OpSec Going Smarter
0xB25C
October 27th, 2022

Greetings, dear readers! I decided to write an unusual article in which I want to depart from the accepted concept and discuss various devices and gadgets for OpSec, but with a focus on sensitive data protection. This is the second and logical continuation of the article — if you haven't read it yet, please do so by clicking on the link below:

We only covered the essentials in the previous article, so today I'd like to show you an amazing world of OpSec devices. Few people are aware, but there are many!

At this point, I'll divide my story into several sections, the first of which will cover the most important and basic points before moving on to more complex and specific ones. When deciding how can I also divide this article, I settled on the financial aspect.

So, in Part I, I'll tell you what everyone can do right now to improve your security for free and quickly, and in Part II, I'll show you how you can improve your security if you can afford to invest in it up front.

If you already know everything and want to find something new, go straight to Part III, in which I have collected my work and interesting references - they certainly will not leave you indifferent! Let's get started!


I - Forewarned is Forearmed

Do you realize how much personal information you leave on the Internet? This can be a cruel trick on you and used against you by those who are up to no good.

How exactly is this possible? It all depends on your level of OpSec, which is usually determined by your threat model and the adversary you're dealing with. As a rule, there are two main directions - deleting information and masking information.

Use your imagination: somewhere you'll have to deal with spam, somewhere you'll have to write emails to domain registrars and (in rare cases) ICANN, and somewhere you'll even have to use local legislation! It's a broad topic that fits the definition of SERM and reputation management; I encourage you to dig deeper on your own by reading this excellent article.

What can we also do now to ensure our safety, you may wonder? There is no perfect solution, but we can do our best to reduce the likelihood of OpSec issues. One thing you can do right now is use request forms to remove your private data from search engines and aggregators such as your address, phone number, or full name.

Separately, I would like to suggest that you add a lot of spamming and misleading information to services like GetContact, leakages aggregators, and so on, so you can wear the cloak of the, say, a taxi driver. Do you believe it will have no effect?

Trust me on this one; it works well and gives those looking for information about you a false trail.

But the thing is that I have no moral right to advise, e.g. an OSINT researcher, what I would advise an active member of the crypto and Web3 community.

With all said, I consider several tips from representatives from these industries as a good primer to follow - so check out their latest works on a practical OpSec.


II - OpSec Going Smarter

To begin, there is no perfect solution to the problem of security, but mankind is attempting to solve it, and in our time it has become available not only to the military or the very wealthy, but to ordinary people — that is, you can now go to the store, buy a few things, and use them to solve the problem of the secure communication in your individual case.

Humans are living creatures with input sources - conventionally speaking, eyes, ears, skin - and output sources - such as movement, body heat, and, most importantly, voice. In today's article, I'll go over three devices that are designed to keep your voice safe from intruders. The voice, in my opinion, is one of the most accurate identifiers of any person, which is why it's so important to keep it private.

Let's look at what solutions are on the market. I will focus only on devices for OpSec, and I will not mention a lot of existing hacking devices, toys, and backpacks if their purpose is not related to security.

HushMe Phone Silencer

The first thing on our review is a mask which is actually used to silence the wearer’s voice for phone privacy in public areas. The best fact about it is that it looks like the one Bane wore in The Dark Knight Rises!

As stated in the description:

The odd looking device covers the wearer’s mouth and blocks the sound of their voice with “masking sounds” that can be selected and customized from the accompanying app.

I believe this stylish device does its job well, but despite its apparent simplicity, you must learn how to use it quickly and confidently. As said before, you have to be familiar with your own security system so it doesn't take up your most valuable asset - your time.

Jackpair Safeguard

The following device, by the way, like all in the known list did not live up to our days, but that does not mean that the technology is bad or that we can not replicate it at home in the form of DIY.

As stated in the description:

JackPair is an affordable tool that enables average citizens to protect themselves against wiretapping. It’s a pair of encryption devices you put in between your phone and headset, which are connected through standard 3.5mm audio jacks. You can secure your phone line by simply pushing the JackPair button, and your voice will be encrypted. There’s no password to remember, no software to install, no service to subscribe to, and it works with any phone through a standard audio jack.

I'm still skeptical about the system's dependability - after all, it has a couple of possible critical flaws coming from the way it uses key-pairs - but these precautions may be sufficient if you're not expecting a Big Hunt!

Voice Privacy Mouthpiece Mask

Little is known about this device, except that it is most likely a more primitive continuation of what we've seen before. It's exciting to see technology advance, but I still wouldn't recommend using something you didn't make yourself in DIY format or buy from a reputable vendor with a long-standing, trustworthy reputation in such matters.

As stated in the description:

This handy device is placed over the mouth while the microphone slips into the side compartment – substantially blocking your voice while you talk.

Magic Blanket

As a bonus, suggest you taking a look at this awesome humanity invention! First time I spotted it when noticed a film showing that mr. Snowden entered his password this way, and he obviously wanted to mitigate visual surveillance, let it be by observation or (hidden) cameras.

It seems, Snowden didn't trust anything but his own laptop (if at all) during these first day(s) of contact with the journalists.

He also offered the blanket to the others in the room when they were entering their credentials into their laptops, but they refused, probably regarding this as being overcautious.

But you and I should always remember that who laughs last laughs well! Anyways, everyone can afford such an OpSec device!


III - OpSec Gallery

Below, I would like to make a gallery of resources that you could explore in your spare time and increase your level of security. The idiom "Forewarned is forearmed" has never yet, in my memory, misfired.

Yes, it seems like it is a veritable minefield over there. Keep the faith. Learn the latest attack techniques, white hat cheat sheets, and defenses. Only knowledge can defeat criminals’ knowledge.

In this intellectual boxing match, the most prepared wins, and we want that to be you!


IV - Support

Support is very important to me, with it I can do what I love - educating users!

If you want to support my work, you can send me a donation to the address:

Subscribe to Officer's Blog
Receive new entries directly to your inbox.
Collectors
View
#1
#2
#3
View collectors
This entry has been permanently stored on-chain and signed by its creator.