing is much more enforced by the FCC.  HAM bands are equally vulnerable to eavesdropping like FRS, GMRS, and MURS.  The eavesdropping is due to the simple fact that the majority of these radios are analog in nature (meaning if you find the frequency, you can just tune in and listen like you listen to a FM radio).

However, very short range communications can be maintained with relative security, and on a tight budget, using phones with “Direct Connect” functionality.  In particular, phones with iDEN Direct Connect are what you want to look for.  See here for specific iDEN phone information for the Motorola i355.

What is great about this “Direct Connect” feature is that it permits communication from phone to phone without using the cell tower, much like a FRS radio.  Since Sprint has stopped offering certain kinds of these phones on the US market and they can be picked up very cheaply on eBay.  If you shop around, you may be able to pick up 10 working phones for about $100.

The reason these make a great option…

  1. Most have moved on to the newer versions of the phones, so they aren’t nearly as common as just picking up a FRS or GPRS radio.  The obscurity aspect adds a little security.
  2. They use digital communication, so just using a basic radio scanner will do an eavesdropper no good.  If an eavesdropper found the frequency, he would only hear a very short digital burst.
  3. Not only are they digital, they change channel about 10 times a second during communications.  I have personally observed the frequency change, so I know this is true.  Also, since they are digital as well, someone would need to convert the digital signal and track all the channels that can be used, then assemble all of the converted signal for every single transmissions.  This sounds like an awful lot of work.
  4. Range is good for premise comms, up to a mile or so with line of sight.
  5. The Motorola i335, in particular, has a bunch of accessory options, like headsets, belt clips, etc, making them great for premise comms.  Also, they have great battery life since you are only using the “Direct Connect” and not the cell towers.
  6. They are cheap.
Which phones will work?
There are many others that will work as well, but I have personally tested these two models and they both work and intercommunicate just fine.  If I had to pick one, I would suggest the i355 over the i335.  The i355 has more accessories available, a replaceable antenna, longer range, and is built rugged.  You will want to make sure you get phones that have sim cards in them.  If they don’t, you can pick them up cheap (see this eBay link for SIMs).
Programming these can be tricky the first time, so just follow the instructions you find on these YouTube videos:


If you decide to go with these units, you should try to get them all at once, so you can program them all at the same time.  You will choose a “channel” and a “code” for that channel.  From my own experience, it took about 30 minutes to sit down and program 10 phones all at the same time.


 :::: Securing Your Internet Connection ::::

If you read the “Securing Your Premise Communications” section, you realize that you need to be careful of eavesdroppers.  The same is true with your internet connection.  You may not believe it, but it is super easy to eavesdrop (or “sniff”) internet traffic.

When I first started doing IT work, we were having lots of issues with some old hardware.  The school was on a tight budget and I was tasked with figuring out what the issues were and how to fix them.  I was new to networking, but I did some research, set up a computer to watch internet traffic, and began looking for the collisions and other bad traffic.  The program I used, “Sniffit,” was freely available at the time.

What “Sniffit” reported blew my mind.  I was seeing usernames, passwords, and other information being transmitted in the open and in real-time.  One could easily use a device like this for nefarious purposes.  One could see chats, websites visited, email traffic, everything… and all in real-time.  Of course, this was at a time when SSL and other methods of encryption were not being readily used by websites.

Since that time, I have learned much more about networking.  Most good switches have the capability to perform something called “port mirroring.”  What this does is use a port on a switch to replicate all the traffic on another port or series of ports.  A device like an intrusion detection system and/or a virus detection systems would use this feature often so that monitoring centers can be immediately alerted in real-time of attacks against a system or server.

Why does this matter to you?  A couple years ago I was talking with a phone technician.  He was hired by the government, along with many numerous other technicians, to go into the CO boxes in his area (CO, or Central Office box, refers to those Verizon, Fairpoint, AT&T, etc, locations where phone/data hookups are created).  What he was hired to do was install a black box.  He wasn’t told to hook it up, just install the box.  He didn’t know what the box did (or does), just place it where it needed to go.  But, this technician believed that these were boxes probably to be hooked up for NSA data gathering. He believed that a mirror-port, or similar, would be used to record and relay voice and data information back to a central location.

Wouldn’t it be great if there was a way to mask your location?  Perhaps if someone could somehow encrypt all their network traffic and send it through a bunch of different locations, they could protect their personal and private information.  This can be done using Tails OS.

The first step is to prepare a computer to communicate from.  You don’t have to use it as your daily PC/Mac, but you can at least have it set up so that you can start browsing the web with security.

What you need to get started is:

  1. A USB Flash drive or a computer with a DVD drive.
  2. A verified Tails OS ISO file (freely downloadable from tails.boum.org)
  3. A PC/Mac that has the capability of booting from the USB or DVD drive with the capability of getting online.

Purchase a USB flash drive (don’t get PNY or Sandisk as they sometimes have issues).  Silicon Power flash drives seem to work really well.  You can get a 16GB waterproof metal drive for under $15.  You can get a 4GB drive for $5 to $6.  Go to tails.boum.org to get started.  Getting started can be somewhat technical if you want to “verify” the file that you have to download, but once you create a Tails OS USB drive, it is really easy to update and replicate more drives.

Some flash drives that I have tested and are known to work are linked below:

Both of the above flash drives are great and load quickly.

As heard on the Prepper Recon interview, I am offering preloaded USB flash drives with the current Tails OS version.

Choose which size drive
8GB TailsOS USB Drive $19.99 USD
16GB TailsOS USB Drive $29.99 USD

Along with a USB drive, you will also need an old laptop, netbook, or desktop.  I know from personal experience that Tails OS works great from a 13” MacBook Pro as well as from a Lenovo Thinkpad T400.  I also know that a majority of netbooks will work.  If the computer supports booting from USB, it will likely work.

To boot, you simply turn off the computer, insert the USB flash drive with Tails OS and boot up the computer.  Many times, you need to set the BIOS on the computer to boot from USB.  Most machines have a boot option that allows booting from USB (like hitting F12 when the computer starts up, or holding the option key on a MacBook).

As stated prior, you may also burn the ISO to a DVD and boot from that.  For some, this may be easier than using a USB.  If you need to find out how to burn the ISO you downloaded to a DVD, see this for Mac:




Once you are in Tails OS, the boot will ask if you want to use extra options… like “persistence.”  You would use persistence if you want to save files to the flash drive when you are using Tails (like bookmarks, documents, etc).  When you do this, Tails OS encrypts part of the flash drive to protect your files.  You don’t need to use persistence, but it is helpful if you want to create documents, etc.

When Tails is completely booted, you will need to connect it to your wireless network (or plug it in via an ethernet cable).  There is a wireless icon on the top right of the screen.  Once it is connected to the network, it will start up something called TOR, which is an encrypted method of connecting to the internet.

There are advantages and disadvantages of using TOR.  The advantages are anonymous and encrypted web browsing that even the NSA likely has problems tracking.  You are using a network of “nodes” (or other TOR routed devices) that protect your identity and connect to various networks all over the globe to protect you.

The disadvantage is speed.  It is definitely slower.  You wouldn’t want to try to watch a youtube video or download a large file while using TOR.

You will know that TOR is ready to use on your computer when a green onion icon appears on your toolbar at the top of the screen.  Of course, TOR cannot start until you connect to your wireless network, so you need to this first.

Once the green onion icon appears, you can open the browser (another icon on the left side of the toolbar at the top of the screen).  It works like a normal web browser, but you need to be careful.  Two great browsers to use are duckduckgo.com and startpage.com, neither of which track you online.

To be careful online, here are a few tips:

  1. Don’t use your real name while you are on TOR
  2. Don’t log into your normal, everyday, email account… set up a new one (see below)
  3. Don’t search for names or things that identify you
  4. Don’t fill out web forms with your real address or other information that identifies you
  5. Do turn off your computer when you are done using Tails OS
  6. Do keep your USB and/or DVD disk you created in a safe place

Here is a YouTube video of Tails OS running using the option that makes it look like a Windows PC:

Here is a YouTube video for installation of Tails and an overview:

TO UPDATE YOUR TAILS USB DRIVE: When you boot from Tails, once online it will check automatically for updates.  If an update is available, you should immediately download and install the update!

 :::: Securing Your Email :::: 
If you want to create good email communications, you need to use a safe email service as well as get your friends and family to use them too.  If you and a couple of your friends are using Tails OS, you simply need to set up some email services that you will use while using Tails.  An easy one is called safe-mail.net (https://safe-mail.net)  It is free for a small account, which has plenty of room for your secure emails to reside.

!! NOTICE !! 01/17/2015 –  Safe-mail.net is not creating free accounts at this time.  I would recommend checking the site often or getting on the blog email list to be notified if/when accounts become available again.

!! NOTICE !! 01/24/2015 – Safe-mail.net is once again creating free accounts.

A list of potential email providers includes:

I would make sure to use email accounts that don’t get too confusing.  Like, maybe your initials at the beginning, then some number… or combination that will be easy for friends and family to remember.  My initials are DM.  So, I may make up a safe-mail.net account using something dm2015… a friend might be rd2015… another might be kb2015 and so on.
Another good method of keeping somewhat private is to not use your real name when setting up the account.  If my name is Dan Michaels, I probably want to use a different name… maybe David Mitchell.  Likewise, when communicating, you should make sure you don’t use people’s real names.
Once you have safe-mail.net working, I would highly recommend going to protonmail.ch and signing up for their service.  Currently Proton Mail is in beta.  It is a Swiss domain and apparently they have laws to protect privacy… so it be good to get on the list (using your safe-mail.net email) and get a Proton Mail account once it is available.
Should you decide to use Email for critical communications, you should also try to communicate in a manner that is clear of confusion.  In brief, the I, or individual, always makes sure to communicate four things.
  • Person… who is communicating (could be an alias name)
  • Position/time… where you are at and the current time
  • Problems… report any issues or give the “all good”
  • Plans… what your plans are before your next communication
This is useful for email comms as well as voice comms.

Tips for Email Security:

  • Only connect to your secure email service when on Tails OS
  • Share your secure email address only with those you trust
  • Never share your secure email address via phone, email, SMS text.  Best to use good old pen and paper and a stamp to give your new address, or better yet… in person, but you also want to encourage others to adhere to similar methods of secure communication.
  • Advocate with your family and friends good secure email practices, like not sharing your real name or other information that gives away your location or who you are.

 :::: Securing Your Online Chat :::: 
Tails OS has PIDGIN chat built in.  When you use PIDGIN chat, you can create an OTR, or “off the record,” chat that is not recorded.  This is a great way to chat and keep it private.  You can create an account using your username from safe-mail.net and use it with some of the free providers.  Note: your username maybe something like dm2015@dukgo.com.  Each user can create a chat account and then share the account to the others using the safe email account you previously set up.
 :::: Securing Your Cell Phone :::: 
Unfortunately, you can’t trust your Android, iPhone, or even basic flip phone, these days.  But, what you can do is pick up a phone with a new phone number that you can use for emergency communications.  There is a provider called Ting that has some great voice service.  You can put a phone on a Ting account for just $6/month.  If you used it on occasion for just 100 minutes and 100 text messages, your total bill for the phone would be just $12.  With Ting, you only pay for what you use.
At the same time, you may consider using Ting as your regular cell phone provider.  Some great things about Ting:
  1. Ting does not require your SSN, so it isn’t tied to a credit report.
  2. Ting is a Sprint MVNO (mobile virtual network operator) and is not required to update your personal information with Sprint, though they are obligated by law to comply with information requests (as are all cellular providers)
  3. Ting is inexpensive, you pay only for what you use
  4. You own the phone and have no contract
  5. There are tons of cheap Sprint phones on eBay that work with Ting, so getting started is cheap as well.
Additionally, you can try Ting for free by using this affiliate link: 
If you use the link, you will get $25 off of your service or $25 off a select device from their cell phone store.

INSECURE VERSION:  (The steps recommended if you want to try Ting as your everyday cellular provider.)

  1. Get a Sprint phone that will work with Ting and check it with Ting’s database (www.ting.com/byod).  If you want to just get a phone from Ting, just skip to step 2.
  2. Obtain your $25 service discount or get $25 off of a Ting device by going to: http://ting.7eer.net/c/73747/87564/2020
  3. Activate your device according to Ting’s instructions.

SECURE VERSION: What you need to get started with Ting as a secure backup phone.

  1. A non-Android and non-iOS Ting-compatible phone.  If you are not sure, just open the back of the phone and go to www.ting.com/byod and check it.
  2. A Prepaid Credit Card.
  3. A clean email address (your new safe-mail.net or Proton Mail address, or other email account that isn’t tied to you)
  4. Pick an address.  Find a location that is within Ting’s service area (http://ting.com/coverage).
  5. Set up your account and get your discount by going to: http://ting.7eer.net/c/73747/87564/2020
  6. Follow the on-screen activation instructions away from your current home address.
Should you choose to use Ting to set up a cellphone that can’t be traced to you, you will want a basic flip or feature phone that works with Ting.  Some great ones are Samsung M-series, LG LX-series, Motorola’s slim RAZR series (like the V3M), or an old Nokia 3588i.  You pick up a cheap Sprint phone, then sign up using the link, put your phone on your plan (you could use a prepaid card service if you want to detach it from your real name) and viola.  I have never had anything sent via postal mail and Ting doesn’t even verify the address you sign up with… I don’t even think they verified my name.
Some of you will have a hard time resisting the temptation of getting an Android phone and putting it on Ting.  I must say that Ting works great with Androids.  But, if you want the phone to be “clean,” you will need to be super careful.  For example, you will not want to sign in to Google Play, check your regular email on it, or call any of your friends.
To keep your phone somewhat secure, you will want to keep the battery out of the phone except when you are using it or charging it.  Some out there believe that the phones will search for towers even when turned off.  I’m not sure of this, but if you want to be super careful, then you will take the battery out of the phone, put it in your glove box, and only put the battery in when you want to make a call (drive away from your current address of course as cell signals can easily be triangulated even if the GPS feature is turned off).  Oh, and make sure you turn off the location service on the phone (aside from 911 calls).
You and your friends/family can exchange your phone numbers using the safe email account you set up earlier.  As the phone isn’t going to be on all the time, you will need to start making a habit of checking the phone at predetermined times.
As you will likely be taking the battery out of the phone when not in use, you will likely want to find phones that have an easily removable battery.  Some of these phones will include the Kyocera DuraXT and Motorola V3M.
Here are some links as you consider a small phone to use on Ting:
Secure and Mobile Internet for the Road Warrior

If you need access on the go, what I recommend is getting a device like the Netgear Zing.  You can get the device on Ting Cellular and at a $25 discount by going to http://ting.7eer.net/c/73747/87564/2020 and clicking the “shop” link at the top of the page.  Data on Ting’s network is pretty cheap, but you do need to look at the coverage map and make sure the locations you frequent will be in range.  If you pick up a device like this it will only cost $6/month while you have the device registered and data costs are listed here on Ting’s “rates” page.  Using 1GB/month would cost you $19 in addition to the $6/month fee.  But, if you were only using it for occasional checking of email and light surfing, you may get by with $12 (1/2 Gig).  You can also just use 100Megs for $3.

As with all of Ting’s plans, you only pay for what you use, so you don’t have to worry about changing plans.  Also, there are never any contracts with Ting.  You own the device and don’t end up paying more to subsidize the device through the cellular carrier.  You can also remove the device (like the Netgear Zing) if you don’t expect to be using it for a while.

When you connect to the Netgear Zing, you will want to make sure you are using your Tails OS USB flash drive to keep the connection secure.

Use technology… but don’t rely on it…
Last, it is imperative that you are careful not to rely on any one method of communication or rely on any particular technology.