The Privacy, Security, & OSINT Show – Episode 153

Posted on January 17th, 2020

EPISODE 153-Privacy News, Travel Routers, & OSINT Updates

This week I discuss the latest data leak exposing the details of 56 million people, my recommendations for travel router usage, and several OSINT updates which have surfaced since my book was released. Its another very full show.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to THIS episode at https://soundcloud.com/user-98066669/153-privacy-news-travel-routers-osint-updates

Listen to ALL episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

PRIVACY NEWS:

https://www.theregister.co.uk/2020/01/09/checkpeoplecom_data_exposed/
https://www.justice.gov/usao-dc/pr/weleakinfocom-domain-name-seized
https://www.phoenixnewtimes.com/news/google-geofence-location-data-avondale-wrongful-arrest-molina-gaeta-11426374

TRAVEL ROUTERS:

Slate GL-AR750S: https://amzn.to/2FYo8i7

OSINT:

https://revealname.com
https://ytoffline.net/en/
https://ytcomment.kmcat.uk/
https://files.mine.terorie.dev/yt/
https://internetofinsecurity.com/


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

VPN Considerations: https://inteltechniques.com/vpn.html
ProtonVPN: https://proton.go2cloud.org/aff_c?offer_id=6&aff_id=1519
ProtonMail: http://proton.go2cloud.org/aff_c?offer_id=15&aff_id=1519
PIA: https://www.privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Privacy.com: http://privacy.com/inteltechniques
Fastmail: https://ref.fm/u14547153


Filed under OSINT, Podcast, Privacy, Search, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 153

The Privacy, Security, & OSINT Show – Episode 152

Posted on January 10th, 2020

EPISODE 152-Listener Questions

This week I tackle another round of listener questions.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to THIS episode at https://soundcloud.com/user-98066669/152-listener-questions

Listen to ALL episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

LISTENER QUESTIONS:

(Discussion)


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

VPN Considerations: https://inteltechniques.com/vpn.html
ProtonVPN: https://proton.go2cloud.org/aff_c?offer_id=6&aff_id=1519
ProtonMail: http://proton.go2cloud.org/aff_c?offer_id=15&aff_id=1519
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Privacy.com: http://privacy.com/inteltechniques
Fastmail: https://ref.fm/u14547153


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 152

The Privacy, Security, & OSINT Show – Episode 151

Posted on January 3rd, 2020

EPISODE 151-Your New Smart TV & CCPA Details

This week I discuss some considerations for that new smart TV you received for Christmas and talk about the new California privacy law that went into effect this week. There are many inaccurate interpretations floating around, I hope to separate fact from fiction.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to THIS episode at https://soundcloud.com/user-98066669/151-your-new-smart-tv-ccpa-details

Listen to ALL episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

NEWS:

https://protonmail.com/blog/protoncalendar-beta-announcement/

YOUR NEW SMART TV:

(Discussion)

CALIFORNIA CONSUMER PRIVACY ACT (CCPA):

(Discussion)


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

ProtonVPN: https://proton.go2cloud.org/aff_c?offer_id=6&aff_id=1519
ProtonMail: http://proton.go2cloud.org/aff_c?offer_id=15&aff_id=1519
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques


Filed under Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 151

The Privacy, Security, & OSINT Show – Episode 150

Posted on December 27th, 2019

EPISODE 150-Password Managers Revisited

This week, I revisit the necessity of a password manager and update my recommendations from previous shows.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to THIS episode at https://soundcloud.com/user-98066669/150-password-managers-revisited

Listen to ALL episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

INTRO:

None

UPDATES:

None

NEWS:

https://www.cnbc.com/2019/12/19/court-awards-80-million-to-consumer-attorneys-in-equifax-case.html

PASSWORD MANAGERS REVISITED:

KeePassXC: https://keepassxc.org/
KeePassXC Browser: https://addons.mozilla.org/firefox/addon/keepassxc-browser/
Strongbox: https://strongboxsafe.com/
Bitwarden: https://bitwarden.com/


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

ProtonVPN: https://proton.go2cloud.org/aff_c?offer_id=6&aff_id=1519
ProtonMail: http://proton.go2cloud.org/aff_c?offer_id=15&aff_id=1519
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 150

The Privacy, Security, & OSINT Show – Episode 149

Posted on December 20th, 2019

EPISODE 149-Secure & Private Email Showdown

This week, I revisit the topic of secure & private email (including a review of some new services), provide many updates from the last show, discuss the latest privacy news, and present an OSINT tip for identifying apartment numbers within buildings.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to THIS episode at https://soundcloud.com/user-98066669/149-secure-private-email-showdown

Listen to ALL episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Three’s Company

UPDATES:

Lockdown Followup

NEWS:

https://www.nytimes.com/interactive/2019/12/19/opinion/location-tracking-cell-phone.html
https://minnesota.cbslocal.com/2019/12/11/its-scary-stuff-cyber-security-expert-says-recording-device-investigation-at-hyatt-hotel-is-not-uncommon/
https://www.washingtonpost.com/technology/2019/12/17/what-does-your-car-know-about-you-we-hacked-chevy-find-out/
Signal forcing virtual stickers

SECURE & PRIVATE EMAIL UPDATE:

https://protonmail.com
https://tutanota.com
https://33mail.com
https://anonaddy.com

OSINT:

https://www.yeti.com/en_US/register-product
https://www.minicabit.com/


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Fastmail: https://ref.fm/u14547153


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 149

The Privacy, Security, & OSINT Show – Episode 148

Posted on December 13th, 2019

EPISODE 148-Camera & Microphone Blocking

This week, I discuss the importance of properly blocking cameras and microphones on ALL of our devices, my experience with mobile firewalls, the latest privacy news, and a request for your listener questions for 2020.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to THIS episode at https://soundcloud.com/user-98066669/148-camera-microphone-blocking

Listen to ALL episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

INTRO:

30 Rock S05E07

NEWS:

https://www.nytimes.com/2019/11/04/business/secret-consumer-score-access.html
https://terms.berbix.com/terms/privacy
https://lockdownhq.com/
Wired Disinformation Update

Lockdown Firewall:
https://lockdownhq.com/

DEVICE CAMERA & MICROPHONE BLOCKING:

Mic-Lock Standard Plug: https://amzn.to/2EaNKar
Mic-Lock Lightnening w/ Passthrough: https://amzn.to/2EnOvNH
Mic-Lock Standard w/ Passthrough: https://amzn.to/2YF07VN
Silent Pocket Stickers: https://amzn.to/35exTU8
Silent Pocket Bags: https://silent-pocket.com/discount/IntelTechniques


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Fastmail: https://ref.fm/u14547153
Privacy.com: https://privacy.com/join/ADK9W


Filed under Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 148

The Privacy, Security, & OSINT Show – Episode 147

Posted on December 4th, 2019

EPISODE 147-Show Corrections, Updates, & Maintenance

This week I provide a brief update from the road and several corrections from the last show.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to THIS episode at https://soundcloud.com/user-98066669/147-show-corrections-updates-maintenance

Listen to ALL episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Resort Privacy

CORRECTIONS, UPDATES, & MAINTENANCE:

Tutanota Correction
VPN Correction
EM Client Reversal
iPhone SE’s
Show Affiliates

UPCOMING SHOWS:

Mic/Cam Blocking
College Privacy


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Fastmail: https://ref.fm/u14547153
Privacy.com: https://privacy.com/join/ADK9W


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 147

The Privacy, Security, & OSINT Show – Episode 146

Posted on November 29th, 2019

EPISODE 146-Who Has Your Emails?

This week, I revisit VPN concerns, discuss the importance of offline email storage, and test various online text verification services.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

INTRO:

Tim Conway Jr.

NEWS:

PIA Update
Financial Software Update

WHO HAS YOUR EMAILS?:

Thunderbird
EM Client
MailMate

(SHOW CORRECTION: I misspoke on the show Friday, stating that Tutanota did not have a functioning iOS app. I accidentally confused it with another product I am testing. My apologies.)

OSINT:

TextVerified.com
Crypton.sh


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques
Fastmail: https://ref.fm/u14547153
Privacy.com: https://privacy.com/join/ADK9W


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 146

The Privacy, Security, & OSINT Show – Episode 145

Posted on November 22nd, 2019

EPISODE 145-Account Security Audits

This week I complain about international travel privacy invasions, weigh in on the online concerns brewing about Wire, Tutanota & PIA, explain the importance of annual account security audits, and discuss some OSINT and Privacy implications from the IronMarch leak. It’s a full show.

Support for this show comes directly from my new books Extreme Privacy and Open Source Intelligence Techniques (7th Edition). More details can be found at https://inteltechniques.com/books.html.

Listen to all episodes at https://inteltechniques.com/podcast.html

or Subscribe at:

RSS / iTunes / Stitcher  / Spotify


SHOW NOTES:

INTRO:

International Travel Woes

NEWS:

Wire moving to US:
https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/

Tutanota Germany Issues:
https://www.sueddeutsche.de/digital/tutanota-verschluesselung-e-mail-ueberwachung-polizei-1.4676988

PIA Purchase:
https://www.techradar.com/news/cyberghost-owner-buys-pia-for-dollar955m-to-create-vpn-giant

ACCOUNT SECURITY AUDITS:

Discussion

OSINT:

https://inteltechniques.com/blog/2019/11/18/privacy-and-osint-lessons-from-the-ironmarch-leak/


Data Removal Workbook:
https://inteltechniques.com/data/workbook.pdf

Affiliate Links:

PIA: https://privateinternetaccess.com/pages/buy-vpn/crimeinfo
Amazon: https://amzn.to/339avqo
Silent Pocket: https://silent-pocket.com/discount/IntelTechniques


Filed under OSINT, Podcast, Privacy, Security | Comments Off on The Privacy, Security, & OSINT Show – Episode 145

Privacy and OSINT lessons from the IronMarch Leak

Posted on November 18th, 2019

Last week, an unknown “hacker” released a copy of a user database from the IronMarch forum, which was an online neo-nazi meeting place until it was shut down. An archive of the public site can be found at https://web.archive.org/web/20170509142136/http://ironmarch.org/. The dumped data includes a full copy of all content, including details such as emails, IP addresses, usernames, and private messages. I decided to dig into it a bit and see what could be gleaned. The original leak has been removed from Pastebin, but several clones appear daily. The following is a redacted version of a few entries.

Four Suited Jack:o244REDACTED@rtrtr.com:e0e501f3e4e49d6c67378d9d06763298:?ET\”e
Jamie M:jamREDACTED@live.co.uk:8ecdc4d6401055df380ab007c0c31b5b:t32hj
Ritz:ritzjREDACTED@gmail.com:159e7b09066e91fcb15008943d114b6e:vy:I0

This represents the username:email:encrypted password of each user on the forum. My first task was to parse out all of the email addresses. I saved the original leak file as Ironmarch.full.txt and executed the following command in Linux.

grep -E -o “\b[a-zA-Z0-9.-]+@[a-zA-Z0-9.-]+\.[a-zA-Z0-9.-]+\b” < Ironmarch.full.txt > Ironmarch.emails.txt

This presented a clean file containing only the email addresses of every user. I then connected to a covert Gmail account, accessed the Contacts, and exported the only contact in this account to a CSV file. This provided the template desired by Google for import. I copied and pasted the entire list of email addresses within this template and gave each of them a unique last name of 1,2,3,etc. This presented a CSV file ready for import. The following is a partial view.

I imported this CSV into my Google Contacts which now tells Google these are my “Friends”. I then launched a new Android virtual machine through Genymotion and connected to the covert Google account. This virtual mobile device now associates all of these email addresses with my own address book. I connected to the Facebook app, asked it to “Find Friends, and was immediately presented with numerous Facebook accounts which were associated with the email addresses of the Ironmarch members. Below is an example.

I then repeated this process with Twitter:

and Instagram:

OSINT Lessons Learned:

Breaches and leaks of online forums are very common. Lists of email addresses may identify interesting information about the types of members. However, identifying social network accounts of members of hate groups can be much more revealing. I quickly located numerous personal accounts registered in real names, all from the connection to an email address.

PRIVACY Lessons Learned:

I also identified many accounts which were likely used during covert investigations. When I submitted the email addresses as contacts through a foreign dating network, I observed an account connected to a police cyber-crimes investigator. This is probably due to him using a real address when registering for an account on the forum. This is sloppy, but I have been guilty of this myself many years ago. If you are tasked with investigating online hate groups, or anything else really, be sure to always use a unique email address and password, which will never be used anywhere else. Social networks and other online communities make it very easy to connect accounts with real people.

 

 

 

Filed under OSINT | Comments Off on Privacy and OSINT lessons from the IronMarch Leak

Search

Recent Posts