Ubuntu Pro Shenanigans

Posted by Aaron Kelley

Several readers of our OSINT Techniques book and Online Video Training have expressed concern about Ubuntu's new Pro feature and update restrictions for those who do not subscribe to the service. Since we recommend Ubuntu for OSINT virtual machines, we should address the issue and offer some guidance. Let's start with addressing Ubuntu Pro. If you run 'sudo apt update' and 'sudo apt upgrade' within an Ubuntu Terminal, you will likely see something similar to the following.

This warning appears concerning as it insinuates that some updates are being withheld from your machine unless you subscribe to the Pro service. The following warning from Ubuntu's software updater is even more alarming.

This appears to present a lot of outdated software which we cannot update. However, looks can be deceiving. Click on any of these updates and look at the details pane. As one example, I clicked on Ffmpeg and observed the following.

The "Available version" is the exact same product as the currently installed software. The update does nothing. Running 'pro security-status' displays the following.

This confirms that our machine is receiving all Main/Restricted updates until 2027, at which time we would be using Ubuntu 26.04. We do not need extended updates until 2032 as offered through Ubuntu Pro. This makes Ubuntu Pro unnecessary for our needs. Opting to avoid Ubuntu Pro does not restrict your machine from the typical security updates which Ubuntu has always provided. The options available within Ubuntu Pro are enhancements to Ubuntu and no features have been removed from a typical Ubuntu installation. The focus of Ubuntu Pro is to extend the availability of updates from five to ten years, and provide some third-party security patches which may not be available otherwise. We should not be using old versions of Ubuntu for our VMs, so this does little for us within an investigative VM.

Ubuntu Pro is available for free for personal use, but it requires you to attach a unique license key to your Ubuntu installation, which will be tracked by Canonical. We do not recommend this. Instead, we encourage users to remove these unnecessary warnings with the following command.

mv /etc/apt/apt.conf.d/20apt-esm-hook.conf /etc/apt/apt.conf.d/20apt-esm-hook.conf.bak

After this command, which only renames the file responsible for this warning, updating through Terminal (and therefore the update script we provide within the VM), should appear as follows.

We feel that Ubuntu is being aggressively misleading with the rollout of Ubuntu Pro, and we do not recommend any OSINT users attach this service to their investigative VMs. We have not recommended Ubuntu as a host OS for some time.

Our Emergency Alert Test

Written by Aaron Kelley

Our Los Angeles office recently had the opportunity to test our recommendations for those who wish to avoid mandatory emergency alerts (and test alerts) within their mobile devices, and the results were surprising. On Wednesday, October 4th, 2023 at 11:20 Pacific, three of our devices alerted, but one did not.

There has been many conspiracy theories about how the recent test alert was an attempt by the government to collect data about our locations, but we do not buy into that. We just wanted to know if our settings worked. For our test, we full reset four mobile devices. Two were a Pixel 6A with GrapheneOS default settings. The other two were an Apple iPhone 14 with default settings. All four devices possessed eSIM service from Mint with cellular service from T-Mobile. All four were next to each other with a strong signal. The following settings represent the modifications to each GrapheneOS device. The device on the left had full alerts allowed while the one on the right had everything disabled.

 

The iPhones were similar. The one on the left had everything turned on while the one of the right had all turned off.

 

The time finally came. The GrapheneOS and iPhone devices with alerts enabled both rang loud with the test notification as expected. The GrapheneOS device with alerts disabled stayed silent with no notifications as hoped. The surprise was the iPhone which had all alerts disabled. It also blared a loud tone and presented the test message, even though we informed it not to display any alerts.

This is another reason we prefer un-Googled devices such as GrapheneOS over any Apple or Google stock device. They do what you tell them to do.

The Privacy, Security, & OSINT Show – Episode 306

EPISODE 306-Six New Privacy Strategies

This week I present six new privacy strategies which I have been testing while away for the last three months.

Direct support for this podcast comes from our privacy services, online training, and latest books. More details can be found at IntelTechniques.com. Thank you for keeping this show ad-free.

SHOW NOTES:

INTRO:

None

NEWS & UPDATES:

Travel Update

SIX NEW PRIVACY STRATEGIES:

The anonymous U.S. cash debit card
The anonymous international Bitcoin debit card
Obtain foreign currency at face value for any country
Data removal after ignored requests
Obtain your free premium data broker report
Bypass employment application data sharing

Free Guides: https://inteltechniques.com/links.html

Affiliate/Referral Links:
OSINT Techniques (10th): https://amzn.to/3VIlP74
Extreme Privacy (4th): https://amzn.to/3D6aiXp
Proton Mail: https://go.getproton.me/aff_c?offer_id=7&aff_id=1519
Proton VPN: https://go.getproton.me/aff_c?offer_id=26&aff_id=1519&url_id=277
Fastmail: https://ref.fm/u14547153
VoIP.ms: https://voip.ms/en/invite/Mzc2NjM3
Telnyx: https://refer.telnyx.com/refer/zrfmo
Silent Pocket: https://slnt.com/discount/IntelTechniques

The Dangers of Data Removal Service Doxxing

This is a guest post from Aaron Kelley, director of consultations in our Caribbean office.

We have all heard of the many new companies which offer to remove our unwanted online data. Most simply want a quick buck to cash in on the popularity of privacy. We have always discouraged the use of these services for two reasons. First, they never remove everything. If your home address is on 27 websites, and a service removes 26 of them, I only need to see the one page they missed to get your information. The second reason is that it is always best to do this yourself. You will recognize sensitive data that will be missed by the service which you hired. Today, we present a third reason we suggest avoiding these services: Doxxing.

This week, we received an email from a data removal company called NetScrubbers. They demanded that we remove any data which we stored about their client. They disclosed the following to us, which we redacted for the privacy of their client.

This company was hired by an individual to clean up their online presence. Instead, they sent the full name, email address, age, cell number, current home address, previous home address, business affiliations, and social media profiles of the person to thousands of email addresses. They scoured the person's email account for anyone who they communicated with and sent a generic removal request. In other words, they published more details than were previously available.

We had no contact with their customer, so I did some digging. I was finally able to associate the Gmail address with a business which had contacted us a year ago about our services. Their customer used an alias name for privacy, but NetScrubbers disclosed enough real information about their client to connect us to their alias.

Please avoid these types of companies. They do more harm than good. If you truly want to clean up your online data, use our free guide.

AK

Extreme Privacy: VPNs & Firewalls

Today, we published our fourth digital guide in the Extreme Privacy series. This time, it is all about VPNs and firewalls. 9 chapters | 34,000 words | 87 pages | $20. This digital (PDF) supplement to Extreme Privacy continues a new approach to our tutorials. It is not a replacement for the printed book, but a much more thorough guide about VPNs and firewalls. It provides our entire playbook which we use for our clients when we need to issue network-wide firewalls which must be private and secure. We also explain all maintenance and best practices for this new lifestyle. All updates are free and delivered digitally. More details can be found at https://inteltechniques.com/book7d.html.