The Privacy and Security Benefits of a P.O. Box or CMRA

As a privacy advocate I am constantly surprised at the number of people who freely give out their home address without a second thought.  It shocks me endlessly that people will give over their actual, physical home address in exchange for slight discounts on groceries, when creating accounts for online services of all types, to have a miniscule chance of winning a new car, etc.  I would never dream of giving out my true home address for any of these reasons, and I always take pains to avoid it for reasons that are much more serious than these.

IMG_2104

Regardless of this and the fact that much of we all still need to receive mail.  Receiving this mail at home opens you up to a number of vulnerabilities including:

Mail Theft:  Mail theft still happens and it recently happened to one of my clients.  Some of her checks were stolen and forged for cash.  To conceal the crime the thief (who knew where she lived because her address was on her checks) stole her bank statements from her mailbox.  She did not know she had been the victim of a crime for several months.  I am continually surprised at the vast numbers of people who are content to let bank statements, pre-approved credit card offers, utility bills, and other very sensitive items be left in an unsecured mailbox for hours or days at a time.  The theft of such personal information could lead to identity theft, credit fraud, and other crimes.

Much of this threat can be alleviated by going paperless where possible.  Just ensure that you are securing your online accounts with unpredictable usernames, good, strong passwords, and two-factor authentication.

Social Engineering:  A quick glance at mere junk mail from your mailbox can reveal your name and the names of your family members and roommates.  This information can be used to launch a social engineering attack against you.  How would you react if someone appeared at your door and seemed to know the names of all the members of the household?  An attacker could use this information to convince you (or your children) that he or she is a trusted figure.  This information could be used in a variety of imaginative ways to manipulate you or your family.

Data Marketing:  Though the threats of mail theft and social engineering are relatively rare ones, the possibility of your name being associated to your home address through the mail you receive is all but guaranteed.  When you order a package from an online retailer your name and address is added to their database and will eventually be sold to data marketers.  Then Fedex, UPS, and yes, even the US Postal Service will collect this same name and address data and sell it to data marketers yet again.  The end result of this, in addition to tons of junk mail, is that your home address and name are in numerous databases, many of which are available on open-source internet sites.

THE BENEFITS

Using a post office box or commercial mail receiving agency (CMRA)(such as Fedex or UPS stores) you can be reasonably assured that your mail is secure.  It is stored behind lock and key until you come get it, and many such facilities have security cameras. This does not mean that a very determined adversary could not access it, but it is still much safer than it is in an open mailbox on your street.

There are some additional benefits to using a CMRA that are not offered by the U.S. Postal Service, and CMRAs are subject to the same strict security standards as the U.S. Postal Service.  For example, they cannot give your mail to anyone who has not been added to the mailbox and who does not present a photo ID.

Package Delivery:  If you are expecting a package it is much a CMRA it can be received and held by a CMRA.  In contrast Fedex and UPS will not deliver to Post Office boxes.  If a signature is required for the package a representative from the store will sign for it, as well, preventing you from missing an important delivery, and preventing packages from sitting unattended on you front porch.

Street Address:  Rather than having to give out a P.O. Box, with a CMRA you will be given a street address and box number.  Though you cannot use a CMRA as your home address for official records like drivers’ licenses (because they are flagged as commercial facilities), you can give this address out to many parties without it being obvious it is a mail receiving agency.  You can further obscure the nature of your address by adding “Apt” or “Suite” in front of the box number; you mail will still find you, but the address will appear to be a residential or business address.

Using a P.O. Box or a CMRA will make you neither invisible nor anonymous.  But if you have taken steps to obscure you home address to prevent identity theft, stalking, or other threats against you, using one will help prevent your name from being associated with your physical location.  You can make this pay off even more by getting a mailbox in another city or town.  For example, when I had a “normal” job and commuted, my CMRA mailbox was in the town in which I worked, which was roughly 30 miles from my home.  I created quite a trail of information to that mailbox, but it was far enough away from my home that I didn’t lose any sleep over it.

Privacy and Security Considerations when Upgrading to Windows 10

With free upgrades to Windows 10 fully out in the wild the migration to the new OS has been, by all accounts, a resounding success for Microsoft.  Though Windows 7 will doubtlessly remain king of the hill for the immediate future, with 75 million downloads in the last month Win10 is making serious inroads.  Though popular out of the gate, it has not been received without some legitimate complaint.  There are some major privacy issues with the new OS.

Windows_logo_-_2012.svg

Express Settings:  When going through the  upgrade process, do NOT choose the “Express settings” option.  In Express settings mode you are not allowed the opportunity to change privacy and security settings and they are set to defaults.  Worse, allowing the Express settings can cause an encrypted version of your Wi-Fi password to be shared with your friends through Wi-Fi Sense so they can use your Wi-Fi if and when they are at your house.  Instead choose the “Customize settings” option.

Forced Updates:  Perhaps the fiercest complaint about Win10 is that updates are mandatory, not optional.  While I strongly encrourage staying up-to-date, the ability to opt-out of select updates should be everyone’s right.  This ability is especially importan when updates are buggy or cause system instability as has been the case with some updates for 10.  Windows 10 users have no choice in the matter, though.  At least now Windows actually offers some transparency and explains what these updates do.  Before upgrading you should seriously consider whether you are willing to accept mandatory updates whether you want them or not.

Privacy Policy:  Windows 10’s privacy policy has been described by Ars Technica as “the new normal“.  While all operating systems send some information back some information the data collected and transmitted by Windows 10 is fairly significant by comparison but is, as Ars also points out, part of a continuing evolution of increasing data collection.

Data Collection by Default:  Windows 10’s data collection is enabled on the OS by default.  The new Cortana feature (the competitor to Apple’s Siri and Google’s Now) constantly records you and your actions to “get to know you”.  Windows 10 also has a very intuitive, very user-friendly Settings menu that contains a well laid-out Privacy section (shown below).  Unfortunately most of these privacy settings are enabled to collect data by default.  I strongly recommend going through these privacy settings immediately upon installing the new OS.  These settings are not complete; there are .  For more information on setting up the initial Privacy and Security settings in Windows 10 visit https://fix10.isleaked.com/.

Screenshots of my Win1o Privacy settings are attached a the end of this post.  Note that for most of these settings you must enable the global setting before disabling individual apps.  After you have disabled every app I recommend once again disabling the global settings.  Also note that these settings are not a substitute for using basic best practices and security utilities like encyrption and antivirus.

Some good news:  Windows 10 will still work with the security applications we know and love, like TrueCrypt, Password Safe, and others.  In fact, aside from OS-specifics, nearly everything I detailed in Your Ultimate Security Guide: Windows 7 Edition is still applicable.  Just one quick word of warning: if you are full-disk encrypted, DECRYPT YOUR HARD DRIVE before upgrading and re-encrypt upon completion of the upgrade.  I learned this the hard way.

Everyone loves the appeal of a new operating system.  Even I was excited at the prospect of an entirely new look when the computer finally finished installing 10.  But the more rational side of me dislikes change just for the sake of change.  After I complete the next installment of the Your Ultimate Security Guide series which will cover Windows 10 (look for it in March 2016) I plan to revert back to either Windows 7 or, much more likely, go full-time with a Linux distro.

12345678910111213

 

Privacy Compromising Updates in Windows 7/8.1

Since the release of Windows 10 it has been no secret that Windows is collecting a great deal of data about its adopters be default.  Though some of this tracking cannot be opted out of most of it can, and this blog will cover these techniques for Win10 next week.  What is more alarming (at least to me) is that Windows is quietly installing some of these privacy-invading “features” on Windows 7 and 8.1 machines in the form of updates.  These updates send a great deal of information about your usage back to Microsoft.  Fortunately for users of Windows 7 and 8.1 these updates can be quickly and easily uninstalled.

The updates are (each is hyperlinked to a full description at microsoft.com) :

To uninstall these updates navigate to Control Panel>>System and Security>>Windows Update.  Click “View Update History”, and the click “View Installed Updates”.  This will open a list of the updates that have been installed on your machine.  Search for each of the four updates listed above.  If you find that any of them have been installed, right click on the update and select Uninstall.  You will be asked to confirm your decision.

Win7 Privacy UpdateI am disappointed that Microsoft has chosen to hold user privacy in such disregard, though my disappointment does not rise to the level of surprise.  This is a great example of something I talked about in Your Ultimate Security Guide: Windows 7 Edition.  Allowing updates to download and install automatically can have some serious negative consequences.  I prefer to download updates automatically but choose when to install them.  This gives you the chance to avoid updates like these that are not in your best interest.

Paper v. Plastic: The Case for Cash

The adage that I’ve used several other times on this blog, my books, and one that is nearly a personal credo: convenience is inversely proportional to security.  This seems to apply equally well to personal privacy.  Said another way, the more convenient something is, the more personal privacy and control of your identity you are probably sacrificing.  Credit and debit cards are one such convenience.  Though it is certainly more convenient to swipe a credit card for purchases that in is to use cash it also creates a tangible record of each transaction.  With cash you have to make time to visit an ATM, carry bills, manage change, etc.  Making matters worse, all of these inconvenience factors are compounded if you make multiple small purchases throughout the day.

shutterstock_110580023

Despite its inconveniences, making multiple small purchases throughout the day is precisely the reason you should use cash.  Your purchases record a wealth of data about you, including your location and movement, purchases, interests, hobbies, and a plethora of other information about us.  I didn’t fully realize the extent to which my personal pattern of life was spelled out in black in white until I bought my first home.  One of the requirements for the loan application was to submit three months of statements for all bank and credit accounts.  I was very, very disheartened when I had to submit statements for several accounts that looked something like this:

Date Transaction Description Amount
07/01/15 Debit – Local Grocery Store #1 $17.35
07/01/15 Debit – Local Grocery Store#2 $31.53
07/02/15 Debit – National Coffee Chain near Work $4.88
07/02/15 Debit – Convenience Store near Work $2.37
07/02/15 Debit – Lunch Restaurant near Work $12.72
07/02/15 Debit – Gas Station $43.68
07/02/15 Debit – Local Grocery Store #2 $8.19
07/03/15 ATM Withdrawal $60.00
07/04/15 Debit – National Coffee Chain near Work $4.88
07/04/15 Debit – Big-Box Department Store $81.41
07/04/15 Debit – Local Dinner Place near Home $27.12
07/04/15 Debit – Large National Bookstore $27.19
07/05/15 Debit – Fast Food Place near Work $6.01
And on, and on, and on….

Unfortunately, years prior I had subscribed to the philosophy that plastic is easier to use and somehow inherently better than paper.  What I did not realize was that I was sharing a ton of personal details about my life with others.  The packet I handed over to the loan officer painted a very thorough picture of my pattern of life for the three months prior to my loan application (which could be extrapolated to the last few years).  Though there was nothing “shady” on my cards, it was a little embarrassing to share such granular level of detail about my life with strangers.  The sickening realization that I had been sharing all of this information with my bank and creditors for years sank in that day, too.

Purchasing with cash offers much more anonymity.  Unless you are purchasing something that requires you provide your real name, firearms and cars being obvious exceptions that come easily to mind, purchases with cash are about as close to anonymous as you can get.  There is no paper trail, no bank statement, and no overarching record of your life and activities.  If I had it to do over again (and I do going forward) I would have made some changes in my personal habits.  My account statements would have reflected the same period of time a bit more succinctly, like this:

Date Transaction Description Amount
07/01/15 ATM Withdrawal $400.00
07/08/15 ATM Withdrawal $400.00
07/20/15 ATM Withdrawal $500.00

You will notice that because I used cash, this brief statement covers a period over four times as long as the above example, while still being eight lines shorter.  Not only is this statement more compact, it also reveals very little about me.  It does not reveal where I buy my groceries or how often, or the location my favorite coffee, lunch, and dinner restaurants, or my culinary preferences.  It does not associate my name to any of my purchases.

I attempt to use cash as much as possible but I realize I will never be able to fully eliminate credit cards from my life.  Air travel, rental cars, and hotels require credit cards.  I still find myself in locations where I don’t want to pay exorbitant ATM fees, and end up using my card.  But I use it a lot less, which is what I am truly advocating: using more cash and less plastic.  This reduces the amount of information about yourself that you give over to your bank, your lenders, anyone curious enough to swipe a statement out of your mailbox (assuming you don’t use a P.O. Box), and yes, maybe even the NSA.

Using cash isn’t bulletproof, and it won’t make you totally anonymous.  But it will lower your signature, offer you a lot more anonymity, and make an attacker’s job a bit harder.  Every little bit helps.

Complete Privacy and Security with Michael Bazzell

I am proud to announce that I am currently co-writing a book with well-known author and privacy expert Michael Bazzell.  Michael is the author of several privacy- and security-related works including Hiding from the Internet and Personal Digital Security: Protecting Yourself from Online Crime, as well as the immensely popular Open Source Intelligence Techniques.  The idea for this project has been a long time coming and we are well underway with the process.

Large3D

The working title is currently The Complete Privacy and Security Desk Reference.  This 600+ page work is intended to a be an all-inclusive privacy and security resource for law enforcement, special operations and intelligence personnel, victims of identity theft and domestic violence, and those with an avid interest in privacy and security.  The book will draw from our collective experiences and previous writings and will contain a myriad of new material and techniques.  Our intent is to provide the reader with a book that will 

“explain how to be digitally invisible. You will make your communications private, internet connections anonymous, computers hardened, identity guarded, purchases secret, accounts secured, and home address hidden. You will remove all personal details from public view and will reclaim your right to privacy. You will no longer give away your intimate details and you will remove yourself from the system. When taken to the extreme, you will be impossible to compromise.”

The Complete Privacy and Security Desk Reference is due for release in January 2016.  An accompanying five-day live training course with Justin Carroll and Michael Bazzell will also be available beginning in 2016.

 

Blur: The One-Stop Privacy Shop

As any of my readers know I hesitate to give out any personal information.  Using the same physical address, email address, phone number, and credit card number helps data marketers build very thorough profiles about us and I do everything I can to undermine this.  A service that is relatively new (at least to me) helps to make it much easier to avoid giving out this information.  This service is called Blur.

Before moving on it should be pointed out that Blur is a paid service.  Though there is a free version available, its functionality is very limited.  Blur Premium costs a very reasonable $39/year with discounts for purchasing multiple years ($59/2 years and $79/3 years).  For the features Blur provides the cost is totally worth it, and most of the features described below require a premium subscription.

full_MaskMe_512x512@2x

Blur helps to protect your privacy through a number of features including Masked Emails, Masked Phones, and Masked Cards.  The Masked Emails function works similarly to services like notsharingmy.info and 33mail.  When you create a masked email, Blur will give you a randomly-generated email address that will forward your mail to your real account.  You can create as many masked email addresses as you like, allowing you to have unique usernames on your accounts and protect your real address.  Masked Emails even protect your email address when you reply, a feature not currently offered by notsharingmy.info and only offered as a paid feature in 33mail.  Blur allows you to cancel forwarding to any masked email at any time, so if you sign up for a service that is bombarding you with junk mail you can simply login to your account and toggle forwarding to “off”, or delete the address entirely.

Blur also has a built-in username and password generator.  When you sign up for a new account or service and generate a username with Blur it will be a masked email address.  Unfortunately the passwords generated by Blur are only 12 characters long (though they are complex) and I have found no way to change this.  Masked Phone is another interesting feature that allows you to generate a phone number through Blur that will forward calls and text messages to your phone.  Unfortunately you can only have one Masked Number at a time, and the cost to change your masked number is $7; additionally there is a $.01 charge for each incoming call, for each minute used, and for each incoming text.  At this time you cannot send outgoing text messages from your masked number.

Blur’s most exciting feature by far is Masked Cards.  Blur allows you to create masked credit cards for online purchasing.  When you wish to make an online purchase you log into Blur and create a new masked card.  The amount of purchase will be charged to your “real” card, and the masked card works much like a pre-paid gift card.  Blur will give you a credit card number, expiration date, CCV, and billing address, and you can choose the name and shipping address.  This limits the amount of information that retailers, credit card companies, and third-parties can accumulate about your purchases, the benefits of which are obvious.  It also limits the exposure of your real credit card number on the internet.

With the ability to obscure your email address and phone number, create masked credit cards, generate unique, complex usernames and passwords, and manage it all in one place, Blur is almost a one-stop-privacy solution.  Your Blur account can be protected with very strong passwords (I haven’t found a length limit yet) and two-factor authentication and can be accessed through your browser, Blur’s add-on for Firefox/Chrome, or their Android/iOS app.

Letting Go of Google

I have used Google for years, mostly in the form of Gmail.  In Your Ultimate Security Guide: Windows 7 Edition I wrote about Gmail.  I threw in some well-deserved praise about Google’s security; it is very, very good.  Google offers one of the most user-friendly two-factor systems I have used.  They alert you when your account is logged into from a new IP and browser.  Your entire sessions is HTTPS encrypted, and encrypted inside of Google.  From a security standpoint it’s hard to complain about Google.  Privacy is another matter completely.

As Bruce Schneier recently pointed out, Google wants you to be secure from everyone except Google.  Google keeps your data safe from hackers and the NSA (they say), but they don’t keep it safe from themselves.  Google scans all your emails, records all your searches, remembers what videos you’ve watched, and what sites you go to when you leave Google.  And it never forgets.  Though I never created a Google + account, don’t log into YouTube, and don’t upload files to Google Drive, Google still knows an incredible amount of information about me.  That information will be remembered forever.  It will be accessible with warrants.  It may be seen if Google is hacked (Google holds a lot – a lot – of data and is a target because of it).  It will still be sold to advertisers.  And I don’t like that.

DDG_Full_Vertical.2x

I have managed to subvert much of Google’s ability to track me through with several tools.  I don’t use Google’s browser, Chrome.  Instead of searching through Google I use DuckDuckGo, a search engine that doesn’t collect or store data about its users.  Another very good tool is Disconnect Private Search, a browser add-on for Firefox and Chrome that routes all your searches through a “light” VPN.  Google doesn’t know who sent the request and can’t track me (Disconnect Search also allows you to use Bing, DuckDuckGo, and Yahoo!).  I also configure my browsers to delete history and cookies each time it is closed and I close it frequently.  I run BleachBit or CCleaner several times a day, too.

I have also been a fairly heavy Google Voice user.  I liked Google Voice because I could give out a GV number instead of my “real” number.  I could get calls, texts, and voicemail from my phone or computer, and the most compelling feature was its price: free.  I have managed to subvert this, too, through Silent Circle.  Though I have to pay for it Silent Circle offers me security from everyone, not everyone-but-them.

These steps seem simple in comparison to finding a suitable substitute for Gmail.  Other “mainstream” (read: free) email providers scrape emails, too, and unfortunately I don’t have the confidence in my own technical accumen to run my own email server.  Through the last several months, however, I have managed to piece together a workable email solution.  Unfortunately there is no sole-source replacement for Gmail, but with paid services like KolabNow and free ones like ProtonMail I know my communications are, if not more secure, at least more private.

You should also know that if you contact me, your communications are stored privately and securely on email servers that are not scraped for advertisments.  The email address to which the contact form on this site links is a ProtonMail email address.  Additionally, I have removed Google Analytics from this site.  I do not have access to any data about the individuals who visit my site, whether specifically or in aggregate.  When I initially set up this blog I thought it would be a good idea to see how often the site was visited, but I quickly realized that I had become part of the problem.  This is my mea culpa.

Why YOU Need a Virtual Private Network

Using a virtual private network (VPN) is an important part of strong digital security.  A VPN can accomplish several tasks.  First, it creates an encrypted tunnel to a remote server through which your traffic transits.  This means that anyone inspecting your traffic (from internet service providers to malicious hackers) will capture nothing but unusable, encrypted data.  For best security I recommend using the OpenVPN or IPSec encryption protocols.  Next, because your traffic appears to originate from a remote server your IP address is not correlated with your browsing.  This is important: if you visit a website that logs your IP address they can use the IP address to find your geographical location, your internet service provider, and all your visits to that site.  Using a VPN server that hundreds of other people also use makes you less distinctive and protects your physical location.  Lastly, VPNs can be used to help bypass geographical restrictions.  If you are in a country that blocks certain content you can use your VPN to connect to a server in another country, bypassing geographical restriction.

IPv6 Test

I recommend strongly against using free VPN services.  The recent story about a free VPN known as Hola! last week is an excellent reminder of why paying for a VPN is worth it: Hola! was selling the bandwidth of anyone who had their plugin installed, sometimes to malicious users who conducted botnet activity.  This opens users up to a number of security risks.  Free VPN providers have also been known to monetize by collecting and selling user information which defeats much of the raison d’être for a VPN.

To determine if your VPN is leaking information about you or how much information you are leaking if you are not using a VPN, Private Internet Access (with which I am an affiliate) has some helpful links.  They will test whether your DNS is leaked, if your IP address is leaked when you send an email, and if your IPv6 address is leaked.

Though I like Astrill, Private Internet Access, and WiTopia, there are pleny of great VPN options out there.  Most are under $100 per year and offer a great many features.  This is a very small price to pay for the disporportionate level of security and privacy they provide.

Fixing Firefox’s WebRTC Vulnerability

Earlier this year a major vulnerability called the WebRTC vulnerability was discovered in Windows machines running Chrome and Firefox.  This vulnerability can compromise your privacy by allowing websites to see your true IPv6 address despite the use of a VPN.  When using a VPN any site you visit should only see the IP address of the VPN’s exit server.  This prevents them from correlating you with your visit with your geographic location, and building profiles based on your IP address.  To test your system and see if your IP is leaking you can visit https://ipleak.net/.

Thankfully this vulnerability is very easy to correct in Firefox but it cannot be corrected through the “Options” dialogue.  To correct it go to your URL bar in Firefox and type “about:config.”  This will open a menu where power-users can make many adjustments to the application (many of these adjustments can be made through the Settings, but many cannot).  Bypass the warning and scroll down to “media.peerconnection.enabled.” This setting is “true” by default.  Double-click this line which will toggle the value to “false.”  This is all that is required to turn off WebRTC and secure this vulnerability.

WebRTC Vulnerability

There are add-ons for Chrome (WebRTC Leak Prevent and ScriptSafe) that are intended to defeat the WebRTC vulnerability.  It has been reported that these add-ons can be bypassed by a malicious adversary and should not be relied on.  However, if you must use Chrome you should enable one of these add-ons.

For full protection use Firefox and adjust as described above.  Using NoScript may also help mitigate this vulnerability.