Guy can see you

No. No, you are not.

The month-old AnonSec 101/SteelBAileY account has uploaded a new 11-minute video to YouTube, focused on how-to’s for Operational Security (OpSec) at protests, in “civilian” life, and online. And it is terrifying.

UPDATE: Thanks to commenter Spiro Agnew for the tip: That video was a re-edit (with only the visuals changed) of this video uploaded December 14 to YouTube and originating with Death on Facebook. Yes, Death.

See? Everybody really IS on Facebook.

Typical lines, “If you are flagged, you’re bagged. Whatever nightmare scenario you can imagine with privacy is a hundred times worse.” The video then goes on to sketch some of those nightmare scenarios specifically: a remote kill switch wielded by someone who dislikes the way you exercise your free speech shuts down your car at 80 mph going around a corner; “They” use your own phone to bug you; in fact, every electronic device you own is always spying on you. Tear gas grenade to the eyes. And more.

And it’s all possible.

Fortunately, the video doesn’t just scare the bejeebus out of you; it also gives you some extremely practical and effective techniques to circumvent the Panopticon, easily and legally. You may not think you need to know these techniques; fair enough, lucky you, but you do live in a world where legitimate protestors do need these skills, daily. You might as well press play and see what the world looks like from their perspective.

Should you believe this Anon? As always when dealing with a faceless, nameless person (or even a faced, celebrity one) it’s essential to bring your critical intelligence to bear on the information and the source. In this case, the source is nebulous, unknown, without a track record. But the information? Well, have you been reading this website? The information presented in this video is the real thing. All too real.

We are all Charlie. Hands Up, Don’t Shoot. I Can’t Breathe. Oh wait, here’s how to circumvent tear gas…

[youtube=https://www.youtube.com/watch?v=q8z4RJGyVjE] Copy video from original post, which we now regret pushing to over 1500 views.

Transcript:

Greetings, citizens of the world.

We are Anonymous.

Let’s have a little chat, shall we? I want to play a game: let’s call it Electronic Armageddon. But first, let’s get down the rules because the further along we go, the worse this conversation is going to get.

Rule number one: Every modern electronic communication device has a unique identifier. Remember this.

Let’s learn how to handle protests. You have the right to peaceful protest. You’re going to need it.

This info is for the organizer.

Cell phone wiretapping: What’s going on? Police departments across the country use devices called Stingrays which are IMEI capture and scramble units. This device scans for Amtrak cell devices by IMEI number. Your IMEI number is usually found on a tiny sticker somewhere on your cell device. If you are the target of such an attack they will track your ID number and triangulate you from several spots reading signal strengths. Newer equipment will supposedly eavesdrop on cellphone calls. There is currently debate on going about this being warrantless wiretapping. It is most certainly so.  Possible evolutions of this technology may include flying drones with antenna receiver units that can help triangulate signals quicker, wirelessly transmitting the signal data back to the operator. Another option may be to have multiple units deployed in a grid fashion, synching data back to main hub. Cell companies can do this on their own.

This Stingray equipment is there to bypass the warrant.

Rule number two: Someone will always come up with a way to cheat the system for profit.

How to tell if you are being intercepted

Stingray units may be able to sniff data, but when you connect to their fake tower it must be close. It doesn’t have the power of a huge tree-sized tower. Frequently check http://www.whatismyip.com/. If your signal is hijacked, your IP is likely to change; you’ll also notice a drop in connection. They can’t piggyback lots of connections at once. Your streaming video may stop and you have to reload. Phone conversations may drop. The attacker is limited in bandwidth for internet. Look for a van with a satellite dish on top, or weird antennas in a protest.

Methods to counter this technology now and in the future are as follows:

Remove your cell’s SIM card so it disconnects from the cell network. Use various portable wifi hotspots and use your cell as a WiFi device. Talk through Skype or an IP-based solution. Use a WiFi-only tablet.

The technique: have a group of friends with wifi hotspots sharing the same password or open. Bypass your cellular link. Have friends walk back and forth to reestablish connections. Your connection to the closest wifi link is constantly changing IMEI numbers. Your connection is masked by the wifi hotspot’s IMEI, and it’s drifting all over the neighborhood.

For voice, use burner phones if possible and frequently switch. Swap phones with your group. Walk away. The group leader is unidentifiable.

Rule number three: whatever nightmare scenario you can imagine with privacy is a hundred times worse.

Recording video:

The new adage: “If you don’t want to be filmed you must be doing something wrong.” It’s the blanket excuse for recording everything we do. Officials don’t like to be filmed, so why does it not apply to them? Do they have something to hide?

You are filmed dozens of times a day: In stores, on the street, your license plates are being tracked by red light cams. Why can’t you film back?

How to protect yourself in a protest:

Use digital cameras with sets of pre formatted chips, along with your live streams. Your live stream can be scrambled or disconnected. The digital videocam can not. Your equipment can be taken from you, such as a cell phone or a camera.

Use chips like film. Swap them every 30 minutes. Drop the filled chip in a hidden sleeve in your jacket, in the lining in your shoe… Load a new one. If your gear is taken and you are patted down nothing is likely to be found [editor’s note: your mileage may vary here, depends how meticulous they are in the field].

To be cautious, hand them off to a friend. Spread them out. Regroup and extract the video later to upload if you aren’t using it.

Tape over your cell and laptop cams. Block their view. Watch for fast battery drainage; your phone could be constantly transmitting data. If they use your phone as a bug to record audio, in order to find something they will analyze the tracks for spikes in audio. Periods of silence with a spike in volume means conversation is likely.

Scramble their readings by leaving your phone near a radio or other fluctuating noise source.

If you are in the crowd, cover your face. The police will tell you to remove your masks. Put it back on later. Change coats, hats, etc, perhaps swap them. You will be harder to track.

Tear gas and non-lethal rounds:

Think paintball.

Wear armor of that sort. It’s light. It will protect your eyes. Wear small swimmer’s goggles underneath; it will save your eyes from the gases. Fold a wet t-shirt or towel and tie it over your mouth and nose. It will help greatly. Use it briefly and discard it after the attack. The residue will still be on the cloth. Don’t reuse it for a mask unless you wash it thoroughly. If you put it on, leave it until you’re done. Don’t try to retie it; you’ll get residue in your face.

Plan with your friends. In phone conversations use code words: North means East, East means South, South means West. 2 p.m. means 5 p.m. 3 p.m. means six. Get the picture?

Rule number four: You’re not paranoid.

They aren’t super hackers. There’s a reason for all this. Yes, assume your phone is the ultimate bug. You bought it, you pay for it with a credit card, they have your home address. They have already admitted to tapping everything.

Who is a target? Teachers, protesters, news reporters, popular bloggers, IT admins et cetera.

Rule number five: Privacy is history.

If you have a car with a certain cell service, they can remotely slow, shut down, lock you out, pop your trunk, track you, or numerous other things via the on-board unit. This is publicly advertised. This is a cell phone that’s always on and has a backup battery. It is subject to all the drawbacks mentioned previously.

How would you like your car to suddenly cut off on you at eighty miles per hour on a curve? What happens if this gets into the wrong hands?

It gets much, much worse.

Rule number six: See rule number one. This is the biggie. Everything has an identifyer.

How does the government hack any computer on the planet with a few keystrokes? How can your phone be remotely bricked? Laptops and cell phones have a dark secret: Spyware is loaded at the ship level and can re-install itself even if you replace the hard drive or reload the phone. It has been burned into just about every device made for the last ten years.

As a precedent, research the company named Crypto AG which is in Switzerland. As proof research a popular laptop theft recovery program. If your laptop is jacked it claims to be able to survive a hard drive wipe and reload itself. It can survive a BIOS flash. It claims to be loaded at the chip level on smartphones and most PC’s, but someone has to install this to get it working, right?

Rule number seven: Be ready for Electronic Armageddon.

If a computer hard drive is replaced and the anti-theft software reloads itself, and can survive BIOS flash et cetera, then it’s not activated by software.

The secret behind all the hacking power, everything you hear about, is that your devices are always sending out a Hack Me request. This comes from the chip level. You can’t erase it. When it gets an internet connection, this request goes out if someone responds with the right authority. It activates.

You can [even] replace your drive; it reactivates.

How? The code it sent out is either on a list someone is watching. Well, you purchased it from a provider.

If you are flagged, you are bagged.

What do you do?

Buy laptops with cash. Never use your real name or info when registering it. Microsoft practically forces you to get an email address from them when registering. Use a fake one. Set it up at a coffee shop.

The average citizen should not need worry but if you are a reporter, activist, IT admin et cetera, you are a target, possibly even a gateway to a network to hit someone else.

Armageddon.

If they can remotely wipe your computer with the right code, what happens if this technology falls into the wrong hands? It’s burned into almost every device out there. What if I told you the party with the power can erase every computer in a zip code in a state, country, the world?

Do the logic.

A few keystrokes [and] every computer in the world starts formatting as fast as they can get the code. Every cell phone in a city shuts down permanently. Your car shuts off, flinging you off the road.

Yes it’s that bad.

What can you do?

For a car, find the cell antenna. It’s on there somewhere. Follow the wire as deep as you can get into the car. Snip it and twist the metal portions together. Disable the communication. Look on the internet to find out where it’s attached. Perhaps use an older car.

For cell phones, swap cell carriers often. Use burner phones. Pay cash. Don’t save personal data on it: copy it off. Factory reset the phone often.

Stay away from cloud storage services. Don’t use personal info when making a purchase. For computers, assume one day a mass hard drive wipe occurs. Eventually they will find and disable the device causing it, but before that occurs, backup your data. Research how to ghost or image a hard drive. It is easy: for example, Apple has Time Machine: plug it in let it go to work. PCs have a number of programs. Save your image to an external hard drive. Make versions every few months. If disaster occurs, you can put your computer back to that date in an instant as well as any backup that was stored on it from other devices.

How did this happen?

Corporate greed, thirst for power. Governments wanted an ultimate kill switch and spy tool to ensure that they keep hold over the population. They wish to control protests, quash dissent, paralyze the media in case of disaster.

Manufacturers wanted the big money and they were ordered to do so.

You should protest and research. Get this technology removed from your future before it’s too late.

There’s a huge Do Not Push button out there waiting for someone to push it.

It won’t be us.

We are Anonymous

Expect us

Fear them

Azreal code 39X7LQXY95Y442Z

For further reading, well, laws vary by jurisdiction but you can start with these, from the BC Civil Liberties Association:

• The Citizenship Handbook: A Guide to Democratic Rights and Responsibilities
• The Privacy Handbook
• The Arrest Handbook: A Guide to Your Rights
• Electronic Devices: Privacy Handbook A Guide To Your Rights
• Making a Complaint Against the Police

And with this:

• Civil Disobedience Guide which includes many practical tips like: milk rinses away tear gas better than water.
• Rabble.ca’s Activist Toolkit
• Freedomwork’s Activist Toolkit

Categories: Activism, Anonymity, Anonymous, Crypto, Cyber, Hackers, Hacktivism, OpSec, Privacy, Protests, Resistance, Security, Surveillance, Technology, Video