The-art-of-invisibility-_-the-world’s-most-famous-hacker-teaches-you-how-to-be-safe-in-the-age-of-Bi

Recommendations

Info

sending a message to her encryypts the message with her keyy. This messagewill stayy encryypted until Alice—and onlyy Alice—uses a passphrase tounlock her private keyy and unlock the encryypted message.So how would encryypting the contents of yyour e-mail work?The most popular method of e-mail encryyption is PGP, which stands for“Prettyy Good Privacyy.” It is not free. It is a product of the SyymantecCorporation. But its creator, Phil Zimmermann, also authored an opensourceversion, OpenPGP, which is free. And a third option, GPG (GNUPrivacyy Guard), created byy Werner Koch, is also free. The good news is thatall three are interoperational. That means that no matter which version ofPGP yyou use, the basic functions are the same.When Edward Snowden first decided to disclose the sensitive data he’dcopied from the NSA, he needed the assistance of like-minded peoplescattered around the world. Paradoxicallyy, he needed to get off the gridwhile still remaining active on the Internet. He needed to become invisible.Even if yyou don’t have state secrets to share, yyou might be interested inkeeping yyour e-mails private. Snowden’s experience and that of othersillustrate that it isn’t easyy to do that, but it is possible, with proper diligence.Snowden used his personal account through a companyy called Lavabit tocommunicate with others. But e-mail is not point-to-point, meaning that asingle e-mail might hit several servers around the world before landing inthe intended recipient’s inbox. Snowden knew that whatever he wrote couldbe read byy anyyone who intercepted the e-mail anyywhere along its journeyy.So he had to perform a complicated maneuver to establish a trulyy secure,anonyymous, and fullyy encryypted means of communication with privacyyadvocate and filmmaker Laura Poitras, who had recentlyy finished adocumentaryy about the lives of whistle-blowers. Snowden wanted toestablish an encryypted exchange with Poitras, except onlyy a few peopleknew her public keyy. She didn’t make her public keyy veryy public.To find her public keyy, Snowden had to reach out to a third partyy, MicahLee of the Electronic Frontier Foundation, a group that supports privacyyonline. Lee’s public keyy was available online and, according to the accountpublished on the Intercept, an online publication, he had Poitras’s publickeyy, but he first needed to check to see if she would permit him to share it.
She would. 3At this point neither Lee nor Poitras had anyy idea who wanted her publickeyy; theyy onlyy knew that someone did. Snowden had used a differentaccount, not his personal e-mail account, to reach out. But if yyou don’t usePGP often, yyou mayy forget to include yyour PGP keyy on important e-mailsnow and again, and that is what happened to Snowden. He had forgotten toinclude his own public keyy so Lee could replyy.With no secure wayy to contact this myysteryy person, Lee was left with nochoice but to send a plain-text, unencryypted e-mail back to Snowden askingfor his public keyy, which he provided.Once again Lee, a trusted third partyy, had to be brought into thesituation. I can tell yyou from personal experience that it is veryy important toverifyy the identityy of the person with whom yyou are having a secureconversation, preferablyy through a mutual friend—and make sure yyou arecommunicating with that friend and not someone else in disguise.I know how important this is because I’ve been the poser before, in asituation where it worked to myy advantage that the other partyy didn’tquestion myy real identityy or the public keyy I sent. I once wanted tocommunicate with Neill Clift, a graduate student in organic chemistryy at theUniversityy of Leeds, in England, who was veryy skilled at finding securityyvulnerabilities in the Digital Equipment Corporation’s VMS operatingsyystem. I wanted Clift to send me all the securityy holes that he’d reported toDEC. For that I needed him to think that I actuallyy worked for DEC.I started byy posing as someone named Dave Hutchins and sending Clifta spoofed message from him. I had previouslyy called Clift pretending to beDerrell Piper from VMS engineering, so I (posing as Hutchins) wrote in myye-mail that Piper wanted to exchange e-mails with Clift about a project. Ingoing through DEC’s e-mail syystem, I alreadyy knew that Clift and the realPiper had previouslyy e-mailed each other, so this new request wouldn’tsound all that odd. I then sent an e-mail spoofing Piper’s real e-mailaddress.To further convince Clift this was all on the up-and-up, I even suggestedthat he use PGP encryyption so that someone like Kevin Mitnick wouldn’t beable to read the e-mails. Soon Clift and “Piper” were exchanging publickeyys and encryypting communications—communications that I, as Piper,
Page 5 and 6: CopyyrightCopyyright © 2017 byy Ke
Page 7 and 8: ContentsCoverTitle PageCopyrightDed
Page 9 and 10: To my loving mother, Shelly Jaffe,a
Page 11 and 12: don’t call them tracking devices,
Page 13 and 14: “Well, yyou can’t have everyyon
Page 15 and 16: lived. This I could have found on t
Page 17 and 18: here is going to fit them all. Beca
Page 19 and 20: So how did someone get access to th
Page 21 and 22: alwayys check the site www.haveibee
Page 23 and 24: Some websites—such as yyour banki
Page 25 and 26: had been added to their queue—but
Page 27 and 28: In general, biometrics byy themselv
Page 29 and 30: yyou are or were married and that y
Page 31 and 32: Something similar is possible onlin
Page 33 and 34: Given all these precautions, yyou m
Page 35 and 36: mail. Yet in practice, we usuallyy
Page 37: So whenever yyou write an e-mail, n
Page 41 and 42: about his privacyy rights campaign.
Page 43 and 44: e-mails traveled—the various serv
Page 45 and 46: importance to yyou over time. Altho
Page 47 and 48: One wayy to mask yyour IP address i
Page 49 and 50: Raspberryy Pi minicomputer running
Page 51 and 52: Activation of the prepaid phone req
Page 53 and 54: CHAPTER THREEWiretapping 101You spe
Page 55 and 56: Signing a contract with a cell-phon
Page 57 and 58: digital network was introduced. Thi
Page 59 and 60: In the summer of 2010, a team of re
Page 61 and 62: Syylvester Stallone, David Carradin
Page 63 and 64: minister and his wife—as well as
Page 65 and 66: allows access to anyy record of a s
Page 67 and 68: The police also noticed another thr
Page 69 and 70: exchanged nearlyy 10,000 text messa
Page 71 and 72: found that 87 percent of teenagers
Page 73 and 74: worthless.There are three basic “
Page 75 and 76: CHAPTER FIVENow You See Me, Now You
Page 77 and 78: open a new window and not record wh
Page 79 and 80: Additionallyy, there isn’t just o
Page 81 and 82: service. And even the best proxyy s
Page 83 and 84: connected to his devices was a shor
Page 85 and 86: preemptive investigation byy the De
Page 87 and 88: CHAPTER SIXEvery Mouse Click You Ma
Page 89 and 90:
send information back to yyour Web
Page 91 and 92:
will also eliminate those annoyying
Page 93 and 94:
In addition to using plug-ins to bl
Page 95 and 96:
called an http cookie back to yyour
Page 97 and 98:
yyou can delete—Flash, from Adobe
Page 99 and 100:
companyy has been fairlyy benevolen
Page 101 and 102:
online tracking a step further. The
Page 103 and 104:
traced back to the coin, but the me
Page 105 and 106:
CHAPTER SEVENPay Up or Else!The nig
Page 107 and 108:
Minnesota lawyyer—whyy go through
Page 109 and 110:
Alwayys use the highest level possi
Page 111 and 112:
activate the WPS feature, and it co
Page 113 and 114:
courtesyy she didn’t think twice
Page 115 and 116:
pixel, a tinyy dot of an image, inv
Page 117 and 118:
What if yyou did interact with a ph
Page 119 and 120:
the Internet via public Wi-Fi. From
Page 121 and 122:
demonstrate how visible yyou are on
Page 123 and 124:
want to know the activityy on myy n
Page 125 and 126:
VPN is protected byy encryyption, a
Page 127 and 128:
You can also install a VPN on yyour
Page 129 and 130:
hotels to conduct her communication
Page 131 and 132:
keyylogger on that public terminal,
Page 133 and 134:
CHAPTER NINEYou Have No Privacy? Ge
Page 135 and 136:
hospitalized, and was eventuallyy a
Page 137 and 138:
Without that person’s confirmatio
Page 139 and 140:
the date of birth, making it even e
Page 141 and 142:
same.Once, for myy birthdayy, someo
Page 143 and 144:
yyou are required to fill in some i
Page 145 and 146:
her reaction was surprise rather th
Page 147 and 148:
phone numbers, credit card numbers,
Page 149 and 150:
themselves and had been taken and s
Page 151 and 152:
CHAPTER TENYou Can Run but Not Hide
Page 153 and 154:
crimes, both byy the crimes’ prox
Page 155 and 156:
A similar thing happened to me. On
Page 157 and 158:
police found the Fitbit and the wom
Page 159 and 160:
sheltered byy his umbrella.” 14So
Page 161 and 162:
Retail stores increasinglyy want to
Page 163 and 164:
CHAPTER ELEVENHey, KITT, Don’t Sh
Page 165 and 166:
location of its thousands of contra
Page 167 and 168:
this data set isn’t veryy interes
Page 169 and 170:
landscape or portrait view. These c
Page 171 and 172:
misconfiguration was found in more
Page 173 and 174:
milestone: collectivelyy, Tesla car
Page 175 and 176:
modules (SDMs). However, the vehicl
Page 177 and 178:
to a fertilityy clinic,’ this kin
Page 179 and 180:
the time of this writing, at least
Page 181 and 182:
computer that the user can’t put
Page 183 and 184:
colors.Dhanjani found that a simple
Page 185 and 186:
thirtyy such devices in our homes b
Page 187 and 188:
most models on the market are not p
Page 189 and 190:
off. For example, using the traditi
Page 191 and 192:
onlyy gain access to yyour refriger
Page 193 and 194:
homebound senior or loved one with
Page 195 and 196:
It, along with United Parcel Servic
Page 197 and 198:
mail that passes through our comput
Page 199 and 200:
enjoyying what’s sometimes called
Page 201 and 202:
using different VoIP telephones. An
Page 203 and 204:
After a protracted legal battle, th
Page 205 and 206:
knows that number could dial in and
Page 207 and 208:
For data at rest, Dropbox uses 256-
Page 209 and 210:
CHAPTER FOURTEENObtaining Anonymity
Page 211 and 212:
to fight. 1 And different countries
Page 213 and 214:
Then I wipe them phyysicallyy from
Page 215 and 216:
penaltyy if yyou’re found guiltyy
Page 217 and 218:
hotel; it was one of the hotels whe
Page 219 and 220:
longer maintained, new vulnerabilit
Page 221 and 222:
plugged in during the process. Repo
Page 223 and 224:
unlock yyour room. The advantage is
Page 225 and 226:
A bigger privacyy concern is the lo
Page 227 and 228:
might link a visit with an infectio
Page 229 and 230:
10. Once powered up, connect to VPN
Page 231 and 232:
manhunt came forward with evidence
Page 233 and 234:
access under America’s draconian
Page 235 and 236:
CHAPTER SIXTEENMastering the Art of
Page 237 and 238:
MAC address is somehow leaked. For
Page 239 and 240:
which requires no ID to pick up. My
Page 241 and 242:
From this point on, the Tor browser
Page 243 and 244:
something similar with virtual curr
Page 245 and 246:
Even if yyou follow myy recommendat
Page 247 and 248:
They’re under surveillance, but t
Page 249 and 250:
AcknowledgmentsThis book is dedicat
Page 251 and 252:
About the AuthorKEVIN MITNICK has b
Page 253 and 254:
NotesAll source URLs cited below we
Page 255 and 256:
Chapter One: Your Password Can Be C
Page 257 and 258:
Chapter Two: Who Else Is Reading Yo
Page 259 and 260:
Chapter Three: Wiretapping 1011. Yo
Page 261 and 262:
17. http://www.wired.com/2007/05/al
Page 263 and 264:
Chapter Six: Every Mouse Click You
Page 265 and 266:
Chapter Seven: Pay Up or Else!1. ht
Page 267 and 268:
12. http://www.howtogeek.com/192173
Page 269 and 270:
18. http://www.washingtonpost.com/b
Page 271 and 272:
14. https://books.google.com/books?
Page 273 and 274:
17. http://www.forbes.com/sites/rob
Page 275 and 276:
Chapter Thirteen: Things Your Boss
Page 277 and 278:
Chapter Fourteen: Obtaining Anonymi
Page 279 and 280:
Chapter Fifteen: The FBI Always Get
Page 281:
Thank you for buying this ebook, pu
show all

The-art-of-invisibility-_-the-world’s-most-famous-hacker-teaches-you-how-to-be-safe-in-the-age-of-Bi

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?